Project

General

Profile

Activity

From 02/18/2019 to 03/19/2019

03/19/2019

08:04 PM Bug #9414 (Resolved): Hardware with Intel 82583V interface such as some Watchguard equipment fail to load interface

Per the post https://forum.netgate.com/topic/141709/nics-not-detected-on-watchguard-xcs-call-this-solved
The Int... Chris Palmer
05:50 PM Revision f30da999: Fix CA/Cert search description. Issue #9412
Jim Pingle
02:53 PM Bug #9413 (Resolved): VLAN driver missing ALTQ support
The VLAN driver on 2.5.0 is missing ALTQ support... Jim Pingle
02:21 PM Bug #9365: Use of "continue" in switch statements can be ambiguous
Seeing in lcdproc too. Seems to be working OK though.... Steve Wheeler
01:25 PM Revision dd4fb72c: Fix bonus closing tag. Issue #9412
Jim Pingle
09:07 AM Bug #9411: Firewall log does not contain valid entries
Luiz offered to look at this Jim Pingle

03/18/2019

08:53 PM Revision 14973058: Add sorting and search to CA/Certs. Implements #9412
Jim Pingle
04:47 PM Revision 0d82f93b: Correct OSCP Must-Staple cert check for OpenSSL 1.1.1. Fixes #9408
Jim Pingle
04:44 PM Revision e788a9e2: Create /var/crash after creating /var RAM disk. Fixes #9409
(cherry picked from commit b39d615394eabd2d19afef0936219c609ef602e3) Jim Pingle
04:44 PM Revision b39d6153: Create /var/crash after creating /var RAM disk. Fixes #9409
Jim Pingle
04:00 PM Feature #9412 (Feedback): Add sorting and search/filtering to CA/Certificates
Applied in changeset commit:14973058752f8b19f63af5c45b3f7b42560ae432. Jim Pingle
03:53 PM Feature #9412 (Resolved): Add sorting and search/filtering to CA/Certificates
The CA and Certificate tabs of the certificate manager can grow quite large and can be difficult to locate items. Add... Jim Pingle
02:11 PM Bug #9411 (Resolved): Firewall log does not contain valid entries
On 2.5.0 snapshots, the firewall log at /var/log/filter.log does not contain valid entries.... Jim Pingle
12:46 PM Bug #9410 (Resolved): Package install fails to run from GUI
Attempting to install a package from the GUI fails on the latest 2.5.0 snapshot (2.5.0.a.20190317.1652)
Click "Ins... Jim Pingle
11:55 AM Bug #9408 (Feedback): OCSP stapling detection broken on 2.5.0
Applied in changeset commit:0d82f93b68b59ccfcf2bdbc9b73fc5da1d7eb9c7. Jim Pingle
11:29 AM Bug #9408 (Resolved): OCSP stapling detection broken on 2.5.0
Certificates with OCSP stapling are not detected as such on 2.5.0. If a cert with stapling is used as the GUI cert, t... Jim Pingle
11:50 AM Bug #9409 (Feedback): Crash dumps cannot be saved when RAM disks are enabled for /var
Applied in changeset commit:b39d615394eabd2d19afef0936219c609ef602e3. Jim Pingle
11:43 AM Bug #9409 (Resolved): Crash dumps cannot be saved when RAM disks are enabled for /var
When a system has RAM disks enabled for /var, the /var/crash directory is missing at bootup when the OS attempts to s... Jim Pingle
08:24 AM Bug #9407: Update jQuery to current version (3.3.1 or later)
There is an upgrade guide here: https://jquery.com/upgrade-guide/3.0/ which includes instructions on a migration prog... Jim Pingle
08:22 AM Bug #9407 (Resolved): Update jQuery to current version (3.3.1 or later)
pfSense has jQuery 1.12.0 which is no longer receiving security updates. 2.x has also been deprecated by jQuery.
W... Jim Pingle

03/17/2019

04:08 PM Bug #9283: Not obvious that HA sync will still sync certs if cert sync disabled but OpenVPN sync enabled
Then you are using ACME incorrectly. Read the previous comments or post on the forum if you have further questions. Y... Jim Pingle
03:53 PM Bug #9283: Not obvious that HA sync will still sync certs if cert sync disabled but OpenVPN sync enabled
Even openvpn needs synced certs I would like not to sync them because of ACME certs.
Or skip deleting used ACME ce... Grischa Zengel
03:42 PM Feature #9406 (Rejected): restart necessary to restore config file
Rebooting after restore is the safest way to ensure every setting has been applied. You can't always guarantee that a... Jim Pingle
02:18 PM Feature #9406 (Rejected): restart necessary to restore config file
Hi, first of all, I'm from Argentina, excuse me if I don't express myself accurately. I would like to request that pf... Federico Galli
12:26 PM pfSense Packages Bug #9204: ospfd: GRE tunnels became unnumbered since 2.4.4
I think the root of the problem is frr incorrectly detecting that GRE tunnels have /32 netmasks - this makes them unn... Firstname Surname
12:15 PM Feature #7746: Proxy NDP
Richard van Dijk wrote:
> It looks like now there is a possible solution of decent quality that can be further built... Firstname Surname
12:02 PM Bug #9405 (Resolved): IPsec IPv6 dynamic FQDN Remote Gateways / util.inc resolve_retry() IPv6 support
Here is one I have been manually patching for years. Since ever, resolve_retry() which is used to resolve an IPSec re... Firstname Surname
08:54 AM pfSense Packages Bug #9352: Duplicate default views in Status Monitoring that can't be removed.
I can confirm all of this.
Thanks for creating the redmine. Raul Ramos

03/16/2019

11:19 PM pfSense Docs Correction #9404 (Resolved): Bring RCC install guides up to date
The following guides are in a broken state.
https://docs.netgate.com/platforms/rcc-2758/pfsense.html
https://docs... Anonymous
09:04 PM pfSense Packages Feature #9289: Snort enable react
Snort on pfSense currently runs in what is really IDS mode using libpcap. The "blocking" done by Snort uses a custom... Bill Meeks
03:43 PM pfSense Packages Bug #9403 (Resolved): Suricata - Checkbox 'Traffic Flows' enables logging for both logging formats
The checkbox 'Traffic Flows' in 'EVE Output Settings' now enables netflow and flow output. (net)flow logging is quite... Julian Wecke
10:32 AM Revision 665cbe2a: do not look for other servers when an auth is successful
fix #9255 A FL

