Activity

30 days up to

User

Subprojects

Activity

From 08/07/2019 to 09/05/2019

09/05/2019

09:04 PM Revision db948c42: Additional logs & optimizations. Issue #9714: * Add log tabs for nginx, userlog, and some other previously hidden logs
* Start working on output of utx log via lis... Jim Pingle
06:45 PM Bug #9720: vpn_ipsec_phase2.php - no remote network field in VTI mode: This appears to be true with all IPSEC vpn modes. If you delete the phase 2 section then create a new one the remote ... Gary Williams
05:53 PM Revision 1544d718: status.php: Sanitize zabbix TLS psk info. Fixes #9729: (cherry picked from commit 60a7d1e1201f43ec48b0ad374ded1c15eb29e14e) Jim Pingle
05:53 PM Revision 60a7d1e1: status.php: Sanitize zabbix TLS psk info. Fixes #9729: Jim Pingle
05:51 PM Revision 12cf8e3f: status.php: Restrict thoth tests to arm64. Fixes NG 2569: Jim Pingle
04:57 PM Bug #6167: IPsec IPComp not working: I have this enabled with other firewall solutions and observed noticeable savings in bandwidth usage. I was hoping t... Adam Gibson
04:32 PM Revision f314a7d9: status.php: Sanitize influx_pass and cert_key. Fixes #9727 Fixes #9728: (cherry picked from commit 8bc944bbcba57f74934b87dcea4e7621f0743584) Jim Pingle
04:31 PM Revision 8bc944bb: status.php: Sanitize influx_pass and cert_key. Fixes #9727 Fixes #9728: Jim Pingle
03:37 PM Revision 5457213f: Rename status_pkglogs.php to status_logs_packages.php. Issue #9714: Jim Pingle
03:25 PM Revision 4cce0ada: Standardize pkg log display. Issue #9714: * Add common log code as needed
* Define options to fine-tune package log display
* Add filtering Jim Pingle
02:27 PM Bug #2218: CARP VIPs can become master too early at boot time: I agree with @BlackBinary. The second optional should be the normal operation. A reboot should automatically trigge... Greg Harris
01:00 PM Bug #9729 (Feedback): status.php: Sanitize zabbix-agent tlspsk key: Applied in changeset commit:60a7d1e1201f43ec48b0ad374ded1c15eb29e14e. Jim Pingle
11:47 AM Bug #9729 (Resolved): status.php: Sanitize zabbix-agent tlspsk key: config-sanitized.xml keep <tlspskfile> of zabbix-agent:
$ grep tlspsk config-sanitized.xml
... Viktor Gurov
11:40 AM Bug #9728 (Feedback): status.php: Sanitize tinc private key: Applied in changeset commit:8bc944bbcba57f74934b87dcea4e7621f0743584. Jim Pingle
11:21 AM Bug #9728: status.php: Sanitize tinc private key: This is in status.php, not the package. Jim Pingle
11:14 AM Bug #9728 (Resolved): status.php: Sanitize tinc private key: config-sanitized.xml keep <cert_key> of tinc package
2.5.0-DEVELOPMENT (amd64)
built on Wed Sep 04 20:39:01 E... Viktor Gurov
11:40 AM Bug #9727 (Feedback): status.php: Sanitize influx_pass: Applied in changeset commit:8bc944bbcba57f74934b87dcea4e7621f0743584. Jim Pingle
11:20 AM Bug #9727: status.php: Sanitize influx_pass: This is in status.php, not the package. Jim Pingle
11:03 AM Bug #9727 (Resolved): status.php: Sanitize influx_pass: config-sanitized.xml keep hash of influx_pass (Telegraf package):
$ grep influx config-sanitized.xml
... Viktor Gurov
08:29 AM Bug #9649: IPv6 6RD Tunnel: Ronald Schellberg wrote:
> Created a pull request to FreeBSD-src to apply the 6RD changes to 2.5
Updated the pull... Ronald Schellberg
06:32 AM pfSense Packages Bug #9724: pfblockerng-firewall-filter-service-will-not-start: PR https://github.com/pfsense/FreeBSD-ports/pull/670 Manuel Piovan

09/04/2019

08:33 PM Revision 280a2ca2: Move Package Logs in with rest of logs. Issue #9714: Standardize log tab behavior Jim Pingle
08:08 PM Revision 6b061c1a: Add a method for packages to set log owner on rotation. Issue #9712: Jim Pingle
03:21 PM Revision 3a26e715: Move log-related functions to their own file. Issue #8350: Also add a simple shell program that will dump all log entries for a given
log + all rotated/compressed logs in order. Jim Pingle
03:12 PM Todo #9712: Add code for packages to set their own log rotation parameters: See also:
* Example of display-only log: https://github.com/pfsense/FreeBSD-ports/blob/devel/emulators/pfSense-pkg... Jim Pingle
02:08 PM Feature #9726 (Resolved): Hash Algorithm configured on child ESP/AH proposals using AES GCM though strongswan strips them: One might want to allow transform sets on a Phase 2 like this:
AES128/192/256-CBC with SHA256
AES128-GCM with no ... Chris Linstruth
06:17 AM pfSense Packages Bug #9724: pfblockerng-firewall-filter-service-will-not-start: affected version:
2.5.0-DEVELOPMENT (amd64)
built on Tue Sep 03 08:57:57 EDT 2019
FreeBSD 12.0-RELEASE-p10
... Manuel Piovan
05:20 AM pfSense Packages Bug #9724: pfblockerng-firewall-filter-service-will-not-start: a possible solution :
on /usr/local/etc/rc.d/pfb_filter.sh
from
/usr/local/sbin/clog_pfb -f /var/log/filter.log | ... Manuel Piovan
04:56 AM pfSense Packages Bug #9724 (New): pfblockerng-firewall-filter-service-will-not-start: pfblockerng service does not start - because clog is missing
https://forum.netgate.com/topic/146191/pfblockerng-f... Manuel Piovan
04:59 AM pfSense Packages Feature #9725 (New): Ability to use template variables in acme package: would be very helpful to be able to use variables in acme package action section
Using variables something like that... Tobi Miller
03:54 AM Bug #9723 (Not a Bug): DHCPv6 server for several interfaces isn't working on all interfaces: Hi,
I have a virtualized pfSense 2.4.4 p3 running with several downstream interfaces.
On some interfaces DHCPv6 s... Pim Pish

09/03/2019

08:34 PM Revision a40c9cf2: Log rotation settings. Issue #9711 and Issue #9712: * Add rotation count GUI option and per-log option
* Add settings for packages to override more fields not supported ... Jim Pingle
07:26 PM Revision 7d918dab: Fix log size text in common log settings. Issue #9711: Jim Pingle
07:16 PM Revision 8a86d7be: Move log rotation options to their own section. Issue #9711: While here, fix log size description to fit new behavior. Jim Pingle
06:44 PM Revision 3aea6230: IPSec: Just destroy interface if it exists and it's not booting: Based on PR: https://github.com/pfsense/pfsense/pull/4076 Renato Botelho
06:43 PM Revision f8c4bfc5: IPSec: Just destroy interface if it exists and it's not booting: Based on PR: https://github.com/pfsense/pfsense/pull/4076 Renato Botelho
06:39 PM Revision 03cdd6ad: Add log compression type option. Issue #9711: Jim Pingle
06:19 PM Revision 15f8062b: Improve efficiency of resync checks.: GW Group changes are checked iff the interface is not the empty string or the interface in question is not the same a... James Webb
03:38 PM Todo #9711: Add GUI options to control log rotation: The compression is configurable now but it is a global only option and NOT a per-log setting. While it may be possibl... Jim Pingle
03:37 PM Todo #9711 (Feedback): Add GUI options to control log rotation: The time, flags, pid/cmd, and signal fields are not necessary for the GUI, the others are sufficient. There is a mech... Jim Pingle
03:36 PM Todo #9712 (Feedback): Add code for packages to set their own log rotation parameters: Jim Pingle
03:32 PM Todo #9712: Add code for packages to set their own log rotation parameters: For reference, the supported fields are now:... Jim Pingle
01:52 PM Revision 73a4e1f2: Merge branch 'master' into system-general-sr-fix1: Renato Botelho
01:37 PM Revision 5ae31b9e: Merge pull request #4070 from paul/patch-1: Renato Botelho
01:24 PM Revision e187842d: Merge pull request #4079 from johnforte/master: Renato Botelho
01:20 PM Revision d43154fe: Do not use constructor with the same name of class, it's going to be deprecated: Renato Botelho
01:18 PM Revision b94eb4b9: Fix PHP warning: Renato Botelho
01:10 PM Revision cf019954: Merge pull request #4083 from kristoffer-ekenstam/master: Renato Botelho
01:08 PM Revision e3de4f13: Merge pull request #4084 from Godwottery/master: Renato Botelho
12:57 PM Revision b4df3414: Merge pull request #4074 from NanoCaiordo/dhcp_show_all: Renato Botelho
12:04 PM Bug #9722 (Resolved): services_captiveportal_vouchers.php wrong status icon link: When you are at services_captiveportal_vouchers.php page, clicking on "Related status" icon redirects to
services_ca... Viktor Gurov
11:02 AM pfSense Packages Feature #9721 (Resolved): add squidclient -h 127.0.0.1 mgr:info output to Diagnostics / Squid and status.php: "squidclient -h 127.0.0.1 mgr:info" gives a very useful info for diagnostics:
like
Resource usage for squid:
UP T... Viktor Gurov
10:57 AM Bug #9522 (Resolved): Diagnostics > System Activity shows only the header: Looks good:... Steve Wheeler
10:23 AM Bug #9720 (Resolved): vpn_ipsec_phase2.php - no remote network field in VTI mode: under VPN / IPsec / Tunnels / Edit Phase 2
if you select Transport Mode
and then VTI mode
there is no "Remote Netw... Viktor Gurov
10:11 AM Bug #9719 (Resolved): system_certmanager.php - Descriptive name field disappeared when adding certificate for user: if under user manager / users / edit
you select add certificate,
then select "choose an existing certificate"
and... Viktor Gurov
08:45 AM Feature #9718 (New): Make diag_states_summary table sortable: Make diag_states_summary table sortable so users can chose the way they want to sort it.
Discussed at https://gith... Renato Botelho
08:38 AM Bug #9580 (Feedback): Dynamic DNS DNSimple client errors: PR has been merged. Thanks! Renato Botelho
08:25 AM Bug #9684 (Feedback): System Notifications: Asterisks over writing current password causing notifications to stop working.: PR has been merged. Thanks! Renato Botelho
08:12 AM Bug #8014 (Feedback): DynDNS wildcard option doesn't work for provider Loopia: PR has been merged. Thanks! Renato Botelho
08:09 AM Feature #9706 (Feedback): Increased number of colors for login screen: PR has been merged. Thanks! Renato Botelho
08:09 AM Bug #9133 (Feedback): "Show all configured leases" does not stay set after deleting a lease: PR has been merged. Thanks! Renato Botelho
07:21 AM Bug #8040 (Resolved): diag_dns.php - external links to DNSstuff: These links were all removed a while ago Jim Pingle
07:05 AM Feature #9717 (New): Search box for pfsense ?: I can never remember where things are within pfsense and wondered if a search box on the top bar would be a good idea... randombits b

09/02/2019

06:46 PM Revision 098e57c5: Revert "Add a control file to be used as trigger to sync files to S3": This reverts commit 1e2990aa0a9debd5ccdc31e42ca6fe93a31c5dd3. Renato Botelho
06:46 PM Revision 95470886: Revert "Add a control file to be used as trigger to sync files to S3": This reverts commit 8129d78071fdf592f7f33a715405c065a76cebc3. Renato Botelho
06:40 PM Revision 64290b3c: Do not send unneeded files to S3 and also delete old files from it: Renato Botelho
06:14 PM Revision 5c0d30fb: Do not send unneeded files to S3 and also delete old files from it: Renato Botelho
02:29 PM Revision 7071aab3: Add ability for OpenVPN instances to resync on IP changes and on boot.: OpenVPN instances resync if interface IP change occurs.
At boot, the interface is the empty string, so resync is mand... James Webb

09/01/2019

11:16 PM Revision a71b23db: Include system.inc in prefixes.php. Fixes #9715: Jim Pingle
06:25 PM Bug #9715 (Feedback): Call to undefined function sort_related_log_files: Applied in changeset commit:a71b23dbc6ebc39c42586f98b3da05969c4724e5. Jim Pingle
06:31 AM Feature #9716 (Resolved): Italian translation: i've completed italian translation on zanata month ago
as soon as you can I would like to see it inserted also in or... Manuel Piovan
03:51 AM Bug #9595: OpenVPN does not resync when running on a gateway group: "Current Full Patch":https://github.com/pfsense/pfsense/pull/4072.patch James Webb
02:50 AM pfSense Packages Bug #8454: Arpwatch package break email notifications from other sources: This issue forced me to uninstall arpwatch, as I can't just handle receive tons of emails from other daemons (like Cl... Ter Ted

08/31/2019

11:39 PM Revision 614ca41e: Add else clause for cases when OpenVPN interface file does not exist.: - Prevents potential race condition at startup resulting in failure to start OpenVPN instances.
- In cases where inte... James Webb
06:13 PM Bug #9715 (Resolved): Call to undefined function sort_related_log_files: https://forum.netgate.com/topic/146189/crash-report-after-update
add ->
require_once("functions.inc");
ins... Manuel Piovan
04:18 PM Feature #9693 (Resolved): Bypass automatic backups: Tested on 2.5.0.a.20190830.1941, works as expected. Anonymous
04:13 PM Feature #9694 (Resolved): Redact ACB encryption password from status.php: Tested on 2.5.0.a.20190830.1941, encryption password is redacted. Anonymous
03:09 AM Bug #8207: 2.4 cannot boot as a Xen VM with more than 7 NICs: Same problem here with the newest Version (2.4.4-RELEASE-p3) of PFSense.
Any ideas or solutions?
Best regards Elias Seccom

