Activity
From 11/12/2018 to 12/11/2018
12/11/2018
-
08:10 PM Revision 230c1808: Fix DigitalOcean DynDNS client
- Fixes the check on the return value since it's been updated to use
HTTP/2 syntax. Also adds logic to allow using `@` ... -
08:10 PM Revision 0d79ff69: Merge pull request #4019 from GrantSheehan/master
-
- (cherry picked from commit d36e5a49e6104c52bca2153eba45709d5af99599)
-
-
04:43 PM pfSense Packages Bug #9177: FRR 0.2_4 installation broken with pfSense 2.4.4_1
- Jim's reasoning turned out correct. A reinstall of 2.4.4, upgrade to p1 and package installation worked 100%.
This s... -
04:27 PM
Bug #9059: Update Unbound to 1.8.1
- Ben Hohendorf wrote:
> As per my thread on reddit, https://www.reddit.com/r/PFSENSE/comments/9wjjo2/sg3100_hard_cras... -
03:54 PM
Bug #9059: Update Unbound to 1.8.1
- As per my thread on reddit, https://www.reddit.com/r/PFSENSE/comments/9wjjo2/sg3100_hard_crash/
After updating my ... -
- (cherry picked from commit 4c6e3de40f56a1bd8d978a9dd4677d0ab025b8cb)
-
- 02:45 PM Revision 3409b0f6: Minor fixes related to #9121
- (cherry picked from commit 6f9729c0a53be67ced6d52e6e33dba6b237083ab)
-
02:44 PM Revision 04c64709: Fixed regression where calling station id was removed from openvpn
- (cherry picked from commit 95f3d049bfead1c6faf04c8a626a7ce868f8b6f8)
-
- (cherry picked from commit 592bec817f152a7536572a675079776138827cc8)
-
- Testing is super easy with ACME/LE certs. Edit the cert entry, check the box for stapling, and then renew the cert. I...
-
- Applied in changeset commit:4c6e3de40f56a1bd8d978a9dd4677d0ab025b8cb.
-
-
- PR merged and picked back to RELENG_2_4_4
-
- PR is at https://github.com/pfsense/pfsense/pull/4019 and needs tested/merged/picked
-
- Commit pushed to the installer to correct the install-time label generation. Should be fixed in the next new snapshot...
-
- Also note: This does not affect GPT installs, only ufs/MBR that I've seen thus far. GPT uses the GPT id in fstab, MBR...
-
- The installer still needs fixed so it doesn't generate an incorrect fstab.
I have pushed a workaround that will a... -
-
- We have confirmed it does affect the CE installer. Still checking on potential causes.
-
- I understood it correctly, and it's behaving exactly as expected. The system adds an internal "override" entry for th...
-
09:06 AM Bug #9190: host override for pfsense box DNS name does not override IP of LAN interface
- Jim Pingle wrote:
> Adding multiple overrides will return multiple records, not override the previous result.
>
>... -
- Adding multiple overrides will return multiple records, not override the previous result.
If you must have a diffe... -
- Setting up a hostoverride in _Services -> DNS Resolver -> Host Overrides_ for the name of the pfSense box itself (con...
-
- Fix also picked back to RELENG_2_4_4
-
- There was a forum user that reported a connectivity issue due to old/crusty olsrd settings that couldn't be removed b...
-
- Duplicate of #628
And it's really not a problem for HAProxy at all. There is no problem with binding haproxy to an... -
08:26 AM Bug #9191 (Duplicate): Cannot use HAProxy due to WebGUI
- Entering this as a bug since as it prevents standard use functionality. Suspect that this issue exists across all ve...
-
05:57 AM Feature #8187: Gateways, allow for configuring a gatewaygroup as the default gateway. #3781
- It seems gateway ordering it's broken.
Changes are not retained after I change the order and Save in system_gateways... -
04:33 AM Bug #9189: Broken host overrides in DNS resolver (sometimes)
- Sorry but you have not shown this to be happening... As I brought up over 2 years ago you sure your client is not poi...
12/10/2018
-
-
-
02:45 PM Bug #9189 (Rejected): Broken host overrides in DNS resolver (sometimes)
- Expected behavior:
If we have host override in pfSense "DNS resolver", pfSense should never ever return public IP fo... -
- PR is at https://github.com/pfsense/pfsense/pull/4020 and has been merged
RFC3580 is for 802.1x, not OpenVPN or R... -
- The captive portal underwent a major rewrite after 2.4.3-p1. You must upgrade to 2.4.4-p1 and test again before openi...
-
12:19 PM pfSense Packages Bug #9188 (Resolved): Suricata GUI Package fails to send SIGHUP to the Suricata binary process when truncating/rotating the log files
- The log truncation and rotation code in the Suricata GUI package is not sending a SIGHUP to the running Suricata proc...
-
06:40 AM Bug #8963: 2.4.4 Limiters don't work after CARP fail-over
- Hello,
I bought a Netgate HA bundle and I found the same bug #8963 together with release 2.4.4-p1.
Clear, because...
12/09/2018
-
09:17 PM Todo #8821: Remove Growl Notifications
- Regarding Growl, until the latest is x version we just didn’t have a lot of need to put out a new release. Things wor...
-
06:06 PM Bug #9187 (Resolved): Status->Interfaces doesn't show useful data for lagg
- I have a lagg with two ixl members. On top of that I have a few VLANs. In the attached screenshot, TRUNK is the lagg....
-
05:53 PM
Todo #9186 (Rejected): Features in captive portal with large number of users
- I am using Pfsense version 2.4.3p1 with the number of user captive portal is nearly 1000.
There is a problem here th... -
11:18 AM Bug #9178: openvpn.auth-user.php: calling_station_id was removed
- As mentionned on on the github PR, the best would be that *calling_station_id* contains the MAC address linked to the...
-
10:56 AM pfSense Packages Bug #7437: Mail Report package 3.1 removed support for STARTTLS
- In my opinion, it is better to set SMTPAutoTLS to TRUE because :
1 - if both actors (client and server) can use ST... -
- Pull request created : https://github.com/pfsense/FreeBSD-ports/pull/600
-
- I just done the modifications.
I will push them on the github.
