Activity
From 12/05/2018 to 01/03/2019
01/03/2019
-
10:34 PM Feature #9251 (Resolved): DNS Resolver (Unbound) Python Integration
- Add the python module integration to the DNS Resolver (Unbound)
The only remaining function, would be to mount the... -
05:00 PM Revision 616089d8: Build net/libmaxminddb as requested by BBcan177
-
04:29 PM
Bug #9214 (Resolved): Packages fail to reinstall after restoring config.xml from the installer
-
04:28 PM
Bug #9214: Packages fail to reinstall after restoring config.xml from the installer
- Tested on 2.4.5.a.20190102.0952, works as expected.
-
03:36 PM pfSense Packages Todo #8671 (Resolved): Add "V83" to Yealink T38G (2) download label
-
03:28 PM
pfSense Packages
Feature #9250 (Resolved): Adjust download buttons and labels in OpenVPN Client Export
- Adjust download buttons and labels in OpenVPN Client Export, according to https://redmine.pfsense.org/issues/8671?iss...
-
03:14 PM pfSense Packages Feature #9249 (Resolved): [siproxd] Add config for siptrunk plugin
- I use a sip trunk and it didn't work out of the box.
After adding these four lines to /usr/local/etc/siproxd.conf ... -
-
-
-
11:19 AM Feature #9130: Request ID [#INC-16195]: DHCP - PXE Boot
- Vote: +1
-
10:38 AM Bug #9231 (Resolved): firewall_aliases_edit.php: pf keyword matching is not catching some problem cases
-
- I replicated the issue on:
SG-3100
2.4.4-RELEASE-p1 (arm)
built on Thu Nov 29 14:06:34 EST 2018
FreeBSD 11.2... -
05:11 AM Bug #3500: DHCP Leases List Not Showing Hostname in Some Cases
- Hi Totio,
As i didn't find a way to correctly handle '\r' or '\n' with awk or sed, i switch to perl which can play...
01/02/2019
-
05:13 PM Bug #9248 (Resolved): Dynamic dns updates on azure ipv6 service is not working properly
- When using the azure v6 dynamics dns update there is an issue that the dns entry is showing up at the azure dns manag...
-
04:44 PM pfSense Packages Bug #9247 (New): HAProxy multiple server selection on stats pages doesn't work
- Hi,
When selecting multiple servers to perform an action on in the Stats or Stats FS pages, the action performed o... -
- That PR hasn't been merged yet, probably should be its own ticket since it isn't related to this v83 change.
-
02:45 PM
pfSense Packages
Todo #8671: Add "V83" to Yealink T38G (2) download label
- On 2.4.5.a.20190102.0951 with pfSense-pkg-openvpn-client-export-1.4.18, seeing...
- 02:50 PM Revision 0b4c14a4: Update copyright notices to 2019. Happy New Year
-
12:06 PM
Bug #3500: DHCP Leases List Not Showing Hostname in Some Cases
- Well, I agree, but at least my proposal doesn't break the overall logic, the current code base already strips the # s...
-
08:34 AM Bug #9246 (Closed): dhcp configuration v4/v6 ignores VLAN priority configuration
- When submitting interface configuration, the DHCP 802.1p settings becomes overwritten by DHCP_Config_File_Advanced or...
-
08:05 AM
Todo #9245 (Resolved): Update copyright notices to 2020
01/01/2019
-
07:26 PM pfSense Packages Bug #9244 (Resolved): FRR Status BGP Summary only shows "IPv4 Unicast Summary"
- ON the FRR status pages, Services / FRR / Status, On the All and BGP tabs.
BGP Summary contains no info about IPv6... -
05:36 PM Bug #9243 (Resolved): IPsec ID type keyid not explicitly set
- Identifier type is set to "Key ID tag" on both sides. Sonicwall says in log: "VPN Policy: Local ID type: KEY ID; Remo...
-
- Retested and got *the same results* as Joshua. I must have messed up something with IPs or Safari browser got stuck d...
-
03:13 PM Bug #9242 (Resolved): MBT-4220/2220 not recognized by pfsense correctly after UEFI upgraded to 1.00
- In BIOS Released by intel there were system identyfier change.
pfSense installer expects
Product Name: Minnowboard ... -
- Phillip Davis wrote:
> It could all be done in a PHP loop instead of using "awk".
It should be better and easier...
12/31/2018
-
- Just noticed, it looks like Unbound (DNS Resolver) supports DNS64 as well (plus BIND/named if you want to use that), ...
-
08:36 PM Bug #9241 (New): Ethernet link cycles up/down if "auto-negotiate" is explicitly selected in interface configuration
- I have Celeron J1900-based SBC with Intel 82573V NIC's using the Intel PRO/1000 driver.
I'm running 2.4.4-RELEAS... -
04:35 PM
Bug #3500: DHCP Leases List Not Showing Hostname in Some Cases
- This bug with the } symbol in some UID fields and the missing hostname in the Web UI is still presented in version 2....
-
03:02 PM pfSense Packages Feature #9240 (Rejected): allow users to define custom ipsec configuration using web-page for ipsec
- Just like in OpenVPN configuration page, where users can add custom options (Advanced Configuration -- Custom options...
-
01:22 PM pfSense Packages Feature #9238: Add support for Zerotier
- Minimal functionality required would be joining and leaving networks. The controller service is not necessary as that...