08/26/2019

11:49 PM Feature #6960: Introduce Kea DHCP as an alternative DHCP server for IPv4 and IPv6: Hey Dan, we definitely know who you guys are. We use Kea on tnsr. Jim Thompson
08:27 PM Feature #6960: Introduce Kea DHCP as an alternative DHCP server for IPv4 and IPv6: For what it's worth, for my dayjob, run ISC's internal office network with a pair of pfsense boxen (official hardware... Dan Mahoney
08:44 PM Revision 0dd016d4: Add some exception handling to auth attempts. Fixes #9150: (cherry picked from commit d832b6ce47a90fea03443401d072eb91906b6fc7) Jim Pingle
08:43 PM Revision d832b6ce: Add some exception handling to auth attempts. Fixes #9150: Jim Pingle
07:25 PM Revision 5f66269d: Fix state kill ordering in rc.newwanip. Fixes #4674: Move state kill to after new rules and routing have been setup.
Otherwise there is a race condition where new states ... Jim Pingle
07:24 PM Revision 86e6e0bc: Fix state kill ordering in rc.newwanip. Fixes #4674: Move state kill to after new rules and routing have been setup.
Otherwise there is a race condition where new states ... Jim Pingle
03:50 PM Bug #9150 (Feedback): Web authentication RADIUS package shows PHP error if unable to resolve FQDN of RADIUS server: Applied in changeset commit:d832b6ce47a90fea03443401d072eb91906b6fc7. Jim Pingle
03:44 PM Bug #9150: Web authentication RADIUS package shows PHP error if unable to resolve FQDN of RADIUS server: I never could reproduce this with any combination of DNS failures (no server, server timeout, nxdomain, etc) but I ad... Jim Pingle
02:56 PM Bug #7848: NDP Table Sort by Expiration Error: The sortable library doesn't have a sorting type that can parse the duration in the format output by ndp and I didn't... Jim Pingle
02:35 PM Bug #4674 (Feedback): invalid state table entries after WAN IP change: Applied in changeset commit:86e6e0bcffcbb988dc7f80ac0aed25cad28d79eb. Jim Pingle
01:57 PM Bug #9550 (Resolved): New privilege matching method does not allow menu or tab links to anchors (#foo): Users with permissions for only traffic totals can see the tabs and change between them. Jim Pingle
01:51 PM Bug #9543 (Resolved): diag_dns.php: Reverse lookup of IPv6 fails with "Host must be a valid hostname or IP address.": Works fine now Jim Pingle
01:49 PM Bug #9582 (Resolved): PHP error setting up VLANs from the console: Jim Pingle
01:29 PM Bug #9447: Configuring LAGG at XG-7100 Switch Ports Broken: Patched attached for those who would like to test this against 2.4.4-p3. Jim Pingle
01:22 PM pfSense Packages Feature #9399 (Resolved): pkg support for SSH + sudo authentication via LDAP: requested package and options are present. Jim Pingle
01:21 PM Bug #9466 (Resolved): DHCP (IPv4) relay mistakenly listening on upstream interface: All feedback I have seen thus far has been positive. Jim Pingle
01:21 PM Feature #9531 (Resolved): [IPSEC] Add additional curve-based DH Groups (31+): Jim Pingle
01:20 PM Todo #9607 (Resolved): Update web server TLS versions for 2.5.0: This has been working fine, no reports of breakage that I've seen either. Jim Pingle
01:16 PM Bug #9584 (Resolved): Potential XSS in services_acb.php via hostname parameter with legacy settings: Legacy options are moot now, they have been removed. Jim Pingle
01:07 PM Bug #9564 (Resolved): Dynamic DNS Status - IPv4 format error for 'Cached IP': Still working fine with my Namecheap entries which failed before. Jim Pingle
01:05 PM Bug #9540 (Resolved): PHP Uncaught Error in Status/System Logs/Firewall/Dynamic View: Jim Pingle
01:04 PM Bug #9421 (Resolved): crypt_data() needs to support stronger key derivation: Jim Pingle
01:04 PM Bug #9408 (Resolved): OCSP stapling detection broken on 2.5.0: This has been fine since the fix I put in, no signs of it breaking again that I've noticed. Jim Pingle
01:02 PM Bug #9400 (Resolved): PHP scandir() error at boot: Jim Pingle
11:17 AM Bug #9699: WAN Interfaces Page - PPPoE breaks randomly when changes are made: That isn't enough. You need to start a forum thread to discuss the problem and provide a lot more detail, things like... Jim Pingle
11:07 AM Bug #9699: WAN Interfaces Page - PPPoE breaks randomly when changes are made: After the initial setup of a PPPoE connection on WAN interfaces page, changing settings on this page will randoml... Steven Cedrone
07:15 AM Bug #9699 (Not a Bug): WAN Interfaces Page - PPPoE breaks randomly when changes are made: Not enough information here for a valid bug report. I have several systems with PPPoE interfaces and none of them bre... Jim Pingle
02:53 AM Bug #9699: WAN Interfaces Page - PPPoE breaks randomly when changes are made: After the initial setup of a PPPoE connection on WAN interfaces page, changing settings on this page will randoml... Steven Cedrone
02:51 AM Bug #9699 (Not a Bug): WAN Interfaces Page - PPPoE breaks randomly when changes are made: After the initial setup of a PPPoE connection on WAN interfaces change changing settings on this page will randomly b... Steven Cedrone
09:37 AM Bug #9643: Limiters do not function properly on 2.5 snapshots: I experienced the same behavior as Greg M when updating from 2.4.4-p3 to 2.5.0. This was on a bare-metal install. Grant Peier
09:24 AM pfSense Packages Feature #4503: GNUGateKeeper H.323 Proxy Package: Hi guys!
I recently had the case of using a VSX 7000 polycom videoconferencing that necessarily uses the H323 or H46... Wesley Lucio dos Santos
07:50 AM pfSense Packages Bug #9681 (Feedback): [Monitoring] New views title are always in lower case.: PR has been merged. Thanks! Renato Botelho
07:13 AM pfSense Packages Feature #9701 (Rejected): Squid WPAD/PAC Settings: Since this would turn the firewall web server into a WPAD web server for the local network, it will never be added. T... Jim Pingle
04:48 AM pfSense Packages Feature #9701 (Rejected): Squid WPAD/PAC Settings: Adds a new tab to the Squid Server Web GUI to configure WPAD settings and setup a PAC file.
This would give users th... Kyle Klouzal
07:03 AM Feature #9702 (Resolved): OpenVPN "push-reset" option in Client Specific Override breaks "subnet" topology: Hi.
I have configured an OpenVPN server in Remote Access (SSL/TLS) mode with the "subnet" topology (preferred topo... Damien Gombault
03:32 AM pfSense Packages Feature #9700 (Feedback): Secure Squid HTTPS Proxy: As described here: https://forum.netgate.com/topic/145940/secure-squid-https-proxy
Squid Documentation: http://www.s... Kyle Klouzal
02:09 AM Bug #9698 (New): Monitoring graphs do not retain state after auto-refresh: When a monitoring graph is set to auto refresh it returns to its default configuration each time it refreshes. If ind... Christian Ullrich
01:58 AM pfSense Docs Correction #9697 (Resolved): Feedback on System Monitoring — Monitoring Graphs: *Page:* https://docs.netgate.com/pfsense/en/latest/monitoring/graphs/index.html
*Feedback:*
This page should me... Christian Ullrich

08/25/2019

07:23 AM Feature #2634: No IPv6 networks in firewall NAT rules: Thanks! Guy B

08/24/2019

06:29 PM Bug #9600 (Resolved): Add athp to wireless device regex list: This looks good:... Steve Wheeler
04:34 PM Bug #9669: dhcrelay stops working after certain time: Just rebooted the Server after ~15 Days uptime without any issues. I would say the fix is fine for that matter. Case ... Luki TJ

08/23/2019

01:36 PM Bug #9696 (Not a Bug): ACB fails if the Revision Reason contains 'Snort': Jim Pingle
01:34 PM Bug #9696 (Rejected): ACB fails if the Revision Reason contains 'Snort': Yeah, this is 'not a bug'. It deliberately does this to prevent Snort filling all the backup space with pointless ide... Steve Wheeler
01:22 PM Bug #9696 (Not a Bug): ACB fails if the Revision Reason contains 'Snort': If you run a manual 'Backup now' the back will fail if the Revision Reason field contains the word 'Snort'.
Howeve... Steve Wheeler

08/22/2019

06:10 PM Revision 0bdd1774: Fix manual backup flag: Steve Beaver
01:39 PM Revision 463d5d11: Typo fix: Steve Beaver
01:38 PM Revision cb442cfa: Fix is_set/isset: Steve Beaver
01:20 PM Revision 7f486e5a: Fixed #8907: Support field size option in select control Steve Beaver
12:16 PM Feature #9695: Add Ability to Force NAT-T Encapsulation on IKEv2 Peers: The code to handle that directive already there in the nat_traversal option but we disable that for IKEv2, looks like... Jim Pingle
11:49 AM Feature #9695 (Resolved): Add Ability to Force NAT-T Encapsulation on IKEv2 Peers: The strongswan documentation includes:
UDP encapsulation may also be forced, even if no NAT situation is detected,... Chris Linstruth
11:34 AM Feature #7671: Gateway Monitoring Via Custom Script or Telnet.: I do not know what I have to do here to help. I can help work on this (I can develop), but I have no idea how the co... Web Dawg
11:15 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: Ultimately it's not seeing any traction because the suggested solution isn't right. Essentially @dpinger@ is only a d... Jim Pingle
10:59 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: I think that pfSense should use:
ping (ICMP)
https/http
DNS
You should be able to configure these dynamically... Web Dawg
10:19 AM Feature #7882 (Rejected): Seperator feature in DHCP Static mapping for this feature: The separator system was written for firewall rules which have selector checkboxes, have a specific order and draggab... Anonymous
08:30 AM Bug #8907 (Feedback): wizard.php - $field['type'] - "Select" doesn't have the attribute "Size" defined: Applied in changeset commit:7f486e5af62396622ca63b922ec6725de4df2bb5. Anonymous
08:12 AM Revision cedc8184: Fixed #8014: Fixed wildcard variable not being set correctly.
Updated CURLOPT_URL according to provider's documentation.
Added sup... kristoffer-ekenstam
06:59 AM Bug #8014: DynDNS wildcard option doesn't work for provider Loopia: Thanks! Jim Pingle
03:23 AM Bug #8014: DynDNS wildcard option doesn't work for provider Loopia: https://github.com/pfsense/pfsense/pull/4083 Kristoffer Ekenstam
02:24 AM Bug #9692: system_authservers.php: Descriptive name can be changed by removing read-only property via inspect element: I only figured this out because an auto-fill addon of the browser filled in that particular field, so yes I dont cons... Alex Z
01:04 AM Bug #9362: rc.dyndns.update: Cloudflare DDNS with proxy enabled doesn't work at all: Nathan Hand wrote:
> Underlying problem is /etc/inc/dyndns.class line 799. The value of dnsProxied is passed directl... Berzerker Berzerker

08/21/2019

06:47 PM Revision 6f6299a3: Fixed #9693: Allow ACB to be suppressed by including magic string in the backup description
Transmit max number of manual backups ... Steve Beaver
04:54 PM pfSense Docs Correction #9381 (Resolved): FreeRadius 2.X package documentation and CaptivePortal associated documentation are mostly outdated: Jim Pingle
04:29 PM pfSense Docs Correction #9381: FreeRadius 2.X package documentation and CaptivePortal associated documentation are mostly outdated: This issue can be now marked as resolved I think A FL
04:12 PM Revision f01c0991: Fixed #9687: Remove all referenes to legact/Gold ABC system Steve Beaver
02:32 PM Feature #9694 (Resolved): Redact ACB encryption password from status.php: Currently the redacted config does not redact that particular password, other parts are redacted:... Steve Wheeler
01:55 PM Feature #9693 (Feedback): Bypass automatic backups: Applied in changeset commit:6f6299a3a6aca1b7baf5d80d6d24325100363939. Anonymous
01:45 PM Feature #9693 (Resolved): Bypass automatic backups: If the reason/description string of a config back contains the string "-NoReMoTeBaCkUp" no ACB will be performed. The... Anonymous
01:48 PM Feature #7077: Display negotiated data encryption algorithm in OpenVPN connection status: Looks like this was finally merged in but it's not slated to be in an OpenVPN release until they put out 2.5. Jim Pingle
01:18 PM Feature #9538 (Resolved): add support for athp(4) driver: Renato Botelho
11:20 AM Feature #9538: add support for athp(4) driver: athp now loads correctly with the modules present and loader variable set:... Steve Wheeler
11:17 AM Bug #4231 (Resolved): bridge or lagg of openvpn link down after reboot: As stated, bridge is OK, LAGG is not. Closing this in favor of #9183 which is specific to LAGG and has a proposed fix. Jim Pingle
11:17 AM pfSense Packages Bug #9691: Suricata ips_mode Legacy not blocking: This issue was resolved via the Netgate Forum. The user had bypassed the pfSense GUI package installation process and... Bill Meeks
11:11 AM pfSense Packages Bug #7595: suricata custom SID Mgmt configuration missing after full system restore: This is no longer an issue with either the Suricata or Snort packages. Both packages now have the SID MGMT lists stor... Bill Meeks
11:10 AM Bug #9558 (Resolved): GPS NTP source PHP errors: This is fixed.
Tested against:... Steve Wheeler
10:41 AM Feature #4242: Two Factor or OTP Authentication for Admin Interface: Charlie Ross wrote:
> Hi developers!
>
> In a never-ending quest to beef up security, it would be great to have t... Dan Journo
10:40 AM Feature #9496 (Duplicate): Include the athp(4) driver.: Duplicated by #9538 but it has been worked on, so close this one Jim Pingle
10:26 AM Bug #9630 (Duplicate): cannot config WAN down que (Codel limiters) in floating rule without blocking incoming traffic.: Duplicated by #9643, but it has more complete information Jim Pingle
10:24 AM pfSense Packages Bug #9352 (Resolved): Duplicate default views in Status Monitoring that can't be removed.: Fixed by #9679 Jim Pingle
09:59 AM Bug #7419 (Duplicate): CloudFlare DDNS Not working for wildcard updates: Duplicated by #9361 but it has a PR which has been merged. Jim Pingle
09:47 AM Bug #8492: Enable setting PKCS#12 export password in Certificate Manager: The other request mentions 3DES but it isn't about 3DES, it's about encrypting exported private keys, which covers th... Jim Pingle
09:13 AM Bug #8492: Enable setting PKCS#12 export password in Certificate Manager: Bug #1192 refers to 3DES encryption which should no longer be used. The need to encrypt / protect a private key on ex... Hyrum Smith
09:46 AM Bug #7892 (Closed): AutoConfigBackup status reported incorrectly: This affects only the legacy "Gold" ACB system which is no longer in use. Anonymous
09:39 AM Feature #5437 (Closed): Auto Config Backup Stats display latest backup date-time: This feature no longer applies to the current ACB system which accommodates only a single host. Anonymous
09:29 AM Feature #8378 (Duplicate): allow webconfigurator to be configured to listen on only specified interface[s]: Duplicate of #628 Jim Pingle
09:20 AM Feature #9122 (Duplicate): Custom (failover) lagg interface order (UI): Duplicate of #1019 Jim Pingle
09:14 AM Feature #8558: Add more table sorting in various UI pages: Certs have sorting (and searching) now, see #9412
The other two could still be useful Jim Pingle
09:12 AM Bug #8481 (Duplicate): Editing multiple entries in multiple browser tabs causes problems or doesn't work: Duplicate of #8285 Jim Pingle
09:11 AM Bug #8462 (Not a Bug): UI - small gear icon/animation not centered: That's all handled by Font Awesome (it's fa-cog, fa-spin) so if there is an issue, it needs to be raised upstream. Th... Jim Pingle
09:06 AM Bug #8111 (Resolved): Disabled 1:1 NATs are not passed the "disabled" class (not greyed out): This has been in place for some time now. Jim Pingle
09:05 AM Bug #8002 (Not a Bug): wan not connected, no updates check: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
09:01 AM Bug #7620 (Resolved): State table cannot be displayed because lack of PHP memory: This was addressed a while ago. System > General, tick Require State Filter. Then large state tables won't be loaded ... Jim Pingle
08:59 AM Feature #8284 (Duplicate): Add duplicate option next to OpenVPN servers and clients: Duplicate of #5851 Jim Pingle
08:56 AM Bug #3445 (Resolved): Proxy URL behaviour for package list - trailing slash: Jim Pingle
08:54 AM Feature #5083 (Duplicate): Allow bridge members to be hidden from menu: Jim Pingle
07:33 AM Revision 51dc008b: Add additional DHCPv6 prefix delegation size options to dropdown list on interface settings.: - implements #9590 Andreas Bleischwitz
07:09 AM Bug #9692: system_authservers.php: Descriptive name can be changed by removing read-only property via inspect element: We can fix this, but it's not really what I'd consider a bug. We disable the field so the user can't do that easily a... Jim Pingle
03:06 AM Bug #9692 (Resolved): system_authservers.php: Descriptive name can be changed by removing read-only property via inspect element: +Steps to reproduce:+
* Go to System -> User Mgmt -> Authentication Servers
* Edit an existing entry
* Open sour... Alex Z
07:03 AM Feature #9590: RFE: Add additional prefix delegation size entries to dropdown-list: Thanks! Jim Pingle
02:43 AM Feature #9590: RFE: Add additional prefix delegation size entries to dropdown-list: Jim Pingle wrote:
> Can you submit that change as a pull request on Github?
>
> https://docs.netgate.com/pfsense/... Andreas Bleischwitz

