Activity

30 days up to

User

Subprojects

Activity

From 07/18/2018 to 08/16/2018

08/13/2018

05:49 PM pfSense Packages Bug #8781 (Resolved): Suricata PHP error in 2.4.4 snapshot: Suricata gave the following error when upgrading from 2.4.3 to 2.4.4,
Crash report begins. Anonymous machine info... Rajil Saraswat
02:33 PM Feature #8052 (Rejected): Separate MTU interface values for IPv4 and IPv6: If you have a 6in4 tunnel with a lower MTU, then the lower MTU would go on the 6in4 tunnel, not the pfSense WAN. The ... Jim Pingle
01:18 PM Revision 1b74590a: Revise Netgate product links: Steve Beaver
10:03 AM Bug #8413: Virtual IP on PPPOE interface no longer working with 2.4.3: Same (error in log) happening here, but already on version 2.4.1-RELEASE (amd64) . PPOE-interface with virtual IPs (v... Felix Wolfsteller
08:43 AM Bug #6938: DNS with OpenVPN gateway specified is routed through wrong interface. 2.4 regression.: OK, that seems to be a workable solution.
Adding "8.8.8.8/32, 8.8.4.4/32" to "IPv4 Remote network(s)", results in ... Gavin Stewart
08:20 AM Bug #6938: DNS with OpenVPN gateway specified is routed through wrong interface. 2.4 regression.: That isn't a bug. You can't use static routes (like DNS server gateway selection) with OpenVPN.
If you want to rou... Jim Pingle
08:08 AM Bug #6938: DNS with OpenVPN gateway specified is routed through wrong interface. 2.4 regression.: This issue persists with pfSense 2.4.3_1 openvpn-2.4.4_1.
It has not been resolved as in bug #6883.
DNS servers... Gavin Stewart
08:32 AM pfSense Packages Bug #8780 (Resolved): Apcupsd PHP errors in 2.4.4 snapshot: I did an upgrade from 2.4.3 to 2.4.4 and recieved a bunch of errors for APCUPSD,
Crash report begins. Anonymous m... Rajil Saraswat

08/12/2018

08:21 AM pfSense Packages Bug #8779: PHP7: Cron package. PHP Warnings: There's a PR for this at https://github.com/pfsense/FreeBSD-ports/pull/549 Jim Pingle
08:15 AM pfSense Packages Bug #8779 (Resolved): PHP7: Cron package. PHP Warnings: In Cron package version 0.3.7_2... Steve Wheeler
08:07 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: At the risk of bumping a closed topic, I have an edge use case that could be considered if a gateway monitoring daemo... David Gessel

08/11/2018

03:45 PM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic: It is highly unlikely we'd be able to dedicate any resources toward adding this feature internally. Jim Pingle
03:39 PM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic: Jim Pingle wrote:
> If you'd like to configure that, you can set it as a system tunable under *System > Advanced*,... Matthew Staver
02:24 PM Feature #1933 (Resolved): Support for interface groups in NAT screens: Anonymous
02:24 PM Feature #1933: Support for interface groups in NAT screens: On 2.4.4.a.20180810.1552, was able to create an Interface Group, then a NAT Port Forward using the newly created Inte... Anonymous
10:39 AM Bug #8477: Gateway latency, units used inconsistently.: Before this gets closed out, can the PR 32 for the dpinger.c update get merged as well so everything is consistent (ms)? → luckman212
08:29 AM Bug #8477 (Resolved): Gateway latency, units used inconsistently.: Vladimir Lind
08:29 AM Bug #8477 (Confirmed): Gateway latency, units used inconsistently.: Tested on 2.4.4-DEVELOPMENT (arm) built on Thu Aug 02 10:54:34 EDT 2018
Looks good.
GW log:
Aug 10 14:25:12... Vladimir Lind
08:37 AM Bug #8680 (Resolved): PHP7: Adding a static gateway on an interface when none are already defined causes errors.: Created a gateway and then set it on an interface with "none" gateway - applied successfully
Tested on 2.4.4-DEVEL... Vladimir Lind
08:37 AM Bug #8766 (Resolved): Improve IPsec encryption and hash warnings: Chris Macmahon
08:37 AM Bug #8766: Improve IPsec encryption and hash warnings: The following notes are now on the ipsec p1 page:
Note: Blowfish, 3DES, CAST128, MD5, SHA1, and DH groups 1, 2, 22... Chris Macmahon
08:33 AM Feature #8101 (Resolved): Filter loop prevention: Got warning on 2.4.4-DEVELOPMENT (arm) built on Fri Aug 10 19:14:45 EDT 2018 when creating alias 'test_alias' with v... Vladimir Lind
08:21 AM Bug #8660 (Resolved): php undef constant breaks suricata: Vladimir Lind
08:20 AM Bug #8660 (Confirmed): php undef constant breaks suricata: Looks good on 2.4.4-DEVELOPMENT (arm) built on Thu Aug 02 10:54:34 EDT 2018 Vladimir Lind
07:08 AM Feature #8777 (Duplicate): DHCPD - WebGUI Permit Classes and Matches If: Permit from pfsense dhcp server gui to assign pools with classes and match if statements. For example for vendor-clas... Abraham Fernandez
05:51 AM pfSense Packages Bug #8491: ACME: DNS-Luadns not working: Issue still exists in Version 0.3.1_1. Anonymous

08/10/2018

04:45 PM Revision e4d4aa92: Upgrade config : Move captiveportal authentication to use user manager: A FL
04:45 PM Revision b60a39ae: Update and clarify captiveportal GUI settings: A FL
04:45 PM Revision 86e6a40b: Obsolete old captiveportal radius files: A FL
04:45 PM Revision e42ea151: Update captiveportal RADIUS Accounting: A FL
04:44 PM Revision eb43c5b1: Make captiveportal use user manager as auth source: A FL
04:14 PM pfSense Packages Bug #8749: OSPF6 nssa not working: Update:
It doesn't seem like FRR supports the NSSA area type. In fact, according to the documentation, it looks like... Marc Planquart
03:15 PM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic: We have set it to @deferred@ in the past on i386 to avoid a crash it otherwise encountered, but we do not explicitly ... Jim Pingle
02:58 PM Feature #8775: Use SRV record for LDAP Authentication: pfSense is at the mercy of the PHP LDAP module here, which itself uses OpenLDAP.
There isn't a way I could see to ... Jim Pingle
10:57 AM Bug #8071: DNSimple support for Dynamic DNS no longer working: PR URL: https://github.com/pfsense/pfsense/pull/3946 Jim Pingle
07:38 AM Bug #8071 (Feedback): DNSimple support for Dynamic DNS no longer working: PR merged Jim Pingle
10:51 AM Revision fc6ef501: Merge pull request #3946 from martinisoft/martinisoft/dnsimple_v2_api: Renato Botelho
10:49 AM Revision 6b51f773: Merge pull request #3934 from PiBa-NL/20180406-outboundnat-ipv6-mixedaddresses: Renato Botelho
10:37 AM pfSense Packages Bug #8751: FRR prefix lists issues: To re-create the problem, I entered a network with a prefix of X, a minimum prefix equal to X and a maximum prefix eq... Marc Planquart
07:40 AM pfSense Packages Bug #8751: FRR prefix lists issues: If the UI validation is wrong that could still be a bug. What did it allow you to enter incorrectly, and where? It wo... Jim Pingle
06:21 AM pfSense Packages Bug #8751: FRR prefix lists issues: I found the issue. This is not a bug but more a UI validation issue.
When things are entered as expected by FRR, it ... Marc Planquart
07:39 AM pfSense Packages Bug #8756 (Feedback): Add check_swap to nrpe package: PR merged Jim Pingle
07:38 AM Bug #8437 (Feedback): invalid outbound nat rules written when using ipv6 rules on interfaces that also have ipv4 adresses..: PR merged Jim Pingle

08/09/2018

06:26 PM Feature #8775 (New): Use SRV record for LDAP Authentication: Maybe it is me, but, using an SRV record to resolve to either SSL or TLS LDAP server doesn't work. IMO, this would p... fw admin
06:17 PM Revision bd479520: Fixed #8654: Fixed PHP7 issue causing separators not to work at all
(cherry picked from commit ef3d2cadcd24bccc527c2706aaccd809fd... Steve Beaver
06:17 PM Revision d55b5504: Fixed #8654: Fixed PHP7 issue causing separators not to work at all
(cherry picked from commit ef3d2cadcd24bccc527c2706aaccd809fd... Steve Beaver
06:17 PM Revision e6138f40: Fixed #8654: Fixed PHP7 issue causing separators not to work at all
(cherry picked from commit ef3d2cadcd24bccc527c2706aaccd809fd... Steve Beaver
03:57 PM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic: There has been a flurry of activity on this freebsd bug post. It sounds like the issue is a hardware limitation in t... Matthew Staver
01:19 PM Revision 8dc22425: Update translation files: Renato Botelho
01:19 PM Revision f2dd1fb6: Regenerate pot: Renato Botelho
01:01 PM pfSense Packages Bug #8774 (Resolved): Whitelist ALC type not supported by ssl_bump: The general purpose whitelist (@/var/squid/acl/whitelist.acl@) uses a @dstdom_regex@ ACL. @dstdomain@ ACLs do not wor... Ortwin Angermeier
12:48 PM pfSense Docs New Content #8773 (Closed): Add VPN Throughput Tuning info: Need to add a page to the docs about VPN throughput tuning
Example info that needs to go on the page:
* Use AES-N... Jim Pingle
12:34 PM Revision 5f1aaed4: Normalize RADIUS accounting: A FL
12:34 PM Revision f15fdef3: Normalize RADIUS authentication: A FL
09:12 AM Bug #8758: filterdns stops working on a regular basis.: I had this happen on my edge firewall which is running a snapshot from earlier this week. The pf tables with entries ... Jim Pingle
09:00 AM Bug #7801: UDP fragments received over IPsec tunnel are not properly reassembled and forwarded: Hi,
I have a similar issue with fragmented packets send/received over IPsec tunnel.
Finally, I manage to update _/... Franciszek Koltuniuk
08:20 AM Bug #8519 (Resolved): pfSense update from the webGUI fails: System was running a modified version. Renato Botelho
05:47 AM Bug #8736: default gateway not working after upgrade to 2.4.3-RELEASE-p1: Wow, it feels to you like support request? Well the border between that and bug report is nonexistant, so I undertsta... david ricar

08/08/2018

07:57 PM Revision 91244542: Add GUI control for IPsec async crypto. Implements #8772: Jim Pingle
06:18 PM Revision 9145c7e7: include IPv6 in $tonathosts so nat rules can be expanded properly when IPv6 rules are made: PiBa-NL
05:13 PM Bug #8618: 2.4.4 *possible bug* with Intel C3858 and Interface Auto-Detection on 10Gb interfaces: Clinton Cory wrote:
> This appears to be working now.
Thank you for helping get this Ironed out for the new platf... Kevin Boatswain
05:10 PM Bug #8618 (Closed): 2.4.4 *possible bug* with Intel C3858 and Interface Auto-Detection on 10Gb interfaces: This appears to be working now. Clinton Cory
01:19 PM Bug #8618 (Ready To Test): 2.4.4 *possible bug* with Intel C3858 and Interface Auto-Detection on 10Gb interfaces: 2.4.4 pfSense installer will enable OPT IX interfaces by default rather than just assigning the IX interface to OPT*
... Clinton Cory
04:58 PM Revision bb7af0ee: Remove pfsense => pfSense nonsense that was breaking wizrd hyperlinks that included hte product name: Steve Beaver
03:05 PM Feature #8772 (Feedback): Add GUI option for async crypto: Applied in changeset commit:912445421161939847112a21ae1114269dc4b882. Jim Pingle
02:54 PM Feature #8772 (Resolved): Add GUI option for async crypto: We pulled in patches for net.inet.ipsec.async_crypto which allows multi-threading for IPsec crypto jobs, but there is... Jim Pingle
02:15 PM Bug #8757 (Resolved): PHP Warning: A non-numeric value encountered in /etc/inc/shaper.inc on line 467: Pi Ba wrote:
> The error no longer happens on 2.4.4-DEVELOPMENT (amd64) built on Wed Aug 08 12:58:30 EDT 2018
> So ... Jim Pingle
12:53 PM Bug #8757: PHP Warning: A non-numeric value encountered in /etc/inc/shaper.inc on line 467: The error no longer happens on 2.4.4-DEVELOPMENT (amd64) built on Wed Aug 08 12:58:30 EDT 2018
So in that regard it ... Pi Ba
01:24 PM Bug #8707: New PHP Error [/etc/inc/gwlb.inc]: After more days of running, you sir are accurate, my idea is a non-start fail but you knew that. :)
With your patc... Tyler L
11:15 AM Bug #8771: OpenVPN "custom options" box in GUI loses CR/LF (linefeeds) on save/reload meaning that OpenVPN then fails to start: Ok thanks - though semicolon in OpenVPN conf files designates a comment. Anyone cutting and pasting options and comm... Andrew -
11:08 AM Bug #8771 (Not a Bug): OpenVPN "custom options" box in GUI loses CR/LF (linefeeds) on save/reload meaning that OpenVPN then fails to start: The CR/LF inconsistency is why the custom options must be separated by a semicolon (@;@) and *not* a CR/LF. This is s... Jim Pingle
11:05 AM Bug #8771 (Not a Bug): OpenVPN "custom options" box in GUI loses CR/LF (linefeeds) on save/reload meaning that OpenVPN then fails to start: Apologies if I've missed it, but I couldn't see this issue has already been reported.
If you enter multiple custom... Andrew -
08:44 AM Bug #8759: Apply changes cause openVpn Client disconnect to OpenVpn Server: Ok solved,
I have unchecked "State Killing on Gateway Failure" in system > Advanced > Miscellanous.
I have a backup... Tomas Modenese
04:58 AM Bug #8759: Apply changes cause openVpn Client disconnect to OpenVpn Server: Ok , I managed to fix the Sync error, but the Site to Site still restart after "apply changes"
I have other 3 firewa... Tomas Modenese
08:25 AM Bug #8770 (New): QinQ interfaces always show as active: In current 2.4.4 snapshots QinQ interface always appear to be UP and show carrier even when the parent interface (and... Steve Wheeler
08:17 AM Bug #8446 (Resolved): QinQ interfaces are assigned incorrectly: Steve Wheeler
07:26 AM pfSense Packages Feature #8769: Allow FreeRADIUS users to change their own Passwords and Pins: Changed title and other info -- this would need to be a new feature in the FreeRADIUS package and not a part of the b... Jim Pingle
07:17 AM pfSense Packages Feature #8769: Allow FreeRADIUS users to change their own Passwords and Pins: Please correct spelling of FreeRadius in title NCATS LAB
06:52 AM pfSense Packages Feature #8769: Allow FreeRADIUS users to change their own Passwords and Pins: Also request confirmation fields for password, pins and the like. NCATS LAB
06:43 AM pfSense Packages Feature #8769 (New): Allow FreeRADIUS users to change their own Passwords and Pins: Request ability to have Group Permissions which allow a regular radius user (not privileged) to change their own pass... NCATS LAB
06:38 AM Feature #3329: Allow creating "not" rules for IPsec Phase 2: Strongly Request feature.
We just lost a lot of time because this isn't implemented on SG-4860s.
On our REMOT... NCATS LAB
05:58 AM pfSense Packages Bug #8580 (Closed): HAProxy produces intermittent 504 errors and sR–: Renato Botelho
02:56 AM pfSense Packages Bug #8580: HAProxy produces intermittent 504 errors and sR–: The newest pfSense HAProxy package installs 1.7.11 now. Can this be closed now? → luckman212
05:58 AM Bug #3720 (Resolved): Captive portal on httpS redirect to a http page: Renato Botelho
02:49 AM Bug #3720: Captive portal on httpS redirect to a http page: As this was a bug 4 years ago, I think it is fixed now because I also don't have the issue anymore in the latest vers... Sander Naudts

