Activity
From 07/15/2019 to 08/13/2019
08/13/2019
-
09:33 PM Feature #7158: Captive Portal should have logs facilities for blocked sites
- Reverse DNS almost never bears a relationship to a website these days. You'll only get a random CDN or other hosting ...
-
09:31 PM Feature #7158: Captive Portal should have logs facilities for blocked sites
- Jim Pingle:
Having the IP address being requested I could make a reverse lookup to identify the owner of the IP th... -
- The firewall has no way to know what any of that is. It sees a request to an IP address on port 80, for example, and ...
-
- Jim Pingle:
Since it was rejected. Please tell me an alternative to get the address that is being redirected to t... -
- The subject says Captive Portal, description says proxy. Captive Portal doesn't block sites, it redirects everything ...
-
- The base install includes vi and ee, and you can edit remotely via scp.
It's meant to be a firewall not a general ... -
07:59 PM pfSense Packages Feature #9682 (Rejected): Please supply Emacs
- Emacs is not installed by default, and is not available as a package for installation. For emacs users, pfSense is ef...
-
- Hard to say what will help when we don't have much to go on. You'd pretty much have to setup a lab box and then add b...
-
07:38 PM Bug #7382: DNS Forwarder does not resolve DNS names on first boot
- I believe we have one of those edge cases that still requires the forwarder - we need to specify a source IP for host...
-
- I wouldn't say "not supported", but not preferred. We prefer to focus any development toward the DNS Resolver. There ...
-
- I can confirm this is still an issue, but am I to understand that DNS Forwarder is no longer supported and that all f...
-
- Old report and no recent recurrences. DNS Forwarder is no longer the preferred resolver, if it's still and issue with...
-
- OK, thanks for the update!
-
07:10 PM Bug #7298: IPv6 on a second interface doesn't work until the router is pinged
- This issue stopped at some point. I don't recall if I did something, or an update took care of it or what, but I'd c...
-
06:50 PM pfSense Packages Feature #4503: GNUGateKeeper H.323 Proxy Package
- Jim Pingle, this is very good news, I'm really looking forward to this package, but I'm not sure that this package pr...
-
- If someone wants to package that up properly and submit a PR, we can consider it for inclusion as a package.
-
06:40 PM Revision 083a9a82: Disable packages that don't build on armv7
-
- Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l...
-
- Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l...
-
- Old report and no recent recurrences (plus I can't reproduce it). Lots of things in this area have changed, so most l...
-
- Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l...
-
- VLAN interfaces no longer have enabled controls to set the MAC, so this is moot. See #1337
-
- Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l...
-
- Likely solved by the linked PR and no feedback either way from OP. Closing.
-
- Can you re-test this on a current release or development snapshot? Preferably a 2.5.0 snapshot.
-
- I'm not sure if we can do this. A lot of this is hardware-dependent, and unfortunately, OpenSSL 1.1.1 seems to have m...
-
- Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l...
-
- Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l...
-
- That patch was removed long ago, and is not included in pfSense 2.4.x or 2.5.x. Doubtful there is anything to do here...
-
- Is this still a problem? There have been lots of DynDNS changes since this report, but I don't see anything that look...
-
- relayd has been deprecated and removed from 2.5.0
-
- Looking at /etc/rc.newwanip it does appear to make more sense to configure before killing the old states.
-
- PR link: https://github.com/pfsense/pfsense/pull/4077
-
- This should just be a matter of adding @'encryption_password'@ to the @$cdata_fields@ array in @etc/inc/xmlparse.inc@.
-
- Duplicate of #6881
-
- For that to work you need EAP, which is not something the base system is going to be able to do easily. Fortunately i...
-
- For most use cases, DNS over TLS has made this unnecessary. For others, there is #9315
-
- Ping is not likely to be helpful or useful in most cases. For mass pings, use the nmap package.
There is a status ... -
- There is no 'release' or 'renew' action for the server to perform. Those must be done by the client.
Displaying th... -
- A refresh button would definitely be useful.
The current "Update" button updates the table from a remote source, l... -
- Most likely solved by #9466 or other changes in the last few years.
-
- There is no viable mechanism to pull this off. It isn't supported in pf, and there are no built-in long-term traffic ...
-
-
- There are more available now:...
-
- This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... -
- These tools were removed a while ago, as they were no longer working. See #9275
-
- Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l...
-
- This still happens but there isn't much we can do about it, and even if we could, I'm not sure it would be helpful. T...
-
- The root issue is definitely #4068, but an option was added to bypass this check in #9001 so this is a duplicate twic...
-
- Duplicate of #8365
-
- Duplicate of #8694
-
- This was fixed long, long ago.
-
- Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l...
