Activity
From 01/06/2019 to 02/04/2019
02/04/2019
-
09:45 PM Revision d6601c8f: Also trim if() statement
-
02:18 PM Feature #7618: Add support for user-supplied Host-Uniq tag and handle PADM messages in Netgraph PPPoE
- I've created a pull request -to my own branch for tests, when stable I'll pull the request- to pfSense master.
Li... -
07:20 AM Bug #6896 (Not a Bug): unbound root.key file corruption possibly related to full file system
-
06:03 AM Bug #9148 (Feedback): PPPoE over a VLAN fails to reconnect.
- This should be fixed in 2.4.4p2
-
05:39 AM Feature #1831: Captive portal IPv6 support
- Flole Systems wrote:
> Unfortunately that site is down. However, I've done some additional research and it seems lik... -
05:12 AM Bug #6579: IPv6 CARP VIPs lost upon config sync where they include non-significant zeros
- I have just experienced an interesting mutation of the issue. My IPv6 CARP virtual address was ending with zero: fddf...
02/03/2019
-
05:08 PM Feature #9304: DNS Rebind Protection should be configurable, defaults should be more sensible
- The problem I ran into with the stock configuration is that there's absolutely no way to disable DNS rebind protectio...
-
- The default is fine as-is, it is the most secure assumption and safest.
There are documented ways to make exceptio... -
- h2. Problem
The DNS rebind protection approach currently being used by pfSense is too heavy handed. It indiscrimi... -
07:19 AM Bug #9303: HA sync : disabling captive portal HA sync does remove all zones on slave
- fix : https://github.com/pfsense/pfsense/commit/3d382f50c3a25230e7166e9877a0d88c7e62c24b.diff
(if you want to apply ... -
- Issue #8808 has been fixed in 2.4.4, however the fix induced another problem : unselecting "captive portal" in HA syn...
02/02/2019
-
04:30 AM Feature #9302: radvd always advertises DNS servers and Domain Search List regardless of M or O flag
- An example radvd configuration can be found here:
[http://sophiedogg.com/radvd-and-dhcpd6-server-configuration-for-d... -
- In "Managed" or "Stateless DHCP" mode, DNS servers and Domain Search List should be requested from DHCPv6 Server.
...
02/01/2019
-
06:44 PM
pfSense Packages
Bug #8780 (Resolved): Apcupsd PHP errors in 2.4.4 snapshot
- Got it. Tested on 2.4.5.a.20190201.0810 with apcupsd version 0.3.91_4, no issues.
-
06:39 PM
Bug #8633: thousands PHP undef gwname /etc/inc/gwlib.inc line 1210
- What are the steps to reproduce this issue?
-
06:34 PM
pfSense Packages
Bug #8651 (Resolved): another php error (broke stable pfBng)
- Not able to reproduce this behavior on 2.4.5.a.20190201.0810 with pfBlockerNG 2.1.4_16.
-
06:21 PM
Bug #9275 (Resolved): ip tools link not working
-
06:03 PM
Bug #9275: ip tools link not working
- Tested on 2.4.5.a.20190201.0810. Links have been removed.
-
06:20 PM
Bug #9239 (Resolved): WebGUI: Diagnostics > Packet Capture will try to display any size of pcap file.
-
06:20 PM
Bug #9239: WebGUI: Diagnostics > Packet Capture will try to display any size of pcap file.
- On 2.4.5.a.20190201.0810, tested with an iperf3 traffic stream running over WAN with a simultaneous packet capture on...
-
- It was also broken in the pfSense docs. Fixed both.
-
01:52 PM
pfSense Docs
Correction #9301 (Resolved): Broken link to HashTab in Verifying Downloaded Image section of Writing OS Image to Media
- At https://www.netgate.com/docs/reference/create-flash-media.html#verify-the-downloaded-image the link to HashTab sho...
-
11:29 AM Bug #9123: Adding/configuring vlan on ixl-devices causes aq_add_macvlan err -53, aq_error 14
- I have tested the FreeBSD Version 11.1, 11.2 and 12.0 on the Hardware and got following results.
+FreeBSD 11.1 (Fr... -
10:22 AM Feature #1831: Captive portal IPv6 support
- Unfortunately that site is down. However, I've done some additional research and it seems like others simply use stri...
-
08:43 AM pfSense Packages Bug #9211: GeoIP broken in pfSense-pkg-ntopng-0.8.13_3
- New ntopng 3.8 (December 2018) release supports the GeoIP2 library
* Adds the new libmaxminddb geolocation library
01/31/2019
-
12:06 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
- I believe my issues may be related to this. We updated to 2.4.4 p2 on Jan 9, but only in the past few days have seen ...
-
05:32 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
- I have now prepared a minimal example:
As you can see fqdn1 is missing the entry for one.one.one.one
Please FIX -
- Did you mean something else besides "Last Updated"? "Last Renewed" would always be the same as "Last Updated".
