Activity

30 days up to

User

Subprojects

Activity

From 03/25/2020 to 04/23/2020

04/23/2020

05:46 PM pfSense Packages Bug #10490: Syslog-ng syntax test failed: Works OK with version 1.15_5.
Thanks! e 1/1
12:40 PM pfSense Packages Bug #10490 (Feedback): Syslog-ng syntax test failed: PR has been merged. Thanks! Renato Botelho
07:34 AM pfSense Packages Bug #10490 (Pull Request Review): Syslog-ng syntax test failed: Jim Pingle
02:42 AM pfSense Packages Bug #10490: Syslog-ng syntax test failed: On initial setup, syslogng_build_cert() tries to get the parameters from $config, but it needs to get it from $post, ... Viktor Gurov
05:28 PM Revision dce43afd: Merge pull request #4287 from vktg/rednoencfix: Renato Botelho
05:27 PM Revision 75df4967: Merge pull request #4285 from vktg/fwdefplaceholder: Renato Botelho
05:26 PM Revision b5410de8: Merge pull request #4286 from vktg/inffloatingtab: Renato Botelho
05:25 PM Revision 41cfa1ce: Merge pull request #4284 from vktg/nol2tp: Renato Botelho
05:24 PM Revision 03b7565d: Merge pull request #4283 from vktg/portforwardanyfix: Renato Botelho
05:23 PM Revision 886426ef: Merge pull request #4277 from vktg/ntpgpsspeedfix: Renato Botelho
05:22 PM Revision ed2e5bf5: Merge pull request #4280 from vktg/ipsecvtirevertback: Renato Botelho
05:21 PM Revision ba639889: Merge pull request #4278 from vktg/radvdshowdefvalues: Renato Botelho
05:20 PM Revision a6e54b89: Merge pull request #4279 from Wasurerarenai/master: Renato Botelho
05:19 PM Revision 9fc75e67: Merge pull request #4276 from vktg/unboundauto6acl: Renato Botelho
05:18 PM Revision cd585183: Merge pull request #4275 from ecovillage/doc-dynamic_pipe_queue_help_text: Renato Botelho
05:17 PM Revision bcc0ba5f: Merge pull request #4274 from hydrian/master: Renato Botelho
05:16 PM Revision e08d8867: Merge pull request #4272 from vktg/statupupdatelatest: Renato Botelho
05:14 PM Revision c01fa17a: Merge pull request #4167 from vktg/discard6request: Renato Botelho
04:10 PM pfSense Packages Bug #10494: Snort package Logs Management process not purging correctly: Pull requests have been submitted to both the pfSense-2.4.5-RELEASE and pfSense-2.5-DEVEL branches to correct this is... Bill Meeks
01:19 PM pfSense Packages Bug #10494: Snort package Logs Management process not purging correctly: If one of the pfSense guys can edit the title of this Issue, please correct my typo in "Management" in the title. Bill Meeks
01:17 PM pfSense Packages Bug #10494: Snort package Logs Management process not purging correctly: Creating this and assigning it to me for tracking purposes. The fix for this will be submitted shortly.
Bill Bill Meeks
01:16 PM pfSense Packages Bug #10494 (Resolved): Snort package Logs Management process not purging correctly: The Logs Management process in Snort, when enabled, does not purge rotated alert logs that have exceeded the configur... Bill Meeks
03:25 PM Revision 58001982: Ignore user-config-readonly for admin/admins. Fixes #10492: (cherry picked from commit fa0ed29ef58fe6758f2cdc96f5bf68da32241faf) Jim Pingle
03:25 PM Revision fa0ed29e: Ignore user-config-readonly for admin/admins. Fixes #10492: Jim Pingle
12:43 PM pfSense Packages Feature #9762 (Feedback): Squid Reverse Proxy Change redir domain(s) to use regex: PR has been merged. Thanks! Renato Botelho
12:43 PM pfSense Packages Bug #9776 (Feedback): Wrong function in squidguard_log.php: PR has been merged. Thanks! Renato Botelho
12:43 PM pfSense Packages Bug #10369 (Feedback): Remote OpenVPN server protocol definition: PR has been merged. Thanks! Renato Botelho
12:42 PM pfSense Packages Feature #10479 (Feedback): Keep settings after deinstall option: PR has been merged. Thanks! Renato Botelho
12:41 PM pfSense Packages Feature #9003 (Feedback): Add 'Copy Running to Saved' option to the raw config: PR has been merged. Thanks! Renato Botelho
