Activity
From 12/24/2018 to 01/22/2019
01/22/2019
- 07:56 PM Revision a0541b29: use disablepingcheck as option name
-
06:26 PM Feature #9288 (New): SSHGuard add pfSense signature in standard
- Hi,
I discuss with sshguard team about possibility to add the pfSense signature in standard, as it is ever done by... - 04:21 PM Revision 7847e55f: add an option to the DHCP server to disable the ping check feature
-
03:37 PM Bug #9281 (Resolved): ZFS encrypted+mirrored swap may not be activated on 2.4.4-p2
- Thanks for testing!
-
03:11 PM Bug #9281: ZFS encrypted+mirrored swap may not be activated on 2.4.4-p2
- Jim Pingle wrote:
> ZFS encrypted+mirrored swap may not be activated on 2.4.4-p2, the new swap device location code ... -
- Applied in changeset commit:14d470377eab89d7c3f6f765a150ce737409af28.
-
- You have misread what the page is stating. The table is primarily to indicate the enormity of the IPv6 space.
Netw... -
- Added info to that page. ICMP doesn't have state levels like other protocols, so it's really just a placeholder. Does...
-
- (cherry picked from commit 9f3b87d898e1fa8a5bfa40758e5747515cc38ad4)
-
-
- Fix committed
-
01:03 PM pfSense Docs Correction #9287 (Resolved): Feedback on The pfSense Book
- *Page:* https://www.netgate.com/docs/pfsense/book/index.html
*Feedback:* Printed page 264, section 16.1. Period m... -
- (cherry picked from commit 14d470377eab89d7c3f6f765a150ce737409af28)
-
-
12:18 PM pfSense Packages Bug #9286: squidGuard - Unable to change IP for sgerror.php URL in configuration
- Also see bug #8827 that is exhibiting a similar issue.
-
- There is an issue with squidGuard where a user is not able to specify the address that squidGuard provides the client...
-
- I added a checkbox to use challenge-domain instead of challenge-alias in ACME pkg version 0.5.2
-
- Fixed in ACME pkg version 0.5.2
Cron job output is now redirected to the main system log. -
- This will be solved by the fix for #8211 so I'm marking this as a duplicate for now.
-
10:28 AM Feature #9285 (Resolved): Add an option to disable the ping-check in dhcpd
- In experiencing some strange DHCP behavior at a customer site, where DHCP leases were getting abandoned and never re-...
-
09:39 AM Bug #9284: no default gateway after upgrade to 2.4.4_p2 using gateway group
- Jim Pingle wrote:
> Duplicate of #9004
Sorry I did search first. Not well apparently. -
- Duplicate of #9004
-
- Art Manion wrote:
> Workaround: In System > Routing > Gateways set Default gateway IPv4 to automatic (or one of t... -
- Two pfSense boxes A and B using HA sync, A is master, B is backup.
Two gateways, Verizon (tier 1) and ATT (tier 2)... -
- Jim Pingle wrote:
> The correct procedure for what you describe is to import all certs to the primary, and then sele... -
- Jim Pingle wrote:
> It does exclude certificates when all areas that need certificate sync are disabled. OpenVPN req... -
- Applied in changeset commit:9f3b87d898e1fa8a5bfa40758e5747515cc38ad4.
-
- It does exclude certificates when all areas that need certificate sync are disabled. OpenVPN requires certs to sync, ...
-
- system A has external/imported certificate A
system B has external/imported certificate B
Both just upgraded to 2... -
- Daryl Morse wrote:
> As I mentioned, I emailed the author of rate. He replied this morning and confirmed that he is ... -
01:05 AM Bug #9282 (Resolved): Add static mapping count to DHCP Server interface tabs
- services - > DHCP Server > Interface
need a counter that count add static mapping in "DHCP Static Mappings for ...
01/21/2019
-
- * Add "None" output level
* Detect large files and refuse to print them in the GUI textarea
* Ensure output buffering... -
- * Add "None" output level
* Detect large files and refuse to print them in the GUI textarea
* Ensure output buffering... -
05:52 PM Bug #3334: Status/Traffic Graph isn't IPv6 ready
- Jim Pingle wrote:
> The underlying program, rate, still doesn't work with IPv6 as far as I'm aware.
>
> I'd love ... -
- With some small modifications, it does work. See my comments on the PR (and future discussion should happen on the PR...
-
- you are certainly in an issue with bads crlf in the awk script.
please update by this one, i gzip it to avoid any co... -
- (cherry picked from commit 5345b25405101eba3112c1d5daef99bd3b308533)
-
-
- (cherry picked from commit e56c473d7c4c2e7de71c43420c844e452dbcfa82)
-
- (cherry picked from commit 08c49b4d74b87bf34dd46a37837147b857eb8859)
-
-
-
- ZFS encrypted+mirrored swap may not be activated on 2.4.4-p2, the new swap device location code isn't validating the ...
-
- This has been working for me in a test VM for over a month now, but it would be nice to have additional confirmation ...
-
- Applied in changeset commit:36192f4a459ec5d5baf06819102ba783c1725ba1.
