Activity

30 days up to

User

Subprojects

Activity

From 06/12/2018 to 07/11/2018

07/11/2018

08:46 PM Revision 2c5f44bd: i915kms doesn't need to be declared here: Renato Botelho
08:31 PM Revision e4c2220e: Add i915kms and drm2 to the list of modules to be built: Renato Botelho
05:02 PM Bug #8639: Unable to boot zfs on root: On pFsense start press 3
One at a time
@load /boot/kernel.old/kernel
load /boot/kernel.old/opensolaris.ko
load ... Raul Ramos
02:56 PM Bug #8639 (Resolved): Unable to boot zfs on root: The current snapshot for 2.4.4 does not allow booting from zfs on root. It returns "failed with error 2: unknown file... Ken Sim
03:10 PM Revision b5e93be6: Changed it to just use the variable name: Stephen Jones
02:38 PM Revision 6f331d22: Fixed #8630 , PHP7 illegal string offset.: Stephen Jones
02:30 PM Revision 1303150b: Fixed #8633 PHP7 issue use of undefined constant, Should work as it did before.: Stephen Jones
12:32 PM Revision 79577f5f: suppress php7.2 eval erros on pkg_edit.php: https://redmine.pfsense.org/issues/8637
As of PHP 7, if there is a parse error in the evaluated code, eval() throws ... Marcello Silva Coutinho
09:50 AM Bug #8630 (Feedback): Web-GUI PHP error in brige after removing all interfaces were in bridge: Applied in changeset commit:6f331d2241ef633feef95a2fca5b6112da016741. Anonymous
09:40 AM Bug #8633 (Feedback): thousands PHP undef gwname /etc/inc/gwlib.inc line 1210: Applied in changeset commit:1303150bbe0c67c4d0b05fdea4e101b191a124f8. Anonymous
09:03 AM Bug #8633 (Assigned): thousands PHP undef gwname /etc/inc/gwlib.inc line 1210: Anonymous
07:35 AM Bug #8637: field type select_source returns eval warnings if empty on pkg_edit.php: https://github.com/pfsense/pfsense/pull/3964 Marcello Silva Coutinho
07:27 AM Bug #8637 (Resolved): field type select_source returns eval warnings if empty on pkg_edit.php: pkg_edit.php shows eval erros while tries to fetch a select_source type field that has an empty source
For example... Marcello Silva Coutinho
01:06 AM Bug #8636 (Resolved): pfSense_kill_states function does not parse protocol parameter correctly: Inside pfSense-ports/devel/php56-pfSense-module/files/pfSense.c the function pfSense_kill_states takes a parameter fo... Steven Brown
12:17 AM Feature #8635 (Resolved): "Remote/local subnets" in routed IPsec renaming: Naming of the "Remote/local subnets" labels looks not to be appropriate.
According to this link - https://www.netg... Vladimir Lind

07/10/2018

10:16 PM Feature #8634: Enhance the certificate manager to support private keys with passphrases: pfSense permits certificate generation for use by OpenVPN clients, amongst others. At present, pfSense doesn't pe... Brian Martin
10:14 PM Feature #8634 (Duplicate): Enhance the certificate manager to support private keys with passphrases: pfSense permits certificate generation for use by OpenVPN clients, amongst others. At present, pfSense doesn't permi... Brian Martin
04:04 PM Bug #8633 (Resolved): thousands PHP undef gwname /etc/inc/gwlib.inc line 1210: PHP continually barking -- several thousand times -- on latest 2.4.4.a.20180710.1501
excerpt ...
Crash report b... ROB VANHOOREN
03:18 PM Revision 3c5f4441: Fixed #8598 Added IPsec ID to the table, Moved the disconnect button over to better fit the page, Also fixed the disconnect button and show child button for mobile clients: Stephen Jones
11:46 AM Bug #8627 (Resolved): PHP Warning in /system_groupmanager.php: Renato Botelho
10:35 AM Bug #8627: PHP Warning in /system_groupmanager.php: Looks good in 2.4.4.a.20180710.0609. Thanks! Chris Linstruth
05:09 AM Bug #8627 (Feedback): PHP Warning in /system_groupmanager.php: Fixed Renato Botelho
12:53 AM Bug #8627 (Resolved): PHP Warning in /system_groupmanager.php: If a group has a zero member count this PHP warning is displayed there:
Warning: count(): Parameter must be an arr... Chris Linstruth
10:30 AM Feature #8598 (Feedback): Add IPsec identifiers to Status > IPsec: Applied in changeset commit:3c5f4441cb62524448a868f3908de9504f9fb305. Anonymous
10:22 AM Feature #8598: Add IPsec identifiers to Status > IPsec: Implemented this. Also found issues with the buttons not lining up correctly for mobile clients. I included the fix f... Anonymous
10:08 AM Revision 19028049: Make sure array exist before call count(): Renato Botelho
10:04 AM Revision 449cac24: Improve style: Renato Botelho
09:20 AM Feature #8632 (Duplicate): dhcpd ipv4 - fix gui config to accept multiple subnets and/or answer requests from relay servers: Before starting reapplying dhcp code improvements for ipv4, if the code is ok, can it be reviewed and merged to maste... Marcello Silva Coutinho
09:19 AM Feature #8478: Add DynDNS client for DigitalOcean DNS: Constantine Kormashev wrote:
> This is not for DDNS service, DO does not have one. This is tool for managing DNS rec... Grant Sheehan
02:49 AM Feature #8478: Add DynDNS client for DigitalOcean DNS: This is not for DDNS service, DO does not have one. This is tool for managing DNS records on DO DNS service. Constantine Kormashev
08:17 AM Bug #8629: Routed IPsec P1 - not coming up after pressing "disconnect" button: The connect/disconnect issue likely doesn't have anything to do with VTI, but the conn numbering changes. sjones was ... Jim Pingle
01:52 AM Bug #8629 (Resolved): Routed IPsec P1 - not coming up after pressing "disconnect" button: A simple routed IPsec setup with one single /32 route across VTI interface. It works - P1 is UP, P2 routes listed, co... Vladimir Lind
08:14 AM Bug #8628 (Not a Bug): IPsec VTI - P2 "remote network" field accepts only host address: That is by design. The VTI local/remote pair of addresses form a point-to-point "tunnel network" similar to OpenVPN s... Jim Pingle
01:05 AM Bug #8628 (Not a Bug): IPsec VTI - P2 "remote network" field accepts only host address: In routed IPsec you can specify "remote network" - but in fact "mask" field is grayed out. You can set only a host (/... Vladimir Lind
08:09 AM pfSense Packages Bug #8631 (Resolved): syslog-ng - logrotate incorrectly configured to rotate TLS key: I noticed recently a pfSense device stopped logging to our remote TLS syslog server. After investigating, I found th... Aaron Morris
07:36 AM Bug #8465: Lost default gateway after recover from failover with CARP VIP and HA: Can I ask if any investigation has been done on this or whether anyone else has been able to replicate it? This could... Adam Sweet
07:29 AM Bug #8527: VLANs losing parent interface on LAGG change: Can I ask if any investigation has been done on this or whether anyone else has been able to replicate it? This will ... Adam Sweet
02:02 AM Bug #8630 (Resolved): Web-GUI PHP error in brige after removing all interfaces were in bridge: If device has several interfaces in bridge and all those interfaces are deleted, Web-GUI shows error in https://<addr... Constantine Kormashev

07/09/2018

11:36 PM Revision 4b0cb4f1: php7, avoid warning in gateway plugin call: PiBa-NL
08:18 PM Bug #8626 (Resolved): CN in certificate and probably other user names are not properly escaped in LDAP search: Marking as private due to the nature of this but it does not look like the searches are ever sent to the LDAP server ... Chris Linstruth
06:38 PM Revision 58003f47: Remove pecl-xdebug since it doesn't build with PHP 7.2: Renato Botelho
05:37 PM Bug #8618: 2.4.4 *possible bug* with Intel C3858 and Interface Auto-Detection on 10Gb interfaces: Spent some more time looking into this with the latest CE snapshot from today. This time I installed it on a XG-1537 ... Clinton Cory
05:27 PM Revision 5bd32389: Start moving PHP to 7.2: Renato Botelho
04:13 PM Revision 2a0be57e: Fixed a warning on status > dhcpv6 leases parameter 2 expected to be a string.: Stephen Jones
03:39 PM Revision 5c3a8a9c: Fixed #8622 It will now revert to whatever was previously saved in the config if there is an input error for user groups: Stephen Jones
01:47 PM Revision aa029c93: Fix 8553: When creating a new user, make sure it's added to desired groups: Renato Botelho
01:09 PM Bug #7928: LAGG interfaces lose MAC address: Hmm, we never saw this in 2.3.X previously.
Do you see it in 2.3.5p2 if you haven't tested that already?
Were y... Steve Wheeler
04:41 AM Bug #7928: LAGG interfaces lose MAC address: I have the same problem with pfsense 2.3.5 (fresh install nanobsd on a netgate apu1C4).
I there a fix or workaround ... Olivier Delcourt
10:50 AM Bug #8622 (Feedback): system_usermanager.php: Group selections not retained when an input error occurs: Applied in changeset commit:5c3a8a9ce4e02a34de439087c9d4bcfd9877c5f1. Anonymous
09:30 AM Bug #8553 (Feedback): Creating a user as a member of a group fails to add that group to the user: Fix committed at commit:aa029c9304765e67a9f9bd63336716c0c9a3f298 Renato Botelho
08:01 AM pfSense Packages Bug #8625 (Resolved): PFsense squidGuard faulty URL check: Hi,
wanted to import a blacklist into squid guard an ran into errors.
Always complaining about some urls.
Narrow... James Interop
07:35 AM Feature #8599: IPv6 flow labels: sysctl -d net.inet6.ip6.auto_flowlabel
net.inet6.ip6.auto_flowlabel: Provide an IPv6 flowlabel in outbound packets... David Horn
02:34 AM Bug #7020: <Hostname> is omitted when sending logs on syslog: I agree with Darren. This should be treated as a bug and the best solution is to add hostname to the syslog messages ... Idar Lund