Unl... -
12:37 AM pfSense Packages Feature #9300: ACME package: last time updated
- Not to be a naysayer, but isn't that a little redundant? Acme knows LE is 90 days and if run manually before Day 60 ...
-
12:09 AM Bug #7609: NTP Status not parsing all NTP Access Restrictions preventing status display when it is actually allowed
- As of 2.4.4-p2 issue as described in the original post still exists and has not been resolved.
There are a couple ...
01/30/2019
-
10:13 PM pfSense Packages Feature #9300 (Rejected): ACME package: last time updated
- It’s low priority but nice to have.
Please expose in addition to ‘Last renewed’ time stamp “Last updated” on the t... -
Currently if user wants to fordward port 80 (for stand alone method for example) to a different port and also not ...-
- I reported this last year, Issue #8707 and gave up on a fix.
Updated last night to 1.28.19 build, hoping maybe the... -
- It would very nice to be able to see a history of available temperature readings even if that was just whatever CPU t...
-
- If you are using FQDN-Aliases each FQDN can only be used once, if
you use the alias twice, the generated tables are... -
10:59 AM Revision c07f1c26: Revert "Switch the 2.4.5 CE images to the new 2.4.5 development branch."
- This reverts commit 2735541ea6fa553673d90e75f7e821497723fb23.
-
10:36 AM pfSense Packages Feature #8232: different ssl options based on the sni name
- Hey Pi Ba
I got the same Problem. When will the Fix be upstreamd to the "Main Channel" of pfs?
Greetings
Cedric
01/29/2019
-
- (cherry picked from commit 62baf0777924b2c21c832db3c0040988e7451c61)
-
- Validation is already present and prevents bad values from being
entered.
(cherry picked from commit 1072b9333c47df5... -
- (cherry picked from commit 261916e5d3f833a58d5cef1afdadc7495ec2c74b)
-
- (cherry picked from commit 938988609c306fcd44e25a053745c4b8332eeeb5)
-
- (cherry picked from commit 57ccd08bf7ee05b9a00750a1fd9cf8f148e0c9ac)
-
- (cherry picked from commit 5cc7d21dc08be6c65a2bf7f8f4481dc13f4ae115)
-
- (cherry picked from commit 56888f24ca2715e678a1324633a08d3a611b4136)
-
-
- Validation is already present and prevents bad values from being
entered. -
-
-
-
-
04:05 PM Feature #9293: Custom message text for the login screen
- Hi Joshua,
Yes, that was just an example of a similar requirement. This requirement can be found for "web servers":h... -
12:02 PM Feature #9293: Custom message text for the login screen
- Hi,
You are sure it is required for WebGUI ?
Because in the document you link it is only for "console login prom... -
- While trying to deploy in govt environments, they have security guidelines (STIGs) we're required to follow. Some, as...
-
-
- * XSS1 - Reproduced during redirect when changing protocols, added validation for the input and redirect
* XSS2 - Un... -
- A list of 30 XSS issues was posted publicly without following responsible disclosure practices, they all need tested/...
-
11:51 AM Bug #9295 (New): IPv6 PD does not work with PPPOE (Server & Client)
- Hi,
as encountering DHCPv6 with Prefix delegation does not work together with PPPOE Server vice versa it is not p... -
- Same problem here.
Hardware: Dell PowerEdge 330 with Intel(R) 10GbE 2P X710 Adapter
Done so far:
* installati... -
04:09 AM Feature #7244: Publish pfsense as a Vagrant Basebox
- I'm looking into implementing this one, because I need an easy way to launch pfsense instances for running automatic ...
01/28/2019
-
11:55 PM Revision 2735541e: Switch the 2.4.5 CE images to the new 2.4.5 development branch.
- Start to pave the way to 2.5.
-
06:18 PM Revision e5b43cf8: type cast traffic graph inputs to fix #9072
-
- Thanks for digging into the problem and for testing the fix!
-
-
- It Works! ;)
tested on :
2.4.4-RELEASE-p2 (amd64)
built on Wed Dec 12 07:40:18 EST 2018
FreeBSD 11.2-RELEASE-p6 -
- Applied in changeset commit:e5b43cf8b86586486d951ab1da35b6c45ad6edf6.
-
-
- It looks like it was introduced in this commit (not that the code before it was perfect): https://github.com/pfsense/...
-
-
01/27/2019
-
07:20 PM Feature #9290: Need a way to suppress status output display in /status.php
- This all looks great. Tested everything I think. Works.
-
08:26 AM Bug #9292 (Resolved): Default route as indicated by "(Default)" does not match the actual default route on the OS.
- Default route as indicated by "(Default)" does not match the actual default route on the OS.
Fix: https://github.c... -
- Per below two forum posts by dummynet creator configuring Codel AQM and fq_codel scheduler, as shown in Youtube video...
01/26/2019
-
08:02 PM Bug #8554: /etc/rc.kill_states code not correctly parsing pfctl output
- I'm running 2.4.4_2 and it still seems to be an issue. Are those actions logged somewhere so I can take a look please?