-
11:49 AM Feature #9268: Add Linode Dynamic DNS support
- FYI for anyone testing, and as noted on the PR:
Authentication uses "Personal Access Tokens":https://cloud.linode.... -
- PR merged
-
- PR merged
-
- PR Merged
-
- Applied in changeset commit:5345b25405101eba3112c1d5daef99bd3b308533.
-
- That's a new error, not the same one. I can't reproduce that here, but I can see how it might happen. Pushed a new fix.
-
- Applied in changeset commit:e56c473d7c4c2e7de71c43420c844e452dbcfa82.
-
- Looks like it's easily fixed by having the validation check ignore a trailing dot on the hostname, but including it i...
-
- Applied in changeset commit:08c49b4d74b87bf34dd46a37837147b857eb8859.
-
- Actually the URL didn't just change, they also changed the format of the query and it doesn't appear to have the exac...
-
- There does seem to be an issue here, looks like it's in the pfSense module function @pfSense_kill_states()@. Sometime...
-
09:28 AM Feature #9280: Add AAAA record type support for DynDNS with Digital Ocean
- * meant to create this as a "feature".
-
- Add AAAA record type support for DynDNS with Digital Ocean
Updated dyndns.class, services.inc, and services_dyndns... -
05:37 AM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
- Hi Joshua,
Thanks for looking at this.
We don't have a WAN in a down state, it is connected but it has no NAT a...
01/20/2019
-
- Joshua Sign wrote:
> ok,
>
> the first file "File Capture iftop.PNG" show that there is a problem with the awk s... -
- ok,
the first file "File Capture iftop.PNG" show that there is a problem with the awk script.
This script is les... -
- Another screen capture from the status graph.
-
- Joshua Sign wrote:
> Daryl Morse wrote:
> > I got permission denied when I tried to run the script from the console... -
Daryl Morse wrote:
> I got permission denied when I tried to run the script from the console shell.
please chec...-
- just a thought, if you don't have ipv6, you could set up a tunnel with hurricane electric. It's free, it works very w...
-
- Joshua Sign wrote:
> ok,
>
> to debbug it you can check if there is any ip6 in this output :
> [...]
>
> if... -
- ok,
to debbug it you can check if there is any ip6 in this output : ... -
- Joshua Sign wrote:
> can you chexk over console if iftop shows you some IPV6 adresses just by : `iftop -n` ?
>
> ... -
- can you chexk over console if iftop shows you some IPV6 adresses just by : `iftop -n` ?
as far as i didn't have an... -
- PR created : https://github.com/pfsense/pfsense/pull/4040
-
03:29 PM Feature #790: Advanced options for dnsclient (resolv.conf)
- Mike Stupalov wrote:
> Possibility to add additional options in resolv.conf:
> * timeout:n (default 5)
> * attempt... -
05:43 PM pfSense Packages Bug #9279 (Duplicate): security/acme: acme pf sense package processes unnecessary notifications due to using stdout
- When email notifications enabled and pfsense acme (0.5.1) package installed and cron enabled, acme client will produc...
-
- I investigate about this problem,
It seems that the sshguard purpose is to detect an attack and just launch a bac... -
11:36 AM pfSense Packages Bug #9050: Antartica does not make a rule
- Has this been released in the main version? I updated to 2.4.4-p2 and pfBlockerNG 2.1.4_16 and it still doesn't crea...
01/19/2019
-
- Joshua Sign wrote:
> PR : https://github.com/pfsense/pfsense/pull/4039
I installed this patch on the most recent ... -
- PR : https://github.com/pfsense/pfsense/pull/4039
-
- Here is the patch
/usr/local/bin/iftop_parser.sh must have +x
-
- Sounds more like a configuration or local client issue. Post on the forum to discuss the issue and diagnose the probl...
-
09:51 AM Bug #9278 (Not a Bug): LAN IPv6 track interface Router Advertisement not assigning IPv6 addresses on Linux and macOS clients
- Comcast -> (WAN) NetGate (LAN) --> Linux, macOS clients
WAN is configured for IPv6 prefix delegation with prefix l... -
12:23 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.
- I agree with David. DNS more so than Ping monitoring makes sense to me. I've been bit a few times with DNS failures b...
01/18/2019
-
- here are the files you need to easely test, it is faster thant the PR
just put the two scripts into the root directo... -
- yes it will be possible soon.
I just wrote this script to avoid process concurrent creation when many users are on... -
- Joshua Sign wrote:
> Unfortunally i don't use IPV6, so i can't test this part.
I have IPv6 so I would be happy ... -
- Hi Jim,
FYI, I just finish some tests : it seems to works as expected.
All we need to test is :
This awk scr... -
02:30 PM Feature #7416: DHCPv4 client does not support ``supersede`` statement for option 54
- The patch fixed it in OPNSense in 2017. It has been running flawlessly ever since. That's the only feedback I can pro...
-
-
10:57 AM Bug #9264: Disabling "IPv6 over IPv4 Tunneling" breaks config
- Reproduced the issue on SG-5100:
2.4.4-RELEASE-p2 (amd64)
built on Wed Dec 12 14:40:29 EST 2018
FreeBSD 11.2-REL... -
- Tested on SG-5100 -
2.4.4-RELEASE-p2 (amd64)
built on Wed Dec 12 14:40:29 EST 2018
FreeBSD 11.2-RELEASE-p6
A... -
10:42 AM Bug #9024: Ping packet loss under load when using limiters
- I just wanted to chime in that I have the very same exact behaviour on my setup.