12:40 PM pfSense Packages Bug #10442 (Feedback): ACME: special characters in descriptions trigger silent error and rollback: PR has been merged. Thanks! Renato Botelho
12:40 PM pfSense Packages Bug #10452 (Feedback): acme - new DNS-Api namemaster.de in overview hash visible: PR has been merged. Thanks! Renato Botelho
07:25 AM pfSense Packages Bug #10452 (Pull Request Review): acme - new DNS-Api namemaster.de in overview hash visible: Jim Pingle
01:52 AM pfSense Packages Bug #10452: acme - new DNS-Api namemaster.de in overview hash visible: NameMaster.de uses _nm_sha256_ field name for password hash,
but only fields containing _key, secret, password_ or _... Viktor Gurov
12:39 PM pfSense Packages Feature #10474 (Feedback): Suppress notifications for specific MACs: PR has been merged. Thanks! Renato Botelho
12:39 PM pfSense Packages Bug #10475 (Feedback): pfSense-pkg-arpwatch unconditinally clobbers the arpwatch database files on upgrade: PR has been merged. Thanks! Renato Botelho
12:28 PM Bug #10211 (Feedback): Limiters ECN input validation problem: PR has been merged. Thanks! Renato Botelho
12:27 PM Feature #7362 (Feedback): Add the default values of the TCP and UDP Timeouts on the WebUI depending on the "Firewall Optimization Options": PR has been merged. Thanks! Renato Botelho
12:26 PM Feature #4629 (Feedback): Rules Floating tab doesn't display interfaces: PR has been merged. Thanks! Renato Botelho
12:25 PM Bug #10247 (Feedback): Duplicate Outbound NAT entries when creating L2TP server: PR has been merged. Thanks! Renato Botelho
12:24 PM Feature #7704 (Feedback): Destination port range "Any" in Port Forward UI doesn't work: PR has been merged. Thanks! Renato Botelho
12:23 PM Feature #7284 (Feedback): NTPd Autoset GPS device baud rate: PR has been merged. Thanks! Renato Botelho
12:22 PM Bug #10418 (Feedback): IPsec VTI address/mask selection not functional: PR has been merged. Thanks! Renato Botelho
12:21 PM Feature #10448 (Feedback): DHCPv6 RA - show default values in certain fields: PR has been merged. Thanks! Renato Botelho
12:20 PM Feature #10374 (Feedback): Add ARM32/64 network booting support to dhcpd: PR has been merged. Thanks! Renato Botelho
12:20 PM Bug #10398: RFC1918 external address in miniupnp does not work after upgrade to 2.4.5: Steve Wheeler wrote:
> There us a patch available to remove that behavior in miniupnpd that needs testing:
> https:... Shane Addinall
12:19 PM Bug #10460 (Feedback): OpenVPN does not add IPv6 prefix to unbound DNS resolver: PR has been merged. Thanks! Renato Botelho
12:17 PM Feature #10459 (Feedback): Improved DynDNS Logging: PR has been merged. Thanks! Renato Botelho
12:16 PM Feature #10455 (Feedback): status.php: Add upgrade_log.latest.txt: PR has been merged. Thanks! Renato Botelho
12:15 PM Bug #9634 (Feedback): rc.newwanipv6 is called although dhcp6c should discard Request messages: PR has been merged. Thanks! Renato Botelho
10:35 AM Bug #10492 (Feedback): LDAP groups conflict in privileges: Applied in changeset commit:fa0ed29ef58fe6758f2cdc96f5bf68da32241faf. Jim Pingle
10:01 AM Bug #10492: LDAP groups conflict in privileges: > In my opinion, if a user has the "WebCfg - All pages" privilege, pfSense should overwrite any lower right from bein... Jim Pingle
09:26 AM Bug #10492 (In Progress): LDAP groups conflict in privileges: Jim Pingle
01:27 AM Bug #10492 (Resolved): LDAP groups conflict in privileges: I am running pfSense 2.4.5-RELEASE with a 389 Directory Server for LDAP user authentication.
I have configured th... Viktor Gurov
09:02 AM Bug #10493: filter_get_vpns_list() issues: > 2) Because of filter_get_vpns_list() returns not only IPsec networks, IPsec MSS clamping option will affect unneces... Jim Pingle
08:47 AM Bug #10493 (New): filter_get_vpns_list() issues: 1) filter_get_vpns_list() returns only:
IPsec Mobile IPv4 subnet
IPsec site-to-site networks
OpenVPN client/ser... Viktor Gurov