03/15/2019

05:21 PM Bug #9402: Netgate "DNS over TLS with pfSense" Blog Post recommends configuration vulnerable to MITM attacks from self signed certificates
Jim, thanks for the quick response. You replied so quickly that I was late in adding that I hadn't actually verified ... Richard Yao
05:20 PM Bug #9402: Netgate "DNS over TLS with pfSense" Blog Post recommends configuration vulnerable to MITM attacks from self signed certificates
One more remark. While I cited that blog post, I haven't actually taken the time to verify that this protects against... Richard Yao
05:19 PM Bug #9402 (Duplicate): Netgate "DNS over TLS with pfSense" Blog Post recommends configuration vulnerable to MITM attacks from self signed certificates
That doesn't actually verify anything. It logs that it does, but doesn't fail validation if the host doesn't match.
... Jim Pingle
05:16 PM Bug #9402: Netgate "DNS over TLS with pfSense" Blog Post recommends configuration vulnerable to MITM attacks from self signed certificates
There is a typo in my original report. The post should say:
server:
tls-cert-bundle: /usr/local/share/certs/ca-ro... Richard Yao
05:13 PM Bug #9402 (Duplicate): Netgate "DNS over TLS with pfSense" Blog Post recommends configuration vulnerable to MITM attacks from self signed certificates
Users should be told to set these options in unbound:
server:
tls-cert-bundle: /usr/local/share/certs/ca-root-nss... Richard Yao
04:18 PM Bug #9401 (Resolved): 26 to 31 character VPN interface names cause gateway names to exceed 31 character limit
If you make an OpenVPN interface name with 26 to 31 characters (in my case, I made them with exactly 26 and 31 charac... Richard Yao
04:15 PM Revision b7be92c5: Make it possible to fix armv6 -> armv7 config files
Renato Botelho
04:10 PM Revision 08acb533: Make it possible to fix armv6 -> armv7 config files
Renato Botelho
04:01 PM Revision 9d91dd67: Prepare repo templates for 2.5.0 based on FreeBSD 12
Renato Botelho
03:15 PM Revision d36cf2c9: Test modules path before scanning. Fixes #9400
Jim Pingle
11:28 AM Bug #9384: devd putting "$" before variable contents when using single quotes
This also appears to affect rc.carpmaster (and rc.carpbackup), which is also run through pfSctl... Jim Pingle
10:25 AM Bug #9400 (Feedback): PHP scandir() error at boot
Applied in changeset commit:d36cf2c9444fe01a504c1f36bccb6999f0ec329a. Jim Pingle
10:15 AM Bug #9400 (Resolved): PHP scandir() error at boot
On current 2.5.0 snapshots, systems may see the following error at boot time:... Jim Pingle
10:19 AM pfSense Packages Feature #9399: pkg support for SSH + sudo authentication via LDAP
nss_ladp and LDAP-enabled sudo are both now present on 2.5.0 snapshots. Jim Pingle
08:08 AM Bug #9388 (Feedback): Update ntpd
4.2.8p13 imported to devel branch Renato Botelho

03/14/2019

08:33 PM Revision 7db5a396: Enable LDAP for sudo and build nss_ldap. Fixes #9399
Jim Pingle
03:45 PM pfSense Packages Feature #9399 (Feedback): pkg support for SSH + sudo authentication via LDAP
Applied in changeset pfsense:commit:7db5a396d398b010bfb70048881a6cec0577338f. Jim Pingle
03:36 PM pfSense Packages Feature #9399: pkg support for SSH + sudo authentication via LDAP
Considering we already build pam_ldap I'm not sure why nss_ldap was omitted, so I added it to the build list for 2.5.... Jim Pingle
12:15 PM pfSense Packages Feature #9399 (Resolved): pkg support for SSH + sudo authentication via LDAP
Hi Folks,
You have a very usable and user-friendly webUI configuration tool for setting up LDAP authorization for ... Mark Staudinger
02:52 PM Feature #4881: Allow NPt to use dynamic IPv6 networks
This will be required for most consumer internet providers that give dynamic IPv6 addresses.
Verizon FiOS just en... Joshua Diamant
09:58 AM Feature #8650 (Bogus): DynDNS Update via HTTPS
The dyndns.org updater has only used HTTPS for as long as it's been in pfSense.
Current code: https://github.com/p... Jim Pingle
09:18 AM Todo #7091 (Not a Bug): Write upgrade code to rename igb devices to em
It's not happening anymore
https://lists.freebsd.org/pipermail/freebsd-current/2017-January/064370.html Renato Botelho
09:12 AM Todo #7091: Write upgrade code to rename igb devices to em
Maybe note this in release notes before snapshots go live Michael Kellogg

03/13/2019

07:44 PM Revision e078d316: Update obsoleted files from FreeBSD 11 -> 12
Renato Botelho
07:34 PM Revision 64d2dd61: Add missing obsoleted files
Renato Botelho
07:34 PM Revision b05d99e2: Add missing obsoleted files
Renato Botelho
06:13 PM Revision 586c623a: Deprecate the built-in relayd Load Balancer. Closes #9386
It is not available on FreeBSD 12 with OpenSSL 1.1.x.
Users can migrate to the HAProxy package. Jim Pingle
03:48 PM Revision 749dfdb7: Fix the spamming of warnings about ttyv0 not being available on ARM64 devices.
While here, use a more meaningful name for the function. Luiz Souza
03:37 PM Revision 91677c09: Generate hints for the kernel loader.
Luiz Souza
02:19 PM Bug #9366 (Resolved): "Illegal string offset" PHP errors
I haven't seen any of these for a while. The patch that suppressed them is back, and the most common ones are corrected. Jim Pingle
01:20 PM Todo #9386 (Feedback): Deprecate built-in relayd Load Balancer
Applied in changeset commit:586c623a943f59486a461c1af9873dd6cc11a3b3. Jim Pingle