-
-
12:02 AM Bug #9276: DNS troubleshooting tool incorrectly reporting "ai." as an invalid hostname
- On 2.4.5-DEVELOPMENT (arm)
built on Fri Jan 25 05:46:46 EST 2019
Entered "ai.: in Diagnostics=>DNS Lookup an... -
- That snapshot was before this commit. The newest snapshot should have it, if you update and try it again, it should w...
-
- On 2.4.5-DEVELOPMENT (arm)
built on Fri Jan 25 05:46:46 EST 2019 - SG3100
When I issue this command I get html ...
01/25/2019
-
04:08 PM Bug #6876: Firewall alias issue after adding a wrong alias
- Tested on:
2.4.4-RELEASE-p2 (arm)
built on Wed Dec 12 14:40:29 EST 2018
FreeBSD 11.2-RELEASE-p6
Followed instru... -
- * Rewrites the command output so it is first written to files, then read through line-by-line to PHP. Should be much ...
-
- * Rewrites the command output so it is first written to files, then read through line-by-line to PHP. Should be much ...
-
- FYI
Kevin Zheng from sshguard bitbucker wrote :
> I’d be happy to include this signature in SSHGuard if the rule ... -
11:56 AM pfSense Packages Bug #9050: Antartica does not make a rule
- What should I track to see when it is released?
-
10:28 AM Bug #9004: Default gateway IPv4 set to a group fails after restart on 2.4.4
- jonathan's fix works.
Thank you very much! -
- Implemented this and some other changes.
* Rewrites the command output so it is first written to files, then read ... -
- tested on 2.4.5-DEVELOPMENT (arm)
built on Fri Jan 25 05:46:46 EST 2019
Invoked a lot of traffic while running...
01/24/2019
-
08:46 PM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
- I have also noticed this issue on my home pfSense. I was able to reproduce it reliably with a VM and it appears to h...
-
- James Howel wrote:
> It appears that if pfSense has NEVER been connected to the internet, the way it behaves with th... -
10:26 AM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
- Maverick Phillips wrote:
> Hello,
>
> One of my two firewalls has developed this issue - I can confirm disabling ... -
04:57 PM Feature #4632: Support for Multipath TCP (MPTCP)
- +1 here
this is a great added value for pfsense ! -
- Ok copy thx
-
- Unless you are viewing the web page between 3:15-3:30 AM, that icon will not show because the schedule is not active....
-
- See attached.
Fine print says <icon >"Indicates that the schedule is currently active."
But there is no icon on... -
- i can confirm
the problem comes when you change from bytes to bits and then bits to bytes.
one temporary workaro... -
12:45 PM Bug #9072: RRD graph mouseover information shows up as Mb when unit size is set to MB
- Discussion about it here and validation
https://forum.netgate.com/topic/139922/solved-dashboard-traffic-not-consiste... -
06:24 AM Bug #8758: filterdns stops working on a regular basis.
- Just ran into this on 2.4.4-p2 with a not updating alias table:
[2.4.4-RELEASE][root@fw2]/root: ps aux | grep filt... -
12:56 AM pfSense Packages Bug #9050: Antartica does not make a rule
- I answered this in my post above... Its already fixed in Devel. I am hoping to get devel released next month and that...
01/23/2019
-
-
-
-
-
- Many times on a large system a status output cannot be taken because displaying things like a large state table can e...
-
01:22 PM Feature #336: Option to create lagg under assign interfaces
- +1 Very important feature!
-
- Tested:...
-
04:52 AM pfSense Packages Feature #9289 (New): Snort enable react
- I like to use the "config enable_react" parameter to show a http site on blocked ips. The SNORT package dont't know t...
01/22/2019
- 07:56 PM Revision a0541b29: use disablepingcheck as option name
-
- Hi,
I discuss with sshguard team about possibility to add the pfSense signature in standard, as it is ever done by... - 04:21 PM Revision 7847e55f: add an option to the DHCP server to disable the ping check feature
-
- Thanks for testing!
-
03:11 PM Bug #9281: ZFS encrypted+mirrored swap may not be activated on 2.4.4-p2
- Jim Pingle wrote:
> ZFS encrypted+mirrored swap may not be activated on 2.4.4-p2, the new swap device location code ... -
- Applied in changeset commit:14d470377eab89d7c3f6f765a150ce737409af28.
-
- You have misread what the page is stating. The table is primarily to indicate the enormity of the IPv6 space.
Netw... -
- Added info to that page. ICMP doesn't have state levels like other protocols, so it's really just a placeholder. Does...