08/07/2018

07:18 PM Bug #8446: QinQ interfaces are assigned incorrectly: This looks good now:... Steve Wheeler
06:36 PM pfSense Packages Bug #8754 (Assigned): PHP7: Suricata Package, various php warnings: Original error looks good in Surucata package 4.0.13_2.
But I'm now seeing:... Steve Wheeler
06:16 PM Bug #3720: Captive portal on httpS redirect to a http page: I could not reproduce this using Firefox on Linux. Entering "http://http.badssl.com" in after-authentication URL whil... A FL
05:09 PM Revision 7140cb27: PHP7 related, cast bandwitdh to int to make sure it is a numeric value Fixes #8757: Stephen Jones
05:00 PM Revision 26ee3418: Revise Netgate links: Steve Beaver
03:47 PM Bug #8768 (Resolved): IP Aliases with CARP VIP parent need reinitialized after interface event: IP Aliases with CARP VIP parent need reinitialized after interface event
Fixed by PR https://github.com/pfsense/pf... Jim Pingle
03:45 PM Bug #8767 (Resolved): ID handling problem with DNS Forwarder host override management: When editing or deleting DNS Forwarder host entries, occasionally the ID numbers can get out of alignment, leading to... Jim Pingle
03:42 PM Bug #8766 (Resolved): Improve IPsec encryption and hash warnings: The selections for IPsec encryption and hash have some options that should be warned against or explained better. The... Jim Pingle
03:39 PM Bug #8765 (Resolved): Per-user firewall rules for IPsec do not work: The IPsec attribute code which processes firewall rules passed back through authentication is missing spaces, causing... Jim Pingle
03:27 PM Bug #6237 (Feedback): RADVD, Route Information Option type 24, Multiple IPv6 gateways: Apparently fixed by https://github.com/pfsense/pfsense/pull/3918 which was merged a while ago Jim Pingle
03:23 PM Feature #1933 (Feedback): Support for interface groups in NAT screens: Implemented by https://github.com/pfsense/pfsense/pull/3912 which was merged a few months ago Jim Pingle
03:21 PM Bug #8367 (Feedback): Traffic Graph widget shows Inverse view, even when Inverse is set to Off.: PR was merged some time ago Jim Pingle
03:17 PM Feature #7769 (Feedback): DynDNS: Azure integration, update record in Azure (Dynamic DNS Client): PR was merged several months ago
https://github.com/pfsense/pfsense/pull/3926 Jim Pingle
02:59 PM Todo #8764 (Resolved): Rewrite crash reporter to download files locally rather than upload to a server: Rewrite the crash reporter so users can download files locally rather than upload to a server, and then if needed the... Jim Pingle
02:55 PM Bug #8763: SG-2220 Reset Button does not work: Actually this one was fixed in 2.4.3_1 Jim Pingle
02:54 PM Bug #8763 (Resolved): SG-2220 Reset Button does not work: SG-2220 Reset Button does not work.
Fixed in commit:bb787f3d54893161227d9c3a05acfee89513f008 but did not have a Re... Jim Pingle
02:51 PM Bug #8762 (Resolved): PHP OpenSSL CRL patch fails with PHP 7.2: Change CRL generation to a "pure PHP implementation":https://github.com/ukrbublik/openssl_x509_crl/ which works with ... Jim Pingle
02:48 PM Feature #8418 (Resolved): OCSP Stapling: This was merged and tested a few months ago Jim Pingle
01:10 PM pfSense Packages Bug #8761: Port Forwarding Rules Stop Working when HAProxy is Configured: When they can't be reproduced as stated, yes. See https://www.netgate.com/docs/pfsense/development/bug-reporting.html Jim Pingle
01:07 PM pfSense Packages Bug #8761: Port Forwarding Rules Stop Working when HAProxy is Configured: Jim Pingle wrote:
> That's a question that can only be answered by discussing the issue on the forum or the pfSense ... Acat L
12:59 PM pfSense Packages Bug #8761: Port Forwarding Rules Stop Working when HAProxy is Configured: That's a question that can only be answered by discussing the issue on the forum or the pfSense subreddit. Jim Pingle
12:54 PM pfSense Packages Bug #8761: Port Forwarding Rules Stop Working when HAProxy is Configured: Jim Pingle wrote:
> Duplicate of #8760
>
> Please post on the forum or pfSense subreddit to discuss the problem.
... Acat L
12:53 PM pfSense Packages Bug #8761 (Duplicate): Port Forwarding Rules Stop Working when HAProxy is Configured: Duplicate of #8760
Please post on the forum or pfSense subreddit to discuss the problem. Jim Pingle
12:49 PM pfSense Packages Bug #8761 (Duplicate): Port Forwarding Rules Stop Working when HAProxy is Configured: HAProxy version: 1.7.11
pfSense version: 2.4.3-RELEASE-p1 (amd64)
built on Thu May 10 15:02:52 CDT 2018
FreeBSD ... Acat L
12:47 PM Revision 10511c3b: Fix #7604: Rework pkg reinstall on config restore: - Remove old code needed to upgrade fom < 2.3 to 2.3
- Simplify logic using a single file /conf/needs_package_sync
- ... Renato Botelho
12:46 PM pfSense Packages Bug #8760: Port Forwarding Rules Stop Working when HAProxy is Configured/Running: I've been able to reproduce it 5x already. It specifically occurs when a new BE is created.
My setup has 2 test N... Acat L
12:40 PM pfSense Packages Bug #8760 (Rejected): Port Forwarding Rules Stop Working when HAProxy is Configured/Running: Not enough information here. Many, many people are successfully using haproxy and port forwards (including me). It's ... Jim Pingle
12:18 PM pfSense Packages Bug #8760: Port Forwarding Rules Stop Working when HAProxy is Configured/Running: HAProxy version: 1.7.11
pfSense version: 2.4.3-RELEASE-p1 (amd64)
built on Thu May 10 15:02:52 CDT 2018
FreeBSD ... Acat L
12:16 PM pfSense Packages Bug #8760 (Rejected): Port Forwarding Rules Stop Working when HAProxy is Configured/Running: *HAProxy version*: 1.7.11
*pfSense version*: 2.4.3-RELEASE-p1 (amd64)
built on Thu May 10 15:02:52 CDT 2018
Free... Acat L
12:46 PM Revision d8954a33: index.php doesn't need to care about needs_package_sync: Renato Botelho
12:46 PM Revision 22e3bc56: Do not remove needs_package_sync file when it's not needed: Renato Botelho
12:43 PM Revision eafd1610: Use packagelock flag for checking: Renato Botelho
12:42 PM Revision 5f1becd8: Do not run rc.start_packages when restoring a config backup: Renato Botelho
12:40 PM Revision 1220cb90: Add missing -f to make pfSense-upgrade to remove all packages when restore factory default: Renato Botelho
12:35 PM Bug #8722 (Resolved): ACB issue after upgreade 2.4.4-DEV 20180728 up to current snap: Confirmed working after upgrade 2.4.3 with pfSense-AutoConfigBackup installed to 2.4.4... Renato Botelho
09:28 AM Bug #8722 (Feedback): ACB issue after upgreade 2.4.4-DEV 20180728 up to current snap: I've reworked pfSense-upgrade to remove unexistent ports in the first stage of upgrade process, before reboot. With t... Renato Botelho
08:21 AM Bug #8722: ACB issue after upgreade 2.4.4-DEV 20180728 up to current snap: It is being removed, but it's being removed too late for it to avoid the ACB conflict... Jim Pingle
12:21 PM Revision 6f2bad18: Start packages after pfSense-upgrade finished: Renato Botelho
12:18 PM pfSense Packages Bug #8454: Arpwatch package break email notifications from other sources: The Debian port of Arpwatch allows you to specify a different sendmail program, but I don't think that is in the vers... Yehuda Katz
12:06 PM pfSense Packages Bug #8454: Arpwatch package break email notifications from other sources: No, because that only manages the name of the link created by the script, it does not control what arpwatch uses. Jim Pingle
11:53 AM pfSense Packages Bug #8454: Arpwatch package break email notifications from other sources: Jim Pingle wrote:
> Arpwatch cannot be configured to use an alternate sendmail or mail delivery mechanism.
Cant w... Joshua Diamant
11:39 AM pfSense Packages Bug #8454: Arpwatch package break email notifications from other sources: Arpwatch cannot be configured to use an alternate sendmail or mail delivery mechanism. Jim Pingle
11:30 AM pfSense Packages Bug #8454: Arpwatch package break email notifications from other sources: I am also having this issue now that I installed arpwatch. I am starting to get emails from cron and other packages s... Joshua Diamant
12:15 PM Bug #8757 (Feedback): PHP Warning: A non-numeric value encountered in /etc/inc/shaper.inc on line 467: Applied in changeset commit:7140cb27fe6908d9b82307a5152f46d86ae06a69. Anonymous
08:58 AM Bug #8757: PHP Warning: A non-numeric value encountered in /etc/inc/shaper.inc on line 467: Anonymous
12:08 PM Bug #8720: restricting packages to official repository: Thanks for the clarification Jim. Do you have a list of requirements for packages being accepted into the pfsense rep... Arthur Wiebe
11:47 AM Bug #8720 (Not a Bug): restricting packages to official repository: This message will appear in the release notes and explains the change in behavior:
> Third party packages from *al... Jim Pingle
11:55 AM Revision 26dc7555: Improve readability on booting message: Renato Botelho
11:12 AM Revision 4221eba1: Remove code used to upgrade from < 2.3 to 2.3: Renato Botelho
11:06 AM Bug #8759 (Not a Bug): Apply changes cause openVpn Client disconnect to OpenVpn Server: It sounds like it may be an issue with your settings or HA configuration. Please post to the forum or pfSense subredd... Jim Pingle
10:58 AM Bug #8759 (Not a Bug): Apply changes cause openVpn Client disconnect to OpenVpn Server: HI,
in my cient Firewall connected to my Server Firewall trough a SITE to SITE (P2P SSL/TLS) , after i hit the "a... Tomas Modenese
10:52 AM Revision c165834f: Simplify logic and break some long lines: Renato Botelho
10:52 AM Revision 8abca040: Do not rely on internet connection when running 2nd/3rd upgrade stages: Renato Botelho
10:45 AM Bug #8741 (Resolved): IP Alias and CARP VIP subnet remains set to /128 for IPv4 address: Anonymous
10:44 AM Bug #8741: IP Alias and CARP VIP subnet remains set to /128 for IPv4 address: On 2.4.4.a.20180807.0855, cannot reproduce. Anonymous
09:30 AM Bug #8725 (Not a Bug): Packages not uninstalled when removed from package repo: This is not the case. As JimP pointed they are removed but it's too late for ACB. I made a change on pfSense-upgrade ... Renato Botelho
08:19 AM Bug #8725: Packages not uninstalled when removed from package repo: It is being removed, but it's being removed too late for it to avoid the ACB conflict noted in #8722
Jim Pingle
09:01 AM Bug #8519: pfSense update from the webGUI fails: Debugging shows that the PID file used to determine whether the upgrade process is still running goes away unexpected... Anonymous
08:07 AM pfSense Packages Bug #8716 (In Progress): Suricata package does not survive pfSense upgrade.: Renato Botelho
08:00 AM Bug #7604 (Feedback): Bug #6594 is not resolved: Waiting for Internet connection to update pkg metadata and finish package reinstallation: Applied in changeset commit:10511c3b024620f094146e58acf1ed2f4ea9fa41. Renato Botelho

08/06/2018

09:14 PM Revision cbd8464e: Fixes #8741 make sure type is selected before specifying address(es): Stephen Jones
05:53 PM Bug #8519: pfSense update from the webGUI fails: I have one test box which hits this on every single update. Always reports failure. Always updates fine in the backgr... Steve Wheeler
05:41 PM Revision df0a71cb: Add IPv6 version of IPv4 private nets to DNS Rebinding list. Fixes #8750: Jim Pingle
05:16 PM Bug #8758 (Closed): filterdns stops working on a regular basis.: filterdns stops working on a regular basis.
Ive found that filterdns stops working after a short while (a few days... Pi Ba
05:00 PM Bug #8757 (Resolved): PHP Warning: A non-numeric value encountered in /etc/inc/shaper.inc on line 467: Crash report begins. Anonymous machine information:
amd64
11.2-RELEASE
FreeBSD 11.2-RELEASE #51 cd0e4c8cf25(REL... Pi Ba
04:20 PM Bug #8741 (Feedback): IP Alias and CARP VIP subnet remains set to /128 for IPv4 address: Applied in changeset commit:cbd8464e9d4fa765c1d4961ac30bfbecce85d6d2. Anonymous
02:08 PM Bug #8741: IP Alias and CARP VIP subnet remains set to /128 for IPv4 address: Anonymous
04:00 PM Revision 169fad08: Fixes #8101 added an input error if the alias name was equal to the alias value: Stephen Jones
02:05 PM Bug #6880: Multiple DHCP6 WAN connections leads to multiple dhcp6c clients: Daniel Helgenberger wrote:
> Luke Hamburg wrote:
> > Thanks. I first checked out master and didn't find that commi... Tony Martino
01:43 PM Revision 7719b399: Revise setup wized for consistency: Steve Beaver
12:50 PM Bug #8750 (Feedback): DNS Rebinding check fails to block IPv6 representation of IPv4 addresses in Unbound: Applied in changeset commit:df0a71cbf096e4990d302a12bd274d8e47102957. Jim Pingle
12:26 PM pfSense Packages Bug #8718 (Feedback): PHP Warning: Illegal string offset 'config' in /usr/local/pkg/net-snmp.inc on line 403: Latest one should be fixed now in commit:66bb50880166 (pkg version 0.1.5_2) Jim Pingle
11:10 AM Feature #8101 (Feedback): Filter loop prevention: Applied in changeset commit:169fad085845c4e4f78c43a73bf0d40332ae2673. Anonymous
09:05 AM Feature #8101 (In Progress): Filter loop prevention: Anonymous
10:37 AM pfSense Packages Bug #8749: OSPF6 nssa not working: The directive is not set in vtysh because the nssa directive is not recognized. Only normal areas and stub areas seem... Marc Planquart
09:42 AM pfSense Packages Feature #8755 (Rejected): Add check_: Anonymous
09:26 AM pfSense Packages Feature #8755: Add check_: Somehow hit enter by mistake, please cancel this! Zachary McGibbon
09:24 AM pfSense Packages Feature #8755 (Rejected): Add check_: Zachary McGibbon
09:26 AM pfSense Packages Bug #8754 (Feedback): PHP7: Suricata Package, various php warnings: Anonymous
09:23 AM pfSense Packages Bug #8754 (In Progress): PHP7: Suricata Package, various php warnings: Anonymous
08:58 AM pfSense Packages Bug #8754 (Resolved): PHP7: Suricata Package, various php warnings: ... Steve Wheeler
09:25 AM pfSense Packages Bug #8756 (Resolved): Add check_swap to nrpe package: It feels like the check_swap command should be one of the default nrpe commands. I ran into some issues with my swap ... Zachary McGibbon
07:44 AM Bug #1875 (Resolved): Captive Portal Voucher Error Messages won´t accept Umlauts: Jim Pingle
04:38 AM Bug #1875: Captive Portal Voucher Error Messages won´t accept Umlauts: I confirm : duplicate + resolved. This can be closed. A FL
07:39 AM Feature #5112 (In Progress): LDAP support for Captive Portal: Renato Botelho
07:39 AM Bug #8655 (In Progress): Radius Accounting updates are not sent in a particular situation: Renato Botelho
07:38 AM Feature #3686 (In Progress): Distinguish services when sending authentication request to RADIUS server: Renato Botelho
07:38 AM Feature #8361 (In Progress): Add entered name to captive portal status and logs: Renato Botelho
07:38 AM Feature #4294 (In Progress): Add additonal option to RADIUS Called-Station-Id value: Renato Botelho
05:53 AM pfSense Packages Bug #8752: For SquidGuard in "Common ACL" menu "Target Rules List" "access" option always stays with default value '---' for my Target category: Also, I found that when I chose "Deny" for my category and pressed "Save", I had "Target Rules": "!BlockSomeSites all... Azamat Khakimyanov
05:17 AM pfSense Packages Bug #8752 (New): For SquidGuard in "Common ACL" menu "Target Rules List" "access" option always stays with default value '---' for my Target category: I tried on 2.4.4-DEV 20180801 and 20180805 with the same result
I created Target Category "BlockSomeSites", then i... Azamat Khakimyanov
05:39 AM Bug #8595 (Resolved): Maybe a new mpd5-x+1 MTU ISSUE WITH ORANGE FR: Renato Botelho