Is there any progress on the issue? -
09:29 AM Bug #9277: MBT-4220/2220: pfSense hangs when running sysctl -a
- I'm pretty sure I experienced the same issue on 2.4.4-p1 and or 2.4.4-p2.
It did happen only for the initial few r... -
- That isn't a general issue with pfSense or the MBT-4220. Please contact our support team at https://go.netgate.com an...
-
03:48 AM Bug #9277 (Resolved): MBT-4220/2220: pfSense hangs when running sysctl -a
- Running 2.4.4-p2 on MBT-4220
Accessing the WebGUI appears to be causing OS-level hang (no response on WebGUI/SSH/...
01/17/2019
-
- https://github.com/pfsense/pfsense/pull/4038
It seems to me the wildcard checkbox is intended for providers that o... -
- ok i will work on it and create a PR to change rate by iftop as soon as it works
(normaly it should be ok on sunday ... -
- That does help a bit. It would be even better if iftop had an output mode like libxo where it would be trivial to par...
-
Jim Pingle wrote:
> I'd love to see rate swapped out for iftop (which does support IPv6) but the output of iftop i...-
10:30 AM Bug #9276 (Resolved): DNS troubleshooting tool incorrectly reporting "ai." as an invalid hostname
- To reproduce:
Navigate to Diagnostics=>DNS Lookup (found at /diag_dns.php). Enter any TLD that should work as a si... -
08:31 AM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
- Hello,
One of my two firewalls has developed this issue - I can confirm disabling the WAN adapter resolved this sl... -
- The reply on the FreeBSD PR is ambiguous at best. It would also help if someone that was actually a part of the FreeB...
-
07:42 AM Feature #7416: DHCPv4 client does not support ``supersede`` statement for option 54
- I beg to differ and hope I'm not mistaken, but AFAIK Franco pulled that already into OPNsense and the last statement ...
-
- Might be, but it's still an open issue and hasn't been accepted into FreeBSD yet. There isn't even one person on that...
-
- @Jimp
I maybe wrong but isn't that the corresponding fix/workaround from upstream to this particular problem?
Cou...
01/16/2019
-
05:39 PM Bug #9275 (Resolved): ip tools link not working
- just discovered in 2.4.5 snapshots.. ip tools are not working http://private.dnsstuff.com/tools/whois.ch?ip= and...
-
10:24 AM Revision 28a5469e: add trim() to $_POST['auth_user'] & $_POST['auth_user2']
-
- https://github.com/pfsense/pfsense/pull/4037
-
- to trim leading & trailing whitespace of the username that is entered when signin in to captive-portal.
see [[https:... -
02:26 AM pfSense Packages Bug #9273 (Closed): missing Include=/usr/local/etc/zabbix4/zabbix_agentd.conf.d in /usr/local/etc/zabbix40/zabbix_agentd.conf
- because of the missing include line in the zabbix_agentd.conf, UserParameter definitions are not loaded.
we are us...
01/15/2019
-
- Jim Pingle wrote:
> The underlying program, rate, still doesn't work with IPv6 as far as I'm aware.
>
> I'd love ... -
09:49 PM Bug #7439: IKE_SA (IKEv2) does not rekey on break before make startegy, just issues IKE_DELETE and connection is closed
- I would like to reopen this thread as I'm experiencing same problem and I'm on 2.4.4-RELEASE (amd64)
My configuratio... -
-
-
04:35 PM pfSense Packages Feature #9272 (Resolved): Allow multiple IP in ListenIP for Zabbix Agent
- The web interface for the zabbix-agent service does not allow to add multiple IPs comma separated. The validation rul...
-
- Fix some indenting surrounding the Azure DDNS implementation to be consistent with the rest of the file.
https://g... -
12:38 PM pfSense Packages Feature #8613: pfSense-pkg-acme: acme_certificates_edit.php - Add support for --challenge-alias acme.sh flag
- Markus Barckmann wrote:
>
> It would be very nice to have a UI option to choose between this two (sub)methods.
... -
11:17 AM pfSense Packages Feature #8574: Enable AgentX-support in lldpd using GUI
- The above patch works for me. The Net-SNMP package already adds "master agentx" to /var/etc/netsnmpd.conf by default...
-
- Hi,
I just test it :
- Loading dashboard normaly takes about 1 second or less.
- Without WAN connectivity, it ... -
- Hi Luke,
Thanks for the suggestion but I've tried that, same issue.
It looks like whatever is timing out due to... -
06:57 AM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
- If you remove all widgets from the dashboard does that help at all? It's probably a widget that's causing this delay.
-
- To add to this bug we've been using pfSense 2.3.5 for an internal project and its been working brilliantly.
We're ...
01/14/2019
-
- https://github.com/pfsense/pfsense/pull/4035
-
10:45 AM Feature #9130: Request ID [#INC-16195]: DHCP - PXE Boot
- I also look for this feature, as described in:
https://forum.netgate.com/topic/138637/ipxe-chainloading
-
-
- i just test it on a fresh install 2.4.4-RELEASE-p2 (amd64)
blank_img works without any error.