04/22/2020

09:11 PM Bug #10488: sshguard fails to run on pfSense 2.4.5: Yes, now its working as expected. Max Green
03:08 PM Bug #10488 (Feedback): sshguard fails to run on pfSense 2.4.5: The sshguard port is now working and a new version has been built from it.
To obtain the corrected version of @ss... Jim Pingle
01:34 PM Bug #10488: sshguard fails to run on pfSense 2.4.5: I have a lead on what happened. Somehow the @sshguard@ port is missing at least one patch, @files/patch-src_sshguard.... Jim Pingle
12:58 PM Bug #10488 (Confirmed): sshguard fails to run on pfSense 2.4.5: We've been able to confirm this internally now, but it isn't consistent. Some work, some do not, across all platforms... Jim Pingle
09:05 AM Bug #10488 (Feedback): sshguard fails to run on pfSense 2.4.5: I can't reproduce this here on amd64, it blocks me when I try. I am on the default settings of 20/120/1800, but I als... Jim Pingle
02:52 PM Bug #10211 (Pull Request Review): Limiters ECN input validation problem: Jim Pingle
01:00 PM Bug #10491: Upgrade to 2.4.5 broke 802.1x RADIUS WiFi over VPN: Sorry, I didn't see the Reporting Issues page. I will start there. David Martin
12:56 PM Bug #10491 (Not a Bug): Upgrade to 2.4.5 broke 802.1x RADIUS WiFi over VPN: There isn't enough information here to concretely say this is a bug in pfSense, and this site is not for support or d... Jim Pingle
12:51 PM Bug #10491 (Not a Bug): Upgrade to 2.4.5 broke 802.1x RADIUS WiFi over VPN: Updating my OpenVPN host from pfSense 2.4.4-p3 to 2.4.5 broke 802.1x WPA2-Enterprise WiFi at the remote sites. The pr... David Martin
12:38 PM pfSense Packages Feature #10486: Feature Request: Ability to transmit to remote syslog server via TCP: Jim Pingle wrote:
> This site is not for support or diagnostic discussion.
>
> For assistance in solving problems... e 1/1
12:20 PM pfSense Packages Feature #10486: Feature Request: Ability to transmit to remote syslog server via TCP: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
12:14 PM pfSense Packages Feature #10486: Feature Request: Ability to transmit to remote syslog server via TCP: Jim Pingle wrote:
> This is already possible with the syslog-ng package. The base system syslog daemon does not supp... e 1/1
12:09 PM pfSense Packages Bug #10490 (Resolved): Syslog-ng syntax test failed: Steps to reproduce:
-Install syslog-ng on a new pfSense instance, version 1.15_4;
-go to Package->Services: Syslog-... e 1/1
11:50 AM pfSense Docs New Content #10489 (Resolved): Feedback on System Monitoring — Remote Logging with Syslog: *Page:* https://docs.netgate.com/pfsense/en/latest/monitoring/logs/remote.html
*Feedback:*
1. Add paragraph in d... e 1/1
11:43 AM pfSense Packages Bug #10476: Services - Acme - Certificates using loopia API: Tobias Müllauer wrote:
> Jim Pingle wrote:
> > The TTL value of @60@ is hardcoded in the "dns_loopia.sh script":htt... Viktor Gurov
11:11 AM Bug #10414: Very high CPU usage of pfctl and more causing very high load and a hardly usable internet connection: +1
in my case it is the Filter Reload. I had this high CPU load every 15 minutes. All cores go to 100% for seconds. ... Manfred Bongard