08/05/2018

08:00 AM pfSense Packages Bug #8751 (Resolved): FRR prefix lists issues: Problem1 (bug):
Create prefix-list in the UI
Check prefix-list in vtysh
prefix-list doesn't exist
Note: prefix li... Marc Planquart
04:17 AM Bug #8750: DNS Rebinding check fails to block IPv6 representation of IPv4 addresses in Unbound: Forget link to thread discussing it
https://forum.netgate.com/topic/133497/dns-rebind-protection-not-working
Grea... JohnPoz _

08/04/2018

09:53 PM Bug #8750 (Resolved): DNS Rebinding check fails to block IPv6 representation of IPv4 addresses in Unbound: Not sure if this also affects DNSMasq.
If DNS Rebinding check is not disabled in Settings > Advanced, and a DNS se... Anonymous
07:31 PM pfSense Packages Bug #8749 (Resolved): OSPF6 nssa not working: Checked with version 2.4.3-1 and the latest 2.4.4!
In ospf6d.conf:
router ospf6
router-id 62.48.65.10
inter... Marc Planquart
11:30 AM Bug #8595: Maybe a new mpd5-x+1 MTU ISSUE WITH ORANGE FR: thank you ! sorry for the lag... running the last version
FreeBSD pfSense.xxxxxxx 11.2-RELEASE FreeBSD 11.2-RELEAS... xavier Lemaire
03:14 AM Bug #8465: Lost default gateway after recover from failover with CARP VIP and HA: I was able to reproduce excactly the same issue with 2.4.3-p1-x64 and with 2.4.4.a.20180803.0952 as well.
*Setup o... Tom Huerlimann

08/03/2018

05:45 PM Bug #8746 (Resolved): StrongSwan 4.4.0 -> 5.6.2 buffer underflow leading to denial of service - CVE-2018-5388: strongSwan 5.6.3 is already in 2.4.4 snapshots. Jim Pingle
05:35 PM Bug #8746 (Resolved): StrongSwan 4.4.0 -> 5.6.2 buffer underflow leading to denial of service - CVE-2018-5388: StrongSwan 5.6.3 was been released on May 31, 2018 to address this issue.
My reading of this issue is it can be ex... Phil Brutsche
04:05 PM Feature #8742 (Resolved): Remove some legacy code in auth.inc: Anonymous
04:04 PM Feature #8742: Remove some legacy code in auth.inc: Tested on 2.4.4.a.20180803.1120 (gitsync'd to master), looks good. Anonymous
03:43 PM Feature #8742 (Feedback): Remove some legacy code in auth.inc: PR was merged earlier today. Jim Pingle
07:56 AM Feature #8742 (Resolved): Remove some legacy code in auth.inc: For completeness, I'm posting a redmine for this. Copy and pasting from PR3969:
https://github.com/pfsense/pfsense/p... → luckman212
03:55 PM pfSense Packages Bug #8718 (New): PHP Warning: Illegal string offset 'config' in /usr/local/pkg/net-snmp.inc on line 403: Anonymous
03:54 PM pfSense Packages Bug #8718: PHP Warning: Illegal string offset 'config' in /usr/local/pkg/net-snmp.inc on line 403: On 2.4.4.a.20180803.1120 (gitsync'd to master), install net-snmp package, visit Services > SNMP (NET-SNMP), click on ... Anonymous
03:43 PM pfSense Packages Feature #8731 (Feedback): FreeIPA support in FreeRADIUS package: PR was merged earlier today. Jim Pingle
03:42 PM Bug #8446 (Feedback): QinQ interfaces are assigned incorrectly: PR was merged earlier today. Jim Pingle
03:41 PM Feature #7623 (Resolved): Allow L2TP user passwords to contain special characters: Anonymous
03:40 PM Feature #7623: Allow L2TP user passwords to contain special characters: On 2.4.4.a.20180803.1120 (gitsync'd to master), was unable to produce an error when inputting password with special c... Anonymous
03:20 PM Bug #8745 (Resolved): Adding a bridge generates a crash report.: Visit Interfaces > Assignments, then click on Bridges. Once there, click +Add, select an interface or interfaces, sli... Anonymous
03:19 PM Revision 4da0767b: Fix #8595: Implement MTU override option that allow client to force a bigger MTU
value than the one negotiated on LCP that is kn... Renato Botelho
02:33 PM Revision 86ad5d27: Merge pull request #3969 from luckman212/2y-prefix-is-ok: Steve Beaver
02:06 PM Revision 65b5efa7: Add config function init_config_arr(): This function initializes a set of nested keys under $config to avoid multiple levels of manual is_array() checks and... Jim Pingle
02:05 PM pfSense Packages Bug #8670: HAProxy PHP error: I'm going to revisit all those items.. and get rid of this kind of array lookup completely replacing them with this s... Pi Ba
11:45 AM pfSense Packages Bug #8670 (New): HAProxy PHP error: Yes, this is still about PHP7 array issues, and there are a few outstanding. Here is one that happens with a clean in... Jim Pingle
01:56 PM Revision 69c8e5c2: Merge pull request #3968 from stephenw10/master: Steve Beaver
01:54 PM Revision 48fa342d: Merge pull request #3967 from PiBa-NL/20180729-alias-with-carp-parent: Steve Beaver
01:48 PM Bug #8744 (Resolved): Re-configuring an enabled captiveportal cause ipfw to drop all traffic, pfSense_ipfw_tables_list() is to blame (PHP 7 related?): This happens only on recent dev snapshots, not on stable release.
Steps to follow to reproduce the bug:
1) Cre... A FL
01:27 PM Feature #8187 (Resolved): Gateways, allow for configuring a gatewaygroup as the default gateway. #3781: Anonymous
01:09 PM pfSense Packages Bug #8716: Suricata package does not survive pfSense upgrade.: Renato Botelho
01:09 PM Bug #8725: Packages not uninstalled when removed from package repo: Renato Botelho
12:29 PM Revision 0e4b0d6d: Remove unnecessary 'pppoe' class: Renato Botelho
12:07 PM Revision 25355cb8: Revise page footer height: Steve Beaver
11:50 AM Revision 6c0bb59f: Show/hide pppoe-multilink-over-singlelink advanced option: Steve Beaver
11:38 AM Bug #8730 (Resolved): NAT PHP7 errors.: Anonymous
11:37 AM Bug #8730: NAT PHP7 errors.: On 2.4.4.a.20180803.1120, cannot reproduce. Anonymous
11:37 AM Bug #8732 (Resolved): PHP7 errors in DHCP: Anonymous
11:19 AM Bug #8728 (Resolved): Can not create VIP after deleting existed one: Anonymous
11:06 AM Bug #8595: Maybe a new mpd5-x+1 MTU ISSUE WITH ORANGE FR: A new round of snapshots of 2.4.4 are ready for testing. Renato Botelho
10:20 AM Bug #8595 (Feedback): Maybe a new mpd5-x+1 MTU ISSUE WITH ORANGE FR: Applied in changeset commit:4da0767b978b5b93e6bf6556e8edd323af7ca3d4. Renato Botelho
10:21 AM Todo #8743 (New): Gateway Groups page should list gateways in tier order: The Gateway Groups page (system_gateway_groups.php) lists gateways within a group in alpha order. I think it makes mo... Mitch Claborn
09:45 AM Feature #8101: Filter loop prevention: Anonymous
07:46 AM pfSense Packages Bug #8710 (Resolved): OpenVPN Shared Key Export: Jim Pingle
07:32 AM Bug #8667: VU#857035 - IKE Protocol Vulnerability: OK so all that's left here is to wait and see what, if anything, strongSwan may offer in response. Publication deadli... Jim Pingle
07:27 AM Feature #8635 (Resolved): "Remote/local subnets" in routed IPsec renaming: Jim Pingle
05:39 AM Revision 89ae6f1f: Removes some legacy code in auth.inc: There was a compat issue between PHP's $2y$ bcrypt hashes and
older versions of FreeBSD. However, this compat issue w... → luckman212

08/02/2018

10:07 PM Bug #8741 (Resolved): IP Alias and CARP VIP subnet remains set to /128 for IPv4 address: Visit Firewall > Virtual IPs, click +Add, click the Address(es) field, type in an IPv4 address, click IP Alias, click... Anonymous
09:47 PM Bug #8728: Can not create VIP after deleting existed one: On On 2.4.4.a.20180802.1755 (gitsync'd to master), was able to create a VIP, delete it, and create another using all ... Anonymous
09:43 PM Bug #8708 (Resolved): Squidguard > Target categories > Order description typo: Anonymous
09:42 PM Bug #8708: Squidguard > Target categories > Order description typo: On 2.4.4.a.20180802.1755 (gitsync'd to master) with squid version 1.16.17_1, the description now reads:... Anonymous
02:26 PM Bug #8708 (Feedback): Squidguard > Target categories > Order description typo: Fixed in commit:cb065e364345e2ccda3a161bb330e3a81f6aa2e3 (squidGuard pkg version 1.16.17_1) Jim Pingle
02:05 PM Bug #8708: Squidguard > Target categories > Order description typo: Jim Pingle
09:49 AM Bug #8708: Squidguard > Target categories > Order description typo: Should be "ACLs" (No apostrophe) Anonymous
09:23 PM Feature #8635: "Remote/local subnets" in routed IPsec renaming: On 2.4.4.a.20180802.1755 (gitsync'd to master):
Selecting Mode Tunnel IPv4/IPv6 presents the following message bel... Anonymous
09:17 PM Bug #8673 (Resolved): Bridge interface php error: Anonymous
08:22 PM Bug #8673: Bridge interface php error: On 2.4.4.a.20180802.1755 (gitsync'd to master), cannot reproduce the issue.
However, a crash is still being genera... Anonymous
02:15 PM Bug #8673: Bridge interface php error: Applied in changeset commit:0f7b4271c6e7912d077d21149752c9a147fbc543. Anonymous
02:10 PM Bug #8673 (Feedback): Bridge interface php error: Anonymous
02:06 PM Bug #8673 (In Progress): Bridge interface php error: Anonymous
02:05 PM Bug #8673: Bridge interface php error: Anonymous
09:12 PM Bug #8667: VU#857035 - IKE Protocol Vulnerability: On 2.4.4.a.20180802.1755 (gitsync'd to master), seeing the warning message about the PSK... Anonymous
09:03 PM Bug #8120 (Resolved): Unable to disable DHCP Server on interface when DNS Resolver "DHCP Registration" is enabled: Anonymous
08:56 PM Bug #8120: Unable to disable DHCP Server on interface when DNS Resolver "DHCP Registration" is enabled: On 2.4.4.a.20180802.1755 (gitsync'd to master):
Followed the same steps as Azamat, but was unable to disable LAN D... Anonymous
08:59 PM Bug #8734 (Resolved): FEC LAGG Protocol option present: Anonymous
08:29 PM Bug #8734: FEC LAGG Protocol option present: On 2.4.4.a.20180802.1755 (gitsync'd to master), the FEC option is no longer present. FEC also appears to have been re... Anonymous
08:11 AM Bug #8734: FEC LAGG Protocol option present: Docs and book also updated to remove references to FEC. Jim Pingle
08:00 AM Bug #8734 (Feedback): FEC LAGG Protocol option present: Applied in changeset commit:cee2c93041c7866d002c6e2e30831ae34227e8ef. Jim Pingle
07:31 AM Bug #8734: FEC LAGG Protocol option present: Jim Pingle
08:34 PM pfSense Packages Bug #8710: OpenVPN Shared Key Export: On 2.4.4.a.20180802.1755 (gitsync'd to master), cannot reproduce. Anonymous
07:09 PM Revision 0f7b4271: Fixed #8673: Steve Beaver
04:41 PM Revision 65cfff7e: Fix #8737: Add option to use multilink over single link for PPPoE: Renato Botelho
03:45 PM pfSense Packages Bug #8670: HAProxy PHP error: The ACL issue from #9 was actually a 'user mistake', that was cleared on the forum.
This redmine ticket is i.m.o. ... Pi Ba
02:22 PM pfSense Packages Bug #8670: HAProxy PHP error: It is not clear what this Redmine issue now means. It seems to have morphed into other errors (which may , or may not... Anonymous
02:17 PM pfSense Packages Bug #8670 (Feedback): HAProxy PHP error: Anonymous
02:10 PM pfSense Packages Bug #8670 (In Progress): HAProxy PHP error: Anonymous
02:04 PM pfSense Packages Bug #8670: HAProxy PHP error: Anonymous
03:32 PM Feature #8544 (Resolved): Routed IPsec using FreeBSD if_ipsec(4) VTI: The core of this is solid. Any other issues that come up can be handled as separate tickets. Jim Pingle
03:26 PM Bug #8626 (Resolved): CN in certificate and probably other user names are not properly escaped in LDAP search: Jim Pingle
03:06 PM Bug #8707: New PHP Error [/etc/inc/gwlb.inc]: Sure! We have 5 openVPN client gateways, 1 WAN (isp) gateway in total. Currently only 4 openVPN gateways are enable... Tyler L
01:42 PM Bug #8707: New PHP Error [/etc/inc/gwlb.inc]: Can you provide a bit more information about your gateway and gateway group configuration, along with an example of w... Jim Pingle
01:13 PM Bug #8707: New PHP Error [/etc/inc/gwlb.inc]: Well, that didn't take long. I should have just waited another 10min.
So, what happens now is this: Gateway goes... Tyler L
01:02 PM Bug #8707: New PHP Error [/etc/inc/gwlb.inc]: Thanks Jim! This is why I asked for someone smart to look into it. I reverted what I did, and patched using your fi... Tyler L
10:54 AM Bug #8707: New PHP Error [/etc/inc/gwlb.inc]: Try this instead. Jim Pingle
10:45 AM Bug #8707: New PHP Error [/etc/inc/gwlb.inc]: That change would be a no-op, they both reference the same variable in the same way. In fact it goes against the reco... Jim Pingle
02:06 PM Bug #8519 (New): pfSense update from the webGUI fails: Anonymous
02:04 PM Bug #8519: pfSense update from the webGUI fails: Anonymous
02:05 PM Revision 16050763: Revise page footer text and centralize footer output for consistency: Steve Beaver
02:05 PM pfSense Packages Bug #8631: syslog-ng - logrotate incorrectly configured to rotate TLS key: Jim Pingle
02:01 PM pfSense Packages Bug #8647 (Resolved): PHP7: Snort package: I just tried it out and didn't see any errors or warnings. Anonymous
01:53 PM pfSense Packages Bug #8735 (Feedback): php warning suricata: Anonymous
01:50 PM pfSense Packages Bug #8735: php warning suricata: Fix pushed here. ab5c2530b3226585773fd967fcecaf9cfe51405c
It looks like a typo 'config' should have been '$config'. Anonymous
09:58 AM pfSense Packages Bug #8735 (Resolved): php warning suricata: PHP Errors:
[02-Aug-2018 00:30:28 America/New_York] PHP Warning: Use of undefined constant config - assumed 'config... Michael Kellogg
12:52 PM Revision cee2c930: FEC LAGG is deprecated, remove from GUI and change on upgrade. Fixes #8734: Jim Pingle
11:50 AM Feature #8737: Let users configure PPPoE multilink over single link: Applied in changeset commit:65cfff7e916d87555e84f1a132d240bdfd5e7be0. Renato Botelho
11:45 AM Feature #8737 (Feedback): Let users configure PPPoE multilink over single link: Renato Botelho
11:40 AM Feature #8737 (Resolved): Let users configure PPPoE multilink over single link: Some providers offer multilink over single link, add this option to advanced PPPoE config and when it's set do not fo... Renato Botelho
10:31 AM Bug #8736 (Rejected): default gateway not working after upgrade to 2.4.3-RELEASE-p1: This is not a platform for support or diagnostic discussion. There is not enough information there for a valid bug re... Jim Pingle
10:27 AM Bug #8736 (Rejected): default gateway not working after upgrade to 2.4.3-RELEASE-p1: Hello,
the upgrade told me, it will eat 37MBs more, it has eaten over 150. But thats not the issue, I understand, th... david ricar