-
- Excerpt from https://zerotier.com/blog/2018-05-04-128.shtml...
-
- Either or both of those should be fairly simple to do..
-
11:18 AM Bug #9239 (Resolved): WebGUI: Diagnostics > Packet Capture will try to display any size of pcap file.
- The diag_packet_capture.php p[age will try to display any size of pcap when the capture is stopped regardless of how ...
12/30/2018
-
- Adding support for ZeroTier with its multi-path feature, would give pfS a better position in the SD-WAN market.
12/29/2018
-
02:14 PM
pfSense Docs
Correction #9237 (Resolved): Remove references to pfSense Virtual VMware Appliance
- At https://docs.netgate.com/pfsense/en/latest/solutions/vmware/index.html, there is a "VMware READY" logo at the top ...
-
02:02 PM
pfSense Docs
Correction #9216 (Resolved): pfSense Firewall/VPN/Router for Azure » Support Resources Outdated link
- All relevant URLs on the page are now corrected.
-
- We don't have any control over that, it comes from FreeBSD as a part of the ports tree. The ports tree also contains ...
-
- Hello,
Because of the 'japanese/prn' directory, users with windows 10 systems can't fetch repository.
Microsoft u... -
06:51 AM pfSense Packages Bug #9233: Error adding new status monitoring view
- I was able to avoid the problem: I saved a configuration file, located the <savedviews> etc </ savedviews> section th...
-
- Hi Danilo,
I'am not agree with your test.
I just test again to be sure about it, and i can confirm that if your...
12/28/2018
-
07:14 PM Bug #9235 (Resolved): pfsense does not send ICMP redirect
- Hi,
This is a clone of
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221137
In FreeBSD >=11, ICMP redirect... -
06:20 PM Bug #9234 (Resolved): Wording consistency in Certificate Management notifications
- When creating a new certificate, the Distinguished Name (common name) is a required field. Omitting the common name r...
-
05:26 PM Bug #9004: Default gateway IPv4 set to a group fails after restart on 2.4.4
- Same here on 2.4.5.a.20181221.1732.
-
- I have reproduced the bug on SG-3100:
2.4.4-RELEASE-p1 (arm)
built on Thu Nov 29 14:06:34 EST 2018
FreeBSD 11.2-... -
- sorry, my bad, i was talking about : https://github.com/pfsense/FreeBSD-ports/pull/604
i correct my precedent post -
- I don't think so....I can in fact do updates on default view. My problem is different...It can not ADD new VIEWS afte...
-
- Hello,
Maybe you experienced this issue : https://redmine.pfsense.org/issues/9194
If so, you can try this patch... -
- Now I can no more add a new "Monitoring View". After choose "Add View" I get the message "The name-of-my-view view ha...
-
- i redo a correct PR : https://github.com/pfsense/FreeBSD-ports/pull/604
-
- the PR is now ok : https://github.com/pfsense/FreeBSD-ports/pull/603
12/27/2018
-
- (cherry picked from commit 2c5d3b1e5002598cb799a182ccc1d6e66d3aac5d)
-
-
05:20 PM Bug #9232 (Duplicate): pfSense cant connect to hosts on the internet using non-local gateway via interface specific route after reboot
- After upgrading to 2.4.4_p1, pfSense cannot connect to hosts on the internet anymore. Clients in the LAN behind the p...
-
- Applied in changeset commit:2c5d3b1e5002598cb799a182ccc1d6e66d3aac5d.
-
- When creating or editing an alias, input validation is performed against pf keywords to prevent them from being used ...
-
02:41 PM Feature #9230: The ability to port forward across an IPSEC site to site vpn
- The configuration in the office is already set to do 0.0.0.0/0 routing (all traffic from the office is tunneled out v...
-
- With tunneled IPsec if you use 0.0.0.0/0 as the remote on IPsec this can work, but it's not ideal. All traffic will b...
-
- I should mention both firewalls are 7100s. Same model. Colo firewall has upgraded ram and 10gig copper.
-
- In my environment, have a 7100 in a colo, and it is attached to a remote office via a site-to-site ipsec vpn link.
I... -
10:36 AM pfSense Packages Bug #9229 (New): Tinc package: no way of specifying multiple critical configuration parameters from web interface
- Hello,
After installing the *Tinc package* provided in the official pfSense repository, there is *no apparent way ... -
10:22 AM pfSense Docs Correction #9228 (Resolved): Feedback on Hardware — Hardware Sizing Guidance
- *Page:* https://docs.netgate.com/pfsense/en/latest/hardware/size.html
*Feedback:*
Customer noticed that all of ... -
- *Tinc* software ([[https://tinc-vpn.org/]]) is an excellent and easy way of configuring *SSL tunnels* to various othe...
-
- Hello and thanks! :)
I've tested all this in the very latest version of pfSense, namely 2.4.4-p1, which I've down... -
05:52 AM Bug #8831: Radvd causes latency spikes
- Can confirm that the bug exists in 2.4.4-RELEASE-p1 (amd64)CE.
LAGG protocol is LACP and vlan on the LAGG, pretty ... -
03:28 AM Feature #9226 (New): zfs GUI functionality - alerts
- *some* way of seeing the status in GUI, and most importantly, *alerts* for degraded
it looks like the dashboard alre...