04/21/2020

09:33 PM Revision 75fb1d57: RED/GRED limiters do not have noecn option. Issue #10211: Viktor Gurov
08:41 PM Bug #10488 (Resolved): sshguard fails to run on pfSense 2.4.5: After upgrade to 2.4.5 sshguard stop working.
To check this bug, I tried to connect using the user test. Screenshot ... Max Green
08:04 PM Revision 7e107c67: Add the default values of the TCP and UDP Timeouts on the WebUI. Issue #7362: Viktor Gurov
04:39 PM Bug #10211: Limiters ECN input validation problem: RED/GRED limiters do not have _noecn_ option, https://www.freebsd.org/cgi/man.cgi?ipfw(8):... Viktor Gurov
01:07 PM pfSense Packages Bug #10487 (New): Telegraf package not sending logs to influxdb server: On SG-1100, running 2.4.5-RELEASE, with pfSense-pkg-Telegraf-0.9_3, the Telegraf package does not function as expecte... Anonymous
11:02 AM pfSense Packages Feature #10486 (Rejected): Feature Request: Ability to transmit to remote syslog server via TCP: This is already possible with the syslog-ng package. The base system syslog daemon does not support TCP. Jim Pingle
10:58 AM pfSense Packages Feature #10486 (Rejected): Feature Request: Ability to transmit to remote syslog server via TCP: For those of us who care about our logs and want to ensure we don't drop events, it's standard practice to configure ... Bryan Sampsel
11:00 AM pfSense Packages Feature #10485 (Rejected): Feature Request: Ability to leverage a blocklist by domain name or URL, such as at https://www.cyberthreatcoalition.org/ -- the new Cyber Threat Coalition site.: pfBlockerNG can already reject by domain -- reach out on the forum and raise the topic there: https://forum.netgate.c... Jim Pingle
10:56 AM pfSense Packages Feature #10485 (Rejected): Feature Request: Ability to leverage a blocklist by domain name or URL, such as at https://www.cyberthreatcoalition.org/ -- the new Cyber Threat Coalition site.: There's a blocklist by domain name or URL at https://www.cyberthreatcoalition.org/
-- the new Cyber Threat Coalition... Bryan Sampsel
10:12 AM Revision bf83fb9a: Add Interfaces column to Floating Rules. Issue #4629: Viktor Gurov
09:35 AM Revision 8f74c44e: L2TP duplicate outbound NAT fix. Issue 10247: Viktor Gurov
08:45 AM Feature #4629 (Pull Request Review): Rules Floating tab doesn't display interfaces: Jim Pingle
05:15 AM Feature #4629: Rules Floating tab doesn't display interfaces: Jim Pingle wrote:
> Though the PR at https://github.com/pfsense/pfsense/pull/1616 was merged a long time ago, it doe... Viktor Gurov
08:02 AM pfSense Packages Feature #9003 (Pull Request Review): Add 'Copy Running to Saved' option to the raw config: Jim Pingle
03:50 AM pfSense Packages Feature #9003: Add 'Copy Running to Saved' option to the raw config: Renato Botelho wrote:
> PR has been merged. Thanks!
js function configCheck() is does not exist
This PR adds it... Viktor Gurov
07:54 AM Bug #10465: possible routing performance regression due to non use of ip_tryforward: The issue I believe has always been with FreeBSD base - and not pfSense defaults.
The MFC patch (https://svnweb.f... David Burns
07:37 AM Bug #10465: possible routing performance regression due to non use of ip_tryforward: ICMP redirects have been on by default in pfSense for as long as I can remember, though there may have been a bug or ... Jim Pingle
07:03 AM Bug #10465: possible routing performance regression due to non use of ip_tryforward: I understand your reluctance to vary FreeBSD defaults... however here is a brief summary of pfSense / FreeBSD behavio... David Burns
07:53 AM Feature #6626: Support for IPv6 firewall entries with dynamic delegated prefix and static host address: This issue should be adressed in the near future, as it may prevent the use of IPv6 in some instances, where filterin... A J
04:53 AM Feature #10484 (Closed): Add Disable/Enable Button for NAT rules: On pfSense GUI on firewall rules there is a graphical ENABLE/DISABLE button which allows to switch quickly between di... Peter Pan
04:24 AM Bug #10414: Very high CPU usage of pfctl and more causing very high load and a hardly usable internet connection: Not much to add, but getting same issue.
Not virtual - SG3100.
IPV6 enabled.
Snort + Pfblocker enabled.
Bogan b... Chris F