08/20/2019

03:49 PM Feature #6908: Alias copy, sort, search/replace functions: Sorting is possible now (click column headers) but the copy and search/replace are still desirable features to add. Jim Pingle
03:48 PM Feature #3506 (Duplicate): Firewall:Aliases - Sort/Move Function: Sorting aliases in the GUI can be done now (click column headers), other parts are covered by #6908 Jim Pingle
03:45 PM Bug #6588 (Closed): PHP suhosin max value length prevents Quagga OSPF from storing a very large zebra.conf: That limitation shouldn't be present these days (no suhosin on current PHP versions) Jim Pingle
03:41 PM Bug #6525 (Resolved): Mobile web interface can't scroll down all items in sub-menus: Linked PR has been merged, and the other parts appear to be covered by #6361 Jim Pingle
03:37 PM Feature #2049: Show Auto Generated Rules and Use them to turn features on/off when applicable: See also: #4828 Jim Pingle
03:37 PM Feature #4828 (Duplicate): Advanced option to show hidden firewall rules in web gui: Duplicate of #2049 Jim Pingle
03:35 PM Feature #1405 (Duplicate): Show interface in the Floating Rules list: Duplicated by #4629 but it had a PR, so keep it instead. Jim Pingle
03:34 PM Feature #4194 (Duplicate): Mass maintenance tools :-): Some of this we already have and the other parts are covered by other more specific (and individual) feature requests... Jim Pingle
03:29 PM Feature #4789 (Resolved): user interface / text fields are too short to display long alias names: After the Bootstrap change this doesn't appear to be an issue. Jim Pingle
03:28 PM Bug #4431 (Duplicate): Bandwidth not reported correctly in "Status: Traffic shaper: Queues": Duplicate of #4467 Jim Pingle
03:26 PM Feature #3508 (Closed): DNS Lookup - Additional links: We removed all tools links from the DNS lookup page a while ago. Third party sites are not reliable to link to in thi... Jim Pingle
03:24 PM Bug #3467 (Resolved): pfTop [Queue] doesn't show P/S or B/S: Fixed a few years ago, probably with commit:9a9661252aa6115d0fd0243bf303436d53afaaa3 Jim Pingle
03:17 PM Bug #6749 (Duplicate): Still responds to ARP after removing one of several Virtual IP - choparp not reconfigured: Duplicated by #7379 but it has a proposed fix Jim Pingle
03:16 PM Feature #7554 (Resolved): Sort list of Virtual-IPs: PR was merged two years ago Jim Pingle
03:15 PM Bug #9539: HA: admin user's authorized key(s) won't get synced: Fixing this may also fix #9622 Jim Pingle
03:15 PM Bug #9622: Changing admins membership does not replicate correctly to HA slave: Probably related to #9539 Jim Pingle
03:13 PM Bug #8051: XG-2758 - Wrong Interface Assignment: Looks like the 'RCC' model detection for mapping cards is not present in source:src/etc/inc/config.console.inc on CE.... Jim Pingle
03:10 PM Bug #8051: XG-2758 - Wrong Interface Assignment: Verified this is still different on 2.4.4-p3 CE Clinton Cory
03:05 PM Feature #7369 (Duplicate): user privileges - refine users rights to prevent admins to tamper with other admins accounts but still manage to the configuration: Duplicate of #5850 Jim Pingle
03:04 PM Feature #6794 (Resolved): Chinese Version Language Translation: We've had Chinese translations for some time now (zh_CN, zh_Hans_CN, zh_HK, zh_TW) Jim Pingle
03:01 PM Feature #997 (Closed): Add per-user setting for activating menu: Since many of the menu functions would require elevated privileges, I don't see this being as useful as I thought it ... Jim Pingle
02:57 PM Feature #8109 (Duplicate): UPnP & NAT-PMP ACL Aliases: Duplicate of #4265 Jim Pingle
02:57 PM Feature #4265: UPNP allow use of alias and schedule: The PR above for multiple ACLs was merged a long time ago, but there is still no support for Aliases for schedules. M... Jim Pingle
02:52 PM Bug #8135 (Closed): pfSense deletes itself after upgrade from 2.2.6 to 2.3.5 with haproxy installed: IIRC This was due to some of the dependencies involved, and it's been fixed for quite a while now. Jim Pingle
02:51 PM Bug #8016 (Closed): 1 pfsense out of several shows 2.4.0 available, not 2.4.1: Probably an issue with the local pkg environment. We have several documented workarounds in the upgrade guide for how... Jim Pingle
02:51 PM Bug #7955 (Closed): Upgrade in 2.4 GUI appears to fail when it actually succeeded (no D/L completion or reboot message, or sign of completion): This hasn't happened in quite a long time. Jim Pingle
02:50 PM Bug #7873 (Closed): When upgrading, some services/packages do not come back online on the first reboot (but do on the second): Either it was solved in the last couple years or was something local. I can't reproduce it here. The packages mention... Jim Pingle
02:49 PM pfSense Packages Bug #7595 (Not a Bug): suricata custom SID Mgmt configuration missing after full system restore: Jim Pingle
02:48 PM Bug #6233 (Closed): Bootloop with Alix after 2.3 upgrade: Problem is with 32-bit hardware which is no longer a supported architecture. Jim Pingle
02:47 PM Feature #2523 (Closed): Prompt for confirmation before upgrading to different architecture: This is no longer a concern. Jim Pingle
02:44 PM Bug #8468 (Rejected): Status / Queues show mostly NaN: Not enough information here for a valid bug report. Jim Pingle
02:43 PM Bug #8282 (Resolved): Enabling CODELQ on virtual interface VLAN crashes appliance: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
02:42 PM Bug #8061 (Resolved): LAN WAN Interfaces missing in Traffichshaper: These all appear to be old driver-specific instances of ALTQ support not being present for specific drivers at the time. Jim Pingle
02:39 PM Bug #4424 (Closed): Adding and removing shaper repeatedly causing interface crash: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
02:38 PM Feature #2960 (Closed): Add queue length adjustment capabilities to traffic shaper based on network size: As noted, it doesn't appear to be viable. Jim Pingle
02:22 PM Feature #3156: Grouping rules: Then it's a duplicate of #8365
There isn't anything unique here, it's covered by other existing feature requests, ... Jim Pingle
01:18 PM Feature #3156: Grouping rules: Wrong. It's not a duplicate.
I want to create a group like templates and than assign it to one or more interfaces. Grischa Zengel
12:46 PM Feature #3156 (Duplicate): Grouping rules: Duplicate of #1937 Jim Pingle
01:43 PM Bug #6799 (New): Negating ``<interface> net`` when a VIP exists on the interface results in unintended behavior: OK, I was going mostly off the subject + comments which didn't mention the negate specifically. Updated subject. Jim Pingle
01:29 PM Bug #6799: Negating ``<interface> net`` when a VIP exists on the interface results in unintended behavior: I believe that the negate address match rules not "blocking" any traffic is worth a deeper look. This wasn't really a... Chris Linstruth
01:16 PM Bug #6799 (Not a Bug): Negating ``<interface> net`` when a VIP exists on the interface results in unintended behavior: Adding alias nets to the interface macros was deliberate, so I'd say the only problem here is that pfBlocker won't le... Jim Pingle
01:39 PM Bug #3334: Status/Traffic Graph isn't IPv6 ready: See also: #7224 Jim Pingle
01:39 PM Feature #7224 (Duplicate): Abandon rate in favor of iftop: There is a PR for this which is under #3334 Jim Pingle
01:38 PM Bug #8217 (Resolved): Traffic Graph widget can not handle more than 4 interfaces: Jim Pingle
01:36 PM Bug #7312 (Not a Bug): Trafic Graph Widget Bug: Sounds like you had an interface there before and then removed it. The old interfaces will still show up, since pfSen... Jim Pingle
01:34 PM Feature #9587 (Duplicate): ZFS Mirror status dashboard widget: Duplicate of #7974 Jim Pingle
01:33 PM pfSense Packages Bug #9233 (Duplicate): Error adding new status monitoring view: Probably the same issue as #9679 which has been resolved. Jim Pingle
01:31 PM Feature #5922 (Closed): SNMP - enable SNMP v3 functionality: SNMPv3 (and IPv6!) is possible using the NET-SNMP package. Jim Pingle
01:30 PM Bug #4930 (Closed): IPSec interface missing in SNMP: Not sure what OP is referring to here. It was never a choice for binding, and it's there in the interface table from ... Jim Pingle
01:28 PM Feature #1169 (Closed): Add load balancer status in SNMP: Those who want to do this can set it up using the NET-SNMP package and custom extended commands. Jim Pingle
01:23 PM Feature #806 (Duplicate): Add private networks to rules dropdown: Duplicated by #1979 but it has more up-to-date info (IPv6, etc) Jim Pingle
01:22 PM Feature #8841 (Duplicate): Floating rules : add interface column: Duplicate of #4629 Jim Pingle
01:20 PM Feature #8713 (Duplicate): Allow user to disable/enable multiple firewall rules at one time: Duplicate of #2505 Jim Pingle
01:18 PM Bug #8636 (Resolved): pfSense_kill_states function does not parse protocol parameter correctly: PR was merged several months ago. Jim Pingle
01:13 PM Bug #8247 (Not a Bug): When in bridge / transparent mode, pfSense blocks UDP/4500 & ESP traffic regardless of origin: I don't see a bug here, but quirky remote equipment that needs special rules to handle those quirks. Of course a fire... Jim Pingle
01:11 PM Bug #8327 (Not a Bug): VLAN net, Default Deny and spoofed packets: There is not enough information here to classify this as a bug. Interfaces all have an implicit deny. If that is not ... Jim Pingle
01:09 PM Feature #1947: Option to kill all states when creating a block rule: See also: #8171 Jim Pingle
01:09 PM Feature #8171 (Duplicate): Close TCP connections if associated rule just has been disabled: Duplicate of #1947 Jim Pingle
12:58 PM Feature #7381 (Resolved): Option to disable alias popups in rules: PR at https://github.com/pfsense/pfsense/pull/3643 was merged long ago. Jim Pingle
12:56 PM Feature #7361 (Duplicate): 2.3.4 - Add possibility to modify UDP (First, Single, Multiple) and TCP Timeouts per rule and not only per global parameter: Duplicate of #1635 Jim Pingle
12:55 PM Feature #6392 (Duplicate): Allow folding based on separators in firewall rules: Duplicate of #1937 Jim Pingle
12:53 PM Feature #8140 (Duplicate): Feature Request: Zone Firewall between interfaces: Duplicate of #4165 Jim Pingle
12:52 PM Feature #4629: Rules Floating tab doesn't display interfaces: Though the PR at https://github.com/pfsense/pfsense/pull/1616 was merged a long time ago, it doesn't look like this s... Jim Pingle
12:44 PM Feature #2634 (Resolved): No IPv6 networks in firewall NAT rules: Last I saw, this was working for rdr, you just need to make sure everything you specify is the same address family. Jim Pingle
12:42 PM Feature #1937: Support for rule groupings: We have rule separators for this now, though being able to collapse items between separator bars may still be useful. Jim Pingle
12:41 PM Feature #1683: PF scrub min-ttl option: The pf @scrub@ directive supports the @min-ttl@ option, but there is no @max-ttl@. Jim Pingle
12:39 PM Feature #1064 (Closed): VoIP - Dynamic Pinholes for RTP: As stated, not something we will implement natively, and the third party code never appeared. People have been using ... Jim Pingle
12:36 PM Bug #7818 (Duplicate): NTP clock frequency not plotting on monitor graph: Duplicate of #6503 Jim Pingle
12:35 PM Bug #9266 (Not a Bug): status_monitoring.php : failed to have quality graph: Sounds like some kind of local system corruption in that RRD file. Resetting the RRD contents should fix it. Post on ... Jim Pingle
12:31 PM Bug #8151: Changing name on a gateway is not allowed: See also: #8218 Jim Pingle
12:31 PM Bug #8218 (Duplicate): Changing an interface name will break the manual created gateway-group: Gateways do not support being renamed, which is what happens if you rename a WAN with dynamic gateways. See #8151 Jim Pingle
12:27 PM Bug #9474 (Not a Bug): no default gateway after changing the wan interface ipv4 configuration type from dhcp to fixed ip: Sounds like a config issue but there isn't enough detail to say for certain.
For assistance in solving problems, p... Jim Pingle
12:20 PM pfSense Packages Feature #6508 (Closed): OSPF v3 - Quagga OSPF6d: It won't happen for Quagga, but it's in FRR now and works. Jim Pingle
12:19 PM Bug #5833 (Closed): OpenVPN reports "no route to host" although a GW Group is selected for failover: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
11:04 AM Feature #6384 (Duplicate): Allow IPSEC P1 to have 2 peer remote gateway IP addresses to allow VPN failover faster without requiring DDNS: Jim Pingle
11:03 AM Bug #7536 (Duplicate): <sendpacket> sendmsg on cpsw0: Permission denied: Duplicate of #8271 Jim Pingle
10:59 AM Feature #9590: RFE: Add additional prefix delegation size entries to dropdown-list: Can you submit that change as a pull request on Github?
https://docs.netgate.com/pfsense/en/latest/development/sub... Jim Pingle
10:47 AM Bug #8271 (Closed): <sendpacket> sendmsg on cpsw0: Permission denied: I can't reproduce this here and the report is a bit old. If you can come up with a way to reliably reproduce the erro... Jim Pingle
10:43 AM Bug #8081 (Closed): NICs malfunction: This report is from a few pfSense and FreeBSD versions ago. Please re-test this on a current release. If there is sti... Jim Pingle
10:35 AM Bug #7673 (Not a Bug): multi wan 0.0.0.0: Old report and I'm not sure there is a bug here. The description says the same IP address is used multiple times, and... Jim Pingle
10:32 AM Bug #7639 (Not a Bug): NAT does not work between OpenVPN and IPsec tunnels: NAT for IPsec must be done using P2 NAT entries not NAT rules. Jim Pingle
10:30 AM Bug #7534 (Not a Bug): gif interface with /64 subnet gets configured as /128: Having /128 on the gifX interface is normal and expected. The other things here appear to be fixed. Users are not all... Jim Pingle
10:26 AM Feature #4209 (Resolved): Releasing DHCP on WAN interface should send a release: PR was merged years ago. Jim Pingle
10:26 AM Bug #6921 (Not a Bug): Poor speed with Chelsio T420-CR: There isn't enough information here to prove a bug and it's been several years (and pfSense versions) since the initi... Jim Pingle
10:20 AM Feature #3162: MLPPP Status of connections: See also: #9633 Jim Pingle
10:14 AM Bug #781 (Resolved): Entering sim code problem on a Huawei E1752: Please re-test on a current version and report back. I recall this being worked on and fixed several years ago. Jim Pingle
10:12 AM Bug #8882 (Incomplete): Interface assignments lost on reboot: There is not enough information here for a valid bug report, and this site is not for support or diagnostic discussio... Jim Pingle
10:05 AM Bug #2754 (Duplicate): PPP and 3G: Setting PIN in advanced options not working, stick works after removing SIM PIN: Jim Pingle
09:55 AM pfSense Packages Bug #7107 (Resolved): IPv6 blocklists generate IPv4 auto-rules: Jim Pingle
09:08 AM pfSense Packages Bug #7107: IPv6 blocklists generate IPv4 auto-rules: This is resolved in pfBlockerNG-devel and can be closed. BBcan177 .
08:56 AM pfSense Packages Bug #7993 (Closed): zabbix 3.4 agent: Outdated report. Stated version is EOL, and the stated version of Zabbix is no longer available either. Jim Pingle
08:44 AM Bug #8960 (Resolved): VGA console won't boot in 2.4.4 upgrade - Bug: Probably a duplicate of #9021, and if not, then it's most likely solved on 2.5.0 (FreeBSD 12.x) Jim Pingle
08:42 AM Bug #8336 (Closed): ESXi 6.5u1 displays superfluous error message with Netgate OVA iamge: OVA was discontinued some time ago, and this particular error has been solved in recent ESX/vmware tools versions any... Jim Pingle
08:39 AM Feature #7962 (Resolved): Support for Intel 553 network card: FreeBSD appears to have added support for that card a while back. Re-test on a current version (2.4.4-p3 or later), a... Jim Pingle
08:30 AM pfSense Packages Bug #9691 (Rejected): Suricata ips_mode Legacy not blocking: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
08:09 AM pfSense Packages Bug #9691 (Rejected): Suricata ips_mode Legacy not blocking: Good Morning.
I running suricata in pfSense 2.4.4 - p3 in "Legacy" mode, but not blocking.
I noticed in suricata lo... Wesley Peres
07:18 AM Bug #8294: Icmp redirect doesn't use CARP IP: ICMP is connectionless, the OS will reply from whichever address is "closest" to the target. The firewall cannot tell... Jim Pingle
02:35 AM Bug #8294: Icmp redirect doesn't use CARP IP: Not sure it is the same thing.
I am not talking about some devices that check the src mac address, I am talking abou... Denis Grilli
07:14 AM Bug #8014 (New): DynDNS wildcard option doesn't work for provider Loopia: OK, can you submit that change as a pull request on Github then? Thanks!
https://docs.netgate.com/pfsense/en/lates... Jim Pingle
03:48 AM Bug #8014: DynDNS wildcard option doesn't work for provider Loopia: PR 3753 didn't solve this problem, have checked the latest version.
$this->_dnsWildcard is either ON or 1. Never O... Kristoffer Ekenstam
01:40 AM Bug #9362: rc.dyndns.update: Cloudflare DDNS with proxy enabled doesn't work at all: Nathan Hand wrote:
> Underlying problem is /etc/inc/dyndns.class line 799. The value of dnsProxied is passed directl... Emmanuel Cardenas

