Activity
From 04/03/2019 to 05/02/2019
05/02/2019
-
09:50 PM pfSense Packages Bug #9211: GeoIP broken in pfSense-pkg-ntopng-0.8.13_3
- I got this working on my SG-3100 by copying files from:
https://centminmod.com/centminmodparts/geoip-legacy/
to... -
05:52 PM pfSense Packages Feature #9498: ACME Package: Sorting on name, expiration, etc
- The ACME package has been working flawless for me now, for well over a year, I've migrated all of my ACME certs to it...
-
The ACME package has been working flawless for me now, for well over a year, I've migrated all of my ACME certs t...
05/01/2019
-
02:58 PM pfSense Packages Bug #9492 (Assigned): Cannot reload remote haproxy via ACME package
- Yeah, you're right. I didn't have a setup to test that handy, but it would have to come earlier. I'll come up with a ...
-
02:51 PM pfSense Packages Bug #9492: Cannot reload remote haproxy via ACME package
- Jim Pingle wrote:
> Fixed in ACME pkg v0.5.6
I just tried this and it still throws an error, to the best of my un... -
- Fixed in ACME pkg v0.5.6
-
-
-
-
-
- Fixed in ACME pkg v0.5.6
-
10:14 AM pfSense Packages Bug #9495: AWS VPC VPN wizard produces incorrect config (SHA256 should be SHA1)
- So far I have been unable to replicate this.
Tested with a 7100 and 1100 against us-west-2 and us-east-2 using AWS W... -
- When you apply the settings at step 3 the GUI times out. If you check AWS suring that time the Virtual Private Gatewa...
04/30/2019
-
- When creating a new VPN using the AWS VPN Wizard the webgui times out at step 3 going to step 4 and also at step 4 go...
-
- It would be great to get the athp driver into a 2.5 snapshot for testing. Even if it's not loaded by default.
https:... -
09:53 AM pfSense Packages Bug #9495: AWS VPC VPN wizard produces incorrect config (SHA256 should be SHA1)
- Sorry, forgot to add: in looking over the download configuration from AWS, I noticed that it also recommends the Phas...
-
- I was trying to create a site-to-site VPN to my AWS default VPC in the us-west-2 region using the AWS VPC VPN Wizard ...
-
04/29/2019
-
10:19 PM Bug #9460: OpenVPN local auth failing due to fcgicli output
- OpenVPN auth both local and radius are now functioning for me
-
02:00 PM pfSense Docs Correction #9494 (Resolved): Feedback on VPN — IPsec — NAT with IPsec Phase 2 Networks
- *Page:* https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/phase-2-nat.html
*Feedback:*
https://docs.netgate.co... -
- That is not what the XMLRPC sync features was designed to do, or to be. It is only intended to be used for two nodes ...
-
11:33 AM Feature #9493 (Closed): XMLRPC Sync to ECMP clusters
- We scale PFSense by running ECMP though BGP and taking advantage of pfsync to keep up to six firewalls active simulta...
-
08:20 AM Bug #9491: Can't create vlans or change interfaces when logged in as AD-User via LLDP
- Jim Pingle wrote:
> Almost certainly a problem with your configuration, such as accidentally selecting "Deny Config ... -
- Almost certainly a problem with your configuration, such as accidentally selecting "Deny Config Write" on the group f...
-
- Sorry i ment LDAP in the subjects field not LLDP.
-
- Hello pfSense Team,
as described in the subject that pretty much the problem that i noticed.
Create a vlan and pr... -
-
-
-
-
- The ISO image behaves exactly the same. There is no output after root is mounted other than the interface state chang...
-
06:04 AM Bug #9488: No console when booting CE Memstick UEFI.
- ISO image is hybrid and can be used to boot using a flash drive. Can you try it to see if the results are the same?
-
- If I replace:...
-
- The acme instance cannot restart a remote haproxy service. I looked at the code and found this snippet: https://githu...