08/01/2018

09:30 PM Revision 8517667d: outbound-nat, make sure rules generated wont have required missing options that might make the rules fail to load: PiBa-NL
09:30 PM Revision 905bd44e: outbound-nat, make sure rules generated with outbound-nat rules are valid also on interfaces with mixed ipv4/ipv6 address environments: Pi Ba
09:08 PM Bug #8734 (Resolved): FEC LAGG Protocol option present: On 2.4.4.a.20180801.1354, the LAGG Protocol option FEC is still present, despite FreeBSD dropping support for the FEC... Anonymous
08:39 PM Revision d1396614: Add a button to generate a secure IKE PSK. Issue #8667: Jim Pingle
07:54 PM Revision c25d116a: Preliminary footer revisions. Pending link targets: Steve Beaver
07:22 PM Revision 8a228b83: Fixes #8732 PHP7 illegal string offsets: Stephen Jones
04:22 PM Revision 5c674b1e: Fixes #8730 PHP7 issues illegal string offsets: Stephen Jones
03:52 PM Bug #8667: VU#857035 - IKE Protocol Vulnerability: PSK button and stronger GUI warning are in now, see commit:d13966146f166536c2b3825cdfd9090f7f6022e7
All that rema... Jim Pingle
03:50 PM Bug #8667 (In Progress): VU#857035 - IKE Protocol Vulnerability: Jim Pingle
03:51 PM Bug #8707: New PHP Error [/etc/inc/gwlb.inc]: I updated to 07.31 and found that the one gateway that kept failing, now functioned fine despite the gwlb.inc being r... Tyler L
03:25 PM Revision fbc86ff2: Support older md5 password hashes when testing for default password: Steve Beaver
02:30 PM Bug #8732 (Feedback): PHP7 errors in DHCP: Applied in changeset commit:8a228b838da81198fa4301fa21713de638eb5185. Anonymous
02:17 PM Bug #8732 (Resolved): PHP7 errors in DHCP: The following errors were found while doing some tests with the captive portal.
Warning: Illegal string offset 'la... Anonymous
02:24 PM Revision f0fdd1ab: Cosmetic changes to help text: Steve Beaver
01:28 PM pfSense Packages Feature #8731 (Resolved): FreeIPA support in FreeRADIUS package: In order to use FreeRADIUS to authenticate against a FreeIPA LDAP server using mschapv2 the following section is req... Andrew Cope
11:54 AM Revision fbc1bb77: Fixed #7623: Steve Beaver
11:30 AM Revision 20998b2d: Fixed #8728: Steve Beaver
11:30 AM Bug #8730 (Feedback): NAT PHP7 errors.: Applied in changeset commit:5c674b1ecca83d42261f5e166e0d968dc318cee2. Anonymous
11:18 AM Bug #8730 (In Progress): NAT PHP7 errors.: Anonymous
11:18 AM Bug #8730 (Resolved): NAT PHP7 errors.: I found several PHP7 issues while running through some tests for NAT.
Warning: Illegal string offset 'rule' in /us... Anonymous
10:56 AM pfSense Packages Bug #8729: IPv6 - FRR BGP issue with Redistribute connected networks: Looks like FRR assumes the globally declared option to be IPv4 only.
In bgpd.conf:... Jim Pingle
10:25 AM pfSense Packages Bug #8729 (Resolved): IPv6 - FRR BGP issue with Redistribute connected networks: Environment: FRR BGP with pfSense 2.4.3_1
Use Case: Redistribute IPv6 networks (/64 networks from a /48 subnet).
Th... Marc Planquart
07:24 AM Bug #8446: QinQ interfaces are assigned incorrectly: https://github.com/pfsense/pfsense/pull/3968 Steve Wheeler
07:07 AM Bug #8437: invalid outbound nat rules written when using ipv6 rules on interfaces that also have ipv4 adresses..: @sjones - Please test this PR so we can merge it and resolve this issue
https://github.com/pfsense/pfsense/pull/3934 Anonymous
07:00 AM Feature #7623: Allow L2TP user passwords to contain special characters: Applied in changeset commit:fbc1bb778bb9df0d3a26019f18b6364a9edcabe3. Anonymous
06:54 AM Feature #7623 (Feedback): Allow L2TP user passwords to contain special characters: Anonymous
06:40 AM Bug #8728: Can not create VIP after deleting existed one: Applied in changeset commit:20998b2d7df867c25ca35e29d434ce0fc6561a39. Anonymous
06:38 AM Bug #8728 (Feedback): Can not create VIP after deleting existed one: Anonymous
06:31 AM Bug #8728 (Resolved): Can not create VIP after deleting existed one: Anonymous
06:29 AM Bug #8728 (In Progress): Can not create VIP after deleting existed one: Anonymous
05:01 AM Bug #8728 (Resolved): Can not create VIP after deleting existed one: I deleted VIP and tried to create new one on latest and got the error:... Constantine Kormashev
06:39 AM Bug #6477 (Resolved): Sample bounds can jump around for custom timer periods on Status > Monitoring: Anonymous
06:26 AM Bug #8120: Unable to disable DHCP Server on interface when DNS Resolver "DHCP Registration" is enabled: There is one more case to test there yet: Were you able to disable DHCP on LAN after disabling it on OPT1?
It shoul... Jim Pingle
05:09 AM Bug #8120: Unable to disable DHCP Server on interface when DNS Resolver "DHCP Registration" is enabled: Works OK for me on latest 2.4.4-DEV snap
1) I created OPT1 interface with static ip
2) DHCP Server on OPT1 didn't s... Azamat Khakimyanov
06:01 AM Bug #8595: Maybe a new mpd5-x+1 MTU ISSUE WITH ORANGE FR: xavier Lemaire wrote:
> Hi Renato,
>
> Look like a different trouble... Eugene is very reactive. Do you try to fi... Renato Botelho
01:10 AM Bug #8595: Maybe a new mpd5-x+1 MTU ISSUE WITH ORANGE FR: Hi Renato,
Look like a different trouble... Eugene is very reactive. Do you try to fixe 1480 MTU and MRU in your c... xavier Lemaire
12:12 AM pfSense Packages Feature #8727 (Resolved): Clone button in cron pkg: It would be very useful if clone feature will appear in Cron pkg.
Sometimes tasks are tricky and there is possibilit... Constantine Kormashev

07/31/2018

08:49 PM Revision dd2d9f24: Validation for GUI custom settings. Fixes #8726: Add validation for customizable GUI setting fields and test submitted
values before allowing them to be stored.
Also ... Jim Pingle
08:49 PM Revision 209ae186: Validation for GUI custom settings. Fixes #8726: Add validation for customizable GUI setting fields and test submitted
values before allowing them to be stored.
Also ... Jim Pingle
08:39 PM Revision db7f2719: Validation for GUI custom settings. Fixes #8726: Add validation for customizable GUI setting fields and test submitted
values before allowing them to be stored.
Also ... Jim Pingle
08:30 PM Revision 9ceace25: Validation for GUI custom settings. Fixes #8726: Add validation for customizable GUI setting fields and test submitted
values before allowing them to be stored.
Also ... Jim Pingle
06:53 PM Revision 9477c170: Correct the DHCP DNS reg check. Fixes #8120: Now allows all but one DHCP server to be disabled, rather than denying
all of them. Jim Pingle
05:57 PM Revision 3729b7a2: Create cron array if it doesn't exist on upgrade.: (cherry picked from commit aabd093849d61eacdf7bdcb584c812638b3732a0) Jim Pingle
05:56 PM Revision aabd0938: Create cron array if it doesn't exist on upgrade.: Jim Pingle
05:03 PM Bug #1454 (Resolved): Voucher error messages character set problem: Jim Pingle
04:59 PM Bug #1454: Voucher error messages character set problem: I confirm that this problem does not exist anymore
This issue can be marked as resolved. A FL
04:09 PM Bug #8595: Maybe a new mpd5-x+1 MTU ISSUE WITH ORANGE FR: This patch reached pfSense 2.4.4 development and introduced a different error. I updated original mpd ticket and woul... Renato Botelho
04:08 PM Bug #8595 (In Progress): Maybe a new mpd5-x+1 MTU ISSUE WITH ORANGE FR: Renato Botelho
03:55 PM Bug #8726 (Feedback): Lack of input validation on custom GUI/dashboard settings leads to potential XSS: Applied in changeset commit:9ceace2562e718b9b460633847c12050fff96640. Jim Pingle
03:23 PM Bug #8726 (Resolved): Lack of input validation on custom GUI/dashboard settings leads to potential XSS: There are a few fields that customize the dashboard and GUI that can be set globally on system.php or per-user on sys... Jim Pingle
03:44 PM Revision f0134497: Correct QinQ interface naming: Steve Wheeler
02:00 PM Bug #8120 (Feedback): Unable to disable DHCP Server on interface when DNS Resolver "DHCP Registration" is enabled: Applied in changeset commit:9477c17057771456d481ae0e4a3822062617a50e. Jim Pingle
01:55 PM Bug #8120: Unable to disable DHCP Server on interface when DNS Resolver "DHCP Registration" is enabled: In step #4 you must have had an old/stale opt1 config. DHCP is disabled by default for new interfaces.
I can repro... Jim Pingle
01:51 PM Bug #8120 (Assigned): Unable to disable DHCP Server on interface when DNS Resolver "DHCP Registration" is enabled: Jim Pingle
01:29 PM Bug #8280 (Duplicate): Captive Portal Voucher Sync: Jim Pingle
01:25 PM Bug #8280: Captive Portal Voucher Sync: Fixed in commit b8963db6
See issue #7972 A FL
01:27 PM Bug #8717 (Not a Bug): 'DHCPv6 Static Mappings for this Interface' option isn't working (2.4.4-DEV): This is a client issue on Ubuntu. You have to force it to release the IPv6 address before it will pick up a new assig... Jim Pingle
01:23 PM Bug #8721 (Assigned): DHCP High Availability - Statis assignement Issue on BackUP machine: The fix for #7469 changed the primary such that it no longer triggers a @filter_configure@ via XMLRPC, which is when ... Jim Pingle
04:50 AM Bug #8721 (Resolved): DHCP High Availability - Statis assignement Issue on BackUP machine: I have two PFsense in HA
When I enter a static lease in the Pfsense Master the file/var/dhcpd/etc/dhcp.conf in Pfsen... Michele D'Alessio
01:19 PM Bug #8250 (Closed): Captive Portal XMLRPC does not use the custom port configured.: The ports have to be the same on the GUI for both units. Leaving out the port number is intentional. Jim Pingle
01:05 PM Bug #8250: Captive Portal XMLRPC does not use the custom port configured.: I could not reproduce this. XMLRPC is working fine on a custom port (using sync settings in captiveportal->Vouchers m... A FL
01:08 PM Bug #8725 (Not a Bug): Packages not uninstalled when removed from package repo: Removing a package from teh repo should cause any firewall using that package to uninstall it. This is not happening.... Anonymous
11:30 AM Bug #8722: ACB issue after upgreade 2.4.4-DEV 20180728 up to current snap: Since the ACB package is no longer in the repository, it should have been removed automatically Anonymous
11:27 AM Bug #8722: ACB issue after upgreade 2.4.4-DEV 20180728 up to current snap: If removing the ACB package is a requirement to upgrade, we should fix pfSense-upgrade so it gets removed automatical... Jim Pingle
11:18 AM Bug #8722: ACB issue after upgreade 2.4.4-DEV 20180728 up to current snap: Remove the ACB package Anonymous
11:14 AM Bug #8722: ACB issue after upgreade 2.4.4-DEV 20180728 up to current snap: the same error after I upgraded 2.4.2 -> 2.4.3_p1 -> 2.4.4 current snap
PHP Errors:
[31-Jul-2018 15:01:30 Etc/UTC]... Azamat Khakimyanov
09:48 AM Bug #8722: ACB issue after upgreade 2.4.4-DEV 20180728 up to current snap: I attached config.xml which was made by ACB yesterday (before upgrade)
Azamat Khakimyanov
09:24 AM Bug #8722 (Resolved): ACB issue after upgreade 2.4.4-DEV 20180728 up to current snap: After upgrade 2.4.4-DEV from 20180728 up to 20180731 I caught "PHP Fatal error: Cannot redeclare acb_enabled() (prev... Azamat Khakimyanov
11:21 AM Revision f2078989: Add htmlspecialchars to dashboardcolumns: (cherry picked from commit 99ef8749099c7d3448e8202c8a458445b9ad80bb) Steve Beaver
11:19 AM Revision 99ef8749: Add htmlspecialchars to dashboardcolumns: Steve Beaver
11:08 AM Revision 92f2b9a0: Merge pull request #3962 from PiBa-NL/20180708-routing-default-gateway: Renato Botelho