12/26/2018
-
01:42 PM Revision ce4224ff: Fix test $g['product_version_string']
-
10:54 AM Bug #9004: Default gateway IPv4 set to a group fails after restart on 2.4.4
- Seeing this issue as well. No default gateway is created.
2.4.4-p1 -
09:29 AM Bug #9225 (Closed): Gateway group routing not updated on OpenVPN client reconnect
- Setup: PFSense 2.3.5 p1, or PFSense 2.4.4-p1
WAN1 - (PPPOE)
WAN2 - VPNV4 - Openvpn client in TUN mode connected v... -
- Tested: pfSense-pkg-openvpn-client-export-1.4.18
Username is added to the file for userID 0, the admin user:
<pre... -
-
05:11 AM Bug #8808: HA sync : When a captiveportal zone is deleted, deletion is not done on the slave.
- This issue has been fixed in September 2018 by Renato in commit 7cab6335bb
Could it be marked as resolved ? -
- Hello,
Please can you tell us the pfsense version you use ?
I got 2.4.4_1 and there is "Static IPv6 Configuration... -
- Hello,
*On current version of pfSense, one cannot configure STATIC IPv6 addresses* allocated by our ISP (R... -
- Sshguard implementation in pfsense broke the way that sshguard should work.
I notice that blocking IP for a while ... -
- Actually systems logs show us when sshguard is blocking an IP, but we never known when it release this IP.
It should...
12/25/2018
-
- This happens in few pages, such as system_authservers.php or services_captiveportal_vouchers.php
!https://www.pi...
12/24/2018
-
02:49 PM pfSense Packages Bug #9211: GeoIP broken in pfSense-pkg-ntopng-0.8.13_3
- It is also not showing the locations (other than home location) and flows om the maps page
-
- Tested:
2.4.4-RELEASE-p2 (arm64)
built on Wed Dec 12 06:32:09 EST 2018
FreeBSD 11.2-RELEASE-p6
Calling station ... -
- Tested in current package version: pfSense-pkg-Service_Watchdog-1.8.6
No errors. -
- Replicated in 2.4.4p1:...
-
10:43 AM Bug #9132: Traffic Graph and Bandwidth In / Out do not match
- Jim Pingle wrote:
> Given that issue, this is almost certainly a duplicate of #3334
The underlying problem was re...
12/23/2018
-
- This looks better:
https://github.com/pfsense/FreeBSD-ports/pull/605 -
- Testing: pfSense-pkg-openvpn-client-export-1.4.18
Button labeling is correct. Though the alignment could be better. -
- No php errors in current package: pfSense-pkg-stunnel-5.47_1
-
- Tested: pfSense-pkg-stunnel-5.47_1
In the list of defined tunnels shown in /pkg.php?xml=stunnel.xml the certificat... -
- After defining a new tunnel with a non-default certificate the resulting .pem file is readable by any user resulting ...
-
- Tested:...
-
- Check swap is one of the selectable commands included by default in package version: 3.1
-
- No errors in current versions.
-
- Fixed in current packages versions:...
-
- No errors in current package: 4.0.13_11
-
-
- This now looks to have been surpassed:...
-
- Tested against: ...
-
- We have gone down the road of having multiple OpenSSL instances on the firewall before and it was a pain to maintain,...
-
04:51 AM Feature #8602: DNS over TLS host verification
- if you guys want this before pfsense 2.5, you only need to compile unbound against openssl 1.1, the system binary can...
-
- this has been pushed back a lot, it would be nice if it got implemented, as a work around I have been using fe80::1:1...
12/22/2018
-
- Hooo Thank you Jim !
I didn't know "convert_seconds_to_dhms()":https://github.com/pfsense/pfsense/blob/master/src/et... -
02:29 AM pfSense Packages Bug #9108: OpenVPN client without "explicit-exit-notify" does not trigger client-disconnect portion of /usr/local/sbin/openvpn.attributes.sh
- Thank you everyone.
I dropped the session duration out of my log records. It didn't seem to provide any added val...
12/21/2018
- 11:51 PM Revision 369c8d1e: Merge branch 'master' into patch-is_fqdn
-
- We already have a time conversion function :-)
"convert_seconds_to_dhms()":https://github.com/pfsense/pfsense/blob... -
- I just :
- add the format_byte to bytes values
- add the duration time
- change format to be like others "openvpn ... -
-
- Correction pushed. The forum URL was also broken, and there were outdated links to the (now retired) mailing list. I ...
-
- https://github.com/gitdevmod/pfsense/commit/adc6ddbdbbb465fd3cb58d931465ac93b1fdedb6#diff-23f22aca2e953811c28d5b034d3...
-
- Hi,
With this command ...
12/20/2018
-
- Thank you very much Jim for your reply.
I can play with these variables now.
I'll post a feedback later about it ... -
12:24 AM pfSense Packages Feature #9217 (Resolved): Squid LDAP Authentication - spaces in ldif values
- If OU value or another ldif unit contains spaces, for example OU=all users, squid ldap auth works only if to put the ...
12/19/2018
-
08:22 PM
pfSense Docs
Correction #9216 (Resolved): pfSense Firewall/VPN/Router for Azure » Support Resources Outdated link
- At https://www.netgate.com/docs/pfsense/solutions/azure-appliance/support.html the current URL to obtain a support su...