07/08/2018

10:18 AM Feature #8478: Add DynDNS client for DigitalOcean DNS: This is in current 2.4.4 snapshots.
Anyone with a Digital Ocean instance who can test this is encouraged to do so.... Steve Wheeler

07/07/2018

07:00 PM Bug #8605: OpenVPN wizard fails to populate LDAP fields: On 2.4.4.a.20180707.0234, LDAP wizard successfully completed and the LDAP server information (in it's entirety) was s... Anonymous
06:53 PM Bug #8587: System information dashboad show only first swap disk/file info: On 2.4.4.a.20180707.0234, multiple swap files are accurately reported. On the test system with 978M swap after instal... Anonymous
06:50 PM Feature #8624 (Resolved): DNS Resolver Resolve IPv6 OpenVPN Client Addresses: Currently it only handles the IPv4 of the client and ignores the IPv6 of a client if it exists. It would be nice if i... Ken Sim
03:36 PM Bug #8583: LDAP fails with bind credentials due to mispelled variable: On 2.4.4.a.20180707.0234, bind credentials work as expected. Anonymous
01:43 PM Bug #8530: Delete allowed hostname/ip doesn't work if captive portal is not enabled.: On 2.4.4.a.20180707.0234, works as expected. Allowed IPs and Hostnames can be deleted successfully without the zone e... Anonymous
01:32 PM Bug #7634: When restoring from USB during install, if the config file contains RRD data, the final config.xml on the system will also contain all the RRD infomation: On 2.4.4.a.20180707.0234 works as expected. RRD data is removed from the config.xml that is restored during PFI. Anonymous
01:05 PM Bug #8586: Gateway Group trigger level: 2.4.4-DEVELOPMENT (amd64)
built on Fri Jul 06 15:23:49 EDT 2018
FreeBSD 11.2-RELEASE
2 gateways, setup a fa... Chris Macmahon
12:36 PM Bug #6477: Sample bounds can jump around for custom timer periods on Status > Monitoring: On 2.4.4.a.20180707.0234 the does not appear to be an issue when viewing the Status > Monitoring graph at 1 hour time... Anonymous
12:26 PM Bug #8582: Ship RFC 7919-provided DH groups: On 2.4.4.a.20180707.0234, DH parameter length 6144 and 8192 both seem to work when an android OpenVPN client connects. Anonymous
12:23 PM Bug #8582: Ship RFC 7919-provided DH groups: On 2.4.4.a.20180707.0234, DH Group 17 and 18 on Phase one and PFS key group 17 and 18 seem to work when an android st... Anonymous
09:45 AM Bug #8603: PPP WANs do not work on VLANs on current snapshots: Hi, any news here? Best regards Dirk Steingäßer
04:41 AM Feature #8292: IPsec mobile clients with different (virtual) IP addresses by (EAP) identity: Have found one more in the strongswan wiki [[https://wiki.strongswan.org/projects/strongswan/wiki/VirtualIp]]
>DNS... Christian R.
04:20 AM Feature #8292: IPsec mobile clients with different (virtual) IP addresses by (EAP) identity: James Dekker wrote:
> With the Virtual Address Pool working as expected and DNS server being the problem child now, ... Christian R.

07/06/2018

06:08 PM Revision ad08a824: Add fields for DNS server hostnames for TLS verification. Implements #8602: Jim Pingle
05:53 PM Bug #8618 (Assigned): 2.4.4 *possible bug* with Intel C3858 and Interface Auto-Detection on 10Gb interfaces: Installed 2.4.4 CE build: pfSense-CE-memstick-2.4.4-DEVELOPMENT-amd64-20180705-0739.img
ifconfig outputs the follo... Clinton Cory
03:40 PM Bug #8469: DHCP Server configuration page errantly expands Dynamic DNS advanced parameters even when none are configured: Retested today on a fresh install (2.4.4.a.20180705.0032) and the issue appears to be resolved. Anonymous
03:04 PM Bug #7020: <Hostname> is omitted when sending logs on syslog: Idar Lund wrote:
> If this is considered as "not a bug", the web page https://doc.pfsense.org/index.php/Filter_Log_F... Darren Spruell
02:46 PM Bug #8571 (Resolved): loader.conf/.local cleanup is a bit too aggressive: Jim Pingle
02:45 PM Bug #8571: loader.conf/.local cleanup is a bit too aggressive: On 2.4.4.a.20180705.0032 (SG-2440) added autoboot_delay=10 to /boot/loader.conf.local (which didn't exist before that... Anonymous
02:25 PM Todo #8350: Remove clog in favor of standard syslogd or syslogd alternative with rotation via newsyslog or logrotate: +1 on this - clog is kind of neat for the use case it addresses, but is fairly inconvenient in terms of modern log an... Darren Spruell
02:11 PM Todo #1940: Integrate rSyslogd: Another vote! Darren Spruell
02:02 PM Bug #8457: Packages do not remove on factory default: Behavior described in last update appeared to be limited to acme ... created https://redmine.pfsense.org/issues/8623 ... Anonymous
01:59 PM Bug #8623 (Closed): acme package does not show correct installation output following a factory reset: Install the latest 2.4.4 snap (or upgrade to it from 2.4.3). Run `playback gitsync master` to get current. Reset the ... Anonymous
01:45 PM Revision 50e0d399: wizard.php: Ensure CA and Certs are arrays before using in foreach.: Jim Pingle
01:20 PM Feature #8602 (Feedback): DNS over TLS host verification: Applied in changeset commit:ad08a8242ca45907e0486712d218a5f8f34c7332. Jim Pingle
08:53 AM Feature #8602: DNS over TLS host verification: Unbound 1.7.3 is in current 2.4.4 snapshots, so this can be added now. Jim Pingle
01:12 PM Revision ab4fdf49: Cosmetic changes to warning maeesage: Steve Beaver
01:03 PM Revision 1ddc7206: Add position params to gettext password warning: Steve Beaver
12:44 PM Revision 40d26f65: Test the password, not the hash, or it won't detect if the user reset password from the console or otherwise changed it to the default manually. Issue #8596: Jim Pingle
12:20 PM Revision 58a0f5e1: Change warning wording to avoid using a "click here" link. Issue #8596: Jim Pingle
11:52 AM Revision 5b2e9e7b: Fixed #8596: Steve Beaver
11:41 AM Bug #8407 (Resolved): FRR BGP MD5 support is broken: Great!
I'll close this out for now. If it breaks again, let us know. Jim Pingle
11:36 AM Bug #8407: FRR BGP MD5 support is broken: I used my previous lab test from #7969 and looks like I was able to establish a BGP session w/ password OK to my aris... Andrew Dul
11:26 AM Feature #8292: IPsec mobile clients with different (virtual) IP addresses by (EAP) identity: Christian R. wrote:
> James Dekker wrote:
> > On 2.4.4.a.20180705.0032 the options appear. Tested specifying a diff... Anonymous
10:43 AM Feature #8292: IPsec mobile clients with different (virtual) IP addresses by (EAP) identity: James Dekker wrote:
> On 2.4.4.a.20180705.0032 the options appear. Tested specifying a different DNS server, saved a... Christian R.
07:22 AM Feature #8292 (New): IPsec mobile clients with different (virtual) IP addresses by (EAP) identity: Jim Pingle
09:24 AM Feature #8596: Warn user when default password has not been changed: On 2.4.4.a.20180705.0739 gitsync'd to master, the feature works as expected. Anonymous
07:09 AM Feature #8596 (Resolved): Warn user when default password has not been changed: Anonymous
07:00 AM Feature #8596: Warn user when default password has not been changed: Applied in changeset commit:5b2e9e7b034a3818ec754fa316516e9e0e6a1c86. Anonymous
09:02 AM pfSense Packages Bug #8620: arpwatch database page is not accessible: I am also experiencing this. My best guess is that Arpwatch is starting itself at boot, then pfSense is starting Arp... DL Ford
08:35 AM Bug #8582: Ship RFC 7919-provided DH groups: Looks good here so far. GUI still works in a variety of different browsers/platforms (Firefox and Chrome on Linux, Ma... Jim Pingle
07:59 AM Bug #8622 (Confirmed): system_usermanager.php: Group selections not retained when an input error occurs: Jim Pingle
04:04 AM Bug #8622 (Resolved): system_usermanager.php: Group selections not retained when an input error occurs: When doing such a simple thing as adding a ssh key, I completely deprived myself of access to webgui or ssh and was a... Andrew Rud
07:37 AM Bug #8617 (Resolved): Error on RADIUS Authentication: RADIUS auth works from diag_authentication.php with the current code from the repository. Jim Pingle
07:33 AM Bug #8515 (Resolved): ts wizard syntax error (as of 2.4.4.a.20180514.0905): Jim Pingle
07:32 AM Bug #8048 (New): DHCPv6 Configured for LAN without LAN interface: Jim Pingle
07:32 AM Bug #8597 (Resolved): When editing a firewall rule, the "Action" field is selected: Jim Pingle
07:30 AM Bug #4438 (Resolved): Unable to delete IP Alias outside an interface's subnet where a gateway exists in the same subnet: Tested and working Jim Pingle
07:28 AM Todo #8411: dnsmasq configuration needs changes for 2.79: I can't replicate any problem here. Domain overrides work on the latest snapshot, no changes made. Queries are forwar... Jim Pingle
07:23 AM Bug #8591 (Resolved): interfaces.php: Checking "Default Gateway" on the "Add a new Gateway" modal does not set it as default: Jim Pingle
07:22 AM Bug #8593 (Resolved): Extend maximum gateway monitoring ping interval: Jim Pingle
07:08 AM Bug #8606 (Resolved): system_advanced_admin.php: PHP error when saving without sshdkeyonly set: Jim Pingle
07:07 AM Bug #8621 (Resolved): PHP errors on VPN IPSec P1 add: Already fixed by https://github.com/pfsense/pfsense/pull/3960 which was merged yesterday. Jim Pingle
05:16 AM Bug #8621: PHP errors on VPN IPSec P1 add: When editing an existing tunnel on 2.4.4
Fatal error: Call to undefined method Form_Section::setHelp() in /usr/loc... Chris Macmahon
01:16 AM Bug #8621: PHP errors on VPN IPSec P1 add: On SG3100 (built on Thu Jul 05 01:19:47 EDT 2018) I see this when trying to create ipsec P1:
Fatal error: Call to ... Vladimir Lind
12:53 AM Bug #8621 (Resolved): PHP errors on VPN IPSec P1 add: Downloaded latest KVM pfSense-netgate-kvm-2.4.4-DEVELOPMENT-amd64-20180530-1447.qcow2.gz
Updated via GUI to latest... Paighton Bisconer
06:13 AM Bug #7013 (Resolved): Changing group scope to remote does not remove it from group file: Renato Botelho
06:11 AM Todo #7024: Replace copy of radius.inc by pear-Auth_RADIUS: James Webb wrote:
> I believe the change applied in commit: e26b805 may have caused errors; specifically those refer... Renato Botelho