08/19/2019

07:05 PM Revision d756d34d: Add haproxy18 options: Renato Botelho
07:04 PM Revision 83eb7376: Add haproxy18 options: Renato Botelho
06:45 PM Bug #9690 (New): Ethernet flow control should be disabled by default: Ethernet flow control has no place on a firewall except in very rare scenarios and should be disabled by default.
... Chris Linstruth
04:30 PM Bug #9689: DHCP server should be able to advertise interface IP automatically even with alternative DNS service: The comments did not accurately reflect the feature request, and once rejected, experience suggested the issue would ... Chaos215 Bar2
01:26 PM Bug #9689 (Duplicate): DHCP server should be able to advertise interface IP automatically even with alternative DNS service: Duplicate of #8234
Making a new issue doesn't change the previous comments. Jim Pingle
12:57 PM Bug #9689 (Duplicate): DHCP server should be able to advertise interface IP automatically even with alternative DNS service: The text below the "DNS servers" fields on the DHCP server configuration reads "Leave blank to use the system default... Chaos215 Bar2
03:41 PM Bug #8541 (Rejected): pf blocking OpenVPN connection causing OpenVPN fail repeatedly and then connecting successfully when connection is no longer being blocked: Not enough information here for a valid bug report. This site is not for support or diagnostic discussion.
For ass... Jim Pingle
03:40 PM Feature #3474 (Duplicate): Openvpn client-specific-overrides ip conflicts: Duplicate of #4728 Jim Pingle
03:36 PM Bug #8225 (Not a Bug): wrong gateway/monitor address for OpenVPN IPv6 gateway?: For a remote access server there is no "gateway", so it tried to guess (incorrectly). Probably not a great solution h... Jim Pingle
03:28 PM Bug #7286 (Incomplete): OpenVPN client is unreliable when you have multiple tunnels: Not enough information here for a valid bug report.
For assistance in solving problems, please post on the "Netgat... Jim Pingle
03:27 PM Bug #6936 (Closed): OpenVPN client boot race causes intermittent dependent rule failure.: No feedback, and likely fixed by other work (see previous comments) Jim Pingle
03:26 PM Bug #3022 (Resolved): OpenVPN does not failover to the 2nd configured LDAP auth.server: This has been working for a while now. Jim Pingle
03:21 PM Bug #7818: NTP clock frequency not plotting on monitor graph: Still happening on 2.5. Other values are OK, but freq is always @0.00@ Jim Pingle
03:19 PM Feature #7201: NTP Support multiple GPS reference clocks: PR was closed due to a timeout -- Requested changes were not made in a timely manner. Jim Pingle
03:18 PM Feature #7287: NTP add support for ACTS ref clock: PR was closed due to a timeout -- Requested changes were not made in a timely manner. Jim Pingle
03:18 PM Feature #7284: NTPd Autoset GPS device baud rate: PR was closed due to a timeout -- Requested changes were not made in a timely manner. Jim Pingle
03:13 PM Feature #7910 (Duplicate): Notification GUI: Duplicate of #4128 Jim Pingle
03:12 PM Bug #8535 (Duplicate): SMTP fails to work with STARTTLS and TLS: Some of this appears to be a duplicate of #8313 and others may be a settings issue. If you still have problems, post ... Jim Pingle
03:11 PM Bug #7106 (Not a Bug): TLS SMTP notification messages fail with expired certificate: There are options to ignore invalid certificates, but honestly it did the right thing here. If an expired certificate... Jim Pingle
03:10 PM Feature #606 (Rejected): Alert administrator on new pfSense versions or package versions: You can subscribe to the announcement list to get an e-mail when upgrades are available. This kind of notification wo... Jim Pingle
02:58 PM Todo #8350: Remove clog in favor of standard syslogd or syslogd alternative with rotation via newsyslog or logrotate: As a part of this, make sure to check other logs that were not displayed in the GUI before, such as the nginx logs, t... Jim Pingle
02:57 PM Bug #9629 (Duplicate): block bogon IPv4 flagged as IPv6: Technically a duplicate of #9140 -- Same root cause. Jim Pingle
02:54 PM Bug #8448 (Closed): Log size modification broken: Issue will be moot once #8350 is implemented. Jim Pingle
02:54 PM Feature #7926 (Closed): limit clog -f look-back size: Issue will be moot once #8350 is implemented. Jim Pingle
02:52 PM Feature #6155 (Closed): shipment of logs using e.g. filebeat: Issue will be moot once #8350 is implemented. Jim Pingle
02:49 PM Feature #4591: IPSec Failover Support for IP Addresses instead of Dynamic DNS / Failover Group: See also: #6384 Jim Pingle
02:49 PM Feature #6384: Allow IPSEC P1 to have 2 peer remote gateway IP addresses to allow VPN failover faster without requiring DDNS: Duplicate of #4591 Jim Pingle
02:47 PM Feature #9605 (Duplicate): Support custom CIDR on IPSEC Auto-Exclude LAN Address: Duplicate of #3329 Jim Pingle
02:44 PM Bug #9444 (Closed): Multi-WAN IPsec does not fail over with Gateway Group, needs restart: Jim Pingle
02:42 PM Feature #9309: Allow manual selection of IPsec IKE Pseudo-Random Function (PRF): Adding another selector to set the prf (with an option to automatically assume it based on Hash choice) seems best, b... Jim Pingle
02:36 PM Bug #9243: IPsec ID type keyid not explicitly set: In fixing #4811 (and #4792) the prefix was dropped from keyid identifiers, see commit:d44e7dc081d01eb106cbc5d4871a88b... Jim Pingle
02:27 PM Bug #9049 (Not a Bug): IPSec statuspage shows both connected and connecting tunnel: The GUI displays what strongSwan reports. If we suppress information in the suggested way, it would make diagnosing p... Jim Pingle
02:22 PM Bug #6370: IPSEC bound to WAN gateway group and Dynamic DNS doesn't to fail back tunnel to WAN on DDNS update: See also: #8286 Jim Pingle
02:22 PM Feature #8286 (Duplicate): IPsec on Multiwan fail back to Tier1 WAN after it is back UP: Duplicate of #6370 Jim Pingle
01:44 PM Bug #7420 (Closed): ipsec status freezing: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
01:42 PM Feature #4826 (Resolved): Allow configuration of multiple phase1 proposals: Added a while ago in #8186 (PR https://github.com/pfsense/pfsense/pull/3711 ) Jim Pingle
01:40 PM Bug #7325 (Closed): IPsec VPN Phase2 assigned with idem reqid routing a other VPN Phase2: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
01:39 PM Bug #7187 (Closed): IPSec IKEv2 additional P2 not written to config: Jim Pingle
01:37 PM Feature #5919 (Duplicate): Add a control to the web gui to allow the setting of leftsendcert in IPSec: This appears to be a duplicate of #6082 but if it's not, which scenarios still do not work?
In the code as it is t... Jim Pingle
01:32 PM Feature #2776 (Resolved): Unknown Radius-Attributes: This has been possible (as much as it can be) since pfSense switched to strongSwan years ago. Jim Pingle
01:23 PM Bug #8294 (Not a Bug): Icmp redirect doesn't use CARP IP: That's expected behavior and not something we can easily rectify (past attempts have been unsuccessful) -- See #6957 Jim Pingle
01:17 PM Feature #7395 (Duplicate): IPv6: Display prefix assigned by ISP: Duplicated by #8946 but it has better info and a PR with a proposed solution. Jim Pingle
01:14 PM Bug #1605: DHCP Server should group known clients by interface: Re-targeting due to pending PR Jim Pingle
01:14 PM Bug #4584 (Duplicate): Static Mapped clients on one LAN get a DHCP IP from another LAN even when Deny unknown clients is checked on the other LAN: Duplicate of #1605 Jim Pingle
01:12 PM Feature #8849 (Duplicate): DHCP Custom configuration: Duplicate of #5080 Jim Pingle
01:11 PM Bug #8875 (Duplicate): Separator in DHCP Server: Duplicate of #7882 Jim Pingle
01:07 PM Feature #8496 (Duplicate): Allow user to backup multiple sections of their configuration: Duplicate of #3696 Jim Pingle
01:02 PM Bug #6337 (Closed): Pfsense 2.3 on MS hyperV: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
12:57 PM Feature #8234: DHCP server should be able to advertise interface IP automatically even with alternative DNS service: https://redmine.pfsense.org/issues/9689 Chaos215 Bar2
12:55 PM Feature #8234: DHCP server should be able to advertise interface IP automatically even with alternative DNS service: Apologies, but I'm going to file this issue again. The request is for a checkbox to tell the DHCP server to advertise... Chaos215 Bar2
10:18 AM Feature #8234 (Rejected): DHCP server should be able to advertise interface IP automatically even with alternative DNS service: There is no way for a the base system to know such a service is available from a package, and since you can just type... Jim Pingle
12:55 PM Bug #5558 (Duplicate): Infinite cycling with Wifi configure in Infrastructure mode + WPA2 + DHCP.: Duplicate of #7960 (which has been fixed for a couple years now) Jim Pingle
12:50 PM Feature #410 (Resolved): Eliminate the interface mismatch prompt and try to do the right thing automatically: There have been changes for this in recent years to do the right/expected things on recognized (and common) hardware ... Jim Pingle
12:47 PM Bug #9097: ECL can't locate config.xml unless device is MBR-partitioned: Changing category, ECL is in base, not the installer, so it doesn't need changes to the ISO to test. You can leave th... Jim Pingle
12:42 PM Bug #9232 (Duplicate): pfSense cant connect to hosts on the internet using non-local gateway via interface specific route after reboot: Duplicate of #7380 Jim Pingle
12:41 PM Bug #7483 (Not a Bug): After renaming a WAN Interface its looses his Tier: Gateways do not support being renamed, which is what happens if you rename a WAN with dynamic gateways. See #8151 Jim Pingle
12:38 PM Bug #7380: WAN DHCP Gateway Outside of Subnet Causing Route Issues: PR was closed due to timeout, requested changes were not made in a timely manner. Jim Pingle
12:36 PM Feature #3370 (Resolved): Permit reorder gateways: This has been solved in recent versions by the ability to set a default gateway group. Jim Pingle
12:36 PM Feature #2985 (Resolved): Default gateway switching switches to lan gateway if multi lan config: This has been solved in recent versions by the ability to set a default gateway group. Jim Pingle
12:34 PM Bug #7052 (Rejected): Fails to monitor ipv6 gateway: Not enough information here for a valid bug report. Jim Pingle
12:33 PM Bug #9631 (Closed): Multicast-Routing realy supported in actual pfSense !!??: After reading the thread I don't see a bug here. Looks like the "fix" is for someone to make a package for pimd to se... Jim Pingle
12:30 PM Bug #9606 (Not a Bug): Realtek 8168/8111 NIC unstable driver: You need to lobby FreeBSD to include that newer driver in a release. We try not to maintain local changes of that nat... Jim Pingle
12:28 PM Bug #9021 (Closed): FreeBSD 11.2 fails to boot on Celeron J1900: Upstream problem, appears to be fixed by FreeBSD 11.3 / 12.1, nothing for us to do here, whichever version we use for... Jim Pingle
12:24 PM Bug #9435: Dynamic DNS Update events do not occur after certain failover event cases: See also: #9667, #7731 Jim Pingle
12:24 PM Bug #7731 (Duplicate): DynDNS fail to update after connection lose: Duplicated by #9435 but it has a more accurate description. Jim Pingle
12:23 PM Bug #7597 (Duplicate): DynDNS fail to update after connection lose: Duplicate of #7731 Jim Pingle
12:21 PM Bug #9667 (Duplicate): Dynamic DNS is not updated when used with a Multi WAN gateway group: Duplicate of #9435 Jim Pingle
12:20 PM Bug #9362: rc.dyndns.update: Cloudflare DDNS with proxy enabled doesn't work at all: Can you submit that change as a pull request on github?
Thanks. Jim Pingle
12:19 PM Bug #9210 (Not a Bug): dnsmadeeasy not working on PPPoE interface: A connection timeout sounds more like a routing issue than anything specific to PPPoE or DynDNS. If you can still rep... Jim Pingle
12:18 PM Bug #9306 (Duplicate): DNS Made Easy client on PPPoE interface not working: Duplicate of #9210 Jim Pingle
12:16 PM Bug #8951 (Duplicate): Dynamic DNS shows Hostname that is not define: What's left here is a duplicate of #7718 Jim Pingle
12:14 PM Bug #8014 (Resolved): DynDNS wildcard option doesn't work for provider Loopia: PR was merged a long time ago.
https://github.com/pfsense/pfsense/pull/3753 Jim Pingle
12:13 PM Bug #7027 (Resolved): Dynamic DNS dyndns.org no longer updates: Jim Pingle
12:12 PM Feature #1825 (Resolved): Dynamic DNS client IPv6 support: Various providers have working IPv6 support, there is no longer a general issue here. Jim Pingle
12:10 PM Bug #6566 (Duplicate): Cloudflare DnyDNS Update with subdomains: Duplicate of #6778 which was fixed years ago in commit:2446fffa5932e8debcaf165bfaf5492cea429c60 Jim Pingle
12:08 PM Feature #4644 (Resolved): Dyndns Loopia Wildcard: PR was merged a long time ago.
https://github.com/pfsense/pfsense/pull/3753 Jim Pingle
11:52 AM Feature #9688: restartallwan - pfSsh.php script to restart all wan interfaces: https://github.com/pfsense/pfsense/pull/4086 Viktor Gurov
11:49 AM Feature #9688 (Resolved): restartallwan - pfSsh.php script to restart all wan interfaces: This script looks for all WAN interfaces by checking which has gateways
and then it simply disable / enable them
us... Viktor Gurov
10:52 AM Feature #7525 (Resolved): Added ability to disable automatically added host entries in unbound: PR was merged a long time ago.
https://github.com/pfsense/pfsense/pull/3725 Jim Pingle
10:51 AM Bug #7557 (Rejected): Unbound (DNS Resolver) Domain Overrides need "." at the end to work: Jim Pingle
10:51 AM Feature #4399 (Closed): Expose more of the DNSSEC-related hardening options in the GUI: Jim Pingle
10:37 AM Bug #8086 (Closed): DHCPv6 no longer working: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
10:37 AM Bug #6852 (Duplicate): Commit 8f86722 breaks DHCPv6 leases status page: Jim Pingle
10:32 AM Feature #8777 (Duplicate): DHCPD - WebGUI Permit Classes and Matches If: Duplicate of #2983 Jim Pingle
10:32 AM Feature #2983: DHCPD: Add vendor-class-identifier and MAC-OIDs: See also: #8777 Jim Pingle
10:27 AM Feature #2323: GUI doesn't allow to configure DHCP server to serve IP addresses belonging to subnets wich are not associated with an interface: See also: #2774 Jim Pingle
10:27 AM Feature #2774: Extend DHCP Pools code to allow using different subnets: See also: #2323 Jim Pingle
10:25 AM Feature #8632 (Duplicate): dhcpd ipv4 - fix gui config to accept multiple subnets and/or answer requests from relay servers: Duplicate of #2323 Jim Pingle
10:25 AM Feature #5544 (Rejected): DHCP static mapping from RADIUS: Unlikely there will be a way to make this happen. There isn't a way for DHCP to send the request off to a RADIUS serv... Jim Pingle
10:17 AM Bug #7429 (Rejected): DHCP service error greater than 10 on shared network: Jim Pingle
10:16 AM Bug #6725 (Rejected): DHCP Server > TFTP server name and custom dhcp options in GUI and in dhcpd.conf but missing on the wire: The server sends the options requested by the client. If the client doesn't request it, it won't be in the packets. Jim Pingle
10:13 AM Feature #4291 (Rejected): combined dynamic/static ARP: This is expected (as per the other comment here). Either that or the request is unclear. There have also been changes... Jim Pingle
10:11 AM Bug #4408 (Closed): Changes to DHCP-services crashes GUI and DHCP daemon when many leases are in use: This was most likely from the duplicate lease cleanup which was removed years ago in commit:306b9d003078f40999d352803... Jim Pingle
10:10 AM Bug #3233 (Closed): DHCP options slow to save with large lease files: This was most likely from the duplicate lease cleanup which was removed years ago in commit:306b9d003078f40999d352803... Jim Pingle
10:10 AM Feature #4413 (Duplicate): Vendor specific option spaces: Duplicate of #2983 Jim Pingle
07:27 AM pfSense Docs Correction #9686: Feedback on Firewall — Floating Rules: To simplify: Please call out that "Without Quick checked, the rule will only take effect if no other rules match the... David G
04:44 AM pfSense Docs Correction #9686 (Duplicate): Feedback on Firewall — Floating Rules: *Page:* https://docs.netgate.com/pfsense/en/latest/book/firewall/floating-rules.html
*Feedback:*
Nice page howe... David G
07:19 AM pfSense Docs Correction #9685: Processing order of ``match`` action for Floating Rules is ambiguous: To furhter simlpify (and if my understaning is correct) can be said that: MATCH rule applies immediately, it doesn't ... David G
06:52 AM pfSense Docs Correction #9685: Processing order of ``match`` action for Floating Rules is ambiguous: I have to correct myself.
Processing order remains the same regardless Quick or non Quick
1. Floating rules (Quick ... David G
04:44 AM pfSense Docs Correction #9685 (Closed): Processing order of ``match`` action for Floating Rules is ambiguous: *Page:* https://docs.netgate.com/pfsense/en/latest/firewall/floating-rules.html
*Feedback:*
Nice page however M... David G
07:05 AM Feature #9532 (Resolved): GUI indication and options for MDS mitigation: Jim Pingle
07:04 AM Bug #9420 (Resolved): crypt_data() uses deprecated openssl syntax for passphrase: Jim Pingle
07:04 AM Feature #9323 (Resolved): Option to hide 'Kernel PTI' from sysinfo widget: Jim Pingle
07:04 AM Bug #9218 (Resolved): SNMP sysDescr does not display hostname and patch version: Jim Pingle
07:01 AM Bug #9292 (Resolved): Default route as indicated by "(Default)" does not match the actual default route on the OS.: Renato Botelho