07/30/2018

08:51 PM Revision a47267ee: Fix a potential PHP error from a pf filter reload error.: Jim Pingle
07:41 PM Revision 10625157: Revert "Add cast to int for unbound tunable values. Fixes #8689": This reverts commit 56cc5709e424aeab65ee93fd08eaccff6c7bbf7e. Jim Pingle
07:35 PM Revision 46180360: Make whitespace more obvious in a user/cn mismatch: Jim Pingle
05:35 PM Bug #8715 (Resolved): System update: Unable to check for updates: Renato Botelho
04:59 PM Bug #8715: System update: Unable to check for updates: Latest commit fix the issue.
Thanks Fred Ch
10:15 AM Bug #8715 (Feedback): System update: Unable to check for updates: Applied in changeset commit:e87ea36d9674483926ead90292ae03f4ce05346a. Renato Botelho
06:58 AM Bug #8715: System update: Unable to check for updates: I am having to do the same. Only solution is to roll back to the July 5th commit (below), replace the file on the pfS... Nick K
03:47 PM pfSense Packages Bug #8718 (Feedback): PHP Warning: Illegal string offset 'config' in /usr/local/pkg/net-snmp.inc on line 403: Fixed in commit:572c79f40b15 (Version 0.1.5_1) Jim Pingle
03:19 PM pfSense Packages Bug #8710 (Feedback): OpenVPN Shared Key Export: Fixed in commit:7629eefb4a4b (Version 1.4.16_1) Jim Pingle
03:07 PM Revision 283e8d24: Skip repo check for base packages: Renato Botelho
03:07 PM Revision e87ea36d: Revert "Parameter must be an array or 'all'": Fix #8715 respecting get_pkg_info parameter when it doesn't start with
pfSense-pkg
This reverts commit 70a7c029fbe61... Renato Botelho
02:56 PM Revision 5fa2a4a2: Fixes #8714 PHP7 illegal string offset error: Stephen Jones
02:43 PM Bug #8689 (Resolved): Unbound PHP error: This was actually fixed by commit:3e2e1b2c89f24bb201edc4d0c4b88e0644702b60 Jim Pingle
01:07 PM Revision 96f5ce46: Fixes preservation of help text when deleting first row of a rowhelper row that includes a checkbox: Steve Beaver
01:05 PM Bug #8707: New PHP Error [/etc/inc/gwlb.inc]: I found and addressed the issue, though I don't know how to file a diff or anything.
Issue stems from b5e93be6, th... Tyler L
12:22 PM Bug #8720 (Not a Bug): restricting packages to official repository: Hey guys, I noticed 3 days ago there was a commit 053182648b676676f9e631eca51c3e5a678344e9 by Renato that restricts t... Arthur Wiebe
10:05 AM Bug #8714 (Feedback): error in services_dhcpv6.php after clicking on Save button in case RA was not setup before enabling DHCPv6: Applied in changeset commit:5fa2a4a2fee4a6a6ced0c12d4491629e82c1052e. Anonymous
08:10 AM Bug #8719 (Rejected): Fall of the OpenVPN Instance: That is not typical behavior - It normally restarts automatically. If it stops, that suggests a potential misconfigur... Jim Pingle
08:08 AM Bug #8719 (Rejected): Fall of the OpenVPN Instance: Please check why when the Internet Service Provider drops, the openvpn client instance is dropped. The service stops ... Valdir Martins
07:19 AM Bug #5999: IPv6 IP Alias prevents Track Interface from working with DHCPv6 and RA: Jim Pingle wrote:
> If it is "simple" and "not difficult", we would happily accept a pull request to fix the issue.
... Tony Fortes Ramos
07:18 AM Bug #8518: Rule Error On Upgrade 2.4.3 -> 2.4.3-p1: the above commands fixed it for me as well. An official patch for p1 would be good! Steffen Wagner
07:16 AM Feature #8140: Feature Request: Zone Firewall between interfaces: I have to agree with the OP and Jupiter. I really am running agains this limitation with multiple IPv6 addresses per ... Tony Fortes Ramos
07:07 AM Feature #8084 (Duplicate): Implementação do Login Social no Captive Portal: Yeah that other issues seems to cover it (and is in English) #3377 Jim Pingle
04:23 AM Feature #8084: Implementação do Login Social no Captive Portal: @Jim P A FL
01:40 AM pfSense Packages Bug #8620: arpwatch database page is not accessible: I have exactly the same problems. The actual workaround is not to enable arpwatch, so it will be automaticly startet ... Mathias Möller

07/29/2018

06:18 PM Bug #8707: New PHP Error [/etc/inc/gwlb.inc]: Ok makes sense. I have that situation with a very I stable gateway of 4 in total. Dirk Steingäßer
06:17 PM Bug #8707: New PHP Error [/etc/inc/gwlb.inc]: Upgraded from June build, now running Sat Jul 28 19:13:31 EDT 2018 build, and have this issue.
It occurs when gate... Tyler L
06:10 PM Bug #8715: System update: Unable to check for updates: I updated from a June build to Sat Jul 28 19:12:21 EDT 2018 build and agree, the GUI Update states: Unable to check f... Tyler L
04:04 AM Bug #8715 (Resolved): System update: Unable to check for updates: Issue with last 2 changes to /src/etc/inc/pkg-utils.inc
get_system_pkg_version return false.
reverting to versi... Fred Ch
05:21 PM Revision 3290c9e6: interfaces, ipalias fix initializing ipaliases that have a carp parent after interface down / up: PiBa-NL
12:57 PM Bug #8689 (Assigned): Unbound PHP error: That doesn't appear to be the correct commit. Though the procedure to reproduce this isn't 100% known yet either. I'l... Jim Pingle
12:05 PM Bug #8689: Unbound PHP error: Tested changing settings saving and restarting. No errors found on:... Steve Wheeler
02:52 AM Bug #8689: Unbound PHP error: Do not observe the issue on latest. Adding, changing, deleting items and restarting service does not make any errors Constantine Kormashev
12:54 PM Bug #8659 (Resolved): DHCPv6 Server removing a static mapping throws error.: Jim Pingle
10:14 AM Bug #8659: DHCPv6 Server removing a static mapping throws error.: Looks good on:... Steve Wheeler
02:48 AM Bug #8659: DHCPv6 Server removing a static mapping throws error.: Do not observe the issue on latest Constantine Kormashev
12:52 PM pfSense Packages Bug #8718 (Assigned): PHP Warning: Illegal string offset 'config' in /usr/local/pkg/net-snmp.inc on line 403: Jim Pingle
12:38 PM pfSense Packages Bug #8718 (Resolved): PHP Warning: Illegal string offset 'config' in /usr/local/pkg/net-snmp.inc on line 403: Crash report begins. Anonymous machine information:
amd64
11.2-RELEASE
FreeBSD 11.2-RELEASE #36 cd0e4c8cf25(REL... Chris Linstruth
12:14 PM Bug #8717 (Not a Bug): 'DHCPv6 Static Mappings for this Interface' option isn't working (2.4.4-DEV): 00:04:53:a9:48:07:03:28:11:a0:ee:27:b7:f6:37:0d:63:26
'DHCPv6 Static Mappings for this Interface' option isn't wor... Azamat Khakimyanov
10:36 AM pfSense Packages Bug #8716 (Resolved): Suricata package does not survive pfSense upgrade.: After running a firmware update, between snapshots for example, the Suricata will no longer start.
This was discusse... Steve Wheeler
01:28 AM pfSense Packages Bug #8670: HAProxy PHP error: Is this bug possibly causing this error as well?
https://www.reddit.com/r/PFSENSE/comments/92it0e/haproxy_setup_issu... → luckman212
01:02 AM Bug #8714 (Resolved): error in services_dhcpv6.php after clicking on Save button in case RA was not setup before enabling DHCPv6: Error occurs only in case RA was not setup before enabling DHCPv6... Constantine Kormashev

07/28/2018

10:38 PM pfSense Packages Bug #8647: PHP7: Snort package: Version 3.2.9.7 of the Snort GUI package has been merged and is available. This bug is addressed in the new version.... Bill Meeks
07:26 PM Bug #1688: DHCP server subnet input validation needs to check config.xml, not ifconfig: I need the actual config location of file edited and or section removed please location of the DHCP server input val... Nathan Barber
05:07 PM Bug #8120: Unable to disable DHCP Server on interface when DNS Resolver "DHCP Registration" is enabled: Braden McGrath wrote:
> Subject covers this pretty clearly I think, but I'll elaborate with my repro steps. I chose ... Michael SanAngelo
11:17 AM Bug #5999: IPv6 IP Alias prevents Track Interface from working with DHCPv6 and RA: If it is "simple" and "not difficult", we would happily accept a pull request to fix the issue. Jim Pingle
11:13 AM Bug #5999: IPv6 IP Alias prevents Track Interface from working with DHCPv6 and RA: Did not realize that there was an issue as old as this when i first made my own tickets. This affects every version o... Jupiter Vuorikoski
08:46 AM Bug #5999: IPv6 IP Alias prevents Track Interface from working with DHCPv6 and RA: See also: #8276 Jim Pingle
10:59 AM Feature #8713 (Duplicate): Allow user to disable/enable multiple firewall rules at one time: Currently, a user may disable or enable a firewall rule through the WebGUI by either editing the rule and using the d... Anonymous
10:21 AM Feature #8712: QOS on ipsec links: Not currently possible. Can check again in a future version of FreeBSD... Jim Pingle
10:13 AM Feature #8712 (New): QOS on ipsec links: now we have VTI, can we enable QOS/TOS/COS on the link similar to OpenVPN Chris Macmahon
09:21 AM Bug #8711 (New): igmpproxy with PPPoE Interfaces: When you set up a network interface with PPPoE and want to use igmpproxy to redirect multicast traffic, the igmpproxy... Abraham Fernandez
08:52 AM Bug #8502: main (top) menu items do not drop down in some cases: Also affects the Apple IPsec Profile generator. See #8709 Jim Pingle
08:52 AM pfSense Packages Bug #8709 (Duplicate): Apple IPSec Profile.: Seems like a duplicate of #8502 -- I'll drop a note about this on there. Jim Pingle
08:37 AM pfSense Packages Bug #8709 (Duplicate): Apple IPSec Profile.: On SG3100 build 2.4.4.a.20180727.1103

Apple IPSec Profile.
192.168.1.1/vpn_ipsec_profile.php the Menu's don... Chris Macmahon
08:50 AM pfSense Packages Bug #8710 (Assigned): OpenVPN Shared Key Export: Jim Pingle
08:39 AM pfSense Packages Bug #8710 (Resolved): OpenVPN Shared Key Export: Clicking vpn - openvpn - Shared Key Export
https://192.168.1.1/vpn_openvpn_export_shared.php
Warning: Illegal s... Chris Macmahon
08:45 AM Bug #8276 (Duplicate): Virtual IPs considered primary when using interface tracking for ipv6: Insulting people is not going to convince them you are right.
The behavior is undefined _on pfSense_, not in IPv6.... Jim Pingle
06:07 AM Bug #8276: Virtual IPs considered primary when using interface tracking for ipv6: Dear Jim Pingle, maybe u take a look into the RFC's of IPv6 and see that these specific type of setup is absolutely n... Ulf Merbold
08:19 AM pfSense Packages Bug #8670: HAProxy PHP error: Found another:
PHP ERROR: Type: 1, File: /usr/local/pkg/haproxy/haproxy.inc, Line: 2859, Message: Uncaught Error: Ca... Chris Macmahon
01:36 AM Bug #8708 (Resolved): Squidguard > Target categories > Order description typo: Select the new position for this target category. Target categories are listed in this order on *ALCs* and are matche... Vladimir Lind

07/27/2018

06:50 PM Revision 2c0c0660: Fixed PHP7 invalid array issue: Steve Beaver
04:04 PM Bug #8707 (Resolved): New PHP Error [/etc/inc/gwlb.inc]: Crash report begins. Anonymous machine information:
amd64
11.2-RELEASE
FreeBSD 11.2-RELEASE #31 cd0e4c8cf25(REL... Dirk Steingäßer
03:24 PM pfSense Packages Bug #8647: PHP7: Snort package: This is fixed in the 3.2.9.7 version of GUI code I am currently working on. This version should be posted sometime n... Bill Meeks
03:03 PM Bug #8667: VU#857035 - IKE Protocol Vulnerability: I rewrote the IPsec site to site doc and included information on generating a random and strong PSK, which will help ... Jim Pingle
12:21 PM Bug #8667: VU#857035 - IKE Protocol Vulnerability: Anonymous
12:40 PM Feature #8478 (Resolved): Add DynDNS client for DigitalOcean DNS: Anonymous
12:39 PM Bug #7905 (Resolved): OpenVPN Authentication Against Backend Stalls All Server Traffic: Anonymous
12:37 PM Bug #7604 (In Progress): Bug #6594 is not resolved: Waiting for Internet connection to update pkg metadata and finish package reinstallation: Anonymous
12:25 PM Bug #8527: VLANs losing parent interface on LAGG change: Anonymous
12:25 PM pfSense Packages Bug #7267: Status Traffic Totals - Stacked Bar - Scale not high enough: Anonymous
12:20 PM Bug #8437: invalid outbound nat rules written when using ipv6 rules on interfaces that also have ipv4 adresses..: Anonymous
12:19 PM Bug #4479 (New): Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel: Anonymous
12:06 PM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel: Anonymous
12:05 PM Bug #4479 (New): Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel: Anonymous
12:19 PM Bug #6186 (New): race conditions in service startup: Anonymous
12:07 PM Bug #6186: race conditions in service startup: Anonymous
12:07 PM Bug #6186 (New): race conditions in service startup: Anonymous
12:19 PM Bug #7389 (New): Limiter does not work with transparent proxy: Anonymous
12:07 PM Bug #7389: Limiter does not work with transparent proxy: Anonymous
12:18 PM Bug #8603 (New): PPP WANs do not work on VLANs on current snapshots: Anonymous
12:17 PM Bug #8603: PPP WANs do not work on VLANs on current snapshots: Anonymous
12:18 PM Bug #7425 (New): dhclient not sending option 77: Anonymous
12:08 PM Bug #7425: dhclient not sending option 77: Anonymous
12:08 PM Bug #7425 (New): dhclient not sending option 77: Anonymous
12:18 PM Bug #7532 (New): SG-1000 autonegotiation 10baseT speed and duplex: Anonymous
12:09 PM Bug #7532: SG-1000 autonegotiation 10baseT speed and duplex: Anonymous
12:18 PM Feature #7767 (New): OCSP support for OpenVPN server: Anonymous
12:16 PM Feature #7767: OCSP support for OpenVPN server: Anonymous
12:01 PM Bug #6277 (New): RRD graphs are not created correctly for interfaces using CODELQ: Anonymous
12:01 PM Bug #6277: RRD graphs are not created correctly for interfaces using CODELQ: Anonymous
11:59 AM Revision 95c9450c: Fixed #8704: (cherry picked from commit f611c6e9476acfe7e9a6324a6a0d112fd7062c7b) Steve Beaver
11:58 AM Revision f611c6e9: Fixed #8704: Steve Beaver
11:49 AM Revision 05318264: Make sure additional packages are provided by official pkg repo: Renato Botelho
11:01 AM Revision a835cdee: Fix style: Renato Botelho
10:58 AM Revision 70a7c029: Parameter must be an array or 'all': Renato Botelho
10:07 AM pfSense Packages Bug #8705 (Closed): Syslog-NG error in latest snapshot: The following input errors were detected:
Syslog-ng syntax test failed: Error parsing pragma, syntax error, un... Greg M
08:20 AM Bug #8594 (Resolved): Assess default crypto settings for OpenVPN/IPsec: Jim Pingle
07:00 AM Bug #8704 (Resolved): Load Balancer (relayd) settings are not displayed in gui: Fixed in next snapshots Anonymous
03:56 AM Bug #8704 (Resolved): Load Balancer (relayd) settings are not displayed in gui: After Setting custom global relayd settings via GUI (for example: timeout, prefork or intervall) the settings are cor... Kilian Ries
12:48 AM Feature #8703 (Resolved): Allow user to search firewall alerts by tracking ID: From Status > System Logs > Firewall, the user is not able to filter alerts by a firewall rule Tracking ID (or IDs).
... Anonymous