Problem solved.
01/13/2019
-
11:02 PM pfSense Packages Bug #9244: FRR Status BGP Summary only shows "IPv4 Unicast Summary"
- Created a pull request.
Changed this on my 2.4.4p2 with FRR 0.2_4
"show ip bgp summary $" to "show bgp summary ... -
01:25 PM Bug #9270 (Resolved): "Remove all states to and from the filtered address" does not remove all states
- Simple use case:
Filter all states for an IP of any device (used my iPhone IP) in *_"Diagnostics"/"States"/"States_"... -
10:45 AM Bug #9269: No Internet after reboot, wrong gateway.
- Forum link: https://forum.netgate.com/topic/139570/no-internet-after-reboot-wrong-gateway
-
-
- sorry Jim, i just tested it before my comment on : 2.4.4-RELEASE-p2 (amd64)
i try " _edit/save options on the squid... -
- That commit is already referenced above. It must be tested and confirmed as fixed.
-
- should be solved since this commit : https://github.com/pfsense/FreeBSD-ports/commit/90c367bf2f2fcd61ed631bd3c4fd6634...
-
- In the forum thread, others who could reproduce it were also on airvpn, so it is likely specific to something that pr...
-
07:58 AM Bug #8142: OpenVPN client does not remove static route for custom monitor IP
- I'm not able to reproduce this on 2.4.4p1. However, I will say I'm also no longer using the same vpn provider. I'm ...
-
- That commit is already referenced in the first comment on this issue.
A fix was committed, but it needs to be test... -
- i bet this issue was solved by this commit https://github.com/pfsense/FreeBSD-ports/commit/824d08577196346be0e7d24d92...
-
-
12:23 AM Bug #1690: PPPoE Server not passing IP from RADIUS server
- Seems to be working as of latest dev release with freeradius (daloradius).
01/12/2019
-
- There isn't enough here for a valid bug report. Please start a forum thread to discuss and diagnose the issue. If a s...
-
- I'm running pfsense from a USB key that slows down after a few days unless I reboot the box and everything's back to ...
-
09:20 PM
Bug #8142: OpenVPN client does not remove static route for custom monitor IP
- Is this issue still present in the latest development build? If so, what are the specific steps to reproduce the beha...
-
-
09:16 PM Feature #5675: Theme specific textarea background color
- Yep
-
09:13 PM
Feature #5675: Theme specific textarea background color
- Can this be marked resolved?
-
- If you're on 2.4.4 or later, edit/save options on the squid cache settings tab.
-
09:02 PM
pfSense Packages
Bug #8872: PHP7 error in squid
- How to reproduce the issue?
-
- Looks like it would take activating and tripping a squidGuard filter that replaced content with a blank image. If it ...
-
09:03 PM
pfSense Packages
Bug #8873: PHP7 warning in squidguard
- How to reproduce the issue?
-
09:18 PM
Bug #6896: unbound root.key file corruption possibly related to full file system
- Looks like the OP traced the issue, can the report be marked resolved now?
-
- It wasn't really the upgrade that did anything. Only need to test apcupsd on 2.4.4 or later to make sure there are no...
-
09:01 PM
pfSense Packages
Bug #8780: Apcupsd PHP errors in 2.4.4 snapshot
- There is no way to test this, without an instance of pfSense already running 2.4.3 *with* apcupsd already installed.
... -
09:09 PM
Bug #1690: PPPoE Server not passing IP from RADIUS server
- Is this issue still present in the latest development build?
-
09:07 PM
Bug #1575: Limiters are bypassed by local applications injecting rules
- Is this issue still present in the latest development build?
-
08:05 PM
Bug #9264: Disabling "IPv6 over IPv4 Tunneling" breaks config
- On 2.4.5.a.20190111.1435 (stock - factory default), able to reproduce the behavior....
- 01:42 PM Revision 58d009bc: Update gwlb.inc
-
- Let's add support for updating Linode DNS as a Dynamic DNS provider using their v4 REST API and Personal Access Token...
01/11/2019
-
08:05 PM Feature #1831: Captive portal IPv6 support
- PHP RADIUS package (used for RADIUS authentication/accounting) is not IPv6 compatible, which is a captive portal depe...
-
07:06 PM Bug #7801: UDP fragments received over IPsec tunnel are not properly reassembled and forwarded
- Hi, I have been waiting a year for that fix, for us, it's RDS sessions that disconnects randomly when using UDP over ...
- 04:41 PM Revision 67dd34a0: Update gwlb.inc
- Correct BUG 9004 -> set the default gateway when system start and a gateway_group is default IPV4 gateway
-
- Tested on:
2.4.4-RELEASE-p2 (amd64)
built on Wed Dec 12 14:40:29 EST 2018
FreeBSD 11.2-RELEASE-p6
client expo... -
11:15 AM Bug #9266: status_monitoring.php : failed to have quality graph
- A direct acccess to https://x.x.x.x/rrd_fetch_json.php display { "error" : "Invalid RRD file" }
Checking if the fi... -
10:16 AM Bug #9004: Default gateway IPv4 set to a group fails after restart on 2.4.4
- I think i found the bug
file /etc/inc/gwlb.inc... -
01:01 AM pfSense Packages Bug #9211: GeoIP broken in pfSense-pkg-ntopng-0.8.13_3
- in the topic mentioned above there has been found a possible cause for this:
> "Using pfSense 2.4.4-RELEASE-p2 wit...
