Activity

30 days up to

User

Subprojects

Activity

From 02/29/2020 to 03/29/2020

03/29/2020

10:45 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: Jim Pingle wrote:
> AFAIK This is because last I looked, miniupnpd doesn't support its "masquerade" options on FreeB... Russell Graville
02:58 PM Bug #10390: Fix DigitalOcean Dynamic DNS client for IPv6: The corresponding line causes the failure is in /etc/in/dyndns.class, line 1054 (in pfSense v2.4.5 RELEASE):
if ($th... Csoban Kesmarki
02:55 PM Bug #10390 (Resolved): Fix DigitalOcean Dynamic DNS client for IPv6: The DigitalOcean IPv6 Dynamic DNS Client could not find the proper IPv6 entry when updating and fails with the error ... Csoban Kesmarki
01:36 PM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: O 71 wrote:
> I have the same problem after update.
>
> I think the problem comes from the -w parameter. It shoul... Viktor Gurov
08:13 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: A picture of my test to illustrate O 71
08:06 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: I have the same problem after update.
I think the problem comes from the -w parameter. It should be done like this... O 71
05:36 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: Ismael Peixoto Azambuja wrote:
> Hi, i test this fix, but dont work here...
I have successfully tested this PR w... Viktor Gurov
01:19 PM Bug #10381: dhcrelay does not start after upgrade to 2.4.5: Thing is - windows OpenVPN clients got DHCP IP address all along, with no fw rules and no dhcrelay running.
macOS cl... Ivars Strazdins
01:10 PM Bug #10381: dhcrelay does not start after upgrade to 2.4.5: Ivars Strazdins wrote:
>
> However, after reading that _DHCP is a special case on pfSense, it is allowed with hidd... Viktor Gurov
08:29 AM Bug #10381: dhcrelay does not start after upgrade to 2.4.5: > Do you select only one interface and two upstream servers from the same network?
Yes. I don't have anything more... Ivars Strazdins
07:37 AM Bug #10381: dhcrelay does not start after upgrade to 2.4.5: Ivars Strazdins wrote:
> Thanks.
> I applied the patch, but dhcrelay still doesn't start.
>
Can you provide mo... Viktor Gurov
01:17 PM Feature #10389 (Duplicate): 2.4.5: *reload* unbound to avoid constant service outages, rather than restart: Unbound is not fast to restart:... Brittney Lars
12:09 PM Feature #10388 (Rejected): Upgrade to Python 3.8: I saw that in pfSense 2.5.0, Python will be upgraded from 2.7 to 3.6. Why not upgrade to the latest version (currentl... retnikt the

03/28/2020

06:48 PM Bug #9263: Incorrect ICMP reply when using limiters: People on forum are wrongly attributing this issue as the same as #932 which is something quite different, omitting r... Kacper Michajłow
06:21 PM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: Viktor Gurov wrote:
> Local and RADIUS auth works fine
>
> LDAP auth fix:
> https://github.com/pfsense/FreeBSD-p... Ismael Peixoto Azambuja
04:16 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: Local and RADIUS auth works fine
LDAP auth fix:
https://github.com/pfsense/FreeBSD-ports/pull/811 Viktor Gurov
12:57 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: I have not found the problem yet, but I did test on an outdated server, 2.4.4p3 squid 0.4.44_8 and everything works p... Ismael Peixoto Azambuja
06:18 PM Revision 53d5cc19: Bug #10386: Manuel Piovan
05:00 PM Feature #10387 (Resolved): Reevaluate the GUI upgrade language presented to the user: When a user is performing an upgrade using the Web GUI they are presented with this message after the files are copie... Chris Linstruth
03:00 PM Bug #10381: dhcrelay does not start after upgrade to 2.4.5: Thanks.
I applied the patch, but dhcrelay still doesn't start.
Mar 28 21:54:27 gw php-fpm: /system_patches.php: B... Ivars Strazdins
09:53 AM Bug #10381 (New): dhcrelay does not start after upgrade to 2.4.5: Ivars Strazdins wrote:
> You're not paying attention. This setup is working and is required to OpenVPN clients to ge... Viktor Gurov
08:57 AM Bug #10381: dhcrelay does not start after upgrade to 2.4.5: You're not paying attention. This setup is working and is required to OpenVPN clients to get DHCP address from intern... Ivars Strazdins
01:21 PM Bug #10386: A NTP Time Server name may only contain the characters a-z, 0-9, '-' and '.'.: Manuel Piovan wrote:
> System / General Setup
> localization -> time server
> if it is populated with an ipv6 ser... Manuel Piovan
01:10 PM Bug #10386 (Resolved): A NTP Time Server name may only contain the characters a-z, 0-9, '-' and '.'.: System / General Setup
localization -> time server
if it is populated with an ipv6 server you can't save anymore
... Manuel Piovan
12:58 PM pfSense Packages Bug #10385: Pb with Username authorized characters when OTP is disabled: Hi, thanks for your fast answer.
So I have modifief the file /usr/local/pkg/freeradius.inc, line 3668 and 3669 wit... Olivier GUENET
12:08 PM pfSense Packages Bug #10385: Pb with Username authorized characters when OTP is disabled: need to revert back https://github.com/pfsense/FreeBSD-ports/pull/775/
and cherry-pick https://redmine.pfsense.org... Viktor Gurov
11:34 AM pfSense Packages Bug #10385 (Resolved): Pb with Username authorized characters when OTP is disabled: Hi,
I have done the update to the 2.4.5 version of pfsense, with the update of the last package of freeradius3.
... Olivier GUENET
12:01 PM pfSense Packages Feature #8878 (Resolved): Propagate user's description field into QR code for FreeRADIUS: works as expected on pfSense 2.4.5 with freeradius3 0.15.7_11 Viktor Gurov
08:38 AM Bug #10384 (Rejected): 2.4.5 breaks apipa-nat rules: had a setup running under 2.4.4-RELEASE-p3 which worked fine, but stopped working after the 2.4.5 update.
I have a... Tim Hartmann
05:17 AM Bug #9467: vmx(4) interfaces do not have ALTQ support on pfSense 2.5, they had ALTQ support on 2.4: Don't think it's "shamelessly copied". 7066 was Affected Version: 2.4.0 from a 2.3 upgrade.
This is 2.5.0, it was fi... Justin Smith
01:07 AM Bug #8357 (Resolved): Static mapping of dhcp leases on bridge interfaces links to the real interface.: static mapping correctly works on bridge or lagg interfaces,
tested on 2.4.5 and 2.5.0.a.20200325.1429 Viktor Gurov
12:57 AM pfSense Packages Feature #10297: IPv6 user attributes: https://forum.netgate.com/topic/151725/freeradius-ipv6-framed-ip-issue-with-2-4-5:... Viktor Gurov