-
- I don't see any evidence that it's currently supported on FreeBSD. If a FreeBSD implementation happens and someone wa...
-
- I don't see anything actionable here. There is only so much we can do to prevent foot-shooting.
-
- The solution is as others stated, disable the default rules (or logging of same) and create your own rules that do wh...
-
- Old version of pfSense and Hyper-V from years ago, unlikely to be a current problem. Test on 2.5.0 and if it still ha...
-
- This was solved a while back, likely with PR https://github.com/pfsense/pfsense/pull/3842 (commit:807160e9db2e7fe2296...
-
- PR Link: https://github.com/pfsense/pfsense/pull/4078
-
12:03 PM Feature #9661: Increase the number of DHCP/DHCPv6 NTP server options to three (or more)
- sorry i was still writing, i will do the pr later on
-
- this need to go on services_dhcpv6.php
line 154... -
- Submit that as a PR and we can test/merge it much easier.
https://docs.netgate.com/pfsense/en/latest/development/s... -
- pls we ask to add this on services_dhcp.php at least ntp3
line 175 -> ... -
- right i have local ntp stratum 1 servers myself but i configure ntpd manually, i had never thought of it before ... ,...
-
-
- See also: #6556
-
- Duplicate of #7903
-
- I'm pretty sure this was all fixed in https://github.com/pfsense/pfsense/pull/3199 and maybe additional PRs.
-
- Old report, this was several OS and OpenVPN versions ago, and no recent sightings.
-
- NanoBSD has been deprecated for a while now.
-
- There was some recent work on notifications that may help here, but some people may need to know about this progress,...
-
- A lot has been fixed here in the years since this report.
-
- Between installer changes and Hyper-V changes in the last 3 years, this doesn't seem to be an issue for users anymore.
-
-
- This will be moot on 2.5.0: See #8350
-
- This is unnecessary. You can run @pkg upgrade --fetch-only@ or @pkg upgrade -F@ and it will offer to download before ...
-
- I've seen this working recently (other filterdns issues notwithstanding).
-
- Upgrades that do not need a reboot are extremely rare, and the release announcement/upgrade notes will state whether ...
-
- This works fine but you have to navigate straight to the voucher page(s) with the correct zone in the URL.
It can'... -
- There isn't a viable way to do this in base SNMP. You can script up something with the NET-SNMP extend feature withou...
-
- There isn't a way to revoke a lease from either IPv4 or IPv6 DHCP server status/leases pages. I'm not sure if there i...
-
- If someone wants to make PR to show this info in the GUI somewhere, we can consider it. But adding a whole column for...
-
- Duplicate of #5074
-
- @virusprot@ is the only base table left using this, so I don't think we need to change it anymore.
-
- This has been in place for some time now for hardware we can predict. The OS is a bit smarter in other situations as ...
-
- The request isn't clear. If you mean allow choosing an interface for the external IP address of 1:1 NAT, I doubt we'l...
-
- Note: If this gets implemented, input validation should reject choosing this with IPv6 or IPv4+6 rules since IPv6 has...
-
- This has been in place for some time now.
-
- No further requests and given how quirky sticky is already, I doubt this would help much.
-
- This has been in place for some time now, and the graphing library has changed since this was opened.
-
- No longer relevant. It's automatic for ZFS and is already enabled where needed.
-
- This installer has been completely changed out since this was opened.
-
- The IPsec daemon and other subsystems have changed a lot since this was opened. If it's still an issue, please post o...
-
11:10 AM pfSense Packages Bug #8251: Captiveportal + FreeRadius "Last activity" resets to Session start
- Really? I checked the changelogs before and didn't see anything too interesting.
Also since I am somewhat afraid of ... -
- There have been lots of Captive Portal changes since this was opened, you should re-test on a 2.5.0 snapshot to see i...
-
10:45 AM Bug #9258: Error deleting tunnel type P2 when mixed with VTI
- Problem remains on 2.4.4-RELEASE-p3
Work-around works. -
- This has been fixed for a while. There is still one issue on snapshots (#9478) but that bug has more current informat...
-
- This is almost certainly solved via pure NAT reflection. Open a new issue with current info if it is not.
-
-
- I'm fairly certain this has been solved, either by #4863 or by one of the various OS upgrades that have happened sinc...
-
- Needs re-tested on a current release or development snapshots (preferably 2.5.0 snapshots)
-
-
- As far as I'm aware this isn't currently an issue any longer.
-
- No timely and meaningful feedback received.
-
- PR was closed, so this shall follow.
-
- Is this still a problem, even on 2.5.0 snapshots?
-
- No feedback received.
-
- Either this has been resolved, or it may be a package issue. Either way this specific issue can be closed. If it can ...
