Project

General

Profile

Activity

From 09/23/2019 to 10/22/2019

10/22/2019

04:13 PM Feature #7332: Provide certificate expiry warning
It would be great if Certificate Manager will support expiration notification option for each existing certificate in... DRago_Angel [InV@DER]
03:57 PM Feature #7332: Provide certificate expiry warning
See also: #9703 Jim Pingle
04:11 PM Feature #9703: Certificate Manager Expiration Notification
Ok, fair. DRago_Angel [InV@DER]
04:09 PM Feature #9703: Certificate Manager Expiration Notification
There is no distinction here when the feature doesn't exist. They are asking for the same thing, but in different way... Jim Pingle
04:05 PM Feature #9703: Certificate Manager Expiration Notification
Hi Jim, the idea is duplicate, but the task itself not. DRago_Angel [InV@DER]
03:57 PM Feature #9703 (Duplicate): Certificate Manager Expiration Notification
Duplicate of #7332 Jim Pingle
04:07 PM Feature #9842 (Resolved): Add CA/certificate renewal function
Currently there is no way to renew an existing certificate, you have to recreate it.
Add a function to renew a cer... Jim Pingle
01:56 PM pfSense Packages Bug #9836 (Pull Request Review): OpenBGPD package deamon starts twice
Jim Pingle
01:51 PM pfSense Packages Bug #9836: OpenBGPD package deamon starts twice
Please consider the following pull request:
https://github.com/pfsense/FreeBSD-ports/pull/690
 Dirk Meyer
10:41 AM Bug #9841 (Rejected): pfSense shows wrong info about BIOS on Intel DH61BR motherboard
That's an issue with the BIOS/DMI/etc info supplied by your board, not pfSense. Jim Pingle
10:29 AM Bug #9841 (Rejected): pfSense shows wrong info about BIOS on Intel DH61BR motherboard
Hello, I have installed pfSense in Intel DH61BR motherboard but shows strange info on BIOS.
Everything else seems to... Horus Horus
10:22 AM pfSense Packages Bug #8258: BIND responds with SERVFAIL when adding/changing records if 'allow-update' is configured for a zone
Submitted a PR that fixes this: https://github.com/pfsense/FreeBSD-ports/pull/689 Ross Williams
10:15 AM Bug #9840 (Feedback): PHP7: Uninitialised array in upgrade_config.inc
Applied in changeset commit:8e0d33ec48792e13839a0181031664261269c220. Jim Pingle
09:49 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
John K wrote:
> What's the status here? Has Netgate been able to reproduce this issue?
Not that I have seen yet.... Jim Pingle
09:22 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
Jim Pingle wrote:
> If anyone can come up with simple cases that reliably reproduce the problem [...]
What's the ... John K
05:27 AM Bug #9829: NTP Status vs. parsing NTP Access Restrictions
Dear Jim,
thanks for your reply, but I'm afraid I did not quite understand it...
If I check "Disable ntpq and n... Edgar Wiesmann

10/21/2019

05:05 PM Bug #9840 (Resolved): PHP7: Uninitialised array in upgrade_config.inc
Interfaces set to trackv6 against an interface that does not have an IPv6 config trigger this:... Steve Wheeler
03:30 PM Bug #9448 (Resolved): Dynamic DNS options showing in GUI for IPv6 when not in use
Actually, it is there even in your video. You scrolled by it. With a non-default algorithm, there are custom settings... Jim Pingle
03:26 PM Bug #9448 (Feedback): Dynamic DNS options showing in GUI for IPv6 when not in use
I can't reproduce that problem on a current snapshot. It's possible another change affected the behavior, such as the... Jim Pingle
02:43 PM Bug #9839: How to clean disable IPsec VTI Tunnel
I would agree, and sorry to make the title look like a question.
But the description states, that this is more like ... Thomas Spalinger
02:38 PM Bug #9839 (Not a Bug): How to clean disable IPsec VTI Tunnel
That is a support question, and this site is not for support or diagnostic discussion.
For assistance in solving p... Jim Pingle
02:30 PM Bug #9839 (Not a Bug): How to clean disable IPsec VTI Tunnel
I found the exact same question in issue #8691, but with a different purpose.
I have setup some VTI Site to Site t... Thomas Spalinger
08:04 AM Bug #9763 (Resolved): Trying to set VLAN Priority causes error
Jim Pingle
08:04 AM pfSense Packages Bug #9836: OpenBGPD package deamon starts twice
Nobody is currently maintaining the OpenBGPD package. It has been deprecated in favor of FRR, but remains available f... Jim Pingle
08:02 AM Feature #6103: DNS Resolver Outgoing Interfaces should be able to use Gateway Groups
That would still only do failover, and wouldn't have the behavior suggested by OP. It should be possible to populate ... Jim Pingle
08:00 AM Bug #9745 (Pull Request Review): can't add ECDSA certificate key when signing CSR
Jim Pingle
07:58 AM Bug #9823 (Closed): no l2tplink param in get_interface_info
Jim Pingle
07:57 AM Feature #9834 (Pull Request Review): system_certmanager.php: add ability to import certificate without private key
It's nowhere near that simple. In doing this, there would also have to be quite a bit of code preventing users from p... Jim Pingle
07:54 AM Bug #9832 (Not a Bug): DHCP relay stopped working after changing interface and vlan name
Did you reassign/move the interface or only change its name? I can see how it might break if you changed the interfac... Jim Pingle
07:46 AM Bug #9837: ipv6 is not completely disabled on the interfaces
That seems like it would not be desirable to set by default. There are people who want to run with linklocal addresse... Jim Pingle
07:42 AM Bug #9835 (Rejected): client's certificate and login/pass can be different (no conformity checks)
The functionality is there already. Check "Enforce match" under Strict User-CN Matching. Then it will test the certif... Jim Pingle
07:40 AM Bug #9829: NTP Status vs. parsing NTP Access Restrictions
The page checks for settings, and if 'noquery' is set, then it assumes the daemon will be unreachable. It could maybe... Jim Pingle
07:27 AM pfSense Packages Feature #9824 (Pull Request Review): Add support for DuckDuckGo's Safe Search
Jim Pingle
07:23 AM pfSense Packages Feature #9742 (Pull Request Review): Print Patch ID in log while patching
Jim Pingle
07:16 AM Feature #9831 (Pull Request Review): diag_packet_capture.php: print packet capture start time
Jim Pingle

10/20/2019

09:00 PM pfSense Packages Feature #9555: pimd package
+1, igmpproxy stopped working for Sonos systems after pfsense update several years ago (I want to say 2.2 -> 2.3, but... Andy Shulman
03:20 PM Bug #9835: client's certificate and login/pass can be different (no conformity checks)
https://forums.openvpn.net/viewtopic.php?t=18264
https://serverfault.com/questions/358855/how-to-prevent-users-fro... Viktor Gurov
02:12 PM Feature #9838 (New): PKCS11 support
There is no ability to use PKCS11 tokens with OpenVPN. because *[PKCS11]* feature is not compiled in:... Viktor Gurov
02:04 PM Bug #9837 (New): ipv6 is not completely disabled on the interfaces
When IPv6 Configuration Type is None on Interfaces configuration page, IPv6 link-local addresses still uses
You can ... Viktor Gurov
07:31 AM Feature #6103: DNS Resolver Outgoing Interfaces should be able to use Gateway Groups
You can select Loopback as Outgoing interface of DNS Resolver -
In this case it uses gateway group
 Viktor Gurov
06:25 AM pfSense Packages Bug #9836 (Resolved): OpenBGPD package deamon starts twice
After reboot with OpenBGPD package
the bgpd starts twice.
logfile:
Oct 20 11:44:50 router bgpd[53729]: startup
... Dirk Meyer