-
05:18 PM Bug #5476: Does not appear possible to use policy routing for traffic originating from the firewall (self)
- Anything new on this or is this still an upstream issue?
-
04:54 PM Bug #9004: Default gateway IPv4 set to a group fails after restart on 2.4.4
- I had the same problem at a customer of mine. He has two WANs, one fiber and one LTE (configured as Backup-WAN - not ...
-
- Fixed https://www.netgate.com/docs/pfsense/book/multiwan/verifying-functionality.html
And a bonus fix on https://w... -
02:59 PM
pfSense Docs
Correction #9215 (Closed): Multi-WAN - Verifying functionality - Check IP sites need updated
- At https://www.netgate.com/docs/pfsense/book/multiwan/verifying-functionality.html#verifying-http-load-balancing, htt...
-
- Change committed to freebsd-src repo, should be in 2.4.5 snaps when they run next.
-
- When restoring a config.xml file in the installer, the script sets
@${BSDINSTALL_CHROOT}/cf/conf/needs_package_syn... -
01:27 PM Feature #3473: Allow configuration of OpenVPN keepalive
- Ran into the problem. Found out that you can comment-out or change the way the keepalive directive is added to new op...
-
10:12 AM
pfSense Packages
Bug #9181: Spelling error in gwled package (0.2.4_1)
- Confirmed resolved in pfSense-pkg-gwled 0.2.4_2
-
- Duplicated by #8187 which was implemented in 2.4.4.
12/18/2018
-
-
05:11 PM Bug #9212 (Not a Bug): OpenVPN Client can't connect over IPv6 in "multihome"
- When the protocol option is set to "UDP IPv4 and IPv6 on all interfaces (multihome)", the OpenVPN Client will fail to...
-
04:35 PM pfSense Packages Bug #9211 (Resolved): GeoIP broken in pfSense-pkg-ntopng-0.8.13_3
- Since upgrading ntopng (from previous to latest version), GeoIP support is broken. No flags are shown, listing by cou...
-
04:30 PM Revision 76bfc872: Captive portal: fix per-user traffic quotas
- Don't overwrite the global traffic quota value with a user's radius-provided value
that would then be reused in the s... -
- Don't overwrite the global session timeout value with a user's radius-provided timeout
that would then be reused in t... -
- ...
-
-
- I wouldn't use @${bytes_sent} bytes@ or @${bytes_received} bytes@
Run them through "format_bytes()":https://github... -
- Thank you, i'll correct it.
I don't know where you find the "fucking manual" for these variables, if you got a link ... -
- (cherry picked from commit 701728c0778cbb4ccf95ebfad30bf56339d1a7e3)
-
- (cherry picked from commit d188b7251a83b4a8a39ba50dfaf9a1cba35cad17)
-
-
- PR: https://github.com/pfsense/pfsense/pull/4025
-
- Currently pfSense sets the RADIUS NAS Identifier to the hostname when logging into the web ui and is not very useful....
-
- PR: https://github.com/pfsense/pfsense/pull/4024
-
- When "Use RADIUS Session-Timeout attributes" is enabled the wrong session timeout value is used for users without a R...
-
08:53 AM Bug #9207: Phase1s created before pfSense 2.1.0 no longer work after upgrade to 2.4.3: IPsec ERROR: Could not find phase 1 source for connection [redacted]. Omitting from configuration file.
- Looks good to me, thanks for the quick fix!
-
- Applied in changeset commit:d188b7251a83b4a8a39ba50dfaf9a1cba35cad17.
-
- It would be better in a new upgrade code function, but that is certainly possible.
In the mean time, a simple edit... -
- Hi,
Before commit:e79b24ab3534ac2af7d832038155a99902bc2c49, a phase1 did not have a @protocol@ attribute. This a pro...
12/17/2018
-
- PR: https://github.com/pfsense/pfsense/pull/4026
-
- Hello,
I've fixed a race condition where disconnecting and reconnecting a session when using AVPair ACLs would res... -
01:19 PM pfSense Packages Feature #9085: OpenVPN connect/disconnect scripts
- The default for pfS is keepalive 10 60 on server side and will be automatically pushed to clients.
Please see "--k... -
12:58 PM pfSense Packages Bug #9195: Suricata (latest): very large number of rules cause errors due to unknown reference keys on Rebuild with Interface SID Management List Assignments
- I have made at least a couple of posts on the pfSense IDS/IPS forum about this: _snortrules-snapshot-3000.tar.gz (14...
-
04:11 AM Bug #9004: Default gateway IPv4 set to a group fails after restart on 2.4.4
- +1 had this on a system after a reboot but on a other system with multiple vlan interfaces i had to change the ip of ...
12/16/2018
-
06:38 PM pfSense Packages Bug #9204 (Needs Patch): ospfd: GRE tunnels became unnumbered since 2.4.4
- I have recently tested an upgrade to 2.4.4_1, from 2.4.3. It is a hub and spoke type setup with GRE over IPSec, ipv4 ...
-
05:54 PM pfSense Packages Bug #9195: Suricata (latest): very large number of rules cause errors due to unknown reference keys on Rebuild with Interface SID Management List Assignments
- The errors now appear to be due to illegal rules instead of "unknown reference key", with the exception an unknown ru...
