Project

General

Profile

Activity

From 02/13/2019 to 03/14/2019

03/14/2019

08:33 PM Revision 7db5a396: Enable LDAP for sudo and build nss_ldap. Fixes #9399
Jim Pingle
03:45 PM pfSense Packages Feature #9399 (Feedback): pkg support for SSH + sudo authentication via LDAP
Applied in changeset pfsense:commit:7db5a396d398b010bfb70048881a6cec0577338f. Jim Pingle
03:36 PM pfSense Packages Feature #9399: pkg support for SSH + sudo authentication via LDAP
Considering we already build pam_ldap I'm not sure why nss_ldap was omitted, so I added it to the build list for 2.5.... Jim Pingle
12:15 PM pfSense Packages Feature #9399 (Resolved): pkg support for SSH + sudo authentication via LDAP
Hi Folks,
You have a very usable and user-friendly webUI configuration tool for setting up LDAP authorization for ... Mark Staudinger
02:52 PM Feature #4881: Allow NPt to use dynamic IPv6 networks
This will be required for most consumer internet providers that give dynamic IPv6 addresses.
Verizon FiOS just en... Joshua Diamant
09:58 AM Feature #8650 (Bogus): DynDNS Update via HTTPS
The dyndns.org updater has only used HTTPS for as long as it's been in pfSense.
Current code: https://github.com/p... Jim Pingle
09:18 AM Todo #7091 (Not a Bug): Write upgrade code to rename igb devices to em
It's not happening anymore
https://lists.freebsd.org/pipermail/freebsd-current/2017-January/064370.html Renato Botelho
09:12 AM Todo #7091: Write upgrade code to rename igb devices to em
Maybe note this in release notes before snapshots go live Michael Kellogg

03/13/2019

07:44 PM Revision e078d316: Update obsoleted files from FreeBSD 11 -> 12
Renato Botelho
07:34 PM Revision 64d2dd61: Add missing obsoleted files
Renato Botelho
07:34 PM Revision b05d99e2: Add missing obsoleted files
Renato Botelho
06:13 PM Revision 586c623a: Deprecate the built-in relayd Load Balancer. Closes #9386
It is not available on FreeBSD 12 with OpenSSL 1.1.x.
Users can migrate to the HAProxy package. Jim Pingle
03:48 PM Revision 749dfdb7: Fix the spamming of warnings about ttyv0 not being available on ARM64 devices.
While here, use a more meaningful name for the function. Luiz Souza
03:37 PM Revision 91677c09: Generate hints for the kernel loader.
Luiz Souza
02:19 PM Bug #9366 (Resolved): "Illegal string offset" PHP errors
I haven't seen any of these for a while. The patch that suppressed them is back, and the most common ones are corrected. Jim Pingle
01:20 PM Todo #9386 (Feedback): Deprecate built-in relayd Load Balancer
Applied in changeset commit:586c623a943f59486a461c1af9873dd6cc11a3b3. Jim Pingle

03/12/2019

08:20 PM Revision b69eea46: Initialized entries variable before use. Fixes #9359
(cherry picked from commit 9146639e722b4d437d19b5ade1157ae01849a313) Jim Pingle
08:20 PM Revision 9146639e: Initialized entries variable before use. Fixes #9359
Jim Pingle
07:47 PM Revision d67449c6: Use only sshguard table for blocking ssh/gui attacks. Issue #9223
(cherry picked from commit 555a9ab5c01101ddab7daa41f35d379d1c39b26e) Jim Pingle
07:47 PM Revision 922a1ae3: Remove unnecessary expiretable cron jobs for ssh/gui lockout. Issue #9223
(cherry picked from commit 7a68df5efc35b6d1ee514bb87a2298f5180de001) Jim Pingle
07:46 PM Revision 555a9ab5: Use only sshguard table for blocking ssh/gui attacks. Issue #9223
Jim Pingle
07:46 PM Revision 7a68df5e: Remove unnecessary expiretable cron jobs for ssh/gui lockout. Issue #9223
Jim Pingle
06:42 PM Revision f1caf190: Remove unnecessary expiretable cron jobs for ssh/gui lockout. Issue #9223
(cherry picked from commit 397d9fff6df234d98ef2353b0b29912a14777442) Jim Pingle
06:41 PM Revision 397d9fff: Remove unnecessary expiretable cron jobs for ssh/gui lockout. Issue #9223
Jim Pingle
04:49 PM pfSense Packages Feature #9387: Update telegraf to 1.9.3 from ports
Sounds good, thanks. John Silva
03:11 PM pfSense Packages Feature #9387: Update telegraf to 1.9.3 from ports
1.9.0 is available on pfSense 2.5.0 snapshots (which are not yet public)
That is the most recent release in the 20... Jim Pingle
03:51 PM pfSense Docs Correction #9394 (Closed): Feedback on Services — DNS — Configuring the DNS Resolver
*Page:* https://docs.netgate.com/pfsense/en/latest/services/dns/resolver.html
*Feedback:*
Does not explain how ... Rick Schmitz
03:37 PM pfSense Packages Bug #9339: Misc typos in pfsense/FreeBSD-ports
PR Link: https://github.com/pfsense/FreeBSD-ports/pull/624 Jim Pingle
03:30 PM Bug #9359 (Feedback): diag_tables.php duplicate entries from webConfigurator lockout table
Applied in changeset commit:9146639e722b4d437d19b5ade1157ae01849a313. Jim Pingle
03:20 PM Bug #9359: diag_tables.php duplicate entries from webConfigurator lockout table
I can't reproduce this as stated, but I can see how it might happen since the variable is used without being initiali... Jim Pingle
03:09 PM pfSense Packages Feature #9389 (Closed): More frequent package repo updates needed
Sounds good on paper, but doesn't work in practice.
We can't automatically track a branch because a base system pa... Jim Pingle
03:07 PM Bug #9223: SSHGUARD doesn't work as expected
Joshua Sign wrote:
> As it could be very interresting to have sshguard blocking ip by services, i just worked on it.... Jim Pingle
03:05 PM Bug #9223 (Feedback): SSHGUARD doesn't work as expected
sshguard 2.3.1 is now present on 2.5.0 snapshots being tested. It has the extra GUI table code removed.
Associated... Jim Pingle
01:49 PM Bug #9223: SSHGUARD doesn't work as expected
I pushed a change to remove the cron job. Additional changes are coming shortly. Jim Pingle

03/11/2019

09:40 PM Feature #9393 (Resolved): Improved support for USB interfaces that may not always be present
Currently if you have a USB 4g modem or any other removable interface you need to manually delete it or otherwise you... Xhivat Hoxhiq
06:53 PM Bug #9390: diag_backup.php: Backup output generation failure with CSRF script tag inserted into XML