10/19/2019

08:33 AM Bug #9763: Trying to set VLAN Priority causes error
Jim Pingle wrote:
> Applied in changeset commit:93db39ba1b7a72ad936a76aee2fe059a35b8af40.
Tested on 2.5.0.a.20191... Viktor Gurov
08:00 AM Bug #9745: can't add ECDSA certificate key when signing CSR
https://github.com/pfsense/pfsense/pull/4103 Viktor Gurov
06:13 AM Bug #9823: no l2tplink param in get_interface_info
it successfully creates [l2tplink] entry after you select L2TP in IPv4 Configuration Type field on interface configur... Viktor Gurov
04:56 AM Feature #9834: system_certmanager.php: add ability to import certificate without private key
https://github.com/pfsense/pfsense/pull/4102 Viktor Gurov
04:13 AM Bug #9835 (Rejected): client's certificate and login/pass can be different (no conformity checks)
Remote Access (SSL/TLS + User Auth) allow users created in Local Database to use login/pass of other users during Ope... Viktor Gurov

10/18/2019

06:02 PM Feature #9302: radvd always advertises DNS servers and Domain Search List regardless of M or O flag
DNS via RFC 8415 (DHCP) and via RFC 8106 (RDNSS) are independent functions which is as the current pfSense implementa... Rick Coats
05:30 PM Feature #9302: radvd always advertises DNS servers and Domain Search List regardless of M or O flag
Are you saying that the impact of this change, is that in the cases of "Managed" or "Stateless DHCP" then the bottom ... Rick Coats
03:51 PM Feature #9302: radvd always advertises DNS servers and Domain Search List regardless of M or O flag
I totally agree that when using "M" mode that RDNSS should not be disabled.
In fact, the change above only stops ... Elbin Teh
01:12 PM Feature #9302: radvd always advertises DNS servers and Domain Search List regardless of M or O flag
I think this change breaks ipv6 RFC compliance. The blogger article was written in 2012 and seems that the authors go... Rick Coats
10:12 AM Bug #9407: Update jQuery to current version (3.3.1 or later)
jQuery updated to 3.4.1
jQuery-ui updated to 1.12.1
www/vendor directory reorganized
Obsoleted files list updated
... Anonymous
10:05 AM Bug #9407 (Feedback): Update jQuery to current version (3.3.1 or later)
Applied in changeset commit:df4262d0e1d8d460ba93b9fcde16476306ee21f6. Anonymous
09:13 AM Feature #9834 (Resolved): system_certmanager.php: add ability to import certificate without private key
This is needed in case when VPN clients uses PKCS#11 token for authentication, and they not able to export private key Viktor Gurov
04:52 AM pfSense Packages Feature #9833 (New): ACME: add ability to use custom ACME server
Hi, on September 2019 the Smallstep company released a feature on their +step-ca+ tool that allows to serve private C... Filippo Tessarotto
03:51 AM Bug #9832 (Not a Bug): DHCP relay stopped working after changing interface and vlan name
Hi
Interface and vlan was named AP_HBV, so i changed it to VLAN528_AP_HBV.
Afterwards DHCP Relay didnt work.
T... Michael Olesen

10/17/2019

05:07 PM pfSense Packages Feature #9820 (Resolved): Add Zabbix 4.4 (agent and proxy) packages
Renato Botelho
04:40 PM pfSense Packages Feature #9820: Add Zabbix 4.4 (agent and proxy) packages
Works for me thanks! Pim Janssen
03:55 AM Feature #9831: diag_packet_capture.php: print packet capture start time
https://github.com/pfsense/pfsense/pull/4101 Viktor Gurov
03:55 AM Feature #9831 (Resolved): diag_packet_capture.php: print packet capture start time
Prints packet capture start time in extra field Viktor Gurov

10/16/2019

04:56 PM Feature #9828: L2TP (long) username containing @ (realm separator)
ok it's because it's late for me then ^^
don't worry, some dev will read and answer here asap, if they want a PR for... Manuel Piovan
04:24 PM Feature #9828: L2TP (long) username containing @ (realm separator)
I need a server, not a client :-)
The username/realm mod is exactly wat is needed and should me incorporated in th... Arjan van der Oest
04:04 PM Feature #9828: L2TP (long) username containing @ (realm separator)
sorry man didn't understand clearly what you where doing from the start..
revert back my mods, that page is for conf... Manuel Piovan
01:22 PM Feature #9828: L2TP (long) username containing @ (realm separator)
Well, changing the script allows to add the desired realms in the username, however the establishing of the l2tp tunn... Arjan van der Oest
11:17 AM Feature #9828: L2TP (long) username containing @ (realm separator)
I will try and report back ASAP, thanks for the ultrafast response, I truly appreciate it. Arjan van der Oest
11:05 AM Feature #9828: L2TP (long) username containing @ (realm separator)
/usr/local/www/vpn_l2tp_users_edit.php
change line 82
if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usern... Manuel Piovan
09:06 AM Feature #9828 (Resolved): L2TP (long) username containing @ (realm separator)
Hi Team,
I’m trying to use pfSense as LNS via L2TP. However my LAC always includes a realm in the username.
Fo... Arjan van der Oest
02:04 PM pfSense Packages Feature #9820 (Ready To Test): Add Zabbix 4.4 (agent and proxy) packages
PR has been merged. Thanks! Renato Botelho
07:06 AM pfSense Packages Feature #9820 (In Progress): Add Zabbix 4.4 (agent and proxy) packages
Danilo (dbaio@FreeBSD.org) is working to integrate zabbix 4.4 on pfSense as well Renato Botelho
05:03 AM pfSense Packages Feature #9820: Add Zabbix 4.4 (agent and proxy) packages
https://svnweb.freebsd.org/ports/head/net-mgmt/zabbix44-proxy/
https://svnweb.freebsd.org/ports/head/net-mgmt/zabbix... Pim Janssen
11:59 AM pfSense Docs Correction #9822: specify XG-7100 does not support NVMe
In addition to the XG-7100's, the note has been added to all systems that have an M.2 SATA drive upgrade option. Seem... Doug McIntire
11:30 AM Bug #9830 (Resolved): NTP ACLs vs. NTP pools
Starting with /var/etc/ntpd.conf containing:... Edgar Wiesmann
11:16 AM Bug #9829 (Resolved): NTP Status vs. parsing NTP Access Restrictions
Status/NTP displays "Statistics unavailable because ntpq and ntpdc queries are disabled in the NTP service settings" ... Edgar Wiesmann

10/15/2019

05:38 PM Todo #8350: Remove clog in favor of standard syslogd or syslogd alternative with rotation via newsyslog or logrotate
That is not related to this change, so it cannot be considered on this issue. TCP syslog is not yet supported by Free... Jim Pingle
05:36 PM Todo #8350: Remove clog in favor of standard syslogd or syslogd alternative with rotation via newsyslog or logrotate
Testing 2.5.0-dev, found UI does not provide support for TCP syslog forwarding. I believe this results in truncation... Mark Rodman