But this is my first contribution to a project thr... -
- Pull request created : https://github.com/pfsense/FreeBSD-ports/pull/600
-
- i forget a ) in the code, the good one is :
$addresses = explode(",", $config['notifications']['smtp']['notifyemai... -
- In the field smtpnotifyemailaddress on the system_advanced_notifications.php we can put pultiple mail addresses with ...
-
09:06 AM Bug #9059: Update Unbound to 1.8.1
- Tim Harman wrote:
> I'm an idiot.
Been there, done that.
Should the advanced config be entered as two separate... -
07:10 AM Bug #9184 (Duplicate): TCP packet fragments over IPSEC ESP are not reassembled or forwarded
- Hi all,
I have an IPSEC VPN between PFsense and a Cisco ASA. The ASA does fragmentation before encryption (ASA com... -
03:53 AM
Bug #8970 (Resolved): Queues Menu item ends with ":"
-
12:57 AM Bug #8970: Queues Menu item ends with ":"
- I checked German language menu and did not observe the issue.
-
- I checked the issue on latest 2.4.5-DEV and did not observe it. Gateways and their routes were successfully deleted a...
-
- I checked files on latest 2.4.5-DEV and found only OLSRD mention in /etc/pfSense.obsoletedfiles and that is all.
12/08/2018
-
12:42 PM pfSense Packages Feature #6022: Consider MLVPN for bonded VPN
- +1 here...
Some countries, like where I am, we don't have a larger uplink DSL than 1MB!
more than 1MB should ha... -
12:32 PM Feature #8546: Ability to download pfSense updates via another gateway
- Going back on this issue to give an update :
Actually, I ended up implementing that by explicitly setting a gateway ... -
07:48 AM Bug #9183: OpenVPN Lagg Interface not working after restart or new start
- What ? Really why is it possible to choose a openvpn interface in the lagg config if it is not supported ?
Who mak... -
- LAGG is not technically supported for OpenVPN. It may happen to work by coincidence, but it's not a configuration we ...
-
- I configured a LAGG Interface with 4 openvpn tap connections with round robin mode.
After a reboot or if i start t...
12/07/2018
-
- (cherry picked from commit ed76624bf01c0d1718d427919145bf4e5f949264)
-
-
06:40 PM Bug #9182 (Resolved): SWAP not working after clean install
- After 2.4.4_1 clean install, I realized swap is improperly configured (and not working of course). I used the automat...
-
- Fixes the check on the return value since it's been updated to use
HTTP/2 syntax. Also adds logic to allow using `@` ... -
- Applied in changeset commit:ed76624bf01c0d1718d427919145bf4e5f949264.
-
- When signing a CSR, selecting SHA512 yields an input error claiming the selected algorithm is invalid.
I can repro... -
- Clients self-generate those, not the firewall. The "LAN Net" Macro (really the interface name in pf) includes the con...
-
12:51 PM Bug #9168: "LAN net" Does Not Include the IPv6 Addresses Like Link Local Addresses and Privacy Addresses
- How about the "privacy addresses?" I'm assuming pfSense is generating them as part of the Privacy Exentions to SLAAC...
-
12:57 PM
pfSense Packages
Bug #9181 (Resolved): Spelling error in gwled package (0.2.4_1)
- At Interfaces > Gateway Status LEDs, periodic is misspelled as ...
-
- I appear to be having the same issue with pfSense 2.4.4-1:
https://forum.netgate.com/topic/138335/2-4-4_1-unbound-... - 12:45 PM Revision f0dd942c: Merge pull request #4020 from wokis/master
-
-
08:04 AM Bug #9179 (New): NAT reflection fix implemented for #8604 is causing WebUI and XMLRPC to fail on slave
- Ref: https://github.com/pfsense/pfsense/commit/6f8e648f5c88e04166539ab27872b13dfd587cb8 which fixed #8604
Whenever... -
- I can't replicate this on 2.4.4-p1.
Looks like you messed up the package repositories on that box somehow, like ma... -
05:16 AM pfSense Packages Bug #9012: Captive Portal authentication in Squid Proxy Server does not work
- In */etc/inc/captiportal.inc* (ee /etc/inc/captiveportal.inc)
approximatively line 699 (3128 = proxy port)
####... -
- Hello,
In commit f15fdef37ff7c1fcaecc73f2927ba1d7775032b0 the attribute calling_station_id was removed from openvp... -
03:35 AM pfSense Packages Bug #9139: telegraf: add ping for default gateway(s)
- Maybe a upgrade to telegraf 1.7 is sufficient to get ping working ?
From 1.7 changelog #4227: Use same flags for all...
12/06/2018
-
-
- The package doesn't like 2.4.4+...
-
- I fixed the typo but did not bump the package for that minor of a change. The fix will come with whatever update happ...
-
03:22 PM
pfSense Packages
Bug #9176 (Closed): Spelling error in Acme package (0.3.2_4)
- At Services > Acme Certificates > General settings, under Cron Entry, successful is misspelled as ...
-
12:49 PM Bug #9160: OCSP Must-Staple, when checked on the System > Advanced AND on the System > General Setup some IPv6 DNS servers are listed, then the nginx web configurator file will a contain syntax error
- ?! You are right. Forgot all about that one.
Zap my staple story : that "true" one is probably right after all.
Tha... -
- When you have a certificate that requires stapling, you can't disable it or it will break GUI access. Hiding the chec...
-
- Not related, but while I was stapling :...
-
09:40 AM Bug #9175 (Duplicate): pfsense does not send out IPv6 UDP fragments for packets created local
- When using Strongswan as VPN Endpoint on pfsense with IPSEC sometimes "oversized" UDP packets are created in the IKE ...
-
08:45 AM pfSense Packages Bug #9174 (Resolved): Suricata rulesets in 2.4.4_1
- I cannot see rulesets when i create a new interface in Suricata with the Duplicate button from another interface. If ...
-
- There is not enough information here for a valid bug report. I cannot reproduce the problem with only the stated opti...
-
03:31 AM Bug #9172 (Rejected): There were error(s) loading the rules: /tmp/rules.debug
- With NAT Reflection enabled to Pure NAT and option "Automatic create outbound NAT rules that direct traffic back out ...
-
- There is not enough information here for a valid bug report. Please start a thread on the forum at https://forum.netg...
-
04:25 AM Bug #9173 (Rejected): Webgui does not start after reboot
- Hi
I configured my home pfsense to reboot at 4:00 am everyday. However after reboot, the webgui does not restart, ...