03/27/2020

10:12 PM Feature #9439: Poll Interval For GPS and PPS: Jim Pingle wrote:
> The GUI part of this is I mentioned is in #6787
>
> This can remain open to investigate wheth... Pierre Poutine
08:31 PM Bug #10383 (Resolved): Additional interfaces do not survive a reboot before the setup wizard has been run: In a fresh install before the setup wizard has been run or dismissed the file /conf/trigger_initial_wizard exists.
... Steve Wheeler
08:01 PM Bug #9179: NAT reflection fix implemented for #8604 is causing WebUI and XMLRPC to fail on slave: This affects 2.4.5 as well Valentin N
05:49 PM pfSense Docs Correction #10382 (Closed): Feedback on Hardware — Tuning and Troubleshooting Network Cards: *Page:* https://docs.netgate.com/pfsense/en/latest/hardware/tune.html
*Feedback:* This section in the documentatio... Anonymous
12:48 PM Bug #10381 (Closed): dhcrelay does not start after upgrade to 2.4.5: Ivars Strazdins wrote:
> LAN interface == bce1
> LAN network 10.67.20.0/24
> DHCP servers are 10.67.20.31 and 10.6... Viktor Gurov
11:18 AM Bug #10381: dhcrelay does not start after upgrade to 2.4.5: LAN interface == bce1
LAN network 10.67.20.0/24
DHCP servers are 10.67.20.31 and 10.67.20.34 - ISC DHCP servers wit... Ivars Strazdins
11:15 AM Bug #10381: dhcrelay does not start after upgrade to 2.4.5: Interface details:
[2.4.5-RELEASE][admin@gw]/root: ifconfig
bce0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTIC... Ivars Strazdins
11:01 AM Bug #10381: dhcrelay does not start after upgrade to 2.4.5: Please post more details to reproduce:
Destination server IP,
All interfaces IPs
it seems interface/server netwo... Viktor Gurov
10:38 AM Bug #10381: dhcrelay does not start after upgrade to 2.4.5: Sorry, I meant *dhcrelay* service, NOT dhclient service. Ivars Strazdins
10:36 AM Bug #10381 (Rejected): dhcrelay does not start after upgrade to 2.4.5: After upgrade to version 2.4.5 dhclient service does not start from GUI.
Trying to start it produces error
Mar 27 1... Ivars Strazdins
09:38 AM Bug #10380 (Rejected): Unable to upgrade from 2.4.4 p3 to 2.4.5: Error: Warning: PHP Startup: Unable to load dynamic library 'readline.so' (tried: /usr/local/lib/php/20170718/readlin... Al Mello
09:31 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: Cache.log
[2.4.4-RELEASE][admin@PFLog01.intra.uergs.rs]/var/squid/logs: cat cache.log
2020/03/27 10:29:52 kid1| S... Ismael Peixoto Azambuja
09:18 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: Apparently everything is right in the configuration, when I type user and password, in the log appears users. In this... Ismael Peixoto Azambuja
09:07 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: Ismael Peixoto Azambuja wrote:
> pfsense 2.4.4p3 with all packages updated, using squid with LDAP authentication wa... Viktor Gurov
08:36 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: seems regression by https://redmine.pfsense.org/issues/9217 Viktor Gurov
05:19 AM pfSense Packages Bug #10379 (Resolved): squid not authenticate LDAP/RADIUS: pfsense 2.4.4p3 with all packages updated, using squid with LDAP authentication was working perfectly, server with 2 ... Ismael Peixoto Azambuja
04:40 AM pfSense Packages Bug #10367 (Resolved): squid reverse proxy not starting: works as expected on 2.5.0.a.20200326.1148 with squid 0.4.44_15 Viktor Gurov
02:22 AM pfSense Packages Bug #10367: squid reverse proxy not starting: tested on 2.4.5 with squid 0.4.44_15
reverse proxy starts successfully Viktor Gurov
03:50 AM Bug #10359: Require State Filter setting breaks filter rule link to associated states: Jens Groh wrote:
> Just as a short question: I suppose after following the quick release of 2.4.5 that fix didn't go... Viktor Gurov
02:38 AM Bug #10359: Require State Filter setting breaks filter rule link to associated states: Just as a short question: I suppose after following the quick release of 2.4.5 that fix didn't go into 2.4.5, too? Ju... Jens Groh
03:18 AM pfSense Packages Bug #8774 (Resolved): Whitelist ALC type not supported by ssl_bump: tested on 2.4.5 with squid 0.4.44_15
works as expected Viktor Gurov
02:19 AM pfSense Packages Bug #10378 (Resolved): Add IPv6 network to Squid localnet: Currently, the “Allow users in the interface” option only adds the IPv4 interface subnet to the list of allowed subne... Viktor Gurov
02:13 AM pfSense Packages Bug #8887 (Resolved): Squid Proxy Interface not assignee to IPv6: tested on 2.4.5 with squid 0.4.44_15
now it works as expected Viktor Gurov
02:04 AM pfSense Packages Feature #10357 (Resolved): Add Iperf verbose output option: works as expected on 2.4.5 with iperf 3.0.2_4 Viktor Gurov
02:02 AM pfSense Packages Feature #9272 (Resolved): Allow multiple IP in ListenIP for Zabbix Agent: works as expected on 2.4.5 with zabbix-agent44 1.0.4_4 Viktor Gurov
01:30 AM Bug #4218 (Resolved): Bridge does not have AUTO_LINKLOCAL flag: works as expected on 2.4.4-p3, 2.4.5 and 2.5.0.a.20200325.1429 Viktor Gurov

03/26/2020

12:57 PM pfSense Packages Feature #10377: Allow usage of TOTP (Google-Authenticator) without PIN: Pardon my lack of experience using openvpn, but would this request mean all someone needs is the username? TOTP reall... Ben Cronce
09:10 AM pfSense Packages Feature #10377 (New): Allow usage of TOTP (Google-Authenticator) without PIN: Currently it is not possible to create a radius user with TOTP enabled without entering an additional pin.
So to aut... Andreas Heckmann
12:21 PM Revision 7e79c173: Clear DNS dhcpleases entries. Issue #8981: Viktor Gurov
08:54 AM Feature #8027 (Closed): Add second password field for validation when doing encrypted config.xml backup: fixed in https://redmine.pfsense.org/issues/10301 Viktor Gurov
08:53 AM Feature #10301 (Resolved): Password confirmation when exporting encrypted backup file: works as expected on 2.5.0.a.20200325.1429 Viktor Gurov
08:30 AM Feature #10333 (Resolved): Increase the number of DHCP NTP server options to three for DHCP Static Mappings: see https://redmine.pfsense.org/issues/8990
works as expected on 2.5.0.a.20200325.1429 Viktor Gurov
08:30 AM Bug #8990 (Resolved): Additional BOOTP/DHCP Options per host: works as expected on 2.5.0.a.20200325.1429 Viktor Gurov
06:30 AM pfSense Packages Feature #9272 (Feedback): Allow multiple IP in ListenIP for Zabbix Agent: Renato Botelho
06:29 AM pfSense Packages Bug #10338 (Feedback): FRR OSPF6 Router-ID configuration statement has changed: PR has been merged. Thanks! Renato Botelho
06:29 AM pfSense Packages Feature #10357 (Feedback): Add Iperf verbose output option: PR has been merged. Thanks! Renato Botelho
06:24 AM pfSense Packages Bug #8774 (Feedback): Whitelist ALC type not supported by ssl_bump: PR has been merged. Thanks! Renato Botelho
06:24 AM pfSense Packages Bug #8887 (Feedback): Squid Proxy Interface not assignee to IPv6: PR has been merged. Thanks! Renato Botelho
06:24 AM pfSense Packages Bug #10367 (Feedback): squid reverse proxy not starting: PR has been merged. Thanks! Renato Botelho
06:19 AM pfSense Packages Bug #8625 (Feedback): PFsense squidGuard faulty URL check: PR has been merged. Thanks! Renato Botelho
05:26 AM Bug #8981: Uncheck DHCP registration does not clear entries: Unchecking "static entries" successfully updates host_entries.conf,- tested on 2.5.0.a.20200325.1429
dhcpleases_en... Viktor Gurov
02:53 AM Bug #8054: DHCP server accepts trailing dot in domain names, DNS resolver adds another and breaks: This is true only for the DHCP static mapping "domain name" or the System / General / Domain, but not for the "domain... Viktor Gurov
01:55 AM Bug #5806 (Closed): Alias URL table containing an unresolvable FQDN entry causes rules to not load: no such issue on 2.4.5 and 2.5.0.a.20200324.1145
it ignores unresolved hosts, putting only valid IPs in /var/db/alia... Viktor Gurov
01:31 AM Bug #10376: Duplicate logs from charon: pfSense is 2.4.4-p3. Christian Ullrich
01:30 AM Bug #10376 (Rejected): Duplicate logs from charon: Intermittently the IPsec log receives every log line from charon twice, formatted slightly differently. The differenc... Christian Ullrich
12:42 AM Bug #10276 (Resolved): NTP "No Select" does not work: works as expected on 2.5.0.a.20200324.1145 Viktor Gurov
12:39 AM Feature #2850 (Resolved): add units in ntp status page: OK on 2.5.0.a.20200324.1145 Viktor Gurov
12:38 AM Feature #2568 (Resolved): Allow dashed DUID to be entered in a DHCPv6 Mapping: works as expected on 2.5.0.a.20200324.1145 Viktor Gurov

03/25/2020

10:22 PM Revision 3e851891: Be ready for 2.4.5-RELEASE: Renato Botelho
10:19 PM Revision dddcbffc: Be ready for 2.4.5-RELEASE: Renato Botelho
12:34 PM Feature #10340: IPsec Mobile GUI Improvement (Dashboard and Status > IPsec > Leases): Appreciate Jim's idea: either *bolding* the green lines (like when pfSense indicates that it is up to date) or possib... Jum Pers
09:04 AM Bug #10375 (Resolved): Double zfs entry in loader.conf: Clean 2.4.5 install on ZFS,
after checking loader.conf I see double _zfs_load="YES"_ entries:... Viktor Gurov
08:26 AM Feature #10374 (Resolved): Add ARM32/64 network booting support to dhcpd: Similar to Bug #5046 which added EFI64 (arch = 00:09) support to DHCPd, but this is for ARM 32/64 architecture (arch ... Michael Boever
03:12 AM Bug #10373: Incorrect copyright year: same on the Dashboard copyright notice:
https://github.com/pfsense/pfsense/blob/d5cbbe6a0fa23a45525019f0bca1af613cf3... Viktor Gurov
02:11 AM Bug #10373 (Resolved): Incorrect copyright year: Latest 2.4.5 build shows:
_pfSense is Copyright 2004-2019 Rubicon Communications, LLC (Netgate)._
it should be:
... Viktor Gurov

