Activity

30 days up to

User

Subprojects

Activity

From 10/02/2019 to 10/31/2019

10/31/2019

08:34 PM Revision 8d4663c1: Also refresh trust store when renewing. Issue #4068: Jim Pingle
08:28 PM Revision 7daab3d8: Add option to trust local CA entries. Implements #4068: Similar to closed PR #3558 from overhacked, but with a number of
changes. Jim Pingle
08:04 PM Revision e78fe74d: Make value of cert notify setting consistent with others. Issue #7332: Jim Pingle
06:40 PM Revision d1b23f75: Remove duplicate DHCP log block.: Jim Pingle
05:59 PM Revision b86891b1: Allow packet capture to match IPv4+IPv6 CARP. Fixes #9867: Jim Pingle
05:53 PM Bug #9870 (Not a Bug): DNS fails to resolve CNAME records: There is not enough information here to definitively say it's a bug and not a problem with your settings or elsewhere... Jim Pingle
05:13 PM Bug #9870 (Not a Bug): DNS fails to resolve CNAME records: I have a pfSense router (2.4.4-RELEASE-p3 using unbound Version 1.9.1) in a home environment and it is also serving a... Brian Saia
05:30 PM Revision 746c9afc: CA validity checks. Fixes #3956: Jim Pingle
05:23 PM Revision 46869dd2: Add clientAuth EKU to Server type certificates. Fixes #9868: Jim Pingle
05:12 PM Revision 71185882: Reduce default GUI cert lifetime to 825 days. Issue #9825: Jim Pingle
05:10 PM Revision 3f0b7bc3: Certificate strength improvements. Fixes #9825: * Change default GUI cert lifetime to 825 days
* Add notes on CA/Cert pages about using potentially insecure paramete... Jim Pingle
03:41 PM Feature #9869 (Resolved): Allow CRL entries to be made by serial number: CRL entries are made by serial number internally, but the only way to revoke in the GUI is to have the certificate im... Jim Pingle
03:40 PM Feature #4068 (Feedback): CAs present on CERT manager are not trusted from pfSense: Applied in changeset commit:7daab3d8dc4cc045db22925cccbde22c23083c03. Jim Pingle
03:28 PM Feature #4068 (In Progress): CAs present on CERT manager are not trusted from pfSense: Jim Pingle
01:05 PM Bug #9867 (Feedback): Packet Capture IPv6 rejects all packets if CARP type is set in Protocol field: Applied in changeset commit:b86891b1d5d62d30bc8f1bf3a7fdfee7030ed82b. Jim Pingle
08:03 AM Bug #9867: Packet Capture IPv6 rejects all packets if CARP type is set in Protocol field: A "silly" workaround might be renaming *CARP* in dropdown _Protocol_ list to *CARP IPv4*. Constantine Kormashev
08:02 AM Bug #9867: Packet Capture IPv6 rejects all packets if CARP type is set in Protocol field: It appears both are caught by "proto 112", so it might not be too difficult to solve that way. Jim Pingle
07:53 AM Bug #9867 (Resolved): Packet Capture IPv6 rejects all packets if CARP type is set in Protocol field: Packet Capture IPv6 rejects all packets if *CARP* type is set in *Protocol* field.
It might be an upstream issue.
... Constantine Kormashev
12:40 PM Bug #3956 (Feedback): Check for invalid CA on generating new certificate: Applied in changeset commit:746c9afc0e9bd632a8b7ee2f8cc2d63a0974dd88. Jim Pingle
12:28 PM Bug #3956 (In Progress): Check for invalid CA on generating new certificate: Unless we can get a copy of a certificate that shows the behavior, I don't see any problems here. I'm adding some pro... Jim Pingle
12:30 PM Todo #9868 (Feedback): Add clientAuth EKU to Server type certificates: Applied in changeset commit:46869dd2b5ebf32e8297d65f98444fb38d314336. Jim Pingle
10:46 AM Todo #9868 (Resolved): Add clientAuth EKU to Server type certificates: Some cases may require a server certificate to be used to authenticate a server (to client) and authenticate as a cli... Jim Pingle
12:15 PM Feature #7248: Web UI for IPSec settings should warn about poor security choices: This could probably use a similar technique to the one I implemented for Certificates on #9825
See commit:3f0b7bc3ae Jim Pingle
12:14 PM Feature #9825 (Feedback): Requirements for trusted certificates in iOS 13 and macOS 10.15: I just pushed changes that should fully address the remaining concerns here.
Once on a snapshot with these changes... Jim Pingle
11:56 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: Vinicius DellAglio wrote:
> I just installed a brand new pfsense box and once I created an alias with an FQDN it did... John K
07:38 AM pfSense Packages Bug #9866 (Feedback): freeradius_view_config.php: File contents are displayed without encoding: Fixed in FreeRADIUS3 pkg version 0.15.7_3
https://github.com/pfsense/FreeBSD-ports/commit/30b22b6b0db7b73732a5da34... Jim Pingle
07:31 AM pfSense Packages Bug #9866 (Resolved): freeradius_view_config.php: File contents are displayed without encoding: freeradius_view_config.php reads and displays the contents of several FreeRADIUS-related files. The contents are disp... Jim Pingle
07:09 AM Feature #9865 (Needs Patch): DNS Forwarder Interfaces list should be a list of checkboxes: The DNS forwarder is no longer actively developed since it was replaced by the DNS Resolver. As such, it's unlikely t... Jim Pingle