10/14/2019

01:27 PM pfSense Docs Correction #9822 (Closed): specify XG-7100 does not support NVMe
Added note to state that NVMe is not supported on both the XG-7100 DT & 1U.
https://docs.netgate.com/pfsense/en/la... Doug McIntire
10:16 AM pfSense Packages Bug #9135 (Rejected): Suricata in inline modus blocks some downloads
As pointed by Bill, it's not a pfSense bug. Renato Botelho
08:40 AM Feature #9827 (Duplicate): Add default route indicator to gateways dashboard widget to indicate which interface is currently selected as default in a gateways group scenario
In System > Routing > Gateways the default route is indicated based on the state of the gateway group.
It would be u... And Ritchie
06:40 AM pfSense Packages Feature #9521 (Pull Request Review): Upgrade to HAProxy 1.9
Renato Botelho
03:13 AM pfSense Packages Feature #9521: Upgrade to HAProxy 1.9
now that pfsense/FreeBSD-ports has been updated to ports 2019Q3 i think it would make sense to bump haproxy versions
... Torben Hørup

10/13/2019

02:42 PM Bug #9654: After reboot, the DNS resolver must be restarted before it will advertise the ipv6 DNS address of the router.
Further information: I have noted that during the period before first restart of the resolver, that the predefined al... Rick Coats
02:15 PM Bug #9826 (Rejected): No users displayed in user manager
2.4.4-p3 does not include a fix for #9541 -- You are hitting that issue, not something new. Jim Pingle
12:06 PM Bug #9826 (Rejected): No users displayed in user manager
I am running 2.4.4_3 so I am assuming I already have the patch for https://redmine.pfsense.org/issues/9541. My admin ... robbie foster
08:17 AM Bug #9448 (In Progress): Dynamic DNS options showing in GUI for IPv6 when not in use
Jim Pingle
08:15 AM Feature #9825: Requirements for trusted certificates in iOS 13 and macOS 10.15
We have automatically filled in the SAN based on the CN for a while now. You can't make a new cert without a SAN, sin... Jim Pingle
02:47 AM Feature #9825 (Resolved): Requirements for trusted certificates in iOS 13 and macOS 10.15
Because Apple has shortened the maximum validity period of TLS server certificates to 825 days on iOS 13 & macOS Cata... Daniel Gutierrez

10/12/2019

06:12 PM Feature #9695 (Resolved): Add Ability to Force NAT-T Encapsulation on IKEv2 Peers
Jim Pingle
02:58 PM Feature #9695: Add Ability to Force NAT-T Encapsulation on IKEv2 Peers
Jim Pingle wrote:
> Applied in changeset commit:9c4f5b95eed5534ab797f104ad9f687359bd4818.
Tested on 2.5.0.a.20191... Viktor Gurov
10:28 AM Bug #9448: Dynamic DNS options showing in GUI for IPv6 when not in use
Jim Pingle wrote:
> Applied in changeset commit:7ba6788b155b92ad8c488c2891c9fe2601fe5c14.
Tested on 2.5.0.a.20191... Viktor Gurov
09:28 AM pfSense Packages Feature #9824 (Resolved): Add support for DuckDuckGo's Safe Search
The switches managing the Safe Search are described in the "DuckDuckGo Help Pages":https://help.duckduckgo.com/duckdu... Markus *
08:31 AM Feature #9788 (Resolved): Display number of connections in status_openvpn.php
Jim Pingle
01:51 AM Feature #9788: Display number of connections in status_openvpn.php
Renato Botelho wrote:
> PR has been merged. Thanks!
Tested on 2.5.0.a.20191011.1853
Works, resolved
 Viktor Gurov
08:31 AM Feature #9791 (Resolved): Ability to filter Diagnostics ARP Table by IP range (DHCP)
Jim Pingle
02:00 AM Feature #9791: Ability to filter Diagnostics ARP Table by IP range (DHCP)
Jim Pingle wrote:
> Applied in changeset commit:9297ad6504618c5ffcee9f8fe02535cb33f570c9.
Tested on 2.5.0.a.20191... Viktor Gurov
08:31 AM Bug #9708 (Resolved): /etc/inc/unbound.inc: Pfsense Default Unbound Configuration does not Prevent DNS Rebinding Attacks Against Localhost
Jim Pingle
02:07 AM Bug #9708: /etc/inc/unbound.inc: Pfsense Default Unbound Configuration does not Prevent DNS Rebinding Attacks Against Localhost
Jim Pingle wrote:
> Applied in changeset commit:afeb18ff0ecaec2e9d0da1801fe9cebf5b99a3ca.
Tested on 2.5.0.a.20191... Viktor Gurov
08:31 AM Bug #9586 (Resolved): Unbound Access List /31 UI Issue
Jim Pingle
02:13 AM Bug #9586: Unbound Access List /31 UI Issue
Steve Beaver wrote:
> Applied in changeset commit:7ec80e763f7e8357a4e5b0d2d57546cfd5d0f0f0.
Tested on 2.5.0.a.201... Viktor Gurov
08:31 AM Feature #6787 (Resolved): NTP GUI sync/poll interval
Jim Pingle
02:27 AM Feature #6787: NTP GUI sync/poll interval
Jim Pingle wrote:
> Applied in changeset commit:8ef6844a34cd6765bfa09d2fdaf4f0609d6c59cb.
Tested on 2.5.0.a.20191... Viktor Gurov
08:31 AM Bug #9258 (Resolved): Error deleting tunnel type P2 when mixed with VTI
Jim Pingle
02:36 AM Bug #9258: Error deleting tunnel type P2 when mixed with VTI
Jim Pingle wrote:
> Applied in changeset commit:37c6083084617e3fd079876352109ff38aa6613b.
Tested on 2.5.0.a.20191... Viktor Gurov
08:31 AM Feature #9302 (Resolved): radvd always advertises DNS servers and Domain Search List regardless of M or O flag
Jim Pingle
04:09 AM Feature #9302: radvd always advertises DNS servers and Domain Search List regardless of M or O flag
Renato Botelho wrote:
> PR has been merged. Thanks!
Tested on 2.5.0.a.20191011.1853
No RDNSS and DNSSL entries... Viktor Gurov
08:31 AM Feature #9285 (Resolved): Add an option to disable the ping-check in dhcpd
Jim Pingle
04:19 AM Feature #9285: Add an option to disable the ping-check in dhcpd
Renato Botelho wrote:
> Applied in changeset commit:5197e3e3a3b0ee048785e2ffb4222d7cba4e6c74.
Tested on 2.5.0.a.2... Viktor Gurov
05:06 AM pfSense Packages Bug #9012: Captive Portal authentication in Squid Proxy Server does not work
i solved this problem.
new captiveportal.inc file... mehmet yiğiter
04:31 AM Bug #9823: no l2tplink param in get_interface_info
this is why changes in "Show PPP uptime on the Dashboard - Interfaces Widget" https://redmine.pfsense.org/issues/9426... Viktor Gurov
03:44 AM Bug #9823: no l2tplink param in get_interface_info
config.xml:... Viktor Gurov
03:38 AM Bug #9823 (Closed): no l2tplink param in get_interface_info
For L2TP interfaces you can't see "Uptime" in interfaces widget due to function get_interface_info do not return link... Viktor Gurov