07/05/2018

07:51 PM Feature #2358: NAT64 support: UPVOTE Talyrius Bekhesh
07:48 PM Feature #2358: NAT64 support: Bump + UpVote ! Peek Around
06:18 PM Feature #7746: Proxy NDP: Ran into the exact same issue (provider only issues a /64 and I give away a chunk of that to mobile VPN clients). If ... Firstname Surname
05:02 PM Bug #8606: system_advanced_admin.php: PHP error when saving without sshdkeyonly set: On 2.4.4.a.20180705.0032 checked "Display page name first in browser tab", checked "Enable Secure Shell", and left th... Anonymous
04:58 PM Feature #8292: IPsec mobile clients with different (virtual) IP addresses by (EAP) identity: On 2.4.4.a.20180705.0032 the options appear. Tested specifying a different DNS server, saved and applied changes, sto... Anonymous
04:49 PM Bug #8593: Extend maximum gateway monitoring ping interval: On 2.4.4.a.20180705.0032 you're able to set the probe interval to a max value of 36000000 as expected. Anonymous
04:42 PM Bug #8591: interfaces.php: Checking "Default Gateway" on the "Add a new Gateway" modal does not set it as default: On 2.4.4.a.20180705.0032 works as expected. Anonymous
04:18 PM Revision ac27f5a1: Fixed #8597 The edit page will no longer initialize with focus on any element: Stephen Jones
04:00 PM Bug #8618: 2.4.4 *possible bug* with Intel C3858 and Interface Auto-Detection on 10Gb interfaces: I have a SuperMicro box with the same specs on-hand. Will attempt to replicate and debug. Clinton Cory
03:57 PM pfSense Packages Bug #8620: arpwatch database page is not accessible: I'm having the same problems. Woke up this morning to find all devices that have a static IP set were off line and I ... Dave Bergman
11:05 AM pfSense Packages Bug #8620: arpwatch database page is not accessible: Sven L wrote:
> I experienced exactly the same. In my case after some time running arpwatch my whole pfsense box hun... Cino .
10:44 AM pfSense Packages Bug #8620: arpwatch database page is not accessible: Cino . wrote:
> The issue I have with arpwatch is different but I'm pretty sure they are related. After a day or two... Sven L
10:14 AM pfSense Packages Bug #8620: arpwatch database page is not accessible: The issue I have with arpwatch is different but I'm pretty sure they are related. After a day or two of arpwatch runn... Cino .
09:57 AM pfSense Packages Bug #8620 (Resolved): arpwatch database page is not accessible: On CE-2.4.3-p1 I am not able to open https://172.21.41.148/pkg_edit.php?xml=arpwatch.xml - getting 504
from upstre... Vladimir Lind
03:57 PM Bug #8515: ts wizard syntax error (as of 2.4.4.a.20180514.0905): On 2.4.4.a.20180705.0032 the wizard completes without error and the queues show up under Status > Queues Anonymous
03:52 PM Bug #8048: DHCPv6 Configured for LAN without LAN interface: On 2.4.4.a.20180705.0739 the bad behavior is still present. Anonymous
03:44 PM Bug #7013: Changing group scope to remote does not remove it from group file: On 2.4.4.a.20180705.0032 works as expected. After changing scope from Local to Remote, the group is removed from /etc... Anonymous
03:34 PM Bug #8457: Packages do not remove on factory default: On 2.4.4.a.20180705.0032 this behavior is still present:
"installed acme, performed Factory reset with WebGUI an... Anonymous
03:25 PM Revision 54d62381: Merge pull request #3960 from PiBa-NL/20180704-ipsec-fix-phase1-edit-page: Steve Beaver
03:24 PM Bug #8469: DHCP Server configuration page errantly expands Dynamic DNS advanced parameters even when none are configured: Forgot to include files for https://redmine.pfsense.org/issues/8469#note-8
Anonymous
03:22 PM Bug #8469: DHCP Server configuration page errantly expands Dynamic DNS advanced parameters even when none are configured: Simply clicking "Display advanced" at Services > DHCP Server, Dynamic DNS changes the DHCP section of config.xml as s... Anonymous
03:21 PM Bug #8469: DHCP Server configuration page errantly expands Dynamic DNS advanced parameters even when none are configured: On 2.4.4.a.20180705.0032 stock, hitting Save at Services > DHCP caused the service to stop. Trying to manually start ... Anonymous
03:00 PM Bug #8597: When editing a firewall rule, the "Action" field is selected: Tested (as a patch) on 2.4.4.a.20180705.0032, worked as expected, rule action is not selected by default. Anonymous
11:30 AM Bug #8597 (Feedback): When editing a firewall rule, the "Action" field is selected: Applied in changeset commit:ac27f5a1082d971566f21169e0d17401e335c1c6. Anonymous
02:49 PM Todo #8411: dnsmasq configuration needs changes for 2.79: On 2.4.4.a.20180705.0032 the host override resolves successfully, but the domain override does not. Anonymous
01:58 PM Revision e31870db: Merge pull request #3951 from whislock/dh-rfc: Steve Beaver
01:53 PM Revision fbb77ab7: Merge pull request #3958 from PiBa-NL/20180702-gateway-none: Steve Beaver
01:16 PM Bug #8582 (Feedback): Ship RFC 7919-provided DH groups: PR Merged Jim Pingle
01:14 PM Feature #8187 (Feedback): Gateways, allow for configuring a gatewaygroup as the default gateway. #3781: PR merged Jim Pingle
01:11 PM Bug #8614: Cannot remove Additional BOOTP/DHCP Options: If you add more than one, a delete button appears. It doesn't give you a delete button for the last entry, but you ca... Jim Pingle
01:10 PM Bug #8534 (Resolved): Invalid DHCP options can be added: The values can be 0, but this was about the option number, not the value.
The option number is now restricted to 1... Jim Pingle
12:19 PM Revision 71b4b23b: Add missing global $g declaration: Renato Botelho
12:02 PM Revision 7fe4d351: Create pkg_conf_setup() to setup pkg.conf: It will be necessary in near future for thoth setup Renato Botelho
11:51 AM Revision 6900f144: Remove autoconfigbackup2: Renato Botelho
11:44 AM Revision 5286277f: Suppress display of AutoConfigBackup in package list: Steve Beaver
11:44 AM Feature #8596: Warn user when default password has not been changed: PRD created. Anonymous
10:05 AM Feature #8596: Warn user when default password has not been changed: Please create a PRD for this feature. It is subject to much debate so we need to have everyone in agreement before p... Anonymous
09:36 AM Feature #8596 (Feedback): Warn user when default password has not been changed: If we display a notice before the user logs in, we will be telling that person what the login credentials are
If we ... Anonymous
11:38 AM Revision 49ec9d91: Fix #7024: Fix Radius include extension: Renato Botelho
11:19 AM Bug #8617 (Feedback): Error on RADIUS Authentication: This is not specific to FreeRADIUS, but recent RADIUS changes. Renato has committed a fix. Jim Pingle
11:14 AM pfSense Packages Bug #8514 (Duplicate): Captiveportal save or update: Duplicated by #8616 but it has better information, so closing this in favor of that ticket. Jim Pingle
03:03 AM pfSense Packages Bug #8514: Captiveportal save or update: I confirm this behaviour
Please see https://redmine.pfsense.org/issues/8616 A FL
10:03 AM Feature #6620 (Resolved): CoDel, FQ-CoDel, PIE and FQ-PIE AQMs: Anonymous
07:23 AM Feature #6620: CoDel, FQ-CoDel, PIE and FQ-PIE AQMs: This seems to work great since the merge. Alexandre Paradis
09:38 AM Bug #8387 (Closed): Cannot use large CRLs: Anonymous
09:36 AM Bug #8539 (Resolved): ACLs not configurable in German Language UI: Anonymous
09:05 AM pfSense Packages Bug #8619: Domains improperly checked when registering DHCP static mappings: PR: https://github.com/pfsense/FreeBSD-ports/pull/533 Martin Gignac
08:53 AM pfSense Packages Bug #8619 (Resolved): Domains improperly checked when registering DHCP static mappings: There is a bug in the Register DHCP Static Mappings feature of BIND zones. I've noticed that if I create DHCP static ... Martin Gignac
07:56 AM Bug #8518: Rule Error On Upgrade 2.4.3 -> 2.4.3-p1: The solution is in the commits on this issue, not that diff. It has been fixed on 2.4.4, but unless we make another 2... Jim Pingle
07:51 AM Bug #8518: Rule Error On Upgrade 2.4.3 -> 2.4.3-p1: Still hitting this bug with no working solution in 2.4.3_p1, but it's fixed in 2.4.4.a.20180705.0739 , at least on th... Adam Thompson
03:41 AM Bug #7532: SG-1000 autonegotiation 10baseT speed and duplex: Looked at "datasheet":http://ww1.microchip.com/downloads/en/DeviceDoc/00002117F.pdf
p.33 in the description of bit 1... Dmitry Vakhrushev
02:53 AM Bug #7532: SG-1000 autonegotiation 10baseT speed and duplex: Expected solution is not appropriate.
I thought that part of errata KSZ9031 (1G PHY chip which used in SG-1000) help... Dmitry Vakhrushev
03:08 AM Bug #8616: When reconfiguring a captiveportal, connected users get disconnected and can't login back: Issue mentionned here : https://forum.netgate.com/topic/137824/pfsense-no-internet-when-it-is-said-you-are-connected/... A FL