10/30/2019

11:07 PM Feature #9865 (Needs Patch): DNS Forwarder Interfaces list should be a list of checkboxes: The DNS Forwarder Interfaces selection UI is too small, and as a multiple selection dropdown is very awkward to use w... Ben L
08:35 PM Revision e655d548: Fix whitespace: Jim Pingle
06:21 PM Revision 6729b786: Update default config to match current default/version.: Jim Pingle
06:11 PM Revision b5d2d8d8: Add daily certificate expiration notice. Issue #7332: Jim Pingle
06:09 PM Revision 4bbdd9b0: Add periodic framework to allow for daily/weekly/monthly tasks. Issue #7332: Jim Pingle
05:35 PM Revision ddcc83f2: Fix Cert expire threshold input validation to allow empty values.: Jim Pingle
05:26 PM Revision 7f3bc6b1: Set autocomplete=new-password for auth forms around the GUI. Implements #9864: (cherry picked from commit 659a8a26d12b75399063dae060fa32fa23751dbf) Jim Pingle
05:26 PM Revision 659a8a26: Set autocomplete=new-password for auth forms around the GUI. Implements #9864: Jim Pingle
04:26 PM Revision 83bf2511: Update diag_ping.php: Mix Room
04:23 PM Revision e00d0c0c: Update diag_ping.php: Mix Room
03:19 PM Revision 90661d90: Update diag_ping.php: As per comment. Hint left for sake of consistency. Mix Room
03:17 PM Bug #9646: OpenSSL 1.1.1 does not list engines for AES-NI or BSD crypto: For the sake of those Googling or searching for the error, the following message was showing up in the logs and on th... Jim Pingle
03:16 PM Bug #9646 (In Progress): OpenSSL 1.1.1 does not list engines for AES-NI or BSD crypto: Patch reverted after we see problems with it applied Renato Botelho
03:13 PM Revision 1ab01fee: Cert expire threshold input validation: Jim Pingle
02:07 PM Revision 0a6222e5: Update diag_ping.php: Mix Room
02:06 PM Revision fb228a34: Update diag_ping.php: Fix missing '$' Mix Room
02:00 PM Feature #9842 (Feedback): Add CA/certificate renewal function: This should be complete for now. I didn't add a CLI script, as it didn't seem necessary yet. On a related note, the G... Jim Pingle
01:56 PM Revision 88ccb45b: Update diag_ping.php: Mix Room
01:46 PM Revision 740e289b: Update diag_ping.php: Mix Room
01:40 PM Revision 2d0b01e0: Update diag_ping.php: Add support for setting wait period between pings Mix Room
01:24 PM Feature #7332 (Feedback): Provide certificate expiry warning: This is now implemented.
There is a GUI setting to enable/disable the expiration notifications, and they are on by... Jim Pingle
12:39 PM Revision b0790fc0: Add missing newline after Must Staple cert info.: Jim Pingle
12:35 PM Todo #9864 (Feedback): Set autocomplete=new-password for user/password fields in forms: Applied in changeset commit:659a8a26d12b75399063dae060fa32fa23751dbf. Jim Pingle
11:02 AM Todo #9864 (Resolved): Set autocomplete=new-password for user/password fields in forms: It looks like at least Firefox and Chrome current versions suppress autocomplete for usernames and passwords when usi... Jim Pingle
10:37 AM Feature #9863 (Duplicate): Ability to select multiple firewall rules and then toggle them all on (enabled) or off (disabled) with one click: Duplicate of #2505 Jim Pingle
10:19 AM Feature #9863 (Duplicate): Ability to select multiple firewall rules and then toggle them all on (enabled) or off (disabled) with one click: It would be nice, when doing a major rule overhaul (like I just had to do on multiple firewalls) or testing before/af... Max Frames
10:35 AM Feature #9862 (Pull Request Review): Add support for waiting between ping-packages on diag_ping.php: Jim Pingle
09:11 AM Feature #9862 (Resolved): Add support for waiting between ping-packages on diag_ping.php: I wanted to wait a longer time between sending pings. The diag_ping.php interface does not have support for this. Mix Room
10:09 AM pfSense Packages Bug #9860 (Pull Request Review): Illegal string offset 'config' in /usr/local/pkg/tinc.inc on line 83: Jim Pingle
09:27 AM pfSense Packages Bug #9860: Illegal string offset 'config' in /usr/local/pkg/tinc.inc on line 83: https://github.com/pfsense/FreeBSD-ports/pull/694 Viktor Gurov
07:22 AM pfSense Packages Bug #9860: Illegal string offset 'config' in /usr/local/pkg/tinc.inc on line 83: Probably because that array isn't fully initialized before use. It needs to be initialized at each level, not just th... Jim Pingle
01:46 AM pfSense Packages Bug #9860: Illegal string offset 'config' in /usr/local/pkg/tinc.inc on line 83: got this errors when Tinc Hosts is empty Viktor Gurov
01:44 AM pfSense Packages Bug #9860 (Resolved): Illegal string offset 'config' in /usr/local/pkg/tinc.inc on line 83: Crash report details:
PHP Errors:
[30-Oct-2019 08:46:07 Europe/Moscow] PHP Warning: Illegal string offset 'confi... Viktor Gurov
09:32 AM Bug #9577: radvd send_ra_forall failed on interface / can't join ipv6-allrouters: After several failed attempts at creating a 12.1 version, the process that worked was to create a new branch from pfS... Ronald Schellberg
07:17 AM Bug #9861 (Not a Bug): All traffic passing through OpenVPN even if redirect gateway unchecked: That is a configuration problem, not a bug. This site is not for support or diagnostic discussion.
For assistance ... Jim Pingle
02:38 AM Bug #9861 (Not a Bug): All traffic passing through OpenVPN even if redirect gateway unchecked: An OpenVPN has been configured on pfSense and working well, but I noticed that even the "Redirect IPv4 Gateway" is un... Nico .
06:22 AM Bug #9851 (Resolved): PHP error in logs: Renato Botelho
12:09 AM Bug #9851: PHP error in logs: Upgraded and the error is gone. Thank you. Florin Samareanu

10/29/2019

11:11 PM pfSense Packages Bug #9665 (Resolved): acme.sh deleting A record for domain along with TXT record for _acme-challenge: Jim Pingle
11:10 PM pfSense Packages Bug #9665: acme.sh deleting A record for domain along with TXT record for _acme-challenge: Sorry for the late response. But I can confirm that ACME 0.6 does fix the issue for me. This ticket can be closed now. Ronnie Thomas
08:56 PM Revision 38e7b336: Add settings to control certificate expiration notifications. Issue #7332: Note that the notices themselves do not yet exist. Those are still a
work in progress. Jim Pingle
06:45 PM Revision 93f1121f: Add certificate lifetime to infoblock. Issue #7332: * Adds the total lifetime and lifetime remaining before expiration to
the info block
* Adds a visual indication to th... Jim Pingle
01:47 PM Feature #7332 (In Progress): Provide certificate expiry warning: I do not think there will be a per-certificate setting for this (at least for now), but for starters I have added a v... Jim Pingle
08:59 AM Bug #9851: PHP error in logs: I gave a look at PHP source code and I have a doubt, what is the gateway name? Nano Caiordo
07:21 AM Bug #9851: PHP error in logs: If that were the case it would happen to everyone all the time, which isn't true. Also the order of operations is bac... Jim Pingle
06:15 AM Bug #9851: PHP error in logs: It might be a permission issue, php docs about file_exists() states: ... Nano Caiordo
08:45 AM Feature #5851: Add copy action to OpenVPN client / server: A huge benefit as ISPs seem to be starting to pick off VPN connections and blocking access to VPN servers that are se... PT Rich
07:16 AM Bug #9859 (Rejected): Memory exhaustion by hundreds of minicron and php-cgi processes.: There is not enough solid information here to classify this as an identifiable or reproducible bug. This site is not ... Jim Pingle
04:10 AM Bug #9859 (Rejected): Memory exhaustion by hundreds of minicron and php-cgi processes.: After repeated gateway failovers I noticed I wasn't able to login any more using https or ssh.
I would then get an e... Joel Linn
07:14 AM Bug #9646 (Feedback): OpenSSL 1.1.1 does not list engines for AES-NI or BSD crypto: I've cherry-picked that patch to 2.5.0. Thanks for pointing that out Renato Botelho
02:36 AM Bug #9646: OpenSSL 1.1.1 does not list engines for AES-NI or BSD crypto: discussion and patch in freebsd mailing list:
https://lists.freebsd.org/pipermail/freebsd-current/2018-December/0724... Viktor Gurov
07:11 AM Feature #9831 (Resolved): diag_packet_capture.php: print packet capture start time: Renato Botelho
12:04 AM Feature #9831: diag_packet_capture.php: print packet capture start time: Renato Botelho wrote:
> PR has been merged. Thanks!
Tested on 2.5.0.a.20191028.1847
Works, resolved Viktor Gurov
07:09 AM Feature #9766 (Resolved): diag_packet_capture.php: allow to input multiple tcp/udp ports: Renato Botelho
12:04 AM Feature #9766: diag_packet_capture.php: allow to input multiple tcp/udp ports: Renato Botelho wrote:
> PR has been merged. Thanks!
Tested on 2.5.0.a.20191028.1847
Works, resolved Viktor Gurov
02:51 AM Bug #9858 (Rejected): adding gateway: Hello,
There is not enough information here to consider this a bug. Please use https://forum.netgate.com for troub... Paighton Bisconer
02:27 AM Bug #9858 (Rejected): adding gateway: We have deployed pfsense VM on VMware ESXi, can communicate with pfsense gateway among the VMs, but outside VMs netwo... geetha subramani
02:07 AM Feature #9857 (New): IPsec Down/Up SMTP Notifications: Currently if Phase1 or Phase 2 go offline no SMTP notification is given. It will be very helpful to have them. Auto p... DRago_Angel [InV@DER]