03/24/2020

04:25 PM Bug #6481: loading EAP_RADIUS method failed: This bug keep in 2.4.4 release. Rafael Sant'Anna
02:34 PM Todo #10349: status.php: Sanitize ldapbindpass and ldap_pass: OK on 2.5.0.a.20200323.0902:... Viktor Gurov
02:23 PM Feature #10348 (Resolved): Add localhost to NTP Interfaces: works as expected on 2.5.0.a.20200323.0902 Viktor Gurov
11:40 AM pfSense Docs Correction #10371: Update flow control tuning doc for chelsio: It may also be good to recommend disablement of the non-router related resource allocations so the NIC can use its en... Ansley Barnes
02:39 AM pfSense Docs Correction #10371 (Resolved): Update flow control tuning doc for chelsio: It would be good to add into Flow Contol section of https://docs.netgate.com/pfsense/en/latest/hardware/tuning-and-tr... Constantine Kormashev
07:26 AM Bug #10372: PfSense crashes for TIL: ANyone, pls help us. DO not know what to do with Pfsense crashing p k
07:25 AM Bug #10372 (Rejected): PfSense crashes for TIL: PfSense crashes for TIL often. PFA crash logs. p k

03/23/2020

11:11 PM Revision 1c2926e6: Update notices.inc: Formatting corrections on if statements. John Kap
10:58 PM Todo #9734: Re-evaluate log size, line defaults, and limits: I was going to file a similar ticket, but found this one searching for "511488"...
I'm not sure how typical my set... Sean McBride
06:42 PM Revision bd1291d0: Remote OpenVPN server proto definition. Issue #10368: Viktor Gurov
06:06 PM pfSense Packages Bug #10370 (New): ntopng Timeseries not send to InfluxDB: When moving timeseries from rrd to influxdb it initial configures the db but does not send data to Influxdb.
Netga... Alex Garcia
03:52 PM Feature #1019: Lagg Failover Mode Master Interface: https://github.com/pfsense/pfsense/pull/4249 Viktor Gurov
02:28 PM pfSense Packages Bug #10369: Remote OpenVPN server protocol definition: https://github.com/pfsense/FreeBSD-ports/pull/808 Viktor Gurov
02:25 PM pfSense Packages Bug #10369 (Resolved): Remote OpenVPN server protocol definition: An exact definition of the OpenVPN remote server protocol must be present,
Otherwise, it may try to establish a conn... Viktor Gurov
01:44 PM Bug #10368: OpenVPN server no definition of protocol to use (udp4): This PR adds protocol definition:
https://github.com/pfsense/pfsense/pull/4248
TODO: same for OpenVPN client ex... Viktor Gurov
12:58 AM Bug #10368 (Resolved): OpenVPN server no definition of protocol to use (udp4): When implementing a OpenVPN server and selecting the protocol "udp on ipv4 only" i expect, that that is exaclty what ... Bjarne Schmidt
12:31 PM Revision f8ac7bdc: Ticket #9267: Fix dhclient-script to handle error properly: Renato Botelho
12:30 PM Revision d5cbbe6a: Ticket #9267: Fix dhclient-script to handle error properly: Renato Botelho
07:33 AM Bug #9267: dhclient does not handle protocol timeouts or script failures correctly: Patch to pfSense-dhclient-script was applied on 2.4.5 as well Renato Botelho
04:11 AM Feature #7783: Support for hosting VMs on pfSense using bhyve: Hello. This is something more and more are after.
Separate Pfsense core installation from other addons/install pack... Tobias Müllauer
03:30 AM Bug #10359: Require State Filter setting breaks filter rule link to associated states: Re-tested on latest 2.4.5-RC, still working as expected. Jens Groh
03:21 AM Bug #10359: Require State Filter setting breaks filter rule link to associated states: Cherry-picked and manually installed "b9ab356250f68213fe36b6cba1758feee581ac83" via System Patches to 2.4.5-RC
Wor... Jens Groh

03/22/2020

08:46 PM Revision c3d53b06: Changes to Checkbox & others: Changed the approach of the option from checking box to disable to checking the box to enable.
Test return from API ... John Kap
03:05 PM pfSense Packages Bug #8625: PFsense squidGuard faulty URL check: https://github.com/pfsense/FreeBSD-ports/pull/806 Viktor Gurov
02:59 PM Feature #3718: radvd - enhancement proposal: ability to advertise routes and some fixes - patches attached: A short update:
The Router lifetime/AdvDefaultLifetime point tortured my mind last night.
Today I did some experime... Marc Posch
02:16 PM Feature #10341 (Resolved): Exclude unsupported interfaces from DHCP Relay: works as expected on 2.5.0.a.20200321.2101 Viktor Gurov
02:14 PM Bug #10359 (Resolved): Require State Filter setting breaks filter rule link to associated states: Viktor Gurov
02:14 PM Bug #10359: Require State Filter setting breaks filter rule link to associated states: works as expected on 2.5.0.a.20200321.2101 Viktor Gurov
02:11 PM Bug #10362 (Resolved): Error renewing cert if SAN contains IP Address: renewing is OK on 2.5.0.a.20200321.2101 Viktor Gurov
01:40 PM pfSense Packages Bug #10367: squid reverse proxy not starting: Fix:
https://github.com/pfsense/FreeBSD-ports/pull/805 Viktor Gurov
08:06 AM pfSense Packages Bug #10367 (Resolved): squid reverse proxy not starting: FATAL: Bungled /usr/local/etc/squid/squid.conf line 89: http_port Array:80 accel defaultsite=mysite.com vhost
http... Manuel Piovan
07:40 AM Bug #9488: No console when booting CE Memstick UEFI.: Jim Pingle wrote:
> OK, we'll mark this resolved for now, can revisit if it turns out to be a general issue.
It's... Grzegorz Krzystek

03/21/2020

05:20 PM Revision 0f1c8e5b: LAGG VLAN MTU fix. Issue #8585: Viktor Gurov
04:52 PM Bug #10366 (Closed): Captive Portal Allowed MAC bandwidth Issue: Services----> Captive Portal -----> MACs
Given bandwidth for allowed MAC fallback to bandwidth defined in captive... Muhammad Waseem Ul Haq
04:40 PM Feature #3718: radvd - enhancement proposal: ability to advertise routes and some fixes - patches attached: Hello Magnus,
I am glad that you found my enhancement useful and updated it for the 2.4.4 version.
I didn't menti... Marc Posch
12:23 PM Bug #8585: Logical interface MTU matches configuration of its physical port channel, not its own configuration: This PR adds additional checking for lagg vlan interface (lagg with dot) to set_interface_mtu():
https://github.com/... Viktor Gurov
07:10 AM Revision 96d78012: Allow import of PKCS12 (pfx) certificates. Issue #8645: Viktor Gurov
06:38 AM Revision bfcf5d7c: NTP maxpeers default value fix. Issue #10323: Viktor Gurov
05:37 AM Bug #10365: LAGG member event causes filter to reload: This PR adds the same code for LAGG members checking,
and fixes LAGG Ports field on the Status / Interfaces page:
h... Viktor Gurov
04:49 AM Bug #10365 (Resolved): LAGG member event causes filter to reload: The LAGG interface member is cxl0 and cxl1,
if one of these interfaces is down, it triggers check_reload_status:
<p... Viktor Gurov
01:46 AM Feature #10323: Allow limiting NTP pool server usage count: It always require to fill the 'Max Pool Peers' field,
Fix allowing to use empty(default value) 'Max Pool Peers' fi... Viktor Gurov