Two reports of success with the committed patch, for different issues as well:
https://forum.netgate.com/post/82... Jim Pingle
03:19 PM Bug #7020: <Hostname> is omitted when sending logs on syslog
Then that is where you need to direct your attention. Comment there and let the FreeBSD developers know that it's a p... Jim Pingle
03:04 PM Bug #7020: <Hostname> is omitted when sending logs on syslog
A bug is already opened upstream, see https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194231 Daniel Berteaud
01:07 PM pfSense Packages Todo #9392 (Resolved): Status_Traffic_Totals needs updated for vnstat 2.0
In the FreeBSD ports repository, vnstat has been upgraded to vnstat 2.0 (from 1.15).
vnstat 2.0 does not appear to... Jim Pingle
10:25 AM Bug #9391 (Duplicate): Can't access Backup & Restore Page
Duplicate of #9316 -- already fixed in the repository, but there are no more 2.4.5 snapshots. Jim Pingle
10:17 AM Bug #9391 (Duplicate): Can't access Backup & Restore Page
pfSense Version: 2.4.5.a.20190213.0609
I cannot access the Backup & Restore page at all from GUI. instead i get er... ahmed k
01:40 AM pfSense Packages Bug #9322: telegraf "Additional configuration for Telegraf" lost configuration after reboot
additional issue: running configurations will ALSO be lost after sometime, you'll have to re-click SAVE in "PackageSe... mrco chen

03/10/2019

11:44 PM Revision 428f6f02: Fix output buffering when downloading config backups. Fixes #9390
(cherry picked from commit 4015b03d4b184e546cb3590430fee6f9953ce23e) Jim Pingle
11:43 PM Revision 4015b03d: Fix output buffering when downloading config backups. Fixes #9390
Jim Pingle
06:50 PM Bug #9390 (Feedback): diag_backup.php: Backup output generation failure with CSRF script tag inserted into XML
Applied in changeset commit:4015b03d4b184e546cb3590430fee6f9953ce23e. Jim Pingle
05:59 PM Bug #9390: diag_backup.php: Backup output generation failure with CSRF script tag inserted into XML
You're entitled to your opinion but I disagree. Output buffering can cause other issues with downloading other than t... Jim Pingle
05:54 PM Bug #9390: diag_backup.php: Backup output generation failure with CSRF script tag inserted into XML
Look at PR 4055: https://github.com/pfsense/pfsense/pull/4055 Sam Likins
05:52 PM Bug #9390: diag_backup.php: Backup output generation failure with CSRF script tag inserted into XML
That is a bad solution, performing unnecessary complexity, when turning off the flag prior to outputting the payload ... Sam Likins
05:47 PM Bug #9390: diag_backup.php: Backup output generation failure with CSRF script tag inserted into XML
That PR is the wrong fix.
I haven't been able to reproduce this here, but it appears to be due to output buffering... Jim Pingle
05:39 PM Bug #9390: diag_backup.php: Backup output generation failure with CSRF script tag inserted into XML
PR #4055 Created Sam Likins
05:35 PM Bug #9390: diag_backup.php: Backup output generation failure with CSRF script tag inserted into XML
I can't reproduce this.
[2.4.4-RELEASE-p2 (amd64)
built on Wed Dec 12 07:40:18 EST 2018
FreeBSD 11.2-RELEASE-p6... Anonymous
04:59 PM Bug #9390 (Resolved): diag_backup.php: Backup output generation failure with CSRF script tag inserted into XML
Since the last update (ie: *2.4.4_2*), backups fail to restore; previously generated backups will restore, but new ba... Sam Likins
06:41 PM Bug #7020: <Hostname> is omitted when sending logs on syslog
If it's a bug, it's a bug in FreeBSD -- we use their syslogd and that's how it behaves. The default behavior is to ge... Jim Pingle
05:37 PM Bug #7020: <Hostname> is omitted when sending logs on syslog
This is clearly a bug, as PfSense is not sending valid syslog messages. It also affects Graylog (3.0). We have to use... Daniel Berteaud
01:15 PM pfSense Packages Feature #9389 (Closed): More frequent package repo updates needed
I've been noticing that the release package repo lags far behind the quarterly ports tree releases and the official p... John Silva
01:01 PM Bug #9388 (Resolved): Update ntpd
Ran pkg audit new install of 2.4.4-p2:... Chris Macmahon
12:27 PM pfSense Packages Feature #9387 (Resolved): Update telegraf to 1.9.3 from ports
Telegraf port in pfsense (1.6.3) is substantially behind upstream FreeBSD ports tree (1.9.3). 1.9.3 has support for ... John Silva

03/09/2019

07:40 PM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
Looks like Pieter and I have come to the same conclusion (see comment 10), hopefully a fix isn't too far out. Tom Embt
02:50 PM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
Hmm, nice find Pieter!
Maybe we need a function like *haveWorkingDns()* that returns a bool if DNS is working, and... → luckman212
01:08 PM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
We had the same issue. It's a pfSense 2.4.4p2 installation in an air-gapped environment and has never touched the int... Pieter .

03/08/2019

09:34 AM pfSense Packages Bug #9368 (Feedback): ACME certificates cannot have more than ~35 SAN entries due to input variable limits
PR Merged Jim Pingle

03/07/2019

05:49 PM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
could you confirm that adding DNS entries can be a workaround ? (if you can try to do it for testing purpose)
How ma... Joshua Sign
01:20 PM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
This is affecting our company's setup as well. Static public IPs /29 (total 5 available IPs) with one hooked up with ... Jamie Donovan