03/12/2019

08:20 PM Revision b69eea46: Initialized entries variable before use. Fixes #9359
(cherry picked from commit 9146639e722b4d437d19b5ade1157ae01849a313) Jim Pingle
08:20 PM Revision 9146639e: Initialized entries variable before use. Fixes #9359
Jim Pingle
07:47 PM Revision d67449c6: Use only sshguard table for blocking ssh/gui attacks. Issue #9223
(cherry picked from commit 555a9ab5c01101ddab7daa41f35d379d1c39b26e) Jim Pingle
07:47 PM Revision 922a1ae3: Remove unnecessary expiretable cron jobs for ssh/gui lockout. Issue #9223
(cherry picked from commit 7a68df5efc35b6d1ee514bb87a2298f5180de001) Jim Pingle
07:46 PM Revision 555a9ab5: Use only sshguard table for blocking ssh/gui attacks. Issue #9223
Jim Pingle
07:46 PM Revision 7a68df5e: Remove unnecessary expiretable cron jobs for ssh/gui lockout. Issue #9223
Jim Pingle
06:42 PM Revision f1caf190: Remove unnecessary expiretable cron jobs for ssh/gui lockout. Issue #9223
(cherry picked from commit 397d9fff6df234d98ef2353b0b29912a14777442) Jim Pingle
06:41 PM Revision 397d9fff: Remove unnecessary expiretable cron jobs for ssh/gui lockout. Issue #9223
Jim Pingle
04:49 PM pfSense Packages Feature #9387: Update telegraf to 1.9.3 from ports
Sounds good, thanks. John Silva
03:11 PM pfSense Packages Feature #9387: Update telegraf to 1.9.3 from ports
1.9.0 is available on pfSense 2.5.0 snapshots (which are not yet public)
That is the most recent release in the 20... Jim Pingle
03:51 PM pfSense Docs Correction #9394 (Closed): Feedback on Services — DNS — Configuring the DNS Resolver
*Page:* https://docs.netgate.com/pfsense/en/latest/services/dns/resolver.html
*Feedback:*
Does not explain how ... Rick Schmitz
03:37 PM pfSense Packages Bug #9339: Misc typos in pfsense/FreeBSD-ports
PR Link: https://github.com/pfsense/FreeBSD-ports/pull/624 Jim Pingle
03:30 PM Bug #9359 (Feedback): diag_tables.php duplicate entries from webConfigurator lockout table
Applied in changeset commit:9146639e722b4d437d19b5ade1157ae01849a313. Jim Pingle
03:20 PM Bug #9359: diag_tables.php duplicate entries from webConfigurator lockout table
I can't reproduce this as stated, but I can see how it might happen since the variable is used without being initiali... Jim Pingle
03:09 PM pfSense Packages Feature #9389 (Closed): More frequent package repo updates needed
Sounds good on paper, but doesn't work in practice.
We can't automatically track a branch because a base system pa... Jim Pingle
03:07 PM Bug #9223: SSHGUARD doesn't work as expected
Joshua Sign wrote:
> As it could be very interresting to have sshguard blocking ip by services, i just worked on it.... Jim Pingle
03:05 PM Bug #9223 (Feedback): SSHGUARD doesn't work as expected
sshguard 2.3.1 is now present on 2.5.0 snapshots being tested. It has the extra GUI table code removed.
Associated... Jim Pingle
01:49 PM Bug #9223: SSHGUARD doesn't work as expected
I pushed a change to remove the cron job. Additional changes are coming shortly. Jim Pingle

03/11/2019

09:40 PM Feature #9393 (Resolved): Improved support for USB interfaces that may not always be present
Currently if you have a USB 4g modem or any other removable interface you need to manually delete it or otherwise you... Xhivat Hoxhiq
06:53 PM Bug #9390: diag_backup.php: Backup output generation failure with CSRF script tag inserted into XML

Two reports of success with the committed patch, for different issues as well:
https://forum.netgate.com/post/82... Jim Pingle
03:19 PM Bug #7020: <Hostname> is omitted when sending logs on syslog
Then that is where you need to direct your attention. Comment there and let the FreeBSD developers know that it's a p... Jim Pingle
03:04 PM Bug #7020: <Hostname> is omitted when sending logs on syslog
A bug is already opened upstream, see https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194231 Daniel Berteaud
01:07 PM pfSense Packages Todo #9392 (Resolved): Status_Traffic_Totals needs updated for vnstat 2.0
In the FreeBSD ports repository, vnstat has been upgraded to vnstat 2.0 (from 1.15).
vnstat 2.0 does not appear to... Jim Pingle
10:25 AM Bug #9391 (Duplicate): Can't access Backup & Restore Page
Duplicate of #9316 -- already fixed in the repository, but there are no more 2.4.5 snapshots. Jim Pingle
10:17 AM Bug #9391 (Duplicate): Can't access Backup & Restore Page
pfSense Version: 2.4.5.a.20190213.0609
I cannot access the Backup & Restore page at all from GUI. instead i get er... ahmed k
01:40 AM pfSense Packages Bug #9322: telegraf "Additional configuration for Telegraf" lost configuration after reboot
additional issue: running configurations will ALSO be lost after sometime, you'll have to re-click SAVE in "PackageSe... mrco chen

03/10/2019

11:44 PM Revision 428f6f02: Fix output buffering when downloading config backups. Fixes #9390
(cherry picked from commit 4015b03d4b184e546cb3590430fee6f9953ce23e) Jim Pingle
11:43 PM Revision 4015b03d: Fix output buffering when downloading config backups. Fixes #9390
Jim Pingle
06:50 PM Bug #9390 (Feedback): diag_backup.php: Backup output generation failure with CSRF script tag inserted into XML
Applied in changeset commit:4015b03d4b184e546cb3590430fee6f9953ce23e. Jim Pingle
05:59 PM Bug #9390: diag_backup.php: Backup output generation failure with CSRF script tag inserted into XML
You're entitled to your opinion but I disagree. Output buffering can cause other issues with downloading other than t... Jim Pingle
05:54 PM Bug #9390: diag_backup.php: Backup output generation failure with CSRF script tag inserted into XML
Look at PR 4055: https://github.com/pfsense/pfsense/pull/4055 Sam Likins
05:52 PM Bug #9390: diag_backup.php: Backup output generation failure with CSRF script tag inserted into XML
That is a bad solution, performing unnecessary complexity, when turning off the flag prior to outputting the payload ... Sam Likins
05:47 PM Bug #9390: diag_backup.php: Backup output generation failure with CSRF script tag inserted into XML
That PR is the wrong fix.
I haven't been able to reproduce this here, but it appears to be due to output buffering... Jim Pingle
05:39 PM Bug #9390: diag_backup.php: Backup output generation failure with CSRF script tag inserted into XML
PR #4055 Created Sam Likins
05:35 PM Bug #9390: diag_backup.php: Backup output generation failure with CSRF script tag inserted into XML
I can't reproduce this.
[2.4.4-RELEASE-p2 (amd64)
built on Wed Dec 12 07:40:18 EST 2018
FreeBSD 11.2-RELEASE-p6... Anonymous
04:59 PM Bug #9390 (Resolved): diag_backup.php: Backup output generation failure with CSRF script tag inserted into XML
Since the last update (ie: *2.4.4_2*), backups fail to restore; previously generated backups will restore, but new ba... Sam Likins
06:41 PM Bug #7020: <Hostname> is omitted when sending logs on syslog
If it's a bug, it's a bug in FreeBSD -- we use their syslogd and that's how it behaves. The default behavior is to ge... Jim Pingle
05:37 PM Bug #7020: <Hostname> is omitted when sending logs on syslog
This is clearly a bug, as PfSense is not sending valid syslog messages. It also affects Graylog (3.0). We have to use... Daniel Berteaud
01:15 PM pfSense Packages Feature #9389 (Closed): More frequent package repo updates needed
I've been noticing that the release package repo lags far behind the quarterly ports tree releases and the official p... John Silva
01:01 PM Bug #9388 (Resolved): Update ntpd
Ran pkg audit new install of 2.4.4-p2:... Chris Macmahon
12:27 PM pfSense Packages Feature #9387 (Resolved): Update telegraf to 1.9.3 from ports
Telegraf port in pfsense (1.6.3) is substantially behind upstream FreeBSD ports tree (1.9.3). 1.9.3 has support for ... John Silva

03/09/2019

07:40 PM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
Looks like Pieter and I have come to the same conclusion (see comment 10), hopefully a fix isn't too far out. Tom Embt
02:50 PM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
Hmm, nice find Pieter!
Maybe we need a function like *haveWorkingDns()* that returns a bool if DNS is working, and... → luckman212
01:08 PM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
We had the same issue. It's a pfSense 2.4.4p2 installation in an air-gapped environment and has never touched the int... Pieter .