03/20/2020

11:19 PM Bug #10364: 2nd LAN tracking IPv6 from a 2nd WAN not obtaining an IPv6 nor hosts behind it are getting an Global Rotatable IPv6: Jim Pingle wrote:
> That is almost certainly a configuration problem and not a bug. Post more details of your config... Al Mello
11:05 PM Bug #10364 (Rejected): 2nd LAN tracking IPv6 from a 2nd WAN not obtaining an IPv6 nor hosts behind it are getting an Global Rotatable IPv6: That is almost certainly a configuration problem and not a bug. Post more details of your configuration on the forum ... Jim Pingle
09:44 PM Bug #10364: 2nd LAN tracking IPv6 from a 2nd WAN not obtaining an IPv6 nor hosts behind it are getting an Global Rotatable IPv6: Correction: Seen at 2.4.4 p3 Al Mello
09:16 PM Bug #10364 (Rejected): 2nd LAN tracking IPv6 from a 2nd WAN not obtaining an IPv6 nor hosts behind it are getting an Global Rotatable IPv6: Physical pfSense
Version 2.4.4-RELEASE-p3 (amd64)
built on Wed May 15 18:53:44 EDT 2019
FreeBSD 11.2-RELEASE-p10
... Al Mello
01:24 PM Revision 892d8a10: Merge pull request #4228 from vktg/pppoeno6: Renato Botelho
01:21 PM Revision 4471eb26: Merge pull request #4232 from vktg/dhcprelayintfilter: Renato Botelho
01:20 PM Revision 55920eea: Merge pull request #4224 from kiokoman/master: Renato Botelho
01:19 PM Revision 83174e31: Merge pull request #4231 from vktg/passconf: Renato Botelho
01:17 PM Revision 2fd2fff5: Merge pull request #4234 from vktg/ipv6aliasmacros: Renato Botelho
01:17 PM Revision 8d2f8069: Merge pull request #4233 from vktg/dashedduid: Renato Botelho
01:13 PM Revision aea0f1d2: Merge pull request #4236 from kiokoman/Garmin-gps-init: Renato Botelho
01:12 PM Revision 2e46d7d8: Merge pull request #4237 from vktg/ntplocalhost: Renato Botelho
01:10 PM Revision 3f9d433a: Merge pull request #4225 from vktg/hostdhcpoptions: Renato Botelho
01:07 PM Revision 9a656d4c: Merge pull request #vktg:ntpunits from vktg/ntpunits: Renato Botelho
01:06 PM Revision a2d658d5: Merge pull request #4239 from vktg/squidldappwsanitize: Renato Botelho
01:05 PM Revision b9ab3562: Merge pull request #4241 from vktg/statefiltfix: Renato Botelho
01:00 PM Bug #10363 (Resolved): Clarify behavior of OpenVPN server option for Duplicate Connections: In the OpenVPN tunnel settings, vpn_openvpn_server.php, the *Duplicate Connections* setting could be more explicit. I... Jared Dillard
12:59 PM Revision dd3b3c98: Merge pull request #4242 from brownowski/ipsec_package_reload_patch: Renato Botelho
12:58 PM Revision d7bada5e: Merge pull request #4244 from vktg/ipaddsanfix: Renato Botelho
12:58 PM Revision 04094be9: Update translation files: Renato Botelho
12:58 PM Revision 967eb746: Regenerate pot: Renato Botelho
10:49 AM Feature #10350 (Resolved): Add OpenVPN configuration file(s) to status.php file: tested on 2.5.0.a.20200319.0930
Nice, I see OpenVPN client/server files with appropriate content:
OpenVPN-Configu... Viktor Gurov
09:43 AM Revision 3fdd559e: Renew cert with IP Address SAN. Issue #10362: Viktor Gurov
08:25 AM Bug #7386 (Feedback): IPv6 not disabled in mpd.conf w/ IPv6 GUI option set to 'disabled': PR has been merged. Thanks! Renato Botelho
08:21 AM Feature #10341 (Feedback): Exclude unsupported interfaces from DHCP Relay: PR has been merged. Thanks! Renato Botelho
08:20 AM Feature #10323 (Feedback): Allow limiting NTP pool server usage count: PR has been merged. Thanks! Renato Botelho
08:19 AM Feature #10301 (Feedback): Password confirmation when exporting encrypted backup file: PR has been merged. Thanks! Renato Botelho
08:18 AM Bug #8256 (Feedback): IPv6 IP Alias VIP not added to Interface Network Macros: PR has been merged. Thanks! Renato Botelho
08:16 AM Feature #2568 (Feedback): Allow dashed DUID to be entered in a DHCPv6 Mapping: PR has been merged. Thanks! Renato Botelho
08:13 AM Bug #10327 (Feedback): Fix/Update GPS initialization commands for Garmin devices.: PR has been merged. Thanks! Renato Botelho
08:12 AM Feature #10348 (Feedback): Add localhost to NTP Interfaces: PR has been merged. Thanks! Renato Botelho
08:10 AM Bug #8990 (Feedback): Additional BOOTP/DHCP Options per host: PR has been merged. Thanks! Renato Botelho
08:08 AM Feature #2850 (Feedback): add units in ntp status page: PR has been merged. Thanks! Renato Botelho
08:06 AM Todo #10349 (Feedback): status.php: Sanitize ldapbindpass and ldap_pass: PR has been merged. Thanks! Renato Botelho
08:04 AM Bug #10359 (Feedback): Require State Filter setting breaks filter rule link to associated states: PR has been merged. Thanks! Renato Botelho
08:02 AM Bug #10295 (Resolved): Unescaped characters in dhcp-client-identifier prevent DHCPD from starting on interface: fine on 2.5.0.a.20200319.0930 Viktor Gurov
07:59 AM Bug #10351 (Feedback): Saving IPSEC connection breaks FRR BGP on VTI interfaces: PR has been merged. Thanks! Renato Botelho
07:54 AM Bug #10351 (Pull Request Review): Saving IPSEC connection breaks FRR BGP on VTI interfaces: Jim Pingle
07:58 AM Bug #10362 (Feedback): Error renewing cert if SAN contains IP Address: PR has been merged. Thanks! Renato Botelho
07:46 AM Bug #10362 (Pull Request Review): Error renewing cert if SAN contains IP Address: Jim Pingle
04:47 AM Bug #10362: Error renewing cert if SAN contains IP Address: https://www.openssl.org/docs/manmaster/man5/x509v3_config.html#Subject-Alternative-Name:... Viktor Gurov
01:17 AM Bug #10362 (Resolved): Error renewing cert if SAN contains IP Address: example SAN: DNS:tkWAN2, IP Address:10.123.123.4
If I try to renew it, I get the message 'Error renewing Certifica... Viktor Gurov
07:55 AM Bug #9282 (Resolved): Add static mapping count to DHCP Server interface tabs: OK on 2.5.0.a.20200319.0930 Viktor Gurov
07:53 AM Bug #7622 (Resolved): Don't include disabled ipsec phase2 entries on pf table vpn_networks: tested on 2.5.0.a.20200319.0930
now it's OK Viktor Gurov
07:52 AM Feature #3567 (Pull Request Review): Option to disable NTP: Jim Pingle
03:29 AM Feature #3567: Option to disable NTP: Updated PR:
https://github.com/pfsense/pfsense/pull/4243 Viktor Gurov
07:45 AM pfSense Packages Bug #8887 (Pull Request Review): Squid Proxy Interface not assignee to IPv6: Jim Pingle
06:21 AM pfSense Packages Bug #8887: Squid Proxy Interface not assignee to IPv6: Squid IPv6 addresses needs square brackets
Otherwise, you will get:... Viktor Gurov
02:41 AM Revision 4aebc4ba: Update vpn_ipsec.php: Add ipsec_reload_package_hook() to apply function.
Fixes Bug #10351 brownowski
01:11 AM Bug #10360 (Resolved): PHP error when renewing a CA used by services: renewing is OK on 2.5.0.a.20200319.0930
tested with IPsec, OpenVPN and DNS Resolver services Viktor Gurov