12/05/2018
-
- DigitalOcean has updated the returned headers that breaks the check on the return.
-
- (cherry picked from commit f5f79fcc24241f0a76f6a7fe9b32917bee64e393)
-
-
- fe80 is not "LAN Net". It's link-local traffic that can never leave the segment. It shouldn't be hitting the firewall...
-
- Good on latest snap as well.
-
07:49 AM Bug #9163: NPt rule is omitted when /128 mask is given
- Applied from the system patches package and it works perfect
-
- Applied in changeset commit:f5f79fcc24241f0a76f6a7fe9b32917bee64e393.
-
- Note: This also only affects the wizard when setting a static WAN and upstream gateway.
Fix pushed, will show up m... -
- If a gateway existed but was deleted, the config can be left with @<gateways></gateways>@ which leads to a PHP error ...
-
02:53 AM Bug #9169: carriage return handling in OpenVPN custom Options
- Ok, my bad. But this is counter intuitive as the field itself is multi-line capable, and OpenVPN syntaxe doesn't need...
-
02:46 AM Bug #9169 (Rejected): carriage return handling in OpenVPN custom Options
- Separate your custom options with a semicolon as the field instructions and documentation state.
Enter any additio... -
- For one of my OpenVPN server, I use the custom options field to push routes to my client. Eg, I add
push "route 10...
12/04/2018
-
- The Default Allow rule that pfSense generates on the LAN for IPv6 traffic are supposed to allow all IPV6 traffic from...
-
- According to:
https://tools.ietf.org/html/rfc4890#section-4.3.1
"4.3.1. Traffic That Must Not Be Dropped
Err... -
- Please read the upgrade guide. Looks like normal errors that happen during the upgrade from a version <= 2.4.3 to >= ...
-
02:16 PM Bug #9166 (Not a Bug): Failed loading extensions
- Hi, I updated to the latest version 2.4.4 release P1, and I'm getting these errors:
PHP Warning: Failed loading Z... -
- (cherry picked from commit e9446f537051c7b536d0b3fbb5ebd00c3766001a)
-
-
12:41 PM Feature #9165 (New): only IPs can be added to sshguard whitelist
- The new sshguard list feature (see #8864) does only allow addition of IP addresses. I do have the need to include DNS...
-
- Reported in the forum: https://forum.netgate.com/topic/138350/npt-rules-are-not-created-and-no-error-warning-appears
-
- Applied in changeset commit:e9446f537051c7b536d0b3fbb5ebd00c3766001a.
-
- NPt validation skips over a valid rule when the mask of either the source or destination is set to /128.
-
10:50 AM pfSense Packages Bug #9164: Snort barnyard2 / pfSense 2.4.4-p1 issue
- Thanks Jim the pkg install -fy mysql56-client has fixed the issue.
-
- That library is a part of mysql56-client-5.6.41 which is there for 2.4.4-p1. If it isn't pulled in by barnyard2 that'...
-
- After updating to 2.4.4-p1 barnyard2 will no longer run as libmysqlclient.so.18 is missing.
Dec 3 16:34:51 php-fpm... -
09:21 AM Bug #9004: Default gateway IPv4 set to a group fails after restart on 2.4.4
- 2.4.4p1 also affected.
-
08:27 AM Bug #9004: Default gateway IPv4 set to a group fails after restart on 2.4.4
- We also experienced this issue today. Had to set the "Default gateway IPv4" setting to WANGW so that pfSense could ge...
-
- All of the bogon rules get the same tracking ID.
And it's blocked because you didn't solicit that request, and you...
12/03/2018
-
05:21 PM Bug #9059: Update Unbound to 1.8.1
- I was asking if:
@server:@
@so-reuseport: no@
was set in 2.4.4-p1. I guess the answer is no it did not. This i... -
05:11 PM
Bug #9059: Update Unbound to 1.8.1
- Isaac McDonald wrote:
> Did this make it into 2.4.4_1 ?
Huh? We're discussing the bug right now, so I can't see ... -
- Did this make it into 2.4.4_1 ?
-
04:53 PM
Bug #9059: Update Unbound to 1.8.1
- I'm an idiot....
-
04:45 PM
Bug #9059: Update Unbound to 1.8.1
- I found this on the unbound mailing list: https://nlnetlabs.nl/pipermail/unbound-users/2018-October/010991.html
> ... -
04:38 PM
Bug #9059: Update Unbound to 1.8.1
- I can confirm I see the same after 2.4.4-p1...
-
- I updated Unbound to 1.8.1
@pkg update; pkg upgrade unbound@
After the upgrade I found that Unbound appears ... -
04:59 PM Bug #9162 (Not a Bug): Bogon rule confusion?
- WAN 0.0.0.0:68 255.255.255.255:67 UDP
block bogon IPv6 networks from GIF (11000)
I am unclear how (DHCPv4 b... -
- I am requesting that the rule descriptions in Status -> System Logs -> Firewall be shown for disabled rules and rules...
-
- ... and the result will be : no more GUI.
To begin with, one should have a certificate with the "OCSP Must Staple"... -
- I am requeting an option in Status -> System Logs -> Firewall to filter on the Rule ID #.
-
03:49 PM Revision 2ce775ca: Add Korean to the list of available languages
-
-
-
-
-
12/02/2018
-
03:25 PM pfSense Packages Todo #9158 (Resolved): Updates for Squid 4.x
- hi
the version 4 of squid proxy for "production use" are available
and it's seems that provide better support f...
12/01/2018
-
05:59 PM Feature #8578: /var/unbound/test/unbound_server.pem: No such file or directory
- Cannot restore 'DNS Resolver' or 'All' from browser, both result in NGINX error (500 I think, I didn't write it down)...
-
- I deselected OPT3 (the interface with the changed IP address) from Unbound listening but it makes no difference. When...
-
- I changed the IP address of my OPT3 interface today and now have the same error. Unbound was already listening on thi...
11/30/2018
-
- I'm testing via System Patcher since https://github.com/pfsense/pfsense/pull/3998 went into approved/needs testing an...
11/29/2018
-
04:43 PM Feature #9157 (Rejected): Allow custom DHCP Options per Host
- I have a few raspberry pi's that need a specific option 60 and option 43 in order to do PXE Booting. Setting those op...
-
10:16 AM
Bug #8970 (Feedback): Queues Menu item ends with ":"
- I am now unable to reproduce this.