06/30/2018

11:06 PM pfSense Packages Bug #7661: pfBlockerNG doesn't make a rule for Antarctica: This should be fixed in the pfBlockerNG-devel version. BBcan177 .
11:06 PM pfSense Packages Bug #8318: PFBlockerNG removes alias file when using advanced inverted rule: This should be fixed in the pfBlockerNG-devel version. BBcan177 .
04:44 PM Bug #8611 (In Progress): unable to receive IPv6 RA's on SG-1000, default route lost: expected behavior:
* IPv6 default route is stable indefinitely
actual behavior:
* IPv6 default route is lost a f... Anthony Roberts

06/29/2018

04:11 PM pfSense Packages Feature #8610 (Resolved): FRR BGP "no bgp default ipv4-unicast" option.: Any chance at getting this option added in GUI?
Trying to keep IPv4 and IPv6 neighbors/routes separate but of cour... Brandon Jackson
02:04 PM Revision 58cbaf84: Fix style: Renato Botelho
01:53 PM Revision 5ee16aa6: Fixing GitHub reported issues: no
08:03 AM pfSense Packages Bug #8608 (Not a Bug): openVPN export package doesn't export compression settings: It doesn't put it there because it isn't necessary to. With OpenVPN 2.4 the compression setting can be pushed, it doe... Jim Pingle

06/28/2018

10:56 PM pfSense Packages Bug #8608 (Not a Bug): openVPN export package doesn't export compression settings: I did the test with openVPN server configured with those options activated
--> compression : lz4-v2
--> Push Compre... david stievenard
10:19 PM pfSense Packages Bug #8607: Suricata package fails to prune suricata.log: Relevant logs:
@Jun 28 14:28:20 pfsense php-fpm[1136]: /suricata/suricata_logs_browser.php: PHP ERROR: Type: 1, Fi... John Silva
10:16 PM pfSense Packages Bug #8607 (Resolved): Suricata package fails to prune suricata.log: The suricata package does not prune suricata.log. As a result, suricata.log grows without bound eventually resulting... John Silva
10:00 PM pfSense Packages Bug #6988: SNORT Package PHP memory error: There is no option to configure the log size for snort.log. Because of this it grows without bound resulting in this... John Silva
02:50 PM Revision 8038c4e8: Correct a PHP error when saving on system_advanced_admin.php. Fixes #8606: Jim Pingle
10:00 AM Bug #8606 (Feedback): system_advanced_admin.php: PHP error when saving without sshdkeyonly set: Applied in changeset commit:8038c4e807c88fda4e1bb5b37ac31c9dbb8395fe. Jim Pingle
09:50 AM Bug #8606 (Resolved): system_advanced_admin.php: PHP error when saving without sshdkeyonly set: If the SSH settings are set to "Password or Public Key", when saving any other setting on the page a PHP error occurs... Jim Pingle

06/27/2018

04:43 PM Revision f031765b: Fix OpenVPN Wizard LDAP handling of ATTR fields. Fixes #8605: While here, also add missing LDAP fields and fix a PHP 7.2 error. Jim Pingle
03:10 PM Bug #7094 (Duplicate): Unbound startup syntax is incorrect: Duplicated by #7667 and has been fixed for some time now. Jim Pingle
02:53 PM Revision 64fa4207: Fixed #7013: Added warning requiring reboot if group scope is changed Steve Beaver
02:45 PM Revision 6f8e648f: Do not generate a NAT reflection rule with an interface source if that interface has no IP address. Fixes #8604: Jim Pingle
01:52 PM Feature #8599: IPv6 flow labels: Looks like @ipfw@ can match, but not set the IPv6 @flow-id@. I don't see any reference to a similar function to match... Jim Pingle
01:24 PM Bug #8590: sshd does not allow agent forwarding: Another funny aspect is that this is a quote from official ssh manual, https://www.freebsd.org/cgi/man.cgi?sshd_confi... Sorin Sbarnea
12:49 PM Bug #8590: sshd does not allow agent forwarding: > It's always acceptable to voice security concerns, thanks for the input!
I think that the security concerns are ... Sorin Sbarnea
11:50 AM Bug #8605 (Feedback): OpenVPN wizard fails to populate LDAP fields: Applied in changeset commit:f031765bb020f7a67a022056cda341f18a88ff8a. Jim Pingle
10:02 AM Bug #8605 (Resolved): OpenVPN wizard fails to populate LDAP fields: If you run the OpenVPN wizard and choose LDAP in the first step it asks you to fill in the data required to create th... Steve Wheeler
10:52 AM pfSense Plus Bug #8600: "snmpd SIOCGIFDESCR (e6000sw0port1): Device not configured": The bug also affects 7100 Constantine Kormashev
10:00 AM Bug #7013: Changing group scope to remote does not remove it from group file: Applied in changeset commit:64fa4207182efea9b45f5170b8996b967441d4e1. Anonymous
09:55 AM Bug #7013 (Feedback): Changing group scope to remote does not remove it from group file: Changing group scope from local to remote now deletes the group from /etc/group
Added a warning message to indicate ... Anonymous
10:00 AM Bug #8604 (Feedback): Race condition in NAT reflection filter rules leads to ruleset load failure: Applied in changeset commit:6f8e648f5c88e04166539ab27872b13dfd587cb8. Jim Pingle
09:40 AM Bug #8604 (Resolved): Race condition in NAT reflection filter rules leads to ruleset load failure: On current 2.4.4 snapshots, at boot time the rules can be (re)loaded before all of the interface addresses are presen... Jim Pingle
09:41 AM Revision 6c83167c: Build drm-stable-kmod: Renato Botelho
09:08 AM Bug #8603: PPP WANs do not work on VLANs on current snapshots: Similar to #7981 Jim Pingle
09:06 AM Bug #8603 (Resolved): PPP WANs do not work on VLANs on current snapshots: At some time between April and now on 2.4.4 snapshots, PPP WANs like PPPoE stopped working when using a VLAN interfac... Jim Pingle