03/08/2019

09:34 AM pfSense Packages Bug #9368 (Feedback): ACME certificates cannot have more than ~35 SAN entries due to input variable limits
PR Merged Jim Pingle

03/07/2019

05:49 PM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
could you confirm that adding DNS entries can be a workaround ? (if you can try to do it for testing purpose)
How ma... Joshua Sign
01:20 PM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
This is affecting our company's setup as well. Static public IPs /29 (total 5 available IPs) with one hooked up with ... Jamie Donovan

03/06/2019

07:14 PM Revision 632f0dbf: Revert "Remove definitions of conf_mount_r[ow]"
Leave functions declaration for now to prevent errors during upgrade.
This reverts commit da3ef5a3b359edb27bb9bb2b88... Renato Botelho
04:28 PM pfSense Packages Bug #9368: ACME certificates cannot have more than ~35 SAN entries due to input variable limits
Should be fixed with this: https://github.com/pfsense/FreeBSD-ports/pull/626
Or would that possibly cause sideeffect... Pi Ba
09:22 AM pfSense Packages Bug #9368 (Resolved): ACME certificates cannot have more than ~35 SAN entries due to input variable limits
The way that acme_certificates_edit.php submits data results in a failure to add more SAN entries due to input variab... Jim Pingle
03:05 PM Todo #9386 (Resolved): Deprecate built-in relayd Load Balancer
As of now, relayd does not function on FreeBSD 12 due to OpenSSL 1.1.x. The port is currently "marked BROKEN":https:/... Jim Pingle
02:07 PM Bug #9385 (Closed): OpenVPN logs a "Device busy" error when opening tap interfaces, but continues to function
On 2.5.0 snapshots, when openvpn starts up, it logs a "Device busy" error, but the error does not appear to harm func... Jim Pingle
02:04 PM Bug #9384 (Confirmed): devd putting "$" before variable contents when using single quotes
On 2.5.0 snapshots, when @check_reload_status@ logs a linkup event, the message contains a @$@ before the interface n... Jim Pingle
02:01 PM Bug #9383 (Resolved): dhcpleases kqueue error
On 2.5.0 snapshots when DHCP lease integration is enabled for the DNS Resolver, the following error is logged at boot... Jim Pingle
01:59 PM Bug #9382 (Resolved): SNMP Undefined symbol "pf_altq"
On 2.5.0 snapshots, bsnmpd logs an error message when the pf module is enabled:... Jim Pingle
12:35 PM pfSense Docs Correction #9381: FreeRadius 2.X package documentation and CaptivePortal associated documentation are mostly outdated
Github User, https://github.com/Frotty, commented:
Also perhaps see https://redmine.pfsense.org/issues/8251
I ha... Jared Dillard
12:34 PM pfSense Docs Correction #9381: FreeRadius 2.X package documentation and CaptivePortal associated documentation are mostly outdated
Jimp commented:
I think we've had some discussion about this in the past on the forum. Since we don't support havi... Jared Dillard
12:25 PM pfSense Docs Correction #9381 (Resolved): FreeRadius 2.X package documentation and CaptivePortal associated documentation are mostly outdated
*Github user:* https://github.com/Augustin-FL
*Feedback:*
The FreeRadius 2.X documentation, https://www.netgate... Jared Dillard
12:14 PM pfSense Docs Correction #9380 (Resolved): Feedback on Cache / Proxy — Tuning the Squid Package
*Page:* https://www.netgate.com/docs/pfsense/cache-proxy/squid-package-tuning.html#caching-windows-updates
*Github... Jared Dillard
12:10 PM pfSense Docs Correction #9379 (Resolved): Feedback on Interfaces — Using a Large Number of Interfaces
*Page:* https://docs.netgate.com/pfsense/en/latest/interfaces/index.html#limitations
*Github user:* https://github... Jared Dillard
12:07 PM pfSense Docs Correction #9378 (Closed): Feedback on Virtualization — Virtualizing pfSense with Proxmox
*Page:* https://docs.netgate.com/pfsense/en/latest/recipes/virtualize-proxmox.html
*Github user:* https://github.c... Jared Dillard
12:07 PM pfSense Packages Feature #6651: Loopback interfaces
Slava Bendersky wrote:
> Hello Everyone,
> I would like place request add ability manipulate loopback interfaces th... Slava Bendersky
12:06 PM pfSense Docs Correction #9377 (Rejected): log file format : missing igmp. <protocol-specific-data> ::= <tcp-data> | <udp-data> | <icmp-data> | <carp-data>
*Page:* https://docs.netgate.com/pfsense/en/latest/monitoring/logs/raw-filter-format.html
*Github user:* https://g... Jared Dillard
12:05 PM pfSense Docs Correction #9376 (Resolved): Feedback on System Monitoring — Filter Log Format for pfSense 2.2
*Page:* https://docs.netgate.com/pfsense/en/latest/monitoring/logs/raw-filter-format.html
*Github user:* https://g... Jared Dillard
12:01 PM pfSense Docs Correction #9375 (Resolved): Feedback on ACME - no info on how to use cron
*Page:* https://docs.netgate.com/pfsense/en/latest/packages/acme/index.html
*Github user:* https://github.com/yuri... Jared Dillard
11:57 AM pfSense Docs Todo #9374 (Resolved): Update Virtualizing pfSense with Hyper-V recipe with more recent information
*Page:* https://docs.netgate.com/pfsense/en/latest/recipes/virtualize-hyper-v.html
*Feedback:*
The Hyper-V tuto... Jared Dillard
11:55 AM pfSense Docs Correction #9373 (Closed): Feedback on Services — DNS — Configuring the DNS Resolver
*Page:* https://docs.netgate.com/pfsense/en/latest/services/dns/resolver.html
*Github user:* https://github.com/ja... Jared Dillard
11:53 AM pfSense Docs Correction #9372 (Resolved): Feedback on User Management — Configuring User Authentication Servers
*Page:* https://docs.netgate.com/pfsense/en/latest/usermanager/authentication-servers.html
*Github user:* https://... Jared Dillard
11:50 AM pfSense Docs Correction #9371 (Resolved): Feedback on Testing the FreeRADIUS Package
*Page:* https://docs.netgate.com/pfsense/en/latest/packages/freeradius-test.html
*Github user:* https://github.com... Jared Dillard
11:37 AM pfSense Docs Correction #9370 (In Progress): Update old screenshots
Here is a list of pages that need updated screenshots:
- [ ] https://docs.netgate.com/pfsense/en/latest/recipes/ip... Jared Dillard
11:32 AM pfSense Docs New Content #9369 (New): Document remaining packages
Create pages for the currently undocumented packages in the Package List, https://docs.netgate.com/pfsense/en/latest/... Jared Dillard