10/11/2019

03:48 PM pfSense Docs Correction #9822 (Closed): specify XG-7100 does not support NVMe
https://docs.netgate.com/pfsense/en/latest/solutions/xg-7100/m-2-sata-installation.html
Only specifies *a M.2 SATA... Anonymous
03:21 PM pfSense Packages Feature #9555: pimd package
Michael Pelley wrote:
> Folks - as it seems that IGMP Proxy is "broken" and pimd works is it possible to add (or rep... Pete Holzmann
11:18 AM Bug #9821: pfSense IPsec not reload configs on connectivity issues with DDNS
At same time first end try communicate only over Tier1 IP and they can't do connection. Restart of strongswan fix thi... DRago_Angel [InV@DER]
11:16 AM Bug #9821: pfSense IPsec not reload configs on connectivity issues with DDNS
When My Tier1 goes offline on one end: IPsec begin to use Tier2 connection. But when Tier1 come back - second end sti... DRago_Angel [InV@DER]
11:05 AM Bug #9821 (Rejected): pfSense IPsec not reload configs on connectivity issues with DDNS
IPsec with DDNS works fine for many users (myself included) -- you haven't presented any evidence that there is an ac... Jim Pingle
10:52 AM Bug #9821 (Rejected): pfSense IPsec not reload configs on connectivity issues with DDNS
If you configure IPsec to use static IP or or static DNS - all fine.
But when you have multiWAN environment with DDN... DRago_Angel [InV@DER]
10:16 AM pfSense Packages Feature #9820 (Resolved): Add Zabbix 4.4 (agent and proxy) packages
New release from zabbix. Please add this new version.
https://www.zabbix.com/rn/rn4.4.0 Pim Janssen
09:48 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
I see similar effects with the old config which i attached in January. Ph. T
09:43 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
I have tried to reproduce the issue. Unfortently that was not possible. Now i just get complete empty tables.
I have... Ph. T
07:41 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
I will provide the data / config.xml . I could also provide a virtual-box pfsense-installation
which shows this pro... Ph. T
07:29 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
If anyone can come up with simple cases that reliably reproduce the problem, that would definitely help. That is, the... Jim Pingle
06:53 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
Ph. T wrote:
> I am *very,very* unhappy with the time it takes to deal and fix this problem.
> Is there any way to... Luiz Souza
01:39 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
I am *very,very* unhappy with the time it takes to deal and fix this problem.
Is there any way to speed up the proc... Ph. T
01:23 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
Angel Briceño wrote:
> I have removed all gigantic ranges of IPs and the problem is solved.
I have no ranges of... Gavin Stewart
09:45 AM Bug #9819 (Feedback): Captive portal: Change order redirect page is selected
PR has been merged Renato Botelho
09:44 AM Bug #9819 (Resolved): Captive portal: Change order redirect page is selected
If page is defined in query string, redirects user to that and let default page to be used only when it's not defined... Renato Botelho
09:13 AM Feature #9256: adjust frequency of geom rebuild notifications.
Renato Botelho wrote:
> PR has been merged. Thanks!
No sir, thank you. James Lavoy
08:35 AM Feature #9256 (Feedback): adjust frequency of geom rebuild notifications.
PR has been merged. Thanks! Renato Botelho
08:38 AM Feature #9527 (Feedback): Add ability for LDAP extended query on groups in RFC2307 containers.
PR has been merged. Thanks! Renato Botelho

10/10/2019

03:35 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
Ph. T wrote:
> If you are using FQDN-Aliases each FQDN can only be used once, if
> you use the alias twice, the ge... Angel Briceño
02:32 PM Bug #9577: radvd send_ra_forall failed on interface / can't join ipv6-allrouters
2.5 will be moving to a 12.1 or stable/12 base, but that choice has not yet been made. It definitely will not stay on... Jim Pingle
02:26 PM Bug #9577: radvd send_ra_forall failed on interface / can't join ipv6-allrouters
There are multiple issues, some easily solved. The "disabled" logging message can be deleted, as it is just an indica... Ronald Schellberg
02:12 PM Bug #9818 (Rejected): bug status VPN
Not nearly enough information here. IPsec status works fine here, must be something specific to your configuration/se... Jim Pingle
02:02 PM Bug #9818 (Rejected): bug status VPN
Erro no status do tunel VPN na versão 2.5.0-DEVELOPMENT Alexandre morganti
12:35 PM Bug #9802 (Resolved): status_logs_settings.php: "Reset log files" does not clear all log files
Tested on 2.5.0.a.20191009.1906, works as expected. Anonymous
10:40 AM pfSense Packages Feature #9742: Print Patch ID in log while patching
https://github.com/pfsense/FreeBSD-ports/pull/685 Viktor Gurov
10:40 AM pfSense Packages Feature #9817 (Duplicate): logging of patching to syslog
Duplicate of #9742 Jim Pingle
10:39 AM pfSense Packages Feature #9817 (Duplicate): logging of patching to syslog
Add ability to log patch id to system log Viktor Gurov
08:04 AM Bug #9407: Update jQuery to current version (3.3.1 or later)
Updating to version 3.4.1 is straightforward but we also use jQuery-UI which needs to be kept in step. Unfortunately ... Anonymous
07:10 AM Feature #9816 (Pull Request Review): firewall_aliases.php: add ability to export list of aliases
Jim Pingle
05:57 AM Feature #9816: firewall_aliases.php: add ability to export list of aliases
https://github.com/pfsense/pfsense/pull/4099 Viktor Gurov
05:55 AM Feature #9816 (Resolved): firewall_aliases.php: add ability to export list of aliases
adds ability to export list of aliases
opens white page with only aliases - to copy&paste and save to txt Viktor Gurov

10/09/2019

02:57 PM Bug #9815: IPv6 policy routing selects wrong interface
output of @pfctl -sa | grep 2001:bbbb:bbbb:bbbb::1@... Bianco Veigel
02:56 PM Bug #9815 (Not a Bug): IPv6 policy routing selects wrong interface
Not enough evidence that there is a bug here. This site is not for support or diagnostic discussion.
For assistanc... Jim Pingle
02:43 PM Bug #9815 (Not a Bug): IPv6 policy routing selects wrong interface
I've a rather complex setup with multiple interfaces - some of them have an IPv6 Address and some also have an IPv6 G... Bianco Veigel
10:51 AM Feature #6240: vxlan driver
Created https://github.com/pfsense/FreeBSD-src/pull/27 Jose Luis Duran
10:33 AM Feature #6240: vxlan driver
+1 ... it there's any point Khamzet Shogenov

10/08/2019

10:55 AM Bug #9058: Kernel panic during L2TP retransmit
I've opened a bug at https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241133 Bianco Veigel
06:29 AM Bug #9814 (Duplicate): User Manager
Duplicate of #9541 Jim Pingle
04:16 AM Bug #9814 (Duplicate): User Manager
Hi.
I think I found a little bug when using a created user with admin permissions to navigate to the User Manager.
... Norman Kühnberger

10/07/2019

06:16 PM Bug #9148: PPPoE over a VLAN fails to reconnect.
gek Johnson wrote:
> It's reproducing on 2.4.4-RELEASE-p3.
I'm also seeing the issue again in 2.4.4-RELEASE-p3.
... Anonymous
07:19 AM pfSense Packages Bug #9813 (Resolved): Fails saving accountkeys if name contains non-English characters
When trying to create a new set of account keys for use with ACME, and the name contains any special characters (such... Nikolaj Jørgensen