-
- My bug report that re-installing Suricata does *not* restore important configuration files to their default settings ...
-
- This issue is still open. If a proposed workaround for this issue didn't fix it doesn't make that a new issue. It's s...
-
- Bug report #9202 was closed as a duplicate. However, bug #9202 relates to the failure of re-install options from fix...
-
- Forgot to mention that I have changed my connect logger line to:...
-
- See my comment under https://redmine.pfsense.org/issues/9085. (Not 9805, sorry.)
I agree that the numbers could b... -
- See also here:
https://redmine.pfsense.org/issues/9085
-
- I think you're correct but I guess I didn't wait long enough for the keepalive timer to expire.
In testing this,... -
03:28 PM Feature #9203 (Closed): CRAM-MD5 for IMAP/SMTP
- Would it be possible to add ncrypted password key for IMAP/SMTP that uses CRAM-MD5? The current version uses plaintex...
-
02:40 PM pfSense Packages Bug #9079: High CPU usage of ntopng even during IDLE and no network traffic
- Thanks for the script. Since version 2.4.4-p1 with the new version of ntopng the CPU idle usage did improve:
(weaker... -
- Clearly, this is not the same bug report.
That was a bug with errors occuring with Suricata. This is a bug that t... -
- The other bug report is still open. Add notes there, don't open a new issue for the same problem.
-
- I have tried System -> Package Manager -> Installed Packages -> Suricata -> clicked Reinstall. Same issue (Bug #9195)...
-
- Anything like that would have to be self-contained on the firewall. Relying on an external/internet-based service is ...
12/15/2018
-
02:06 PM Bug #7142: IPv6: Floating rules on 6rd enabled WAN interfaces doesn't get bound to wan_stf
- This is still an issue.
-
- I'am looking for a way to join graphics/charts as image objects (png,gif,jpg,and so on...) in mail reports.
I notice... -
- I use ntop and didn't notice this problem.
Maybe some ntop options can cause more cpu usage...
I use Pfsense 2.4.... -
- And just for information : OpenVPN client without "explicit-exit-notify" *TRIG* the client-disconnect portion of /usr...
-
- I just test your logger lines, it is really fun to get the result :...
-
- Thank You.
I added this commit to my current PR : https://github.com/pfsense/FreeBSD-ports/pull/602/commits/b03293... -
07:00 AM pfSense Packages Bug #9196: mailreport stopped work
- Hi, Joshua.
Yes, that solved the problem, thanks. -
- Hi Alex,
Thank you for your reply.
As we can see in the telnet output you give : your mail server purpose START... -
- Ok.
[2.4.4-RELEASE][root@pfsense.mydomain]/root: telnet 10.1.97.12 25
Trying 10.1.97.12...
Connected to mail.myd... -
05:26 AM Bug #9183: OpenVPN Lagg Interface not working after restart or new start
- So i take some time to find out how the config work but now i have a workaround !!!
no thanks to all developer for... -
02:06 AM Bug #8429: radvd/IPv6 broken in 2.4.3 when using a LAN bridge
- I am receiving this error in the logs about once every 10-15 seconds
radvd invalid all-zeros prefix in /var/etc/radv...
12/14/2018
-
- I have tried System -> Package Manager -> Installed Packages -> Suricata -> clicked Reinstall. Same issue.
Will t... -
- config reference: McAfee http://vil.nai.com/vil/content/v_
I am unable to resolve "vil.nai.com". Problem? -
- cat /usr/local/etc/suricata/reference.config
config reference: arachNIDS http://www.whitehats.com/info/IDS
con... -
- I have clicked on Diagnostics -> Backup & Restore -> Backup & Restore -> Package Functions -> Reinstall Packages.
... -
- On the same page, I use: Snort IPS Policy selection -> Use IPS Policy (checked), Use rules from one of three pre-defi...
-
- I have uninstalled Suricata without preserving settings and re-installed from scratch. I still see these errors. I ...
-
- I have not been able to reproduce this error in any of my testing. I have tested updated an existing Suricata instal...
- 10:19 PM Revision 960a3893: Set Hyperscan to default to native arch
- The Hyperscan port configuration does not set the NATIVE option which allows for HS to be built with advanced instruc...
-
- The latest version of the acme.sh script (not the GUI package) has some support but it isn't like the other integrate...
-
08:21 PM pfSense Packages Todo #9200 (Resolved): Add DNS support for Google domain to Acme manager
- Please add DNS support of Acme manager for use with google domains. I'm using their DDNS feature and can't find them...
-
07:29 PM Revision 814a7c2f: #9096 - updated login title
-
- Alex,
In the "System/Advanced/Notifications/Test SMTP Settings" log there is "ehlo=1 mail=1 rcpt=1 data=1 quit=1 c... -
- The error seems to indicate that it fails to verify peer certificate because unknown CA.
The successfull test is m... -
-
-
- Corrected the typo:
Commit fd1d1c086c844c32835d26b35cb1a7c1c88927ca
pfSense-pkg-gwled 0.2.4_2 -
-
11:31 AM Bug #8973: Traffic not going to Limiter queues
- I just noticed the updates - thanks for the fix and explanation Luiz!
-
- There is no such thing as "shaowsock".