03/05/2019

10:00 PM Revision 1d92575e: Update SMART status page with more detail/commands. Implements #9367
Jim Pingle
08:47 PM Revision 144863e3: Fix more illegal offset errors. Issue #9366
Jim Pingle
06:30 PM Revision 86ec819a: Target the proper loop in switch statements. Issue #9365
Jim Pingle
06:27 PM Revision b88050bb: Fix some illegal offset errors. Issue #9366
Jim Pingle
05:22 PM Revision 59449ddb: Fix deeper continues. Issue #9365
Jim Pingle
05:15 PM Revision 05221142: Target the proper loop in switch statements. Issue #9365
Jim Pingle
04:10 PM Todo #9367 (Feedback): Update SMART Page with new capabilities
Applied in changeset commit:1d92575e36db5fd0b9bf2cc6a236dde32aba9239. Jim Pingle
04:01 PM Todo #9367 (Resolved): Update SMART Page with new capabilities
@smartctl@ is capable of showing a lot more information than the current page supports. Update it to show things like... Jim Pingle
02:45 PM Revision f403491d: Move PHP to 7.3.x
Renato Botelho
02:44 PM Revision b2aae111: Add support for PHP 7.3.x
Renato Botelho
02:43 PM Revision ccc60c88: Remove PHP 5.x support
Renato Botelho
02:40 PM Revision 5ec87d10: Move PHP to 7.3.x
Renato Botelho
02:00 PM Bug #8465: Lost default gateway after recover from failover with CARP VIP and HA
Hi all
The problem is still (or again) reproducable.
Best regards
Tom Tom Huerlimann
12:23 PM Bug #9366 (Resolved): "Illegal string offset" PHP errors
We have a patch that suppresses some "Illegal string offset" PHP errors but if the ones we can spot are easy to fix w... Jim Pingle
12:20 PM Bug #9365: Use of "continue" in switch statements can be ambiguous
Two more:... Jim Pingle
11:13 AM Bug #9365 (Closed): Use of "continue" in switch statements can be ambiguous
PHP 7.3 is tightening down on the use of @continue@ in switches. There are instances where the code meant to continue... Jim Pingle
09:08 AM pfSense Packages Bug #9364 (Resolved): squidguard int error page does not use https
Hello,
I'm running these versions on my system(s):
pfSense 2.4.4-RELEASE-p2
squid 0.4.44_7
squidguard 1.16.18_1... Florian Stichlberger

03/04/2019

07:22 AM pfSense Docs Correction #9363 (Closed): Source Tracking Table
That only appears if you have Sticky connections enabled, otherwise it's not relevant. Jim Pingle
07:18 AM pfSense Docs Correction #9363 (Closed): Source Tracking Table
Docs » pfSense » Book » System Monitoring » Firewall States » Reset State Table / Source Tracking Table
The book s... Anonymous

03/03/2019

04:18 AM Bug #9362 (Resolved): rc.dyndns.update: Cloudflare DDNS with proxy enabled doesn't work at all
When updating the DNS record via services_dyndns_edit.php it works normally, but when it tries to update it automatic... Nico Schneider

03/02/2019

05:58 PM Revision acfc3643: Allow Dynamic DNS wildcards for Cloudflare #9361
Tom Embt
12:05 PM Bug #9361: Cloudflare Not Allowing "*" Hostname Entry in Dynamic DNS
https://github.com/pfsense/pfsense/pull/4053
- hide wildcard and MX checkboxes since neither are used by the Cloud... Tom Embt
11:47 AM Bug #9361: Cloudflare Not Allowing "*" Hostname Entry in Dynamic DNS
My comments about Route53 on #9053 likely also apply to Cloudflare here. Assuming so, the solution would differ slig... Tom Embt
11:55 AM Bug #9074: Alias URL lists only storing last-most list in config.
Applied https://github.com/pfsense/pfsense/pull/4002/commits/f5c56bf8189d515af203c398f473c9b3adfff98b and https://git... Danilo Zrenjanin
05:37 AM Bug #9320: Outbound NAT and multiple IPSEC IPs for mobile warriors
Applied https://github.com/pfsense/pfsense/pull/4049/commits/8897cbce7fc410029ac367eeee7c12261fec896f via system_pat... Vladimir Lind

03/01/2019

07:23 PM Revision ac512a11: Move to python 3.6 as default
Renato Botelho
07:06 PM Bug #9361 (Resolved): Cloudflare Not Allowing "*" Hostname Entry in Dynamic DNS
Cloudflare allows wildcard A records and the pfSense DDNS page has a wildcard checkbox (since 2.3?), but it will thro... Will Rutherford
02:23 PM Todo #9360 (Resolved): Switch to Python 3.x
Python 2.7.x is not long for this world, going EOL on "Jan 1, 2020":https://pythonclock.org/
We need to ensure the... Jim Pingle
09:38 AM Bug #9223: SSHGUARD doesn't work as expected
FYI
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20798
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CV... Joshua Sign

02/28/2019

07:52 PM Bug #5999: IPv6 IP Alias prevents Track Interface from working with DHCPv6 and RA
As far as I can tell there are too many assumptions placed on the order of the addresses on the interfaces.
There ... Chris Linstruth
05:48 PM Revision c5663bf5: Comment out all pfSense_fsync() calls until it's properly fixed
Renato Botelho
04:02 PM Revision c03dc57f: pfSense_fsync() call just before rename() is breaking it. Comment out for now until it's fixed
Renato Botelho
01:06 PM Revision da3ef5a3: Remove definitions of conf_mount_r[ow]
Renato Botelho
01:05 PM Revision 9c078e31: Remove /etc/conf_mount_r[ow]
Renato Botelho
12:49 PM Revision 522388a7: Remove all calls to conf_mount_r[ow]
Renato Botelho
10:15 AM pfSense Packages Todo #9354 (Feedback): Update OpenVPN Client Export with OpenVPN 2.4.7
The OpenVPN 2.4.7 Windows installer is included in OpenVPN Client Export Package version 1.4.18_3, which is available... Jim Pingle
10:03 AM Bug #9359 (Resolved): diag_tables.php duplicate entries from webConfigurator lockout table