08/18/2019

10:33 PM Feature #9532: GUI indication and options for MDS mitigation: Dashboard reflects chosen MDS settings. Looks good. Chris Linstruth
10:19 PM Bug #9420: crypt_data() uses deprecated openssl syntax for passphrase: Code uses new command line options to openssl. Encrypted backups result. Looks good. Chris Linstruth
10:00 PM Feature #9323: Option to hide 'Kernel PTI' from sysinfo widget: Tested disabling both PTI and MDS in the widget. Works. Chris Linstruth
09:57 PM Bug #9292: Default route as indicated by "(Default)" does not match the actual default route on the OS.: I tested this several ways. Looks good. Chris Linstruth
09:44 PM Bug #9218: SNMP sysDescr does not display hostname and patch version: $ snmpget -c public -v1 172.25.228.13 iso.3.6.1.2.1.1.1.0
SNMPv2-MIB::sysDescr.0 = STRING: pfSense pfSense-c.lab.ex... Chris Linstruth
03:46 PM Bug #9072: RRD graph mouseover information shows up as Mb when unit size is set to MB: Jared Dillard wrote:
> Thanks for digging into the problem and for testing the fix!
I'm running 2.4.4-RELEASE-p3 ... Axel Taferner

08/17/2019

07:31 PM Bug #9684 (Resolved): System Notifications: Asterisks over writing current password causing notifications to stop working.: When you double click the Test SMTP Setting Button, it would the statement that would catch it from overwriting saved... John Forte

08/16/2019

09:15 PM Revision 6176862f: Was failing the check if clicking test notifications twice in a row. So it was saving the asterisks and overwriting the current password.: John Forte
03:13 PM Bug #8492 (Duplicate): Enable setting PKCS#12 export password in Certificate Manager: Duplicate of #1192 Jim Pingle
03:13 PM Feature #8634 (Duplicate): Enhance the certificate manager to support private keys with passphrases: Duplicate of #1257 Jim Pingle
03:07 PM Feature #1761 (Rejected): Allow packages files and configuration synchronization for CARP: Packages are too different and may not be viable for this scenario. It's up to the individual packages to implement H... Jim Pingle
03:03 PM Bug #9465 (Duplicate): Lost default gateway after recover from failover with CARP VIP and HA: Duplicate of #9358 Jim Pingle
03:02 PM Bug #8420 (Not a Bug): Not possible setting up voucher configuration. On save, the form is asking to fill in the synchronization data.: Jim Pingle
03:01 PM Bug #9303 (Resolved): HA sync : disabling captive portal HA sync does remove all zones on slave: Jim Pingle
02:45 PM pfSense Packages Bug #9355 (Bogus): Telegraf Package - https for InfluxDB Server: Jim Pingle
02:45 PM pfSense Packages Bug #8425 (Resolved): telegraf not reporting memory: PR at https://github.com/pfsense/FreeBSD-ports/pull/522 was merged a long time ago. Jim Pingle
02:34 PM pfSense Packages Bug #9403 (Resolved): Suricata - Checkbox 'Traffic Flows' enables logging for both logging formats: Jim Pingle
01:42 PM pfSense Packages Bug #3708 (Closed): Error with order field while creating the first entry in "groups ACL" for squidGuard package: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
01:42 PM pfSense Packages Bug #6301 (Closed): Error on squidGuard's Common ACL tab after enabling blacklists: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
01:42 PM pfSense Packages Bug #7780 (Closed): Blacklist update doesn't work on Firefox: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
01:38 PM pfSense Packages Bug #7610 (Closed): Squid use all memory ram.: Jim Pingle
01:38 PM pfSense Packages Bug #7438 (Closed): Squid 0.4.36_2 Remote Cache Parent not working: Jim Pingle
01:35 PM pfSense Packages Feature #8345 (Resolved): pfSense-pkg-softflowd: Added additional options now available in softflowd-0.9.9_1: PR was merged a long time ago. Jim Pingle
01:35 PM pfSense Packages Bug #7674 (Resolved): Issue Downloading Snort Alert Log Download: Jim Pingle
01:34 PM pfSense Packages Bug #9164 (Resolved): Snort barnyard2 / pfSense 2.4.4-p1 issue: Jim Pingle
01:32 PM pfSense Packages Feature #8190 (Resolved): Enhance RRD_Summary package with historical reporting: PR was merged a long time ago. Jim Pingle
01:31 PM pfSense Packages Bug #4996 (Closed): Quagga not coming up after pfSense restart on OpenVPN tunnels: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
01:31 PM pfSense Packages Feature #6844 (Closed): Web configuration for quagga ospf6d: If you need OSPF6, use the FRR package. It is in the GUI and works well there. Jim Pingle
01:31 PM pfSense Packages Bug #5732 (Closed): Qagga: Different output in ospfd.conf based on order of interfaces.: One of many issues that are handled better in the FRR package. If you still have problems, migrate to FRR. Jim Pingle
01:29 PM pfSense Packages Bug #8811 (Resolved): in pfblockerng when change Rule Order generates duplicate all rules.: Jim Pingle
01:29 PM pfSense Packages Bug #9050 (Resolved): Antartica does not make a rule: Jim Pingle
01:29 PM pfSense Packages Bug #8903 (Resolved): pfBlockerNG: PHP error: PR was merged a long time ago. Jim Pingle
01:29 PM pfSense Packages Bug #8844 (Duplicate): PFBlockerNG-Dev: Jim Pingle
01:29 PM pfSense Packages Bug #8825 (Resolved): Unable to activate any of the GeoIP blocking lists - keeps getting reset to disabled with PHP errors: PR was merged a long time ago. Jim Pingle
01:29 PM pfSense Packages Bug #8318 (Resolved): PFBlockerNG removes alias file when using advanced inverted rule: Jim Pingle
01:29 PM pfSense Packages Bug #8699 (Resolved): 3x PHP in pfblockerng.inc (912/915/4687): Jim Pingle
01:26 PM pfSense Packages Bug #7404 (Not a Bug): OpenVPN Client Export with custom DynDNS not working: All you have to do is choose "Other" from the drop-down and then you can put in whatever hostname you like. Jim Pingle
01:26 PM pfSense Packages Feature #2050 (Closed): Add IPv6 support to the openbgp package: I doubt this will ever materialize, but you can do IPv6 BGP in the FRR package now. Jim Pingle
01:22 PM pfSense Packages Bug #8550 (Closed): OpenBGPd: bgpd is not started at boot: This hasn't been happening for a long time now. Jim Pingle
01:22 PM pfSense Packages Bug #7067 (Closed): usbhid-ups - no such file or directory: Jim Pingle
01:17 PM pfSense Packages Bug #9185 (Resolved): Mailreport - Cant sending repports if multiple emails addresses in smtpnotifyemailaddress: PR was merged a long time ago. Jim Pingle
01:17 PM pfSense Packages Feature #8416 (Resolved): Mailreport - Minute of the Hour: PR was merged a long time ago. Jim Pingle
01:16 PM Feature #9203 (Closed): CRAM-MD5 for IMAP/SMTP: You can use STARTTLS or SMTP over SSL/TLS, which makes this a bit of a moot point. Besides that, it's up to whatever ... Jim Pingle
01:13 PM pfSense Packages Feature #8196: pfSense-pkg-LCDproc: add a shutdown/reboot control menu: PR was closed due to timeout - Requested changes were not made. Jim Pingle
01:13 PM pfSense Packages Feature #8198: pfSense-pkg-LCDproc: Add a link status screen for each interface: PR was closed due to timeout - Requested changes were not made. Jim Pingle
01:11 PM pfSense Packages Bug #6756 (Resolved): Updating cloned backend in WebGUI updates the original backend instead of the cloned backend: Jim Pingle
01:11 PM pfSense Packages Bug #6511 (Resolved): In some circumstances the HAProxy clone front-end button can add blank list entries to the front end being cloned resulting in a config that cannot be applied.: Jim Pingle
01:10 PM pfSense Packages Bug #6182 (Resolved): HAProxy not supporting ALPN: Jim Pingle
01:10 PM pfSense Packages Bug #7523 (Resolved): HAproxy widget settings panel does not open: 2.3.x is no longer supported, so the issue is moot. Jim Pingle
01:08 PM pfSense Packages Bug #8307 (Resolved): HAproxy in pfsense 2.42-p1 creating a new frontend with a Shared Frontend issues invalid ip error: Jim Pingle
01:07 PM pfSense Packages Feature #8523 (Resolved): make cookie inserted by haproxy secure: Jim Pingle
01:06 PM pfSense Packages Bug #8932 (Resolved): Upgrade to HaProxy 0.59_11 fails on 2.4.3: Jim Pingle
01:05 PM pfSense Packages Bug #8833 (Resolved): haproxy getarraybyref error: Jim Pingle
01:01 PM pfSense Packages Feature #8031: FreeRADIUS copy entry function: Updated subject to reflect the request Jim Pingle
12:59 PM pfSense Packages Bug #8047 (Resolved): XG-2758 - Coreboot Upgrade - Different ROM size: Jim Pingle
12:58 PM pfSense Packages Bug #8193 (Resolved): Cellular Package Update: PR was merged long ago. Jim Pingle
12:57 PM pfSense Packages Bug #8189 (Resolved): JavaScript does not work to disable/enable form elements: PR was merged long ago. Jim Pingle
12:55 PM pfSense Packages Bug #8366 (Resolved): Avahi: "Publish DNS Servers" option does nothing: PR was merged long ago. Jim Pingle
12:47 PM Bug #7757: Auto Config Backup fails to upload unless Default Gateway is up: ACB moved to base a while back, updating issue accordingly. Jim Pingle
12:47 PM Bug #7892: AutoConfigBackup status reported incorrectly: ACB moved to base a while back, updating issue accordingly. Jim Pingle
12:46 PM Feature #4035: AutoConfigBackup - selective deletion of automatic and manual backups: ACB moved to base a while back, updating issue accordingly. Jim Pingle
12:46 PM Feature #4681: AutoConfigBackup make a way to easily download a saved backup: ACB moved to base a while back, updating issue accordingly. Jim Pingle
12:46 PM Feature #5437: Auto Config Backup Stats display latest backup date-time: ACB moved to base a while back, updating issue accordingly. Jim Pingle
07:03 AM pfSense Packages Bug #9211: GeoIP broken in pfSense-pkg-ntopng-0.8.13_3: Added how to https://forum.netgate.com/topic/141150/ntop-geo-map/6 DRago_Angel [InV@DER]

08/15/2019

05:43 PM Bug #7653: 3gstats.php holding open the cuaU0.3 device: saving this for posterity
https://twitter.com/PerlDean/status/1161417191809376257
"We don't support unplugging... Jim Thompson
04:22 PM pfSense Packages Bug #9681: [Monitoring] New views title are always in lower case.: PR https://github.com/pfsense/FreeBSD-ports/pull/662 Manuel Piovan