06/26/2018

06:11 PM Revision 02d5d8bd: Fix PHP 7 error on services_unbound_host_edit.php: Jim Pingle
02:41 PM Revision fafd64f2: Deprecate the copy of simplepie, use the port instead: Renato Botelho
11:42 AM Bug #7634 (Resolved): When restoring from USB during install, if the config file contains RRD data, the final config.xml on the system will also contain all the RRD infomation: Added a piece in the PFI to remove rrddata when restoring from a USB config during install. b76e6a64c0b948808a0260f4c... Anonymous
10:51 AM Todo #6998 (Feedback): Create a port for simplepie to keep it updated and use modular version: Renato Botelho
09:55 AM Feature #8552 (Resolved): enable http2: Jim Pingle
09:47 AM Bug #8601 (Duplicate): "snmpd SIOCGIFDESCR (e6000sw0port1): Device not configured": Duplicate ticket of #8600 Jim Pingle
01:59 AM Bug #8601 (Duplicate): "snmpd SIOCGIFDESCR (e6000sw0port1): Device not configured": When enabling SNMP on SG-3100 and XG-7100 following messages appear on every SNMP service change:
SG3100:
Jun 2... Vladimir Lind
09:29 AM Feature #8602: DNS over TLS host verification: devel should pick it up naturally here in a week or two when the 2018Q3 branch comes in. FreeBSD ports tree HEAD/mast... Jim Pingle
08:59 AM Feature #8602 (Resolved): DNS over TLS host verification: Currently at 1.6.8 in release, and "1.7.0 on devel":https://github.com/pfsense/FreeBSD-ports/blob/4089b606b21a5ae7df5... Andrew M
01:58 AM pfSense Plus Bug #8600 (Resolved): "snmpd SIOCGIFDESCR (e6000sw0port1): Device not configured": When enabling SNMP on SG-3100 and XG-7100 following messages appear on every SNMP service change:
SG3100:
Jun 2... Vladimir Lind

06/25/2018

02:46 PM Revision ecf4b407: Remove unneeded commas: Isaac McDonald
12:59 PM Revision 31a618f5: Remove 512 bit option from OpenVPN wizard.: Justin Coffman
11:38 AM Feature #8599 (New): IPv6 flow labels: Here's a short list of possible uses for IPv6 flow labels in pfSense:
* Ability to apply QOS based on IPv6 flow la... Isaac McDonald
09:53 AM Bug #8594: Assess default crypto settings for OpenVPN/IPsec: I can open up a separate issue and work on it, if you think it's worthwhile. Anonymous
09:47 AM Bug #8594: Assess default crypto settings for OpenVPN/IPsec: Justin Coffman wrote:
> Would it be valuable to include some validation logic in the interface to warn a user if the... Jim Pingle
09:10 AM Bug #8594: Assess default crypto settings for OpenVPN/IPsec: Would it be valuable to include some validation logic in the interface to warn a user if they select an algorithm wit... Anonymous
08:18 AM Bug #8594: Assess default crypto settings for OpenVPN/IPsec: Justin Coffman wrote:
> Additionally, I'd like to make two additional changes:
>
> 1. Add a 6144-bit option to th... Jim Pingle
07:41 AM Bug #8594: Assess default crypto settings for OpenVPN/IPsec: PR for proposed changes: https://github.com/pfsense/pfsense/pull/3954
Obviously, PR commits are subject to change ... Anonymous
07:40 AM Bug #8561 (New): default-route is not always set for a pppoe connection after bootup.: Jim Pingle

06/24/2018

08:28 PM Feature #8598 (Resolved): Add IPsec identifiers to Status > IPsec: Add the IPsec identifiers used in the IPsec configuration, on the Status > IPsec page. Anonymous
08:20 PM Bug #8597 (Resolved): When editing a firewall rule, the "Action" field is selected: When a user goes to edit a firewall rule, the page loads with the "Action" field selected (in Chrome and Firefox). If... Anonymous
08:13 PM Feature #8596 (Resolved): Warn user when default password has not been changed: The user should be warned on every login that the default password has not been changed, until it's been changed.
... Anonymous
12:28 PM Revision 561077c7: routing, fix setting the default-route when the configured default gateway is a dynamic pppoe gateway: PiBa-NL
08:23 AM Bug #8595: Maybe a new mpd5-x+1 MTU ISSUE WITH ORANGE FR: Eugene Grosbein - 29 minutes ago
I have just updated FreeBSD's net/mpd5 port up to revision 5.8_4 that contains t... xavier Lemaire
06:34 AM Bug #8595: Maybe a new mpd5-x+1 MTU ISSUE WITH ORANGE FR: It s work for me
https://sourceforge.net/p/mpd/bugs/62/#7142
Eugene Grosbein make a binary https://sourceforge... xavier Lemaire
01:31 AM Bug #8595: Maybe a new mpd5-x+1 MTU ISSUE WITH ORANGE FR: https://sourceforge.net/p/mpd/bugs/62/#b64c
A patch to try xavier Lemaire
07:32 AM Bug #8561: default-route is not always set for a pppoe connection after bootup.: Sorry, forgot the '!', new PR added: https://github.com/pfsense/pfsense/pull/3956 Pi Ba

06/23/2018

02:11 PM Revision 264f4423: routing, when adding a new gateway and setting it as the default actually allow that to happen by indicating the proper ipprotocol for the gateway to set it for as a default: PiBa-NL
11:40 AM Bug #8591: interfaces.php: Checking "Default Gateway" on the "Add a new Gateway" modal does not set it as default: fix submitted: https://github.com/pfsense/pfsense/pull/3955 Pi Ba
11:10 AM Revision 36cfae5f: Add 6144/remove 512 from cert size options: Justin Coffman
10:24 AM Bug #8595 (Resolved): Maybe a new mpd5-x+1 MTU ISSUE WITH ORANGE FR: hi guys
I opened a thread here : https://sourceforge.net/p/mpd/bugs/62/
I have the feeling that awesome guys are ... xavier Lemaire
06:11 AM Bug #8594: Assess default crypto settings for OpenVPN/IPsec: Additionally, I'd like to make two additional changes:
# Add a 6144-bit option to the CA and Cert Manager pages (t... Anonymous
06:09 AM Bug #8594: Assess default crypto settings for OpenVPN/IPsec: Additionally, I'd like to make two additional changes:
1. Add a 6144-bit option to the CA and Cert Manager pages (... Anonymous
03:30 AM Revision ec9343c0: Update crypto defaults for OpenVPN/IPsec: Updated default cipher to AES-128, default hash to SHA256, default DH group to 2048 bit (IPsec DH group 14). Justin Coffman
02:19 AM Revision 4b6bf6aa: Remove RFC 7919 from DH group titles: Nothing is preventing the user from overwriting them, which would mean they're no longer the RFC groups. Justin Coffman
02:17 AM Revision 43228ab3: Added new DH groups to valid groups list: Justin Coffman