04/28/2019
-
11:49 PM Feature #8602: DNS over TLS host verification
- Similar results here. Mismatched FQDN for the server results in a certificate verify error for unbound:
Apr 29 04:48... -
- Getting parens on that interface. No rule loading errors:
eg. no nat on vtnet0 proto tcp from (vtnet0) to 172.25.236... -
- Looks good here. cp /dev/null /var/etc/unbound.conf then a save of the unbound configuration populated the file.
-
- This looks great to me. Searching and column sorting work.
-
- Nothing for pfSense to do there. That's all between FreeBSD and your hypervisor. Maybe choosing a different partition...
-
09:29 PM Bug #9490 (Not a Bug): PFSense fails to mount drives under KVM/QEMU
- I'm not sure if this is relevant to the pfsense code itself, but caught me this afternoon so will pass along for refe...
-
09:53 PM pfSense Packages Bug #9211: GeoIP broken in pfSense-pkg-ntopng-0.8.13_3
- Looks like it :(. Anybody knows how to do a quick workaround and install 3.8 manually? or can I download the old vers...
-
- You have a configuration error, probably a down gateway triggering state killing. Keep the discussion on the forum.
-
07:05 PM Bug #9489 (Not a Bug): pfsense with ha closing sessions when apply any rule, xmlrpc erros are shown
- Cloned from:
https://forum.netgate.com/topic/131916/pfsense-with-ha-closing-sessions-when-apply-any-rule
On XG-71... -
05:32 PM Bug #8235: The browser must support cookies to login
- I'm getting affected by this as well, under similar circumstances.
Jim Pingle wrote:
> Does the same thing happen... -
- Testing 2.5 snapshots. When booting the VGA Memstick image as UEFI there is no usable console presented.
This appl...
04/27/2019
-
12:33 PM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
- I currently have a DNS server configured in "System->General Setup" and have the DNS Resolver enabled so I can do loo...
04/26/2019
- 06:18 PM Revision b8d74978: Fix #9451: Enable build of zabbix 4.2
- 06:17 PM Revision 30335336: Fix #9451: Enable build of zabbix 4.2
- 05:43 PM Revision 1b5941eb: Remove zabbix 3.2 and 3.4 options
-
05:42 PM Revision f5adb939: Add Zabbix 4.2 config options
- (cherry picked from commit 169754517a586b259677025e551b8e972de310e5)
- 05:42 PM Revision 92e209a4: Merge pull request #4065 from dbaio/zabbix42
-
01:59 PM pfSense Packages Bug #9487: FRR package sending dual Hello packets on carp (OSPF)
- v 2.4.4 FRR 0.2_8
-
- There is not enough information here to identify anything with certainty. Nothing about the versions, your config, et...
-
- I have detected FRR package on an OSPF implementation sending hello packets related to the protocol, with 2 ips
car... -
-
- Applied in changeset pfsense:commit:30335336358db3bcdc0ede634a4f81b7f3273c7b.
-
- PR adding make.conf items was merged and original commit adding 4.2 to ports tree cherry-picked
-
01:08 AM pfSense Packages Bug #9451: Add Zabbix 4.2 (agent and proxy) packages
- 4.2 seems to be available in FreeBSD Ports now. https://www.freebsd.org/cgi/ports.cgi?query=zabbix&stype=all
-
01:16 PM pfSense Packages Bug #9486 (New): ifindex values used for softflowd are incorrect
- With this patch, we now pass ifIndex values to softflowd for inclusion in the flow packets:
https://github.com/pfs... -
- I went to set the pre-shared key on my own account. In the process, a browser form filler entered my password on the...
-
-
05:59 AM Bug #9431: Upgrading to 2.5.0 with devel/aws-sdk-php installed fails
- It is :)
Thanks!
04/25/2019
-
01:21 PM Bug #9484 (Closed): With proper timing on boot dhclient won't be started for WAN without manual intervention
- My setup
* Pfsense WAN (igb0) connected directly to ISP modem (configured as bridge)
* Pfesnse LAN (igb1 - with a f... -
-
02:18 AM Bug #9479: Alias table not updated when adding new entry
- Removed FQDN's - it didn't happen. Looks 9296 related.