08/14/2019

10:38 PM Bug #9683: Silent failures when root filesystem is full: I'm surprised this was so hastily marked as 'Not a Bug' considering the consequences.
Yes, filling up the filesyst... Neil McKenzie
10:28 PM Bug #9683 (Not a Bug): Silent failures when root filesystem is full: That's a problem with a package, not the base system. That wouldn't happen with the base system alone.
Probably al... Jim Pingle
10:13 PM Bug #9683 (Not a Bug): Silent failures when root filesystem is full: I recently saw this issue on a production 2.4.4-RELEASE-p2
Root filesystem was full due to not ticking a box for l... Neil McKenzie
03:11 PM Bug #8542 (Closed): Web GUI did not prompt for NIC reassignment when config restore on hardware with different NICs was performed: The interface assignment prompt works when tested, so it might be something specific to your setup. For assistance in... Jim Pingle
03:11 PM Bug #8293 (Not a Bug): Backup does not store the selected Repo Path: Either this has been fixed or the behavior has otherwise changed. Spot checking backups I have here, they all contain... Jim Pingle
03:02 PM Feature #4024 (Closed): Add a reject rule to prevent traffic from "falling through" relayd and reaching the GUI accidentally: The relayd Load Balancer has been deprecated and removed from 2.5.0 Jim Pingle
03:02 PM Feature #3336 (Closed): Setting per-pool timeout in load balancer: The relayd Load Balancer has been deprecated and removed from 2.5.0 Jim Pingle
03:02 PM Bug #3330 (Closed): Load Balancer showing wrong Status when using aliases for the port: The relayd Load Balancer has been deprecated and removed from 2.5.0 Jim Pingle
03:02 PM Bug #2243 (Closed): Inbound Load Balancer: virtual server marked down after "apply" to disable/enable pool memeber: The relayd Load Balancer has been deprecated and removed from 2.5.0 Jim Pingle
03:01 PM Bug #2673 (Closed): Traffic to IPv6 endpoint of IPv6 GRE Tunnel over IPv4 IPSEC causes receiving end to crash: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
03:01 PM Bug #2998 (Resolved): Diffserv Code Point options misleading: PRs were merged long ago Jim Pingle
03:01 PM Bug #3243 (Resolved): OpenVPN does not rebind when gateway fails over: PR was merged long ago Jim Pingle
02:48 PM Bug #8235 (Not a Bug): The browser must support cookies to login: This appears to be a local problem with browser caching and is likely from HSTS or similar. You'll have to clear the ... Jim Pingle
02:48 PM Bug #9647: hn0: driver does not support altq: See previous issue #8954 where this was fixed for 2.4.4 Jim Pingle
02:48 PM Bug #9561 (Duplicate): PPPoe 6RD broken in 2.5: Duplicate of #9649 Jim Pingle
02:39 PM Feature #9575: RFC 7078 - Distributing Address Selection Policy Using DHCPv6: In order to support this, the DHCP server (ISC DHCPD) must support it. I'm not turning up anything that matches this ... Jim Pingle
02:30 PM Bug #9416 (Closed): 2.5 Snapshot upgrade crashes on boot. AMD Ryzen platform.: Closing since it appears to be an upstream FreeBSD bug Jim Pingle
02:30 PM Bug #7918 (Not a Bug): Nightly error reloading rules: This appears to be a configuration issue, but if you can figure out exactly what the issue is in your case(s), then i... Jim Pingle
02:30 PM pfSense Packages Bug #9486: ifindex values used for softflowd are incorrect: Not sure there is a viable way for the softflowd to do that. The linked function is a C function in FreeBSD, but the ... Jim Pingle
02:30 PM pfSense Packages Feature #9529 (Resolved): Version upgrade for FRR package and support new faster OSPF convergence features: It's not clear what version is being talked about here, but FRR is up at 6.0.x on 2.4.4-pX and 7.0.x on 2.5.0 snapsho... Jim Pingle
02:30 PM pfSense Packages Feature #9530 (Duplicate): FRR package add sync function to HA / backup firewall: Duplicate of #9141 Jim Pingle
01:31 PM Bug #9325: problem with flexible limiter in multiWAN environment: Agreed. But the problem is that it doesn't work when set up as floating rules on WAN interfaces - "in case of 'out' f... Adam Lewandowski
01:19 PM Bug #9325 (Not a Bug): problem with flexible limiter in multiWAN environment: There isn't a way for the LAN-side limiters to know which WAN the traffic will exit, so any further refinement here i... Jim Pingle
01:19 PM pfSense Packages Feature #9227 (Rejected): Please include Tinc in base pfSense, as a standard way of configuring tunnels: There is no advantage to importing it into the base system. It can remain a package and do all it needs to do. Any im... Jim Pingle
01:19 PM Bug #8991 (Not a Bug): Codel limiter generating error in system log and console: Follow the advice on the previous comment to avoid the errors. Jim Pingle
01:19 PM Bug #9298 (Not a Bug): php error: utime failed: As far as I'm aware nobody else seems to be able to reproduce this, it must be something in your config (the gateway ... Jim Pingle
01:19 PM Feature #7618: Add support for user-supplied Host-Uniq tag and handle PADM messages in Netgraph PPPoE: PR was closed due to inactivity -- Changes were requested but never made. Jim Pingle
01:19 PM Bug #9321 (Rejected): Traffic Graphs on Dashboard not loading with certain types of interfaces: I've tried those interfaces here and graphs work fine. Might be something specific to your environment. If you still ... Jim Pingle
01:19 PM Bug #9623 (Duplicate): IPv6 Default gateway uses parent nic of PPPOE interface: Duplicate of #9324 Jim Pingle
01:19 PM Feature #9330 (Closed): Failover automatically invokes Failback: There are no plans to make hooks like this to allow other things to influence failover/failback. Jim Pingle
01:19 PM Bug #9343: diag_arp.php times out with large DHCPD leases table: If you submit your changes as a PR on Github we can review them there. Jim Pingle
01:19 PM Bug #8463 (Closed): Performance Regression in 2.4.3 under KVM: Jim Pingle
01:19 PM Bug #9351 (Duplicate): need option for repeated DHCP retries: Duplicate of #8520 Jim Pingle
01:00 PM Feature #9159 (Duplicate): Option to filter logs by Rule ID #: Duplicate of #8703 Jim Pingle
01:00 PM Feature #9161 (Rejected): Show rule description on disabled and previously logged rules: This isn't going to be possible. It isn't viable to keep a separate database just for deleted rule IDs and descriptio... Jim Pingle
01:00 PM Bug #9189 (Rejected): Broken host overrides in DNS resolver (sometimes): Nothing actionable here. Read the forum thread for more. Jim Pingle
01:00 PM Bug #9175 (Duplicate): pfsense does not send out IPv6 UDP fragments for packets created local: Duplicate of #7801 Jim Pingle
01:00 PM Feature #9224 (Rejected): Cannot configure STATICALLY-allocated IPv6 addresses on pfSense: This appears to work fine but you have the procedure backward. Set the routable address as the interface address, set... Jim Pingle
12:59 PM pfSense Packages Bug #9194 (Resolved): pfSense-Status_Monitoring - Can't Save default view: PR was merged several months ago. Jim Pingle
12:59 PM Bug #9235 (Resolved): pfsense does not send ICMP redirect: Fixed upstream a while ago. Jim Pingle
12:59 PM Feature #9256: adjust frequency of geom rebuild notifications.: PR Link: https://github.com/pfsense/pfsense/pull/4030 Jim Pingle
12:59 PM Bug #6575: GEOM Mirror Status Change Re-sync notices: The change I was thinking of hasn't been merged yet. It's in #9256 which has a pending PR to help - This can still re... Jim Pingle
12:39 PM Feature #8983 (Duplicate): Possibility of using alias/fqdn in the GRE tunnel peer identity: The FQDN part is a duplicate of #6796
Aliases would not be possible. Jim Pingle
12:38 PM Bug #9039 (Rejected): radvd (IPv6) is broken on systems with a USB ethernet interface: That's an OS or radvd upstream bug. Nothing we can do about it. We strongly discourage the use of USB ethernet interf... Jim Pingle
12:38 PM Feature #9110 (Duplicate): Allow custom UDP State timeout setting in Firewall rule: Duplicate of #1635 Jim Pingle
12:38 PM Bug #9133: "Show all configured leases" does not stay set after deleting a lease: PR at https://github.com/pfsense/pfsense/pull/4074 Jim Pingle
12:38 PM Bug #9145 (Rejected): user based policies with automated client logedon user identification: Firewall rules based on network client users aren't on our radar right now. If it does happen, it's a long ways off a... Jim Pingle
12:38 PM Feature #9157 (Rejected): Allow custom DHCP Options per Host: You can already do this. Setup additional pools and limit access with MAC allow/deny, and you could even make a pool ... Jim Pingle
12:16 PM Bug #8804: Netgate SG-1000 PPPoE Keepalives not prioritized, internet drops: I'm not aware of any viable way for those to be prioritized, either internally in MPD or by traffic shaping. Your saf... Jim Pingle
12:16 PM Feature #8840 (Duplicate): Copy multiples rules from one interface to another: Duplicate of #8365 Jim Pingle
12:16 PM Bug #8847: IPsec status "Show Child SA entries" button only expands and never collapses: The "Show Child SA entries" button only expands and never collapses. That is surely something we can fix eventually, ... Jim Pingle
12:16 PM Feature #8855 (Rejected): View Description field on widget for OpenVPN: Not clear what the request is here. The description for VPN instances is already in the widget in the header at the t... Jim Pingle
12:16 PM pfSense Packages Bug #8900 (Resolved): pfBlockerNG: PR merged long ago. Jim Pingle
12:16 PM Feature #8936 (Duplicate): QuickAssist in pfSense: QAT support for Netgate hardware is being tracked internally, so it doesn't show up in the public Redmine. Jim Pingle
12:16 PM Feature #8965 (Resolved): GUI interface for switchable security mitigations: System > Advanced, Misc tab has knobs to enable/disable mitigations for PTI and MDS. Jim Pingle
11:53 AM Feature #8695 (Rejected): make AdvLinkMTU configurable: radvd will take the MTU of the interface and use it, if it's set. So you can influence this already by changing your ... Jim Pingle
11:53 AM Bug #8665 (Not a Bug): ipv6: ULA adresses on different VLAN inaccesible after pfsense restart: Some of your issue was a lack of firewall rules, and because of how pf states work with ICMP it appeared to behave in... Jim Pingle
11:53 AM Bug #8623 (Closed): acme package does not show correct installation output following a factory reset: I remember this happening but it must have been fixed. I can't reproduce the problem anymore. I can follow the stated... Jim Pingle
11:53 AM Bug #7175 (Not a Bug): SIP MESSAGE UDP packets not passed despite rules & pcaps showing otherwise: This is almost certainly a problem with your configuration or environment.
For assistance in solving problems, ple... Jim Pingle
11:53 AM Feature #8802 (Rejected): DNS Resolver cannot use host alias for IP Address: I doubt this is going to ever happen. There are a number of hurdles and it would also create a chicken-and-egg scenar... Jim Pingle
10:56 AM pfSense Packages Feature #8547: fwknop Port Knocking Package: If you want secure remote access, use a VPN. If someone wants to make a package for this, we could review a PR for it... Jim Pingle
10:56 AM Bug #8545 (Rejected): LACP can't be established on QLogic NetXtreme II BCM57810 NICs: Needs tested on 2.5.0 at least, and preferably FreeBSD directly. Unlikely there is anything we can do for this, seems... Jim Pingle
10:56 AM Feature #8564 (Duplicate): IP Hostname for GRE Tunnel: Duplicate of #6796 Jim Pingle
10:52 AM Feature #8384 (Rejected): Pushbullet notifications would be nice: Not nearly enough detail, and if what I Googled is the right thing, then it's unlikely we would devote any developmen... Jim Pingle
10:52 AM Bug #8386 (Not a Bug): Virtual IPs not considered as part of interface net: They are included:
On a system with a WAN address of 198.51.100.7/24 and an IP alias VIP of 198.18.0.3/24:
<pre... Jim Pingle
10:52 AM Bug #8392 (Duplicate): Carp on switch ports: Already tracked internally as #671 Jim Pingle
10:52 AM Bug #8363 (Closed): OpenVPN Client Has Needs to be restarted after pfsense restart to be connectable: Jim Pingle
10:52 AM pfSense Packages Feature #8442 (Rejected): ACME - custom script for DNS validation: Too much to go wrong with a custom script function like that. There have been numerous improvements in ACME provider ... Jim Pingle
10:52 AM Bug #8076: User can easily apply an unusable interface configuration after restore: While it could be more clear, anything you need to do can be done after restore, but before attempting to apply chang... Jim Pingle
10:52 AM Bug #8424 (Duplicate): IPv6 stops working completely for interfaces that use interface tracking and have VIPs configured on them: Duplicate of #5999 Jim Pingle
10:52 AM Bug #8521 (Rejected): Fails to get WAN IP after rebooting for update: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
10:31 AM pfSense Packages Bug #8115 (Duplicate): After update 2.3.4_1-> 2.4.0 ospf over gre looks broken: Duplicate of #9204 Jim Pingle
10:31 AM Bug #8265 (Closed): Relayd port range (alias) not working: The relayd Load Balancer has been deprecated and removed from 2.5.0 Jim Pingle
10:31 AM Bug #8283 (Rejected): multi-wan gateway group with openvpn clients: I don't see how that could possibly be related to the presence of a TLS key. It sounds like maybe it's breaking becau... Jim Pingle
10:31 AM Bug #8328 (Rejected): username/password not used by proxy support: Jim Pingle
10:30 AM Feature #8373 (Duplicate): please provide a mechanism to add certificates to the system's root certificate store: Duplicate of #4068 Jim Pingle
10:30 AM Todo #8374 (Rejected): email notification settings should not require password confirmation: It's a standardized password control, and it's harmless to keep. Jim Pingle
10:30 AM Bug #8375 (Duplicate): email session encryption fails in a private ca environment: Duplicate of #4068 and made optional in #9001 Jim Pingle
10:30 AM Feature #8376 (Rejected): please allow dashes in alias names: We allow what pf allows. Jim Pingle
10:05 AM Bug #8215 (Closed): rcvif is NULL in ip6_forward - possible regression in 2.4: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
09:56 AM Feature #8102 (Rejected): Send an e-mail message when a core dump is generated: I haven't seen a core dump happen on filter reload in a long, long time. A filter reload failure already does generat... Jim Pingle
09:56 AM Feature #8107 (Rejected): SG1000 Manually set time: While there is no GUI, you can do this from the console or ssh with the @date@ command. Jim Pingle
09:56 AM Feature #8109: UPnP & NAT-PMP ACL Aliases: Might be possible but it would take a lot of effort. Someone would have to write code to parse the uPNP rules and the... Jim Pingle
09:56 AM Bug #8075 (Rejected): OpenVPN binds to wrong interface with no ip on first interface: The workaround is the proper solution here if you need to use the same port on multiple WANs. Jim Pingle
09:56 AM Feature #8127 (Duplicate): searching for certificates: Duplicated by #9412 which was implemented a few months ago. Jim Pingle
09:56 AM Bug #8131 (Rejected): No way to configure static ARP entries on a /31 (need a better way to configure static ARP entries): If someone cracks WPA2 they could sniff and then spoof the MACs, so static ARP won't help you. Since the alternative ... Jim Pingle
09:56 AM Bug #8132 (Rejected): OpenVPN tap device support is very limited/buggy: Almost all of these look like user errors or limitations of the OS or OpenVPN which we cannot fix. If you still have ... Jim Pingle
09:56 AM pfSense Packages Bug #8209 (Closed): Suricat Inline netmap bad packet errors: This report is rather old and several pfSense and Suricata versions ago. If it's still a problem, gather more detail ... Jim Pingle
09:32 AM Bug #7848: NDP Table Sort by Expiration Error: I fixed a similar sorting issue recently, IIRC it was something about setting a sorting type for the column. Jim Pingle
09:32 AM Bug #7898 (Closed): PFsense 2.4 RC 9/28/17 update - Traffic Shaper HFSC Priority field missing: Jim Pingle
09:32 AM Feature #7997 (Rejected): Clear screen before loading rc.initial shell menu: Old report and no recent recurrences. It's most likely a client terminal issue, or something specific to that hardwar... Jim Pingle
09:32 AM Feature #8021 (Rejected): change default mask values for ipv4 to /24 and ipv6 to /64: For IPv4, /24 is just as likely to be wrong for some interfaces as /32 (especially WANs). It might be easier for some... Jim Pingle
09:32 AM Feature #8023 (Closed): Redirect to FQDM: At some point this must have changed. If I go to http://<fqdn> it redirects me to https://<fqdn>. It works fine for m... Jim Pingle
09:31 AM Bug #8057 (Closed): don't start dpinger if still one running: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
09:31 AM Bug #8045 (Closed): Terminal and WebGUI stops responding: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
09:31 AM Bug #8087: Provide Calling-Station-ID to RADIUS backed VPN connections: Might not be possible to put the client address in there since I am not sure the auth system will see that from OpenV... Jim Pingle
09:31 AM Feature #7475 (Rejected): Status\System Logs\Firewall\Summary View: That would require bringing in GeoIP or similar to the base system, which I don't see happening. You can export the l... Jim Pingle
09:09 AM Bug #7801: UDP fragments received over IPsec tunnel are not properly reassembled and forwarded: See also: #9184, #7837 Jim Pingle
09:09 AM Bug #7837 (Duplicate): fragmented packets not reassembled over IPSec tunnel: Duplicate of #7801 Jim Pingle
09:09 AM Bug #9184 (Duplicate): TCP packet fragments over IPSEC ESP are not reassembled or forwarded: Duplicate of #7801 Jim Pingle
04:45 AM pfSense Packages Bug #9204: ospfd: GRE tunnels became unnumbered since 2.4.4: I doubt this is fixed since the offending code (frr/zebra/connected.c) has not been touched, but I'll give this a try... Firstname Surname