-
-
- Can you test this again on a 2.5.0 snapshot? There have been other DHCP Relay changes and it may be solved.
-
- Cannot reproduce
-
- No feedback received.
-
- No feedback received.
-
10:10 AM Bug #1819: DNS Resolver Not Registering DHCP Server Specified Domain Name
- Lynn Dixon wrote:
> I am still wishing this would get fixed as well. Not much traction on my bounty thread either.
... -
- No feedback received.
-
-
10:00 AM pfSense Packages Bug #9573: GeoIP database FAIL to download - Suricata package
- I do not believe this represents an actual bug in the Suricata package. The user was attempting to follow one of the...
-
-
- Duplicate of #1819
-
- Old and misfiled. Resubmit if it's still an issue.
-
- Something like this was implemented long ago.
-
- This is possible with FRR.
-
-
- AFAIK This is because last I looked, miniupnpd doesn't support its "masquerade" options on FreeBSD/pf like it does on...
-
-
-
- PR was merged years ago
-
- Unlikely we can do anything for that. Try a 2.5.0 snapshot, the FreeBSD 12 base likely behaves better.
-
- Outbound NAT rules with a CARP VIP like that are 100% manual, there is no mechanism to update those automatically sin...
-
- PR was merged over a year ago.
-
- Not enough information here for a valid bug report.
-
- Can you submit those patches as a PR?
-
- Not enough here to say what's going on, start a forum thread if it's still a concern. Bypass LAN wouldn't have anythi...
-
-
- This isn't really viable, since there wouldn't be way for it to be useful to most people. It might get close if you h...
-
- Either this has been fixed or I just can't reproduce it. Link goes to the main docs page since there is no specific p...
-
- PR was merged months ago
-
- Seems more like a general dashboard issue rather than a package-specific issue, but there may not be a good way to so...
-
- Can you test this with the current version of FRR (preferably on 2.5.0, if 2.4.4 doesn't work)?
FRR OSPF underwent... -
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- This has been in and working fine for a while.
-
- Ended up adding this back, AFAIR it was an issue with the ordering of the statements. It's been fixed (properly) for ...
-
- PR has been merged. Thanks!
-
05:41 AM Feature #2358: NAT64 support
- Another upvote. Would ease migration to IPv6-only LAN tremendously.
08/12/2019
-
01:08 PM pfSense Packages Bug #9681: [Monitoring] New views title are always in lower case.
- At older systems I still have titles with mixed case. But new titles are in lower case.
-
- If I add "CamelCase" I will get "camelcase" as title.
With mixed upper and lower case the titles are more readable.
-
- Great, thanks for testing!
-
- There a no more new default tabs and removed the old one successfully with viconfig.
Thank you!
You can close t... -
- I pushed a fix to avoid creating those extra "default" views, though they still cannot be deleted. You will have to m...
-
-
- The first bug is fixed. Thank you!
On cancel I still get new "default" views:... -
- I was able to reproduce the problem here.
I pushed a new version of Status_Monitoring which corrects the usage of ... -
- That XML result looks like what happens when there is an attempt by the code to use an uninitialized array. Shouldn't...
-
- I added "WAN" as new View and got "wan" in lower letters. Why lower letters?
I removed it and now I can't add a new ... -
07:45 AM Feature #9680 (New): Seperate DHCP Server and relay per interface
- Hello, as of now if you have dhcp relay enable you cannot enable the dhcp server on any other interface. It would be ...
-
-
02:18 AM Todo #9367: Update SMART Page with new capabilities
- Tested. Looks good.
-
-
- This looks like it should be added on a per-subnet basis instead of globally. As this patch stands right now if you d...
-
-
- This looks like it works great. It tracks window size on login and changing window size on-the-fly. Welcome change. T...
-
-
- Verified MTU settings are stored and applied properly. Loogs good.
-
07:23 AM Bug #7116: a floating 'match' rule on LAN does not put traffic from a broswer on a clientpc into a shaper queue
- Im seeing this issue also on 2.4.4-RELEASE-p3 (amd64). I have several queues setup and sometimes traffic ends up in ...
-
12:28 AM pfSense Packages Bug #8811: in pfblockerng when change Rule Order generates duplicate all rules.
- Its best to move to pfBlockerNG-devel which has this issue fixed plus many other improvements. These changes are not ...
-
- If you are using RAMdisks, its not recommend for packages that store data in the /var folder as that folder is wiped ...
-
- The pkg uses the following service for ASN information:
https://api.bgpview.io/asn/8786/prefixes
Also BGP HE:
ht...