10/28/2019

08:46 PM Revision b6196922: Show detailed infoblock on CA and Cert pages. Implements #9856: * Moved info block to common function
* Used that function on CA and Cert pages
* Added more information to the info ... Jim Pingle
03:55 PM Todo #9856 (Feedback): Add certificate detail infoblock to CA list: Applied in changeset commit:b61969226691bb776bf21f1c1121b41519ad5e22. Jim Pingle
03:42 PM Todo #9856 (Resolved): Add certificate detail infoblock to CA list: The certificate list has a nice infoblock that expands with more details about the certificate. This should also work... Jim Pingle
03:23 PM Revision 725c8134: Add packages to version string to support composite update: Steve Beaver
12:11 PM Revision 83794361: Suppress errors from touch when marking GW down. Fixes #9851: Jim Pingle
07:44 AM Bug #9855 (Resolved): CSRF error at login when clicking the 'sign in' button multiple times: When logging in, if a user clicks 'sign in' and then waits a moment and clicks 'sign in' again before the login compl... Jim Pingle
07:20 AM Bug #9851 (Feedback): PHP error in logs: Applied in changeset commit:83794361b7135aaef4e47b35bd27df7da6ce023c. Jim Pingle
07:14 AM Bug #9851: PHP error in logs: I've seen that happen before. Looks like a race condition of some sort since there is a test just before that checkin... Jim Pingle
05:13 AM pfSense Packages Bug #9854: pfBlockerNG Message: Allowed memory size of 536870912 bytes exhausted: ... lexxai lexxai
05:11 AM pfSense Packages Bug #9854 (Closed): pfBlockerNG Message: Allowed memory size of 536870912 bytes exhausted: PHP ERROR: Type: 1, File: /usr/local/www/pfblockerng/pfblockerng_alerts.php, Line: 644, Message: Allowed memory size ... lexxai lexxai

10/27/2019

05:27 PM pfSense Docs Correction #9853 (Closed): Feedback on VPN — IPsec — Routing Internet Traffic Through a Site-to-Site IPsec VPN: *Page:* https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/routing-internet-traffic-through-a-site-to-site-ipsec-vp... Phil Six
10:50 AM pfSense Packages Bug #9849: NUT not starting as root? Isn't loading USB drivers?: I think I found a work-around. I went into the Services > UPS and then selected the UPS Settings tab. From there, cli... Ryan McCullough
10:12 AM Revision da77bc71: renamed click to select: Viktor Gurov
10:04 AM Feature #7467: Add iPhone/Android/Generic USB tethering support: Not sure why you keep pushing back the target, its 2 mins to add a few words to the kernel module build command and t... Chris Collins
09:37 AM pfSense Packages Feature #9852 (Resolved): show File-Store directory listing: add extra "Alert"-style page with File-Store directory listing
add download icon,
add “i” icon to check the sha25... Viktor Gurov
05:08 AM pfSense Packages Bug #9850: show huperscan option only for x86 arch: https://github.com/pfsense/FreeBSD-ports/pull/693 Viktor Gurov
02:21 AM Bug #9851 (Resolved): PHP error in logs: Hello,
After upgrading to 2.5.0-DEVELOPMENT (amd64) built on Mon Oct 21 20:52:27 EDT 2019 I get the following warn... Florin Samareanu

10/26/2019

06:23 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: Jim Pingle wrote:
> John K wrote:
> > What's the status here? Has Netgate been able to reproduce this issue?
>
... Vinicius DellAglio
05:27 PM pfSense Packages Bug #9850 (Resolved): show huperscan option only for x86 arch: Hyperscan will run on x86 processors in 64-bit (Intel® 64 Architecture) and 32-bit (IA-32 Architecture) modes.
hid... Viktor Gurov
05:09 PM pfSense Packages Bug #9849 (Rejected): NUT not starting as root? Isn't loading USB drivers?: It looks like the NUT/UPS driver isn't loading the USB driver unless I pass the "-u root" parameter to the command:
... Ryan McCullough
04:55 PM pfSense Packages Feature #9848 (Closed): file-store retention limits: Add File-Store limit to clean captured files by total size or age Viktor Gurov
10:03 AM Revision a5a8e816: upstream upd: Viktor Gurov
10:00 AM Revision e6e64544: fix: Viktor Gurov
09:57 AM Revision 916b6353: fix: Viktor Gurov
09:56 AM Revision 8cdb5a5c: fix: Viktor Gurov

10/25/2019

11:44 PM Bug #9847 (Not a Bug): Periodic Crash: There isn't enough information here to classify it as a bug. Your ESX version is very old, which is likely a source o... Jim Pingle
09:19 PM Bug #9847 (Not a Bug): Periodic Crash: I'm experiencing periodic lockups (every 2-3 weeks).
This is pfSense 2.4.4-p3 running as VM on ESXi 5.5.0
I have ha... Denis Johnson
08:38 PM Revision 03a84081: Add GUI code and more backend for CA/Cert Renewal. Issue #9842: Jim Pingle
07:03 PM pfSense Packages Bug #9795: FRR add two or more ipv6 BGP Neighbors will system down: i test find this frr with openvpn happen issue, when frr use two ipv6 BGP Neighbors, then the issue will happen. yon Liu
04:05 PM Feature #9843 (Feedback): allow to generate cert/csr with ECDSA key: PR has been merged Jim Pingle
03:42 PM Feature #9842: Add CA/certificate renewal function: I just committed the GUI code for this plus some more backend functions. There are still a couple items left, but not... Jim Pingle
01:27 PM Revision dc56eafa: Merge pull request #4104 from vktg/geneckey: Jim Pingle
12:17 PM Feature #9309: Allow manual selection of IPsec IKE Pseudo-Random Function (PRF): https://github.com/pfsense/pfsense/pull/4106 Viktor Gurov
09:14 AM Feature #6775: Strongswan PKCS#11 Support: Tested, with editing of ipsec.secrets, ipsec.conf and charon.conf
+ installing packages: ccid-1.4.30.txz, opensc-0... Viktor Gurov
08:05 AM pfSense Packages Bug #9846 (Feedback): pfBlockerNG log file download/clear lacks validation: Fix submitted by BBcan177 and committed.
https://github.com/pfsense/FreeBSD-ports/commit/38be8c32b1638b230310c0a54... Jim Pingle
07:51 AM pfSense Packages Bug #9846 (Resolved): pfBlockerNG log file download/clear lacks validation: The 'logfile' parameter in pfblockerng_log.php is not validated, and allows working on files outside of the expected ... Jim Pingle
06:04 AM Revision bc985fed: show the key type and related info in the per-cert info block: Viktor Gurov
02:58 AM Bug #9821: pfSense IPsec not reload configs on connectivity issues with DDNS: Jim Pingle wrote:
> IPsec with DDNS works fine for many users (myself included) -- you haven't presented any evidenc... DRago_Angel [InV@DER]

10/24/2019

08:59 PM Revision 14d49fba: Use full path since this pkg prefix is /usr: Renato Botelho
02:28 PM pfSense Packages Bug #9844 (Resolved): System_Patches 1.2_2 syntax error: Confirmed fixed. Jim Pingle
07:12 AM pfSense Packages Bug #9844 (Feedback): System_Patches 1.2_2 syntax error: Fix pushed. Jim Pingle
07:28 AM Bug #9845 (Not a Bug): diag_dump_states.php: can't use extended filter expressions: It's in the pfSense module:
https://github.com/pfsense/FreeBSD-ports/blob/devel/devel/php-pfSense-module/files/pfS... Jim Pingle
07:22 AM Bug #9845 (Not a Bug): diag_dump_states.php: can't use extended filter expressions: I can't filter expressions for grep-style queries, like "tcp 192.168 ESTABLISHED" or "icmp 172.16.0"
Only single val... Viktor Gurov
01:16 AM Bug #9837: ipv6 is not completely disabled on the interfaces: Manuel Piovan wrote:
> Do not configure IPv6 addresses with no link-local address by using
> ifconfig. It... Viktor Gurov
12:52 AM pfSense Packages Feature #9742: Print Patch ID in log while patching: fixes to PR:
https://github.com/pfsense/FreeBSD-ports/pull/692 Viktor Gurov