07/26/2018

09:14 PM pfSense Packages Bug #8700 (Resolved): PHP suricata undef constant: Anonymous
06:56 PM pfSense Packages Bug #8700 (Resolved): PHP suricata undef constant: below from today's pfS (2.4.4.a.20180726.1428) and suricata (4.0.11_1)
thanks,
R.
Crash report begins. Anon... ROB VANHOOREN
06:34 PM Bug #8594: Assess default crypto settings for OpenVPN/IPsec: On 2.4.4.a.20180726.0918, looks good. Anonymous
06:34 PM pfSense Packages Bug #8699 (Resolved): 3x PHP in pfblockerng.inc (912/915/4687): below from today's pfS (2.4.4.a.20180726.1428) and pfB (2.1.4_7)
thanks,
R.
Crash report begins. Anonymous... ROB VANHOOREN
06:28 PM Revision f76f2868: Merge pull request #3908 from pdemonaco/master: Renato Botelho
04:14 PM Feature #8698 (Resolved): LDAP authenticated users should be able to log in via ssh: We integrate pfsense against our Active Directory systems for authentication and authorization. Works well for the m... Eric Houston
01:28 PM Bug #7905 (Feedback): OpenVPN Authentication Against Backend Stalls All Server Traffic: PR has been merged. Thanks! Renato Botelho
01:25 PM Bug #8697 (Rejected): Route on same gateway network (2 pppoe session): That is not a supported configuration. If it works at all, it is by chance.
There is no way to fully accommodate t... Jim Pingle
01:20 PM Bug #8697 (Rejected): Route on same gateway network (2 pppoe session): If i have 2 WAN on one same system. The wan has been connected with a PPPOE session
Both PPPOE session use the sam... Tuen Lee
12:55 PM Bug #6765 (Resolved): CP: "Enable per-user bandwidth restriction": Jim Pingle
12:54 PM Bug #6765: CP: "Enable per-user bandwidth restriction": I confirm that CaptivePortal per-user bandwidth restriction is working poperly, with the right units.
!https://ww... A FL
09:09 AM pfSense Packages Bug #8651 (Feedback): another php error (broke stable pfBng): Fix pushed: e907705240bf2f51e2e99b09e911fc149162b465 Anonymous
08:34 AM Feature #8695 (Rejected): make AdvLinkMTU configurable: Unfortunately some sites have issues with the usual MTU of 1500, e.g. Microsoft Lync: https://forums.he.net/index.php... Bjoern Franke
07:26 AM Bug #8693 (Duplicate): Filter rules error after deleting VIP: Hey Seth, long time no see!
We fixed this in #8518 -- if you look at the last commit referenced on that ticket ( c... Jim Pingle
03:45 AM Bug #8693: Filter rules error after deleting VIP: It appears to be fixed in mainline. Inserting the extra address checks that are in current filter.inc on line 3657 an... Seth Mos
03:25 AM Bug #8693 (Duplicate): Filter rules error after deleting VIP: On 2.4.2 and 2.4.3p1 I ran into a rules.debug error, making it fail to load rules.
I deleted 2 Carp vips which res... Seth Mos
07:13 AM Feature #8694 (New): Client CA Auth for PFSense WebGui: Hi all
Could you add the possibility to authentificate with a client certificate for accessing the pfsense webgui
... Stefan Bühler
04:28 AM Feature #1924: Ability of CP's allowed IP addresses to use aliases: This feature will be hard to implement
Alias page is using make_subsystem_dirty (eg, "please click here to apply ... A FL
02:59 AM Bug #8420: Not possible setting up voucher configuration. On save, the form is asking to fill in the synchronization data.: Hi,
Are you using firefox?
I ask, because it look like a firefox autofill issue...
https://forum.netgate.com/... A FL
02:48 AM Bug #8649: NAT does not work anymore with Port / IP Aliases: I can confirm that this problem is not present anymore with current snapshots. Dirk Steingäßer

07/25/2018

06:54 PM Revision bb4b80c8: Prevent disabling IPsec P1 with assigned VTI P2. Fixes #8674: Jim Pingle
06:39 PM Bug #1963 (Resolved): CP Voucher submission - 'Enter' button does not submit form in MSIE: Jim Pingle
05:16 PM Bug #1963: CP Voucher submission - 'Enter' button does not submit form in MSIE: This bug has been fixed in 2012 by https://github.com/pfsense/pfsense/commit/0e296bce07cfe920b6e86d319acb2d159f0f384a... A FL
06:39 PM Feature #8685 (Resolved): Implement some controls to hide certain information for VTI Assigned Interfaces: Jim Pingle
06:21 PM Feature #8685: Implement some controls to hide certain information for VTI Assigned Interfaces: Tested. Looks good.
Created a VTI interface. Assigned it. Assigned interface tab does not appear in firewall rules ... Steve Wheeler
09:10 AM Feature #8685 (Feedback): Implement some controls to hide certain information for VTI Assigned Interfaces: Applied in changeset commit:c64c8773be51d98514ee97f70e35e52e0f967659. Jim Pingle
06:04 PM Bug #7425: dhclient not sending option 77: are marjohn's DHCP fixes still going to get merged for 2.4.4?
seems like the file in question is *bpf.c* from upstre... → luckman212
03:41 PM Revision 56cc5709: Add cast to int for unbound tunable values. Fixes #8689: Jim Pingle
03:26 PM Revision be107240: Fix a PHP error when visiting the GIF/GRE page with no GIF/GRE ifs: Jim Pingle
02:52 PM Revision 5f3b117d: Fix missing period, set default local to network/30 for VTI. Fixes #8635: Jim Pingle
02:47 PM Bug #8674 (Resolved): Switching IPsec phase one to vti from Tunnel IPv4 and back yields unexpected behavior: Jim Pingle
02:46 PM Bug #8674: Switching IPsec phase one to vti from Tunnel IPv4 and back yields unexpected behavior: On 2.4.4.a.20180725.0317 with patches b66b72d0ae725392b0158de3a0ec0731d71cd793 and cc240e3259d90ed236872de5cba346fe09... Anonymous
02:10 PM Bug #8674 (Feedback): Switching IPsec phase one to vti from Tunnel IPv4 and back yields unexpected behavior: Applied in changeset commit:bb4b80c856c29d5b60f712c23fd61ed928eb7c15. Jim Pingle
12:28 PM Bug #8674 (Assigned): Switching IPsec phase one to vti from Tunnel IPv4 and back yields unexpected behavior: Looks like it's still possible to disable a P1 containing a VTI P2 which leads to the problem case. That also must be... Jim Pingle
08:07 AM Bug #8674: Switching IPsec phase one to vti from Tunnel IPv4 and back yields unexpected behavior: There was one more disable case I missed yesterday: Checking disable in the P2 settings screen instead of using the b... Jim Pingle
02:37 PM Revision cc240e32: Hide address controls for interfaces that do not support them. Fixes #8687: Jim Pingle
02:01 PM Revision c64c8773: Add a mechanism to blacklist interfaces from filtering. Fixes #8685: Only entry at the moment is ipsec for if_ipsec interfaces which have
some issues interacting with pf currently. Jim Pingle
02:01 PM Feature #8687 (Resolved): Interfaces assigned for OpenVPN/GIF/GRE/Routed IPsec should not present IPv4 and IPv6 settings: Jim Pingle
01:34 PM Feature #8687: Interfaces assigned for OpenVPN/GIF/GRE/Routed IPsec should not present IPv4 and IPv6 settings: On 2.4.4.a.20180725.0317, with patch cc240e3259d90ed236872de5cba346fe092eda85 applied, the assigned interface shows
... Anonymous
09:50 AM Feature #8687 (Feedback): Interfaces assigned for OpenVPN/GIF/GRE/Routed IPsec should not present IPv4 and IPv6 settings: Applied in changeset commit:cc240e3259d90ed236872de5cba346fe092eda85. Jim Pingle
01:35 PM pfSense Packages Bug #8692 (Resolved): broken system> patches> add: Anonymous
01:29 PM pfSense Packages Bug #8692 (Feedback): broken system> patches> add: Fix in 1.1.10, just pushed. Jim Pingle
01:15 PM pfSense Packages Bug #8692 (Resolved): broken system> patches> add: GUI> system> patches> add
result:
Warning: Illegal string offset 'item' in /usr/local/www/system_patches_edit.p... ROB VANHOOREN
01:06 PM Revision b66b72d0: Add VTI validation check for disable in the P2 edit screen. Fixes #8674: Jim Pingle
01:02 PM Revision 9c0c4a59: Merge pull request #3966 from jburel-clever-age/patch-2: Steve Beaver
01:00 PM Revision 455b0c42: Merge pull request #3954 from whislock/crypto-updates: Steve Beaver
12:54 PM Todo #6647: Enable Additional Security Headers: I tried several combinations of CSP options but every one broke the GUI in some way.
The strings I tried included ... Jim Pingle
12:54 PM Revision 6dac3b9a: Cosmetic text changes: Steve Beaver
12:41 PM Revision 49c515e5: Allow user to store all blank legacy settings: Steve Beaver
12:27 PM Bug #8691 (Duplicate): It is possible to disable an IPsec P1 that has a VTI child P2: The "duplication" isn't really that, it's just a side effect of you having removed the ipsecX interface and it isn't ... Jim Pingle
12:23 PM Bug #8691 (Duplicate): It is possible to disable an IPsec P1 that has a VTI child P2: I created Routed (VTI) IPsec between two pfSense with 2.4.4-DEV. When tunnel was established, I assigned IPsec interf... Azamat Khakimyanov
11:05 AM Bug #8690 (Closed): PHP unable to init zend modules 2017 vs 2013: yikes. so much PHP @2.4.4
from this morning's 2.4.4.a.20180725.0621
below log has various different PHP Warning... ROB VANHOOREN
11:00 AM Bug #8689 (Feedback): Unbound PHP error: Applied in changeset commit:56cc5709e424aeab65ee93fd08eaccff6c7bbf7e. Jim Pingle
10:15 AM Bug #8689 (Resolved): Unbound PHP error: On startup or restart of Unbound:
Crash report begins. Anonymous machine information:
amd64
11.2-RELEASE
FreeB... Greg M
10:51 AM Bug #8403 (Resolved): system_advanced_admin.php Uses Incorrect/Inconsistent $config sshdkeyonly References...: This was fixed by commit:0bfd23a619ac28f95371bfeeca5d400bbd83ae6b as a part of #8402 Jim Pingle
10:25 AM Bug #8683: Unable to add GIF interface (Hurricane Electric IPv6): This appears to be caused by the interface string returned by @pfSense_interface_create()@ which is not a string in t... Jim Pingle
10:04 AM Bug #8683 (Assigned): Unable to add GIF interface (Hurricane Electric IPv6): Jim Pingle
10:20 AM Revision 3e2e1b2c: PHP7 syntax fix: Steve Beaver
10:13 AM pfSense Packages Bug #8651: another php error (broke stable pfBng): latest pfB (2.1.4_6) appears to have moved this error down 5 lines in the code, to 3450.
repeats in the thousand... ROB VANHOOREN
08:08 AM Bug #8594 (Feedback): Assess default crypto settings for OpenVPN/IPsec: PR Merged Jim Pingle
07:57 AM Bug #8629 (Resolved): Routed IPsec P1 - not coming up after pressing "disconnect" button: Jim Pingle
01:29 AM Bug #8629: Routed IPsec P1 - not coming up after pressing "disconnect" button: Looks good now! Vladimir Lind
07:50 AM Bug #8603: PPP WANs do not work on VLANs on current snapshots: The ticket is now 28 days old and it is a serious issue but already solved in the past. How is the progress with it? Dirk Steingäßer
03:54 AM pfSense Packages Bug #8688 (Resolved): Pass List Snort: Hi.
I've found a bug in snort: If I make a pass list an check the option vpnaddresses, it put not all ipsec remote ... Stefan Bühler