04/24/2019
-
11:59 AM Feature #9104: Add a FAT32 partition to memstick installer images
- Just tried this rescuing a 2.4.4-p2 config.xml
System installed correctly, and config was restored, but packages t... -
12:29 AM Revision 6a4635fc: Unbound python mod - services.inc
- * Include any additional functions as defined by python script include file
* Add missing escapeshellarg()'s
* Make g...
04/23/2019
-
04:43 PM pfSense Packages Feature #9238: Add support for Zerotier
- I don't think my code would be of much use, I was just trying to get the package to work with the latest pfS version....
-
04:12 PM pfSense Packages Feature #9238: Add support for Zerotier
- Seconding this request!
It seems Corey has and ChanceM have already done most of the heavy lifting:
Ref: https... -
- It should be fixed in pfSense-upgrade 0.67
-
- Greg M wrote:
> Great!
>
> Are you able to replicate?
>
> If not what else can we provide to help troubleshoot... -
- Great!
Are you able to replicate?
If not what else can we provide to help troubleshoot it?
04/22/2019
- 06:49 PM Revision 40a8898b: Stop building zabbix 3.2 and 3.4 since they will be deprecated from FreeBSD ports tree in few days
-
- I'll work on it
-
- On a clean CE install using the default options the / filesystem is not mounted noatime.
This is leading to increa... -
- Zabbix ports versions 3.2.x and 3.4.x will be removed from FreeBSD ports tree in Apr 2019. Remove them from pfSense
04/21/2019
-
- We don't use precompiled binaries from other sites. It has to be in FreeBSD ports.
-
08:48 AM pfSense Packages Todo #9200: Add DNS support for Google domain to Acme manager
- I would also like to see Google Domains added into the list of supported validation methods.
04/20/2019
-
11:51 PM pfSense Packages Bug #9451: Add Zabbix 4.2 (agent and proxy) packages
- there is a freebsd package on official site https://www.zabbix.com/download_agents
04/18/2019
-
-
- Hi!
I have:
a) Removed all packages via GUI and upgraded, same error
b) Used command "pkg delete pfSense-pkg-... -
- PR: https://github.com/pfsense/pfsense/pull/4064
-
03:09 AM Revision 1ca156ea: Fix AzureV6 DynDNS client
- `AAAARecords` in the Azure DNS API is case sensitive
Documentation: https://docs.microsoft.com/en-us/rest/api/dns/re...
04/17/2019
-
03:24 PM pfSense Packages Bug #9481 (Closed): traffic totals documentation link goes to 404 page
- The question mark on the top right corner goes
Page not found: https://www.netgate.com/docs/pfsense/index.php/Traf... -
- Update: I was able to stop the warnings by disabling nat reflection.
Possible bug?
!https://forum.netgate.com/a... -
08:26 AM pfSense Packages Bug #9211: GeoIP broken in pfSense-pkg-ntopng-0.8.13_3
- It seems clear no one at Netgate is reading this ticket. :-(
-
- Try to replicate without the FQDNs. If the issue doesn't happen, then this can be closed in favor of the earlier ticket.
-
- Yes, it does contain a couple of FQDNs in both cases.
-
- Does the alias contain any FQDNs? Or only IP addresses and subnets? If it contains FQDNs, this may be a duplicate of ...
-
- On 2.4.4-p2 CE and arm - tested on MBT2220 and SG3100:
I can't replicate it every time - I would say the majority ... -
- That's not a syslogd problem, just a symptom of your misconfiguration. It can't send the packet out due to your broke...
-
06:32 AM Bug #9480 (Not a Bug): sylogd crash with misconfigured static arp entries
- Hi,
h2. My setup
* 2 pfSense boxes running in HA setup
* Remote logging enabled
* DHCP servers with failover ...
04/16/2019
-
- When pfSense is set to use an upstream proxy with authentication, the update check fails to run from the GUI. It work...