03/19/2020

10:56 PM Revision 51a12198: Update notices.inc: John Kap
10:42 PM Revision 0b2a89bd: Update notices.inc: John Kap
09:44 PM Bug #10351: Saving IPSEC connection breaks FRR BGP on VTI interfaces: Created pull request: https://github.com/pfsense/pfsense/pull/4242 Steven Brown
06:47 PM Feature #4242: Two Factor or OTP Authentication for Admin Interface: This is even more necessary with the recent vulnerabilities that were released. Justin P
03:05 PM Bug #10359 (Pull Request Review): Require State Filter setting breaks filter rule link to associated states: Jim Pingle
08:02 AM Bug #10359: Require State Filter setting breaks filter rule link to associated states: Firewall rules page uses $_REQUEST['ruleid'], but diag_dump_states.php checks only for $_POST['filter'] and requirest... Viktor Gurov
07:00 AM Bug #10359 (Resolved): Require State Filter setting breaks filter rule link to associated states: If one configures
System > General Setup
- Require State Filter -> yes (enabled checkbox)
that's a great way ... Jens Groh
03:04 PM pfSense Packages Feature #10357 (Pull Request Review): Add Iperf verbose output option: Jim Pingle
01:17 AM pfSense Packages Feature #10357: Add Iperf verbose output option: https://github.com/pfsense/FreeBSD-ports/pull/801 Viktor Gurov
01:12 AM pfSense Packages Feature #10357 (Resolved): Add Iperf verbose output option: iperf verbose output (-V) shows more detailed information, including TCP MSS, CPU utilization, time and version:
<pr... Viktor Gurov
03:01 PM pfSense Packages Feature #10356 (Pull Request Review): Support for additional Notification Support: PR: https://github.com/pfsense/FreeBSD-ports/pull/800 Jim Pingle
02:59 PM Feature #10354 (Pull Request Review): Telegram Notification Support: PR: https://github.com/pfsense/pfsense/pull/4240 Jim Pingle
02:38 PM Feature #10361 (Duplicate): Openvpn added the option to copy tunnels.: Duplicate of #5851 and it's already been implemented in 2.4.5. Jim Pingle
02:25 PM Feature #10361 (Duplicate): Openvpn added the option to copy tunnels.: It would be interesting that in openvpn tunnels you have the option to copy the tunnels as it exists in ipsec.
foll... Marcio Gomes
01:49 PM pfSense Docs New Content #8773 (Feedback): Add VPN Throughput Tuning info: All this and more...
https://docs.netgate.com/pfsense/en/latest/vpn/scaling.html Jim Pingle
01:29 PM Revision 81423583: Require service-utils.inc before using a function from it. Fixes #10360: Jim Pingle
01:00 PM Revision afb4cdcd: Firewall rule states link and Require State Filter option fix. Issue #10359: Viktor Gurov
11:10 AM Revision 7bf57a35: Restore %%REPO_BRANCH_PREFIX%% to devel repo: Renato Botelho
10:55 AM Revision f9265a68: Update translation files: Renato Botelho
10:41 AM Revision 5fdf0ee0: Regenerate pot: Renato Botelho
10:41 AM Revision 1e4909c0: Upgrade zanata.xml to internal server: Renato Botelho
08:35 AM Bug #10360 (Feedback): PHP error when renewing a CA used by services: Applied in changeset commit:8142358358ab20758bd78d53a934ef090bb981b9. Jim Pingle
08:28 AM Bug #10360 (Resolved): PHP error when renewing a CA used by services: When renewing a CA which is in use by a service, the restart may fail with an error such as:... Jim Pingle
02:23 AM pfSense Packages Feature #10358 (New): Stage FRR Configuration Changes: Changes made to the configuration on any FRR Component are applied immediate when hitting the save button. If a large... Luki TJ
12:35 AM Revision ded59fb6: Telegram Notification Support. Feature #10354: Readmine feature https://redmine.pfsense.org/issues/10354 ready for review. John Kap

03/18/2020

08:29 PM Revision 1370d006: Fix 2.5.0 URL: Renato Botelho
08:06 PM pfSense Packages Feature #10356 (Resolved): Support for additional Notification Support: Refer to feature #10354 Telegram Notification Support in the main pfsense package.
In order for the service watch... John Kap
07:39 PM Revision 03de4431: The time has come for 2.4.5-RELEASE: Renato Botelho
02:29 PM Revision 14b52494: IPsec PH2 bypass mode. Issue #3329: Viktor Gurov
02:15 PM Bug #10355 (Resolved): diag_ping.php: Potential XSS via Hostname parameter: Improper input is rejected by validation on 2.4.5.r.20200318.1200 Jim Pingle
09:05 AM Bug #10355 (Feedback): diag_ping.php: Potential XSS via Hostname parameter: Applied in changeset commit:cc3990a334059018b004c91eeb66c147d8afe83d. Jim Pingle
08:56 AM Bug #10355: diag_ping.php: Potential XSS via Hostname parameter: diag_traceroute.php is unaffected but I made the same changes there to be safe. Jim Pingle
08:54 AM Bug #10355 (Resolved): diag_ping.php: Potential XSS via Hostname parameter: On diag_ping.php, the hostname isn't fully validated and the output is not encoded, leading to a potential XSS.
Us... Jim Pingle
01:56 PM Revision f3761c15: Validation and encoding for Ping and Traceroute. Fixes #10355: (cherry picked from commit cc3990a334059018b004c91eeb66c147d8afe83d) Jim Pingle
01:55 PM Revision cc3990a3: Validation and encoding for Ping and Traceroute. Fixes #10355: Jim Pingle
07:03 AM Feature #10354: Telegram Notification Support: Please submit your code as a pull request on github:
https://docs.netgate.com/pfsense/en/latest/development/submit... Viktor Gurov
06:07 AM Feature #3718: radvd - enhancement proposal: ability to advertise routes and some fixes - patches attached: I'm about to submit a PR now. However, there's one issue I'd like to figure out first:
The info text added by the ... Magnus Holmgren
05:39 AM Bug #9596 (Resolved): DHCPv6 Range should not be mandatory if Stateless DHCP selected as router mode: works as expected on 2.5.0.a.20200317.1949
I see the route to the default gateway via interface:... Viktor Gurov
05:32 AM Feature #9834 (Resolved): system_certmanager.php: add ability to import certificate without private key: works as expected on 2.5.0.a.20200317.1949 Viktor Gurov
05:28 AM Feature #10274 (Resolved): DNS64 support: works as expected on 2.5.0.a.20200317.1949 Viktor Gurov
05:25 AM Bug #10305 (Resolved): Using special character in Schedules description: OK on 2.5.0.a.20200317.1949 Viktor Gurov

03/17/2020

07:38 PM Feature #10354 (Resolved): Telegram Notification Support: In addition to providing SMTP notifications, give the option to send notifications to the Telegram application via it... John Kap
04:45 PM pfSense Docs Correction #10334 (Closed): Feedback on Firewall — Allowing Remote Access to the webGUI: This was fixed in https://github.com/pfsense/docs/commit/5ea5ff5352149e9509f303711963ade1ef602fbd. Thanks for the exa... Jared Dillard
04:17 PM Revision 787e634e: Sanitize ldapbindpass and ldap_pass. Issue #10349: Viktor Gurov
03:36 PM Revision edc7e81f: Add OpenVPN config files to status output. Implements #10350: This form will only work on 2.5.0 since the directory layout changed. Jim Pingle
03:21 PM Revision 46ab767e: Add units in ntp status page. Issue #2850: Viktor Gurov
02:42 PM Revision 6521c5f6: Disable autocomplete for pkg_edit password fields. Issue #9864: Jim Pingle
02:29 PM Revision 5ee65c00: CDATA encode FreeRADIUS user names/passwords. Issue #4497: Jim Pingle
12:58 PM Revision 3dd5090f: Additional BOOTP/DHCP Options per host. Issue #8990: Viktor Gurov
11:19 AM Todo #10349: status.php: Sanitize ldapbindpass and ldap_pass: https://github.com/pfsense/pfsense/pull/4239 Viktor Gurov
09:51 AM Todo #10349 (Pull Request Review): status.php: Sanitize ldapbindpass and ldap_pass: See comments on the PR Jim Pingle
02:33 AM Todo #10349: status.php: Sanitize ldapbindpass and ldap_pass: This PR also removes double lighttpd_ls_password and sorts all values alphabetically:
https://gitlab.netgate.com/pfS... Viktor Gurov
10:51 AM Todo #10353 (Resolved): Update pkg to 1.13.x: pkg 1.13.x updated metadata version to 2. There is a bug on poudriere where package repositores are created with met... Renato Botelho
10:45 AM Feature #10350 (Feedback): Add OpenVPN configuration file(s) to status.php file: Applied in changeset commit:edc7e81f621805af8174fd7cf7299eb6afe1969c. Jim Pingle
09:58 AM Feature #2850 (Pull Request Review): add units in ntp status page: Jim Pingle
03:37 AM Feature #2850: add units in ntp status page: https://github.com/pfsense/pfsense/pull/4238 Viktor Gurov
09:46 AM Feature #10348 (Pull Request Review): Add localhost to NTP Interfaces: Jim Pingle
07:32 AM Feature #10348: Add localhost to NTP Interfaces: I also had a PR ready but I was waiting for the other requests to be merged
i had a different mods for that, i put i... Manuel Piovan
09:27 AM Bug #10352 (New): RADIUS authentication fails with MSCHAPv1 or MSCHAPv2 when passwords contain international characters: RADIUS authentication fails with the authentication server entry set to use MSCHAPv1 or MSCHAPv2 when passwords conta... Jim Pingle
07:05 AM Feature #10321 (Resolved): URL/URL Table alias with IDN hostnames: works as expected on 2.5.0.a.20200317.0046
Viktor Gurov
07:04 AM Bug #10336 (Resolved): fatal error on firewall_aliases_edit.php: no such error on 2.5.0.a.20200317.0046... Viktor Gurov
03:52 AM Feature #7361: 2.3.4 - Add possibility to modify UDP (First, Single, Multiple) and TCP Timeouts per rule and not only per global parameter: It is not the duplicate of #1635!
I'd like to have this possibility too. Dmitry Shumilin
02:28 AM Bug #10351: Saving IPSEC connection breaks FRR BGP on VTI interfaces: I should have made it clearer that /etc/rc.newipsecdns is run post-patch. Steven Brown
02:28 AM Bug #10351 (Resolved): Saving IPSEC connection breaks FRR BGP on VTI interfaces: I believe this is related to Bug #9668.
When editing a Phase 1 IPSEC connection and clicking save and then apply, ... Steven Brown