10/06/2019

02:05 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
Robert Gijsen wrote:
> It's been about 8 months now that we are unable to update / patch our firewalls because of th... John K
12:04 PM Bug #9812 (Not a Bug): High cpu load (php-fpm) on every VTI reload
There is not enough information here to classify this as a bug. Please start a post on the forum to discuss the issue... Jim Pingle
09:53 AM Bug #9812: High cpu load (php-fpm) on every VTI reload
The CPU load remains high for some minutes. Daniel Klinghofer
09:48 AM Bug #9812 (Not a Bug): High cpu load (php-fpm) on every VTI reload
Every event that reload the VTI interface(s) causes high cpu load with the process php-fpm.
The system also log th... Daniel Klinghofer
06:26 AM Todo #9808: status_logs_settings.php: Add GUI option for syslog format
Hi,
I have RFC 5424 manually running here, to export to my syslog collector. And you're right, the local syslog is... Russell Morris

10/05/2019

09:15 PM pfSense Packages Bug #9811 (Pull Request Review): apcupsd - can not set BATTERYLEVEL and MINUTES to -1 although these are valid values
Jim Pingle
09:04 PM pfSense Packages Bug #9811: apcupsd - can not set BATTERYLEVEL and MINUTES to -1 although these are valid values
Pull request: https://github.com/pfsense/FreeBSD-ports/pull/682 Daniel Baldes
09:01 PM pfSense Packages Bug #9811 (Resolved): apcupsd - can not set BATTERYLEVEL and MINUTES to -1 although these are valid values
According to the apcupsd manual [1], BATTERYLEVEL and MINUTES can be set to -1 in order to disable these features.
... Daniel Baldes

10/04/2019

12:35 PM Feature #9302 (Feedback): radvd always advertises DNS servers and Domain Search List regardless of M or O flag
PR has been merged. Thanks! Renato Botelho
11:13 AM Feature #9766 (Feedback): diag_packet_capture.php: allow to input multiple tcp/udp ports
PR has been merged. Thanks! Renato Botelho
09:54 AM Todo #9808: status_logs_settings.php: Add GUI option for syslog format
There is a bit more work involved as the log parsers will need updated to deal with the different format:
https://... Jim Pingle
07:17 AM Bug #9790 (Pull Request Review): firewall aliases table with fqdn stays in system after deleting
PR: https://github.com/pfsense/pfsense/pull/4098 Jim Pingle
07:16 AM Feature #9810 (Duplicate): auto-remove empty zombie fw aliases
No need to open another issue for this, keep everything on the existing issue. Jim Pingle
05:38 AM Feature #9810: auto-remove empty zombie fw aliases
https://github.com/pfsense/pfsense/pull/4098 Viktor Gurov
05:36 AM Feature #9810 (Duplicate): auto-remove empty zombie fw aliases
to resolve issue: https://redmine.pfsense.org/issues/9790
If you create Alias table under Firewall / Aliases / IP ... Viktor Gurov
03:11 AM pfSense Packages Bug #9809 (Resolved): postgresql support not compiled

Errors in log after enabling DB logging:
bandwidthd[71947]: Postgresql logging selected but postgresql support is ... Viktor Gurov

10/03/2019

06:09 PM Feature #9297: Graph for hardware temperature readings
I don't see a vote button, so +1 for this feature! David Reitz
03:20 PM Feature #7304 (Feedback): DHCP: Enable OMAPI Config
Applied in changeset commit:6df105827279df3ef573b65ca879f43be0d1bdf8. Anonymous
01:01 PM Todo #9808 (Resolved): status_logs_settings.php: Add GUI option for syslog format
On FreeBSD 12.x, syslogd now supports a choice for log format:... Jim Pingle
11:20 AM pfSense Packages Bug #9807 (Resolved): Packets Monitoring graphs are being incorrectly scaled
It looks like the data used for the packets logging is being incorrectly multiplied by 8 as though it is assuming a B... Steve Wheeler
07:40 AM Feature #9788 (Feedback): Display number of connections in status_openvpn.php
PR has been merged. Thanks! Renato Botelho
07:14 AM Feature #9771 (Closed): diag_reboot.php: add ability to reroot and reboot with fsck to WebGUI
It just hasn't made it into a Factory snapshot yet. It's already in the tree there. Jim Pingle
03:35 AM Feature #9771: diag_reboot.php: add ability to reroot and reboot with fsck to WebGUI
Renato Botelho wrote:
> PR has been merged. Thanks!
I see this on CE amd64 images, and it works ok
but old reb... Viktor Gurov
07:12 AM Bug #9806 (Pull Request Review): Undefined variables in filter.inc openvpn aliases section
Jim Pingle
03:43 AM Bug #9806 (Resolved): Undefined variables in filter.inc openvpn aliases section
A couple of variables are not set/correct.
See PR https://github.com/pfsense/pfsense/pull/4097
 Phillip Davis

10/02/2019

04:51 PM Bug #9805: dynDNS cloudflare multiple entries
this is also in the logs above the other error... Cave T
04:46 PM Bug #9805 (New): dynDNS cloudflare multiple entries
I have a number of entries that pfsense updates cloudflare for when my IP changes. This works fine for the first 6, h... Cave T
07:06 AM Feature #9797: services_unbound_advanced.php: add prefer-ip6 option to dns resolver gui
If the system as a whole prefers IPv6 (the default) then it would use the gif tunnel anyhow. Or not, if that's what t... Jim Pingle
04:15 AM Feature #9797: services_unbound_advanced.php: add prefer-ip6 option to dns resolver gui
Jim Pingle wrote:
> What is the use case for this vs changing the global setting under System > Advanced, Networking... Viktor Gurov

10/01/2019

01:30 PM Feature #9771 (Feedback): diag_reboot.php: add ability to reroot and reboot with fsck to WebGUI
PR has been merged. Thanks! Renato Botelho
01:28 PM Bug #9362 (Feedback): rc.dyndns.update: Cloudflare DDNS with proxy enabled doesn't work at all
PR has been merged. Thanks! Renato Botelho
11:25 AM Bug #9804 (Feedback): services_captiveportal.php: Image upload does not validate file type
Applied in changeset commit:09d597434c9ccb456c8f207649dbe43fd5ff85db. Jim Pingle
10:43 AM Bug #9804 (Resolved): services_captiveportal.php: Image upload does not validate file type
On services_captiveportal.php, uploaded image files are not validated properly. A user with access to the page could ... Jim Pingle