-
- (cherry picked from commit 9f3b87d898e1fa8a5bfa40758e5747515cc38ad4)
-
-
- Fix committed
-
01:03 PM pfSense Docs Correction #9287 (Resolved): Feedback on The pfSense Book
- *Page:* https://www.netgate.com/docs/pfsense/book/index.html
*Feedback:* Printed page 264, section 16.1. Period m... -
- (cherry picked from commit 14d470377eab89d7c3f6f765a150ce737409af28)
-
-
12:18 PM pfSense Packages Bug #9286: squidGuard - Unable to change IP for sgerror.php URL in configuration
- Also see bug #8827 that is exhibiting a similar issue.
-
- There is an issue with squidGuard where a user is not able to specify the address that squidGuard provides the client...
-
- I added a checkbox to use challenge-domain instead of challenge-alias in ACME pkg version 0.5.2
-
- Fixed in ACME pkg version 0.5.2
Cron job output is now redirected to the main system log. -
- This will be solved by the fix for #8211 so I'm marking this as a duplicate for now.
-
10:28 AM Feature #9285 (Resolved): Add an option to disable the ping-check in dhcpd
- In experiencing some strange DHCP behavior at a customer site, where DHCP leases were getting abandoned and never re-...
-
09:39 AM Bug #9284: no default gateway after upgrade to 2.4.4_p2 using gateway group
- Jim Pingle wrote:
> Duplicate of #9004
Sorry I did search first. Not well apparently. -
- Duplicate of #9004
-
- Art Manion wrote:
> Workaround: In System > Routing > Gateways set Default gateway IPv4 to automatic (or one of t... -
- Two pfSense boxes A and B using HA sync, A is master, B is backup.
Two gateways, Verizon (tier 1) and ATT (tier 2)... -
- Jim Pingle wrote:
> The correct procedure for what you describe is to import all certs to the primary, and then sele... -
- Jim Pingle wrote:
> It does exclude certificates when all areas that need certificate sync are disabled. OpenVPN req... -
- Applied in changeset commit:9f3b87d898e1fa8a5bfa40758e5747515cc38ad4.
-
- It does exclude certificates when all areas that need certificate sync are disabled. OpenVPN requires certs to sync, ...
-
- system A has external/imported certificate A
system B has external/imported certificate B
Both just upgraded to 2... -
- Daryl Morse wrote:
> As I mentioned, I emailed the author of rate. He replied this morning and confirmed that he is ... -
01:05 AM Bug #9282 (Resolved): Add static mapping count to DHCP Server interface tabs
- services - > DHCP Server > Interface
need a counter that count add static mapping in "DHCP Static Mappings for ...
01/21/2019
-
- * Add "None" output level
* Detect large files and refuse to print them in the GUI textarea
* Ensure output buffering... -
- * Add "None" output level
* Detect large files and refuse to print them in the GUI textarea
* Ensure output buffering... -
05:52 PM Bug #3334: Status/Traffic Graph isn't IPv6 ready
- Jim Pingle wrote:
> The underlying program, rate, still doesn't work with IPv6 as far as I'm aware.
>
> I'd love ... -
- With some small modifications, it does work. See my comments on the PR (and future discussion should happen on the PR...
-
- you are certainly in an issue with bads crlf in the awk script.
please update by this one, i gzip it to avoid any co... -
- (cherry picked from commit 5345b25405101eba3112c1d5daef99bd3b308533)
-
-
- (cherry picked from commit e56c473d7c4c2e7de71c43420c844e452dbcfa82)
-
- (cherry picked from commit 08c49b4d74b87bf34dd46a37837147b857eb8859)
-
-
-
- ZFS encrypted+mirrored swap may not be activated on 2.4.4-p2, the new swap device location code isn't validating the ...
-
- This has been working for me in a test VM for over a month now, but it would be nice to have additional confirmation ...
-
- Applied in changeset commit:36192f4a459ec5d5baf06819102ba783c1725ba1.
-
- FYI for anyone testing, and as noted on the PR:
Authentication uses "Personal Access Tokens":https://cloud.linode.... -
- PR merged
-
- PR merged
-
- PR Merged
-
- Applied in changeset commit:5345b25405101eba3112c1d5daef99bd3b308533.
-
- That's a new error, not the same one. I can't reproduce that here, but I can see how it might happen. Pushed a new fix.
-
- Applied in changeset commit:e56c473d7c4c2e7de71c43420c844e452dbcfa82.
-
- Looks like it's easily fixed by having the validation check ignore a trailing dot on the hostname, but including it i...
-
- Applied in changeset commit:08c49b4d74b87bf34dd46a37837147b857eb8859.
-
- Actually the URL didn't just change, they also changed the format of the query and it doesn't appear to have the exac...
-
- There does seem to be an issue here, looks like it's in the pfSense module function @pfSense_kill_states()@. Sometime...
-
09:28 AM Feature #9280: Add AAAA record type support for DynDNS with Digital Ocean
- * meant to create this as a "feature".
-
- Add AAAA record type support for DynDNS with Digital Ocean
Updated dyndns.class, services.inc, and services_dyndns... -
05:37 AM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
- Hi Joshua,
Thanks for looking at this.
We don't have a WAN in a down state, it is connected but it has no NAT a...