08/11/2019
-
-
- Tested. Table populated with last URL contents under 2.4.4-p3 and both URL contents using latest snapshot. Looks good.
-
-
- Tested. Group names longer that 16 characters are allowed only if the group type is Remote.
-
-
08:18 AM Bug #9357: rc.newwanipv6 called regardless of REASON
- Actually the script posted above is only used if "don't wait for RA" is set, otherwise the "old" script is still used...
-
- There is not enough information here for a valid bug report. Please start a thread on the forum and provide a lot mor...
-
07:19 AM Bug #9678 (Rejected): DHCP Relay (IPv4)
- DHCP Relay doesn't work.
Have DHCP server on my network, use pfSense to relay to that server, but clients don't ge... -
07:30 AM Feature #9661: Increase the number of DHCP/DHCPv6 NTP server options to three (or more)
- Yes, it is the role of ntpd, ntpdate, chronyd, etc. to make decisions on the quality of the clocks, and yes for most ...
-
- The "falsetickers" check is the role of ntpd / ntpdate which must be configured accordingly. however the dhcp client ...
08/10/2019
-
- I am referring to the number of NTP servers that pfSense send to DHCP clients as part of a DHCP exchange; I am not ta...
-
- you are talking about NTP servers but the client need only one address, you can configure the server to have as many ...
08/09/2019
-
09:26 PM Bug #9677 (New): Dashboard hangs when widget needs data from a remote host which is down
- The pfsense dashboard will take a very long time to load (30sec to 1minute) when it contains a widget that needs data...
-
- See also #9669 for another problem that appears to be related, and which also appears to be fixed by this patch.
-
- That's great! I think it's fairly safe to say that this can be closed out as a duplicate of #9466 (different symptoms...
-
01:08 PM Bug #9669: dhcrelay stops working after certain time
- After more than 80 hours of service uptime for dhcrelay, I've restarted the Server and the address assignment process...
08/08/2019
-
06:35 AM pfSense Packages Bug #9676 (New): AS lookup fails
- Using pfBlockerNG-devel 2.2.5_23
Trying to permit AS8786 gives no results (Other ASN works):... -
12:09 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
- Justin J: I took your advice and posted on the forum and was promptly referred back here. Here's the link in case y...
08/07/2019
-
-
- I was already in there fixing something else which, as it turns out, had a similar root cause, so it all worked out.
... -
02:50 PM pfSense Packages Bug #9675: ACME package "domain alias mode" is ignored
- Jim Pingle wrote:
> This should be fixed in ACME pkg version 0.6.2, which is building now.
That was quick! Update... -
- This should be fixed in ACME pkg version 0.6.2, which is building now.
-
- The domain alias mode check box seems to have no affect.
Expected result: --domain-alias added to to the acme.sh c... -
- (cherry picked from commit 6e0d47510ee553f5219c08c097c32d377985822b)
-
-
08:29 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
- That sounds like it might be something else Tom. Check your output from the CLI with: pfctl -T show -t ALIASNAME
If...
08/06/2019
-
05:06 PM pfSense Packages Feature #7449: feature request for openvpn-client-export package, add the support for openvpn up and down script, for mapping network drive
- Pippin MMD wrote:
> This seems like not so good idea to me.
> One could setup a "Free VPN service" and execute scri... -
- Most of you are more experienced at this than me so please be tolerant if this is a dumb question.
I added a Fir... -
04:10 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
- I second Justins message / question. pfSense is completely unusable after 2.4.4 initial release. With filterdns not w...
-
- This should be fixed in ACME pkg version 0.6 which will be up as soon as it builds.
-
10:37 AM Bug #9674 (Resolved): hidden OpenVPN settings are validated and written to file
- I had two instances where configurations not visible on the OpenVPN server creation window were affecting saving the ...
-
-
02:39 AM pfSense Packages Feature #7794: FRR pkg pfsense no metric-type option in OSPF redistribute section of web-interface
- Tried latest stable 2.4.4-p3 with 6.0.2, everything is fine, I can assign metric type on any types of redistributed r...
-
-
- Tried on latest stable 2.4.4-p3 with 6.0.2, it works fine, stub areas are handled by cisco router without issue.
-
- Thanks, I'll try it out and report back in a few of days.
-
02:06 AM pfSense Packages Bug #8811: in pfblockerng when change Rule Order generates duplicate all rules.
- I experienced this bug in an even worse manner. It duplicated all rules until my pfSense installation crashed with an...
08/05/2019
-
- Also experiencing this issue on 2.4.4-p2 and now 2.4.4-p3. If FQDNs are remove the table updates correctly. Due to ...