10/23/2019

08:23 PM Revision 9e80dd44: Add ca/certificate renew function backend (no GUI code yet). Issue #9842: Jim Pingle
08:06 PM pfSense Packages Bug #9844 (Resolved): System_Patches 1.2_2 syntax error: After install updated package System_Patches 1.2.2 it crashes
PATCH Menu is also GONE from system after update
Cr... Carlos Rocha
04:33 PM Revision ff5bc49c: spaces to tabs: Viktor Gurov
03:40 PM Revision 2d13c7fc: spaces to tabs: Viktor Gurov
03:34 PM Revision 3b9015b2: ARM checks: Viktor Gurov
03:27 PM Feature #9825: Requirements for trusted certificates in iOS 13 and macOS 10.15: Not a resolution, but a related note: I am adding code to renew certificates with an option to enforce these paramete... Jim Pingle
03:18 PM Feature #9842 (In Progress): Add CA/certificate renewal function: Second guessing the removal of deprecated subject items, since if the subject and key stay the same, then clients wou... Jim Pingle
02:57 PM Revision e0f8d364: fixes: Viktor Gurov
02:47 PM Revision de78ec77: Merge pull request #4086 from vktg/restartallwan: Renato Botelho
02:46 PM Revision b99b254e: Merge pull request #4103 from vktg/csreckey: Renato Botelho
02:46 PM Revision a1942bd3: Merge pull request #4101 from vktg/pcapstart: Renato Botelho
02:30 PM Bug #8179: Incorrect reverse DNS zone in DHCP server config for non-octet-aligned subnet mask: Yousif Hassan wrote:
> While the suggested code fix does in fact generate the more correct classless zone name, it... Yousif Hassan
01:34 PM Bug #9837: ipv6 is not completely disabled on the interfaces: be careful
https://www.freebsd.org/cgi/man.cgi?query=ifconfig&sektion=8&manpath=freebsd-release-ports#end
BUGS
... Manuel Piovan
12:37 PM pfSense Packages Bug #9740: empty Status / Tinc VPN page on latest 2.5: https://github.com/pfsense/FreeBSD-ports/pull/691
There is no /usr/local/sbin/clog in pfSense 2.5
using "cat" ins... Viktor Gurov
12:27 PM Revision 7df98f28: Add root warning to HA node sync privilege.: (cherry picked from commit 03b8b94ed86ca85510e7d00e035d30eab7e3a43b) Jim Pingle
12:26 PM Revision 03b8b94e: Add root warning to HA node sync privilege.: Jim Pingle
10:38 AM Feature #9771: diag_reboot.php: add ability to reroot and reboot with fsck to WebGUI: Jim Pingle wrote:
> It just hasn't made it into a Factory snapshot yet. It's already in the tree there.
additions... Viktor Gurov
09:47 AM Feature #9831 (Feedback): diag_packet_capture.php: print packet capture start time: PR has been merged. Thanks! Renato Botelho
09:47 AM Bug #9745 (Feedback): can't add ECDSA certificate key when signing CSR: PR has been merged. Thanks! Renato Botelho
09:47 AM Feature #9688 (Feedback): restartallwan - pfSsh.php script to restart all wan interfaces: PR has been merged. Thanks! Renato Botelho
09:40 AM pfSense Packages Feature #9824 (Feedback): Add support for DuckDuckGo's Safe Search: PR has been merged. Thanks! Renato Botelho
09:40 AM pfSense Packages Bug #9811 (Feedback): apcupsd - can not set BATTERYLEVEL and MINUTES to -1 although these are valid values: PR has been merged. Thanks! Renato Botelho
09:36 AM pfSense Packages Feature #9742 (Feedback): Print Patch ID in log while patching: PR has been merged. Thanks! Renato Botelho
09:36 AM pfSense Packages Feature #9521 (Feedback): Upgrade to HAProxy 1.9: PR has been merged. Thanks! Renato Botelho
09:29 AM pfSense Packages Bug #9836 (Feedback): OpenBGPD package deamon starts twice: PR has been merged. Thanks! Renato Botelho
08:46 AM Revision 68690e0d: initial version: Viktor Gurov
07:59 AM Feature #9843 (Pull Request Review): allow to generate cert/csr with ECDSA key: Jim Pingle
03:52 AM Feature #9843: allow to generate cert/csr with ECDSA key: https://github.com/pfsense/pfsense/pull/4104 Viktor Gurov
03:50 AM Feature #9843 (Resolved): allow to generate cert/csr with ECDSA key: Add ability to generate certificates/CSRs with ECDSA keys. Viktor Gurov
07:47 AM Revision 5a828267: cosmetic: vktg
07:45 AM Revision 4985c900: spaces: vktg
07:41 AM Revision ec2c7f75: touch() if action == Start: vktg

10/22/2019

05:00 PM Revision 233544b3: Update diag_packet_capture.php: fixes vktg
04:13 PM Feature #7332: Provide certificate expiry warning: It would be great if Certificate Manager will support expiration notification option for each existing certificate in... DRago_Angel [InV@DER]
03:57 PM Feature #7332: Provide certificate expiry warning: See also: #9703 Jim Pingle
04:11 PM Feature #9703: Certificate Manager Expiration Notification: Ok, fair. DRago_Angel [InV@DER]
04:09 PM Feature #9703: Certificate Manager Expiration Notification: There is no distinction here when the feature doesn't exist. They are asking for the same thing, but in different way... Jim Pingle
04:05 PM Feature #9703: Certificate Manager Expiration Notification: Hi Jim, the idea is duplicate, but the task itself not. DRago_Angel [InV@DER]
03:57 PM Feature #9703 (Duplicate): Certificate Manager Expiration Notification: Duplicate of #7332 Jim Pingle
04:07 PM Feature #9842 (Resolved): Add CA/certificate renewal function: Currently there is no way to renew an existing certificate, you have to recreate it.
Add a function to renew a cer... Jim Pingle
03:49 PM Revision dace81a7: additions: Viktor Gurov
03:07 PM Revision dc9393ba: Initialize array to avoid a PHP error in upgrade_144_to_145(). Fixes #9840: (cherry picked from commit 8e0d33ec48792e13839a0181031664261269c220) Jim Pingle
03:07 PM Revision 8e0d33ec: Initialize array to avoid a PHP error in upgrade_144_to_145(). Fixes #9840: Jim Pingle
01:56 PM pfSense Packages Bug #9836 (Pull Request Review): OpenBGPD package deamon starts twice: Jim Pingle
01:51 PM pfSense Packages Bug #9836: OpenBGPD package deamon starts twice: Please consider the following pull request:
https://github.com/pfsense/FreeBSD-ports/pull/690
Dirk Meyer
10:43 AM Revision 47c46bbd: initial: Viktor Gurov
10:41 AM Bug #9841 (Rejected): pfSense shows wrong info about BIOS on Intel DH61BR motherboard: That's an issue with the BIOS/DMI/etc info supplied by your board, not pfSense. Jim Pingle
10:29 AM Bug #9841 (Rejected): pfSense shows wrong info about BIOS on Intel DH61BR motherboard: Hello, I have installed pfSense in Intel DH61BR motherboard but shows strange info on BIOS.
Everything else seems to... Horus Horus
10:22 AM pfSense Packages Bug #8258: BIND responds with SERVFAIL when adding/changing records if 'allow-update' is configured for a zone: Submitted a PR that fixes this: https://github.com/pfsense/FreeBSD-ports/pull/689 Ross Williams
10:15 AM Bug #9840 (Feedback): PHP7: Uninitialised array in upgrade_config.inc: Applied in changeset commit:8e0d33ec48792e13839a0181031664261269c220. Jim Pingle
09:49 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: John K wrote:
> What's the status here? Has Netgate been able to reproduce this issue?
Not that I have seen yet.... Jim Pingle
09:22 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: Jim Pingle wrote:
> If anyone can come up with simple cases that reliably reproduce the problem [...]
What's the ... John K
06:35 AM Revision b1370c94: if spaces fixes: Viktor Gurov
06:30 AM Revision 10703125: touch() fixes: vktg
05:27 AM Bug #9829: NTP Status vs. parsing NTP Access Restrictions: Dear Jim,
thanks for your reply, but I'm afraid I did not quite understand it...
If I check "Disable ntpq and n... Edgar Wiesmann