04/20/2020

10:13 AM pfSense Packages Feature #10479 (Pull Request Review): Keep settings after deinstall option: Jim Pingle
09:41 AM pfSense Packages Feature #10479: Keep settings after deinstall option: https://github.com/pfsense/FreeBSD-ports/pull/845 Viktor Gurov
10:11 AM pfSense Packages Bug #10476: Services - Acme - Certificates using loopia API: Jim Pingle wrote:
> The TTL value of @60@ is hardcoded in the "dns_loopia.sh script":https://github.com/acmesh-offic... Tobias Müllauer
08:57 AM pfSense Packages Bug #10476 (Needs Patch): Services - Acme - Certificates using loopia API: The TTL value of @60@ is hardcoded in the "dns_loopia.sh script":https://github.com/acmesh-official/acme.sh/blob/mast... Jim Pingle
10:00 AM Feature #10483 (Duplicate): Add UI for EAP configuration for WLAN interfaces: When using a Wi-Fi network as an uplink, EAP can be selected as the security mode, but there is nowhere in the UI to ... Tim Cappalli
09:11 AM Bug #10465: possible routing performance regression due to non use of ip_tryforward: I'm not sure we should change the default to disable ICMP redirects. A modest performance gain would be nice but most... Jim Pingle
09:05 AM Todo #10135: help.php: Update links: There are some suggestions for specific link replacements on #10481 Jim Pingle
09:04 AM Bug #10481 (Duplicate): Update doc links in WebGUI to reflect proper docs URLs: The help links are already covered under #10135
There are only two non-book non-help links in the code, and that's... Jim Pingle
09:00 AM Feature #10480 (Rejected): Support for Atheros AR8328 network controller: That kind of request needs to be raised upstream with FreeBSD. If they add it, eventually it will make its way into p... Jim Pingle
08:52 AM pfSense Packages Todo #8332: pfBlockerNG doesn't include L2TP interface in outbound floating rules: Rules shouldn't be needed for each individual L2TP interface. There is an interface group called "l2tp" which handles... Jim Pingle
08:50 AM Bug #10433 (New): addMask() js code resets netmask size to 128/32: Viktor Gurov wrote:
> This change has broken IPv6 port forward and NAT 1:1 - now it is not possible to enter netmask... Jim Pingle
08:48 AM pfSense Packages Feature #10474 (Pull Request Review): Suppress notifications for specific MACs: Jim Pingle
08:33 AM Feature #7362 (Pull Request Review): Add the default values of the TCP and UDP Timeouts on the WebUI depending on the "Firewall Optimization Options": Jim Pingle
08:29 AM pfSense Packages Bug #10475 (Pull Request Review): pfSense-pkg-arpwatch unconditinally clobbers the arpwatch database files on upgrade: Jim Pingle
08:21 AM Bug #10247 (Pull Request Review): Duplicate Outbound NAT entries when creating L2TP server: Jim Pingle
08:19 AM Bug #4727 (Not a Bug): Rules on L2TP VPN Tab are ignored. All traffic from clients always allowed.: There is an interface _group_ for l2tp, to which rules are applied. This works fine as-is.... Jim Pingle
08:12 AM Feature #7704 (Pull Request Review): Destination port range "Any" in Port Forward UI doesn't work: Jim Pingle