08/13/2019

09:33 PM Feature #7158: Captive Portal should have logs facilities for blocked sites: Reverse DNS almost never bears a relationship to a website these days. You'll only get a random CDN or other hosting ... Jim Pingle
09:31 PM Feature #7158: Captive Portal should have logs facilities for blocked sites: Jim Pingle:
Having the IP address being requested I could make a reverse lookup to identify the owner of the IP th... Jose Torres
03:57 PM Feature #7158: Captive Portal should have logs facilities for blocked sites: The firewall has no way to know what any of that is. It sees a request to an IP address on port 80, for example, and ... Jim Pingle
03:55 PM Feature #7158: Captive Portal should have logs facilities for blocked sites: Jim Pingle:
Since it was rejected. Please tell me an alternative to get the address that is being redirected to t... Jose Torres
02:56 PM Feature #7158 (Rejected): Captive Portal should have logs facilities for blocked sites: The subject says Captive Portal, description says proxy. Captive Portal doesn't block sites, it redirects everything ... Jim Pingle
08:07 PM pfSense Packages Feature #9682 (Rejected): Please supply Emacs: The base install includes vi and ee, and you can edit remotely via scp.
It's meant to be a firewall not a general ... Jim Pingle
07:59 PM pfSense Packages Feature #9682 (Rejected): Please supply Emacs: Emacs is not installed by default, and is not available as a package for installation. For emacs users, pfSense is ef... Jeffrey Walton
08:00 PM Bug #7382: DNS Forwarder does not resolve DNS names on first boot: Hard to say what will help when we don't have much to go on. You'd pretty much have to setup a lab box and then add b... Jim Pingle
07:38 PM Bug #7382: DNS Forwarder does not resolve DNS names on first boot: I believe we have one of those edge cases that still requires the forwarder - we need to specify a source IP for host... Jeremy Nelson
05:45 PM Bug #7382: DNS Forwarder does not resolve DNS names on first boot: I wouldn't say "not supported", but not preferred. We prefer to focus any development toward the DNS Resolver. There ... Jim Pingle
04:26 PM Bug #7382: DNS Forwarder does not resolve DNS names on first boot: I can confirm this is still an issue, but am I to understand that DNS Forwarder is no longer supported and that all f... Jeremy Nelson
03:22 PM Bug #7382 (Closed): DNS Forwarder does not resolve DNS names on first boot: Old report and no recent recurrences. DNS Forwarder is no longer the preferred resolver, if it's still and issue with... Jim Pingle
07:21 PM Bug #7298 (Closed): IPv6 on a second interface doesn't work until the router is pinged: OK, thanks for the update! Jim Pingle
07:10 PM Bug #7298: IPv6 on a second interface doesn't work until the router is pinged: This issue stopped at some point. I don't recall if I did something, or an update took care of it or what, but I'd c... Andy Wang
06:50 PM pfSense Packages Feature #4503: GNUGateKeeper H.323 Proxy Package: Jim Pingle, this is very good news, I'm really looking forward to this package, but I'm not sure that this package pr... Aleksei Aksenov
12:53 PM pfSense Packages Feature #4503: GNUGateKeeper H.323 Proxy Package: If someone wants to package that up properly and submit a PR, we can consider it for inclusion as a package. Jim Pingle
06:40 PM Revision 083a9a82: Disable packages that don't build on armv7: Renato Botelho
03:49 PM Bug #7759 (Closed): No version control number showing when going to System > Update: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
03:46 PM Bug #7653 (Closed): 3gstats.php holding open the cuaU0.3 device: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
03:46 PM Bug #7656 (Closed): TypeError: n is undefined JavaScript error in status_monitoring.php: Old report and no recent recurrences (plus I can't reproduce it). Lots of things in this area have changed, so most l... Jim Pingle
03:46 PM Bug #7663 (Closed): Persistent CARP Maintenance Mode doesn't work right in upgrade from 2.3.3-RELEASE-p1 to 2.3.4: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
03:46 PM Feature #7668 (Closed): MAC Address spoofing: VLAN interfaces no longer have enabled controls to set the MAC, so this is moot. See #1337 Jim Pingle
03:46 PM Bug #7700 (Closed): Port Forwarding Failing - with Alias: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
03:46 PM Bug #7697 (Resolved): NAT port forward rule using "WAN address" doesn't work as expected if router does not acquire a WAN address on startup: Likely solved by the linked PR and no feedback either way from OP. Closing. Jim Pingle
03:46 PM Bug #7721 (Feedback): NTPd stops using external peers if listening on one interface only in a muliwan setup: Can you re-test this on a current release or development snapshot? Preferably a 2.5.0 snapshot. Jim Pingle
03:46 PM Feature #7738: Highlight which IPSec (or other VPN) crypto modes are hardware-accelerated in the UI: I'm not sure if we can do this. A lot of this is hardware-dependent, and unfortunately, OpenSSL 1.1.1 seems to have m... Jim Pingle
03:32 PM Bug #7494 (Closed): SG-1000 - WAN Status UP - Hosts no internet connection: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
03:32 PM Bug #7492 (Closed): SG-1000 occasionally loses Internet connectivity: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
03:32 PM Bug #6957 (Closed): CARP arp reply with wrong src mac: That patch was removed long ago, and is not included in pfSense 2.4.x or 2.5.x. Doubtful there is anything to do here... Jim Pingle
03:32 PM Bug #7601 (Feedback): Dynamic DNS - Hostname should not be required for DNS-O-Matic: Is this still a problem? There have been lots of DynDNS changes since this report, but I don't see anything that look... Jim Pingle
03:29 PM Bug #7371 (Closed): pfsense load balancer relayd does not load balance dns with udp+tcp: relayd has been deprecated and removed from 2.5.0 Jim Pingle
03:23 PM Bug #4674: invalid state table entries after WAN IP change: Looking at /etc/rc.newwanip it does appear to make more sense to configure before killing the old states. Jim Pingle
03:22 PM Feature #7304: DHCP: Enable OMAPI Config: PR link: https://github.com/pfsense/pfsense/pull/4077
Jim Pingle
03:22 PM Bug #7186: Unable to use national symbols in password fo ACB package: This should just be a matter of adding @'encryption_password'@ to the @$cdata_fields@ array in @etc/inc/xmlparse.inc@. Jim Pingle
03:22 PM Feature #7350 (Duplicate): Unbound host/domain override needs better IPv4/IPv6 handling?: Duplicate of #6881 Jim Pingle
03:22 PM Feature #6242 (Rejected): Use local user datebase for IKEv2 EAP-Charpv2: For that to work you need EAP, which is not something the base system is going to be able to do easily. Fortunately i... Jim Pingle
03:22 PM Feature #4372 (Closed): dnscrypt support: For most use cases, DNS over TLS has made this unnecessary. For others, there is #9315 Jim Pingle
03:22 PM Feature #7442: Suggestions for Diagnostics / ARP Table and Diagnostics / NDP Table: Ping is not likely to be helpful or useful in most cases. For mass pings, use the nmap package.
There is a status ... Jim Pingle
03:22 PM Feature #7441: Display start/end times for Static Mapping leases on DHCP Leases/DHCPv6 Leases: There is no 'release' or 'renew' action for the server to perform. Those must be done by the client.
Displaying th... Jim Pingle
03:22 PM Feature #7459: "Refresh" button for Diagnostics/Tables display: A refresh button would definitely be useful.
The current "Update" button updates the table from a remote source, l... Jim Pingle
02:56 PM Bug #7018 (Closed): DHCP packets replicated on non-DHCP relay interface: Most likely solved by #9466 or other changes in the last few years. Jim Pingle
02:56 PM Feature #7030: New Feature Load Balance Per Amount Of GB: There is no viable mechanism to pull this off. It isn't supported in pf, and there are no built-in long-term traffic ... Jim Pingle
02:56 PM Bug #6981 (Closed): IPv6, rc.newwanipv6, flooding log and resets connection periodically: Jim Pingle
02:56 PM Feature #7092: Kernel modules for alternate congestion control algorithms: There are more available now:... Jim Pingle
02:56 PM Bug #7184 (Rejected): FW limits MTU to 1280 when using VPN tunnel to F5: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
02:56 PM Bug #7200 (Closed): Diagnostics> DNS Lookup: external links to DNSstuff use wrong parameter: These tools were removed a while ago, as they were no longer working. See #9275 Jim Pingle
02:56 PM Bug #7207 (Closed): Updates and Package Manager broken when pfSense accessed via SSH port forward: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
02:55 PM Bug #7168 (Closed): Vague kernel messages in system log: This still happens but there isn't much we can do about it, and even if we could, I'm not sure it would be helpful. T... Jim Pingle
02:55 PM Bug #6687 (Duplicate): Secure email fails with private CA: The root issue is definitely #4068, but an option was added to bypass this check in #9001 so this is a duplicate twic... Jim Pingle
02:36 PM Feature #6909 (Duplicate): Copy FW rules to new interface efficiency: Duplicate of #8365 Jim Pingle
02:36 PM Feature #6795 (Duplicate): User certificate for webGUI login: Duplicate of #8694 Jim Pingle
02:35 PM Bug #6694 (Resolved): Change setting at interfaces_ppps_edit.php not working: This was fixed long, long ago. Jim Pingle
02:35 PM Bug #6747 (Closed): pfctl - getting high cpu usage: Old report and no recent recurrences. Lots of things in this area have changed, so most likely it's either fixed no l... Jim Pingle
02:35 PM Feature #6827 (Closed): Add Proxy Mobile IPv6 (PMIPv6): I don't see any evidence that it's currently supported on FreeBSD. If a FreeBSD implementation happens and someone wa... Jim Pingle
02:35 PM Bug #6834 (Closed): VIPs can cause hard-to-trace issues with dhcpd.conf: I don't see anything actionable here. There is only so much we can do to prevent foot-shooting. Jim Pingle
02:35 PM Feature #6839 (Closed): Mechanism to prevent flooding log with entries from blocked packets: The solution is as others stated, disable the default rules (or logging of same) and create your own rules that do wh... Jim Pingle
02:34 PM Bug #6912 (Closed): install on Hyper-v R2: Old version of pfSense and Hyper-V from years ago, unlikely to be a current problem. Test on 2.5.0 and if it still ha... Jim Pingle
02:34 PM Bug #6955 (Resolved): The uniqid of the virtual IP address is lost when you modify the vip type: This was solved a while back, likely with PR https://github.com/pfsense/pfsense/pull/3842 (commit:807160e9db2e7fe2296... Jim Pingle
01:43 PM Feature #9661: Increase the number of DHCP/DHCPv6 NTP server options to three (or more): PR Link: https://github.com/pfsense/pfsense/pull/4078 Jim Pingle
12:03 PM Feature #9661: Increase the number of DHCP/DHCPv6 NTP server options to three (or more): sorry i was still writing, i will do the pr later on Manuel Piovan
12:01 PM Feature #9661: Increase the number of DHCP/DHCPv6 NTP server options to three (or more): this need to go on services_dhcpv6.php
line 154... Manuel Piovan
11:59 AM Feature #9661: Increase the number of DHCP/DHCPv6 NTP server options to three (or more): Submit that as a PR and we can test/merge it much easier.
https://docs.netgate.com/pfsense/en/latest/development/s... Jim Pingle
11:53 AM Feature #9661: Increase the number of DHCP/DHCPv6 NTP server options to three (or more): pls we ask to add this on services_dhcp.php at least ntp3
line 175 -> ... Manuel Piovan
11:19 AM Feature #9661: Increase the number of DHCP/DHCPv6 NTP server options to three (or more): right i have local ntp stratum 1 servers myself but i configure ntpd manually, i had never thought of it before ... ,... Manuel Piovan
01:43 PM Revision fc79c7d3: Merge pull request #4029 from BBcan177/patch-1: Renato Botelho
01:41 PM pfSense Packages Feature #7903: Duo ssh package: See also: #6556 Jim Pingle
01:41 PM Feature #6556 (Duplicate): Support Duo Security two-factor authentication for local user database: Duplicate of #7903 Jim Pingle
01:40 PM Bug #6540 (Resolved): Virtual IPs -> Edit does not allow upper-case IPv6 digits: I'm pretty sure this was all fixed in https://github.com/pfsense/pfsense/pull/3199 and maybe additional PRs. Jim Pingle
01:40 PM Bug #6565 (Closed): OpenVPN calculates incorrect TCP checksums when running in bridged/tap mode with 'mode server': Old report, this was several OS and OpenVPN versions ago, and no recent sightings. Jim Pingle
01:39 PM Bug #6568 (Not a Bug): NanoBSD image unconditionally enables comconsole.: NanoBSD has been deprecated for a while now. Jim Pingle
01:39 PM Bug #6575 (Closed): GEOM Mirror Status Change Re-sync notices: There was some recent work on notifications that may help here, but some people may need to know about this progress,... Jim Pingle
01:39 PM Todo #6645 (Closed): More reliable update system: A lot has been fixed here in the years since this report. Jim Pingle
01:39 PM Feature #6644 (Closed): Add console shutdown option along with reboot at end of installation: Between installer changes and Hyper-V changes in the last 3 years, this doesn't seem to be an issue for users anymore. Jim Pingle
01:39 PM Bug #6678 (Duplicate): Virtual IPv6 IP (IP Alias) on a DHCPv6-PD tracked interface causes inconsistencies: Jim Pingle
01:39 PM Feature #6546 (Closed): pfSense should support logging to e.g. ELK stacks: This will be moot on 2.5.0: See #8350 Jim Pingle
01:23 PM Feature #6385 (Closed): Add Download-only option to System Update: This is unnecessary. You can run @pkg upgrade --fetch-only@ or @pkg upgrade -F@ and it will offer to download before ... Jim Pingle
01:23 PM Bug #6409 (Closed): hostname in alias does not work for port forwarding: I've seen this working recently (other filterdns issues notwithstanding). Jim Pingle
01:23 PM Feature #6411 (Closed): Classification if updates require a reboot: Upgrades that do not need a reboot are extremely rare, and the release announcement/upgrade notes will state whether ... Jim Pingle
01:23 PM Bug #6426 (Not a Bug): Regression Bug #3216: This works fine but you have to navigate straight to the voucher page(s) with the correct zone in the URL.
It can'... Jim Pingle
01:23 PM Feature #6526 (Closed): pfSense Update information via SNMP: There isn't a viable way to do this in base SNMP. You can script up something with the NET-SNMP extend feature withou... Jim Pingle
01:23 PM Bug #6542 (Closed): Cannot revoke DHCPv6 leases from the GUI: There isn't a way to revoke a lease from either IPv4 or IPv6 DHCP server status/leases pages. I'm not sure if there i... Jim Pingle
01:23 PM Feature #6544: RFC 3046 DHCP Option 82 support (and RFC 3315/4649/4580 for IPv6): If someone wants to make PR to show this info in the GUI somewhere, we can consider it. But adding a whole column for... Jim Pingle
12:55 PM Feature #6336 (Duplicate): link to release notes on update page: Duplicate of #5074 Jim Pingle
12:53 PM Todo #4123 (Closed): Add support to multiple tables to expiretable: @virusprot@ is the only base table left using this, so I don't think we need to change it anymore. Jim Pingle
12:53 PM Todo #5553 (Resolved): Suggestion: higher default MBUF values: This has been in place for some time now for hardware we can predict. The OS is a bit smarter in other situations as ... Jim Pingle
12:53 PM Feature #5708 (Rejected): NAT 1:1 applicate on some interfaces and/or interface group: The request isn't clear. If you mean allow choosing an interface for the external IP address of 1:1 NAT, I doubt we'l... Jim Pingle
12:52 PM Feature #6207: Please, add "THIS_IF broadcast" Macro for use in firewall rules: Note: If this gets implemented, input validation should reject choosing this with IPv6 or IPv4+6 rules since IPv6 has... Jim Pingle
12:24 PM Feature #736 (Resolved): Privileges for accessing each service that uses the user manager: This has been in place for some time now. Jim Pingle
12:24 PM Feature #1223 (Closed): gateway group based sticky connections: No further requests and given how quirky sticky is already, I doubt this would help much. Jim Pingle
12:23 PM Feature #2994 (Resolved): Allow setting a default scale type for the traffic graphs widget: This has been in place for some time now, and the graphing library has changed since this was opened. Jim Pingle
12:23 PM Feature #2319 (Resolved): include SSD TRIM option in installer: No longer relevant. It's automatic for ZFS and is already enabled where needed. Jim Pingle
12:23 PM Bug #2544 (Closed): Installer does not allow exact partition sizes: This installer has been completely changed out since this was opened. Jim Pingle
12:23 PM Bug #3547 (Closed): When using LDAP Groups, user is authenticated and granted xauth ipsec irrespective of group permissions: The IPsec daemon and other subsystems have changed a lot since this was opened. If it's still an issue, please post o... Jim Pingle
11:10 AM pfSense Packages Bug #8251: Captiveportal + FreeRadius "Last activity" resets to Session start: Really? I checked the changelogs before and didn't see anything too interesting.
Also since I am somewhat afraid of ... Frotty Zaoldyeck
09:37 AM pfSense Packages Bug #8251 (Feedback): Captiveportal + FreeRadius "Last activity" resets to Session start: There have been lots of Captive Portal changes since this was opened, you should re-test on a 2.5.0 snapshot to see i... Jim Pingle
10:45 AM Bug #9258: Error deleting tunnel type P2 when mixed with VTI: Problem remains on 2.4.4-RELEASE-p3
Work-around works. Mix Room
10:27 AM Bug #8124 (Closed): username/password not used by proxy support: This has been fixed for a while. There is still one issue on snapshots (#9478) but that bug has more current informat... Jim Pingle
10:25 AM Bug #4251 (Closed): NAT Reflection not working if LAN is bridged: This is almost certainly solved via pure NAT reflection. Open a new issue with current info if it is not. Jim Pingle
10:23 AM Bug #1575 (Resolved): Limiters are bypassed by local applications injecting rules: Jim Pingle
10:23 AM Bug #3640 (Closed): Sierra Wireless 3G Modem support driver: I'm fairly certain this has been solved, either by #4863 or by one of the various OS upgrades that have happened sinc... Jim Pingle
10:22 AM Bug #3771 (New): Webinterface and dhcpdcrashes with 500+ static leases: Needs re-tested on a current release or development snapshots (preferably 2.5.0 snapshots) Jim Pingle
10:20 AM Bug #4856 (Closed): Traffic Shaper blocks traffic when the config is otherwise changed: Jim Pingle
10:19 AM Bug #4981 (Closed): Remote logging not active after reboot: As far as I'm aware this isn't currently an issue any longer. Jim Pingle
10:18 AM Bug #5319 (Closed): Error message "No config named" in charon daemon: No timely and meaningful feedback received. Jim Pingle
10:17 AM Bug #5702 (Closed): Bug in code manipulating IP subnets - could be pervasive?: PR was closed, so this shall follow. Jim Pingle
10:16 AM Bug #6668: IPSec tunnel + L2TP/IPSec VPN - wrong PSK chosen by pfSense: Is this still a problem, even on 2.5.0 snapshots? Jim Pingle
10:15 AM Bug #6685 (Closed): LAGG groups get stuck with an unconfigurable 1400MTU with em NICs.: No feedback received. Jim Pingle
10:15 AM Bug #7600 (Closed): Unable to save DNS Resolver settings: Either this has been resolved, or it may be a package issue. Either way this specific issue can be closed. If it can ... Jim Pingle
10:13 AM Bug #7611 (Not a Bug): Diagnostics/Routes ipv6 ( netstat ), causes kernel panic: Jim Pingle
10:13 AM Bug #7778: DHCP relay not working correctly with bridges: Can you test this again on a 2.5.0 snapshot? There have been other DHCP Relay changes and it may be solved. Jim Pingle
10:11 AM Bug #8287 (Not a Bug): /var/unbound/test/unbound_server.pem: No such file or directory: Cannot reproduce Jim Pingle
10:11 AM Bug #8633 (Resolved): thousands PHP undef gwname /etc/inc/gwlib.inc line 1210: No feedback received. Jim Pingle
10:10 AM Bug #9070 (Closed): After performing in-place upgrade from 2.4.3-RELEASE-p1 to 2.4.4 DHCPV6 client fails to retireve a WAN address: No feedback received. Jim Pingle
10:10 AM Bug #1819: DNS Resolver Not Registering DHCP Server Specified Domain Name: Lynn Dixon wrote:
> I am still wishing this would get fixed as well. Not much traction on my bounty thread either.
... xander bron
10:09 AM Bug #9429 (Rejected): When enabling https access to WebConfigurator: No feedback received. Jim Pingle
10:04 AM pfSense Packages Bug #9573 (Rejected): GeoIP database FAIL to download - Suricata package: Jim Pingle
10:00 AM pfSense Packages Bug #9573: GeoIP database FAIL to download - Suricata package: I do not believe this represents an actual bug in the Suricata package. The user was attempting to follow one of the... Bill Meeks
10:02 AM pfSense Packages Feature #4581 (Closed): Add dshield-sensor port to pfPorts: Jim Pingle
09:59 AM Bug #6907 (Duplicate): DNS Resolver does not use domain name set in DHCP subnet, only the global one: Duplicate of #1819 Jim Pingle
09:57 AM Bug #6405 (Not a Bug): OpenVPN Server fails to start at boot when listening on v6: Old and misfiled. Resubmit if it's still an issue. Jim Pingle
09:57 AM pfSense Packages Feature #4687 (Duplicate): OpenVPN Client Export - Use the VPN description when producing the exported file (instead of host-proto-port combination): Something like this was implemented long ago. Jim Pingle
09:57 AM pfSense Packages Bug #4473 (Closed): Still can't run EGP and IGP on the same system: This is possible with FRR. Jim Pingle
09:57 AM pfSense Packages Bug #7862 (Duplicate): package zabbix lts: Jim Pingle
09:50 AM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: AFAIK This is because last I looked, miniupnpd doesn't support its "masquerade" options on FreeBSD/pf like it does on... Jim Pingle
09:50 AM pfSense Packages Feature #7655 (Bogus): Captive portal and squid non transparent: Jim Pingle
09:50 AM pfSense Packages Bug #7617 (Closed): OpenBGP not restarting on new WAN IP or firewall reload: Jim Pingle
09:50 AM Feature #7275 (Resolved): Add help text for DNS Made Easy: PR was merged years ago Jim Pingle
09:37 AM Bug #8253 (Rejected): Corrupt video during 2.4.x install on Dell Wyse thin client with AMD Radeon HD 6250: Unlikely we can do anything for that. Try a 2.5.0 snapshot, the FreeBSD 12 base likely behaves better. Jim Pingle
09:33 AM Bug #8814 (Rejected): After changing WAN CARP VIP Outbound NAT rules don't import new value but stay with old one and need to be changed manually: Outbound NAT rules with a CARP VIP like that are 100% manual, there is no mechanism to update those automatically sin... Jim Pingle
09:33 AM pfSense Packages Bug #8619 (Resolved): Domains improperly checked when registering DHCP static mappings: PR was merged over a year ago. Jim Pingle
09:33 AM Bug #8612 (Rejected): LAN Interface track IPv6 to PPPoE Interface didn't renew subnet: Not enough information here for a valid bug report. Jim Pingle
09:33 AM pfSense Packages Feature #8574: Enable AgentX-support in lldpd using GUI: Can you submit those patches as a PR? Jim Pingle
09:33 AM Bug #8549 (Not a Bug): IPsec: Enable bypass for LAN interface IP has no effect when supernetting in IPSec P2: Not enough here to say what's going on, start a forum thread if it's still a concern. Bypass LAN wouldn't have anythi... Jim Pingle
09:25 AM pfSense Packages Bug #9108 (Closed): OpenVPN client without "explicit-exit-notify" does not trigger client-disconnect portion of /usr/local/sbin/openvpn.attributes.sh: Jim Pingle
09:25 AM pfSense Packages Feature #9240 (Rejected): allow users to define custom ipsec configuration using web-page for ipsec: This isn't really viable, since there wouldn't be way for it to be useful to most people. It might get close if you h... Jim Pingle
09:15 AM pfSense Packages Bug #9481 (Closed): traffic totals documentation link goes to 404 page: Either this has been fixed or I just can't reproduce it. Link goes to the main docs page since there is no specific p... Jim Pingle
09:15 AM pfSense Packages Bug #9339 (Resolved): Misc typos in pfsense/FreeBSD-ports: PR was merged months ago Jim Pingle
09:15 AM Bug #9677: Dashboard hangs when widget needs data from a remote host which is down: Seems more like a general dashboard issue rather than a package-specific issue, but there may not be a good way to so... Jim Pingle
09:08 AM pfSense Packages Bug #9204 (Feedback): ospfd: GRE tunnels became unnumbered since 2.4.4: Can you test this with the current version of FRR (preferably on 2.5.0, if 2.4.4 doesn't work)?
FRR OSPF underwent... Jim Pingle
09:03 AM pfSense Packages Bug #9451 (Resolved): Add Zabbix 4.2 (agent and proxy) packages: Jim Pingle
09:03 AM pfSense Packages Feature #7179 (Resolved): Package Filer into 2.3: Jim Pingle
09:03 AM pfSense Packages Feature #8731 (Resolved): FreeIPA support in FreeRADIUS package: Jim Pingle
09:03 AM pfSense Packages Bug #6305 (Closed): Quagga problems updating routes / mistakenly showing "kernel"-routes while they are not: Jim Pingle
09:03 AM pfSense Packages Bug #6350 (Closed): Auto Config Backup - Uncaught Exception: Jim Pingle
09:03 AM pfSense Packages Bug #7161 (Resolved): pfSense-pkg-bind9 changelog pointing to non-existent location: Jim Pingle
09:00 AM pfSense Packages Todo #9354 (Resolved): Update OpenVPN Client Export with OpenVPN 2.4.7: Jim Pingle
09:00 AM pfSense Packages Feature #8610 (Resolved): FRR BGP "no bgp default ipv4-unicast" option.: Jim Pingle
08:59 AM pfSense Packages Bug #9657 (Resolved): STunnel fails to generate an rc script: Jim Pingle
08:59 AM pfSense Packages Bug #9640 (Resolved): FRR redistribution route maps not functional: Jim Pingle
08:58 AM pfSense Packages Bug #9554 (Resolved): Stored XSS in ACME Package (version 0.5.7_1) /acme/acme_accountkeys_edit.php: Jim Pingle
08:58 AM pfSense Packages Bug #9556 (Resolved): Encoding/validation issues in apcupsd_status.php: Jim Pingle
08:58 AM pfSense Packages Bug #8308 (Resolved): FRR OSPF6D: interfaces not assigned to areas if they only have a link-local address: Jim Pingle
08:58 AM pfSense Packages Bug #8749 (Resolved): OSPF6 nssa not working: Jim Pingle
08:58 AM pfSense Packages Bug #8751 (Resolved): FRR prefix lists issues: Jim Pingle
08:58 AM pfSense Packages Todo #8662 (Resolved): FFR OSPF Cleartext Password Lengths: Jim Pingle
08:58 AM pfSense Packages Todo #8433 (Resolved): Upgrade NRPE-SSL Package to NRPE3: Jim Pingle
08:58 AM pfSense Packages Bug #9340 (Resolved): Buypass CA does not support wildcard: Jim Pingle
08:58 AM pfSense Packages Feature #9498 (Resolved): ACME Package: Sorting on name, expiration, etc: This has been in and working fine for a while. Jim Pingle
08:51 AM pfSense Packages Bug #8167 (Resolved): FRR OSPF6 range problem (subnet not advertized): Ended up adding this back, AFAIR it was an issue with the ordering of the statements. It's been fixed (properly) for ... Jim Pingle
08:47 AM Feature #9251 (Feedback): DNS Resolver (Unbound) Python Integration: PR has been merged. Thanks! Renato Botelho
05:41 AM Feature #2358: NAT64 support: Another upvote. Would ease migration to IPv6-only LAN tremendously. Martin Grüning