When first investigating this issue I found that "warteschlangen" had a spuriou... -
- Thanks Luiz and Jim!
While on 2.4.4, I manually switched to Worst-case Weighted fair Queueing (WF2Q+) and seems to... -
- Looks good here. New limiters have WF2Q+ as default. When editing a saved limiter with that scheduler, the new descri...
-
- 0.0.0.0/0 is in the left/rightsubnet list and based on forum feedback this appears to be working with multiple third-...
-
- Starting with @<dhcpd></dhcpd>@ in the config I can reproduce the error without the fix and it works with the fix app...
-
- Based on multiple reports of it being fixed with this change I'd say it looks good. If someone has a different variat...
-
-
06:39 AM Feature #9156: OpenVPN: Add tickbox for 'nopool' directive
- Sorry, I try to edit, it should be under Feature.
-
- Please see here:
https://forum.netgate.com/topic/138156/limit-dhcp-ip-range-for-openvpn-clients-gui-only
Can we h... -
- [quote]I believe that without that option, a client-disconnect script won't be called.[/quote]
After the time-out de... -
03:44 AM Feature #9155 (Resolved): Add driver bnxt for Broadcom NetXtreme interfaces
- The driver for Broadcom NetXtreme-C/E cards is missing in pfSense 2.4.4-RELEASE (amd64), despite being present in the...
11/28/2018
-
06:03 PM Bug #9153: default gateway feature not working properly with gateway groups
- Daniele Sorrenti wrote:
> Already reported here: https://redmine.pfsense.org/issues/9004
Thank you. I didn't find... -
-
- Already reported here: https://redmine.pfsense.org/issues/9004
-
09:35 AM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel
- I confirm the problem in the version 2.4.4
-
-
-
- See also: #9153
-
03:43 AM pfSense Packages Feature #6226: Add usb_modeswitch to the pfSense package repo
- i tried on pfsense 2.4.4 with same huawei model
and it worked fine
-
- Applied in changeset pfsense:commit:1b988ed0e7168ada9e6260274f63fd84b15873a1.
-
- update for pfsense 2.4.4
run the following command to support pfsense 2.4.4
pkg add http://pkg.freebsd.org/free... -
12:06 AM Bug #9148: PPPoE over a VLAN fails to reconnect.
- I can confirm this fixes the issue.
I also created a failure upstream bringing down one ppp interface. The rest rema...
11/27/2018
-
10:24 PM pfSense Packages Bug #8761: Port Forwarding Rules Stop Working when HAProxy is Configured
- Tj Ng wrote:
> ACat L. Check your HAProxy's advanced settings. Turn off "Transparent ClientIP" and see if NAT works ... -
08:42 PM pfSense Packages Bug #8761: Port Forwarding Rules Stop Working when HAProxy is Configured
- ACat L. Check your HAProxy's advanced settings. Turn off "Transparent ClientIP" and see if NAT works again.
Captiv... -
-
07:35 PM Revision c9f69485: Do not call interfaces_vlan_configure() every time an interface is edited in GUI.
- This is just necessary when a parent interface is changed and we have to propagate the changes to all clones (MTU, FL...
-
- This is just necessary when a parent interface is changed and we have to propagate the changes to all clones (MTU, FL...
-
04:51 PM Bug #9148: PPPoE over a VLAN fails to reconnect.
- Steve Wheeler wrote:
> There looks to be a good chance this is resolved by this:
>
> https://github.com/pfsense/p... -
02:26 PM Bug #9148: PPPoE over a VLAN fails to reconnect.
- There looks to be a good chance this is resolved by this:
https://github.com/pfsense/pfsense/commit/433a8e71f3b68c... -
- The fix for #9115 has made this much better but I still see these issues:
Editing/Saving the VLAN parent interface... -
- I split the parent interface issue off to #9154 -- this one can be closed.
-
- Looks a lot better here with the new method. Editing the parent is still a problem, however, but that can be split of...
-
- This regression is now fixed and only when really necessary the VLANs will be recreated.
-
-
- See #9115 for details/logs. After fixing #9115, editing other VLAN interfaces works well, but editing the VLAN parent...
-
-
- +1. This problem also affects my environment. Default route is not set after restart if default gw is a group gw, and...
-
- It should be resolved now but it's hard to reproduce. We can revisit if bug show up again
-
- Do not enable it by default for now and move to 2.4.5
-
- Works great now!
-
- Works
-
- Works
-
10:03 AM Bug #9075: Firewall rules with aliases are not applied in upgraded 2.4.4
- I am having this issue too, on at least two of my routers. One is a fresh install of 2.4.4_1 with a config uploaded f...
-
- Works
-
- Daniel Clasen wrote:
> Sorry but I can't see how it is not a topic for the ticket system to ask if that is fixed in ... -
06:05 AM Bug #5319: Error message "No config named" in charon daemon
- Sorry but I can't see how it is not a topic for the ticket system to ask if that is fixed in a newer/supported releas...
11/26/2018
-
- The new default gateway feature introduced in 2.4.4 does not appear to work properly with gateway groups.
Steps to... -
- Just adding a new vlan also brings down all pppoe interfaces, with the same exact error.
-
- I can confirm. After making a change to one of the interfaces and hit apply, my pppoe connection over vlan 6 disconne...
-
- I've improted the same patch to pkg's internal libfetch. It'll be available on pkg-1.10.5_6
-
- Fetch works at the command line but @pkg@ still does not....
-
12:11 PM Feature #9152 (Duplicate): Sort diag_states_summary.php by states
- Small improvement to diag_states_summary.php, sort array by states to put top talkers to the top of the tables.
As... -
09:06 AM Feature #6626: Support for IPv6 firewall entries with dynamic delegated prefix and static host address
- On generating the interface identifier using EUI-64 (based on MAC address), the interface identifier are independed b...
-
08:59 AM Bug #8993: PHP error from filter_rules_sort() when config.xml contains no rules
- Ah, cool! Thanks!
-
- Apply the commit listed above using the System Patches package: https://www.netgate.com/docs/pfsense/development/syst...
-
08:43 AM Feature #9032: RADIUS MAC Authentication: display the login page when MAC auth failed
- Ok, I can confirm this works, if we set our login.php (`Portal page contents`) to the error.php (`Auth error page con...