Entries in the webConfigurator Lockout Table are always listed, whatever the table you select.
Possible fix shou... Joshua Sign
09:35 AM pfSense Packages Bug #8476 (Resolved): OpenVPN Client Export TLS Key Direction Directive Location
ovpn configuration file exported from:
2.4.5-DEVELOPMENT (amd64)
built on Wed Feb 13 06:09:38 EST 2019
FreeBSD 11.... Danilo Zrenjanin
09:35 AM Revision 9df78d6b: Do not initialize t_address in loop
Paul.Bramhall
06:10 AM Bug #9358 (Closed): Lost default gateway after recover from failover with CARP VIP and HA
The same issue #8465 is back on 2.4.4-RELEASE-p2 (amd64) built on Wed Dec 12 07:40:18 EST 2018. Tested with one WAN I... Christian Grunfeld

02/27/2019

10:02 PM Revision 90639e0a: Rename exclude files to work with armv7
Renato Botelho
09:03 PM Revision e200e241: Fix armv7 ABI string
Renato Botelho
07:34 PM Revision 82b59cee: On FreeBSD 12+ move from armv6 to armv7
Renato Botelho
04:22 PM Revision fe0a068b: Revert "pfSense_fsync() call just before rename() is breaking it. Comment out for now until it's fixed"
pfSense_fsync() is fixed now
This reverts commit cea9d3b7dc6f7ac8450a2a8f4b630b1b6b69827b. Renato Botelho
02:55 PM Bug #8465: Lost default gateway after recover from failover with CARP VIP and HA
The same issue is back in 2.4.4-RELEASE-p2 (amd64) built on Wed Dec 12 07:40:18 EST 2018. Tested with one WAN IP (/30... Christian Grunfeld
12:09 PM Revision 67f15b5e: Update loader.conf when maximumtableentries changes
On Firewall -> Advanced -> Firewall, when maximumtableentries item
changes, make sure /boot/loader.conf is changed ac... Renato Botelho
12:06 PM Revision 117f032c: Add net.pf.request_maxcount to loader.conf
On FreeBSD 12 and newer pf uses this sysctl to define maximum number of
items supported by its allocations. Make sur... Renato Botelho
10:00 AM Bug #9357: rc.newwanipv6 called regardless of REASON
We probably need something like a "copy" of /usr/local/sbin/pfSense-dhclient-script here, just for IPv6 Flole Systems
09:56 AM Bug #9357 (Closed): rc.newwanipv6 called regardless of REASON
The dhcp6c_wan_script.sh does not honor the REASON-Variable set by the dhcp6c process. Even though it is RENEW and th... Flole Systems
07:31 AM Todo #9356 (Closed): Find optimal default for net.pf.request_maxcount
FreeBSD 12 introduced a new sysctl, @net.pf.request_maxcount@, which must be set in loader.conf (or loader.conf.local... Jim Pingle

02/26/2019

08:15 PM Revision c16a2fe1: Remove invalid MACs from sshd_config
Renato Botelho
07:09 PM Revision cea9d3b7: pfSense_fsync() call just before rename() is breaking it. Comment out for now until it's fixed
Renato Botelho
05:04 PM Revision 295b0d2b: Fix path relative to MAKEOBJDIRPREFIX to FreeBSD 12+ reality
Renato Botelho
10:57 AM pfSense Packages Bug #9355 (Bogus): Telegraf Package - https for InfluxDB Server
Setup Telegraf to send stats to InfluxDB
When trying https:// in url no stats until http:// used.
Would prefer to... Erin O'Meara
08:43 AM pfSense Packages Todo #9354 (Resolved): Update OpenVPN Client Export with OpenVPN 2.4.7
OpenVPN 2.4.7 released last week, needs updated in the OpenVPN client export package: https://openvpn.net/community-d... Jim Pingle
08:35 AM pfSense Packages Bug #9345 (Resolved): Quagga Ospf MD5 interface password truncated to 15 characters
Jim Pingle
12:05 AM pfSense Packages Bug #9345: Quagga Ospf MD5 interface password truncated to 15 characters
Tested for FRR OSPF (version 0.2_7). Thank you for the quick fix. Henning Rogge

02/25/2019

04:15 PM Bug #9353 (New): PHPSession errors from limited access to dashboard and widgets
If you login with a user who has privilege 'WebCfg - System: Login / Logout / Dashboard' and you have widgets on the ... Steve Wheeler
04:04 PM pfSense Packages Bug #9352 (Resolved): Duplicate default views in Status Monitoring that can't be removed.
Ended up with multiple "Default" views under status monitoring that could not be removed. When attempting to create a... Mike A
03:15 PM Bug #9351: need option for repeated DHCP retries
the cable modem (Arris/Moto SB6183) has no ip, its a bridge, the gateway is somewhere at my ISP. the modem stays al... John Pierce
02:59 PM Bug #9351: need option for repeated DHCP retries
"propose you add an option to keep retrying DHCP renews on the WAN when the gateway becomes inaccessible." - Based on... Anonymous
02:41 PM Bug #9351 (Duplicate): need option for repeated DHCP retries
every time my cable company has an outage of more than a few minutes, pfsense ends up with no IP address on WAN, and ... John Pierce
02:56 PM Revision 4ee79051: Update translation files
Renato Botelho
02:56 PM Revision 7f58d21b: Regenerate pot
Renato Botelho
02:55 PM Revision 7fac4101: Update translation files
Renato Botelho
02:26 PM Bug #6876 (Resolved): Firewall alias issue after adding a wrong alias
Anonymous
02:09 PM Revision 303e7fed: Regenerate pot
Renato Botelho

02/24/2019

04:38 PM Revision 3cd21b4e: Routing, actually show the "(default)" mark on the default route as it is present on the OS
Most obvious problem was when manually switching from WANGW1 to WANGW2 it showed both as (default) after saving the s... PiBa-NL

02/23/2019

11:41 AM pfSense Packages Bug #9350 (Resolved): not appear proxy config
This problem is observed when using "squid" and "squidguard" packages together. If you enter values in the "blacklist... Yuran Yastreb
11:24 AM Bug #9349: IPSec service start/stop/restart fails after settings change
Hi.
I mixed the logs (stop/restart) but the problem is the same and I understand your explanation. Nevertheless th... Markus Stockhausen
08:14 AM Bug #9349: IPSec service start/stop/restart fails after settings change
The mode on that says "stop", not restart.
Try a different browser, you may see a more informative error message.
... Jim Pingle
07:58 AM Bug #9349: IPSec service start/stop/restart fails after settings change
Hi Jim,
I do not think so. I captured the network traffic in the browser and can see the following request being s... Markus Stockhausen
07:50 AM Bug #9349: IPSec service start/stop/restart fails after settings change
This is most likely because your browser is refusing to refresh the page to update the controls because it would invo... Jim Pingle
07:17 AM Bug #9349 (Confirmed): IPSec service start/stop/restart fails after settings change
There seems to be some weird behaviour when changing things on the advance IPsec servie settings tab. As soon as you ... Markus Stockhausen