03/06/2019

07:14 PM Revision 632f0dbf: Revert "Remove definitions of conf_mount_r[ow]"
Leave functions declaration for now to prevent errors during upgrade.
This reverts commit da3ef5a3b359edb27bb9bb2b88... Renato Botelho
04:28 PM pfSense Packages Bug #9368: ACME certificates cannot have more than ~35 SAN entries due to input variable limits
Should be fixed with this: https://github.com/pfsense/FreeBSD-ports/pull/626
Or would that possibly cause sideeffect... Pi Ba
09:22 AM pfSense Packages Bug #9368 (Resolved): ACME certificates cannot have more than ~35 SAN entries due to input variable limits
The way that acme_certificates_edit.php submits data results in a failure to add more SAN entries due to input variab... Jim Pingle
03:05 PM Todo #9386 (Resolved): Deprecate built-in relayd Load Balancer
As of now, relayd does not function on FreeBSD 12 due to OpenSSL 1.1.x. The port is currently "marked BROKEN":https:/... Jim Pingle
02:07 PM Bug #9385 (Closed): OpenVPN logs a "Device busy" error when opening tap interfaces, but continues to function
On 2.5.0 snapshots, when openvpn starts up, it logs a "Device busy" error, but the error does not appear to harm func... Jim Pingle
02:04 PM Bug #9384 (Confirmed): devd putting "$" before variable contents when using single quotes
On 2.5.0 snapshots, when @check_reload_status@ logs a linkup event, the message contains a @$@ before the interface n... Jim Pingle
02:01 PM Bug #9383 (Resolved): dhcpleases kqueue error
On 2.5.0 snapshots when DHCP lease integration is enabled for the DNS Resolver, the following error is logged at boot... Jim Pingle
01:59 PM Bug #9382 (Resolved): SNMP Undefined symbol "pf_altq"
On 2.5.0 snapshots, bsnmpd logs an error message when the pf module is enabled:... Jim Pingle
12:35 PM pfSense Docs Correction #9381: FreeRadius 2.X package documentation and CaptivePortal associated documentation are mostly outdated
Github User, https://github.com/Frotty, commented:
Also perhaps see https://redmine.pfsense.org/issues/8251
I ha... Jared Dillard
12:34 PM pfSense Docs Correction #9381: FreeRadius 2.X package documentation and CaptivePortal associated documentation are mostly outdated
Jimp commented:
I think we've had some discussion about this in the past on the forum. Since we don't support havi... Jared Dillard
12:25 PM pfSense Docs Correction #9381 (Resolved): FreeRadius 2.X package documentation and CaptivePortal associated documentation are mostly outdated
*Github user:* https://github.com/Augustin-FL
*Feedback:*
The FreeRadius 2.X documentation, https://www.netgate... Jared Dillard
12:14 PM pfSense Docs Correction #9380 (Resolved): Feedback on Cache / Proxy — Tuning the Squid Package
*Page:* https://www.netgate.com/docs/pfsense/cache-proxy/squid-package-tuning.html#caching-windows-updates
*Github... Jared Dillard
12:10 PM pfSense Docs Correction #9379 (Resolved): Feedback on Interfaces — Using a Large Number of Interfaces
*Page:* https://docs.netgate.com/pfsense/en/latest/interfaces/index.html#limitations
*Github user:* https://github... Jared Dillard
12:07 PM pfSense Docs Correction #9378 (Closed): Feedback on Virtualization — Virtualizing pfSense with Proxmox
*Page:* https://docs.netgate.com/pfsense/en/latest/recipes/virtualize-proxmox.html
*Github user:* https://github.c... Jared Dillard
12:07 PM pfSense Packages Feature #6651: Loopback interfaces
Slava Bendersky wrote:
> Hello Everyone,
> I would like place request add ability manipulate loopback interfaces th... Slava Bendersky
12:06 PM pfSense Docs Correction #9377 (Rejected): log file format : missing igmp. <protocol-specific-data> ::= <tcp-data> | <udp-data> | <icmp-data> | <carp-data>
*Page:* https://docs.netgate.com/pfsense/en/latest/monitoring/logs/raw-filter-format.html
*Github user:* https://g... Jared Dillard
12:05 PM pfSense Docs Correction #9376 (Resolved): Feedback on System Monitoring — Filter Log Format for pfSense 2.2
*Page:* https://docs.netgate.com/pfsense/en/latest/monitoring/logs/raw-filter-format.html
*Github user:* https://g... Jared Dillard
12:01 PM pfSense Docs Correction #9375 (Resolved): Feedback on ACME - no info on how to use cron
*Page:* https://docs.netgate.com/pfsense/en/latest/packages/acme/index.html
*Github user:* https://github.com/yuri... Jared Dillard
11:57 AM pfSense Docs Todo #9374 (Resolved): Update Virtualizing pfSense with Hyper-V recipe with more recent information
*Page:* https://docs.netgate.com/pfsense/en/latest/recipes/virtualize-hyper-v.html
*Feedback:*
The Hyper-V tuto... Jared Dillard
11:55 AM pfSense Docs Correction #9373 (Closed): Feedback on Services — DNS — Configuring the DNS Resolver
*Page:* https://docs.netgate.com/pfsense/en/latest/services/dns/resolver.html
*Github user:* https://github.com/ja... Jared Dillard
11:53 AM pfSense Docs Correction #9372 (Resolved): Feedback on User Management — Configuring User Authentication Servers
*Page:* https://docs.netgate.com/pfsense/en/latest/usermanager/authentication-servers.html
*Github user:* https://... Jared Dillard
11:50 AM pfSense Docs Correction #9371 (Resolved): Feedback on Testing the FreeRADIUS Package
*Page:* https://docs.netgate.com/pfsense/en/latest/packages/freeradius-test.html
*Github user:* https://github.com... Jared Dillard
11:37 AM pfSense Docs Correction #9370 (In Progress): Update old screenshots
Here is a list of pages that need updated screenshots:
- [ ] https://docs.netgate.com/pfsense/en/latest/recipes/ip... Jared Dillard
11:32 AM pfSense Docs New Content #9369 (New): Document remaining packages
Create pages for the currently undocumented packages in the Package List, https://docs.netgate.com/pfsense/en/latest/... Jared Dillard

03/05/2019

10:00 PM Revision 1d92575e: Update SMART status page with more detail/commands. Implements #9367
Jim Pingle
08:47 PM Revision 144863e3: Fix more illegal offset errors. Issue #9366
Jim Pingle
06:30 PM Revision 86ec819a: Target the proper loop in switch statements. Issue #9365
Jim Pingle
06:27 PM Revision b88050bb: Fix some illegal offset errors. Issue #9366
Jim Pingle
05:22 PM Revision 59449ddb: Fix deeper continues. Issue #9365
Jim Pingle
05:15 PM Revision 05221142: Target the proper loop in switch statements. Issue #9365
Jim Pingle
04:10 PM Todo #9367 (Feedback): Update SMART Page with new capabilities
Applied in changeset commit:1d92575e36db5fd0b9bf2cc6a236dde32aba9239. Jim Pingle
04:01 PM Todo #9367 (Resolved): Update SMART Page with new capabilities
@smartctl@ is capable of showing a lot more information than the current page supports. Update it to show things like... Jim Pingle
02:45 PM Revision f403491d: Move PHP to 7.3.x
Renato Botelho
02:44 PM Revision b2aae111: Add support for PHP 7.3.x
Renato Botelho
02:43 PM Revision ccc60c88: Remove PHP 5.x support
Renato Botelho
02:40 PM Revision 5ec87d10: Move PHP to 7.3.x
Renato Botelho
02:00 PM Bug #8465: Lost default gateway after recover from failover with CARP VIP and HA
Hi all
The problem is still (or again) reproducable.
Best regards
Tom Tom Huerlimann
12:23 PM Bug #9366 (Resolved): "Illegal string offset" PHP errors
We have a patch that suppresses some "Illegal string offset" PHP errors but if the ones we can spot are easy to fix w... Jim Pingle
12:20 PM Bug #9365: Use of "continue" in switch statements can be ambiguous
Two more:... Jim Pingle
11:13 AM Bug #9365 (Closed): Use of "continue" in switch statements can be ambiguous
PHP 7.3 is tightening down on the use of @continue@ in switches. There are instances where the code meant to continue... Jim Pingle
09:08 AM pfSense Packages Bug #9364 (Resolved): squidguard int error page does not use https
Hello,
I'm running these versions on my system(s):
pfSense 2.4.4-RELEASE-p2
squid 0.4.44_7
squidguard 1.16.18_1... Florian Stichlberger

03/04/2019

07:22 AM pfSense Docs Correction #9363 (Closed): Source Tracking Table
That only appears if you have Sticky connections enabled, otherwise it's not relevant. Jim Pingle
07:18 AM pfSense Docs Correction #9363 (Closed): Source Tracking Table
Docs » pfSense » Book » System Monitoring » Firewall States » Reset State Table / Source Tracking Table
The book s... Anonymous

03/03/2019

04:18 AM Bug #9362 (Resolved): rc.dyndns.update: Cloudflare DDNS with proxy enabled doesn't work at all
When updating the DNS record via services_dyndns_edit.php it works normally, but when it tries to update it automatic... Nico Schneider