08/12/2019

01:08 PM pfSense Packages Bug #9681: [Monitoring] New views title are always in lower case.: At older systems I still have titles with mixed case. But new titles are in lower case. Grischa Zengel
01:03 PM pfSense Packages Bug #9681 (Resolved): [Monitoring] New views title are always in lower case.: If I add "CamelCase" I will get "camelcase" as title.
With mixed upper and lower case the titles are more readable.
Grischa Zengel
12:58 PM pfSense Packages Bug #9679 (Resolved): [Monitoring] Add View does not work: Great, thanks for testing! Jim Pingle
12:57 PM pfSense Packages Bug #9679: [Monitoring] Add View does not work: There a no more new default tabs and removed the old one successfully with viconfig.
Thank you!
You can close t... Grischa Zengel
12:07 PM pfSense Packages Bug #9679 (Feedback): [Monitoring] Add View does not work: I pushed a fix to avoid creating those extra "default" views, though they still cannot be deleted. You will have to m... Jim Pingle
11:50 AM pfSense Packages Bug #9679 (In Progress): [Monitoring] Add View does not work: Jim Pingle
11:33 AM pfSense Packages Bug #9679: [Monitoring] Add View does not work: The first bug is fixed. Thank you!
On cancel I still get new "default" views:... Grischa Zengel
10:40 AM pfSense Packages Bug #9679 (Feedback): [Monitoring] Add View does not work: I was able to reproduce the problem here.
I pushed a new version of Status_Monitoring which corrects the usage of ... Jim Pingle
07:31 AM pfSense Packages Bug #9679: [Monitoring] Add View does not work: That XML result looks like what happens when there is an attempt by the code to use an uninitialized array. Shouldn't... Jim Pingle
05:45 AM pfSense Packages Bug #9679 (Resolved): [Monitoring] Add View does not work: I added "WAN" as new View and got "wan" in lower letters. Why lower letters?
I removed it and now I can't add a new ... Grischa Zengel
07:45 AM Feature #9680 (New): Seperate DHCP Server and relay per interface: Hello, as of now if you have dhcp relay enable you cannot enable the dhcp server on any other interface. It would be ... Mike LaCroix
07:30 AM Todo #9367 (Resolved): Update SMART Page with new capabilities: Jim Pingle
02:18 AM Todo #9367: Update SMART Page with new capabilities: Tested. Looks good. Chris Linstruth
07:30 AM Feature #9285 (New): Add an option to disable the ping-check in dhcpd: Jim Pingle
01:53 AM Feature #9285: Add an option to disable the ping-check in dhcpd: This looks like it should be added on a per-subnet basis instead of globally. As this patch stands right now if you d... Chris Linstruth
07:30 AM Bug #9569 (Resolved): Fix serial console terminal size issues: Jim Pingle
01:23 AM Bug #9569: Fix serial console terminal size issues: This looks like it works great. It tracks window size on login and changing window size on-the-fly. Welcome change. T... Chris Linstruth
07:29 AM Feature #9111 (Resolved): Add IPsec VTI interface MTU support: Jim Pingle
01:14 AM Feature #9111: Add IPsec VTI interface MTU support: Verified MTU settings are stored and applied properly. Loogs good. Chris Linstruth
07:23 AM Bug #7116: a floating 'match' rule on LAN does not put traffic from a broswer on a clientpc into a shaper queue: Im seeing this issue also on 2.4.4-RELEASE-p3 (amd64). I have several queues setup and sometimes traffic ends up in ... Adam Esslinger
12:28 AM pfSense Packages Bug #8811: in pfblockerng when change Rule Order generates duplicate all rules.: Its best to move to pfBlockerNG-devel which has this issue fixed plus many other improvements. These changes are not ... BBcan177 .
12:22 AM pfSense Packages Bug #9662: PfblockerNG do not update after pfsense reboot and wait for next cron task: If you are using RAMdisks, its not recommend for packages that store data in the /var folder as that folder is wiped ... BBcan177 .
12:20 AM pfSense Packages Bug #9676: AS lookup fails: The pkg uses the following service for ASN information:
https://api.bgpview.io/asn/8786/prefixes
Also BGP HE:
ht... BBcan177 .

08/11/2019

04:59 PM Bug #9074 (Resolved): Alias URL lists only storing last-most list in config.: Jim Pingle
04:04 PM Bug #9074: Alias URL lists only storing last-most list in config.: Tested. Table populated with last URL contents under 2.4.4-p3 and both URL contents using latest snapshot. Looks good. Chris Linstruth
04:58 PM Feature #3792 (Resolved): Group name size limit too restrictive on Active Directory Users: Jim Pingle
03:32 PM Feature #3792: Group name size limit too restrictive on Active Directory Users: Tested. Group names longer that 16 characters are allowed only if the group type is Remote. Chris Linstruth
04:55 PM Bug #9357 (New): rc.newwanipv6 called regardless of REASON: Jim Pingle
08:18 AM Bug #9357: rc.newwanipv6 called regardless of REASON: Actually the script posted above is only used if "don't wait for RA" is set, otherwise the "old" script is still used... Flole Systems
04:54 PM Bug #9678 (Rejected): DHCP Relay (IPv4): There is not enough information here for a valid bug report. Please start a thread on the forum and provide a lot mor... Jim Pingle
07:19 AM Bug #9678 (Rejected): DHCP Relay (IPv4): DHCP Relay doesn't work.
Have DHCP server on my network, use pfSense to relay to that server, but clients don't ge... Aaron Unpublished
07:30 AM Feature #9661: Increase the number of DHCP/DHCPv6 NTP server options to three (or more): Yes, it is the role of ntpd, ntpdate, chronyd, etc. to make decisions on the quality of the clocks, and yes for most ... Paul Moore
04:49 AM Feature #9661: Increase the number of DHCP/DHCPv6 NTP server options to three (or more): The "falsetickers" check is the role of ntpd / ntpdate which must be configured accordingly. however the dhcp client ... Manuel Piovan

08/10/2019

12:26 PM Feature #9661: Increase the number of DHCP/DHCPv6 NTP server options to three (or more): I am referring to the number of NTP servers that pfSense send to DHCP clients as part of a DHCP exchange; I am not ta... Paul Moore
10:49 AM Feature #9661: Increase the number of DHCP/DHCPv6 NTP server options to three (or more): you are talking about NTP servers but the client need only one address, you can configure the server to have as many ... Manuel Piovan

08/09/2019

09:26 PM Bug #9677 (New): Dashboard hangs when widget needs data from a remote host which is down: The pfsense dashboard will take a very long time to load (30sec to 1minute) when it contains a widget that needs data... M Jurgens
01:11 PM Bug #9466: DHCP (IPv4) relay mistakenly listening on upstream interface: See also #9669 for another problem that appears to be related, and which also appears to be fixed by this patch. Jim Pingle
01:10 PM Bug #9669 (Duplicate): dhcrelay stops working after certain time: That's great! I think it's fairly safe to say that this can be closed out as a duplicate of #9466 (different symptoms... Jim Pingle
01:08 PM Bug #9669: dhcrelay stops working after certain time: After more than 80 hours of service uptime for dhcrelay, I've restarted the Server and the address assignment process... Luki TJ

08/08/2019

06:35 AM pfSense Packages Bug #9676 (New): AS lookup fails: Using pfBlockerNG-devel 2.2.5_23
Trying to permit AS8786 gives no results (Other ASN works):... Rolf Larsen
12:09 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: Justin J: I took your advice and posted on the forum and was promptly referred back here. Here's the link in case y... Tom Hebert

08/07/2019

07:28 PM Revision 81f19e11: ipsec.inc: Safety belt in case package array is missing.: Jim Pingle
02:55 PM pfSense Packages Bug #9675 (Resolved): ACME package "domain alias mode" is ignored: I was already in there fixing something else which, as it turns out, had a similar root cause, so it all worked out.
... Jim Pingle
02:50 PM pfSense Packages Bug #9675: ACME package "domain alias mode" is ignored: Jim Pingle wrote:
> This should be fixed in ACME pkg version 0.6.2, which is building now.
That was quick! Update... Jonathan Grande
01:21 PM pfSense Packages Bug #9675 (Feedback): ACME package "domain alias mode" is ignored: This should be fixed in ACME pkg version 0.6.2, which is building now. Jim Pingle
11:56 AM pfSense Packages Bug #9675 (Resolved): ACME package "domain alias mode" is ignored: The domain alias mode check box seems to have no affect.
Expected result: --domain-alias added to to the acme.sh c... Jonathan Grande
02:49 PM Revision ecfd1ddc: Fixup format of XMLRPC auth error to match GUI auth error.: (cherry picked from commit 6e0d47510ee553f5219c08c097c32d377985822b) Jim Pingle
02:48 PM Revision 6e0d4751: Fixup format of XMLRPC auth error to match GUI auth error.: Jim Pingle
08:29 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: That sounds like it might be something else Tom. Check your output from the CLI with: pfctl -T show -t ALIASNAME
If... Justin J

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

09/05/2019

09/04/2019

09/03/2019

09/02/2019

09/01/2019

08/31/2019

08/30/2019

08/29/2019

08/28/2019

08/27/2019

08/26/2019

08/25/2019

08/24/2019

08/23/2019

08/22/2019

08/21/2019

08/20/2019

08/19/2019

08/18/2019

08/17/2019

08/16/2019

08/15/2019

08/14/2019

08/13/2019

08/12/2019

08/11/2019

08/10/2019

08/09/2019

08/08/2019

08/07/2019