-
- That is not a topic for the ticket system, however, but something you should ask on the forum. The older versions are...
-
- Jim Pingle wrote:
> Testing on 2.4.2 is meaningless. That version is over a year old and 4 (almost 5) releases behin... -
- Testing on 2.4.2 is meaningless. That version is over a year old and 4 (almost 5) releases behind, and several strong...
-
- Still present in 2.4.2-RELEASE-p1
Took me a full day to figure out that this was the problem... Will the bug be fixe... -
- Maybe it would be better to update status immediately after changing, redraw menu with state what would be the result...
-
- IT happens because menu will only change after SSHd is really configured and running and it takes some time depending...
-
- If SSH is disabled from menu, the menu might entry still show Disable Secure Shell. And vice versa if SSH is enabled ...
-
- There is no sync in Quagga or OpenBGPD either.
AFAIR it was done deliberately since in nearly all cases it would b... -
- That's a side effect of how pf parses and reports the rules.
We write out the rule just once with a tracking ID in... -
- Given that issue, this is almost certainly a duplicate of #3334
-
- The @rate@ daemon that gathers data for the table does not support IPv6, which most likely accounts for the discrepan...
11/25/2018
-
- Any way to fix this manually? (i.e. if I don't want to update to dev)
-
03:45 PM Bug #9150 (Resolved): Web authentication RADIUS package shows PHP error if unable to resolve FQDN of RADIUS server
- When the DNS record for the RADIUS server used to configure authentication of the web console was temporarily unavail...
-
- Vladimir Lind wrote:
> Not seeing redirection to block page with enabled MAC block and block URL with IP from the la...
11/24/2018
-
11:56 AM Bug #9149 (Rejected): Continued issues with /tmp and /var in RAM on 2.4
- I've had repeated trouble with upgrades and even non-upgrade-related reboots with pkg configuration. 2.3.5 through 2...
11/23/2018
-
-
- would it be possible to close this issue?
Alternate solutions have been given and this behaviour will likely not ...
11/22/2018
-
- Looks good in:
2.4.5-DEVELOPMENT (arm)
built on Wed Nov 21 05:47:41 EST 2018 -
- PR has been merged. Thanks!
-
- The WF2Q+ was the default scheduler in previous versions, it is well tested and support dynamic queues.
Add a note f... -
- The WF2Q+ was the default scheduler in previous versions, it is well tested and support dynamic queues.
Add a note f... -
-
11:37 AM pfSense Packages Bug #9135: Suricata in inline modus blocks some downloads
- Bill Meeks wrote:
> This bug needs to be reported upstream to the Suricata team. When you use Inline IPS mode, you ... -
- Also include that and Digital Ocean in the help text.
(cherry picked from commit 92c39e9b923792a58b56323a7e2fb46f608... -
-
- In some situations PPPoE fails to reconnect after an upstream outage or making a change locally. The system file logs...
-
- Run it with sudo or use admin/root, not an unprivileged user.
-
10:08 AM Bug #9147 (Rejected): Unable to open /cf/conf/config.xml for writing in write_config() when set easyrule from ssh
- I am using user "ssh" and assinged admins group to ssh pfsense from another server.
When i set easyrule such as "eas... -
- Duplicate of #9119
-
- co da wrote:
> Hi everyone,
> I met crash when set easyrule by command line
> easyrule block lan 192.168.2.2
> me... -
- Hi everyone,
I met crash when set easyrule by command line
easyrule block lan 192.168.2.2
message:
PHP ERROR: Typ... -
07:53 AM Bug #6880: Multiple DHCP6 WAN connections leads to multiple dhcp6c clients
- I have the same issue.
Is there still some work on this bug?
Thanks! -
07:24 AM pfSense Packages Bug #9143: ntopng not displaying values in historical correctly
- I forgot to list versions...
pfSense: ... -
07:18 AM Bug #9145 (Rejected): user based policies with automated client logedon user identification
- It would be great to define policies based on active directory / LDAP or local users and groups.
Also for this to... -
- Sorry everyone, there is some confusion around this bug.
The FIFO scheduler never was the default scheduler and th... -
-
05:19 AM Bug #8914: Gateway switch events cause a huge amount of log spew
- Tested on VM HA cluster - CE 2.4.5-DEVELOPMENT (amd64) built on Tue Nov 20 16:55:31 EST 2018:
No "Gateways status ... -
04:00 AM Bug #8914: Gateway switch events cause a huge amount of log spew
- Not sure what the acceptable level of log spam is:
Nov 22 09:56:56 check_reload_status Reloading filter
Nov 22 0... -
-
-
03:55 AM Bug #9144: Set interface IP address from console crashes if DHCP is selected
- Wasnt able to reproduce the bug with MBT 4220 pfsense version 2.4.4
-
- On 2.4.5-DEVELOPMENT (amd64) built on Tue Nov 20 18:52:24 EST 2018:
: set | grep http
http_proxy 10.1.1.1:31... -
- Tried on 2.4.5-DEVELOPMENT (amd64) built on Tue Nov 20 16:55:31 EST 2018 (ran pfSsh.php playback gitsync master to ...
-
- Also include that and Digital Ocean in the help text.
11/21/2018
-
-
-
07:37 PM Bug #8993 (Resolved): PHP error from filter_rules_sort() when config.xml contains no rules
- Was able to replicate this after verifying <filter></filter> in config, connecting on the Anti-lockout rule, and tryi...
-
- You have to delete all of the rules in the config so it only has @<filter></filter>@
So you'd have to hit it from ... -
01:42 PM Bug #8993: PHP error from filter_rules_sort() when config.xml contains no rules
- I couldn't replicate this one on:
SG-3100
2.4.4-RELEASE (arm)
built on Thu Sep 20 09:33:19 EDT 2018
FreeBSD 11.... -
-
-
- This should fix that: https://github.com/pfsense/pfsense/pull/4017
-
- Tested in:
2.4.5-DEVELOPMENT (arm)
built on Tue Nov 20 08:56:03 EST 2018
The update completes OK:... -
- Using a host override to cause a hostname mismatch on a server with a valid certificate I was able to confirm mail co...
-
11:57 AM
Feature #9001: Add checkbox to disable SSL peer verification for SMTP notifications
- On 2.4.5.a.20181120.0754, feature is present. However, without a misconfigured email server, I can't tell if the feat...