03/02/2019

05:58 PM Revision acfc3643: Allow Dynamic DNS wildcards for Cloudflare #9361
Tom Embt
12:05 PM Bug #9361: Cloudflare Not Allowing "*" Hostname Entry in Dynamic DNS
https://github.com/pfsense/pfsense/pull/4053
- hide wildcard and MX checkboxes since neither are used by the Cloud... Tom Embt
11:47 AM Bug #9361: Cloudflare Not Allowing "*" Hostname Entry in Dynamic DNS
My comments about Route53 on #9053 likely also apply to Cloudflare here. Assuming so, the solution would differ slig... Tom Embt
11:55 AM Bug #9074: Alias URL lists only storing last-most list in config.
Applied https://github.com/pfsense/pfsense/pull/4002/commits/f5c56bf8189d515af203c398f473c9b3adfff98b and https://git... Danilo Zrenjanin
05:37 AM Bug #9320: Outbound NAT and multiple IPSEC IPs for mobile warriors
Applied https://github.com/pfsense/pfsense/pull/4049/commits/8897cbce7fc410029ac367eeee7c12261fec896f via system_pat... Vladimir Lind

03/01/2019

07:23 PM Revision ac512a11: Move to python 3.6 as default
Renato Botelho
07:06 PM Bug #9361 (Resolved): Cloudflare Not Allowing "*" Hostname Entry in Dynamic DNS
Cloudflare allows wildcard A records and the pfSense DDNS page has a wildcard checkbox (since 2.3?), but it will thro... Will Rutherford
02:23 PM Todo #9360 (Resolved): Switch to Python 3.x
Python 2.7.x is not long for this world, going EOL on "Jan 1, 2020":https://pythonclock.org/
We need to ensure the... Jim Pingle
09:38 AM Bug #9223: SSHGUARD doesn't work as expected
FYI
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20798
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CV... Joshua Sign

02/28/2019

07:52 PM Bug #5999: IPv6 IP Alias prevents Track Interface from working with DHCPv6 and RA
As far as I can tell there are too many assumptions placed on the order of the addresses on the interfaces.
There ... Chris Linstruth
05:48 PM Revision c5663bf5: Comment out all pfSense_fsync() calls until it's properly fixed
Renato Botelho
04:02 PM Revision c03dc57f: pfSense_fsync() call just before rename() is breaking it. Comment out for now until it's fixed
Renato Botelho
01:06 PM Revision da3ef5a3: Remove definitions of conf_mount_r[ow]
Renato Botelho
01:05 PM Revision 9c078e31: Remove /etc/conf_mount_r[ow]
Renato Botelho
12:49 PM Revision 522388a7: Remove all calls to conf_mount_r[ow]
Renato Botelho
10:15 AM pfSense Packages Todo #9354 (Feedback): Update OpenVPN Client Export with OpenVPN 2.4.7
The OpenVPN 2.4.7 Windows installer is included in OpenVPN Client Export Package version 1.4.18_3, which is available... Jim Pingle
10:03 AM Bug #9359 (Resolved): diag_tables.php duplicate entries from webConfigurator lockout table

Entries in the webConfigurator Lockout Table are always listed, whatever the table you select.
Possible fix shou... Joshua Sign
09:35 AM pfSense Packages Bug #8476 (Resolved): OpenVPN Client Export TLS Key Direction Directive Location
ovpn configuration file exported from:
2.4.5-DEVELOPMENT (amd64)
built on Wed Feb 13 06:09:38 EST 2019
FreeBSD 11.... Danilo Zrenjanin
09:35 AM Revision 9df78d6b: Do not initialize t_address in loop
Paul.Bramhall
06:10 AM Bug #9358 (Closed): Lost default gateway after recover from failover with CARP VIP and HA
The same issue #8465 is back on 2.4.4-RELEASE-p2 (amd64) built on Wed Dec 12 07:40:18 EST 2018. Tested with one WAN I... Christian Grunfeld

02/27/2019

10:02 PM Revision 90639e0a: Rename exclude files to work with armv7
Renato Botelho
09:03 PM Revision e200e241: Fix armv7 ABI string
Renato Botelho
07:34 PM Revision 82b59cee: On FreeBSD 12+ move from armv6 to armv7
Renato Botelho
04:22 PM Revision fe0a068b: Revert "pfSense_fsync() call just before rename() is breaking it. Comment out for now until it's fixed"
pfSense_fsync() is fixed now
This reverts commit cea9d3b7dc6f7ac8450a2a8f4b630b1b6b69827b. Renato Botelho
02:55 PM Bug #8465: Lost default gateway after recover from failover with CARP VIP and HA
The same issue is back in 2.4.4-RELEASE-p2 (amd64) built on Wed Dec 12 07:40:18 EST 2018. Tested with one WAN IP (/30... Christian Grunfeld
12:09 PM Revision 67f15b5e: Update loader.conf when maximumtableentries changes
On Firewall -> Advanced -> Firewall, when maximumtableentries item
changes, make sure /boot/loader.conf is changed ac... Renato Botelho
12:06 PM Revision 117f032c: Add net.pf.request_maxcount to loader.conf
On FreeBSD 12 and newer pf uses this sysctl to define maximum number of
items supported by its allocations. Make sur... Renato Botelho
10:00 AM Bug #9357: rc.newwanipv6 called regardless of REASON
We probably need something like a "copy" of /usr/local/sbin/pfSense-dhclient-script here, just for IPv6 Flole Systems
09:56 AM Bug #9357 (Closed): rc.newwanipv6 called regardless of REASON
The dhcp6c_wan_script.sh does not honor the REASON-Variable set by the dhcp6c process. Even though it is RENEW and th... Flole Systems
07:31 AM Todo #9356 (Closed): Find optimal default for net.pf.request_maxcount
FreeBSD 12 introduced a new sysctl, @net.pf.request_maxcount@, which must be set in loader.conf (or loader.conf.local... Jim Pingle

02/26/2019

08:15 PM Revision c16a2fe1: Remove invalid MACs from sshd_config
Renato Botelho
07:09 PM Revision cea9d3b7: pfSense_fsync() call just before rename() is breaking it. Comment out for now until it's fixed
Renato Botelho
05:04 PM Revision 295b0d2b: Fix path relative to MAKEOBJDIRPREFIX to FreeBSD 12+ reality
Renato Botelho
10:57 AM pfSense Packages Bug #9355 (Bogus): Telegraf Package - https for InfluxDB Server
Setup Telegraf to send stats to InfluxDB
When trying https:// in url no stats until http:// used.
Would prefer to... Erin O'Meara
08:43 AM pfSense Packages Todo #9354 (Resolved): Update OpenVPN Client Export with OpenVPN 2.4.7
OpenVPN 2.4.7 released last week, needs updated in the OpenVPN client export package: https://openvpn.net/community-d... Jim Pingle
08:35 AM pfSense Packages Bug #9345 (Resolved): Quagga Ospf MD5 interface password truncated to 15 characters
Jim Pingle
12:05 AM pfSense Packages Bug #9345: Quagga Ospf MD5 interface password truncated to 15 characters
Tested for FRR OSPF (version 0.2_7). Thank you for the quick fix. Henning Rogge