01/10/2019
-
10:25 PM Bug #9267: dhclient does not handle protocol timeouts or script failures correctly
- Also to add, this is seen on version 2.4.4-RELEASE-p1 (amd64),
FreeBSD 11.2-RELEASE-p4, but affects versions back at... -
- pfSense-dhclient-script fails to return nonzero in the case where a DHCP timeout occurs and the cached gateway addres...
-
- (cherry picked from commit 3fcf5ad71216922921801d85d063d360fde5566f)
-
-
01:48 PM Feature #1831: Captive portal IPv6 support
- It's 2019 and guess what: This is still missing, while the fixes were apparently ready years ago....
-
- Hi David,
I just try to reproduce but without any success.
Even on a fresh install 2.4.4-RELEASE-p2 (amd64) or an... -
- Problem :
---------------------------------------------------------
Status, Monitoring, failed to display the quali... -
- Applied in changeset commit:3fcf5ad71216922921801d85d063d360fde5566f.
-
07:19 AM pfSense Packages Feature #9265 (Resolved): Add options to configure TIMEOUTclose and debug on stunnel package
- Hello all...
This PR[1] add options to configure TIMEOUTclose and debug (log level) and also fix package doc URL o...
01/09/2019
-
06:12 PM Bug #9264: Disabling "IPv6 over IPv4 Tunneling" breaks config
- lower urgency now.
I fixed my local config with viconfig.
The setting that got stick is 'ipvnat'
It looked l... -
- Raising urgency of bug, as it seems it does actually prevent toggling other settings on the networking page. Until I...
-
- missed step 4 which is hit save and apply again.
-
- Steps that may possibly reproduce.
1 - enable "IPv6 over IPv4 Tunneling" and set an ip address in the "ipv4 addres... -
- Even when downloading a too large capture it will fail..... (it just has to be large enough).
-
- I don't see the advantage by installing it by default, the whole purpose of packages is to make the base system not t...
01/08/2019
-
04:57 PM Bug #9123: Adding/configuring vlan on ixl-devices causes aq_add_macvlan err -53, aq_error 14
- Not sure about the similarity of conditions yet, but I'm seeing this message being logged on my FreeNAS box with the ...
-
03:04 PM Bug #9263: Incorrect ICMP reply when using limiters
- Relevant forum topics:
https://forum.netgate.com/post/815824
https://forum.netgate.com/topic/137090/traceroute-omit... -
- My setup is as follows. pfSense 2.4.4_p2, it maintains a L2TP tunnel to my ISP and all the traffic is configured to g...
-
12:41 PM pfSense Packages Bug #9261: haproxy GUI failure
- The acl "Traffic is ssl (no value needed)" is using the actual haproxy option: "req.ssl_ver gt 0" this is one that on...
-
11:23 AM pfSense Packages Bug #9261 (New): haproxy GUI failure
- The GUI is misbehaving. I'm unable to add a specific ACL via the GUI. Simply adding "http-request redirect scheme htt...
-
11:37 AM Feature #9262 (Duplicate): Strongswan DHCP plugin
- Would it be possible for the DHCP plugin for Strongswan to be implemented? (https://wiki.strongswan.org/projects/stro...
-
12:56 AM Feature #9260: ssh_tunnel_shell: Disable console message output
- It’s worse than that. If I’m looking at the right source, that binary does nothing but chatter at the poor user.
...
01/07/2019
-
- * Add changes as requested by @jim-p
-
- * DNS Resolver python integration
-
- +1 : good feature !
nice work! -
- The final code for mounting the /bin and /lib folders has been submitted for review (Services.inc):
https://github.c... -
01:59 PM Revision 0d869333: Disable RUST option for aarch64 as well
-
-
-
-
-
-
01:09 PM Feature #8511: Dynamic DNS: Cloudflare Add TTL option
- +1 I suggest allowing the TTL setting to be a configurable value, as it is for other Dynamic DNS clients, such as Azu...
-
- +1 I'm surprised this isn't already a feature. I noticed this today when we our primary connection came back online, ...
-
-
-
-
-
-
-
- The only way you can see that "Deny Config Write" message is if your user, or a group they are in, has the "Deny Conf...
-
11:04 AM Bug #9259: User with "Deny Config Write" privilege is not fully prevented from creating accounts
- That is not the case. I just have tried another system, where this issue does not show. My latest install does behave...
-
- You must have incorrectly added the "User - Config: Deny Config Write" privilege to your admin group, which is common...
-
- I do log into the web GUI as a user "myuser" with admin group membership (other than the builtin admin/root). I used ...
-
- Users with only the "User - System: SSH Tunneling" privilege get the @ssh_tunnel_shell@ program as their shell. When ...