-
-
-
- Tested on CE build from Friday November 16th. Duplicated missing default gateway on primary node after failover and f...
-
03:54 PM
Bug #9121 (Resolved): PHP array reference Cleanup
-
01:40 PM
Bug #9121: PHP array reference Cleanup
- Tested the DNS forwarder configuration that threw the php issue (https://redmine.pfsense.org/issues/9121#note-1), on ...
-
- Applied in changeset commit:c6c398c6c51e48893f658eb6e6c08b47f41b085d.
-
07:47 AM
Bug #9121: PHP array reference Cleanup
- Those two error appear to be unrelated to the original issue. I have pushed a fix for them both.
-
- Applied in changeset commit:9607d4871584890633cd7a70b4f15c1f0951011c.
-
-
02:00 PM Bug #9144 (Resolved): Set interface IP address from console crashes if DHCP is selected
- Steps to reproduce:
- Go to VGA console
- Option 2, Set interface IP address
- go through the wizard, when it asks... -
02:27 PM Bug #9024: Ping packet loss under load when using limiters
- I would try to update this bug to make it more specific to limiters but I don't seem to hav privs
-
- In NTOPNG > Interfaces > Historical it's not displaying traffic values correctly, it seems to cap around 10Mbps.
H... - 01:52 PM Revision 6f9729c0: Minor fixes related to #9121
-
- This is resolved, turns out the issue with ISP, spoke to 'em and they sorted it.
I'm not sure how to close the tic... -
- Installing ntopng failed, it threw this error to ...
-
-
-
12:02 PM
Bug #8937 (Resolved): LAGG shows wrong ether address
- Tested on 2.4.5.a.20181120.0754 gitsync'd to master, works as expected. Lists ether and hwaddr.
-
- Applied in changeset commit:ede4faa74ca16e5ca0fe437beaf7f181eae1b60a.
-
-
-
-
- FRR seems to be missing the option to sync the config viar XLMRPC.
-
-
-
-
-
-
-
05:19 AM Bug #9131: Captive Portal Radius Accounting "unauthenticated"
- Thanks!!
The patch works great.
Federico
11/20/2018
-
- interfaces_carp_set_maintenancemode() calls interface_carp_configure()
to each configured CARP and it ends up reconfi... -
-
- interfaces_carp_set_maintenancemode() calls interface_carp_configure()
to each configured CARP and it ends up reconfi... -
-
04:26 PM Revision 79765f9c: Fix few spelling issues
- Ticket #9134
(cherry picked from commit 85a8f9b0ce0d0fac6f361bc5dfd09c67607020f1) -
-
- Ticket #9131
(cherry picked from commit f790565a7514662b1fe97fc7c79b56838597965c) -
-
- Redmine #9114
(cherry picked from commit 83a6f504d6eb4d1925c4745a6457805fbbe308d9) -
- 04:21 PM Revision a247e5ae: Update src/usr/local/www/vendor/d3/d3.min.js
- Restored d3.min.js
(cherry picked from commit 2dd0ba04705396981dfc6d75ec6910799ba8846d) - 04:21 PM Revision 8efe5c95: Update src/usr/local/www/vendor/d3/d3.min.js
- make sure to only pass valid options when supported by the browser
(cherry picked from commit 125ae17e59a54c2315c683... - 04:21 PM Revision fe794e51: Removed js warnings
- (cherry picked from commit 36742b464a1b4449e52cbd0b539fece507a3b23e)
-
-
-
- Applied in changeset commit:8bffe226d5183dda310dde2a89c78f2d8d79789c.
-
12:50 PM Bug #9024: Ping packet loss under load when using limiters
- Using limiters on an interface, with outgoing NAT enabled, causes all ICMP echo reply packets to drop, coming back in...
-
11:51 AM
Bug #8921 (Resolved): dpinger without .pid files.?. 'pending' status
-
- As already written in the Forum, I would like to know what NIC and Configuration are you using (LACP etc.).
-
09:51 AM Bug #8831: Radvd causes latency spikes
- I was seeing the exact same thing
ServicesDHCPv6 Server & RALANDHCPv6 Server
Disabled the above - the issue mos... -
- PR merged, thanks!
-
-
- PR merged. Thanks
-
-
- PR merged. Thanks!
-
08:55 AM Bug #8294: Icmp redirect doesn't use CARP IP
- Bug still present in 2.4.4
-
08:40 AM Bug #8192: dpinger - Change in ISP link-local IPv6 address drops connectivity
- I spoke with my ISP. It appears as part of a load balancing script on their end the PPPoE session will be dropped an...
-
07:48 AM Bug #9140 (New): Unexpected rule can be displayed when looking up filter log entry with multiple matching rules
- When using Port aliases, in the firewall log, when clicking on 'action' the triggering port seems to always be the fi...
-
-
- It would be nice if telegraf plugin could generate config lines for pinging default gateway.
there's a minor issue... -
- there should be a textarea input for adding extra config lines to telegraf config.
11/19/2018
-
- This bug needs to be reported upstream to the Suricata team. When you use Inline IPS mode, you are using code straig...
-
10:59 AM Bug #8001: Invalid FQDN in alias causes alias table to fail *silently*
- Verified that the bad FQDN doesn't fail the tables any longer.
There's still no error. There should at least be a... -
- Thanks!
-
- Not enough information here for a complete and valid bug report. Post on the forum to discuss and gather more informa...
-
04:26 AM Bug #9137 (Rejected): Fails to assign static IPv6
- I have xbox, static IPv4, and also IPv6, for both Wireless and wired MAC addresses
Wan DHCPv6/56
Lan Tracked
... -
- I also see this, IPv6 static leases disappearing
11/18/2018
-
- Quick up.
I just stumbled upon a scenario where having support for URL Table Alias would be helpful or desirable, ... -
- I'm seeing this again in 2.4.4. Disabling gateway monitoring and gateway monitoring action in 2.4.2 100% resolved th...
-
- Confirmed that a RADIUS server named radius.name was placed into strongswan.conf named radius_name and charon had no ...
-
- Created host alias with these FQDNs
www.pfsense-bug-8001.com
www.google.com
www.yahoo.com
www.netgate.com
www.... -
- I can confirm a positive feedback for the applied changes, but i don't know if we should replicate these changes to o...
-
- The log messages look the same as #9115, might possibly be the same root cause.