02/22/2019

12:08 PM pfSense Packages Bug #9348 (New): Results of Acme certificate issuance/renewal are not properly formatted
The results of an Acme certificate issuance/renewal aren't properly formatted. Even when there are no errors the resu... Isaac McDonald
11:21 AM pfSense Packages Bug #9347: Domain SAN list displays "Key Algorithm: HMAC-MD5, API Endpoint: portal.nexcess.net"
This happens because those options have drop-down selectors without a 'none' option (since it's required for their re... Jim Pingle
11:08 AM pfSense Packages Bug #9347 (Resolved): Domain SAN list displays "Key Algorithm: HMAC-MD5, API Endpoint: portal.nexcess.net"
The domain SAN list displays "Key Algorithm: HMAC-MD5, API Endpoint: portal.nexcess.net" regardless of the update met... Isaac McDonald
07:32 AM Bug #9344: OpenVPN click NCP Algorithms will always go to DH Parameters website(in Chinese-Taiwan)
There is a @</a>@ in the code, see source:src/usr/local/www/vpn_openvpn_server.php#L862 -- but it's run through @spri... Jim Pingle
12:29 AM Bug #9344: OpenVPN click NCP Algorithms will always go to DH Parameters website(in Chinese-Taiwan)
I found the problem.
HTML
請參閱〈a href="https://doc.pfsense.org/index.php/DH_Parameters"〉維基百科文章。
it's should add... Roll Stone
07:22 AM pfSense Packages Bug #9345 (Feedback): Quagga Ospf MD5 interface password truncated to 15 characters
Fix pushed. Will be available once the packages rebuild. Jim Pingle
07:20 AM pfSense Packages Bug #9345 (In Progress): Quagga Ospf MD5 interface password truncated to 15 characters
The code in the quagga was cutting it down to 15 characters, and that code was copied to FRR. Easy fix, will be up sh... Jim Pingle
02:03 AM pfSense Packages Bug #9345: Quagga Ospf MD5 interface password truncated to 15 characters
The same seems to be true for the FRR Ospfd package. Henning Rogge
01:40 AM pfSense Packages Bug #9345 (Resolved): Quagga Ospf MD5 interface password truncated to 15 characters
I am working with the quagga_ospf package for pfsense and noticed that the Web-GUI seems to cut of MD5 password strin... Henning Rogge
07:11 AM Bug #9346 (Not a Bug): Problem Check_MK port 6556
Issues on this tracker must be reported in English only.
Running the text through a translator, it looks like a su... Jim Pingle
04:38 AM Bug #9346 (Not a Bug): Problem Check_MK port 6556
Hallo,
habe check_mk seit vielen Jahren im Einsatz, läuft zu 100%.
Nun beim Kunden eine neue SG-3100 aufgestellt,... Richard Kohn
03:48 AM Bug #9338: igmpproxy ignoring downstream vlan interface
And it also ignores IGMPs from GRE interfaces:... Daniel Kucera

02/21/2019

09:24 PM Bug #9344 (New): OpenVPN click NCP Algorithms will always go to DH Parameters website(in Chinese-Taiwan)
OS:2.4.4-RELEASE-p2
When I using Chinese-Taiwan language.
And edit OpenVPN settings.
When click NCP Algorithms... Roll Stone
07:01 PM pfSense Packages Bug #9211: GeoIP broken in pfSense-pkg-ntopng-0.8.13_3
Any ETA on this please?
 B D
04:19 PM Revision a1032feb: Update privileges
(cherry picked from commit 3b3e31c248b8185372251f8bd2fbc2a95652a7ec) Jim Pingle
04:18 PM Revision 3b3e31c2: Update privileges
Jim Pingle
01:07 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
I've also ruled out some other possibilities below -
Not the issue:
https://docs.netgate.com/pfsense/en/latest/fi... Eduard Rozenberg
12:14 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
I can confirm my issue is the same as described by the other posters on this bug.
Logs show that filterdns claims ... Eduard Rozenberg
12:42 PM pfSense Packages Bug #9340: Buypass CA does not support wildcard
At Let's encrypt:
acme1: https://acme-staging.api.letsencrypt.org/directory
acme2: https://acme-staging-v02.api.let... Idar Lund
02:07 AM Bug #8463: Performance Regression in 2.4.3 under KVM
In the end I moved to FQ_CODEL so this ticket, while probably still an issue, can be closed. Anonymous
01:41 AM Bug #9343: diag_arp.php times out with large DHCPD leases table
I'm seeing slow or timed out page loads on systems with 10,000+ leases in the dhcpd file, 3.3mb+ in size. I'd review... Anthony Hernandez
01:38 AM Bug #9343 (New): diag_arp.php times out with large DHCPD leases table
the diag_arp.php file is reading and parsing the full dhcpd file for many items that it doesn't use or need.
 Anthony Hernandez

02/20/2019

08:24 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
Shortly after I posted my problem above 20 days ago, it started working again on its own.
Then today, it is again ... Eduard Rozenberg
07:09 PM Bug #9342 (Not a Bug): SSH To Public IP Of pfSense Router Bricks Firewall Until Restart On XG-7100
Either a forum thread or open a support case at https://go.netgate.com -- It's definitely not typical, I ssh to the W... Jim Pingle
05:50 PM Bug #9342: SSH To Public IP Of pfSense Router Bricks Firewall Until Restart On XG-7100
@Tim:
Alright thanks for the response, sorry for clogging up your bug system! Alex Trottier
05:32 PM Bug #9342: SSH To Public IP Of pfSense Router Bricks Firewall Until Restart On XG-7100
I would suggest moving this to the forums. This certainly isn't a common/reproducible bug otherwise we'd all be stuf... Anonymous
05:15 PM Bug #9342: SSH To Public IP Of pfSense Router Bricks Firewall Until Restart On XG-7100
To clarify what I mean by brick is that all network related functionality seems to cease, my openvpn connection goes ... Alex Trottier
05:08 PM Bug #9342 (Not a Bug): SSH To Public IP Of pfSense Router Bricks Firewall Until Restart On XG-7100
Coreboot version: ADI_PLCC-01.00.00.10
pfSense version: 2.4.4-RELEASE-p2
Issue:
While doing some pen-testing o... Alex Trottier
02:19 PM Feature #9341 (Resolved): Support DNS Made Easy authentication without a username
Currently, pfSense's help says that the username field should hold the "Dynamic DNS ID" (the same as the hostname), w... Matthew Fearnley
09:27 AM pfSense Packages Bug #9340: Buypass CA does not support wildcard
We can remove the "ACME v2" label from Buypass but the error message you quote doesn't appear to come from this packa... Jim Pingle
09:21 AM pfSense Packages Bug #9340 (Resolved): Buypass CA does not support wildcard
The BuyPass server is listed as "acmev2":
BuyPass Production ACME v2 (Applies rate limits to certificate requests)
... Idar Lund