10/21/2019

05:05 PM Bug #9840 (Resolved): PHP7: Uninitialised array in upgrade_config.inc: Interfaces set to trackv6 against an interface that does not have an IPv6 config trigger this:... Steve Wheeler
03:30 PM Bug #9448 (Resolved): Dynamic DNS options showing in GUI for IPv6 when not in use: Actually, it is there even in your video. You scrolled by it. With a non-default algorithm, there are custom settings... Jim Pingle
03:26 PM Bug #9448 (Feedback): Dynamic DNS options showing in GUI for IPv6 when not in use: I can't reproduce that problem on a current snapshot. It's possible another change affected the behavior, such as the... Jim Pingle
02:43 PM Bug #9839: How to clean disable IPsec VTI Tunnel: I would agree, and sorry to make the title look like a question.
But the description states, that this is more like ... Thomas Spalinger
02:38 PM Bug #9839 (Not a Bug): How to clean disable IPsec VTI Tunnel: That is a support question, and this site is not for support or diagnostic discussion.
For assistance in solving p... Jim Pingle
02:30 PM Bug #9839 (Not a Bug): How to clean disable IPsec VTI Tunnel: I found the exact same question in issue #8691, but with a different purpose.
I have setup some VTI Site to Site t... Thomas Spalinger
08:04 AM Bug #9763 (Resolved): Trying to set VLAN Priority causes error: Jim Pingle
08:04 AM pfSense Packages Bug #9836: OpenBGPD package deamon starts twice: Nobody is currently maintaining the OpenBGPD package. It has been deprecated in favor of FRR, but remains available f... Jim Pingle
08:02 AM Feature #6103: DNS Resolver Outgoing Interfaces should be able to use Gateway Groups: That would still only do failover, and wouldn't have the behavior suggested by OP. It should be possible to populate ... Jim Pingle
08:00 AM Bug #9745 (Pull Request Review): can't add ECDSA certificate key when signing CSR: Jim Pingle
07:58 AM Bug #9823 (Closed): no l2tplink param in get_interface_info: Jim Pingle
07:57 AM Feature #9834 (Pull Request Review): system_certmanager.php: add ability to import certificate without private key: It's nowhere near that simple. In doing this, there would also have to be quite a bit of code preventing users from p... Jim Pingle
07:54 AM Bug #9832 (Not a Bug): DHCP relay stopped working after changing interface and vlan name: Did you reassign/move the interface or only change its name? I can see how it might break if you changed the interfac... Jim Pingle
07:46 AM Bug #9837: ipv6 is not completely disabled on the interfaces: That seems like it would not be desirable to set by default. There are people who want to run with linklocal addresse... Jim Pingle
07:42 AM Bug #9835 (Rejected): client's certificate and login/pass can be different (no conformity checks): The functionality is there already. Check "Enforce match" under Strict User-CN Matching. Then it will test the certif... Jim Pingle
07:40 AM Bug #9829: NTP Status vs. parsing NTP Access Restrictions: The page checks for settings, and if 'noquery' is set, then it assumes the daemon will be unreachable. It could maybe... Jim Pingle
07:27 AM pfSense Packages Feature #9824 (Pull Request Review): Add support for DuckDuckGo's Safe Search: Jim Pingle
07:23 AM pfSense Packages Feature #9742 (Pull Request Review): Print Patch ID in log while patching: Jim Pingle
07:16 AM Feature #9831 (Pull Request Review): diag_packet_capture.php: print packet capture start time: Jim Pingle

10/20/2019

10:08 PM Revision fb249aef: Revise jquery/jquery-ui in csrf_error page, which needs its own copy: Steve Beaver
09:00 PM pfSense Packages Feature #9555: pimd package: +1, igmpproxy stopped working for Sonos systems after pfsense update several years ago (I want to say 2.2 -> 2.3, but... Andy Shulman
03:20 PM Bug #9835: client's certificate and login/pass can be different (no conformity checks): https://forums.openvpn.net/viewtopic.php?t=18264
https://serverfault.com/questions/358855/how-to-prevent-users-fro... Viktor Gurov
02:12 PM Feature #9838 (New): PKCS11 support: There is no ability to use PKCS11 tokens with OpenVPN. because *[PKCS11]* feature is not compiled in:... Viktor Gurov
02:04 PM Bug #9837 (New): ipv6 is not completely disabled on the interfaces: When IPv6 Configuration Type is None on Interfaces configuration page, IPv6 link-local addresses still uses
You can ... Viktor Gurov
07:31 AM Feature #6103: DNS Resolver Outgoing Interfaces should be able to use Gateway Groups: You can select Loopback as Outgoing interface of DNS Resolver -
In this case it uses gateway group
Viktor Gurov
06:25 AM pfSense Packages Bug #9836 (Resolved): OpenBGPD package deamon starts twice: After reboot with OpenBGPD package
the bgpd starts twice.
logfile:
Oct 20 11:44:50 router bgpd[53729]: startup
... Dirk Meyer

10/19/2019

12:53 PM Revision c13a8a59: ec key parser: Viktor Gurov
08:33 AM Bug #9763: Trying to set VLAN Priority causes error: Jim Pingle wrote:
> Applied in changeset commit:93db39ba1b7a72ad936a76aee2fe059a35b8af40.
Tested on 2.5.0.a.20191... Viktor Gurov
08:00 AM Bug #9745: can't add ECDSA certificate key when signing CSR: https://github.com/pfsense/pfsense/pull/4103 Viktor Gurov
06:13 AM Bug #9823: no l2tplink param in get_interface_info: it successfully creates [l2tplink] entry after you select L2TP in IPv4 Configuration Type field on interface configur... Viktor Gurov
04:56 AM Feature #9834: system_certmanager.php: add ability to import certificate without private key: https://github.com/pfsense/pfsense/pull/4102 Viktor Gurov
04:13 AM Bug #9835 (Rejected): client's certificate and login/pass can be different (no conformity checks): Remote Access (SSL/TLS + User Auth) allow users created in Local Database to use login/pass of other users during Ope... Viktor Gurov