-
- IPv6 assigned to inside interfaces seem to lose their assignments one by one over time upon renewal or interface rese...
-
- I'm unable to replicate this is 2.4.4. I configured 3 WANs, all DHCP with one that fails to find a server. Only that ...
-
- Suricata in the inline mode blocks some downloads mostly from Subdomains but some downloads it blocked from normal do...
-
- Ticket #9134
-
- Ticket #9131
-
- There's few typos in captive portal settings page.
I made a pull request ( https://github.com/pfsense/pfsense/pull... -
- Hello,
Thank you for reporting this issue!
I just submitted a pull request fixing it ( https://github.com/pfse...
11/17/2018
-
06:29 PM Bug #9133 (Resolved): "Show all configured leases" does not stay set after deleting a lease
- If you select "Show all configured leases", the setting returns to "Show active and static leases only" if you delete...
-
- When you open up the traffic graph to display the list of hosts and their corresponding bandwidth in / out, the insta...
-
-
- Jim Pingle wrote:
> So this is working OK now?
>
> If so, we can close it out, or mark it as a duplicate of #9019... -
05:05 PM
Bug #9098 (Resolved): Default CRL lifetime of 9999 rolls over at 2038 on ARM
- Tested on 2.4.5.a.20181116.1325, works as expected.
-
11:41 AM Feature #9062: Add "email notification" when the WAN interface change its public IP
- Jim Pingle wrote:
> If you want that, setup dynamic DNS, and it can find the actual public address and notify when i... -
08:27 AM Feature #9130: Request ID [#INC-16195]: DHCP - PXE Boot
- This is what I'm trying to do:
next-server 192.168.5.2;
if exists user-class and option user-class = "iPXE" {
... -
- I wanted to follow up with issue 765 (https://redmine.pfsense.org/issues/765) and see if we can add this issue with a...
-
- Hi,
when setup a Radius Mac auth, pfSense send to external freeradius the value "unauthenticated" as User-Name in Ac...
11/16/2018
-
09:00 PM
Bug #9071: Package restore after fresh install can fail, claiming packages do not exist
- Cannot reproduce on oldest or newest available 2.4.x snapshots. Looks like the issue is no longer present.
-
07:50 PM Bug #8512: PPPoE reconnect fails after interface flap
- I think those topics are related.
https://forum.netgate.com/topic/137790/pppoe-client-goes-down-after-any-other-inte... -
- Replicated in 2.4.4.
Configured CP for auth against local database and added a test user. Changed system language to... -
07:19 PM
Bug #9083 (Resolved): Config upgrade issue with empty IPsec P1
- Tested on 2.4.4, was able to reproduce the bad behavior. Tested on 2.4.5.a.20181116.1325 and the behavior could not b...
-
- On 2.4.5-DEVELOPMENT (amd64) built on Wed Oct 03 17:24:18 EDT 2018 edited config.xml - cut out content between <phase...
-
- Tested on 2.4.5.a.20181116.1325
New user with no privileges receives "No page assigned to user"
After adding "W... -
- If you want that, setup dynamic DNS, and it can find the actual public address and notify when it updates.
Otherwi... -
- I am sorry. It was my mistake that I did not describe the request properly.
Some Internet Service Providers are gi... -
03:28 AM Feature #9062: Add "email notification" when the WAN interface change its public IP
- TCI User wrote:
> It would be helpful if an email is send when the WAN interface change its public IP.
> Here is an... -
11:01 AM
Bug #9100 (Resolved): CA/Cert valid end dates after 2038 are blank on ARM
-
11:01 AM
Bug #9100: CA/Cert valid end dates after 2038 are blank on ARM
- Certificate and CA created with lifetime 7300 which did not properly show the end date in 2.4.4, showed the date fine...
-
10:37 AM Bug #9009: Cannot create Schedule
- Can you create a system patch for this?
-
- Disabling hardware checksums did not disable IPv6 transmit checksum on 2.4.4-RELEASE.
After upgrading to:... -
07:49 AM Bug #9054: Gateway Group slow (or never) to switch back to Tier 1
- HI! After some tests noticed that problem appear only when my "Gateway Group" set as Default gateway
If set WAN1 or ... -
- Confirmed on 2.4.4.
Tested:
2.4.5-DEVELOPMENT (amd64)
built on Sat Nov 10 16:12:27 EST 2018
Disabled rule dr... -
- Duplicate of #4128
-
- Hey guys
I (and a lot of guys outside the internet) prefer a possibility to have choices in the notifications. Like...
11/15/2018
-
06:48 PM
Bug #9121: PHP array reference Cleanup
- Tested on 2.4.5.a.20181114.1947, hit the following php error with a DNS forwarder domain override in place:...
-
- There have been a number of PHP errors on 2.4.4 as a result of uninitialized arrays being used with references. I've ...
-
- Added info to the docs about using the sysctl tunable to work around this. There doesn't appear to be anything more w...
-
12:33 PM
Feature #9104 (Resolved): Add a FAT32 partition to memstick installer images
-
12:31 PM
Feature #9104: Add a FAT32 partition to memstick installer images
- Tested on 2.4.5.a.20181114.2257, works as expected.
-
- PR: https://github.com/pfsense/pfsense/pull/3990
Changes header to remove the "Drag to reorder" text when that fea... -
10:50 AM Bug #9123 (Feedback): Adding/configuring vlan on ixl-devices causes aq_add_macvlan err -53, aq_error 14
- The actual vlan addition/configuring process is triggering error "aq_add_macvlan err -53, aq_error 14" on ixl-devices...
-
- In latest ui it is not possbile to reorder interfaces for defining a failover-lagg-interface.
FreeBSD uses the first... -
- I believe this only affects captive portal logins. We were not able to replicate it any other way. Testing that now....
-
- Tested against:
2.4.5-DEVELOPMENT (amd64)
built on Wed Nov 14 19:48:37 EST 2018
No longer seeing that error on ... -
-
- Imported patch from https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220468 to fix libfetch
-
07:31 AM Bug #9120: dhcrelay crush with error Unsupported device type 24 for "lo0" but listen another ethernet adapter
- !!
-
- There isn't enough information here to form a valid bug report. Please post on the forum at https://forum.netgate.com...