02/19/2019

09:33 PM pfSense Packages Bug #9339 (Resolved): Misc typos in pfsense/FreeBSD-ports
I'm not entirely sure where this belongs, but I wanted to point out a cross-post of mine for fixing some typos in the... Bryan Stenson
02:18 PM pfSense Packages Bug #9322: telegraf "Additional configuration for Telegraf" lost configuration after reboot
I can confirm the same issue. Aaron Morris
12:15 PM Revision c93693aa: Remove www/squid from bulk list, it's listed as dependency now
Renato Botelho
09:20 AM Bug #1943: PPPoE won't reconnect after link loss when using vr(4) NICs on certain ISPs only
Seems the bug is still present in 2.4.4 (running on SG-2220).
We got a wan interruption (they cut the cable while do... Max Power
07:40 AM Revision 8897cbce: Outbound NAT and multiple IPSEC IPs for mobile warriors
christian christian
07:00 AM Bug #9338 (New): igmpproxy ignoring downstream vlan interface
Hi,
following config doesn't accept any IGMP joins on VLAN 13 interface:... Daniel Kucera

02/18/2019

07:19 PM Revision 28e3831c: Revert "Use the OpenSSL from ports for now."
This reverts commit d73d911c2a545d4485a3d752dd31759d4b96a445. Renato Botelho
07:19 PM Revision eb6653ca: Revert "Build p5-GSSAPI using MIT while using openssl from ports"
This reverts commit b018b7afc71b26a75699a920c2434459546e5254. Renato Botelho
07:19 PM Revision 2c5fafae: Revert "Disable other GSSAPI options to prevent conflict"
This reverts commit 6b2acc671a16a00d7cc2ee3813a65cccb2729a2f. Renato Botelho
07:19 PM Revision c7f35019: Revert "Make sure syslog-ng also uses openssl from ports"
This reverts commit bc16670bdf5147e46ea155004d7d540ab21b4fba. Renato Botelho
05:27 PM Revision bc16670b: Make sure syslog-ng also uses openssl from ports
Renato Botelho
05:26 PM pfSense Packages Bug #8329 (Closed): Cellular Package Change link to symlink
PR looks like it was merged Jared Dillard
02:41 PM pfSense Packages Bug #9318 (Resolved): Acme - standalone validation takes long time to start internal server
Should be fixed in the ACME pkg update I just pushed, 0.5.4 Jim Pingle
07:28 AM pfSense Packages Bug #9318: Acme - standalone validation takes long time to start internal server
Fixed: https://github.com/Neilpang/acme.sh/commit/97147b594b185786ef1d69ce0d85b70a91f0ccc9
:) Greg M
11:49 AM Feature #9336: Make Dynamic DNS update notification e-mail optional
Jim Pingle wrote:
> Many do, but they don't necessarily change every day. But usually if someone has dynamic DNS the... Sven L
11:39 AM Feature #9336: Make Dynamic DNS update notification e-mail optional
Many do, but they don't necessarily change every day. But usually if someone has dynamic DNS they want to know that i... Jim Pingle
11:37 AM Feature #9336: Make Dynamic DNS update notification e-mail optional
Jim Pingle wrote:
> And you are wrong about what the majority of users wants. We've had numerous requests over the y... Sven L
10:59 AM Feature #9336: Make Dynamic DNS update notification e-mail optional
Blocking on the server side is possible for many (e.g. sieve on self-hosted servers, gmail filtering, etc). Most mail... Jim Pingle
10:52 AM Feature #9336: Make Dynamic DNS update notification e-mail optional
Jim Pingle wrote:
> Removed "useless" from the subject and reworded.
>
> You could also filter this easily on you... Sven L
10:26 AM Feature #9336: Make Dynamic DNS update notification e-mail optional
Removed "useless" from the subject and reworded.
You may not want it, that does not make it useless. There are man... Jim Pingle
10:18 AM Feature #9336 (New): Make Dynamic DNS update notification e-mail optional
I'd like to keep pfsense email notifications enabled, unfortunately we have a dynamic ip that changes every day and w... Sven L
10:40 AM pfSense Packages Bug #9337 (Closed): Telegraf ping input fails
The telegraf ping input does not work correctly as it appears to use Linux specific command line parameters for the p... Aaron Morris
10:19 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
I've just downgraded a test-machine to 2.4.4 release, and that works fine. Keeping it there for a while. Robert Gijsen
07:52 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
2.4.4-RELEASE-p2, I've had this multiple times. At the moment I can even sort of reproduce it.
When adding hosts to ... Robert Gijsen
09:42 AM Bug #7425: dhclient not sending option 77
That is exactly what the GUI option will put into the config but you have to ensure:
1. That you check the "Enable... Jim Pingle
09:35 AM pfSense Packages Bug #9335 (Feedback): Stored XSS in HAProxy / haproxy_listeners_edit.php
fix committed in haproxy pkg v 0.59_16 and haproxy-devel pkg v 0.59_17
* https://github.com/pfsense/FreeBSD-ports/... Jim Pingle
09:19 AM pfSense Packages Bug #9335 (Feedback): Stored XSS in HAProxy / haproxy_listeners_edit.php
There is a stored XSS on haproxy_listeners.php via parameters submitted on haproxy_listeners_edit.php:
The followi... Jim Pingle
07:55 AM Bug #9325: problem with flexible limiter in multiWAN environment
EDIT:
I found a workaround, i.e. I've set up floating rules (direction = in; attached to LAN interfaces; GW = GW1 fo... Adam Lewandowski
07:25 AM Bug #8758: filterdns stops working on a regular basis.
This is a closed/resolved issue. If you have problems with filterdns, they are likely already covered by #9296 -- add... Jim Pingle
07:21 AM Bug #8758: filterdns stops working on a regular basis.
2.4.4-RELEASE-p2, I've had this multiple times. At the moment I can even sort of reproduce it.
When adding hosts to ... Robert Gijsen
06:42 AM Bug #7958: Upgrade 2.4.0: IP alias with FQDN doesn't work any more
filterdns has been rewritten since this bug report. If there is an issue now, it is likely covered by #9296 Jim Pingle
03:43 AM Bug #7958: Upgrade 2.4.0: IP alias with FQDN doesn't work any more
We're running 2.4.4-RELEASE-p2 (amd64), but the issue is still there for us. Over the last two weeks I've had two occ... Robert Gijsen
06:40 AM Bug #9328 (Not a Bug): Static routes set by system.inc for DNS gateway bindings are not binded on the good NICs
Doesn't matter what you choose for the interface, overlapping subnets and duplicate gateways are not supported. Jim Pingle
02:54 AM Bug #9328: Static routes set by system.inc for DNS gateway bindings are not binded on the good NICs
Hello,
I discovered that this behaviour was related to the current settings, with 2 gateways on the same subnet, s... Alexandre Anriot
 

Also available in: Atom