02/25/2019

04:15 PM Bug #9353 (New): PHPSession errors from limited access to dashboard and widgets
If you login with a user who has privilege 'WebCfg - System: Login / Logout / Dashboard' and you have widgets on the ... Steve Wheeler
04:04 PM pfSense Packages Bug #9352 (Resolved): Duplicate default views in Status Monitoring that can't be removed.
Ended up with multiple "Default" views under status monitoring that could not be removed. When attempting to create a... Mike A
03:15 PM Bug #9351: need option for repeated DHCP retries
the cable modem (Arris/Moto SB6183) has no ip, its a bridge, the gateway is somewhere at my ISP. the modem stays al... John Pierce
02:59 PM Bug #9351: need option for repeated DHCP retries
"propose you add an option to keep retrying DHCP renews on the WAN when the gateway becomes inaccessible." - Based on... Anonymous
02:41 PM Bug #9351 (Duplicate): need option for repeated DHCP retries
every time my cable company has an outage of more than a few minutes, pfsense ends up with no IP address on WAN, and ... John Pierce
02:56 PM Revision 4ee79051: Update translation files
Renato Botelho
02:56 PM Revision 7f58d21b: Regenerate pot
Renato Botelho
02:55 PM Revision 7fac4101: Update translation files
Renato Botelho
02:26 PM Bug #6876 (Resolved): Firewall alias issue after adding a wrong alias
Anonymous
02:09 PM Revision 303e7fed: Regenerate pot
Renato Botelho

02/24/2019

04:38 PM Revision 3cd21b4e: Routing, actually show the "(default)" mark on the default route as it is present on the OS
Most obvious problem was when manually switching from WANGW1 to WANGW2 it showed both as (default) after saving the s... PiBa-NL

02/23/2019

11:41 AM pfSense Packages Bug #9350 (Resolved): not appear proxy config
This problem is observed when using "squid" and "squidguard" packages together. If you enter values in the "blacklist... Yuran Yastreb
11:24 AM Bug #9349: IPSec service start/stop/restart fails after settings change
Hi.
I mixed the logs (stop/restart) but the problem is the same and I understand your explanation. Nevertheless th... Markus Stockhausen
08:14 AM Bug #9349: IPSec service start/stop/restart fails after settings change
The mode on that says "stop", not restart.
Try a different browser, you may see a more informative error message.
... Jim Pingle
07:58 AM Bug #9349: IPSec service start/stop/restart fails after settings change
Hi Jim,
I do not think so. I captured the network traffic in the browser and can see the following request being s... Markus Stockhausen
07:50 AM Bug #9349: IPSec service start/stop/restart fails after settings change
This is most likely because your browser is refusing to refresh the page to update the controls because it would invo... Jim Pingle
07:17 AM Bug #9349 (Confirmed): IPSec service start/stop/restart fails after settings change
There seems to be some weird behaviour when changing things on the advance IPsec servie settings tab. As soon as you ... Markus Stockhausen

02/22/2019

12:08 PM pfSense Packages Bug #9348 (New): Results of Acme certificate issuance/renewal are not properly formatted
The results of an Acme certificate issuance/renewal aren't properly formatted. Even when there are no errors the resu... Isaac McDonald
11:21 AM pfSense Packages Bug #9347: Domain SAN list displays "Key Algorithm: HMAC-MD5, API Endpoint: portal.nexcess.net"
This happens because those options have drop-down selectors without a 'none' option (since it's required for their re... Jim Pingle
11:08 AM pfSense Packages Bug #9347 (Resolved): Domain SAN list displays "Key Algorithm: HMAC-MD5, API Endpoint: portal.nexcess.net"
The domain SAN list displays "Key Algorithm: HMAC-MD5, API Endpoint: portal.nexcess.net" regardless of the update met... Isaac McDonald
07:32 AM Bug #9344: OpenVPN click NCP Algorithms will always go to DH Parameters website(in Chinese-Taiwan)
There is a @</a>@ in the code, see source:src/usr/local/www/vpn_openvpn_server.php#L862 -- but it's run through @spri... Jim Pingle
12:29 AM Bug #9344: OpenVPN click NCP Algorithms will always go to DH Parameters website(in Chinese-Taiwan)
I found the problem.
HTML
請參閱〈a href="https://doc.pfsense.org/index.php/DH_Parameters"〉維基百科文章。
it's should add... Roll Stone
07:22 AM pfSense Packages Bug #9345 (Feedback): Quagga Ospf MD5 interface password truncated to 15 characters
Fix pushed. Will be available once the packages rebuild. Jim Pingle
07:20 AM pfSense Packages Bug #9345 (In Progress): Quagga Ospf MD5 interface password truncated to 15 characters
The code in the quagga was cutting it down to 15 characters, and that code was copied to FRR. Easy fix, will be up sh... Jim Pingle
02:03 AM pfSense Packages Bug #9345: Quagga Ospf MD5 interface password truncated to 15 characters
The same seems to be true for the FRR Ospfd package. Henning Rogge
01:40 AM pfSense Packages Bug #9345 (Resolved): Quagga Ospf MD5 interface password truncated to 15 characters
I am working with the quagga_ospf package for pfsense and noticed that the Web-GUI seems to cut of MD5 password strin... Henning Rogge
07:11 AM Bug #9346 (Not a Bug): Problem Check_MK port 6556
Issues on this tracker must be reported in English only.
Running the text through a translator, it looks like a su... Jim Pingle
04:38 AM Bug #9346 (Not a Bug): Problem Check_MK port 6556
Hallo,
habe check_mk seit vielen Jahren im Einsatz, läuft zu 100%.
Nun beim Kunden eine neue SG-3100 aufgestellt,... Richard Kohn
03:48 AM Bug #9338: igmpproxy ignoring downstream vlan interface
And it also ignores IGMPs from GRE interfaces:... Daniel Kucera

02/21/2019

09:24 PM Bug #9344 (New): OpenVPN click NCP Algorithms will always go to DH Parameters website(in Chinese-Taiwan)
OS:2.4.4-RELEASE-p2
When I using Chinese-Taiwan language.
And edit OpenVPN settings.
When click NCP Algorithms... Roll Stone
07:01 PM pfSense Packages Bug #9211: GeoIP broken in pfSense-pkg-ntopng-0.8.13_3
Any ETA on this please?
 B D
04:19 PM Revision a1032feb: Update privileges
(cherry picked from commit 3b3e31c248b8185372251f8bd2fbc2a95652a7ec) Jim Pingle
04:18 PM Revision 3b3e31c2: Update privileges
Jim Pingle
01:07 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
I've also ruled out some other possibilities below -
Not the issue:
https://docs.netgate.com/pfsense/en/latest/fi... Eduard Rozenberg
12:14 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
I can confirm my issue is the same as described by the other posters on this bug.
Logs show that filterdns claims ... Eduard Rozenberg
12:42 PM pfSense Packages Bug #9340: Buypass CA does not support wildcard
At Let's encrypt:
acme1: https://acme-staging.api.letsencrypt.org/directory
acme2: https://acme-staging-v02.api.let... Idar Lund
02:07 AM Bug #8463: Performance Regression in 2.4.3 under KVM
In the end I moved to FQ_CODEL so this ticket, while probably still an issue, can be closed. Anonymous
01:41 AM Bug #9343: diag_arp.php times out with large DHCPD leases table
I'm seeing slow or timed out page loads on systems with 10,000+ leases in the dhcpd file, 3.3mb+ in size. I'd review... Anthony Hernandez
01:38 AM Bug #9343 (New): diag_arp.php times out with large DHCPD leases table
the diag_arp.php file is reading and parsing the full dhcpd file for many items that it doesn't use or need.
 Anthony Hernandez