04/19/2020

11:12 PM Bug #10465: possible routing performance regression due to non use of ip_tryforward: Another rudimentary analysis for single TCP connection LAN IP -> LAN VLAN IP (ie same interface routing)
Sample vm... David Burns
02:31 PM pfSense Docs Correction #10482 (Closed): In AWS, Get System Log may not show output and Get Instance Screenshot may need to be used: On https://docs.netgate.com/pfsense/en/latest/solutions/aws-vpn-appliance/faq.html
we recommend users use the opti... Anonymous
12:31 PM Bug #10481 (Resolved): Update doc links in WebGUI to reflect proper docs URLs: Attached is a list of updates that need to take place.
The list is not comprehensive (and some have been updated a... Anonymous
11:02 AM Feature #10480 (Rejected): Support for Atheros AR8328 network controller: Stormshield got some routers/firewalls with an Atheros AR8328 network controller.
It would be nice if pfSense can su... G K
03:59 AM Bug #10477 (Closed): Cannot create an IPsec P2 VTI with a disabled state: fixed in #10190 Viktor Gurov
03:57 AM Bug #10478 (Closed): No way of specifying the tunnel subnet mask for IPsec VTI: Duplicate of #10418 Viktor Gurov
03:30 AM pfSense Packages Bug #10385 (Resolved): Pb with Username authorized characters when OTP is disabled: tested on 2.4.5/2.5 with freeradius3 0.15.7_13
works as expected - allows you to use special characters in the use... Viktor Gurov
03:21 AM pfSense Packages Feature #10479 (Resolved): Keep settings after deinstall option: Currently, it is not possible to clear FreeRADIUS settings except with the backup / restore configuration.
It will... Viktor Gurov

04/18/2020

10:15 PM Bug #10478 (Closed): No way of specifying the tunnel subnet mask for IPsec VTI: When creating an IPsec P2 with VTI, both "Local network" and "Remote network" fields are greyed out on the "Address" ... Jocelyn Viau
09:47 PM Bug #10477 (Closed): Cannot create an IPsec P2 VTI with a disabled state: I have created an IPsec P1 with a Disabled state. Now I am trying to create a P2 VTI under the disabled P1, also with... Jocelyn Viau
05:55 PM pfSense Packages Bug #10476 (Resolved): Services - Acme - Certificates using loopia API: Hello i am trying to add certificate from letsecrypt using Acme.
I try diferent setup but it seams Acme try to ad... Tobias Müllauer
05:36 PM Feature #7362: Add the default values of the TCP and UDP Timeouts on the WebUI depending on the "Firewall Optimization Options": https://github.com/pfsense/pfsense/pull/4285 Viktor Gurov
01:28 PM pfSense Packages Todo #8332: pfBlockerNG doesn't include L2TP interface in outbound floating rules: Something still needs to be fixed.
Either the rule needs to be applied to any/all L2TP interfaces created, or the ... Stuart Wyatt
06:35 AM pfSense Packages Todo #8332: pfBlockerNG doesn't include L2TP interface in outbound floating rules: Mpd5 will create new L2TP interfaces for each client:
l2tp0, l2tp1, l2tp2 etc..
The only way to apply firewall ru... Viktor Gurov
12:44 PM pfSense Packages Bug #10475 (Resolved): pfSense-pkg-arpwatch unconditinally clobbers the arpwatch database files on upgrade: I was surprised to find that upgrading the pfSense-pkg-arpwatch package today nuked all of my .dat files. There is an... Craig Leres
11:30 AM Bug #10414: Very high CPU usage of pfctl and more causing very high load and a hardly usable internet connection: I am having the same issue here running pfsense on Proxmox. Enabling pfBlocker makes the network unusable as the CPU ... Jordan Brandon
09:51 AM pfSense Packages Feature #10474: Suppress notifications for specific MACs: https://github.com/pfsense/FreeBSD-ports/pull/843 Viktor Gurov
09:46 AM pfSense Packages Feature #10474 (Resolved): Suppress notifications for specific MACs: From https://forum.netgate.com/topic/151832/suppress-arpwatch-flip-flop-emails-for-bonjour-sleep-proxy:
I just set u... Viktor Gurov
09:35 AM Revision da7f67b8: Port forward dst port Any fix. Issue #7704: Viktor Gurov
09:34 AM pfSense Packages Bug #10261 (Resolved): Arpwatch fails to download ethercodes.dat: Tobias Müllauer wrote:
> This is still a issue !!
>
> I have all vendors as unknown.
>
> I fix it and after a... Viktor Gurov
09:32 AM pfSense Packages Bug #10432 (Resolved): Arpwatch show unknown vendor: shows correct vendors on 2.4.5/2.5 with arpwatch 0.2.0_1 Viktor Gurov
06:08 AM Bug #10247: Duplicate Outbound NAT entries when creating L2TP server: Fix:
https://github.com/pfsense/pfsense/pull/4284
see also https://redmine.pfsense.org/issues/4727 Viktor Gurov
06:07 AM Bug #4727: Rules on L2TP VPN Tab are ignored. All traffic from clients always allowed.: https://github.com/pfsense/pfsense/pull/4284 Viktor Gurov
05:37 AM Bug #4727: Rules on L2TP VPN Tab are ignored. All traffic from clients always allowed.: https://github.com/pfsense/pfsense/blob/ca676aa35482c4e4fd64bfdcee9afe6d33b6c5fe/src/etc/inc/filter.inc#L1182:... Viktor Gurov
04:44 AM Bug #10433: addMask() js code resets netmask size to 128/32: This change has broken IPv6 port forward and NAT 1:1 - now it is not possible to enter netmask >31 on these pages
... Viktor Gurov
04:40 AM Feature #7704: Destination port range "Any" in Port Forward UI doesn't work: This PR sets the port range from 1 to 65535, the redirect port to 1 and hide 'Redirect target port' input if "Any" is... Viktor Gurov
02:25 AM Feature #7260: Source OS / p0f Database Missing Modern Operating Systems: Last update of the original pf.os is 2016/09/03:
https://github.com/openbsd/src/blob/master/etc/pf.os
p0f fingerp... Viktor Gurov
12:14 AM Bug #10471 (Closed): Host Resources module is mandatory for PF SNMP module: Viktor Gurov