-
- pfsense 2.4.4-RELEASE (amd64)
-
- Nov 15 15:16:24 dhcpd For info, please visit https://www.isc.org/software/dhcp/
Nov 15 15:16:24 dhcpd All righ... -
06:54 AM
Feature #9032 (Resolved): RADIUS MAC Authentication: display the login page when MAC auth failed
-
06:46 AM
Feature #9032 (Closed): RADIUS MAC Authentication: display the login page when MAC auth failed
-
06:49 AM
Bug #8956 (Resolved): traffic shaper after upgrade to 2.4.4 not showing queue under each limiter
-
06:48 AM
Bug #8995 (Resolved): MTU Trouble with Orange is back
-
06:42 AM
Bug #9081 (Closed): signed long rollover in "Log file size (Bytes)" can cause self-inflicted DoS
-
06:39 AM
Bug #9080 (Closed): firewall_nat_1to1.php: PHP error with empty 1:1 NAT rule list
-
-
- 2.4.5-DEVELOPMENT (amd64)
built on Wed Nov 14 23:01:04 EST 2018
On this snap - OK. -
- That snapshot is from before the fix was committed. Try again on the next snapshot, or gitsync.
-
- Getting error on 2.4.5-DEVELOPMENT (amd64) built on Wed Nov 14 10:25:41 EST 2018 FreeBSD 11.2-RELEASE-p4:
[2.4.... -
- Nothing special about the setup. The packages are listed in the output in the problem description.
In this case it... -
-
- Created, edited, assigned QinQ interface - without errors.
11/14/2018
-
- (cherry picked from commit b55d94e80eeed57e39d33c643bf00be6565c1938)
-
-
- I did a fresh 2.4.4 recovery install on SG-3100. After restoring config file with installed packages all worked as ex...
-
- Applied in changeset commit:4be5ed9f144a6d93499fdee6e2a50d0edbed8a98.
-
-
-
-
-
-
- Applied in changeset commit:b55d94e80eeed57e39d33c643bf00be6565c1938.
-
- When the aliases section of config.xml is empty, easyrule fails with a PHP error:...
-
-
-
- Redmine #9114
-
- Fixed in stunnel pkg version 5.47
-
- stunnel wants the private key, certificate, etc all inside a single file. However, it does not ensure that a newline ...
-
- Applied in changeset commit:592bec817f152a7536572a675079776138827cc8.
-
- The OLSRD package was removed long ago (not converted to 2.3) and there is still some code around the base system tha...
-
07:45 AM Bug #9114: Captive Portal Blocked MAC Address Redirect URL not working
>
> The reason why this behavior has been updated is that it was quite strange to display an error message before...-
- Forum link: https://forum.netgate.com/topic/137627/blocked-mac-address-redirect-url-not-working
Well,
It is tr... -
-
02:41 AM Bug #9116: IPsec VTI routes not applied at boot time when gateway monitoring is disabled
- Jim Pingle wrote:
> Applied in changeset commit:ed104a182a95f0ce4e6df76a8c3f0698ff7ce092.
Fix works fine! Tnx! -
11/13/2018
-
- (cherry picked from commit ed104a182a95f0ce4e6df76a8c3f0698ff7ce092)
-
-
- I believe it was accepted.
-
- Testing net.isr.dispatch on the NetGate SG-4860 on a 1 Gbps PPPoE connection (each result is averaged across 10 runs)...
-
- Applied in changeset commit:ed104a182a95f0ce4e6df76a8c3f0698ff7ce092.
-
- With gateway monitoring enabled, an interface event kicks off a restart of other scripts which apply the routing and ...
-
- I generated a configuration with 250 VLANs (assigned, enabled, with DHCP active) based on a user complaint of problem...
-
- The issue was not properly defined and we need to discuss the issue to find out more about it before jumping straight...
-
- Jim Pingle wrote:
> The only problem here is that your static routes are not present at boot time.
Hi Jim Pingle... -
- It doesn't sound like that has anything at all to do with Google, so the description/subject may be completely inaccu...
-
- Hi,
I created routed/VTI site-to-site vpn from my pfsense box to google cloud (https://cloud.google.com/vpn/docs/h... -
- Prior to version 2.4.4-RELEASE, devices listed in Captive Portal "MACs" section would never see a login prompt, and d...
-
- That is almost certainly a hardware/disk issue. Most likely the filesystem is corrupt and needs fsck run a few times ...
-
03:16 AM Bug #9112 (Rejected): hosts corrupted
- pfSens 2.4.4
the first 0x2000 bytes of /etc/hosts are filled with Zero!
This happens every couple of weeks.
000... -
11/12/2018
-
- (cherry picked from commit 360737f6345e376f2de6d2810a1f345a018480e5)
-
-
- (cherry picked from commit eb6a022efaa19ce146990e0e4a57e421ddbad8bb)
-
-
- (cherry picked from commit 16b78f3879bdf658274caf750c9360ec97bb8f77)
-
-
- (cherry picked from commit cc955fe63ad44b5aac66721e54965d9bc13e990c)
-
-
- (cherry picked from commit 439d9beba0213c96281d8ff6b09ccb8136b1a0aa)
-
-
- Currently, IPsec VTI interfaces have no special handling for MTU. It is possible to nudge it manually after the syste...
-
- So this is working OK now?
If so, we can close it out, or mark it as a duplicate of #9019 if the root cause was id... -
- Does the same thing happen with an incognito/private mode browser session that has never visited that firewall before...
-
11:53 AM Bug #8235: The browser must support cookies to login
- Scott Phillips wrote:
> I updated pfsense to use secure socket that utilizes port 443 to login as the adminstrator. ... -
- I've added LICENSE files inside the 36Mb FAT32 partition and changed code to be able to restore a /config.xml of /con...
-
- Applied in changeset commit:cc955fe63ad44b5aac66721e54965d9bc13e990c.
-
- FYI: The error did not show up in the GUI or logs, but when running @ipsec start@ from the command line, the followin...
-
- At least in one case this is due to charon failing to parse a RADIUS server name containing a period. Apparently this...
-
- I request that we finally do the change necessary to fix #1635, that way it would be possible to set a custom state t...
-
- Applied in changeset commit:439d9beba0213c96281d8ff6b09ccb8136b1a0aa.
-
- When editing QinQ entries on interfaces_qinq_edit.php, a PHP error can occur:...
-
- PR has been merged
-
Also available in: Atom