-
01:19 AM Bug #9258: Error deleting tunnel type P2 when mixed with VTI
- Edit:
Workaround:
1. disable vti interface
2. remove all unwanted p2
3. enable vti interface -
- When trying to delete a (tunnel mode) phase 2 entry were both "tunnel" and "vti" modes are mixed the GUI is respondin...
01/06/2019
-
- +1
-
- Pull Request : https://github.com/pfsense/pfsense/pull/4054
-
- Pull Request : https://github.com/pfsense/pfsense/pull/4056
-
- -Pull Request : https://github.com/pfsense/pfsense/pull/4031-
Netgate choosed to fix this issue in another way. ne... -
- Support for that is already in ACME 0.5, available on 2.4.5 snapshots. If stable, it will be made available for 2.4.4...
-
- Hi,
The Security Researcher Scott Helme has just blogged about an alternative to Let's Encrypt; https://scotthelme... -
02:56 AM Revision 7e114786: making sure my tabs align with upstream
-
- When a geom rebuild is occurring, this script by default notices that the device status has changed every time the re...
01/05/2019
-
- When a geom rebuild is occurring, the gmirror_status_check script by default notices that the device status has chang...
-
- Use a real proxy like HAProxy if your needs exceed what is possible in the stock load balancer. As you have seen, it ...
-
12:35 AM Feature #9254 (Rejected): Easily allow load balancing of servers on same subnet as the client
- I have been trying to setup load balancing for servers on my internal network, where the clients also live.
I hav... -
- When using multiple authentication servers, pfSense is checking all of them regardless if an authentication succeeded...
01/04/2019
-
02:19 PM Feature #9253: RFE: True View-Only WebCFG options
- Jim Pingle wrote:
> There is not currently a privilege that will deny a user from performing actions.
Thanks, tha... -
- Starting and stopping services are not config writes, they are state changes. The "Deny Config Write" privilege does ...
-
- Joshua Sign wrote:
> maybe this can help you : https://redmine.pfsense.org/issues/9252#note-1
Joshua, Thanks for ... -
- maybe this can help you : https://redmine.pfsense.org/issues/9252#note-1
-
- Currently pfSense allows a number of options for WebCfg Status pages to grant access to (e.g. Captive Portal, load, G...
-
- This reverts commit 616089d861af8deb7111be009367ab798c5df3b3.
-
10:23 AM Feature #7974: ZFS RAID Monitor Not available
- It would be great to have this - after moving to new firewalls with zfs mirror configuration, we no longer have a way...
-
I am not able to test this because i dont use this service.
I was just trying to help about this subject to find t...-
08:44 AM
Bug #3500: DHCP Leases List Not Showing Hostname in Some Cases
- Hi Joshua,
ok, so do you want me to close the current PR. I guess that you can make new PR with your implementation? -
08:30 AM Bug #9252: wol-only user can delete WOL records
- Thank you Jim, I awaited something like this :)
-
- That is normal behavior. A user with access to a page can perform any action offered by that page. It is not a means ...
-
- A user, which has only "wol" privileges, can delete WOL records by clicking on the bin icon.
The same time, the us... -
-
06:22 AM Bug #9193: firewall_nat.php: PHP error deleting an imported NAT rule with no firewall rules present
- On 2.4.5-dev 20 Nov:
Repeated steps 1 and 2 in bug description - after that triggered PHP error by NAT rule deleti... -
07:46 AM Bug #7801: UDP fragments received over IPsec tunnel are not properly reassembled and forwarded
- Hi, I also have a similar issue with fragmented packets and IPsec tunnels (noticed with ICMP traffic).
Incoming fra... -
-
01/03/2019
-
- Add the python module integration to the DNS Resolver (Unbound)
The only remaining function, would be to mount the... -
-
04:29 PM
Bug #9214 (Resolved): Packages fail to reinstall after restoring config.xml from the installer
-
04:28 PM
Bug #9214: Packages fail to reinstall after restoring config.xml from the installer
- Tested on 2.4.5.a.20190102.0952, works as expected.
-
-
03:28 PM
pfSense Packages
Feature #9250 (Resolved): Adjust download buttons and labels in OpenVPN Client Export
- Adjust download buttons and labels in OpenVPN Client Export, according to https://redmine.pfsense.org/issues/8671?iss...
-
03:14 PM pfSense Packages Feature #9249 (Resolved): [siproxd] Add config for siptrunk plugin
- I use a sip trunk and it didn't work out of the box.
After adding these four lines to /usr/local/etc/siproxd.conf ... -
-
-
-
11:19 AM Feature #9130: Request ID [#INC-16195]: DHCP - PXE Boot
- Vote: +1
-
-
- I replicated the issue on:
SG-3100
2.4.4-RELEASE-p1 (arm)
built on Thu Nov 29 14:06:34 EST 2018
FreeBSD 11.2... -
- Hi Totio,
As i didn't find a way to correctly handle '\r' or '\n' with awk or sed, i switch to perl which can play...
01/02/2019
-
05:13 PM Bug #9248 (Resolved): Dynamic dns updates on azure ipv6 service is not working properly
- When using the azure v6 dynamics dns update there is an issue that the dns entry is showing up at the azure dns manag...