04/15/2019
-
- This seems more like a configuration issue, such as not having a high enough mbuf allocation setup.
Please post to... -
04:18 PM Bug #9477 (Not a Bug): 2.4.4-RELEASE-p2 + XG-1537 SFP+ port issue - critical
- If something is installed in the SFP+ Ports on the XG-1537 then the interfaces ix0 and ix1 will not come up during bo...
-
-
- * Ensure firewall info is generated when run from the CLI
* For SG-1100, also include its public key -
01:53 PM Revision b0945941: Fix a typo.
- Reported by: jimt
-
-
- Fixed in lightsquid pkg version 3.0.6_6.
-
- Docs have been updated.
-
08:08 AM pfSense Packages Feature #6226: Add usb_modeswitch to the pfSense package repo
- Jim Pingle wrote:
> usb_modeswitch has been available from the pfSense (not FreeBSD) repo for months now, including ... -
- usb_modeswitch has been available from the pfSense (not FreeBSD) repo for months now, including in the latest release...
-
- khaled osama wrote:
> update for pfsense 2.4.4
>
> run the following command to support pfsense 2.4.4
>
> pkg ... -
- Duplicate of #9352
-
09:05 AM pfSense Packages Bug #9475 (Duplicate): Monitoring "add view" bug
- 1. Open Status/Monitoring
2. Expand Settings
3. Click Display Advanced
4. Click Add View and then Cancel (or Esc)
... -
09:12 AM Bug #9476 (Rejected): pfSense 2.4.x sending ARP replies with non-CARP source MAC address
pfSense 2.4.x will send ARP replies for CARP interfaces with the local system's "real" source MAC address, instead ...-
07:57 AM Bug #9474 (Not a Bug): no default gateway after changing the wan interface ipv4 configuration type from dhcp to fixed ip
- what started the problem
- ISP unexpectedly changed it's router configuration from dhcp to static ip but all IP ar...
04/14/2019
-
02:15 PM
Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
- With WAN down and that being the only default route, this should result in an "No route to host" error, and no connec...
-
02:08 AM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
- Well I think it's only because ews.netgate.com is down. I've override the host to localhost and this solves the probl...
04/13/2019
-
10:38 PM pfSense Packages Bug #9473 (Resolved): Lightsquid 1.8_5 doesn't ensure line breaks between cert and key when generating cert.pem file
- similar to stunnel Bug #9118
If user imported key doesn't contain a trailing line break, the cert.pem will not con...
04/12/2019
-
05:18 PM Bug #9472 (Resolved): Unable to select QinQ interfaces for PPP interface
- After a QinQ interface has been created eg. vmx0.13.2 , this interface isn't available in the drop-down menu when sel...
-
03:23 PM
Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
- Hello Gentlemen,
Been sandbagging this thread as I've ran into this issue several times and I think I have an easy... -
02:31 PM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
- https://ews.netgate.com/copyright is down right now (504 Gateway Timeout): all attempts at loading the dashboard are ...
-
01:09 PM Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected.
- Speaking from some recent experience:
This behavior interferes with troubleshooting if the root cause is a WAN fai... -
- Since 3 hours I'm having the exact same issue!
-
02:52 PM Bug #9471 (Resolved): GIF tunnel not added to interface group after reboot
- Hello!
I have a GIF tunnel (gif0, opt4, TUN_6IN4_HE) configured as part of an interface group (PFORWARD_WAN). It g...
04/11/2019
-
- 12:00 PM Revision 503df8f6: Enable Telegraf build on ARMv7
-
- Applied in changeset commit:4b70a2006e6afb7813344eec8cafb8570e67256b.
-
- If @/var/unbound/remotecontrol.conf@ is empty, it will not be rewritten. The code to write the file checks that the f...
04/10/2019
-
02:11 PM Feature #1189: Gateway: Multiple monitor ips
- Yep. I want that too. Just my Parents hadnt Phone, because my PoolDNS IP went down and it switched over to only Inter...