If you meant shadowsocks proxy, then that appears to be something better su... -
04:05 AM Bug #9199 (Rejected): Can pfsense install the shaowsock plugin?
- Can pfsense install the shaowsock plugin? Because i need to browse foreign websites to use this plugin in china.
if ... -
02:01 AM Bug #9175: pfsense does not send out IPv6 UDP fragments for packets created local
- Can anyone comment on how to proceed or what might be needed to reproduce?
-
- Any chance to get fixed soon? This bug actually prevent our VPN from being usable for VoIP which uses UDP and in some...
12/13/2018
-
- Why then passes the test SMTP? Message from PF (shutdown for example) delivered successfully too. How to solve the pr...
-
- The latest version enabled Automatic TLS for improved security, and your mail server does not appear to have a valid ...
-
System/Advanced/Notifications/Test SMTP Settings
Dec 13 11:22:09 mail postfix/postscreen[8670]: CONNECT from [1...-
- After the update to version 3.4, the mailreport stopped work.
Dec 13 08:43:19 mail postfix/postscreen[18817]: CONN... -
- On "2.4.4-RELEASE-p2 (amd64) built on Wed Dec 12 07:39:09 EST 2018 FreeBSD 11.2-RELEASE-p6:
[2.4.4-RELEASE][root@... -
- Pull request : https://github.com/pfsense/FreeBSD-ports/pull/602
-
- I receive the errors on the following versions of pfSense:
2.4.4-RELEASE-p1 (amd64) (Netgate hardware) with Surica... -
- I receive a very (very) large number of these kinds of errors in the Suricata logs (and system logs) related to refer...
12/12/2018
-
-
- If $_GET['view'] is not set or empty, you cant save the default view.
This is because the view-title hidden input ... -
04:22 PM Bug #9192: PPPoE daemon selects wrong interface
- It seems this was an issue that about 5 years ago that has now resurfaced.
https://forum.netgate.com/topic/59789/i... -
- Note: One would expect the xx:xx:xx:xx:xx:04 interface to be chosen every time.
-
- I'm experiencing a strange issue where the pppoe daemon selects/reports the wrong interface for establishing an IPv6 ...
-
- Applied in changeset commit:701728c0778cbb4ccf95ebfad30bf56339d1a7e3.
-
- Scenario:
1. Empty firewall rule list @<filter></filter>@
2. Imported NAT rules that reference associated filter ru... -
-
- +1
The throughput on softether vpn is higher than OpenVPN.
12/11/2018
-
08:10 PM Revision 230c1808: Fix DigitalOcean DynDNS client
- Fixes the check on the return value since it's been updated to use
HTTP/2 syntax. Also adds logic to allow using `@` ... -
-
- (cherry picked from commit d36e5a49e6104c52bca2153eba45709d5af99599)
-
-
04:43 PM pfSense Packages Bug #9177: FRR 0.2_4 installation broken with pfSense 2.4.4_1
- Jim's reasoning turned out correct. A reinstall of 2.4.4, upgrade to p1 and package installation worked 100%.
This s... -
04:27 PM
Bug #9059: Update Unbound to 1.8.1
- Ben Hohendorf wrote:
> As per my thread on reddit, https://www.reddit.com/r/PFSENSE/comments/9wjjo2/sg3100_hard_cras... -
03:54 PM
Bug #9059: Update Unbound to 1.8.1
- As per my thread on reddit, https://www.reddit.com/r/PFSENSE/comments/9wjjo2/sg3100_hard_crash/
After updating my ... -
- (cherry picked from commit 4c6e3de40f56a1bd8d978a9dd4677d0ab025b8cb)
-
- 02:45 PM Revision 3409b0f6: Minor fixes related to #9121
- (cherry picked from commit 6f9729c0a53be67ced6d52e6e33dba6b237083ab)
-
02:44 PM Revision 04c64709: Fixed regression where calling station id was removed from openvpn
- (cherry picked from commit 95f3d049bfead1c6faf04c8a626a7ce868f8b6f8)
-
- (cherry picked from commit 592bec817f152a7536572a675079776138827cc8)
-
- Testing is super easy with ACME/LE certs. Edit the cert entry, check the box for stapling, and then renew the cert. I...
-
- Applied in changeset commit:4c6e3de40f56a1bd8d978a9dd4677d0ab025b8cb.
-
-
- PR merged and picked back to RELENG_2_4_4
-
- PR is at https://github.com/pfsense/pfsense/pull/4019 and needs tested/merged/picked
-
- Commit pushed to the installer to correct the install-time label generation. Should be fixed in the next new snapshot...
-
- Also note: This does not affect GPT installs, only ufs/MBR that I've seen thus far. GPT uses the GPT id in fstab, MBR...
-
- The installer still needs fixed so it doesn't generate an incorrect fstab.
I have pushed a workaround that will a... -
-
- We have confirmed it does affect the CE installer. Still checking on potential causes.
-
- I understood it correctly, and it's behaving exactly as expected. The system adds an internal "override" entry for th...
-
09:06 AM Bug #9190: host override for pfsense box DNS name does not override IP of LAN interface
- Jim Pingle wrote:
> Adding multiple overrides will return multiple records, not override the previous result.
>
>... -
- Adding multiple overrides will return multiple records, not override the previous result.