-
04:44 PM pfSense Packages Bug #9247 (New): HAProxy multiple server selection on stats pages doesn't work
- Hi,
When selecting multiple servers to perform an action on in the Stats or Stats FS pages, the action performed o... -
- That PR hasn't been merged yet, probably should be its own ticket since it isn't related to this v83 change.
-
02:45 PM
pfSense Packages
Todo #8671: Add "V83" to Yealink T38G (2) download label
- On 2.4.5.a.20190102.0951 with pfSense-pkg-openvpn-client-export-1.4.18, seeing...
- 02:50 PM Revision 0b4c14a4: Update copyright notices to 2019. Happy New Year
-
12:06 PM
Bug #3500: DHCP Leases List Not Showing Hostname in Some Cases
- Well, I agree, but at least my proposal doesn't break the overall logic, the current code base already strips the # s...
-
08:34 AM Bug #9246 (Closed): dhcp configuration v4/v6 ignores VLAN priority configuration
- When submitting interface configuration, the DHCP 802.1p settings becomes overwritten by DHCP_Config_File_Advanced or...
-
08:05 AM
Todo #9245 (Resolved): Update copyright notices to 2020
01/01/2019
-
- ON the FRR status pages, Services / FRR / Status, On the All and BGP tabs.
BGP Summary contains no info about IPv6... -
05:36 PM Bug #9243 (Resolved): IPsec ID type keyid not explicitly set
- Identifier type is set to "Key ID tag" on both sides. Sonicwall says in log: "VPN Policy: Local ID type: KEY ID; Remo...
-
- Retested and got *the same results* as Joshua. I must have messed up something with IPs or Safari browser got stuck d...
-
03:13 PM Bug #9242 (Resolved): MBT-4220/2220 not recognized by pfsense correctly after UEFI upgraded to 1.00
- In BIOS Released by intel there were system identyfier change.
pfSense installer expects
Product Name: Minnowboard ... -
- Phillip Davis wrote:
> It could all be done in a PHP loop instead of using "awk".
It should be better and easier...
12/31/2018
-
- Just noticed, it looks like Unbound (DNS Resolver) supports DNS64 as well (plus BIND/named if you want to use that), ...
-
08:36 PM Bug #9241 (New): Ethernet link cycles up/down if "auto-negotiate" is explicitly selected in interface configuration
- I have Celeron J1900-based SBC with Intel 82573V NIC's using the Intel PRO/1000 driver.
I'm running 2.4.4-RELEAS... -
04:35 PM
Bug #3500: DHCP Leases List Not Showing Hostname in Some Cases
- This bug with the } symbol in some UID fields and the missing hostname in the Web UI is still presented in version 2....
-
03:02 PM pfSense Packages Feature #9240 (Rejected): allow users to define custom ipsec configuration using web-page for ipsec
- Just like in OpenVPN configuration page, where users can add custom options (Advanced Configuration -- Custom options...
-
01:22 PM pfSense Packages Feature #9238: Add support for Zerotier
- Minimal functionality required would be joining and leaving networks. The controller service is not necessary as that...
-
- Excerpt from https://zerotier.com/blog/2018-05-04-128.shtml...
-
- Either or both of those should be fairly simple to do..
-
11:18 AM Bug #9239 (Resolved): WebGUI: Diagnostics > Packet Capture will try to display any size of pcap file.
- The diag_packet_capture.php p[age will try to display any size of pcap when the capture is stopped regardless of how ...
12/30/2018
-
- Adding support for ZeroTier with its multi-path feature, would give pfS a better position in the SD-WAN market.
12/29/2018
-
02:14 PM
pfSense Docs
Correction #9237 (Resolved): Remove references to pfSense Virtual VMware Appliance
- At https://docs.netgate.com/pfsense/en/latest/solutions/vmware/index.html, there is a "VMware READY" logo at the top ...
-
02:02 PM
pfSense Docs
Correction #9216 (Resolved): pfSense Firewall/VPN/Router for Azure » Support Resources Outdated link
- All relevant URLs on the page are now corrected.
-
- We don't have any control over that, it comes from FreeBSD as a part of the ports tree. The ports tree also contains ...
-
- Hello,
Because of the 'japanese/prn' directory, users with windows 10 systems can't fetch repository.
Microsoft u... -
06:51 AM pfSense Packages Bug #9233: Error adding new status monitoring view
- I was able to avoid the problem: I saved a configuration file, located the <savedviews> etc </ savedviews> section th...
-
- Hi Danilo,
I'am not agree with your test.
I just test again to be sure about it, and i can confirm that if your...
12/28/2018
-
07:14 PM Bug #9235 (Resolved): pfsense does not send ICMP redirect
- Hi,
This is a clone of
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221137
In FreeBSD >=11, ICMP redirect... -
06:20 PM Bug #9234 (Resolved): Wording consistency in Certificate Management notifications
- When creating a new certificate, the Distinguished Name (common name) is a required field. Omitting the common name r...
-
05:26 PM Bug #9004: Default gateway IPv4 set to a group fails after restart on 2.4.4
- Same here on 2.4.5.a.20181221.1732.