01/20/2019
-
- Joshua Sign wrote:
> ok,
>
> the first file "File Capture iftop.PNG" show that there is a problem with the awk s... -
- ok,
the first file "File Capture iftop.PNG" show that there is a problem with the awk script.
This script is les... -
- Another screen capture from the status graph.
-
- Joshua Sign wrote:
> Daryl Morse wrote:
> > I got permission denied when I tried to run the script from the console... -
Daryl Morse wrote:
> I got permission denied when I tried to run the script from the console shell.
please chec...-
- just a thought, if you don't have ipv6, you could set up a tunnel with hurricane electric. It's free, it works very w...
-
- Joshua Sign wrote:
> ok,
>
> to debbug it you can check if there is any ip6 in this output :
> [...]
>
> if... -
- ok,
to debbug it you can check if there is any ip6 in this output : ... -
- Joshua Sign wrote:
> can you chexk over console if iftop shows you some IPV6 adresses just by : `iftop -n` ?
>
> ... -
- can you chexk over console if iftop shows you some IPV6 adresses just by : `iftop -n` ?
as far as i didn't have an... -
- PR created : https://github.com/pfsense/pfsense/pull/4040
-
03:29 PM Feature #790: Advanced options for dnsclient (resolv.conf)
- Mike Stupalov wrote:
> Possibility to add additional options in resolv.conf:
> * timeout:n (default 5)
> * attempt... -
05:43 PM pfSense Packages Bug #9279 (Duplicate): security/acme: acme pf sense package processes unnecessary notifications due to using stdout
- When email notifications enabled and pfsense acme (0.5.1) package installed and cron enabled, acme client will produc...
-
- I investigate about this problem,
It seems that the sshguard purpose is to detect an attack and just launch a bac... -
- Has this been released in the main version? I updated to 2.4.4-p2 and pfBlockerNG 2.1.4_16 and it still doesn't crea...
01/19/2019
-
- Joshua Sign wrote:
> PR : https://github.com/pfsense/pfsense/pull/4039
I installed this patch on the most recent ... -
- PR : https://github.com/pfsense/pfsense/pull/4039
-
- Here is the patch
/usr/local/bin/iftop_parser.sh must have +x
-
- Sounds more like a configuration or local client issue. Post on the forum to discuss the issue and diagnose the probl...
-
09:51 AM Bug #9278 (Not a Bug): LAN IPv6 track interface Router Advertisement not assigning IPv6 addresses on Linux and macOS clients
- Comcast -> (WAN) NetGate (LAN) --> Linux, macOS clients
WAN is configured for IPv6 prefix delegation with prefix l... -
12:23 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.
- I agree with David. DNS more so than Ping monitoring makes sense to me. I've been bit a few times with DNS failures b...
01/18/2019
-
- here are the files you need to easely test, it is faster thant the PR
just put the two scripts into the root directo... -
- yes it will be possible soon.
I just wrote this script to avoid process concurrent creation when many users are on... -
- Joshua Sign wrote:
> Unfortunally i don't use IPV6, so i can't test this part.
I have IPv6 so I would be happy ... -
- Hi Jim,
FYI, I just finish some tests : it seems to works as expected.
All we need to test is :
This awk scr... -
02:30 PM Feature #7416: DHCPv4 client does not support ``supersede`` statement for option 54
- The patch fixed it in OPNSense in 2017. It has been running flawlessly ever since. That's the only feedback I can pro...
-
-
- Reproduced the issue on SG-5100:
2.4.4-RELEASE-p2 (amd64)
built on Wed Dec 12 14:40:29 EST 2018
FreeBSD 11.2-REL... -
- Tested on SG-5100 -
2.4.4-RELEASE-p2 (amd64)
built on Wed Dec 12 14:40:29 EST 2018
FreeBSD 11.2-RELEASE-p6
A... -
10:42 AM Bug #9024: Ping packet loss under load when using limiters
- I just wanted to chime in that I have the very same exact behaviour on my setup.
Is there any progress on the issue? -
- I'm pretty sure I experienced the same issue on 2.4.4-p1 and or 2.4.4-p2.
It did happen only for the initial few r... -
- That isn't a general issue with pfSense or the MBT-4220. Please contact our support team at https://go.netgate.com an...
-
03:48 AM Bug #9277 (Resolved): MBT-4220/2220: pfSense hangs when running sysctl -a
- Running 2.4.4-p2 on MBT-4220
Accessing the WebGUI appears to be causing OS-level hang (no response on WebGUI/SSH/...
01/17/2019
-
- https://github.com/pfsense/pfsense/pull/4038
It seems to me the wildcard checkbox is intended for providers that o... -
- ok i will work on it and create a PR to change rate by iftop as soon as it works
(normaly it should be ok on sunday ... -
- That does help a bit. It would be even better if iftop had an output mode like libxo where it would be trivial to par...