If you must have a diffe... -
- Setting up a hostoverride in _Services -> DNS Resolver -> Host Overrides_ for the name of the pfSense box itself (con...
-
- Fix also picked back to RELENG_2_4_4
-
- There was a forum user that reported a connectivity issue due to old/crusty olsrd settings that couldn't be removed b...
-
- Duplicate of #628
And it's really not a problem for HAProxy at all. There is no problem with binding haproxy to an... -
08:26 AM Bug #9191 (Duplicate): Cannot use HAProxy due to WebGUI
- Entering this as a bug since as it prevents standard use functionality. Suspect that this issue exists across all ve...
-
05:57 AM Feature #8187: Gateways, allow for configuring a gatewaygroup as the default gateway. #3781
- It seems gateway ordering it's broken.
Changes are not retained after I change the order and Save in system_gateways... -
04:33 AM Bug #9189: Broken host overrides in DNS resolver (sometimes)
- Sorry but you have not shown this to be happening... As I brought up over 2 years ago you sure your client is not poi...
12/10/2018
-
-
-
02:45 PM Bug #9189 (Rejected): Broken host overrides in DNS resolver (sometimes)
- Expected behavior:
If we have host override in pfSense "DNS resolver", pfSense should never ever return public IP fo... -
- PR is at https://github.com/pfsense/pfsense/pull/4020 and has been merged
RFC3580 is for 802.1x, not OpenVPN or R... -
- The captive portal underwent a major rewrite after 2.4.3-p1. You must upgrade to 2.4.4-p1 and test again before openi...
-
- The log truncation and rotation code in the Suricata GUI package is not sending a SIGHUP to the running Suricata proc...
-
06:40 AM Bug #8963: 2.4.4 Limiters don't work after CARP fail-over
- Hello,
I bought a Netgate HA bundle and I found the same bug #8963 together with release 2.4.4-p1.
Clear, because...
12/09/2018
-
09:17 PM Todo #8821: Remove Growl Notifications
- Regarding Growl, until the latest is x version we just didn’t have a lot of need to put out a new release. Things wor...
-
06:06 PM Bug #9187 (Resolved): Status->Interfaces doesn't show useful data for lagg
- I have a lagg with two ixl members. On top of that I have a few VLANs. In the attached screenshot, TRUNK is the lagg....
-
05:53 PM
Todo #9186 (Rejected): Features in captive portal with large number of users
- I am using Pfsense version 2.4.3p1 with the number of user captive portal is nearly 1000.
There is a problem here th... -
- As mentionned on on the github PR, the best would be that *calling_station_id* contains the MAC address linked to the...
-
- In my opinion, it is better to set SMTPAutoTLS to TRUE because :
1 - if both actors (client and server) can use ST... -
- Pull request created : https://github.com/pfsense/FreeBSD-ports/pull/600
-
- I just done the modifications.
I will push them on the github.
But this is my first contribution to a project thr... -
- Pull request created : https://github.com/pfsense/FreeBSD-ports/pull/600
-
- i forget a ) in the code, the good one is :
$addresses = explode(",", $config['notifications']['smtp']['notifyemai... -
- In the field smtpnotifyemailaddress on the system_advanced_notifications.php we can put pultiple mail addresses with ...
-
09:06 AM Bug #9059: Update Unbound to 1.8.1
- Tim Harman wrote:
> I'm an idiot.
Been there, done that.
Should the advanced config be entered as two separate... -
07:10 AM Bug #9184 (Duplicate): TCP packet fragments over IPSEC ESP are not reassembled or forwarded
- Hi all,
I have an IPSEC VPN between PFsense and a Cisco ASA. The ASA does fragmentation before encryption (ASA com... -
03:53 AM
Bug #8970 (Resolved): Queues Menu item ends with ":"
-
12:57 AM Bug #8970: Queues Menu item ends with ":"
- I checked German language menu and did not observe the issue.
-
- I checked the issue on latest 2.4.5-DEV and did not observe it. Gateways and their routes were successfully deleted a...
-
- I checked files on latest 2.4.5-DEV and found only OLSRD mention in /etc/pfSense.obsoletedfiles and that is all.
12/08/2018
-
12:42 PM pfSense Packages Feature #6022: Consider MLVPN for bonded VPN
- +1 here...
Some countries, like where I am, we don't have a larger uplink DSL than 1MB!
more than 1MB should ha... -
12:32 PM Feature #8546: Ability to download pfSense updates via another gateway
- Going back on this issue to give an update :
Actually, I ended up implementing that by explicitly setting a gateway ... -
- What ? Really why is it possible to choose a openvpn interface in the lagg config if it is not supported ?
Who mak... -
- LAGG is not technically supported for OpenVPN. It may happen to work by coincidence, but it's not a configuration we ...
-
- I configured a LAGG Interface with 4 openvpn tap connections with round robin mode.
After a reboot or if i start t...
12/07/2018
-
- (cherry picked from commit ed76624bf01c0d1718d427919145bf4e5f949264)
-
-
06:40 PM Bug #9182 (Resolved): SWAP not working after clean install
- After 2.4.4_1 clean install, I realized swap is improperly configured (and not working of course). I used the automat...