-
-
04:25 PM pfSense Docs Correction #9673 (Closed): Feedback on Installing and Upgrading — Download Installation Media
- *Page:* https://docs.netgate.com/pfsense/en/latest/book/install/download-installer-image.html
*Feedback:*
Custo... -
- *Page:* https://docs.netgate.com/pfsense/en/latest/backup/autoconfigbackup.html
*Feedback:*
Page needs to be up... -
- *Page:* https://docs.netgate.com/pfsense/en/latest/hardware/selection.html
*Feedback:*
"The SG-1000 firewall is... -
- Not an ideal solution but it does ensure that FRR routes function after
an IPsec event. -
- *Page:* https://docs.netgate.com/pfsense/en/latest/backup/index.html
*Feedback:*
Reference to pfSense Gold Subs... -
- commit:f427d68dbca5ed9941b3bc01be1c4d81417c134f is the one for RELENG_2_4_4
-
- Thank you for the quick response.
I can try out the Patch, but the issue is to minor to switch to a development re... -
- Can you test this, at least temporarily, on a 2.5.0 snapshot? Changes were made for #9466 which might affect this beh...
-
- Edit:
Found some other reports on the Forum:
https://forum.netgate.com/topic/136135/pfsense-2-4-4-dhcp-relay-i... -
- dhcrelay service stops working after a few days runtime of the process.
I have one host connected to igb5.8 (opt1) w... -
- Second solution is better but still not ideal. Rather than restarting all packages, when IPsec is reloaded via rc.new...
-
- Applied in changeset commit:15701e03e36051907a23ddbe5ab04f42c94c0944.
-
- Not an FRR issue. The IPsec interface goes away and comes back, and it never latches back on. FRR needs to be restart...
-
- Confirmed same behavior on latest 2.5.0 snapshots.
-
- Running /etc/rc.newipsecdns breaks FRR BGP on VTI interfaces
Create a simple FRR BGP session across an IPsec VTI
... -
- There is not enough information here for a valid bug report. This site is not for support or diagnostic discussion.
... -
12:28 AM Bug #9666 (Rejected): RADIUS Accounting Failed
- Radius Accounting failure after update. No problem with previous version (2.4.4-P2)
-
05:49 AM Bug #9634: rc.newwanipv6 is called although dhcp6c should discard Request messages
- Seems to work just fine.
(I had to disable the periodic reset of the PPPoE-(WAN-)Interface for the test to work, bec... -
03:00 AM Bug #9667 (Duplicate): Dynamic DNS is not updated when used with a Multi WAN gateway group
- Hi.
I have recently upgraded my pfSense installation from a custom Supermicro server (old 2.1 version) to a NetGat...
08/04/2019
-
04:00 PM pfSense Packages Bug #9665 (Resolved): acme.sh deleting A record for domain along with TXT record for _acme-challenge
- I was trying to set up a LetsEncrypt certificate for my domain using Linode's v4 DNS API. I was able to generate the ...
08/03/2019
-
10:00 AM Bug #9664 (New): DynDNS and Dual-wan problem with CloudFlare (works with No-Ip)
- I have a simple setup with dual-wan links and dynamic IPs. I use a No-ip Round Robin setup like this...
-
06:26 AM Bug #9663 (Resolved): panic on boot when IPv6 option "Do not wait for a RA" is enabled
- When pfsense reboots, it hangs in a boot loop because of a kernel panic.
It is reproducable that it occurs when the...
08/02/2019
-
04:24 AM Feature #1682: second MAC address for one IP address
- Just tested this on the most recent release (2.4.4-RELEASE-p3) and it is not a problem anymore to have the same IP an...
-
03:02 AM pfSense Packages Bug #9662 (New): PfblockerNG do not update after pfsense reboot and wait for next cron task
- After rebooting pfsense, pfblockerNG do not launch cron process to update and wait for next cron time.
While next ...
08/01/2019
-
10:18 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
- Netgate SG-4860 running 2.4.4-RELEASE-p3 (amd64). At least twice I've experienced issues, I assume involving filterd...
-
- It is considered a general best practice to use at least three NTP servers to help identify "falsetickers" (bad clock...
07/31/2019
-
08:16 AM pfSense Packages Bug #9619: FRR - Prefix Lists
- thank you for your willingness to find out what i could have meant,
but really my problem was:
i really could not u... -
- Jarek Nowak wrote:
> Also i did not ask for you validating my rules, if so your answer would be wrong because allowi... -
- Jim Pingle wrote:
> The first rule is wrong because a prefix list must contain prefixes, thus it should be @0.0.0.0/... -
- You are using ZFS, those instructions are for UFS. You might have some other unrelated issue here, but this site is n...