-
- I have reproduced the bug on SG-3100:
2.4.4-RELEASE-p1 (arm)
built on Thu Nov 29 14:06:34 EST 2018
FreeBSD 11.2-... -
- sorry, my bad, i was talking about : https://github.com/pfsense/FreeBSD-ports/pull/604
i correct my precedent post -
- I don't think so....I can in fact do updates on default view. My problem is different...It can not ADD new VIEWS afte...
-
- Hello,
Maybe you experienced this issue : https://redmine.pfsense.org/issues/9194
If so, you can try this patch... -
- Now I can no more add a new "Monitoring View". After choose "Add View" I get the message "The name-of-my-view view ha...
-
- i redo a correct PR : https://github.com/pfsense/FreeBSD-ports/pull/604
-
- the PR is now ok : https://github.com/pfsense/FreeBSD-ports/pull/603
12/27/2018
-
- (cherry picked from commit 2c5d3b1e5002598cb799a182ccc1d6e66d3aac5d)
-
-
05:20 PM Bug #9232 (Duplicate): pfSense cant connect to hosts on the internet using non-local gateway via interface specific route after reboot
- After upgrading to 2.4.4_p1, pfSense cannot connect to hosts on the internet anymore. Clients in the LAN behind the p...
-
- Applied in changeset commit:2c5d3b1e5002598cb799a182ccc1d6e66d3aac5d.
-
- When creating or editing an alias, input validation is performed against pf keywords to prevent them from being used ...
-
02:41 PM Feature #9230: The ability to port forward across an IPSEC site to site vpn
- The configuration in the office is already set to do 0.0.0.0/0 routing (all traffic from the office is tunneled out v...
-
- With tunneled IPsec if you use 0.0.0.0/0 as the remote on IPsec this can work, but it's not ideal. All traffic will b...
-
- I should mention both firewalls are 7100s. Same model. Colo firewall has upgraded ram and 10gig copper.
-
- In my environment, have a 7100 in a colo, and it is attached to a remote office via a site-to-site ipsec vpn link.
I... -
10:36 AM pfSense Packages Bug #9229 (New): Tinc package: no way of specifying multiple critical configuration parameters from web interface
- Hello,
After installing the *Tinc package* provided in the official pfSense repository, there is *no apparent way ... -
10:22 AM pfSense Docs Correction #9228 (Resolved): Feedback on Hardware — Hardware Sizing Guidance
- *Page:* https://docs.netgate.com/pfsense/en/latest/hardware/size.html
*Feedback:*
Customer noticed that all of ... -
- *Tinc* software ([[https://tinc-vpn.org/]]) is an excellent and easy way of configuring *SSL tunnels* to various othe...
-
- Hello and thanks! :)
I've tested all this in the very latest version of pfSense, namely 2.4.4-p1, which I've down... -
05:52 AM Bug #8831: Radvd causes latency spikes
- Can confirm that the bug exists in 2.4.4-RELEASE-p1 (amd64)CE.
LAGG protocol is LACP and vlan on the LAGG, pretty ... -
03:28 AM Feature #9226 (New): zfs GUI functionality - alerts
- *some* way of seeing the status in GUI, and most importantly, *alerts* for degraded
it looks like the dashboard alre...
12/26/2018
-
01:42 PM Revision ce4224ff: Fix test $g['product_version_string']
-
10:54 AM Bug #9004: Default gateway IPv4 set to a group fails after restart on 2.4.4
- Seeing this issue as well. No default gateway is created.
2.4.4-p1 -
09:29 AM Bug #9225 (Closed): Gateway group routing not updated on OpenVPN client reconnect
- Setup: PFSense 2.3.5 p1, or PFSense 2.4.4-p1
WAN1 - (PPPOE)
WAN2 - VPNV4 - Openvpn client in TUN mode connected v... -
- Tested: pfSense-pkg-openvpn-client-export-1.4.18
Username is added to the file for userID 0, the admin user:
<pre... -
-
- This issue has been fixed in September 2018 by Renato in commit 7cab6335bb
Could it be marked as resolved ? -
- Hello,
Please can you tell us the pfsense version you use ?
I got 2.4.4_1 and there is "Static IPv6 Configuration... -
- Hello,
*On current version of pfSense, one cannot configure STATIC IPv6 addresses* allocated by our ISP (R... -
- Sshguard implementation in pfsense broke the way that sshguard should work.
I notice that blocking IP for a while ... -
- Actually systems logs show us when sshguard is blocking an IP, but we never known when it release this IP.
It should...
12/25/2018
-
- This happens in few pages, such as system_authservers.php or services_captiveportal_vouchers.php
!https://www.pi...
12/24/2018
-
- It is also not showing the locations (other than home location) and flows om the maps page
-
- Tested:
2.4.4-RELEASE-p2 (arm64)
built on Wed Dec 12 06:32:09 EST 2018
FreeBSD 11.2-RELEASE-p6
Calling station ... -
- Tested in current package version: pfSense-pkg-Service_Watchdog-1.8.6
No errors. -
- Replicated in 2.4.4p1:...
-
- Jim Pingle wrote:
> Given that issue, this is almost certainly a duplicate of #3334
The underlying problem was re...
Also available in: Atom