-
- Fixes the check on the return value since it's been updated to use
HTTP/2 syntax. Also adds logic to allow using `@` ... -
- Applied in changeset commit:ed76624bf01c0d1718d427919145bf4e5f949264.
-
- When signing a CSR, selecting SHA512 yields an input error claiming the selected algorithm is invalid.
I can repro... -
- Clients self-generate those, not the firewall. The "LAN Net" Macro (really the interface name in pf) includes the con...
-
12:51 PM Bug #9168: "LAN net" Does Not Include the IPv6 Addresses Like Link Local Addresses and Privacy Addresses
- How about the "privacy addresses?" I'm assuming pfSense is generating them as part of the Privacy Exentions to SLAAC...
-
12:57 PM
pfSense Packages
Bug #9181 (Resolved): Spelling error in gwled package (0.2.4_1)
- At Interfaces > Gateway Status LEDs, periodic is misspelled as ...
-
- I appear to be having the same issue with pfSense 2.4.4-1:
https://forum.netgate.com/topic/138335/2-4-4_1-unbound-... - 12:45 PM Revision f0dd942c: Merge pull request #4020 from wokis/master
-
-
08:04 AM Bug #9179 (New): NAT reflection fix implemented for #8604 is causing WebUI and XMLRPC to fail on slave
- Ref: https://github.com/pfsense/pfsense/commit/6f8e648f5c88e04166539ab27872b13dfd587cb8 which fixed #8604
Whenever... -
- I can't replicate this on 2.4.4-p1.
Looks like you messed up the package repositories on that box somehow, like ma... -
05:16 AM pfSense Packages Bug #9012: Captive Portal authentication in Squid Proxy Server does not work
- In */etc/inc/captiportal.inc* (ee /etc/inc/captiveportal.inc)
approximatively line 699 (3128 = proxy port)
####... -
- Hello,
In commit f15fdef37ff7c1fcaecc73f2927ba1d7775032b0 the attribute calling_station_id was removed from openvp... -
03:35 AM pfSense Packages Bug #9139: telegraf: add ping for default gateway(s)
- Maybe a upgrade to telegraf 1.7 is sufficient to get ping working ?
From 1.7 changelog #4227: Use same flags for all...
12/06/2018
-
-
- The package doesn't like 2.4.4+...
-
- I fixed the typo but did not bump the package for that minor of a change. The fix will come with whatever update happ...
-
03:22 PM
pfSense Packages
Bug #9176 (Closed): Spelling error in Acme package (0.3.2_4)
- At Services > Acme Certificates > General settings, under Cron Entry, successful is misspelled as ...
-
12:49 PM Bug #9160: OCSP Must-Staple, when checked on the System > Advanced AND on the System > General Setup some IPv6 DNS servers are listed, then the nginx web configurator file will a contain syntax error
- ?! You are right. Forgot all about that one.
Zap my staple story : that "true" one is probably right after all.
Tha... -
- When you have a certificate that requires stapling, you can't disable it or it will break GUI access. Hiding the chec...
-
- Not related, but while I was stapling :...
-
- When using Strongswan as VPN Endpoint on pfsense with IPSEC sometimes "oversized" UDP packets are created in the IKE ...
-
08:45 AM pfSense Packages Bug #9174 (Resolved): Suricata rulesets in 2.4.4_1
- I cannot see rulesets when i create a new interface in Suricata with the Duplicate button from another interface. If ...
-
- There is not enough information here for a valid bug report. I cannot reproduce the problem with only the stated opti...
-
03:31 AM Bug #9172 (Rejected): There were error(s) loading the rules: /tmp/rules.debug
- With NAT Reflection enabled to Pure NAT and option "Automatic create outbound NAT rules that direct traffic back out ...
-
- There is not enough information here for a valid bug report. Please start a thread on the forum at https://forum.netg...
-
04:25 AM Bug #9173 (Rejected): Webgui does not start after reboot
- Hi
I configured my home pfsense to reboot at 4:00 am everyday. However after reboot, the webgui does not restart, ...
12/05/2018
-
- DigitalOcean has updated the returned headers that breaks the check on the return.
-
- (cherry picked from commit f5f79fcc24241f0a76f6a7fe9b32917bee64e393)
-
-
- fe80 is not "LAN Net". It's link-local traffic that can never leave the segment. It shouldn't be hitting the firewall...
-
- Good on latest snap as well.
-
07:49 AM Bug #9163: NPt rule is omitted when /128 mask is given
- Applied from the system patches package and it works perfect
-
- Applied in changeset commit:f5f79fcc24241f0a76f6a7fe9b32917bee64e393.
-
- Note: This also only affects the wizard when setting a static WAN and upstream gateway.
Fix pushed, will show up m... -
- If a gateway existed but was deleted, the config can be left with @<gateways></gateways>@ which leads to a PHP error ...
-
02:53 AM Bug #9169: carriage return handling in OpenVPN custom Options
- Ok, my bad. But this is counter intuitive as the field itself is multi-line capable, and OpenVPN syntaxe doesn't need...
-
02:46 AM Bug #9169 (Rejected): carriage return handling in OpenVPN custom Options
- Separate your custom options with a semicolon as the field instructions and documentation state.
Enter any additio... -
- For one of my OpenVPN server, I use the custom options field to push routes to my client. Eg, I add
push "route 10...
Also available in: Atom