06/22/2018

07:58 PM Revision aa93d3fa: Reduce max interval to 60 minutes: Per discussion on Redmine, bringing the maximum probe interval down to 60 minutes. Anything higher than this would pr... Justin Coffman
07:18 PM Revision bad35425: Properly escape the single quotes: Aaron Kalin
07:01 PM Revision e7d76457: Redmine #8592: Clarify DHCP hostname registration: Isaac McDonald
07:00 PM Revision 7ae00d0d: Extend maximum monitoring interval.: The existing monitoring interval was a maximum of 86400 ms, or approximately 86 seconds. This can cause excessive dat... Justin Coffman
05:43 PM Bug #8594 (Resolved): Assess default crypto settings for OpenVPN/IPsec: Per Jim's comment on https://github.com/pfsense/pfsense/pull/3951. If any changes are approved, I'll be happy to subm... Anonymous
03:13 PM Revision 3efa3530: Provide DH groups from RFC 7919.: Replaced 2048-bit and 4096-bit groups with RFC 7919 parameters. Added 3072, 6144, and 8192-bit groups from same. Relo... Justin Coffman
03:06 PM Revision 3937cbaa: Remove DH group name from output.: Accidentally left that line in from testing. Justin Coffman
03:05 PM Revision 45bebeb8: Create generate_ffdhe.py: This script converts the hexadecimal-format parameters from RFC 7919 to usable PEM format DH groups. Justin Coffman
02:59 PM Bug #8593: Extend maximum gateway monitoring ping interval: Change committed to the PR branch. Anonymous
02:57 PM Bug #8593: Extend maximum gateway monitoring ping interval: I'll be honest, I didn't really have a maximum value in mind. I saw the existing value and thought "oh, they must hav... Anonymous
02:41 PM Bug #8593: Extend maximum gateway monitoring ping interval: I'd prefer that, but it's open for debate if there is a valid use case I'm not thinking of. Jim Pingle
02:25 PM Bug #8593: Extend maximum gateway monitoring ping interval: I can modify it down to 3,600,000 ms (60 minutes) in the PR, if that works. Anonymous
02:15 PM Bug #8593: Extend maximum gateway monitoring ping interval: The 86400 limit is likely a holdover from when it used to be seconds, but letting it go up to a full day seems like i... Jim Pingle
02:07 PM Bug #8593: Extend maximum gateway monitoring ping interval: Submitted PR: https://github.com/pfsense/pfsense/pull/3953 Anonymous
02:05 PM Bug #8593 (Resolved): Extend maximum gateway monitoring ping interval: The existing maximum gateway monitoring ping interval is 86,400 ms, or about a minute and a half. Over strictly meter... Anonymous
02:07 PM Bug #8592: Can't "Register DHCP leases in the DNS Resolver" when only using DHCPv6: Issue addressed in PR https://github.com/pfsense/pfsense/pull/3952 Isaac McDonald
01:22 PM Bug #8592: Can't "Register DHCP leases in the DNS Resolver" when only using DHCPv6: Granted it could be more clear, but DHCP is always IPv4, it does not refer to both. For IPv6 support, things are labe... Jim Pingle
01:13 PM Bug #8592: Can't "Register DHCP leases in the DNS Resolver" when only using DHCPv6: If that's the case, the description for the option should be changed to reflect the fact that it only applies to IPv4... Isaac McDonald
12:24 PM Bug #8592 (Not a Bug): Can't "Register DHCP leases in the DNS Resolver" when only using DHCPv6: DHCPv6 does not support registering hostnames, so this is working as expected. Only IPv4 DHCP is capable of pulling h... Jim Pingle
12:22 PM Bug #8592 (Resolved): Can't "Register DHCP leases in the DNS Resolver" when only using DHCPv6: Attempts to enable "@Register DHCP leases in the DNS Resolver@" in the "DNS Resolver" module fail when only DHCPv6 is... Isaac McDonald
11:38 AM Bug #8591 (Resolved): interfaces.php: Checking "Default Gateway" on the "Add a new Gateway" modal does not set it as default: On interfaces.php, for a static IP Address WAN, the "Add a new Gateway" button/modal lets you add a gateway and it ha... Jim Pingle
10:59 AM Bug #8588 (Resolved): Latest installer image does not boot as an ISO: Latest snapshot is OK after Renato merged in changes from releng/11.2. Jim Pingle
10:26 AM Bug #8534 (Feedback): Invalid DHCP options can be added: PR has been merged Jim Pingle
10:26 AM Feature #8552 (Feedback): enable http2: PR has been merged Jim Pingle
10:26 AM Bug #8561 (Feedback): default-route is not always set for a pppoe connection after bootup.: PR has been merged Jim Pingle
10:25 AM Bug #8582: Ship RFC 7919-provided DH groups: GitHub PR filed referencing this issue: https://github.com/pfsense/pfsense/pull/3951 Anonymous
10:25 AM Bug #8587 (Feedback): System information dashboad show only first swap disk/file info: PR has been merged Jim Pingle
10:05 AM Feature #8292 (Feedback): IPsec mobile clients with different (virtual) IP addresses by (EAP) identity: PR was merged yesterday. Jim Pingle
09:15 AM Bug #8590 (Rejected): sshd does not allow agent forwarding: I concur with Justin. The security risks involved with agent forwarding make it undesirable for a firewall.
If som... Jim Pingle
09:08 AM Bug #8590: sshd does not allow agent forwarding: Sorin Sbarnea wrote:
> I am in favour of enabling it by default because I see no security risks with it and it would... Anonymous
04:12 AM Bug #8590 (Resolved): sshd does not allow agent forwarding: Apparently /etc/ssh/sshd_config file is missing "AllowAgentForwarding yes" option, which prevents agent forwarding.
... Sorin Sbarnea

06/21/2018

07:56 PM Revision be228fd8: PHP7 fixed illegal string offset: Stephen Jones
03:09 PM Revision fc00cb20: Merge pull request #3950 from marcelloc/patch-5: Steve Beaver
03:07 PM Revision 1b213a45: Merge pull request #3949 from Hobby-Student/master: Steve Beaver
03:06 PM Revision 8baac392: Merge pull request #3947 from PiBa-NL/20180609-fix-default-route-for-dynamic-gateway-pppoe: Steve Beaver
03:04 PM pfSense Packages Bug #8589 (New): FreeRadius 0.15.5_2 ignoring tunnelled-reply=no: I have disabled EAP tunneled reply, however the NAS is still receiving the response.
FreeRadius config:
peap {
... Matt Klouda
03:03 PM Revision 4439ab0b: Merge pull request #3945 from laurentquillerou/http2: Steve Beaver
03:01 PM Revision e0f84e05: Merge pull request #3943 from miken32/patch-2: Steve Beaver
02:31 PM Revision e08d2ae7: Flavorize pfBlockerNG-devel: Jim Pingle
01:00 PM Revision 525199ff: Fix typo: Renato Botelho
12:38 PM Bug #8588 (Resolved): Latest installer image does not boot as an ISO: The latest image, pfSense-CE-memstick-2.4.4-DEVELOPMENT-amd64-20180621-0604.img, should be a hybrid image but it does... Jim Pingle
02:27 AM Revision a9c6c95b: Build all flavors of pfBlockerNG: Jim Pingle
12:39 AM pfSense Packages Bug #8139: LADVD not working on LAGG interfaces: Same bug was logged on the FreeNAS tracker too:
https://redmine.ixsystems.com/issues/27497 Tom Cosmos