09/30/2019

03:37 PM Bug #9803 (Rejected): Bridge: client's traffic reaches PfSense but nothing comes back (SR-IOV)
This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
03:15 PM Bug #9803 (Rejected): Bridge: client's traffic reaches PfSense but nothing comes back (SR-IOV)
I am configuring my pfSense for the first time ever, moving from Linux routing box.
I have a i350-t4 PCIe installe... cromo cromo
08:35 AM Bug #9802 (Feedback): status_logs_settings.php: "Reset log files" does not clear all log files
Applied in changeset commit:eacc805e0edf1fb916e118670eba71ecabee42e5. Jim Pingle
08:26 AM Bug #9802 (Resolved): status_logs_settings.php: "Reset log files" does not clear all log files
The OS Boot (dmesg.boot), OS User Events (utx.log), and OS Account Changes (userlog) files are not cleared when using... Jim Pingle
07:13 AM Bug #9736 (Resolved): status.php: Sanitize oinkcode and etprocode of snort/surricata
Jim Pingle
05:25 AM Bug #9736: status.php: Sanitize oinkcode and etprocode of snort/surricata
Jim Pingle wrote:
> Applied in changeset commit:9adb7806cffdd1393fd9223c17d7a938a37944c4.
<oinkmastercode>xxxxx</... Viktor Gurov
07:13 AM Bug #9741 (Resolved): interfaces_ppps_edit.php: WebGUI don't show local ip / gateway ip values
Jim Pingle
05:02 AM Bug #9741: interfaces_ppps_edit.php: WebGUI don't show local ip / gateway ip values
Jim Pingle wrote:
> Applied in changeset commit:d81f270454ec66680cb645c0d3c13f9431d9c026.
checked with L2TP and P... Viktor Gurov
07:13 AM Bug #9748 (Resolved): openvpn_wizard.xml: DH 15360 and 16384 fall back to 1024
Jim Pingle
04:59 AM Bug #9748: openvpn_wizard.xml: DH 15360 and 16384 fall back to 1024
Jim Pingle wrote:
> Applied in changeset commit:52f686a97f77cfd00ddb69088bef7164676d4117.
checked, it's OK now
... Viktor Gurov
05:24 AM Bug #9719 (Resolved): system_certmanager.php - Descriptive name field disappeared when adding certificate for user
Renato Botelho
05:06 AM Bug #9719: system_certmanager.php - Descriptive name field disappeared when adding certificate for user
Renato Botelho wrote:
> Applied in changeset commit:aafc3602dc0f79462f515276f0b53cb5c2201cd4.
ok now
Resolved Viktor Gurov

09/29/2019

12:45 PM Bug #9801: VTI IPv6 addresses don't get assigned
It seems that the @is_ipaddrv6@ function checks for a "/" in the address and if so decides it can't possibly be a v6 ... Ben Hughes
12:02 PM Bug #9801 (Resolved): VTI IPv6 addresses don't get assigned
When a IPsec VPN has a v6 VTI phase 2assigned, the address is never assigned to the ipsecXXXX interface due to this e... Ben Hughes
06:18 AM Feature #9800 (New): Add toggle for net.isr.dispatch=deferred in GUI
[[Feature #4821]] has been closed with the guidance to add a _System Tunable_ or _loader.conf.local_ entry for _net.i... Olaf Welten

09/27/2019

01:45 PM Todo #9799 (Feedback): Create custom CSRF callback page with proper theme & more warnings
Applied in changeset commit:da7384c4a42adbcb7c20beba05ff460d0f6da7b3. Jim Pingle
01:42 PM Todo #9799: Create custom CSRF callback page with proper theme & more warnings
I just pushed the first pass at this. It functions, but could use some design work.
I'm considering removing the r... Jim Pingle
12:12 PM Todo #9799: Create custom CSRF callback page with proper theme & more warnings
CSRF Magic prevents attacks like the one described at https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16667 -... Jim Pingle
12:09 PM Todo #9799 (Resolved): Create custom CSRF callback page with proper theme & more warnings
When a user triggers a CSRF error, either by accident (e.g. sitting on the login page for hours without submitting, t... Jim Pingle
10:55 AM Bug #9764 (Resolved): status.php: Sanitize barnyard_dbpwd
Jim Pingle
10:51 AM Bug #9764: status.php: Sanitize barnyard_dbpwd
Jim Pingle wrote:
> Applied in changeset commit:24994f9a9df9a44e36cb544586684a5fecd61cda.
<barnyard_dbpwd>xxxxx</... Viktor Gurov
09:35 AM Bug #9736 (Feedback): status.php: Sanitize oinkcode and etprocode of snort/surricata
Applied in changeset commit:9adb7806cffdd1393fd9223c17d7a938a37944c4. Jim Pingle
09:11 AM Bug #9736 (In Progress): status.php: Sanitize oinkcode and etprocode of snort/surricata
Jim Pingle
09:09 AM Bug #9736: status.php: Sanitize oinkcode and etprocode of snort/surricata
Jim Pingle wrote:
> Fixed in commit:17640476a57a41415fec579c40faebbfeff0022d... Viktor Gurov
09:11 AM Bug #9784 (Resolved): status.php: Sanitize bandwidthd db password
Jim Pingle
09:10 AM Bug #9784: status.php: Sanitize bandwidthd db password
Jim Pingle wrote:
> Applied in changeset commit:1f2be937ddbaf04a1704cac2aea3fc66bb196013.
<postgresqlpasswordenc>... Viktor Gurov
09:10 AM Feature #9757 (Resolved): DH groups 25,26,27 not listed for phase1 & phase2
Jim Pingle
08:53 AM Feature #9757: DH groups 25,26,27 not listed for phase1 & phase2
Jim Pingle wrote:
> Applied in changeset commit:21bee0287caf76bb7ab63ec29b0ecf7435940a06.
it's ok now
Resolved Viktor Gurov
09:10 AM Bug #9722 (Resolved): services_captiveportal_vouchers.php wrong status icon link
Jim Pingle
08:56 AM Bug #9722: services_captiveportal_vouchers.php wrong status icon link
Renato Botelho wrote:
> Applied in changeset commit:4baf532b5b834e659f484fc2b79e73fcfd169e46.
ok now
Resolved Viktor Gurov
09:10 AM Bug #9727 (Resolved): status.php: Sanitize influx_pass
Jim Pingle
08:59 AM Bug #9727: status.php: Sanitize influx_pass
Jim Pingle wrote:
> Applied in changeset commit:8bc944bbcba57f74934b87dcea4e7621f0743584.
<influx_pass>xxxxx</inf... Viktor Gurov
09:10 AM Bug #9728 (Resolved): status.php: Sanitize tinc private key
Jim Pingle
09:04 AM Bug #9728: status.php: Sanitize tinc private key
Jim Pingle wrote:
> Applied in changeset commit:8bc944bbcba57f74934b87dcea4e7621f0743584.
<prv>xxxxx</prv>
ok ... Viktor Gurov
09:09 AM Bug #9729 (Resolved): status.php: Sanitize zabbix-agent tlspsk key
Jim Pingle
09:07 AM Bug #9729: status.php: Sanitize zabbix-agent tlspsk key
Jim Pingle wrote:
> Applied in changeset commit:60a7d1e1201f43ec48b0ad374ded1c15eb29e14e.
<tlspskidentity>xxxxx</... Viktor Gurov
05:51 AM pfSense Packages Feature #9798 (New): add ipv4 and ipv6 dnscrypt-resolvers feeds
Lists of public DNSCrypt-enabled DNS resolvers:
https://raw.githubusercontent.com/dyne/dnscrypt-proxy/master/dnscr... Viktor Gurov