-
- With an HA cluster synchronizing settings via XMLRPC, when the last ATLQ traffic shaper queue is deleted that change ...
-
- With an HA cluster synchronizing settings via XMLRPC, when the last limiter is deleted that change is not reflected o...
-
- Shamelessly copied from #7066 since it's the same issue here.
Attempting to configure traffic shaping on a pfSense... -
- Once upon a time that was necessary to see the return traffic. The most recent version of @dhcrelay@ now supports a c...
-
- Hello!
Not sure if this is dhcrelay's intended behaviour, but it is listening on the upstream interface when it's ...
04/09/2019
-
06:31 PM Bug #9465 (Duplicate): Lost default gateway after recover from failover with CARP VIP and HA
- Hi all
This problem is still (or again) reproducable with 2.4.4p2.
https://redmine.pfsense.org/issues/8465
-
04:47 PM Feature #8645: Upload certificate file instead of pasting
- Just submitted: https://github.com/pfsense/pfsense/pull/4063
-
- check_reload_status 0.0.10 fixes the original issue, this can go back
the way it was.
This reverts commit ce76f29985...
04/08/2019
-
- check_reload_status 0.0.10 should fix it
-
- Tested a potential change from Renato and it appears to work as expected...
-
- Looks like the issue in fcgicli should be addressed as a better fix. Assigning to Renato per his request.
-
- The Netgate Hardware with Marvell 6000 Series internal switch lack of the LACP feature on the external ports.
This b... -
- Duplicated by #9460 but it has the cause and fix there, so closing this one.
-
07:29 AM Bug #9463: Extremely Slow Performance with Chelsio NICs on Hyper-V (Only Pfsense Impacted)
- Thanks for the reply. In theory, I entirely understand where you are coming from. What I am struggling with signifi...
-
- If pfSense is connected to a virtual switch it has no way to know what kind of network adapter is tied into that swit...
-
- I have a multi-node Hyper-V cluster, each with an Intel X540 10G NIC and a Chelsio T540-BT 10G NIC. The Intel NICs a...
04/07/2019
-
10:38 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port
- Hi All,
I have experienced the same issue as reported in the bug descrip.
I have also discovered when searching... -
03:21 PM Bug #9447: Configuring LAGG at XG-7100 Switch Ports Broken
- Daniele Palumbo wrote:
> +1 as i was about to report the same bug.
> I think the following is the fix, applicable t... -
- +1 as i was about to report the same bug.
I think the following is the fix, applicable to 2.4.4p2
https://forum.net... -
- This already works if you put the hostname in the alias to start with. If you have more questions, post on the forum.
-
09:50 AM Feature #9462 (Rejected): auto alias update
- I think it would be great to add a feature to update automatically the ip address lists for a dns record involved in ...
-
02:23 AM pfSense Packages Todo #9200: Add DNS support for Google domain to Acme manager
- Adding a request for this myself.
04/06/2019
-
10:18 PM pfSense Docs Correction #9461 (Closed): Feedback on Services — DNS — Configuring the DNS Resolver
- *Page:* https://docs.netgate.com/pfsense/en/latest/dns/unbound-dns-resolver.html
*Feedback:*
I think the explan... -
11:04 AM Bug #7918: Nightly error reloading rules
- Ok in my case the error was caused by me accidentally setting two queues to the same priority on FAIRQ.
So to avoi... -
09:47 AM Bug #9357: rc.newwanipv6 called regardless of REASON
- A dirty patch I am using for now is adding these lines in /var/etc/dhcp6c_wan_script.sh...
-
04/05/2019
-
- Applied in changeset commit:ce76f299853dccb036de229f08a30013593c98fd.
-
- OpenVPN local auth is failing on 2.5.0, due to what appears to be a change in fcgicli output.
Testing with @set -x... -
- You are right. I could swear when I did that it was the other way, but I don't see any history of that being the para...
-
- I get pf warning spam non-stop
@pfr_update_stats: assertion failed.@
!1554493871691-a1c96692-b5ae-4d45-9f73-719... -
- Not enough information. This is most likely a configuration or environment issue. Please post on the forum to discuss...