06/20/2018

09:51 PM Revision 4a1de53e: Merge https://github.com/pfsense/pfsense into http2: Laurent QUILLEROU
08:30 PM Revision a592da38: requested changes: christian christian
08:13 PM Revision 9f208301: fix the fix: Marcello Silva Coutinho
07:47 PM Revision 57fe270e: get total size on system dashboad: Marcello Silva Coutinho
07:40 PM Revision c7841232: check total swap size on dashboard: Refer to bug #8587 Marcello Silva Coutinho
03:02 PM Bug #8587: System information dashboad show only first swap disk/file info: Forgot to test on systems without more then on swap file.
-The code needs more checks-
Pushed a fix for the fix. Marcello Silva Coutinho
02:53 PM Bug #8587: System information dashboad show only first swap disk/file info: Marcello Silva Coutinho wrote:
> On systems that swap was undersized and a another swap file had to be added, dashbo... Marcello Silva Coutinho
02:31 PM Bug #8587 (Resolved): System information dashboad show only first swap disk/file info: On systems that swap was undersized and a another swap file had to be added, dashboard fails to show right usage % an... Marcello Silva Coutinho
01:56 PM Revision bbc752e1: fixed wrong if conditions: added support of dns server christian christian
12:20 PM Revision fdbea0c6: misspelled ldap bind username variable: * $ldapbndun -> $ldapbindun
(cherry picked from commit b310666c2662044ab761f8c9798a46a064d1c6d5) Carl Corliss
12:20 PM Revision e45459c1: misspelled ldap bind username variable: * $ldapbndun -> $ldapbindun
(cherry picked from commit b310666c2662044ab761f8c9798a46a064d1c6d5) Carl Corliss
12:19 PM Revision 3eb9de30: misspelled ldap bind username variable: * $ldapbndun -> $ldapbindun
(cherry picked from commit b310666c2662044ab761f8c9798a46a064d1c6d5) Carl Corliss
12:19 PM Revision fdabb034: Merge pull request #3948 from rabbitt/ldap-fix: Jim Pingle
11:35 AM Bug #8586 (Resolved): Gateway Group trigger level: Hi to all,
i think there is a problem using trigger level in gateway group other than "member down".
In function ... Mauro Parente
11:21 AM Revision 6037515f: Adjust confs for new release-staging server: Renato Botelho
11:20 AM Revision bc7e57de: Adjust confs for new release-staging server: Renato Botelho
11:17 AM Revision 7969ec71: Adjust confs for new release-staging server: Renato Botelho
11:17 AM Revision 64564c4f: Adjust confs for new release-staging server: Renato Botelho
09:21 AM Feature #8292: IPsec mobile clients with different (virtual) IP addresses by (EAP) identity: Original PR was merged. There is a follow-up PR to address issues at https://github.com/pfsense/pfsense/pull/3949 Jim Pingle
09:15 AM Bug #8585 (Resolved): Logical interface MTU matches configuration of its physical port channel, not its own configuration: If a port channel is configured with an MTU of 9000, but one of the VLAN interfaces on that port channel is configure... Tom Cosmos
09:07 AM Bug #8519 (New): pfSense update from the webGUI fails: On an SG-1000 I occasionally get "The update system is busy. Please try again later" message despite starting the upg... Jim Pingle
08:49 AM Bug #8563 (Resolved): User with only "WebCfg - Firewall: NAT: Port Forward" cannot view the list of port forwards: Jim Pingle
08:47 AM Feature #8548 (Resolved): User creation is not logged correctly: Jim Pingle
08:47 AM Bug #8543 (Resolved): IKE Phase 1 configuration not working: Jim Pingle
08:45 AM Bug #8540 (Resolved): Disable Rekey Checkbox Should be Disabled on New IPsec Tunnels: Jim Pingle
08:44 AM Feature #8525 (Resolved): add to status.php: Jim Pingle
08:43 AM Bug #8524 (Resolved): HTTP_REFERER issue if changing the LAN IP in setup wizard: Jim Pingle
08:42 AM pfSense Packages Feature #5052 (Resolved): Avahi Proxy Package: Add option to disable/control cache size.: Jim Pingle
08:40 AM pfSense Packages Bug #8354 (Resolved): ACME: period at end of key name breaks dns validation method: Jim Pingle
08:37 AM Bug #8551 (Resolved): Routed IPsec/VTI is unable to communicate from the ipsecX interface address to a routed target: Works fine now Jim Pingle
08:37 AM Bug #8242 (Resolved): Unable to edit firewall rules: Jim Pingle
08:36 AM Bug #8497 (Resolved): route errors ("route has not been found") on current 2.4.4 snapshots: These errors haven't shown up since this commit. Jim Pingle
07:44 AM Feature #8584 (Rejected): Suppress logging of specific firewall rule: If traffic matches a rule with logging set, it will log.
If traffic matches a rule without logging set, it won't log... Jim Pingle
07:38 AM Feature #8584 (Rejected): Suppress logging of specific firewall rule: I have a number of floating rules that block traffic on my network (such as multicast traffic). Due to the nature of ... T. Oink
07:23 AM Bug #8583 (Feedback): LDAP fails with bind credentials due to mispelled variable: PR is at https://github.com/pfsense/pfsense/pull/3948
I just merged it, will hit the tree momentarily. Jim Pingle
12:12 AM Bug #8583 (Resolved): LDAP fails with bind credentials due to mispelled variable: line #1017 of /etc/inc/auth.inc misspells $ldapbindun as $ldapbndun. PR on github coming shortly. Carl Corliss
05:07 AM Revision b310666c: misspelled ldap bind username variable: * $ldapbndun -> $ldapbindun Carl Corliss

06/19/2018

07:03 PM pfSense Packages Feature #8581: IPv6 hostnames: Jim Pingle wrote:
> That relies on the client making it work, and that also doesn't change the fact that the server ... Shawn Patti
10:06 AM pfSense Packages Feature #8581: IPv6 hostnames: That relies on the client making it work, and that also doesn't change the fact that the server doesn't record the ho... Jim Pingle
09:57 AM pfSense Packages Feature #8581: IPv6 hostnames: You can send fqdn to isc-dhcp v6. It is a matter of adding send fqdn.fqdn = gethostname() to the client dhclient.conf... Shawn Patti
07:24 AM pfSense Packages Feature #8581 (Duplicate): IPv6 hostnames: Duplicate of #2017
DHCPv6 clients don't send a hostname, thus the ISC DHCPv6 daemon doesn't record one in the leas... Jim Pingle
07:08 AM pfSense Packages Feature #8581 (Duplicate): IPv6 hostnames: Would be nice if AAAA records were created the same as A records as issued by dhcpv6 in the resolver. Is this somethi... Shawn Patti
03:59 PM Revision d1a59766: Correct PHP syntax error that leads to a PHP 7 error.: (cherry picked from commit 90b3235d6a47680655b8559618d2cd6841baf823) Jim Pingle
03:57 PM Revision 90b3235d: Correct PHP syntax error that leads to a PHP 7 error.: Jim Pingle
02:06 PM Revision 45c44edb: Correct the gateway check when deleting a VIP. Fixes #4438: Now it checks to see if there are other VIPs in the same subnet left,
and only prevents deleting the last VIP by whic... Jim Pingle
02:05 PM Revision 480c21f4: Correct the gateway check when deleting a VIP. Fixes #4438: Now it checks to see if there are other VIPs in the same subnet left,
and only prevents deleting the last VIP by whic... Jim Pingle
09:20 AM Bug #4438 (Feedback): Unable to delete IP Alias outside an interface's subnet where a gateway exists in the same subnet: Applied in changeset commit:480c21f44c42dd84f7ca0e0db62a7a731ed0278e. Jim Pingle
07:28 AM Bug #8579 (Duplicate): HAProxy produces intermittent 504 errors and sR–: Duplicate of #8580 Jim Pingle
05:02 AM Bug #8579: HAProxy produces intermittent 504 errors and sR–: Sorry, I created this in the wrong project. New bug here:
https://redmine.pfsense.org/issues/8580
Feel free to ... Joe Palmer
04:54 AM Bug #8579 (Duplicate): HAProxy produces intermittent 504 errors and sR–: This turns out to be a bug in v1.7.10:
https://discourse.haproxy.org/t/intermittent-504-errors-and-sr-after-upgrad... Joe Palmer
07:16 AM Bug #8582 (Resolved): Ship RFC 7919-provided DH groups: Currently, pfSense ships DH groups at sizes 1024, 2048, and 4096, with no statement as to how/where/when these groups... Anonymous
05:01 AM pfSense Packages Bug #8580 (Closed): HAProxy produces intermittent 504 errors and sR–: This turns out to be a bug in v1.7.10:
https://discourse.haproxy.org/t/intermittent-504-errors-and-sr-after-upgrad... Joe Palmer
03:40 AM Bug #7175: SIP MESSAGE UDP packets not passed despite rules & pcaps showing otherwise: i have a similar issue, if i do failover from one pfsense box to the other, sip traffic is not being passed in both d... Roland Kletzing

06/18/2018

09:38 PM Feature #8578 (Rejected): /var/unbound/test/unbound_server.pem: No such file or directory: There is not enough information here for a bug report, and this is not a support or discussion platform.
Please po... Jim Pingle
09:25 PM Feature #8578 (Rejected): /var/unbound/test/unbound_server.pem: No such file or directory: We cant save settings in DNS Resolver, we cant disable it either. We cant do browsing because of this. Can you help us? Neil Esperon
01:29 PM Bug #4438: Unable to delete IP Alias outside an interface's subnet where a gateway exists in the same subnet: Easy to reproduce:
1. Add IP Alias VIP in new subnet
2. Add gateway in new subnet
3. Add second IP Alias VIP in ... Jim Pingle
01:25 PM Bug #6455 (Duplicate): Can't delete Virtual IP "referenced by a least one gateway" if gateway outside interface subnet: Duplicate of #4438 Jim Pingle

06/16/2018

06:29 PM pfSense Packages Bug #8577 (Resolved): Snort - Log retention not working: The Snort package has an option under Services -> Snort -> Interfaces -> Log Mgmt to configure "Log Size and Retentio... Clinton Cory

06/15/2018

08:56 PM Revision f54ca2e1: routing, rc.newwanip should also set default-route while booting for ppp interfaces: otherwise we might end up without a default as the bootup script does not wait for ppp interface to obtain the ip, un... PiBa-NL
08:41 PM Revision 5ffeceb6: Fixed #8515 fixed error in queue defintion where it would repeat: It should now create a new definition for each queue. Queues should
now show up under status > queues. Stephen Jones
05:27 PM Revision 8991ac90: Added future ACB settings page: Steve Beaver
05:41 AM Bug #8573 (Resolved): email notifications: Updated to yesterday's snapshots and it started to work Chris Macmahon