02/20/2019

08:24 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
Shortly after I posted my problem above 20 days ago, it started working again on its own.
Then today, it is again ... Eduard Rozenberg
07:09 PM Bug #9342 (Not a Bug): SSH To Public IP Of pfSense Router Bricks Firewall Until Restart On XG-7100
Either a forum thread or open a support case at https://go.netgate.com -- It's definitely not typical, I ssh to the W... Jim Pingle
05:50 PM Bug #9342: SSH To Public IP Of pfSense Router Bricks Firewall Until Restart On XG-7100
@Tim:
Alright thanks for the response, sorry for clogging up your bug system! Alex Trottier
05:32 PM Bug #9342: SSH To Public IP Of pfSense Router Bricks Firewall Until Restart On XG-7100
I would suggest moving this to the forums. This certainly isn't a common/reproducible bug otherwise we'd all be stuf... Anonymous
05:15 PM Bug #9342: SSH To Public IP Of pfSense Router Bricks Firewall Until Restart On XG-7100
To clarify what I mean by brick is that all network related functionality seems to cease, my openvpn connection goes ... Alex Trottier
05:08 PM Bug #9342 (Not a Bug): SSH To Public IP Of pfSense Router Bricks Firewall Until Restart On XG-7100
Coreboot version: ADI_PLCC-01.00.00.10
pfSense version: 2.4.4-RELEASE-p2
Issue:
While doing some pen-testing o... Alex Trottier
02:19 PM Feature #9341 (Resolved): Support DNS Made Easy authentication without a username
Currently, pfSense's help says that the username field should hold the "Dynamic DNS ID" (the same as the hostname), w... Matthew Fearnley
09:27 AM pfSense Packages Bug #9340: Buypass CA does not support wildcard
We can remove the "ACME v2" label from Buypass but the error message you quote doesn't appear to come from this packa... Jim Pingle
09:21 AM pfSense Packages Bug #9340 (Resolved): Buypass CA does not support wildcard
The BuyPass server is listed as "acmev2":
BuyPass Production ACME v2 (Applies rate limits to certificate requests)
... Idar Lund

02/19/2019

09:33 PM pfSense Packages Bug #9339 (Resolved): Misc typos in pfsense/FreeBSD-ports
I'm not entirely sure where this belongs, but I wanted to point out a cross-post of mine for fixing some typos in the... Bryan Stenson
02:18 PM pfSense Packages Bug #9322: telegraf "Additional configuration for Telegraf" lost configuration after reboot
I can confirm the same issue. Aaron Morris
12:15 PM Revision c93693aa: Remove www/squid from bulk list, it's listed as dependency now
Renato Botelho
09:20 AM Bug #1943: PPPoE won't reconnect after link loss when using vr(4) NICs on certain ISPs only
Seems the bug is still present in 2.4.4 (running on SG-2220).
We got a wan interruption (they cut the cable while do... Max Power
07:40 AM Revision 8897cbce: Outbound NAT and multiple IPSEC IPs for mobile warriors
christian christian
07:00 AM Bug #9338 (New): igmpproxy ignoring downstream vlan interface
Hi,
following config doesn't accept any IGMP joins on VLAN 13 interface:... Daniel Kucera

02/18/2019

07:19 PM Revision 28e3831c: Revert "Use the OpenSSL from ports for now."
This reverts commit d73d911c2a545d4485a3d752dd31759d4b96a445. Renato Botelho
07:19 PM Revision eb6653ca: Revert "Build p5-GSSAPI using MIT while using openssl from ports"
This reverts commit b018b7afc71b26a75699a920c2434459546e5254. Renato Botelho
07:19 PM Revision 2c5fafae: Revert "Disable other GSSAPI options to prevent conflict"
This reverts commit 6b2acc671a16a00d7cc2ee3813a65cccb2729a2f. Renato Botelho
07:19 PM Revision c7f35019: Revert "Make sure syslog-ng also uses openssl from ports"
This reverts commit bc16670bdf5147e46ea155004d7d540ab21b4fba. Renato Botelho
05:27 PM Revision bc16670b: Make sure syslog-ng also uses openssl from ports
Renato Botelho
05:26 PM pfSense Packages Bug #8329 (Closed): Cellular Package Change link to symlink
PR looks like it was merged Jared Dillard
02:41 PM pfSense Packages Bug #9318 (Resolved): Acme - standalone validation takes long time to start internal server
Should be fixed in the ACME pkg update I just pushed, 0.5.4 Jim Pingle
07:28 AM pfSense Packages Bug #9318: Acme - standalone validation takes long time to start internal server
Fixed: https://github.com/Neilpang/acme.sh/commit/97147b594b185786ef1d69ce0d85b70a91f0ccc9
:) Greg M
11:49 AM Feature #9336: Make Dynamic DNS update notification e-mail optional
Jim Pingle wrote:
> Many do, but they don't necessarily change every day. But usually if someone has dynamic DNS the... Sven L
11:39 AM Feature #9336: Make Dynamic DNS update notification e-mail optional
Many do, but they don't necessarily change every day. But usually if someone has dynamic DNS they want to know that i... Jim Pingle
11:37 AM Feature #9336: Make Dynamic DNS update notification e-mail optional
Jim Pingle wrote:
> And you are wrong about what the majority of users wants. We've had numerous requests over the y... Sven L
10:59 AM Feature #9336: Make Dynamic DNS update notification e-mail optional
Blocking on the server side is possible for many (e.g. sieve on self-hosted servers, gmail filtering, etc). Most mail... Jim Pingle
10:52 AM Feature #9336: Make Dynamic DNS update notification e-mail optional
Jim Pingle wrote:
> Removed "useless" from the subject and reworded.
>
> You could also filter this easily on you... Sven L
10:26 AM Feature #9336: Make Dynamic DNS update notification e-mail optional
Removed "useless" from the subject and reworded.
You may not want it, that does not make it useless. There are man... Jim Pingle
10:18 AM Feature #9336 (New): Make Dynamic DNS update notification e-mail optional
I'd like to keep pfsense email notifications enabled, unfortunately we have a dynamic ip that changes every day and w... Sven L
10:40 AM pfSense Packages Bug #9337 (Closed): Telegraf ping input fails
The telegraf ping input does not work correctly as it appears to use Linux specific command line parameters for the p... Aaron Morris
10:19 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
I've just downgraded a test-machine to 2.4.4 release, and that works fine. Keeping it there for a while. Robert Gijsen
07:52 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
2.4.4-RELEASE-p2, I've had this multiple times. At the moment I can even sort of reproduce it.
When adding hosts to ... Robert Gijsen
09:42 AM Bug #7425: dhclient not sending option 77
That is exactly what the GUI option will put into the config but you have to ensure:
1. That you check the "Enable... Jim Pingle
09:35 AM pfSense Packages Bug #9335 (Feedback): Stored XSS in HAProxy / haproxy_listeners_edit.php
fix committed in haproxy pkg v 0.59_16 and haproxy-devel pkg v 0.59_17
* https://github.com/pfsense/FreeBSD-ports/... Jim Pingle
09:19 AM pfSense Packages Bug #9335 (Feedback): Stored XSS in HAProxy / haproxy_listeners_edit.php
There is a stored XSS on haproxy_listeners.php via parameters submitted on haproxy_listeners_edit.php:
The followi... Jim Pingle
07:55 AM Bug #9325: problem with flexible limiter in multiWAN environment
EDIT:
I found a workaround, i.e. I've set up floating rules (direction = in; attached to LAN interfaces; GW = GW1 fo... Adam Lewandowski
07:25 AM Bug #8758: filterdns stops working on a regular basis.
This is a closed/resolved issue. If you have problems with filterdns, they are likely already covered by #9296 -- add... Jim Pingle
07:21 AM Bug #8758: filterdns stops working on a regular basis.
2.4.4-RELEASE-p2, I've had this multiple times. At the moment I can even sort of reproduce it.
When adding hosts to ... Robert Gijsen
06:42 AM Bug #7958: Upgrade 2.4.0: IP alias with FQDN doesn't work any more
filterdns has been rewritten since this bug report. If there is an issue now, it is likely covered by #9296 Jim Pingle
03:43 AM Bug #7958: Upgrade 2.4.0: IP alias with FQDN doesn't work any more
We're running 2.4.4-RELEASE-p2 (amd64), but the issue is still there for us. Over the last two weeks I've had two occ... Robert Gijsen
06:40 AM Bug #9328 (Not a Bug): Static routes set by system.inc for DNS gateway bindings are not binded on the good NICs
Doesn't matter what you choose for the interface, overlapping subnets and duplicate gateways are not supported. Jim Pingle
02:54 AM Bug #9328: Static routes set by system.inc for DNS gateway bindings are not binded on the good NICs
Hello,
I discovered that this behaviour was related to the current settings, with 2 gateways on the same subnet, s... Alexandre Anriot