-
02:36 AM Bug #9659 (Not a Bug): Failed to remount in single user mode when trying to reset password
- We were using pfSense CE 2.4.4. Since we accidentally
forgot our console admin password, we followed the instruction... -
05:50 AM
Bug #9660 (Resolved): Syslogd keeps using old IP address after interface IP address change
- - Have syslog configured to send log messages using a particular LAN interface
- Check Diagnostics > Sockets, you se... -
05:19 AM
Bug #9658: Gateway monitor IPs are being put into the routing table
- In scenario 1, the firewall is sending traffic out to interfaces it's not supposed to do.
In scenario 2, the monit...
07/30/2019
-
07:05 PM pfSense Packages Bug #9655: NUT missing from netgate UI
- Wow ... yes it is; thank you! ;)
-
- Its in your Screenshot as "UPS".
-
12:58 PM Bug #9561: PPPoe 6RD broken in 2.5
- Created a pull request to FreeBSD-src to apply the 6RD changes to 2.5
-
- Created a pull request to FreeBSD-src to apply the 6RD changes to 2.5
-
- This is by design. It has to be that way, or it can't be sure that the monitor address will ping via the correct inte...
-
11:17 AM
Bug #9658 (Not a Bug): Gateway monitor IPs are being put into the routing table
- As the subject says, fpsense puts the IP addresses that are configured as monitor IPs for gateways in the routing tab...
-
11:47 AM Feature #9393: Improved support for USB interfaces that may not always be present
- See: https://forum.netgate.com/topic/141347/option-to-hot-plug-some-interfaces
-
- Should hopefully be fixed in pkg version 5.50. I removed one way it could have failed unexpectedly, potentially fixed...
-
- In some circumstances the STunnel package fails to generate a default certificate as part on it's install script and ...
-
- There isn't enough information here for a proper bug report.
For assistance in solving problems, please post on th... -
06:46 AM Bug #9656 (Rejected): DHCPv6 Leases Allowed Memory Size Exhausted
- Hi, I have encountered a bug with the DHCPv6 Leases page under Status in pfSense.
The page crashes after a while of ... -
-
- Hi Karl,
thanks for pointing this out! In that case this is fixed in 2.4.4-p3 and it was simply not marked fixed h... -
- Version 2.4.4-p3 has the following dhcp6c_wan_script.sh which should already ignore the RENEW reason:...
-
- I am now testing the following, modified /var/etc/dhcp6c_wan_script.sh:...
07/29/2019
-
- I've tried uninstalling, then installing, and "reinstalling" without success:
*Reinstallation log:*... -
- You just need to reinstall the package. Somehow it isn't fully installed, and there isn't enough information here to ...
-
-
05:44 PM Bug #9362: rc.dyndns.update: Cloudflare DDNS with proxy enabled doesn't work at all
- Nathan Hand wrote:
> Underlying problem is /etc/inc/dyndns.class line 799. The value of dnsProxied is passed directl... -
-
- Ronald Schellberg wrote:
> Aaron Unpublished wrote:
> > IPv6 6rd doesn't work on any 2.5.X versions at the moment. ...
07/28/2019
-
07:37 PM Bug #9362: rc.dyndns.update: Cloudflare DDNS with proxy enabled doesn't work at all
- Underlying problem is /etc/inc/dyndns.class line 799. The value of dnsProxied is passed directly to Cloudflare.
<p... -
- Aaron Unpublished wrote:
> IPv6 6rd doesn't work on any 2.5.X versions at the moment.
>
> Have cable internet. ... -
- After installing the nut package from the package manager on a new netgate system with the built-in theme, the NUT se...
-
02:53 PM Bug #9654 (New): After reboot, the DNS resolver must be restarted before it will advertise the ipv6 DNS address of the router.
- When pfsense ipv6 is configured with DHCPv6 disabled and RA in "Unmanaged" mode, then after reboot, until the resolve...
-
02:20 PM Bug #7209: Something is seriously wrong with firewall aliases
- I just hit this bug today on a fully updated 2.4.4-p3 firewall.
There was an IP Alias named "h_whitelist" containi... -
- No, aliases are for pf and it does not support filtering by MAC address.
-
04:14 AM Feature #9653: Assign Alias from MAC address
- Also, allows me to to assign ipv6 address alias when I have dynamic ipv6 gateway
-
- Can you change Alias assignment to use MAC addresses as well as IP addresses?
So I can have a Xbox which dynamically...
07/27/2019
-
05:07 PM pfSense Packages Bug #9652 (Resolved): Squid Proxy Server /var/squid/lib/ssl_db directory not found in squid.inc
- When using the Squid Proxy Server package and Enabling SSL filtering in pfSense 2.5.0, I create an internal-CA and as...