03/16/2020

08:10 PM Revision 62725308: Add localhost to NTP Interfaces. Issue #10348: Viktor Gurov
06:10 PM Feature #10350 (Resolved): Add OpenVPN configuration file(s) to status.php file: On status.php, we include the IPsec configuration file but we don't include the equivalent for OpenVPN (for example /... Anonymous
04:28 PM Todo #10349 (Resolved): status.php: Sanitize ldapbindpass and ldap_pass: config-sanitized.xml contains clear-text passwords:
<ldapbindpass> - squidguard LDAP DN Password (squidguard.xml)
<... Viktor Gurov
04:17 PM Feature #10348: Add localhost to NTP Interfaces: NTPD listens for 127.0.0.1:123 and :: 1: 123 anyway, but this PR allows you to select _only_ Loopback as the listenin... Viktor Gurov
01:25 PM Revision eb677c34: Update services_ntpd_gps.php: Manuel Piovan
01:14 PM Revision 2912f94c: Update services_ntpd_gps.php: Manuel Piovan
09:02 AM Bug #10327 (Pull Request Review): Fix/Update GPS initialization commands for Garmin devices.: Jim Pingle
08:28 AM Bug #10327: Fix/Update GPS initialization commands for Garmin devices.: PR https://github.com/pfsense/pfsense/pull/4236 Manuel Piovan
08:06 AM pfSense Packages Bug #8774 (Pull Request Review): Whitelist ALC type not supported by ssl_bump: Jim Pingle
08:04 AM Bug #10346 (Pull Request Review): DHCPv6 service Dynamic DNS errors: Jim Pingle
07:56 AM Feature #10340: IPsec Mobile GUI Improvement (Dashboard and Status > IPsec > Leases): If this is done, the distinction should include an icon or other formatting change. Using red/green only as visual in... Jim Pingle
07:56 AM Feature #10345: Improve distinction between online and idle/offline entries in DHCP lease list: If this is done, the distinction should include an icon or other formatting change. Using red/green only as visual in... Jim Pingle
07:48 AM Bug #3176: Hosts file corrupted when using "Register DHCP leases in DNS forwarder": Just had something that looks exactly like this happen in 2.4.4-RELEASE-p3 with my overrides list truncated in the mi... Erik Fonnesbeck
03:23 AM Feature #10273: OpenVPN compile with --enable-async-push: Hi,
Please be aware that a fix for openvpn (--enable-async-push is broken on FreeBSD) has been committed to master... Lev Stipakov

03/15/2020

08:48 PM Feature #10348 (Resolved): Add localhost to NTP Interfaces: When selecting interfaces its not possible to select localhost unless deselecting all interfaces and enabling the use... B T
04:59 PM Bug #9267: dhclient does not handle protocol timeouts or script failures correctly: This looks good in 2.4.5 with the patch to the script and the patched binary in place.
Without the patches dhclien... Steve Wheeler
02:24 PM Feature #1557 (Resolved): Add the Interface descriptions to the OS interface descriptions: works as expected on 2.5.0.a.20200314.1917:... Viktor Gurov
02:02 PM pfSense Packages Bug #8774: Whitelist ALC type not supported by ssl_bump: https://github.com/pfsense/FreeBSD-ports/pull/799 Viktor Gurov
12:25 PM Feature #10231 (Duplicate): Replace --route-nopul with --pull-filter: #10347 Jim Pingle
10:53 AM Feature #10231: Replace --route-nopul with --pull-filter: Posted this in the wrong place.
Please close or delete.
Thanks. Pippin MMD
10:58 AM Feature #9702: OpenVPN "push-reset" option in Client Specific Override breaks "subnet" topology: +1 for this option to be added.
A checkbox, when ticked reveals a box to enter the options to remove.
Thanks. Pippin MMD
10:51 AM pfSense Packages Feature #10347 (New): Request to add pull-filter: Since the option --route-nopull is under discussion to be deprecated I would like to propose --pull-filter to be adde... Pippin MMD
08:03 AM Bug #10344 (Rejected): DNS Resolver requires full system restart before applying Host Overrides: Can't reproduce this as stated and, like the last comment states, most likely would have been something else causing ... Jim Pingle
06:51 AM Bug #10344: DNS Resolver requires full system restart before applying Host Overrides: Hmmm, this might have been due to having my VPN running at the same time. I've just hit something else that was fish... Shareef Jalloq
07:53 AM Bug #10346: DHCPv6 service Dynamic DNS errors: https://github.com/pfsense/pfsense/pull/4235 Viktor Gurov
07:48 AM Bug #10346 (Resolved): DHCPv6 service Dynamic DNS errors: 1) The DHCPv6 Server & RA page is not allow to enter IPv6 address in DDNS Server IP field (IPv4?)
2) The DHCPv6 Serv... Viktor Gurov
04:33 AM Bug #6239: DHCP server NTP fields should allow hostnames: Beat Siegenthaler wrote:
> Chris Buechler wrote:
> > Same restriction exists on DHCPv6 Server, but dhcpd won't star... Viktor Gurov

03/14/2020

10:14 PM Feature #10345 (Resolved): Improve distinction between online and idle/offline entries in DHCP lease list: On the +*Status / DHCP Leases*+ page the distinction between *on*-line and *off*-line is not very clear.
Would it ... Chris Klomp
02:13 PM Feature #4881: Allow NPt to use dynamic IPv6 networks: Holger Glemser wrote:
> CK, are you sure that you cannot get a "real" prefix from your ISP?...
Thanks Holger, now... Csoban Kesmarki
10:20 AM Bug #10344 (Rejected): DNS Resolver requires full system restart before applying Host Overrides: I've just hit a bug where after creating a new Host Override in the DNS Resolver, I've had to restart pfSense before ... Shareef Jalloq
05:51 AM Bug #6239: DHCP server NTP fields should allow hostnames: Chris Buechler wrote:
> Same restriction exists on DHCPv6 Server, but dhcpd won't start with FQDNs there so that's c... Beat Siegenthaler

03/08/2020

04:09 PM Bug #10307: NTP status widget doesn't display stratum: Also NTP status page shows truncated IPv6 address
from ntpq(1):... Viktor Gurov
06:03 AM Bug #10307: NTP status widget doesn't display stratum: affected version also 2.5.0
Candidate 192.168.10.200 .GPS. 1 u 28 64 17 0.187 -0.436 0.048
Candidate 172.17.0.100 ... Manuel Piovan
02:12 PM Feature #10322: Force ipv4/ipv6 DNS resolution for NTP servers: Jim,
For an unknown reason - even though my setup is configured for only ipv4, sometimes NTP will randomly resolve... Christian Borchert
01:09 PM Feature #10322: Force ipv4/ipv6 DNS resolution for NTP servers: It's not a bug, it's just not supported.
It could be added. For example, with an option for each server in the NTP... Jim Pingle
12:05 PM Feature #10322 (Resolved): Force ipv4/ipv6 DNS resolution for NTP servers: Per http://doc.ntp.org/current-stable/confopt.html one should be able to prefix an NTP server hostname with either '-... Christian Borchert
10:07 AM Revision 48a15754: URL/URL Table alias with IDN hostnames. Issue #10321: Viktor Gurov
05:08 AM Feature #10321: URL/URL Table alias with IDN hostnames: https://github.com/pfsense/pfsense/pull/4222 Viktor Gurov
04:56 AM Feature #10321 (Resolved): URL/URL Table alias with IDN hostnames: Add ability to use IDN hostnames ('täst.de') in URL/URL Tables files
idn_to_ascii() is used to convert IDN to punn... Viktor Gurov