10/18/2019

06:02 PM Feature #9302: radvd always advertises DNS servers and Domain Search List regardless of M or O flag: DNS via RFC 8415 (DHCP) and via RFC 8106 (RDNSS) are independent functions which is as the current pfSense implementa... Rick Coats
05:30 PM Feature #9302: radvd always advertises DNS servers and Domain Search List regardless of M or O flag: Are you saying that the impact of this change, is that in the cases of "Managed" or "Stateless DHCP" then the bottom ... Rick Coats
03:51 PM Feature #9302: radvd always advertises DNS servers and Domain Search List regardless of M or O flag: I totally agree that when using "M" mode that RDNSS should not be disabled.
In fact, the change above only stops ... Elbin Teh
01:12 PM Feature #9302: radvd always advertises DNS servers and Domain Search List regardless of M or O flag: I think this change breaks ipv6 RFC compliance. The blogger article was written in 2012 and seems that the authors go... Rick Coats
03:15 PM Revision bb31e48e: Correct jQuery include: Steve Beaver
03:09 PM Revision b1a3d89a: Renamed jQuery-ui files for consistency with jQuery naming: Steve Beaver
02:59 PM Revision df4262d0: Fixed #9407: Steve Beaver
10:12 AM Bug #9407: Update jQuery to current version (3.3.1 or later): jQuery updated to 3.4.1
jQuery-ui updated to 1.12.1
www/vendor directory reorganized
Obsoleted files list updated
... Anonymous
10:05 AM Bug #9407 (Feedback): Update jQuery to current version (3.3.1 or later): Applied in changeset commit:df4262d0e1d8d460ba93b9fcde16476306ee21f6. Anonymous
09:13 AM Feature #9834 (Resolved): system_certmanager.php: add ability to import certificate without private key: This is needed in case when VPN clients uses PKCS#11 token for authentication, and they not able to export private key Viktor Gurov
04:52 AM pfSense Packages Feature #9833 (New): ACME: add ability to use custom ACME server: Hi, on September 2019 the Smallstep company released a feature on their +step-ca+ tool that allows to serve private C... Filippo Tessarotto
03:51 AM Bug #9832 (Not a Bug): DHCP relay stopped working after changing interface and vlan name: Hi
Interface and vlan was named AP_HBV, so i changed it to VLAN528_AP_HBV.
Afterwards DHCP Relay didnt work.
T... Michael Olesen

10/17/2019

05:07 PM pfSense Packages Feature #9820 (Resolved): Add Zabbix 4.4 (agent and proxy) packages: Renato Botelho
04:40 PM pfSense Packages Feature #9820: Add Zabbix 4.4 (agent and proxy) packages: Works for me thanks! Pim Janssen
08:51 AM Revision 52a950a2: workaround if capture already exist: Viktor Gurov
08:27 AM Revision 438870df: check if time file exist: Viktor Gurov
07:53 AM Revision a2f56f9d: print capture start time: Viktor Gurov
03:55 AM Feature #9831: diag_packet_capture.php: print packet capture start time: https://github.com/pfsense/pfsense/pull/4101 Viktor Gurov
03:55 AM Feature #9831 (Resolved): diag_packet_capture.php: print packet capture start time: Prints packet capture start time in extra field Viktor Gurov

10/16/2019

06:34 PM Revision 88b88d2d: Enable zabbix 4.4 build: Renato Botelho
06:34 PM Revision c8865ef3: Enable zabbix 4.4 build: Renato Botelho
06:25 PM Revision ee74e2c3: Add Zabbix 4.4 config options: (cherry picked from commit 04677464cd4bf73588934277d7ff7eb2dd3d5ceb) Danilo Baio
06:25 PM Revision 3be451cd: Merge pull request #4100 from dbaio/zabbix44: Renato Botelho
04:56 PM Feature #9828: L2TP (long) username containing @ (realm separator): ok it's because it's late for me then ^^
don't worry, some dev will read and answer here asap, if they want a PR for... Manuel Piovan
04:24 PM Feature #9828: L2TP (long) username containing @ (realm separator): I need a server, not a client :-)
The username/realm mod is exactly wat is needed and should me incorporated in th... Arjan van der Oest
04:04 PM Feature #9828: L2TP (long) username containing @ (realm separator): sorry man didn't understand clearly what you where doing from the start..
revert back my mods, that page is for conf... Manuel Piovan
01:22 PM Feature #9828: L2TP (long) username containing @ (realm separator): Well, changing the script allows to add the desired realms in the username, however the establishing of the l2tp tunn... Arjan van der Oest
11:17 AM Feature #9828: L2TP (long) username containing @ (realm separator): I will try and report back ASAP, thanks for the ultrafast response, I truly appreciate it. Arjan van der Oest
11:05 AM Feature #9828: L2TP (long) username containing @ (realm separator): /usr/local/www/vpn_l2tp_users_edit.php
change line 82
if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usern... Manuel Piovan
09:06 AM Feature #9828 (Resolved): L2TP (long) username containing @ (realm separator): Hi Team,
I’m trying to use pfSense as LNS via L2TP. However my LAC always includes a realm in the username.
Fo... Arjan van der Oest
02:04 PM pfSense Packages Feature #9820 (Ready To Test): Add Zabbix 4.4 (agent and proxy) packages: PR has been merged. Thanks! Renato Botelho
07:06 AM pfSense Packages Feature #9820 (In Progress): Add Zabbix 4.4 (agent and proxy) packages: Danilo (dbaio@FreeBSD.org) is working to integrate zabbix 4.4 on pfSense as well Renato Botelho
05:03 AM pfSense Packages Feature #9820: Add Zabbix 4.4 (agent and proxy) packages: https://svnweb.freebsd.org/ports/head/net-mgmt/zabbix44-proxy/
https://svnweb.freebsd.org/ports/head/net-mgmt/zabbix... Pim Janssen
11:59 AM pfSense Docs Correction #9822: specify XG-7100 does not support NVMe: In addition to the XG-7100's, the note has been added to all systems that have an M.2 SATA drive upgrade option. Seem... Doug McIntire
11:30 AM Bug #9830 (Resolved): NTP ACLs vs. NTP pools: Starting with /var/etc/ntpd.conf containing:... Edgar Wiesmann
11:16 AM Bug #9829 (Resolved): NTP Status vs. parsing NTP Access Restrictions: Status/NTP displays "Statistics unavailable because ntpq and ntpdc queries are disabled in the NTP service settings" ... Edgar Wiesmann

10/15/2019

11:00 PM Revision 04677464: Add Zabbix 4.4 config options: Danilo Baio
05:38 PM Todo #8350: Remove clog in favor of standard syslogd or syslogd alternative with rotation via newsyslog or logrotate: That is not related to this change, so it cannot be considered on this issue. TCP syslog is not yet supported by Free... Jim Pingle
05:36 PM Todo #8350: Remove clog in favor of standard syslogd or syslogd alternative with rotation via newsyslog or logrotate: Testing 2.5.0-dev, found UI does not provide support for TCP syslog forwarding. I believe this results in truncation... Mark Rodman

10/14/2019

01:27 PM pfSense Docs Correction #9822 (Closed): specify XG-7100 does not support NVMe: Added note to state that NVMe is not supported on both the XG-7100 DT & 1U.
https://docs.netgate.com/pfsense/en/la... Doug McIntire
10:16 AM pfSense Packages Bug #9135 (Rejected): Suricata in inline modus blocks some downloads: As pointed by Bill, it's not a pfSense bug. Renato Botelho
08:40 AM Feature #9827 (Duplicate): Add default route indicator to gateways dashboard widget to indicate which interface is currently selected as default in a gateways group scenario: In System > Routing > Gateways the default route is indicated based on the state of the gateway group.
It would be u... And Ritchie
06:40 AM pfSense Packages Feature #9521 (Pull Request Review): Upgrade to HAProxy 1.9: Renato Botelho
03:13 AM pfSense Packages Feature #9521: Upgrade to HAProxy 1.9: now that pfsense/FreeBSD-ports has been updated to ports 2019Q3 i think it would make sense to bump haproxy versions
... Torben Hørup