-
- Ugh.
It looks like the range here should be changed to FC07:1010:1010:*FF00*:: to FC07:1010:1010:FFF0:: (16 /60s) ... -
- *Page:* https://docs.netgate.com/pfsense/en/latest/dhcp/dhcpv6-server.html
*Feedback:*
For example, if FC07:101... -
07:14 AM Bug #9650 (New): IPv6 connection drops (ir-)regular on Kabelvodafone (German cable ISP)...
- *Background information*
Kabel Vodafone is the successor of Kabeldeutschland, among other services they offer Busine... -
- IPv6 6rd doesn't work on any 2.5.X versions at the moment.
Have cable internet. Upgraded to the 2.5 and it brok...
07/25/2019
- 08:03 PM Revision 57b2f317: Only redirects the user to the default page if no specific page page was set in the querystring
-
04:44 PM
Bug #9541 (Resolved): Non-admin user with admin rights is given the wrong URL for the user manager
- On 20190725-0909, unable to reproduce the bad behavior.
-
04:37 PM
Bug #9611 (Resolved): PHP error on fresh 2.5.0 install or after factory reset
-
04:37 PM
Bug #9611: PHP error on fresh 2.5.0 install or after factory reset
- On 20190725-0909, the error is no longer present, new install and resets both work as expected.
-
04:35 PM
Feature #9620 (Resolved): User privilege to manage integrated switch
- On 20190725-0909, the Switch options are present and work as expected.
-
- XMLRPC is not designed to be used with more than one node. It does, on occasion, but only by accident.
-
10:00 AM pfSense Packages Feature #9648 (New): Multiple node Sync HAProxy configuration to backup CARP members via XMLRPC.
- We have a cluster of 3x PFSense Firewalls running in 3 AZs on AWS.
FW-A (AZ-A) is configured to sync to FW-B (AZ-B... -
04:37 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
- I think I have a similar problem.
My inbound rule did not work with an FQDN in the Alias. (Whitelist for source addr...
07/24/2019
-
- I can confirm this, but it is not specific to OpenVPN.
OpenSSL 1.1.1 doesn't list AES-NI or the BSD crypto dev, ev... -
07:25 AM Bug #9646 (Resolved): OpenSSL 1.1.1 does not list engines for AES-NI or BSD crypto
- Cannot select BSD Crypto Device under OPENVPN clients - Hardware Crypto, it only has No Hardware Crypto Acceleration.
-
08:13 AM Bug #9647 (Resolved): hn0: driver does not support altq
- As subject says, hn0 on 2.5.0 does not support ALTQ.
You get error after traffic shaper wizard starts to reload rule... -
- Hmmm OK, I have Hyper-V, 2.5.0 and pppoe.
But weird is, that on when applied on IN direction on LAN it works ok. -
- The two cannot be related. ALTQ is not used for limiters.
I have also seen a similar situation on 2.5 where limite... -
- Hi again.
I restored config on 2.4.4-p3 and this are working just fine there.
I believe this on is related to h... -
- Please open a new issue with specific error messages and reference this one there.
-
- Restored to 2.4.4-p3 and output is: hw.hn.use_if_start: 1
Clean install 2.5.0 snapshot: hw.hn.use_if_start: 0
07/23/2019
-
- This reverts commit 987377b0c968f588997d111d5d4bc88293550d3b.
-
-
- Perhaps the order or the length of the filters?
Or a race condition (https://lists.freebsd.org/pipermail/freebsd-net... -
- Your manual rule is functionally identical to the automatic rule. Something else must have changed.
There is no bu... -
- Hello!
This one is back in 2.5.0 snapshots.
07/22/2019
-
- Here are my rules for this interface:...
-
- I have to use asymmetric routing. P1 (default gateway) routes to P2 on the same subnet. ICMP redirect doesn't work be...
-
- Adding these log snippets. They are groups of dpinger gateway logs followed by the system logs for the corresponding ...
-
- Greg M wrote:
> Now I don`t have above any more but I have this (but everything is working just fine):
>
IPv6 fo... -
- Now I don`t have above any more but I have this (but everything is working just fine):
Jul 22 14:44:54 radvd 406... -
- *Page:* https://docs.netgate.com/pfsense/en/latest/nat/accessing-port-forwards-from-local-networks.html
*Feedback:... -
10:05 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
- Rudolf Mayerhofer wrote:
> As a follow up: With 30 seconds resolve interval things are still working fine one month ... -
- Hi all!
Discussion here: https://forum.netgate.com/topic/145091/quick-question-about-limiters
I think there is ...