03/07/2020

09:19 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: This bug still persists in Build 2.4.5.r.20200307.0900.
. Chris Poillion
05:14 PM pfSense Packages Bug #10320: lcdproc Crash report begins: for($i = 0; $i < ($lcdpanel_height - 1) && i < count($traffic); $i++)... Manuel Piovan
05:07 PM pfSense Packages Bug #10320: lcdproc Crash report begins: the first crash seem to be related to the last option undere screen, Addresses by traffic
i add this information: WA... Manuel Piovan
05:04 PM pfSense Packages Bug #10320: lcdproc Crash report begins: if i stop the service lcdproc i have another crash report for a while, i think LCDd is killed but lcdproc took some t... Manuel Piovan
03:33 PM pfSense Packages Bug #10320 (Resolved): lcdproc Crash report begins: Crash report begins. Anonymous machine information:
amd64
12.0-RELEASE-p10
FreeBSD 12.0-RELEASE-p10 ce9563d5729(... Manuel Piovan
05:06 PM pfSense Docs New Content #10311: Default net.link.ifqmaxlen value leads to packet loss under load in OpenVPN: I am continuing to investigate OpenVPN Performance using PFSense as virtual machine under VMWare.
Following tweaks... Alexey Ab
03:37 PM Bug #10319 (Needs Patch): VTI statistics are incorrect: If that is still a problem on 2.4.5 and 2.5.0, that should be reported upstream to FreeBSD (Assuming it can be replic... Jim Pingle
01:06 PM Bug #10319 (Needs Patch): VTI statistics are incorrect: The statistics reported by status/interfaces are wrong for IPsec VTIs.
All the values are mixed and reported as "o... Frederic Bor
12:26 PM pfSense Packages Bug #6690: SURICATA IPS Issue - Kills VLANS & Traffic Shaper: Tenzen Tunkman wrote:
> This issue is still not solved - Inline filtering will break traffic shaping as well as for ... Bill Meeks
08:19 AM pfSense Packages Bug #6690: SURICATA IPS Issue - Kills VLANS & Traffic Shaper: This issue is still not solved - Inline filtering will break traffic shaping as well as for example traffic graph fun... Tenzen Tunkman
06:56 AM Revision a675d425: Add interface description to OS interface description. Issue #1557: Viktor Gurov
05:38 AM Bug #9622: Changing admins membership does not replicate correctly to HA slave: Updated PR with added checkbox to on/off feature:
https://github.com/pfsense/pfsense/pull/4221 Viktor Gurov
05:19 AM Revision d5155a01: Notifications page input validation. Issue #8522: Viktor Gurov
04:03 AM Bug #10236: Cannot add more than 2 VMXNET3 Adapters in vSphere: Upgraded 2.4.4-p3 to snapshot 2020-03-07 0136
I have 3 VMX connected and all seems to be working. No issues. Tommy Kuhler
01:08 AM Feature #1557: Add the Interface descriptions to the OS interface descriptions: https://github.com/pfsense/pfsense/pull/4220 Viktor Gurov

03/06/2020

08:19 PM Bug #9577: radvd send_ra_forall failed on interface / can't join ipv6-allrouters: Can you add a link to the PR?
[[https://github.com/pfsense/FreeBSD-ports/pull/773]]
Ronald Schellberg
02:28 PM Bug #8522 (Pull Request Review): SMTP test says success when actually fails: Jim Pingle
03:22 AM Bug #8522: SMTP test says success when actually fails: This PR adds extra input validation:
https://github.com/pfsense/pfsense/pull/4218 Viktor Gurov
02:22 PM Revision bd46a6c0: IPsec mobile page minor fixes. Issue #8160: Viktor Gurov
02:17 PM Bug #10317 (Pull Request Review): SMTP notifications validating SSL when option disabled: Jim Pingle
12:28 AM Bug #10317: SMTP notifications validating SSL when option disabled: Correct,
from https://www.php.net/manual/en/context.ssl.php:... Viktor Gurov
02:15 PM Bug #10314 (Resolved): Per-user IKEv2 settings are not functioning on 2.5.0: Jim Pingle
02:13 PM Feature #8160 (Pull Request Review): Accomodate both RADIUS and pool IP addresses in IPsec: Jim Pingle
08:53 AM Feature #8160: Accomodate both RADIUS and pool IP addresses in IPsec: works as expected on 2.5.0.a.20200305.2255
but some minor fixes:
https://github.com/pfsense/pfsense/pull/4219
Viktor Gurov
09:49 AM Feature #10316: Add year in log format: Actually got the answer. Thank you jsinix na
09:47 AM Feature #10316: Add year in log format: Jim Pingle wrote:
> Already implemented in #9808 (Enable RFC 5424 log mode on 2.5.0)
I am on 2.4.4, So I need to... jsinix na
09:05 AM Feature #10318 (Resolved): Do not restart PPPoE server after adding/modifying users: Full daemon restart drops PPPoE clients sessions and may cause issues with other packages.
This is useless since mpd... Viktor Gurov
08:00 AM Bug #10296 (Resolved): swanctl.conf may need multiple pools to support IPv4 and IPv6: tested on 2.5.0.a.20200305.2255
works ok now,- mobile-pools inherits attributes Viktor Gurov
06:30 AM Revision 93166bdc: Fix SMTP SSL/TLS disable validation. Issue #10317: Viktor Gurov
06:05 AM pfSense Packages Bug #8729 (Resolved): IPv6 - FRR BGP issue with Redistribute connected networks: tested on 2.5.0.a.20200305.2255 with frr 0.6.4_2
works as expected - address family sections now looks good
Viktor Gurov

03/05/2020

11:50 PM Bug #10317 (Resolved): SMTP notifications validating SSL when option disabled: The function send_smtp_message in etc/inc/notices.inc will try to verify the SSL certificate, even though the Validat... John Clark
07:04 PM Feature #10316 (Duplicate): Add year in log format: Already implemented in #9808 (Enable RFC 5424 log mode on 2.5.0) Jim Pingle
06:22 PM Feature #10316 (Duplicate): Add year in log format: hello , the logs under /var/log/* on pfsense doesn't have a year in the timestamp . can it be added ?
Mar 5 18:31... jsinix na
04:35 PM Revision 81092348: Do not restart L2TP server after adding/modifying users. Issue #4866: Viktor Gurov
02:49 PM Bug #10315: Cannot add network devices using PCI Passthrough from QEMU hypervisor: We can't keep open duplicate entries for everything in the FreeBSD PR system, even if they might be relevant to certa... Jim Pingle
07:24 AM Bug #10315 (Needs Patch): Cannot add network devices using PCI Passthrough from QEMU hypervisor: There is nothing actionable for us here. It's a problem in FreeBSD that must be addressed upstream.
Jim Pingle
04:27 AM Bug #10315: Cannot add network devices using PCI Passthrough from QEMU hypervisor: Update to details above:
Passing through the PCIe-based WiFi is necessary for a proxmox hypervisor because proxmox d... Bryon Baker
04:25 AM Bug #10315 (Needs Patch): Cannot add network devices using PCI Passthrough from QEMU hypervisor: When running pfSense as a VM in QEMU you are unable to use PCIe passthrough of network devices.
For example, you can... Bryon Baker
10:11 AM Bug #10295 (Pull Request Review): Unescaped characters in dhcp-client-identifier prevent DHCPD from starting on interface: Jim Pingle
10:08 AM Bug #4866 (Pull Request Review): L2TP server are restarted after adding/modifying L2TP users (mpd.secret): Jim Pingle
07:20 AM Bug #4866: L2TP server are restarted after adding/modifying L2TP users (mpd.secret): If this works, we should also change the PPPoE server to behave the same way. That should be a separate Redmine issue... Jim Pingle
07:12 AM Bug #4866: L2TP server are restarted after adding/modifying L2TP users (mpd.secret): This PR moves creation of the mpd.secret file to a separate function that does not restart mpd daemon:
https://githu... Viktor Gurov
05:47 AM Feature #8794: NTP authentication support: Currently supported NTP auth hashes by vendors:
Juniper - MD5, SHA1, SHA256
Huawei - MD5, SHA256
Palo Alto - MD5, ... Viktor Gurov
05:39 AM Revision 00318445: Replace double quote character in DHCP client ID. Issue #10295: Viktor Gurov

03/04/2020

11:50 PM Bug #10281: I can unassign interface even if it is used in FRR OSPF: from https://redmine.pfsense.org/issues/9789:
_There is no elegant or simple way for notifying a running package tha... Viktor Gurov
09:12 PM Revision faf07413: Fix IPsec mobile user and pool references. Fixes #10296 Fixes #10314: Jim Pingle
03:20 PM Bug #10314 (Feedback): Per-user IKEv2 settings are not functioning on 2.5.0: Applied in changeset commit:faf07413977457bc0aa3fccf64ff724e79d79da2. Jim Pingle
03:11 PM Bug #10314 (In Progress): Per-user IKEv2 settings are not functioning on 2.5.0: Jim Pingle
03:10 PM Bug #10314 (Resolved): Per-user IKEv2 settings are not functioning on 2.5.0: Since the swanctl conversion, per-user settings do not appear to function properly. This is a regression but only aff... Jim Pingle
03:20 PM Bug #10296 (Feedback): swanctl.conf may need multiple pools to support IPv4 and IPv6: Applied in changeset commit:faf07413977457bc0aa3fccf64ff724e79d79da2. Jim Pingle
03:11 PM Bug #10296: swanctl.conf may need multiple pools to support IPv4 and IPv6: See also: #10314 Jim Pingle
12:02 PM pfSense Docs Correction #9638: Feedback on High Availability — Configuring High Availability: A few extra notes from an overlapping entry in the internal Redmine:
> The book still shows you can only use admin... Jim Pingle