-
11:03 AM Bug #9458 (Rejected): IPSec cannot use under more than 2 phase1 rules
- for example:
I have 4 pfsense devices, A,B,C,D
I add 3 phase 1 rules in device A in IKEv2 to connect B(con1000) C... -
- They have to be kept up-to-date or otherwise when someone chooses to enable bogons later, they could be very outdated...
-
03:21 AM Bug #9455 (Rejected): Disable fetching of bogon tables when not used
- If all interfaces has "Block bogon networks" unticked I would expect that periodic fetching of bogon tables was not n...
-
- Can't reproduce the problem as stated. When the form is filled in and saved, the values all stay as expected. Even wh...
-
03:38 AM Bug #9456 (Rejected): pfsense clears given smtp auth fields
- Configuring smtp-auth for smtp.gmail.com:
E-Mail-server: smtp.gmail.com
SMTP-Port: 465
Secure SMTP Connection: y... -
- There are no DHCP options available that work from the system tunables tab.
-
05:40 AM pfSense Docs Correction #9457 (Rejected): Feedback on Services — IPv4 DHCP Server
- *Page:* https://docs.netgate.com/pfsense/en/latest/book/services/ipv4-dhcp-server.html
*Feedback:*
Please add a... -
05:26 AM Feature #4632: Support for Multipath TCP (MPTCP)
- +1
would be great to have -
05:06 AM Feature #4632: Support for Multipath TCP (MPTCP)
- +1
Support for mptcp would be greatly appreciated
04/04/2019
-
11:06 PM pfSense Docs New Content #9454 (New): Add examples of Snort Suppression Lists to stop alerts based on source and destination IP addresses
- *Page:* https://docs.netgate.com/pfsense/en/latest/packages/snort/suppress-list.html
*Feedback:*
The documentat... -
- Environment: SG-1000
Not sure if this is valid in other environment.
Upon boot, all the VLANs get orphaned.
Th... -
03:57 PM pfSense Packages Bug #9020: Impossible to register ACME wildcard certificate regardless documentation
- Same Bug here:
Version: 2.4.4_2
Same Config: Issue/Renew --> Bug goes away!
I have see the Bug more then one (... -
02:55 PM Feature #1257: Handle encypted CA/Certificate private keys
- I made a preliminary PR that adds support for encrypted private keys to the CA, certificate, and user managers.
Woul... -
05:41 AM Feature #9452: Add Gandi LiveDNS DynDNS client.
- PR created https://github.com/pfsense/pfsense/pull/4061
-
- Add Gandi as a DynDNS client using the LiveDNS API (see doc https://doc.livedns.gandi.net/)
I will commit a PR in ...
04/03/2019
-
- It's not in FreeBSD ports yet.
-
04:38 PM pfSense Packages Bug #9451 (Resolved): Add Zabbix 4.2 (agent and proxy) packages
- https://www.zabbix.com/documentation/4.2/manual/introduction/whatsnew420
-
04:41 PM Revision cd39f5e7: Merge pull request #1 from Augustin-FL/patch-captiveportal-trim
- Also trim if() statement
-
- confirmed same problem here, never seen it before then out of nowhere suddenly no type of rule update can be carried ...
-
- 3 minutes sounds about right for a DNS-based changeover. It takes time for DNS updates to propagate and be noticed. T...
-
02:26 AM Bug #9444: Multi-WAN IPsec does not fail over with Gateway Group, needs restart
- Mouad Mimouni wrote:
> Jim Pingle wrote:
> > There isn't enough information here to speculate as to the cause or fi... -
06:01 AM Bug #9450 (Resolved): Multiwan gateway group fail-over not working as expected (possible race condition)
- Multiwan gateway group fail-over not working as expected. After a link state change is triggered by dpinger (rc.gatew...
-
- I noticed a couple of empty lines in some forms, which are caused by using @addInput@ instead of @addGlobal@ to add h...
Also available in: Atom