07/24/2018

11:16 PM Bug #8674: Switching IPsec phase one to vti from Tunnel IPv4 and back yields unexpected behavior: On 2.4.4.a.20180724.1715, unable to switch from VTI to another P2 mode with an assigned interface; unable to disable ... Anonymous
04:11 PM Bug #8674 (Feedback): Switching IPsec phase one to vti from Tunnel IPv4 and back yields unexpected behavior: Jim Pingle
04:10 PM Bug #8674: Switching IPsec phase one to vti from Tunnel IPv4 and back yields unexpected behavior: I just pushed some extra input validation which does the following:
* Prevents from switching VTI to another P2 mo... Jim Pingle
09:04 PM Revision 7c4e29cb: VTI input validation. Fixes #8674: Add input validation to prevent switching away from VTI or deleting a
VTI P1/P2 which belongs to an assigned interfac... Jim Pingle
07:59 PM Bug #6929: Choosing ZFS during install results in a system that cannot mount root: Having both won't hurt anything, but you only need @zfs_load="YES"@ in loader.conf Jim Pingle
07:53 PM Bug #6929: Choosing ZFS during install results in a system that cannot mount root: Got it - thanks for clarifying, Jim.
I added those two lines to the bottom of my /boot/loader.conf:
opensolaris... Victor Hooi
05:53 PM pfSense Packages Bug #8670: HAProxy PHP error: If haproxy-devel package is working properly, then i should probably copy its components/fixes/features over to hapro... Pi Ba
04:08 PM Bug #8686: IPsec VTI: Assigned interface firewall rules are never parsed: Issue #8685 will work around this for now, but we can use this issue to track the longer-term problem of how these ru... Jim Pingle
03:40 PM Bug #8686 (New): IPsec VTI: Assigned interface firewall rules are never parsed: Traffic entering an assigned VTI interface never hits firewall rules on that specific interface tab even if they are ... Steve Wheeler
03:51 PM Revision d1a990d6: Default cipher selections conform to proposal.: Justin Coffman
03:47 PM Feature #8687 (Resolved): Interfaces assigned for OpenVPN/GIF/GRE/Routed IPsec should not present IPv4 and IPv6 settings: When a user assigns an OpenVPN/GIF/GRE/Routed IPsec interface, there should be no options for configuring IPv4 and IPv6. Anonymous
03:24 PM Feature #8685 (Resolved): Implement some controls to hide certain information for VTI Assigned Interfaces: Would be nice if an assigned VTI interface did not show up in Firewall > Rules since rules there are never processed. Chris Linstruth
02:58 PM pfSense Packages Bug #8684 (Resolved): PHP7 can't install pfBlockerNG: Fix pushed here c2e322f41654abd8685c66323c90576ecebf1265
Will test more once the new update hits the package server. Anonymous
02:55 PM pfSense Packages Bug #8684 (Resolved): PHP7 can't install pfBlockerNG: This error is shown after attempting to install pfBlockerNG.... Anonymous
02:19 PM Bug #8524: HTTP_REFERER issue if changing the LAN IP in setup wizard: Gotcha, I wasn't sure since the appliance uses a special image. Posted: https://forum.netgate.com/topic/133117/xg-710... T F
02:05 PM Bug #8524: HTTP_REFERER issue if changing the LAN IP in setup wizard: That wouldn't be a problem specific to Netgate hardware. Post that on the forum and someone can take a deeper look an... Jim Pingle
02:00 PM Bug #8524: HTTP_REFERER issue if changing the LAN IP in setup wizard: OK, should I log it under hardware (since this is on a netgate appliance vs. a CE image running on my own hardware)?
... T F
07:28 AM Bug #8524: HTTP_REFERER issue if changing the LAN IP in setup wizard: This issue is only for the wizard, and the fix applies only to the wizard. I'm not aware of another way to trigger th... Jim Pingle
01:50 PM pfSense Packages Bug #8676 (Resolved): PHP7: LCDproc package: Steve Wheeler
01:49 PM pfSense Packages Bug #8676: PHP7: LCDproc package: Looks good on todays snap. Package version 0.10.6_1.
No errors found. Steve Wheeler

07/23/2018

10:02 PM Bug #8524: HTTP_REFERER issue if changing the LAN IP in setup wizard: Just to confirm, will this commit also fix the same issue when changing the LAN IP in the web configurator (not just ... T F
09:50 PM Bug #8683 (Resolved): Unable to add GIF interface (Hurricane Electric IPv6): From crash report:
[23-Jul-2018 22:38:59 America/New_York] PHP Warning: exec(): NULL byte detected. Possible atta... P L
08:39 PM Revision 2c3ac0b3: Remove unneeded VTIs in IPsec sync. Issue #8674: Still needs input validation to prevent changes that would remove an
assigned interface. Jim Pingle
05:07 PM Bug #8477: Gateway latency, units used inconsistently.: I made a rough PR for dpinger.c that also replicates this "usec to ms" format change. Minimal testing, but it works o... → luckman212
10:30 AM Bug #8477: Gateway latency, units used inconsistently.: Awesome, Thanks for your help. I made the change you have above to the code here. 21daa13ee2642a5f4821382a46be2dfc71b... Anonymous
10:24 AM Bug #8477: Gateway latency, units used inconsistently.: Good point about expr only doing integer math. For floats we could use bc... → luckman212
10:21 AM Bug #8477: Gateway latency, units used inconsistently.: Good catch. I'll change that. Do we care about decimal precision? anything under 1 ms will round to 0. I don't know i... Anonymous
10:15 AM Bug #8477: Gateway latency, units used inconsistently.: Stephen, That change looks problematic.
I made a comment on the commit but adding one here for completeness.
Exam... → luckman212
10:04 AM Bug #8477: Gateway latency, units used inconsistently.: Change made here 37be6b260f8b90393d994c40e2db34925acaa451. I'll have to look into the best way to get that into dping... Anonymous
08:50 AM Bug #8477: Gateway latency, units used inconsistently.: I'll work on making it milliseconds for everything to be consistent. I added the code you suggested Luke for the gate... Anonymous
04:26 PM Bug #8674: Switching IPsec phase one to vti from Tunnel IPv4 and back yields unexpected behavior: With the patch provided, applied, the behavior appears to be corrected. That is, when you switch back to Tunnel IPv4 ... Anonymous
04:10 PM Bug #8674: Switching IPsec phase one to vti from Tunnel IPv4 and back yields unexpected behavior: Partially done with commit:2c3ac0b381a5d1ed6e81105158fa7cceb682dc95 - Still needs some input validation to prevent a ... Jim Pingle
01:29 PM Bug #8674 (Assigned): Switching IPsec phase one to vti from Tunnel IPv4 and back yields unexpected behavior: Jim Pingle
04:19 PM Bug #8681 (Resolved): PHP7 - Error on login when using RADIUS authentication: Jim Pingle
01:39 PM Bug #8681: PHP7 - Error on login when using RADIUS authentication: Patch is working. This can be set to resolved A FL
08:50 AM Bug #8681 (Feedback): PHP7 - Error on login when using RADIUS authentication: Applied in changeset commit:ec445b1acba5bc7e1447bd4975b8dc211393a567. Jim Pingle
08:44 AM Bug #8681: PHP7 - Error on login when using RADIUS authentication: Note that https://github.com/pfsense/pfsense/pull/3640 technically fix this issue, because radius_authentication.inc ... A FL
08:39 AM Bug #8681 (Resolved): PHP7 - Error on login when using RADIUS authentication: Moving to PHP 7 broke RADIUS_AUTHENTICATION() : ... A FL
03:55 PM pfSense Packages Bug #8676 (Feedback): PHP7: LCDproc package: Anonymous
02:39 PM pfSense Packages Bug #8676: PHP7: LCDproc package: Should be more better now.
f32de6e5495fc3e6515f0bc832dabab7b9d8a568 Version: 0.10.6_1 Anonymous
02:28 PM pfSense Packages Bug #8676 (Assigned): PHP7: LCDproc package: Couple more warnings in package version 0.10.6... Steve Wheeler
12:22 PM pfSense Packages Bug #8676 (Feedback): PHP7: LCDproc package: Should be good now.
cefd582895c48ea2b96b1b185bfbd45a15d93ff3 Anonymous
03:28 PM Revision 21daa13e: Fixed to be accurate when converting from us to ms: Stephen Jones
02:41 PM Revision 37be6b26: Change us to ms for gateway alarm.: Fixes #8477 looking to be more consitent changed to use ms for gateway alarm.
Thanks to Luke Hamburg for helping with... Stephen Jones
02:19 PM pfSense Packages Bug #8670: HAProxy PHP error: This particular error has been fixed. It may, however, reveal more :( Anonymous
01:55 PM pfSense Packages Bug #8670: HAProxy PHP error: I have also run in to this on 2.4.4.a.20180723.1255 and HAProxy 0.57_5. Upgrading to HAProxy-devel (0.59_1) as sugges... King J
01:42 PM Revision ec445b1a: Correct string missing quotes. Fixes #8681: Jim Pingle
01:03 PM pfSense Packages Bug #8647: PHP7: Snort package: Seeing that on todays snap. Also seeing:... Steve Wheeler
01:03 PM Revision 5e3918ba: Fix PHP error when adding a gateway from interfaces.php. Fixes #8680: Jim Pingle
12:22 PM Bug #8660 (Feedback): php undef constant breaks suricata: Anonymous
12:21 PM Bug #8660: php undef constant breaks suricata: Should be fixed in next update for Suricata 4.0.11_1
025a42c5814aff1dde43cee4d72de87514ca6435 Anonymous
12:01 PM Revision 8701bad8: Fixed #8679: Steve Beaver
11:59 AM Revision d4cebe1f: Fixed #8678: Steve Beaver
10:53 AM pfSense Packages Todo #8682 (Feedback): ACME Account Key registration gives no indication of success or failure, assumes success: Implemented in FreeBSD-ports commit:daa4f30cdf8f Jim Pingle
10:49 AM pfSense Packages Todo #8682 (Resolved): ACME Account Key registration gives no indication of success or failure, assumes success: When registering an account key in the ACME package, the button always changes to a checkmark when the AJAX call fini... Jim Pingle
10:48 AM pfSense Packages Feature #8490 (Feedback): pfSense-pkg-acme: acme_certificates_edit.php - Add ability to specify (vs generate) private key: PR was merged back in May Jim Pingle
08:48 AM Bug #6929: Choosing ZFS during install results in a system that cannot mount root: Jim Pingle wrote:
> If you upgraded to a snapshot that clobbered your @/boot/loader.conf@ contents then you would ne... Satadru Pramanik
07:22 AM Bug #6929: Choosing ZFS during install results in a system that cannot mount root: If you upgraded to a snapshot that clobbered your @/boot/loader.conf@ contents then you would need to re-add the @zfs... Jim Pingle
12:01 AM Bug #6929: Choosing ZFS during install results in a system that cannot mount root: Victor Hooi wrote:
> I hit this issue as well.
>
> The workaround was to trigger the loader mode on bootup, then ... Jim Thompson
08:10 AM Bug #8680 (Feedback): PHP7: Adding a static gateway on an interface when none are already defined causes errors.: Applied in changeset commit:5e3918baca5b4fa378cf4775e7bd9506f4ccbb82. Jim Pingle
07:50 AM Bug #8680 (Resolved): PHP7: Adding a static gateway on an interface when none are already defined causes errors.: ... Steve Wheeler
07:34 AM Bug #8663: gw group - php error on opening: No errors seen opening the page or creating a group in todays snap. Steve Wheeler
07:29 AM Bug #2710 (Resolved): Captive Portal radius accounting negative session time: Since the old releases were insecure and there wasn't much reason to keep them available, we locked those down to pre... Jim Pingle
07:19 AM Bug #8661 (Resolved): Cannot view or edit firewall rules in 2.4.4.a.20180717.1700: Jim Pingle
12:07 AM Bug #8661: Cannot view or edit firewall rules in 2.4.4.a.20180717.1700: Do not observe the issue on latest for creating, editing and deleting FW and NAT rules Constantine Kormashev
07:18 AM Bug #8640 (Resolved): PHP Error: Jim Pingle
12:09 AM Bug #8640: PHP Error: Do not observe the issue on latest for creating, editing and deleting NAT rules for any type of NAT Constantine Kormashev
07:18 AM Bug #8429 (Resolved): radvd/IPv6 broken in 2.4.3 when using a LAN bridge: Jim Pingle
04:00 AM Bug #8429: radvd/IPv6 broken in 2.4.3 when using a LAN bridge: Tried again with 4 ifaces, do not observe the issue Constantine Kormashev
12:12 AM Bug #8429: radvd/IPv6 broken in 2.4.3 when using a LAN bridge: setup bridge from LAN, OPT1 and OPT2
setup stateless RA on LAN
connected to vswitch which is used by LAN
obtained ... Constantine Kormashev
07:16 AM Bug #8653 (Resolved): Spurious HA XMLRPC Sync Error after move to PHP7: Jim Pingle
06:31 AM Bug #8653: Spurious HA XMLRPC Sync Error after move to PHP7: do not observe the issue on latest, different settings FW, NAT, VIP synced without errors Constantine Kormashev
07:02 AM Bug #8678 (Resolved): unexpected error string on web page services_dhcpv6.php: Anonymous
04:50 AM Bug #8678 (Resolved): unexpected error string on web page services_dhcpv6.php: In case any actions are performed on services_dhcpv6.php error string appears at the page's frame:... Constantine Kormashev
07:02 AM Bug #8679 (Resolved): error in services_router_advertisements.php after clicking on Save button: Anonymous
04:53 AM Bug #8679 (Resolved): error in services_router_advertisements.php after clicking on Save button: The error occurs in services_router_advertisements.php after clicking on Save button... Constantine Kormashev
04:19 AM Bug #8656: PHP Error - Firewall Scheduler: Do not observe the issue on latest with creating, editing and deleting schedules and FW rules that use these schedules. Constantine Kormashev
12:09 AM pfSense Packages Feature #8517: OpenConnect client: should be a package.
pull requests accepted for review. Jim Thompson

07/22/2018

10:33 PM Bug #6929: Choosing ZFS during install results in a system that cannot mount root: I hit this issue as well.
The workaround was to trigger the loader mode on bootup, then enter the commands:
loa... Victor Hooi
03:16 PM pfSense Packages Bug #8676 (Resolved): PHP7: LCDproc package: Warnings shown after upgrading from 2.3.4p1:... Steve Wheeler
02:52 PM Bug #8477: Gateway latency, units used inconsistently.: Personally I can live with seeing '0.196ms' there. Let's see what Stephen suggests when he gets gets the feedback.
... Steve Wheeler
02:28 PM Bug #8477: Gateway latency, units used inconsistently.: Steve:
For the first case (rc.gateway_alarm), how about the change I suggested over on the github commit?
https://g... → luckman212
01:55 PM Bug #8477: Gateway latency, units used inconsistently.: System log now shows:... Steve Wheeler
02:04 PM Revision 3ea92441: Fix ID issues when edit/delete DNS Forwarding rule: jburel-clever-age
10:58 AM Todo #6998 (Resolved): Create a port for simplepie to keep it updated and use modular version: Jim Pingle
03:19 AM Todo #6998: Create a port for simplepie to keep it updated and use modular version: It works, tried with netgate and reuters RSS Constantine Kormashev

07/21/2018

10:33 PM Feature #1831: Captive portal IPv6 support: Bump. Its 2018, how is this still a thing. Brandon Jackson
01:18 PM Bug #8675 (Resolved): 2.4.x nightly: Warning: A non-numeric value encountered in /etc/inc/unbound.inc on line 85: This has been corrected in the current snaps Anonymous
01:00 PM Bug #8675 (Resolved): 2.4.x nightly: Warning: A non-numeric value encountered in /etc/inc/unbound.inc on line 85: I was adding a new static mapping in the DHCP server and saw this warning at the top of the page when saving.
Curr... Greg Hulands
09:58 AM pfSense Packages Bug #8670: HAProxy PHP error: Yup, using Haproxy-Dev works. This is for PHP migration. Chris Macmahon
06:02 AM Bug #2710: Captive Portal radius accounting negative session time: @Jim P : would it be possible to have access to any old 2.0.1 ISO for testing?
I didn’t arrived to find one on inter... A FL