02/17/2019

10:23 PM Bug #9334 (Resolved): bogus dialogue on Limiter deletion
When deleting the last row of the Limiter config - an error "The last row may not be deleted." appears.
Clicking O... David Burns
10:10 PM Bug #9333: limiters still active when marked inactive
When any Limiter(s) is updated /tmp/rule.limiter is regenerated on Apply Changes.
Why doesn't a Diagnostics / Stat... David Burns
09:10 PM Bug #9333: limiters still active when marked inactive
If there are no connections it isn't "active" -- It may be in the list, but if nothing is using it, then it isn't "ac... Jim Pingle
09:08 PM Bug #9333: limiters still active when marked inactive
Thanks Jim
There were no active connections.
Regardless as per your suggestion I nuked the state table yet the... David Burns
08:54 PM Bug #9333 (Not a Bug): limiters still active when marked inactive
After making any change to limiters you must reset the state table, or old connections could still be active on the o... Jim Pingle
08:43 PM Bug #9333 (Not a Bug): limiters still active when marked inactive
Summary
Using limiters for network testing - it appears that modifying config of limiters so that they are inactive ... David Burns
04:07 AM Bug #9331: Parallel Rekey fails for multiple Child SAs
Thanks for the feedback about the pull request. I deleted the old one and added the sustained solution.
https://gi... Markus Stockhausen

02/16/2019

04:40 PM Bug #9332 (Not a Bug): PHP Fatal error: Allowed memory size of 536870912 bytes exhausted
Not really an error we can fix there. A command or bit of code run manually on that page used too much memory. Jim Pingle
04:20 PM Bug #9332 (Not a Bug): PHP Fatal error: Allowed memory size of 536870912 bytes exhausted
I have a Netgate XG-7100 at home and I noticed this php memory allocation error.
amd64
11.2-RELEASE-p6
FreeBSD ... Ken Vizena
12:54 PM Bug #9331: Parallel Rekey fails for multiple Child SAs
Pull request added https://github.com/pfsense/pfsense/pull/4051 Markus Stockhausen
12:40 PM Bug #9331 (Resolved): Parallel Rekey fails for multiple Child SAs
We are running a IKEv1 VPN connection towards a Watchguard firewall cluster. It has 10 Tunnel definitions. Whenever t... Markus Stockhausen
10:29 AM Feature #9330 (Closed): Failover automatically invokes Failback
Possible to request that the ability to automatically Failback post restoration of Primary is roadmapped or catered f... pat campbell

02/15/2019

09:58 AM Bug #9328 (Not a Bug): Static routes set by system.inc for DNS gateway bindings are not binded on the good NICs
Hello,
We are running a POC with 2 WAN gateways which use their own DNS servers on a per-FAI basis.
The 2 gatew... Alexandre Anriot
09:04 AM Bug #9264 (Resolved): Disabling "IPv6 over IPv4 Tunneling" breaks config
Tested on:
2.4.5-DEVELOPMENT (amd64)
built on Wed Feb 13 06:09:38 EST 2019
FreeBSD 11.2-RELEASE-p8
No warnin... Danilo Zrenjanin
08:47 AM Bug #9327: Using the character "¤" in OpenVPN password field creates invalid config.xml
It happens because that password field is not CDATA escaped or encoded with base64 in config.xml -- The character you... Jim Pingle
03:22 AM Bug #9327 (Resolved): Using the character "¤" in OpenVPN password field creates invalid config.xml
Hi!
Maybe you guys want to know about this one. First post for me to this bugtracker. Hope I'm doing things right he... Mikael Östergren
07:23 AM Bug #9004: Default gateway IPv4 set to a group fails after restart on 2.4.4
Renato Botelho wrote:
> PR has been merged, thanks
Thanks! Tiago Alves da Silva
07:23 AM Bug #9004: Default gateway IPv4 set to a group fails after restart on 2.4.4
Doesn't work on 2.4.4, but on 2.4.4-P1 is fine. Tiago Alves da Silva

02/14/2019

08:16 PM Revision 9ce9391a: Update gwlb.inc
(cherry picked from commit 58d009bc41137e77d799e53a8ce8c02215274eac) kkr0kk
08:16 PM Revision e8a6717c: Update gwlb.inc
Correct BUG 9004 -> set the default gateway when system start and a gateway_group is default IPV4 gateway
(cherry pi... kkr0kk
08:16 PM Revision ac3309d5: Merge pull request #4034 from kkr0kk/patch-2
Renato Botelho
05:29 PM Bug #9326 (Duplicate): Clearing states for specific IP won't work
This is almost certainly a duplicate of #9270 Jim Pingle
03:29 PM Bug #9326: Clearing states for specific IP won't work
I checked the changes and found nothing that could fix this behaviour and considered all the changes not worth updati... Flole Systems
02:50 PM Bug #9326: Clearing states for specific IP won't work
Please do not report bugs from anything but the current version, which is 2.4.4-p2. Chris Linstruth
02:46 PM Bug #9326: Clearing states for specific IP won't work
It's been in there since quite a while, I never reported it though. It's definitely in 2.4.4-RELEASE-p1. Flole Systems
02:42 PM Bug #9326: Clearing states for specific IP won't work
Everyone can just guess which version you're reporting this against? Anonymous
01:23 PM Bug #9326 (Duplicate): Clearing states for specific IP won't work
When I use the Webinterface to filter for a specific IP and then click on "clear all states" they are still staying t... Flole Systems
02:18 PM Bug #9004 (Feedback): Default gateway IPv4 set to a group fails after restart on 2.4.4
PR has been merged, thanks Renato Botelho
11:32 AM Bug #7425: dhclient not sending option 77
Luiz Souza wrote:
> It is now possible to set the VLAN Priority for DHCP requests (the same way that is done in DHCP... Bob Gray
05:15 AM pfSense Packages Bug #9318: Acme - standalone validation takes long time to start internal server
It IS bug, reported upstream: https://github.com/Neilpang/acme.sh/issues/2096
https://forum.netgate.com/topic/1405... Greg M
05:06 AM Bug #9325 (Not a Bug): problem with flexible limiter in multiWAN environment
Hi,
I'm observing serious problems with flexible limiters set using floating rules. Let me start from the beginnin... Adam Lewandowski
02:49 AM Bug #9324: IPv6 on top of a PPPOE ipv4 interface assigns parent interface to default route, not pppoe interface
https://gist.github.com/tandyuk/acc330c69f466177ba7877c7b7728d69 James Tandy
02:47 AM Bug #9324 (Resolved): IPv6 on top of a PPPOE ipv4 interface assigns parent interface to default route, not pppoe interface
Hi,
Have been seeing this since at least 2.4, and persists in 2.4.4-p2
WAN: vdsl, via modem on em1
ipv4 config:... James Tandy
02:41 AM Feature #9323 (Resolved): Option to hide 'Kernel PTI' from sysinfo widget
https://github.com/pfsense/pfsense/pull/4050 Ryan W