-
Jim Pingle wrote:
> I'd love to see rate swapped out for iftop (which does support IPv6) but the output of iftop i...-
10:30 AM Bug #9276 (Resolved): DNS troubleshooting tool incorrectly reporting "ai." as an invalid hostname
- To reproduce:
Navigate to Diagnostics=>DNS Lookup (found at /diag_dns.php). Enter any TLD that should work as a si... -
08:31 AM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
- Hello,
One of my two firewalls has developed this issue - I can confirm disabling the WAN adapter resolved this sl... -
- The reply on the FreeBSD PR is ambiguous at best. It would also help if someone that was actually a part of the FreeB...
-
07:42 AM Feature #7416: DHCPv4 client does not support ``supersede`` statement for option 54
- I beg to differ and hope I'm not mistaken, but AFAIK Franco pulled that already into OPNsense and the last statement ...
-
- Might be, but it's still an open issue and hasn't been accepted into FreeBSD yet. There isn't even one person on that...
-
- @Jimp
I maybe wrong but isn't that the corresponding fix/workaround from upstream to this particular problem?
Cou...
01/16/2019
-
05:39 PM Bug #9275 (Resolved): ip tools link not working
- just discovered in 2.4.5 snapshots.. ip tools are not working http://private.dnsstuff.com/tools/whois.ch?ip= and...
-
10:24 AM Revision 28a5469e: add trim() to $_POST['auth_user'] & $_POST['auth_user2']
-
- https://github.com/pfsense/pfsense/pull/4037
-
- to trim leading & trailing whitespace of the username that is entered when signin in to captive-portal.
see [[https:... -
02:26 AM pfSense Packages Bug #9273 (Closed): missing Include=/usr/local/etc/zabbix4/zabbix_agentd.conf.d in /usr/local/etc/zabbix40/zabbix_agentd.conf
- because of the missing include line in the zabbix_agentd.conf, UserParameter definitions are not loaded.
we are us...
01/15/2019
-
- Jim Pingle wrote:
> The underlying program, rate, still doesn't work with IPv6 as far as I'm aware.
>
> I'd love ... -
09:49 PM Bug #7439: IKE_SA (IKEv2) does not rekey on break before make startegy, just issues IKE_DELETE and connection is closed
- I would like to reopen this thread as I'm experiencing same problem and I'm on 2.4.4-RELEASE (amd64)
My configuratio... -
-
-
04:35 PM pfSense Packages Feature #9272 (Resolved): Allow multiple IP in ListenIP for Zabbix Agent
- The web interface for the zabbix-agent service does not allow to add multiple IPs comma separated. The validation rul...
-
- Fix some indenting surrounding the Azure DDNS implementation to be consistent with the rest of the file.
https://g... -
12:38 PM pfSense Packages Feature #8613: pfSense-pkg-acme: acme_certificates_edit.php - Add support for --challenge-alias acme.sh flag
- Markus Barckmann wrote:
>
> It would be very nice to have a UI option to choose between this two (sub)methods.
... -
11:17 AM pfSense Packages Feature #8574: Enable AgentX-support in lldpd using GUI
- The above patch works for me. The Net-SNMP package already adds "master agentx" to /var/etc/netsnmpd.conf by default...
-
- Hi,
I just test it :
- Loading dashboard normaly takes about 1 second or less.
- Without WAN connectivity, it ... -
- Hi Luke,
Thanks for the suggestion but I've tried that, same issue.
It looks like whatever is timing out due to... -
06:57 AM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
- If you remove all widgets from the dashboard does that help at all? It's probably a widget that's causing this delay.
-
- To add to this bug we've been using pfSense 2.3.5 for an internal project and its been working brilliantly.
We're ...
01/14/2019
-
- https://github.com/pfsense/pfsense/pull/4035
-
10:45 AM Feature #9130: Request ID [#INC-16195]: DHCP - PXE Boot
- I also look for this feature, as described in:
https://forum.netgate.com/topic/138637/ipxe-chainloading
-
-
- i just test it on a fresh install 2.4.4-RELEASE-p2 (amd64)
blank_img works without any error.
Problem solved.
01/13/2019
-
11:02 PM pfSense Packages Bug #9244: FRR Status BGP Summary only shows "IPv4 Unicast Summary"
- Created a pull request.
Changed this on my 2.4.4p2 with FRR 0.2_4
"show ip bgp summary $" to "show bgp summary ... -
- Simple use case:
Filter all states for an IP of any device (used my iPhone IP) in *_"Diagnostics"/"States"/"States_"... -
10:45 AM Bug #9269: No Internet after reboot, wrong gateway.
- Forum link: https://forum.netgate.com/topic/139570/no-internet-after-reboot-wrong-gateway
-
-
- sorry Jim, i just tested it before my comment on : 2.4.4-RELEASE-p2 (amd64)
i try " _edit/save options on the squid... -
- That commit is already referenced above. It must be tested and confirmed as fixed.