10/13/2019

02:42 PM Bug #9654: After reboot, the DNS resolver must be restarted before it will advertise the ipv6 DNS address of the router.: Further information: I have noted that during the period before first restart of the resolver, that the predefined al... Rick Coats
02:15 PM Bug #9826 (Rejected): No users displayed in user manager: 2.4.4-p3 does not include a fix for #9541 -- You are hitting that issue, not something new. Jim Pingle
12:06 PM Bug #9826 (Rejected): No users displayed in user manager: I am running 2.4.4_3 so I am assuming I already have the patch for https://redmine.pfsense.org/issues/9541. My admin ... robbie foster
08:17 AM Bug #9448 (In Progress): Dynamic DNS options showing in GUI for IPv6 when not in use: Jim Pingle
08:15 AM Feature #9825: Requirements for trusted certificates in iOS 13 and macOS 10.15: We have automatically filled in the SAN based on the CN for a while now. You can't make a new cert without a SAN, sin... Jim Pingle
02:47 AM Feature #9825 (Resolved): Requirements for trusted certificates in iOS 13 and macOS 10.15: Because Apple has shortened the maximum validity period of TLS server certificates to 825 days on iOS 13 & macOS Cata... Daniel Gutierrez

10/12/2019

06:12 PM Feature #9695 (Resolved): Add Ability to Force NAT-T Encapsulation on IKEv2 Peers: Jim Pingle
02:58 PM Feature #9695: Add Ability to Force NAT-T Encapsulation on IKEv2 Peers: Jim Pingle wrote:
> Applied in changeset commit:9c4f5b95eed5534ab797f104ad9f687359bd4818.
Tested on 2.5.0.a.20191... Viktor Gurov
10:28 AM Bug #9448: Dynamic DNS options showing in GUI for IPv6 when not in use: Jim Pingle wrote:
> Applied in changeset commit:7ba6788b155b92ad8c488c2891c9fe2601fe5c14.
Tested on 2.5.0.a.20191... Viktor Gurov
09:28 AM pfSense Packages Feature #9824 (Resolved): Add support for DuckDuckGo's Safe Search: The switches managing the Safe Search are described in the "DuckDuckGo Help Pages":https://help.duckduckgo.com/duckdu... Markus *
08:31 AM Feature #9788 (Resolved): Display number of connections in status_openvpn.php: Jim Pingle
01:51 AM Feature #9788: Display number of connections in status_openvpn.php: Renato Botelho wrote:
> PR has been merged. Thanks!
Tested on 2.5.0.a.20191011.1853
Works, resolved
Viktor Gurov
08:31 AM Feature #9791 (Resolved): Ability to filter Diagnostics ARP Table by IP range (DHCP): Jim Pingle
02:00 AM Feature #9791: Ability to filter Diagnostics ARP Table by IP range (DHCP): Jim Pingle wrote:
> Applied in changeset commit:9297ad6504618c5ffcee9f8fe02535cb33f570c9.
Tested on 2.5.0.a.20191... Viktor Gurov
08:31 AM Bug #9708 (Resolved): /etc/inc/unbound.inc: Pfsense Default Unbound Configuration does not Prevent DNS Rebinding Attacks Against Localhost: Jim Pingle
02:07 AM Bug #9708: /etc/inc/unbound.inc: Pfsense Default Unbound Configuration does not Prevent DNS Rebinding Attacks Against Localhost: Jim Pingle wrote:
> Applied in changeset commit:afeb18ff0ecaec2e9d0da1801fe9cebf5b99a3ca.
Tested on 2.5.0.a.20191... Viktor Gurov
08:31 AM Bug #9586 (Resolved): Unbound Access List /31 UI Issue: Jim Pingle
02:13 AM Bug #9586: Unbound Access List /31 UI Issue: Steve Beaver wrote:
> Applied in changeset commit:7ec80e763f7e8357a4e5b0d2d57546cfd5d0f0f0.
Tested on 2.5.0.a.201... Viktor Gurov
08:31 AM Feature #6787 (Resolved): NTP GUI sync/poll interval: Jim Pingle
02:27 AM Feature #6787: NTP GUI sync/poll interval: Jim Pingle wrote:
> Applied in changeset commit:8ef6844a34cd6765bfa09d2fdaf4f0609d6c59cb.
Tested on 2.5.0.a.20191... Viktor Gurov
08:31 AM Bug #9258 (Resolved): Error deleting tunnel type P2 when mixed with VTI: Jim Pingle
02:36 AM Bug #9258: Error deleting tunnel type P2 when mixed with VTI: Jim Pingle wrote:
> Applied in changeset commit:37c6083084617e3fd079876352109ff38aa6613b.
Tested on 2.5.0.a.20191... Viktor Gurov
08:31 AM Feature #9302 (Resolved): radvd always advertises DNS servers and Domain Search List regardless of M or O flag: Jim Pingle
04:09 AM Feature #9302: radvd always advertises DNS servers and Domain Search List regardless of M or O flag: Renato Botelho wrote:
> PR has been merged. Thanks!
Tested on 2.5.0.a.20191011.1853
No RDNSS and DNSSL entries... Viktor Gurov
08:31 AM Feature #9285 (Resolved): Add an option to disable the ping-check in dhcpd: Jim Pingle
04:19 AM Feature #9285: Add an option to disable the ping-check in dhcpd: Renato Botelho wrote:
> Applied in changeset commit:5197e3e3a3b0ee048785e2ffb4222d7cba4e6c74.
Tested on 2.5.0.a.2... Viktor Gurov
05:06 AM pfSense Packages Bug #9012: Captive Portal authentication in Squid Proxy Server does not work: i solved this problem.
new captiveportal.inc file... mehmet yiğiter
04:31 AM Bug #9823: no l2tplink param in get_interface_info: this is why changes in "Show PPP uptime on the Dashboard - Interfaces Widget" https://redmine.pfsense.org/issues/9426... Viktor Gurov
03:44 AM Bug #9823: no l2tplink param in get_interface_info: config.xml:... Viktor Gurov
03:38 AM Bug #9823 (Closed): no l2tplink param in get_interface_info: For L2TP interfaces you can't see "Uptime" in interfaces widget due to function get_interface_info do not return link... Viktor Gurov