09/26/2019

02:41 PM pfSense Packages Bug #9772 (Resolved): can't enable Split ANY-ANY option
Jim Pingle
02:27 PM pfSense Packages Bug #9772: can't enable Split ANY-ANY option
This issue can be marked as RESOLVED. The identified problem is fixed in this pull request submitted against pfSense-... Bill Meeks
02:41 PM pfSense Packages Bug #9789 (Resolved): snort process stays active after deleting interface
Jim Pingle
02:26 PM pfSense Packages Bug #9789: snort process stays active after deleting interface
This issue can be marked as RESOLVED. Pull request 678 has been submitted to teh pfSense-2.5-DEVEL branch here: http... Bill Meeks
11:40 AM pfSense Packages Bug #9789: snort process stays active after deleting interface
Corresponded with Jim Pingle about this issue. There is no elegant or simple way for notifying a running package (An ... Bill Meeks
12:11 PM Feature #9797 (Pull Request Review): services_unbound_advanced.php: add prefer-ip6 option to dns resolver gui
What is the use case for this vs changing the global setting under System > Advanced, Networking tab?
The number o... Jim Pingle
11:57 AM Feature #9797: services_unbound_advanced.php: add prefer-ip6 option to dns resolver gui
https://github.com/pfsense/pfsense/pull/4094 Viktor Gurov
11:56 AM Feature #9797 (Closed): services_unbound_advanced.php: add prefer-ip6 option to dns resolver gui
from man unbound.conf(5):... Viktor Gurov
10:45 AM Bug #9384: devd putting "$" before variable contents when using single quotes
Adjusted title. This is a devd issue, not anything wrong with check_reload_status. Also affects other systems like Op... Jim Pingle
09:55 AM Bug #9362 (Pull Request Review): rc.dyndns.update: Cloudflare DDNS with proxy enabled doesn't work at all
Jim Pingle
08:57 AM Bug #9362: rc.dyndns.update: Cloudflare DDNS with proxy enabled doesn't work at all
Berzerker Berzerker wrote:
> Nathan Hand wrote:
> > Underlying problem is /etc/inc/dyndns.class line 799. The value... Robert R.
09:20 AM Bug #9796 (Resolved): kernel panic after removing interfaces
When I did some tests and ran miniupnp on the VTI or GIF interfaces and then deleted those interfaces.
after some ti... Viktor Gurov
08:10 AM Bug #9674 (Feedback): hidden OpenVPN settings are validated and written to file
Applied in changeset commit:4e42da90bd8fd2d4202782e8e0633c0e8e5e3045. Renato Botelho
07:45 AM Bug #9719 (Feedback): system_certmanager.php - Descriptive name field disappeared when adding certificate for user
Applied in changeset commit:aafc3602dc0f79462f515276f0b53cb5c2201cd4. Renato Botelho
04:02 AM Bug #9719: system_certmanager.php - Descriptive name field disappeared when adding certificate for user
more clean here: https://youtu.be/EdFOwFFuKOY Viktor Gurov
07:32 AM pfSense Packages Bug #9795 (Not a Bug): FRR add two or more ipv6 BGP Neighbors will system down
In my lab, I have two interconnected instances of FRR with the same ASN on two neighbor entries and it's stable. It's... Jim Pingle
12:12 AM pfSense Packages Bug #9795 (Not a Bug): FRR add two or more ipv6 BGP Neighbors will system down
I found that the problem recurred,If I add two or more ipv6 BGP Neighbors, the Remote AS is the same ASN number. like... yon Liu
06:57 AM Bug #9649 (Pull Request Review): IPv6 6RD Tunnel
Pull Request: https://github.com/pfsense/FreeBSD-src/pull/25 Renato Botelho
06:56 AM pfSense Packages Feature #6866: Suricata multiple interfaces
Idar Lund wrote:
> You are only covering the first half of the description - which is of no relevance except giving ... Bill Meeks
12:41 AM pfSense Packages Feature #6866: Suricata multiple interfaces
You are only covering the first half of the description - which is of no relevance except giving you some background ... Idar Lund
04:02 AM Bug #9720: vpn_ipsec_phase2.php - no remote network field in VTI mode
more clean here: https://youtu.be/avQWWjNl53o Viktor Gurov
04:00 AM Bug #9790: firewall aliases table with fqdn stays in system after deleting
more clean here: https://youtu.be/3IPwE6o3Pw4 Viktor Gurov

09/25/2019

06:32 PM Bug #9794 (Duplicate): Users in Admins group cannot manage accounts in System => User Manager
Duplicate of #9541 Jim Pingle
06:28 PM Bug #9794 (Duplicate): Users in Admins group cannot manage accounts in System => User Manager
After upgrading pfSense to version 2.4.4-RELEASE-p3 users in the Admins group are unable to manage accounts or create... Tácio Andrade
02:42 PM pfSense Packages Feature #6785 (Resolved): Allow setting of suricata's meta-field-limt libhtp parameter
Jim Pingle
02:40 PM pfSense Packages Feature #6785: Allow setting of suricata's meta-field-limt libhtp parameter
This issue can be closed as RESOLVED. The requested change has been added to the Suricata GUI package in this pull re... Bill Meeks
02:30 PM pfSense Packages Feature #6866 (Rejected): Suricata multiple interfaces
Jim Pingle
02:24 PM pfSense Packages Feature #6866: Suricata multiple interfaces
No, it is not possible to have Suricata see internal (post-NAT) addresses when it runs on the WAN. Suricata hooks int... Bill Meeks
02:30 PM Feature #9791 (Feedback): Ability to filter Diagnostics ARP Table by IP range (DHCP)
Applied in changeset commit:9297ad6504618c5ffcee9f8fe02535cb33f570c9. Jim Pingle
10:07 AM Feature #9791: Ability to filter Diagnostics ARP Table by IP range (DHCP)
I had requested an Alias feature which was pointed out to be already implemented (I have many configured - just forgo... John Weithman
07:25 AM Feature #9791 (Resolved): Ability to filter Diagnostics ARP Table by IP range (DHCP)
It would be nice to be able to filter the ARP table to find a particular (new) device.
In my instance I have turne... John Weithman
02:27 PM pfSense Packages Bug #7223 (Resolved): IPv4 Rules not working in Inline Mode
Jim Pingle
02:20 PM pfSense Packages Bug #7223: IPv4 Rules not working in Inline Mode
This issue can be closed as "RESOLVED". It was caused by an overly broad automatic pass list mechanism that was initi... Bill Meeks
01:06 PM pfSense Docs Correction #9783 (Resolved): Under "Gateway Settings" in the "Weight" paragraph there is a typo
Fixed Jim Pingle
08:13 AM pfSense Packages Feature #9793 (Resolved): Add support for HAProxy ACLs "src -f /ipalias.lst" to use pfBlockerNG IP Alias Native
Currently pfBlockerNG is power tool to create any IP aliases you can imagine: from domain resolving, ASNs, parser of ... DRago_Angel [InV@DER]
08:05 AM Bug #9488 (Feedback): No console when booting CE Memstick UEFI.
Applied in changeset commit:4511fe40ac329e3aee594f934c27a9a47d63acec. Renato Botelho
05:50 AM Bug #9488 (In Progress): No console when booting CE Memstick UEFI.
Renato Botelho
07:34 AM pfSense Packages Bug #9789: snort process stays active after deleting interface
This behavior will impact Barnyard2 and also Suricata (and Barnyard2 in a Suricata setup).
This behavior is also g... Bill Meeks
05:41 AM pfSense Packages Bug #9789: snort process stays active after deleting interface
perhaps the same behavior with barnyard2 Viktor Gurov
07:33 AM Feature #9792 (Rejected): Create Alias for IP blocks/ranges
You can make whatever aliases you like, call them what you want, and have the contents you want.
Having custom def... Jim Pingle
07:31 AM Feature #9792 (Rejected): Create Alias for IP blocks/ranges
To keep things simple I typically have any all devices get their address by DHCP. For many of those devices I set a s... John Weithman
06:49 AM Bug #9747 (Feedback): IPsec widget - Missing escape of domain backslash
PR has been merged. Thanks Renato Botelho
06:39 AM Feature #9309: Allow manual selection of IPsec IKE Pseudo-Random Function (PRF)
Currently manual selection of PRF supported by:
Cisco IOS/IOS-XE/ASA, Huawei routers/firewalls and Google CloudVPN
... Viktor Gurov
06:39 AM pfSense Packages Bug #9752 (Feedback): ACME - Actions have no access to additionally generated certificate files.
Renato Botelho
06:35 AM pfSense Packages Bug #9752: ACME - Actions have no access to additionally generated certificate files.
PR has been merged. Thanks! Renato Botelho
04:55 AM Bug #9790 (Resolved): firewall aliases table with fqdn stays in system after deleting
If you create Alias table under Firewall / Aliases / IP with FQDNs,
PF table with such name stays in system after yo... Viktor Gurov
01:43 AM Feature #9788: Display number of connections in status_openvpn.php
PR against pfsense/master https://github.com/pfsense/pfsense/pull/4092 d j