-
- should be solved since this commit : https://github.com/pfsense/FreeBSD-ports/commit/90c367bf2f2fcd61ed631bd3c4fd6634...
-
- In the forum thread, others who could reproduce it were also on airvpn, so it is likely specific to something that pr...
-
07:58 AM Bug #8142: OpenVPN client does not remove static route for custom monitor IP
- I'm not able to reproduce this on 2.4.4p1. However, I will say I'm also no longer using the same vpn provider. I'm ...
-
- That commit is already referenced in the first comment on this issue.
A fix was committed, but it needs to be test... -
- i bet this issue was solved by this commit https://github.com/pfsense/FreeBSD-ports/commit/824d08577196346be0e7d24d92...
-
-
12:23 AM Bug #1690: PPPoE Server not passing IP from RADIUS server
- Seems to be working as of latest dev release with freeradius (daloradius).
01/12/2019
-
- There isn't enough here for a valid bug report. Please start a forum thread to discuss and diagnose the issue. If a s...
-
- I'm running pfsense from a USB key that slows down after a few days unless I reboot the box and everything's back to ...
-
09:20 PM
Bug #8142: OpenVPN client does not remove static route for custom monitor IP
- Is this issue still present in the latest development build? If so, what are the specific steps to reproduce the beha...
-
-
- Yep
-
09:13 PM
Feature #5675: Theme specific textarea background color
- Can this be marked resolved?
-
- If you're on 2.4.4 or later, edit/save options on the squid cache settings tab.
-
09:02 PM
pfSense Packages
Bug #8872: PHP7 error in squid
- How to reproduce the issue?
-
- Looks like it would take activating and tripping a squidGuard filter that replaced content with a blank image. If it ...
-
09:03 PM
pfSense Packages
Bug #8873: PHP7 warning in squidguard
- How to reproduce the issue?
-
09:18 PM
Bug #6896: unbound root.key file corruption possibly related to full file system
- Looks like the OP traced the issue, can the report be marked resolved now?
-
- It wasn't really the upgrade that did anything. Only need to test apcupsd on 2.4.4 or later to make sure there are no...
-
09:01 PM
pfSense Packages
Bug #8780: Apcupsd PHP errors in 2.4.4 snapshot
- There is no way to test this, without an instance of pfSense already running 2.4.3 *with* apcupsd already installed.
... -
09:09 PM
Bug #1690: PPPoE Server not passing IP from RADIUS server
- Is this issue still present in the latest development build?
-
09:07 PM
Bug #1575: Limiters are bypassed by local applications injecting rules
- Is this issue still present in the latest development build?
-
08:05 PM
Bug #9264: Disabling "IPv6 over IPv4 Tunneling" breaks config
- On 2.4.5.a.20190111.1435 (stock - factory default), able to reproduce the behavior....
- 01:42 PM Revision 58d009bc: Update gwlb.inc
-
- Let's add support for updating Linode DNS as a Dynamic DNS provider using their v4 REST API and Personal Access Token...
01/11/2019
-
- PHP RADIUS package (used for RADIUS authentication/accounting) is not IPv6 compatible, which is a captive portal depe...
-
07:06 PM Bug #7801: UDP fragments received over IPsec tunnel are not properly reassembled and forwarded
- Hi, I have been waiting a year for that fix, for us, it's RDS sessions that disconnects randomly when using UDP over ...
- 04:41 PM Revision 67dd34a0: Update gwlb.inc
- Correct BUG 9004 -> set the default gateway when system start and a gateway_group is default IPV4 gateway
-
- Tested on:
2.4.4-RELEASE-p2 (amd64)
built on Wed Dec 12 14:40:29 EST 2018
FreeBSD 11.2-RELEASE-p6
client expo... -
11:15 AM Bug #9266: status_monitoring.php : failed to have quality graph
- A direct acccess to https://x.x.x.x/rrd_fetch_json.php display { "error" : "Invalid RRD file" }
Checking if the fi... -
10:16 AM Bug #9004: Default gateway IPv4 set to a group fails after restart on 2.4.4
- I think i found the bug
file /etc/inc/gwlb.inc... -
01:01 AM pfSense Packages Bug #9211: GeoIP broken in pfSense-pkg-ntopng-0.8.13_3
- in the topic mentioned above there has been found a possible cause for this:
> "Using pfSense 2.4.4-RELEASE-p2 wit...
01/10/2019
-
10:25 PM Bug #9267: dhclient does not handle protocol timeouts or script failures correctly
- Also to add, this is seen on version 2.4.4-RELEASE-p1 (amd64),
FreeBSD 11.2-RELEASE-p4, but affects versions back at... -
- pfSense-dhclient-script fails to return nonzero in the case where a DHCP timeout occurs and the cached gateway addres...
-
- (cherry picked from commit 3fcf5ad71216922921801d85d063d360fde5566f)
-
-
- It's 2019 and guess what: This is still missing, while the fixes were apparently ready years ago....
-
- Hi David,
I just try to reproduce but without any success.