02/13/2019

07:39 PM Revision 2944e2f7: Revert "Fix the build of net-mgmt/net-snmp on 12, disable the TLS support for now."
This reverts commit 39d77ff1985789c7edb352ba4697355e591b7622. Luiz Souza
07:11 PM pfSense Packages Bug #9322 (Resolved): telegraf "Additional configuration for Telegraf" lost configuration after reboot
Version: 2.4.5.a.20190211.0331
after reboot, the "Additional configuration for Telegraf" appending configurations ... mrco chen
06:48 PM Revision 98e71167: Fix the build of security/openssl.
The PADLOCK cannot be fetched. Luiz Souza
04:36 PM Revision 6b2acc67: Disable other GSSAPI options to prevent conflict
Renato Botelho
04:23 PM Revision b018b7af: Build p5-GSSAPI using MIT while using openssl from ports
Renato Botelho
04:19 PM Revision d73d911c: Use the OpenSSL from ports for now.
This should allow the build of the broken ports (no OpenSSL 1.1.0 support). Luiz Souza
03:16 PM Bug #9321 (Rejected): Traffic Graphs on Dashboard not loading with certain types of interfaces
Traffic Graph is not loading at all when GRE, OpenVPN or IPSec graphs are enabled because it doesn't receive data for... Flole Systems
02:47 PM Revision a432c227: Revert "Don't use DISTFILES_CACHE"
This reverts commit 683a0581699f2654c9673a73dec696c929238a32. Renato Botelho
02:46 PM Revision 382c5ba6: Revert "Don't use DISTFILES_CACHE"
This reverts commit 81041332b295b383d85ee3057d5d4d626c73cdc2. Renato Botelho
02:38 PM Revision a73f3147: Disable the build of www/pound for now, it is not compatible with OpenSSL 1.1.0.
Luiz Souza
02:27 PM Revision 39d77ff1: Fix the build of net-mgmt/net-snmp on 12, disable the TLS support for now.
Luiz Souza
01:59 PM Revision b761d75c: Fix the build of miniupnpd in 12, disable CHECK_PORTINUSE.
Luiz Souza
01:39 PM Revision 978ebbf7: Fix OU Name DN entry when creating a user cert. Fixes #9317
(cherry picked from commit 354b1c750d9eeb9ccf0dc22033c9c813ec88e6f3) Jim Pingle
01:39 PM Revision edf4b0fb: Correct syntax error in diag_backup.php. Fixes #9316
(cherry picked from commit e0b32eb9e6b040fd14025b5c32644959ba67250e) Jim Pingle
01:38 PM Revision be8a5a8a: Force the <enableserial> on when restoring a backup on a device with serial only console.
Affects multiple devices.
Ticket #1547
(cherry picked from commit c91af4ac6a6b501b59a542acb4ace05e2b10e3ea) Luiz Souza
01:37 PM Revision 354b1c75: Fix OU Name DN entry when creating a user cert. Fixes #9317
Jim Pingle
01:36 PM Revision e0b32eb9: Correct syntax error in diag_backup.php. Fixes #9316
Jim Pingle
01:11 PM Revision 4a3c0547: Bump version to 2.5.0-DEVELOPMENT and use RELENG_2_5 branch, based on FreeBSD 12.x
Renato Botelho
12:04 PM Bug #9320 (Resolved): Outbound NAT and multiple IPSEC IPs for mobile warriors
https://github.com/pfsense/pfsense/pull/4049
Normally all IPs are added to the automatic outbound NAT. With the ch... Christian R.
11:15 AM Bug #9319 (Duplicate): Certificates synced even with disabled Sync option - "Certificate Authorities, Certificates, and Certificate Revocation Lists"
Duplicate of #9283 which is already fixed. Jim Pingle
11:09 AM Bug #9319 (Duplicate): Certificates synced even with disabled Sync option - "Certificate Authorities, Certificates, and Certificate Revocation Lists"
Certificates and CA's are still being synced from primary to secondary even with disabled Sync option - "Certificate ... Vladimir Lind
07:45 AM Bug #9317 (Feedback): Warning/crash when adding a new user and choosing to generate a certificate
Applied in changeset commit:354b1c750d9eeb9ccf0dc22033c9c813ec88e6f3. Jim Pingle
07:42 AM Bug #9317 (In Progress): Warning/crash when adding a new user and choosing to generate a certificate
Jim Pingle
12:48 AM Bug #9317 (Resolved): Warning/crash when adding a new user and choosing to generate a certificate
User and certificate are created fine, but this crash is reported, running 2.4.5.a.20190212.1501
Crash report begi... Mohamed Eltantawi
07:45 AM Bug #9316 (Feedback): diag_backup.php: Parse error: syntax error, unexpected ';' in /usr/local/www/diag_backup.php on line 333
Applied in changeset commit:e0b32eb9e6b040fd14025b5c32644959ba67250e. Jim Pingle
07:41 AM Bug #9316 (In Progress): diag_backup.php: Parse error: syntax error, unexpected ';' in /usr/local/www/diag_backup.php on line 333
Jim Pingle
12:44 AM Bug #9316: diag_backup.php: Parse error: syntax error, unexpected ';' in /usr/local/www/diag_backup.php on line 333
No configuration can be backed up or restored due to this crash. Mohamed Eltantawi
12:43 AM Bug #9316 (Resolved): diag_backup.php: Parse error: syntax error, unexpected ';' in /usr/local/www/diag_backup.php on line 333
Running 2.4.5.a.20190212.1501
Crash report begins. Anonymous machine information:
amd64
11.2-RELEASE-p8
Free... Mohamed Eltantawi
07:44 AM pfSense Packages Bug #9318 (Not a Bug): Acme - standalone validation takes long time to start internal server
Not seeing a bug there. Please keep the discussion on the forum unless something specific can be identified. That's a... Jim Pingle
03:30 AM pfSense Packages Bug #9318 (Resolved): Acme - standalone validation takes long time to start internal server
Hi!
As per post here: https://forum.netgate.com/topic/140537/certificate-long-time-to-issue
I have ACME in stan... Greg M
 

Also available in: Atom