09/24/2019

05:42 PM Bug #9488: No console when booting CE Memstick UEFI.
Confirmed. Both images boot fine on the MBT-4220 using that line:... Steve Wheeler
05:20 PM Bug #9488: No console when booting CE Memstick UEFI.
Setting boot_serial=NO on loader.conf fix the problem. I'll think about how is the best way to deal with that Renato Botelho
02:23 PM Bug #9488: No console when booting CE Memstick UEFI.
Re-tested with:
pfSense-CE-memstick-2.5.0-DEVELOPMENT-amd64-20190924-1135.img.gz
and:
FreeBSD-13.0-CURRENT-amd64-2... Steve Wheeler
01:38 PM Feature #9768: IPsec for site-to-site scenario where one side has dynamic ip
It can be used for any number of tunnels. If you have support questions, please take them to the forum or pfSense sub... Jim Pingle
01:32 PM Feature #9768: IPsec for site-to-site scenario where one side has dynamic ip
Jim Pingle wrote:
> We have not ignored this. You can already do this now. Use DynDNS hostname for the peer, or othe... lama lord
11:33 AM pfSense Packages Bug #9789 (Resolved): snort process stays active after deleting interface
after deleting interface on Interfaces / Interface Assignments page,
snort process stays active and you can't disabl... Viktor Gurov
10:59 AM Feature #9788: Display number of connections in status_openvpn.php
https://github.com/pfsense/pfsense/pull/4091 d j
10:42 AM Feature #9788 (Pull Request Review): Display number of connections in status_openvpn.php
Jim Pingle
10:41 AM Feature #9788: Display number of connections in status_openvpn.php
https://github.com/pfsense/pfsense/pull/4090 d j
10:36 AM Feature #9788 (Resolved): Display number of connections in status_openvpn.php
Display number of connections in status_openvpn.php on top of each server d j
10:40 AM Feature #3473 (Feedback): Allow configuration of OpenVPN keepalive
Applied in changeset commit:99d7e8c10e96e6f22ad47973d07258cd02426fe6. Jim Pingle
09:53 AM Feature #3473 (In Progress): Allow configuration of OpenVPN keepalive
I have not changed anything in my configuration, and after upgrading to a snapshot with these changes, I am seeing er... Jim Pingle
10:12 AM pfSense Packages Todo #9787 (Feedback): Update Mail Reports to deal with clog deprecation
Fixed in Mail Reports pkg version 3.6, for 2.5.0 only. Jim Pingle
09:48 AM pfSense Packages Todo #9787 (Resolved): Update Mail Reports to deal with clog deprecation
Since clog is deprecated, the Mail Reports package needs adjusted to handle the new log functions.
See Also: #8350
 Jim Pingle
10:12 AM pfSense Packages Bug #8315 (Feedback): Mail Report mail_report_send() behavior different than notify_via_smtp()
This may have already been fixed since the patch didn't match the current code, but I removed the explicit set of SMT... Jim Pingle
09:48 AM Todo #8350: Remove clog in favor of standard syslogd or syslogd alternative with rotation via newsyslog or logrotate
I moved that to its own issue, since it isn't relevant to the base system: #9787 Jim Pingle

09/23/2019

05:40 PM Todo #8350: Remove clog in favor of standard syslogd or syslogd alternative with rotation via newsyslog or logrotate
This stops MailReports package from working
(not a big deal - just letting you know)
This is a periodic report fr... Matt Gilchrist
03:40 PM Bug #9784 (Feedback): status.php: Sanitize bandwidthd db password
Applied in changeset commit:1f2be937ddbaf04a1704cac2aea3fc66bb196013. Jim Pingle
05:18 AM Bug #9784 (Resolved): status.php: Sanitize bandwidthd db password
config-satinized.xml keeps <postgresqlpasswordenc>:... Viktor Gurov
02:34 PM Bug #9786: pfSense GUI allows incorrect VIP alias subnet.
Same here, and it works fine for me. It is not repeatable as you state. That's why it needs moved to the forum to gat... Jim Pingle
02:32 PM Bug #9786: pfSense GUI allows incorrect VIP alias subnet.
Thank you Jim, but I tested this via GUI, Not via CLI, and have been able to reproduce this multiple times with today... Anonymous
02:29 PM Bug #9786 (Rejected): pfSense GUI allows incorrect VIP alias subnet.
It was true years ago that /32 was required but that has not been the case for many years.
I have several /24 VIPs... Jim Pingle
02:21 PM Bug #9786 (Rejected): pfSense GUI allows incorrect VIP alias subnet.
As of last weeks updates for 2.5 (about Sept 20th, 2019) my VIP aliases stopped working, however the issue does not a... Anonymous
11:42 AM pfSense Packages Feature #9315: Add Package: dnscrypt-proxy
The package 'unbound', used by FreeBSD, supports and uses DNScrypt from version 1.9.1
See: https://github.com/NLne... Carlo Hoffmann
11:19 AM pfSense Packages Bug #9752 (Pull Request Review): ACME - Actions have no access to additionally generated certificate files.
Jim Pingle
11:17 AM pfSense Packages Bug #9752: ACME - Actions have no access to additionally generated certificate files.
Pull request: https://github.com/pfsense/FreeBSD-ports/pull/675 Sebastian Fiebig
10:35 AM Bug #9785 (Feedback): ACB permits manual backup attempt when disabled
Applied in changeset commit:ce9eb0fb8db618f652fc1598d17c63f2f2d80c41. Anonymous
10:19 AM Bug #9785 (Resolved): ACB permits manual backup attempt when disabled
* curl should be set to require cert verification
* Error log message refers to obsolete package
* Comment specifie... Anonymous
01:03 AM Bug #1819: DNS Resolver Not Registering DHCP Server Specified Domain Name
Is this even still on the radar ? I saw it get pushed to 2.5 Lynn Dixon
 

Also available in: Atom