Even on a fresh install 2.4.4-RELEASE-p2 (amd64) or an... -
- Problem :
---------------------------------------------------------
Status, Monitoring, failed to display the quali... -
- Applied in changeset commit:3fcf5ad71216922921801d85d063d360fde5566f.
-
07:19 AM pfSense Packages Feature #9265 (Resolved): Add options to configure TIMEOUTclose and debug on stunnel package
- Hello all...
This PR[1] add options to configure TIMEOUTclose and debug (log level) and also fix package doc URL o...
01/09/2019
-
06:12 PM Bug #9264: Disabling "IPv6 over IPv4 Tunneling" breaks config
- lower urgency now.
I fixed my local config with viconfig.
The setting that got stick is 'ipvnat'
It looked l... -
- Raising urgency of bug, as it seems it does actually prevent toggling other settings on the networking page. Until I...
-
- missed step 4 which is hit save and apply again.
-
- Steps that may possibly reproduce.
1 - enable "IPv6 over IPv4 Tunneling" and set an ip address in the "ipv4 addres... -
- Even when downloading a too large capture it will fail..... (it just has to be large enough).
-
- I don't see the advantage by installing it by default, the whole purpose of packages is to make the base system not t...
01/08/2019
-
04:57 PM Bug #9123: Adding/configuring vlan on ixl-devices causes aq_add_macvlan err -53, aq_error 14
- Not sure about the similarity of conditions yet, but I'm seeing this message being logged on my FreeNAS box with the ...
-
03:04 PM Bug #9263: Incorrect ICMP reply when using limiters
- Relevant forum topics:
https://forum.netgate.com/post/815824
https://forum.netgate.com/topic/137090/traceroute-omit... -
- My setup is as follows. pfSense 2.4.4_p2, it maintains a L2TP tunnel to my ISP and all the traffic is configured to g...
-
- The acl "Traffic is ssl (no value needed)" is using the actual haproxy option: "req.ssl_ver gt 0" this is one that on...
-
11:23 AM pfSense Packages Bug #9261 (New): haproxy GUI failure
- The GUI is misbehaving. I'm unable to add a specific ACL via the GUI. Simply adding "http-request redirect scheme htt...
-
11:37 AM Feature #9262 (Duplicate): Strongswan DHCP plugin
- Would it be possible for the DHCP plugin for Strongswan to be implemented? (https://wiki.strongswan.org/projects/stro...
-
12:56 AM Feature #9260: ssh_tunnel_shell: Disable console message output
- It’s worse than that. If I’m looking at the right source, that binary does nothing but chatter at the poor user.
...
01/07/2019
-
- * Add changes as requested by @jim-p
-
- * DNS Resolver python integration
-
- +1 : good feature !
nice work! -
- The final code for mounting the /bin and /lib folders has been submitted for review (Services.inc):
https://github.c... -
-
-
-
-
-
-
01:09 PM Feature #8511: Dynamic DNS: Cloudflare Add TTL option
- +1 I suggest allowing the TTL setting to be a configurable value, as it is for other Dynamic DNS clients, such as Azu...
-
- +1 I'm surprised this isn't already a feature. I noticed this today when we our primary connection came back online, ...
-
-
-
-
-
-
-
- The only way you can see that "Deny Config Write" message is if your user, or a group they are in, has the "Deny Conf...
-
11:04 AM Bug #9259: User with "Deny Config Write" privilege is not fully prevented from creating accounts
- That is not the case. I just have tried another system, where this issue does not show. My latest install does behave...
-
- You must have incorrectly added the "User - Config: Deny Config Write" privilege to your admin group, which is common...
-
- I do log into the web GUI as a user "myuser" with admin group membership (other than the builtin admin/root). I used ...
-
- Users with only the "User - System: SSH Tunneling" privilege get the @ssh_tunnel_shell@ program as their shell. When ...
-
01:19 AM Bug #9258: Error deleting tunnel type P2 when mixed with VTI
- Edit:
Workaround:
1. disable vti interface
2. remove all unwanted p2
3. enable vti interface -
- When trying to delete a (tunnel mode) phase 2 entry were both "tunnel" and "vti" modes are mixed the GUI is respondin...
01/06/2019
-
- +1
-
- Pull Request : https://github.com/pfsense/pfsense/pull/4054
-
- Pull Request : https://github.com/pfsense/pfsense/pull/4056
-
- -Pull Request : https://github.com/pfsense/pfsense/pull/4031-
Netgate choosed to fix this issue in another way. ne... -
- Support for that is already in ACME 0.5, available on 2.4.5 snapshots. If stable, it will be made available for 2.4.4...
-
- Hi,
The Security Researcher Scott Helme has just blogged about an alternative to Let's Encrypt; https://scotthelme... -
02:56 AM Revision 7e114786: making sure my tabs align with upstream
-
- When a geom rebuild is occurring, this script by default notices that the device status has changed every time the re...
Also available in: Atom