06/14/2018

06:39 PM Revision 29e8d025: Validate NPt IPv6 address input and do not use invalid stored settings in rules. Fixes #8575: (cherry picked from commit feccd385d737ffd8c61ca977ee4d3dfa23c1aadc) Jim Pingle
06:39 PM Revision a1b69b57: Rework loader.conf(.local) filtering. Fixes #8571: If this isn't aggressive enough, we could remove the "local" changes and only
keep the new matching method.
(cherry ... Jim Pingle
06:39 PM Revision 0d35a025: Be specific with port fwd priv checks. Fixes #8563: This way, users with only privs to view but not edit port forwards can still see the entries, but not act upon them.
... Jim Pingle
06:39 PM Revision 92e27a71: Correct PHP syntax error. Fixes #8557: (cherry picked from commit 173356547e0005bfe21ba4b2345919dcb89a2fbf) Jim Pingle
06:38 PM Revision 90224db0: Allow hostname/ip to be deleted if the captive portal is not enabled: (cherry picked from commit cc52daa63deb98f6fbcd5edbc24fc65b62eabbec) Stephen Jones
06:38 PM Revision fb4cf3e9: Fixed #8539: (cherry picked from commit 880363af764ab31f2bdf6ee7a7921aeaed577e76) Steve Beaver
06:38 PM Revision 513662e8: Fix up user/group management save message descriptions, add logging for same. Fixes #8548: (cherry picked from commit 3fa6d46229757e2316120a7160a806bb7d28a8ed) Jim Pingle
06:38 PM Revision be5408eb: Add switch config to status output. Implements #8525: (cherry picked from commit 03ce110725129b5f35c62f4985f631a1e3b5d046) Jim Pingle
06:38 PM Revision 9dd89897: Fix bug for rules 'permit ip any any' from LDAP/AD: (cherry picked from commit 1a6857d0eb39e72f12c6f02763863f218ad07293) Aurélien BONANNI
06:04 PM Revision feccd385: Validate NPt IPv6 address input and do not use invalid stored settings in rules. Fixes #8575: Jim Pingle
01:28 PM Bug #8575 (Resolved): IPv6 NPt field order bug?: Jim Pingle
01:10 PM Bug #8575 (Feedback): IPv6 NPt field order bug?: Applied in changeset commit:feccd385d737ffd8c61ca977ee4d3dfa23c1aadc. Jim Pingle
01:06 PM Bug #8575: IPv6 NPt field order bug?: Looks like invalid input caused it, needs some validation. Commit is on its way. Jim Pingle
12:11 PM Bug #8575 (Resolved): IPv6 NPt field order bug?: Hoping this isn't a duplicate of 6985, but appears to be related.
Running 2.4.3_1, appears adding a new NPt crea... Donn Lasher
12:43 PM Bug #8576 (Closed): pfSense stops passing traffic after some time when using Outbound NAT pool w/ Sticky Address: With an outbound NAT mapping configured using pool option "Round Robin with Sticky Address" or "Random with Sticky Ad... Anonymous
12:39 PM Revision 74b3e6ec: 1. I rewound src/etc/inc/config.inc back to you guys' base. It was some funny EOL stuff that happened.: 2. Unwrapped gettext()
3. Agreed. Sanitized.
4. Unwrapped gettext()
5. Took out input_errors item
6. Took out input_... Matt Underscore
04:40 AM pfSense Packages Feature #8574 (Resolved): Enable AgentX-support in lldpd using GUI: The lldpd-package provided by the package manager seems to be compiled with AgentX-support, but there is nowhere to a... Nicklas Björk

06/13/2018

09:50 PM Bug #8492: Enable setting PKCS#12 export password in Certificate Manager: Running 2.4.3-RELEASE-p1 (amd64). The ability to export a keypair as a PKCS12 package (.p12) without a password is ju... Hyrum Smith
09:10 PM Bug #8573: email notifications: Mail notifications work OK here but I'm not using gmail. Perhaps they shut off port 465? Uncheck the ssl box in setti... Jim Pingle
08:56 PM Bug #8573 (Resolved): email notifications: Have not gotten an email notification of boot-up, reboot or gateway event since Jun 9, getting error:
Error: Faile... Chris Macmahon
08:40 PM Bug #8562 (Resolved): IPSEC widget: Jim Pingle
08:28 PM Bug #8562: IPSEC widget: Tested good on latest image: Thanks! Chris Macmahon
07:25 PM Revision 26300aa8: Add more informative documentation: Aaron Kalin
07:06 PM Bug #8572 (Not a Bug): Secure shell: "Authentication Method" option ignored when RSA key configured: The box is working as designed. That enables/disables password authentication. Keys always work. Whether or not the k... Jim Pingle
06:30 PM Bug #8572 (Not a Bug): Secure shell: "Authentication Method" option ignored when RSA key configured: When one (or more) RSA key(s) is(are) configured for the admin user, the "Authentication Method" option for Secure sh... Karl Rigan
02:58 PM Revision 7f943a22: Rework loader.conf(.local) filtering. Fixes #8571: If this isn't aggressive enough, we could remove the "local" changes and only
keep the new matching method. Jim Pingle
11:15 AM pfSense Packages Bug #8568: FreeRadius- Tunnel-Private-Group-ID or VLAN-ID field no longer taking string value. It only take an integer.: Thank you Jim. I verified in my lab and it's working great now! Really appreciate the quick turnaround.
Thanks,
... Vu Pham
10:58 AM pfSense Packages Bug #8568 (Resolved): FreeRadius- Tunnel-Private-Group-ID or VLAN-ID field no longer taking string value. It only take an integer.: I removed the VLAN ID input validation that was preventing your custom value from being saved. It was, as you pointed... Jim Pingle
10:33 AM Bug #7905: OpenVPN Authentication Against Backend Stalls All Server Traffic: I've added another pull request which includes the new plugin port as a dependency to the main pfSense port.
https... Phil DeMonaco
10:10 AM Bug #8571 (Feedback): loader.conf/.local cleanup is a bit too aggressive: Applied in changeset commit:7f943a2269dea1efd9bf42320d14ae7e0ca4a4f7. Jim Pingle
09:58 AM Bug #8571 (Resolved): loader.conf/.local cleanup is a bit too aggressive: We have code that cleans up and eliminates duplicate settings in loader.conf and loader.conf.local to avoid foot-shoo... Jim Pingle
03:10 AM Bug #8570 (New): Empty (dn)shaper config gets populated with newline: Whenever I change something in fw rules the shaper and dnspaher config changes from 'empty' to 'newline':... Zsolt Zsiros

06/12/2018

03:29 PM Bug #8569 (Not a Bug): Certificates generated using deprecated extensions: We've been over this before when it comes up, see #6877 for example.
It doesn't hurt to have it there, the GUI che... Jim Pingle
03:18 PM Bug #8569 (Not a Bug): Certificates generated using deprecated extensions: Any certificate generated in the certificate management interface is generated with a Netscape Cert Type extension in... Justin Coffman
01:53 PM pfSense Packages Bug #8568 (Resolved): FreeRadius- Tunnel-Private-Group-ID or VLAN-ID field no longer taking string value. It only take an integer.: on Pfsense 2.3-RELEASE, it took a string value such as U:10 or U:Data-vlan, and T:20 or T:Voice-vlan for untagged and... Vu Pham
01:26 PM Bug #8567 (New): Using IPv6 VIP alias for services may affect CARP IPv6 VIP work: During investigation of customer request found IPv6 VIP alias for services may affect CARP IPv6 VIP work. CARP IPv6 V... Constantine Kormashev
01:26 PM Bug #8566 (New): Wrong IPv6 source in NS request in case using of IPv6 alias: During investigation of customer request found system uses wrong IPv6 sources for NS requests therefore they never be... Constantine Kormashev
11:16 AM Bug #8427 (Duplicate): Missing Key lenght Selection dropdown list: Duplicate of #8543 (fixed on 2.4.4) Jim Pingle
08:25 AM Bug #7604: Bug #6594 is not resolved: Waiting for Internet connection to update pkg metadata and finish package reinstallation: A different workaround for those who are just trying to factory the unit:
Escape to shell, (Single user, CTRL+C)
... Gareth Hay
07:12 AM Bug #8565 (Rejected): NAT with IPSec: That version is over 6 years out of date. Problem reports against old, unsupported versions are not acceptable. Upgra... Jim Pingle
07:10 AM Bug #8565 (Rejected): NAT with IPSec: I have a configuration described in the Word attached document.
The version of the PFSENSE product is
2.0.1-RELEASE... Fabien DE BIASI
07:07 AM pfSense Packages Bug #8449: FRR 4.0 zebra daemon crashes: xavier Lemaire wrote:
> May be next release will be clean with us ?
> https://github.com/FRRouting/frr/releases/tag... Jim Pingle
03:57 AM pfSense Packages Bug #8449: FRR 4.0 zebra daemon crashes: May be next release will be clean with us ?
https://github.com/FRRouting/frr/releases/tag/frr-5.0
xavier Lemaire

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

07/11/2018

07/10/2018

07/09/2018

07/08/2018

07/07/2018

07/06/2018

07/05/2018

07/04/2018

07/03/2018

07/02/2018

06/30/2018

06/29/2018

06/28/2018

06/27/2018

06/26/2018

06/25/2018

06/24/2018

06/23/2018

06/22/2018

06/21/2018

06/20/2018

06/19/2018

06/18/2018

06/16/2018

06/15/2018

06/14/2018

06/13/2018

06/12/2018