07/21/2019
-
03:53 PM Feature #6626: Support for IPv6 firewall entries with dynamic delegated prefix and static host address
- A global variable with the current delegated IPv6 prefix in CIDR form, which could be used in firewall aliases would ...
-
11:40 AM Feature #9642: Add DDNS support for dynv6.com
- Correction from above:
To update an A record use the following url:
https://ipv4.dynv6.com/api/update?hostname=yo... -
- Dynv6.com (https://dynv6.com/) provides dynamic DNS for A and AAAA records free of charge. The API is documented here...
-
- I inadvertently opened this ticket while I was still in the process of creating it. Please disregard the original sub...
-
- I get the following error when trying to update the AAAA record for a 6rd tunnel interface:
_/services_dyndns_edit...
07/19/2019
-
- Fix is in FRR pkg version 0.6.2, which will be available shortly.
-
- Setting a route map on the redistribution options does not work.
In vtysh, doing a 'show' on the route map says OS... -
- Seems like IPv6 is not on the priority list of the currently active devs, or nobody fully understands it. There are q...
-
07:40 AM Feature #4881: Allow NPt to use dynamic IPv6 networks
- Any update here? We need dynamic Prefix support for IPv6 Multi WAN.
07/18/2019
-
10:47 PM Bug #8235: The browser must support cookies to login
- I have the same problem under different circumstances. I bought a new firewall to upgrade hardware. Pfsense web ui wo...
-
- You can port forward now in a handful of clicks, it's simple and not at all complicated. Listening on multiple ports ...
-
08:47 PM Feature #6414: SSHD listening on multiple ports
- Jim Pingle wrote:
> Never expose SSH to WAN. Security by obscurity is not obscurity.
The purpose of this is to we... -
- Never expose SSH to WAN. Security by obscurity is not obscurity.
And if you use key-only auth, the rest doesn't ma... -
- One use case for this is exposing ssh on the WAN on a non-standard high port so as to minimise exposure to random dri...
-
12:59 PM Feature #9639 (Resolved): Cloudflare DDNS "API Token"
- Request to add support for new Cloudflare API Token to allow for managed access and permissions for DDNS updates.
> ... -
-
- The entire script is broken, even RENEW should be ignored and just REBIND should actually matter. See #9357 for a pat...
-
09:18 AM pfSense Docs Correction #9638 (Resolved): Feedback on High Availability — Configuring High Availability
- *Page:* https://docs.netgate.com/pfsense/en/latest/highavailability/configuring-high-availability.html
*Feedback:*... -
09:11 AM Bug #9295: IPv6 PD does not work with PPPOE (Server & Client)
- Sadly nobody is taking care of handling this bug... My ticket is 6 month old now.
-
08:49 AM Bug #9295: IPv6 PD does not work with PPPOE (Server & Client)
- Do I get this bug right?
If my upstream WAN connection is PPPoE and I try to delegate prefixes via DHCPv6 it won't w... -
- *Page:* https://docs.netgate.com/pfsense/en/latest/book/highavailability/example-redundant-configuration.html
*Fee... -
- That sounds like a problem with your config or environment. I can't reproduce it here.
For assistance in solving p... -
- if i try to uninstall any package
Package Removal
Please wait while the update system initializes
nothing else... -
03:35 AM Feature #6240: vxlan driver
- +1
07/17/2019
-
- Doesn't appear that "pfSense patch stf_6rd.diff", ticket 7272 (commit cb59ac304d30d5009537d7de0429792fb33d3db0 which ...
-
06:22 PM pfSense Packages Bug #9635 (Resolved): lldpd (and probably ladvd) doesn't work on units with an integrated switch
- It appears the GUI configuration doesn't probably figure out what interface is selected. For example,
No matter wh...
07/16/2019
-
04:10 PM pfSense Packages Bug #5168: squid doesn't function during/after HA failover
- Zeev Zalessky wrote:
> Hello,
>
> any updates with this issue?
> i have 200 vlans on my firewall and adding 200... -
06:45 AM pfSense Packages Feature #9521: Upgrade to HAProxy 1.9
- haproxy 2.0 is available in ports 2019Q3
07/15/2019
-
- pfsense sends DHCPv6 Request messsages to ff02::1:2 on its WAN interface at an interval of about 7 seconds. As this i...
-
- MPD includes a built-in web server that can be used to poll status information. There is also a telnet console, but t...
-
06:25 AM Bug #9632: DynDNS not updating IP address for DNSExit
- 2.4.4-RELEASE-p3 (amd64) built on Wed May 15 18:53:44 EDT 2019 FreeBSD 11.2-RELEASE-p10
-
- When using the DNSExit dynamic DNS service, the IP address changes and the "Save & Force Update" button is clicked, t...
Also available in: Atom