07/20/2018

10:09 PM Bug #8674 (Resolved): Switching IPsec phase one to vti from Tunnel IPv4 and back yields unexpected behavior: On 2.4.4.a.20180720.1418, create a site-to-site IPsec tunnel, with Tunnel IPv4 selected as the mode for the phase two... Anonymous
09:09 PM Revision 742cc9ae: routing, when a new pppoe connection is made the gatewaymonitor should be started before decisions about default route can be properly made. also for 'automatic' provide a fallback to the first enabled gateway thats configured, just in case..: PiBa-NL
08:56 PM Revision 7ed7a9f0: ELiminate 8 char restriction on "legacy" password: Fix spelling error Steve Beaver
07:17 PM Bug #6477: Sample bounds can jump around for custom timer periods on Status > Monitoring: On 2.4.4.a.20180720.1418, cannot reproduce. At one hour time period, with one minute resolution, the graph looks fine. Anonymous
07:13 PM Feature #8187: Gateways, allow for configuring a gatewaygroup as the default gateway. #3781: On 2.4.4.a.20180720.1418, once a gateway group is created, the user is able to select it as the default gateway at Sy... Anonymous
06:08 PM Bug #8648 (Resolved): php dynamic dns status widget error: Jim Pingle
06:07 PM Bug #8648: php dynamic dns status widget error: On 2.4.4.a.20180720.1418, the DynDNS widget can be added to the Dashboard, with no Dynamic DNS clients configured, wi... Anonymous
06:08 PM Revision b1e7a0b0: Fix PHP7 error due to lack of int casting for gateway weight when making rules.: Jim Pingle
06:07 PM Revision b2c97ede: Fix PHP7 array issue in array_merge_recursive_unique(): Jim Pingle
06:04 PM Bug #8673: Bridge interface php error: The following shows up in a crash report:... Anonymous
06:00 PM Bug #8673 (Resolved): Bridge interface php error: On 2.4.4.a.20180720.1418, go to Interfaces > Assignments, then to Bridges. Click Add and select interfaces to make a ... Anonymous
05:57 PM Bug #8658 (Resolved): Bridge Route Gateway section shows empty undere OpenVPN settings: Jim Pingle
05:51 PM Bug #8658: Bridge Route Gateway section shows empty undere OpenVPN settings: On 2.4.4.a.20180720.1408, with OpenVPN Remote Access in TAP mode the Bridge options show up and are usable. With peer... Anonymous
05:21 PM pfSense Packages Bug #8670: HAProxy PHP error: I suspect your using 'haproxy' package? Can you verify that haproxy-devel is working properly? Pi Ba
09:11 AM pfSense Packages Bug #8670 (Resolved): HAProxy PHP error: On update to snapshot 2.4.4.a.20180718.2256:
HA Proxy errors with PHP:
PHP ERROR: Type: 1, File: /usr/local/pkg/h... Chris Macmahon
05:11 PM Bug #8381 (Resolved): Cert manager requires fields that aren't necessary: Jim Pingle
03:14 PM Bug #8381: Cert manager requires fields that aren't necessary: On 2.4.4.a.20180720.1408, the only required field is common name to create a certificate. It is now possible to creat... Anonymous
05:08 PM Bug #8664 (Resolved): DynamicDNS client does not use custom check IP service: Jim Pingle
04:02 PM Bug #8664: DynamicDNS client does not use custom check IP service: On 2.4.4.a.20180720.1408, works as expected. If a custom check IP service is added, pfSense will use it. Anonymous
04:30 PM Feature #8598: Add IPsec identifiers to Status > IPsec: On 2.4.4.a.20180720.1408, IPsec IDs like con1000: #1 (phase one) and conn1000: #2 (phase two) show correctly on the S... Anonymous
01:20 PM pfSense Packages Bug #8449 (Resolved): FRR 4.0 zebra daemon crashes: This looks good with FRR 5.0.1. zebra is still running, no crashes, I'm getting routes from BGP and OSPF Jim Pingle
12:01 PM pfSense Packages Bug #8449: FRR 4.0 zebra daemon crashes: for the part bgp that interests me, in lab IPV4 ok. I let it run and I will test the bugs I have in the previous vers... xavier Lemaire
04:09 AM pfSense Packages Bug #8449: FRR 4.0 zebra daemon crashes: lets go to my sandbox ... xavier Lemaire
01:11 PM Bug #8653 (Feedback): Spurious HA XMLRPC Sync Error after move to PHP7: I can't reproduce this on current snapshots after fixing some PHP errors. It's possible this was from the secondary e... Jim Pingle
12:19 PM pfSense Packages Bug #8476 (Feedback): OpenVPN Client Export TLS Key Direction Directive Location: Done in v1.4.16, will be in snapshots shortly. Jim Pingle
11:38 AM pfSense Packages Bug #8476: OpenVPN Client Export TLS Key Direction Directive Location: See also https://github.com/pfsense/FreeBSD-ports/pull/529 but I plan on committing a slightly different fix. Jim Pingle
12:19 PM pfSense Packages Todo #8671 (Feedback): Add "V83" to Yealink T38G (2) download label: Done in v1.4.16, will be in snapshots shortly. Jim Pingle
11:35 AM pfSense Packages Todo #8671 (Resolved): Add "V83" to Yealink T38G (2) download label: Yealink firmware V83 changed to use paths similar to the existing "T38G (2)" export option.
https://forum.netgate... Jim Pingle
12:18 PM pfSense Packages Todo #8672 (Feedback): Update OpenVPN client export with OpenVPN 2.4.6 rev 2 and 2.3.18 rev 2: Committed to master for snapshots.
security/openvpn-client-export updated to 2.4.6
security/pfSense-pkg-openvpn-c... Jim Pingle
11:37 AM pfSense Packages Todo #8672 (Resolved): Update OpenVPN client export with OpenVPN 2.4.6 rev 2 and 2.3.18 rev 2: Client export package needs updated with the latest OpenVPN installers. Jim Pingle
08:50 AM pfSense Packages Bug #8668: im getting root: pkg help Child process pid=91546 terminated abnormally: Segmentation fault: im also getting ERROR: It was not possible to identify which pfSense kernel is installed
Netgate SG-4860 - Serial: 1... Steven Runghen
08:44 AM pfSense Packages Bug #8668 (Rejected): im getting root: pkg help Child process pid=91546 terminated abnormally: Segmentation fault: Hello,
This site is not for support and diagnostic discussion. Please post on the forum ( https://forum.netgate.co... Jim Pingle
08:23 AM pfSense Packages Bug #8668 (Rejected): im getting root: pkg help Child process pid=91546 terminated abnormally: Segmentation fault: im getting [2.4.2-RELEASE][admin@gladiator.kalexius.com]/root: pkg help Child process pid=91546 terminated abnormally... Steven Runghen
08:08 AM Bug #8667 (Resolved): VU#857035 - IKE Protocol Vulnerability: From CERT. There may not be much we can do here but wait for an update to strongSwan if it's even viable (see conclus... Jim Pingle
07:45 AM Bug #7138: Pfsense wide dhcpv6 client doesn't recognise ifid statement: This is not supported on FreeBSD yet. Lets track the progress of FreeBSD's open ticket and when it's available there ... Renato Botelho
07:14 AM Bug #8665 (Not a Bug): ipv6: ULA adresses on different VLAN inaccesible after pfsense restart: To further check some issues I'm having with ipv6 ULA addresses, I created a test setup.
(see here: https://forum.ne... Tanya Severeyns
03:20 AM Bug #2710: Captive Portal radius accounting negative session time: Hi,
I think the root cause of this issue was captiveportal that was sending the wrong stop-time to RADIUS_ACCOUNTI... A FL
12:20 AM pfSense Packages Bug #6235: Snort sometimes crashes during rule update process (specifically related to VRT .so rule update?): I also have the same problem.. nearly every night on the rule update process the snort service
dies or isn't coming ... Frank Seidel

07/19/2018

09:31 PM Revision 040a1579: Changed ms to us Fixes #8477: Stephen Jones
08:02 PM Bug #8477: Gateway latency, units used inconsistently.: Since I think "ms" is much more widely used and easier to comprehend, how about using ... → luckman212
04:40 PM Bug #8477 (Feedback): Gateway latency, units used inconsistently.: Applied in changeset commit:040a1579e474290abfc7a4a445e310ce8e462847. Anonymous
04:28 PM Bug #8477 (Assigned): Gateway latency, units used inconsistently.: Anonymous
07:06 PM Revision be060079: Teach DynDNS to use custom IP check services. Fixes #8664: Jim Pingle
03:34 PM Bug #7599 (Closed): System->Update unavailable in WebGUI after connection failure during update: I can't reproduce this on recent versions. I have download failures regularly for a variety of reasons and all I need... Jim Pingle
02:50 PM pfSense Packages Bug #8449 (Feedback): FRR 4.0 zebra daemon crashes: Package has been moved to use FRR 5.0.1 for testing, allegedly the crashes are fixed. Needs testing. Jim Pingle
02:47 PM Bug #8604 (Resolved): Race condition in NAT reflection filter rules leads to ruleset load failure: Only system we had exhibiting this condition is fixed after the commit above. Closing. Jim Pingle
02:43 PM Bug #6477 (Feedback): Sample bounds can jump around for custom timer periods on Status > Monitoring: Jim Pingle
02:36 PM Bug #8664: DynamicDNS client does not use custom check IP service: Tested here with the patch and the custom check ip service appears to work as expected. Anonymous
02:20 PM Bug #8664 (Feedback): DynamicDNS client does not use custom check IP service: Applied in changeset commit:be06007945169dba5c61407347141bcff52a38f6. Jim Pingle
02:03 PM Bug #8664 (Resolved): DynamicDNS client does not use custom check IP service: From a pfSense install behind NAT, at Services > Dynamic DNS, add a dynamic DNS client, then on the Check IP services... Anonymous
02:07 PM Revision 9025112e: Fix PHP7 error in miniupnpd.inc: Jim Pingle
12:40 PM Revision 7511a857: Config/Configuration in breadcrumbs: Steve Beaver
09:38 AM Bug #2957 (Resolved): stop/start accounting Captive Portal: Jim Pingle
09:31 AM Bug #8643 (Resolved): IPsec not working on latest 2.4.4 snap: Anonymous
09:30 AM Bug #8630 (Resolved): Web-GUI PHP error in brige after removing all interfaces were in bridge: Anonymous
09:29 AM Bug #8656 (Resolved): PHP Error - Firewall Scheduler: Anonymous

07/18/2018

08:59 PM Revision 857533db: Fixes #8661 PHP7 illegal string offset: Stephen Jones
08:10 PM Revision a2a60a07: Fixes #8659 PHP7 Illegal string offset and count: Stephen Jones
04:49 PM Bug #2957: stop/start accounting Captive Portal: This Bug has been resolved in https://github.com/pfsense/pfsense/commit/ab225849ced6756452b0244abb9d42db4830b68f
An... A FL
04:18 PM Bug #8656: PHP Error - Firewall Scheduler: Stephen Jones wrote:
> Applied in changeset commit:4114a6aec4a5e8d1428df33a3f966b786c328d73.
Have updated and can... B C
04:10 PM Bug #8661 (Feedback): Cannot view or edit firewall rules in 2.4.4.a.20180717.1700: Applied in changeset commit:857533dbe0896de58441f23ec84f94c0d3d8e112. Anonymous
12:49 AM Bug #8661 (Resolved): Cannot view or edit firewall rules in 2.4.4.a.20180717.1700: When trying to view the firewall rules, the following error occurs.
Warning: Illegal string offset 'seq' in /etc/i... Greg Hulands
03:25 PM Revision 7c957a56: PHP7 fixed illegal argument supplied foreach(): Stephen Jones
03:20 PM Bug #8659 (Feedback): DHCPv6 Server removing a static mapping throws error.: Applied in changeset commit:a2a60a0738a1c05f319e534f0fd5f49ad7540728. Anonymous
03:01 PM Revision ab548c02: PHP7 fixed illegal string offset: Stephen Jones
01:08 PM Revision 809438b4: Fixed #8663: Steve Beaver
12:30 PM Revision 560dd92c: fixed #981: Steve Beaver
12:01 PM Revision d48a12db: Revise ACB settings breadcrumbs: Steve Beaver
11:51 AM Bug #8639 (Resolved): Unable to boot zfs on root: Multiple tests and user feedback on the forum confirm this is now working properly, closing Jim Pingle
07:31 AM Bug #8639 (Feedback): Unable to boot zfs on root: Latest snapshot upgrades OK from a VM that previously failed. Everything should be OK now, but additional feedback fo... Jim Pingle
09:13 AM Feature #8084: Implementação do Login Social no Captive Portal: Since most Social Logins (at least Facebook/Twitter/Google+/Github/Reddit/etc...) are using Oauth for authenticating ... A FL
08:38 AM Bug #8603: PPP WANs do not work on VLANs on current snapshots: No, but it shows that a newer build works with an older kernel. So it's not a configuration or a package issue. Enzo Laroche
07:53 AM Bug #8603: PPP WANs do not work on VLANs on current snapshots: Yeah.... but that's not the way to fix bugs ;) Dirk Steingäßer
07:49 AM Bug #8603: PPP WANs do not work on VLANs on current snapshots: Reverting to an older kernel solved it for me Enzo Laroche
08:16 AM Feature #8202 (Resolved): Captive portal: add support for setting traffic quotas: Jim Pingle
08:11 AM Feature #8202: Captive portal: add support for setting traffic quotas: Duplicate of #1932
+
Pull request https://github.com/pfsense/pfsense/pull/3453 has been implemented
This issue c... A FL
08:10 AM Bug #8663 (Resolved): gw group - php error on opening: Anonymous
07:38 AM Bug #8663 (Resolved): gw group - php error on opening: 2.4.4-CE Tue Jul 17 17:00:22 EDT 2018
When opening https://x.x.x.x/system_gateway_groups.php I get an error:
Wa... Vladimir Lind
07:19 AM pfSense Packages Todo #8662: FFR OSPF Cleartext Password Lengths: Oops clicked on the wrong target version <:o) Andy Kniveton
07:18 AM pfSense Packages Todo #8662 (Resolved): FFR OSPF Cleartext Password Lengths: OSPF password length can be input over 8 characters in length.
Could the field be checked for length at save time... Andy Kniveton
07:14 AM Feature #2143 (Resolved): Captive Portal - RADIUS - attribute: Acct-Terminate-Cause: Jim Pingle
07:03 AM Feature #2143: Captive Portal - RADIUS - attribute: Acct-Terminate-Cause: Pull request https://github.com/pfsense/pfsense/pull/236 has been merged in 2013.
The feature is working well.
T... A FL
07:14 AM Feature #1932 (Resolved): Captive Portal add RADIUS attributes for traffic quotas: Jim Pingle
07:12 AM Feature #1932: Captive Portal add RADIUS attributes for traffic quotas: Pull request https://github.com/pfsense/pfsense/pull/3453 has been implemented
This issue can be marked as resolved A FL

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

08/16/2018

08/15/2018

08/14/2018

08/13/2018

08/12/2018

08/11/2018

08/10/2018

08/09/2018

08/08/2018

08/07/2018

08/06/2018

08/05/2018

08/04/2018

08/03/2018

08/02/2018

08/01/2018

07/31/2018

07/30/2018

07/29/2018

07/28/2018

07/27/2018

07/26/2018

07/25/2018

07/24/2018

07/23/2018

07/22/2018

07/21/2018

07/20/2018

07/19/2018

07/18/2018