10/11/2019

03:48 PM pfSense Docs Correction #9822 (Closed): specify XG-7100 does not support NVMe: https://docs.netgate.com/pfsense/en/latest/solutions/xg-7100/m-2-sata-installation.html
Only specifies *a M.2 SATA... Anonymous
03:21 PM pfSense Packages Feature #9555: pimd package: Michael Pelley wrote:
> Folks - as it seems that IGMP Proxy is "broken" and pimd works is it possible to add (or rep... Pete Holzmann
02:44 PM Revision 6d3a6127: Merge pull request #4075 from bechaire/patch-1: Renato Botelho
01:37 PM Revision 4144a9f8: Merge pull request #4067 from crypto-powers/master: Renato Botelho
01:34 PM Revision 5489c0a8: Merge pull request #4030 from jalavoy/master: Renato Botelho
11:18 AM Bug #9821: pfSense IPsec not reload configs on connectivity issues with DDNS: At same time first end try communicate only over Tier1 IP and they can't do connection. Restart of strongswan fix thi... DRago_Angel [InV@DER]
11:16 AM Bug #9821: pfSense IPsec not reload configs on connectivity issues with DDNS: When My Tier1 goes offline on one end: IPsec begin to use Tier2 connection. But when Tier1 come back - second end sti... DRago_Angel [InV@DER]
11:05 AM Bug #9821 (Rejected): pfSense IPsec not reload configs on connectivity issues with DDNS: IPsec with DDNS works fine for many users (myself included) -- you haven't presented any evidence that there is an ac... Jim Pingle
10:52 AM Bug #9821 (Rejected): pfSense IPsec not reload configs on connectivity issues with DDNS: If you configure IPsec to use static IP or or static DNS - all fine.
But when you have multiWAN environment with DDN... DRago_Angel [InV@DER]
10:16 AM pfSense Packages Feature #9820 (Resolved): Add Zabbix 4.4 (agent and proxy) packages: New release from zabbix. Please add this new version.
https://www.zabbix.com/rn/rn4.4.0 Pim Janssen
09:48 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: I see similar effects with the old config which i attached in January. Ph. T
09:43 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: I have tried to reproduce the issue. Unfortently that was not possible. Now i just get complete empty tables.
I have... Ph. T
07:41 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: I will provide the data / config.xml . I could also provide a virtual-box pfsense-installation
which shows this pro... Ph. T
07:29 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: If anyone can come up with simple cases that reliably reproduce the problem, that would definitely help. That is, the... Jim Pingle
06:53 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: Ph. T wrote:
> I am *very,very* unhappy with the time it takes to deal and fix this problem.
> Is there any way to... Luiz Souza
01:39 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: I am *very,very* unhappy with the time it takes to deal and fix this problem.
Is there any way to speed up the proc... Ph. T
01:23 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: Angel Briceño wrote:
> I have removed all gigantic ranges of IPs and the problem is solved.
I have no ranges of... Gavin Stewart
09:45 AM Bug #9819 (Feedback): Captive portal: Change order redirect page is selected: PR has been merged Renato Botelho
09:44 AM Bug #9819 (Resolved): Captive portal: Change order redirect page is selected: If page is defined in query string, redirects user to that and let default page to be used only when it's not defined... Renato Botelho
09:13 AM Feature #9256: adjust frequency of geom rebuild notifications.: Renato Botelho wrote:
> PR has been merged. Thanks!
No sir, thank you. James Lavoy
08:35 AM Feature #9256 (Feedback): adjust frequency of geom rebuild notifications.: PR has been merged. Thanks! Renato Botelho
08:38 AM Feature #9527 (Feedback): Add ability for LDAP extended query on groups in RFC2307 containers.: PR has been merged. Thanks! Renato Botelho

10/10/2019

03:35 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: Ph. T wrote:
> If you are using FQDN-Aliases each FQDN can only be used once, if
> you use the alias twice, the ge... Angel Briceño
02:32 PM Bug #9577: radvd send_ra_forall failed on interface / can't join ipv6-allrouters: 2.5 will be moving to a 12.1 or stable/12 base, but that choice has not yet been made. It definitely will not stay on... Jim Pingle
02:26 PM Bug #9577: radvd send_ra_forall failed on interface / can't join ipv6-allrouters: There are multiple issues, some easily solved. The "disabled" logging message can be deleted, as it is just an indica... Ronald Schellberg
02:12 PM Bug #9818 (Rejected): bug status VPN: Not nearly enough information here. IPsec status works fine here, must be something specific to your configuration/se... Jim Pingle
02:02 PM Bug #9818 (Rejected): bug status VPN: Erro no status do tunel VPN na versão 2.5.0-DEVELOPMENT Alexandre morganti
12:35 PM Bug #9802 (Resolved): status_logs_settings.php: "Reset log files" does not clear all log files: Tested on 2.5.0.a.20191009.1906, works as expected. Anonymous
10:40 AM pfSense Packages Feature #9742: Print Patch ID in log while patching: https://github.com/pfsense/FreeBSD-ports/pull/685 Viktor Gurov
10:40 AM pfSense Packages Feature #9817 (Duplicate): logging of patching to syslog: Duplicate of #9742 Jim Pingle
10:39 AM pfSense Packages Feature #9817 (Duplicate): logging of patching to syslog: Add ability to log patch id to system log Viktor Gurov
08:04 AM Bug #9407: Update jQuery to current version (3.3.1 or later): Updating to version 3.4.1 is straightforward but we also use jQuery-UI which needs to be kept in step. Unfortunately ... Anonymous
07:10 AM Feature #9816 (Pull Request Review): firewall_aliases.php: add ability to export list of aliases: Jim Pingle
05:57 AM Feature #9816: firewall_aliases.php: add ability to export list of aliases: https://github.com/pfsense/pfsense/pull/4099 Viktor Gurov
05:55 AM Feature #9816 (Resolved): firewall_aliases.php: add ability to export list of aliases: adds ability to export list of aliases
opens white page with only aliases - to copy&paste and save to txt Viktor Gurov

10/09/2019

02:57 PM Bug #9815: IPv6 policy routing selects wrong interface: output of @pfctl -sa | grep 2001:bbbb:bbbb:bbbb::1@... Bianco Veigel
02:56 PM Bug #9815 (Not a Bug): IPv6 policy routing selects wrong interface: Not enough evidence that there is a bug here. This site is not for support or diagnostic discussion.
For assistanc... Jim Pingle
02:43 PM Bug #9815 (Not a Bug): IPv6 policy routing selects wrong interface: I've a rather complex setup with multiple interfaces - some of them have an IPv6 Address and some also have an IPv6 G... Bianco Veigel
10:51 AM Feature #6240: vxlan driver: Created https://github.com/pfsense/FreeBSD-src/pull/27 Jose Luis Duran
10:33 AM Feature #6240: vxlan driver: +1 ... it there's any point Khamzet Shogenov

10/08/2019

10:55 AM Bug #9058: Kernel panic during L2TP retransmit: I've opened a bug at https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241133 Bianco Veigel
06:29 AM Bug #9814 (Duplicate): User Manager: Duplicate of #9541 Jim Pingle
04:16 AM Bug #9814 (Duplicate): User Manager: Hi.
I think I found a little bug when using a created user with admin permissions to navigate to the User Manager.
... Norman Kühnberger

10/07/2019

06:16 PM Bug #9148: PPPoE over a VLAN fails to reconnect.: gek Johnson wrote:
> It's reproducing on 2.4.4-RELEASE-p3.
I'm also seeing the issue again in 2.4.4-RELEASE-p3.
... Anonymous
07:19 AM pfSense Packages Bug #9813 (Resolved): Fails saving accountkeys if name contains non-English characters: When trying to create a new set of account keys for use with ACME, and the name contains any special characters (such... Nikolaj Jørgensen

10/06/2019

02:05 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: Robert Gijsen wrote:
> It's been about 8 months now that we are unable to update / patch our firewalls because of th... John K
12:04 PM Bug #9812 (Not a Bug): High cpu load (php-fpm) on every VTI reload: There is not enough information here to classify this as a bug. Please start a post on the forum to discuss the issue... Jim Pingle
09:53 AM Bug #9812: High cpu load (php-fpm) on every VTI reload: The CPU load remains high for some minutes. Daniel Klinghofer
09:48 AM Bug #9812 (Not a Bug): High cpu load (php-fpm) on every VTI reload: Every event that reload the VTI interface(s) causes high cpu load with the process php-fpm.
The system also log th... Daniel Klinghofer
06:26 AM Todo #9808: status_logs_settings.php: Add GUI option for syslog format: Hi,
I have RFC 5424 manually running here, to export to my syslog collector. And you're right, the local syslog is... Russell Morris

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

10/31/2019

10/30/2019

10/29/2019

10/28/2019

10/27/2019

10/26/2019

10/25/2019

10/24/2019

10/23/2019

10/22/2019

10/21/2019

10/20/2019

10/19/2019

10/18/2019

10/17/2019

10/16/2019

10/15/2019

10/14/2019

10/13/2019

10/12/2019

10/11/2019

10/10/2019

10/09/2019

10/08/2019

10/07/2019

10/06/2019

10/05/2019

10/04/2019

10/03/2019

10/02/2019