03/03/2020

11:51 AM Bug #10308 (Resolved): PHP error in /etc/inc/service-utils.inc on line 378: Looks good Jim Pingle
11:41 AM Bug #10235 (Resolved): OpenVPN server tries to push compress parameter when it's empty: No problems on current snapshots that I can see, with the proper combinations of settings. Jim Pingle
11:40 AM Bug #10255 (Resolved): status_logs_filter.php: PHP error when log entry contains invalid port: No PHP error with the affected log messages on 2.4.5.r.20200302.1200 Jim Pingle
07:51 AM Bug #10254 (Resolved): pf error "too many elements" when attempting to load large tables: Jim Pingle
07:51 AM Bug #10254: pf error "too many elements" when attempting to load large tables: Systems where this problem was due to loader.conf issues appear to be OK on current snapshots. I've upgraded a system... Jim Pingle
06:04 AM Feature #10312 (New): Reordering of NAT rules without dragging: When dragging of rules is disabled in general setup, filter rules can be reordered using the checkbox/anchor controls... Christian Ullrich

03/02/2020

10:04 PM pfSense Docs New Content #10311: Default net.link.ifqmaxlen value leads to packet loss under load in OpenVPN: Commenting to watch. (Personally I expect that 128 has been chosen as good trade off between performance and keeping... Anonymous
09:04 PM pfSense Docs New Content #10311 (New): Default net.link.ifqmaxlen value leads to packet loss under load in OpenVPN: Default value for net.link.ifqmaxlen is 128.
When OpenVPN is under load and transfer speed reaches 20-30 MBit, we ... Alexey Ab
02:47 PM Bug #10310 (New): Systems with low RAM and several packages may temporarily fail to load large tables after an upgrade: Systems with lower amounts of RAM and with many packages installed may temporarily fail to load tables at boot time o... Jim Pingle
01:44 PM Revision bb3d662a: Fix potential PHP error in service-utils.inc. Fixes #10308: Jim Pingle
12:58 PM pfSense Packages Bug #10309 (Rejected): frr in pf2.4.5: Most of these are not bugs but just a fact of how the FRR package works. Configuring FRR manually in Linux (or even F... Jim Pingle
12:45 PM pfSense Packages Bug #10309 (Rejected): frr in pf2.4.5: 1.when i deleted an Neighbor via web gui, but this session still run in frr. i have to restart pf system.
2.when i c... yon Liu
11:03 AM pfSense Packages Bug #10185 (Closed): Suricata 'Alert Log View Filter' undesirably port matches substrings instead of exact port: Jim Pingle
11:03 AM pfSense Packages Feature #9848 (Closed): file-store retention limits: Jim Pingle
11:03 AM pfSense Packages Bug #10244 (Closed): PHP crash: suricata: Jim Pingle
11:02 AM Bug #10306 (Pull Request Review): Incorrect IPsec service status: Jim Pingle
10:55 AM Bug #10305 (Pull Request Review): Using special character in Schedules description: Jim Pingle
10:44 AM Feature #7284 (Pull Request Review): NTPd Autoset GPS device baud rate: Jim Pingle
10:30 AM Feature #9828 (Pull Request Review): L2TP (long) username containing @ (realm separator): Jim Pingle
07:50 AM Bug #10308 (Feedback): PHP error in /etc/inc/service-utils.inc on line 378: Applied in changeset commit:bb3d662a963b56694d9aa8c9509ab70775c1b263. Jim Pingle
07:41 AM Bug #10308 (In Progress): PHP error in /etc/inc/service-utils.inc on line 378: Jim Pingle
07:41 AM Bug #10308 (Resolved): PHP error in /etc/inc/service-utils.inc on line 378: If the configuration contains no @load_balancer@ section, a PHP error may occur:... Jim Pingle
06:55 AM Bug #10303: pfSense-upgrade is not upgrading itself: Due to change of pfSense-upgrade dependency to pfSense meta package, before upgrade cycle it was not registered as a ... Renato Botelho

03/01/2020

06:07 PM pfSense Packages Bug #10279: pfSense's OpenVM Tools on ESXi 6.7 no longer provides guest vm functionality: Thanks for the info! Looking ahead, ESXi 7.0 is headed toward a launch at VMworld late August 2020. That said, if 2... Travis McMurry
10:14 AM Bug #10307: NTP status widget doesn't display stratum: Ohhh... as soon as it selects a sane peer, the problem goes away.
Now I don't know if the problem is "Outlier" or if... Adam Thompson
10:11 AM Bug #10307 (Resolved): NTP status widget doesn't display stratum: On 2.4.4-RELEASE-p3, if I have a) an IPv6 NTP server, and b) the NTP status widget on the dashboard, the widget doesn... Adam Thompson

02/29/2020

09:19 PM pfSense Packages Bug #10185: Suricata 'Alert Log View Filter' undesirably port matches substrings instead of exact port: The requested feature has been added to the Filter Panel on the ALERTS tab of the latest Suricata GUI package release... Bill Meeks
09:16 PM pfSense Packages Feature #9848: file-store retention limits: This feature has been added to the LOGS MGMT tab in Suricata and also code was added to the logs and space management... Bill Meeks
09:13 PM pfSense Packages Bug #10244: PHP crash: suricata: This is addressed by the latest posted versions of the Suricata GUI packages for pfSense 2.4.5-RC and 2.5-DEVEL. The ... Bill Meeks
05:05 PM Feature #8786: Wireguard VPN: See these links:
https://svnweb.freebsd.org/base?view=revision&revision=357986
https://svnweb.freebsd.org/base?view... Lai Wei-Hwa
04:47 PM Bug #10303: pfSense-upgrade is not upgrading itself: https://forum.netgate.com/topic/150931/update
Looks like a bug or two still.
Follow Peters fix above if this go... Chris Palmer
10:17 AM Bug #10303: pfSense-upgrade is not upgrading itself: Yes there is currently something going wrong here. I updated to 2.4.5.r.20200229.0900 a moment ago, using the WebUI:
... Grimson Gretzleburg
12:34 AM Bug #10303: pfSense-upgrade is not upgrading itself: Peter Pain wrote:
> I got a
>
> /bin/sh: cannot open /usr/local/sbin/pfSense-upgrade: No such file or directory
... Chris Palmer
04:30 PM Revision 27e1febb: NTP WebGUI checkbox fix. Issue #10276: Viktor Gurov
02:13 PM Revision 60e34dde: Incorrect IPsec service status. Issue #10306: Viktor Gurov
10:56 AM Feature #10301: Password confirmation when exporting encrypted backup file: I see ... Viktor Gurov
08:47 AM Revision 008c1545: Special characters in Schedules descr and rangedescr fields. Issue #10305: Viktor Gurov
08:15 AM Bug #10306: Incorrect IPsec service status: This PR adds extra charon process checking:
https://github.com/pfsense/pfsense/pull/4215 Viktor Gurov
08:12 AM Bug #10306 (Resolved): Incorrect IPsec service status: If you do some changes on the IPsec Mobile or IPsec Advanced tab and press apply,
Strongswan daemon restarted, but y... Viktor Gurov
06:19 AM Revision f1efc792: L2TP username containing @ (realm separator). Issue #9828: Viktor Gurov
02:51 AM Bug #10305: Using special character in Schedules description: > ... Viktor Gurov
02:45 AM Bug #10305 (Resolved): Using special character in Schedules description: When using special characters in Schedules and timeranges description fields
firewall_schedule.php page shows escapi... Viktor Gurov
01:46 AM Bug #10304 (Closed): ``radvd`` only responds to the first Router Solicitation received after each multicast Router Advertisement: I've noticed that radvd will only respond to the first Router Solicitation received by the router after a multicast R... Kev Kitchens
01:00 AM Feature #7284: NTPd Autoset GPS device baud rate: Updated PR:
https://github.com/pfsense/pfsense/pull/4213 Viktor Gurov
12:24 AM Feature #9828: L2TP (long) username containing @ (realm separator): L2TP username containing @ (realm separator):
https://github.com/pfsense/pfsense/pull/4212
There is no issue with... Viktor Gurov
12:11 AM Bug #10295: Unescaped characters in dhcp-client-identifier prevent DHCPD from starting on interface: This fix replaces the double quote character with '&quot':
https://github.com/pfsense/pfsense/pull/4211
There is ... Viktor Gurov

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

03/29/2020

03/28/2020

03/27/2020

03/26/2020

03/25/2020

03/24/2020

03/23/2020

03/22/2020

03/21/2020

03/20/2020

03/19/2020

03/18/2020

03/17/2020

03/16/2020

03/15/2020

03/14/2020

03/13/2020

03/12/2020

03/11/2020

03/10/2020

03/09/2020

03/08/2020

03/07/2020

03/06/2020

03/05/2020

03/04/2020

03/03/2020

03/02/2020

03/01/2020

02/29/2020