04/17/2020

04:19 PM Revision cec1d944: NTPd GPS baud rate set fix. Issue #7284: Viktor Gurov
02:49 PM Bug #10471: Host Resources module is mandatory for PF SNMP module: i have done some research and i found this http://www.circitor.fr/Mibs/Html/B/BEGEMOT-PF-MIB.php#begemotPf
i have di... Manuel Piovan
02:48 PM Bug #10471 (Pull Request Review): Host Resources module is mandatory for PF SNMP module: Jim Pingle
10:42 AM Bug #10471: Host Resources module is mandatory for PF SNMP module: Fix:
https://github.com/pfsense/pfsense/pull/4282 Viktor Gurov
10:24 AM Bug #10471 (Closed): Host Resources module is mandatory for PF SNMP module: If you select _PF_ module without _Host Resources_ module on the Services / SNMP page
bsnmp doesn't return PF BEGEMO... Viktor Gurov
02:37 PM Bug #10473 (Rejected): Unbound DNS Resolver not working.: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
02:35 PM Bug #10473 (Rejected): Unbound DNS Resolver not working.: i am facing this problem since morning. After restarting the service of unbound DNS Resolver it didnt start. i am get... Muhammad Ibrahim
12:46 PM pfSense Packages Feature #10472: Blocked host alert table break out by timestamp and type to allow sorting by date: Allowing filter by date & time would also be a handy feature on that page as well if that's easier or another thought... tasty ratz
12:36 PM pfSense Packages Feature #10472 (Resolved): Blocked host alert table break out by timestamp and type to allow sorting by date: The blocked list doesn't by nature sort by last hit or date of creation so I have to read every entry for the most re... tasty ratz
10:29 AM Bug #10470 (Duplicate): SNMP pf object is missing (bsnmpd): Duplicated by #10471 but it has better info. Jim Pingle
10:17 AM Bug #10470 (Duplicate): SNMP pf object is missing (bsnmpd): discussion here https://forum.netgate.com/topic/152640/snmp-pf-object-missing-bsnmpd
pf object is missing if you d... Manuel Piovan
07:28 AM Feature #10469 (Resolved): Same RADIUS Cisco-AVPair parser code for both OpenVPN/IPsec: Currently OpenVPN and IPsec uses two different but mostly identical files to parse RADIUS user attributes
openvpn.at... Viktor Gurov
07:27 AM Bug #10418 (Pull Request Review): IPsec VTI address/mask selection not functional: Jim Pingle
01:51 AM Bug #10418: IPsec VTI address/mask selection not functional: It seems reasonable to revert back PR #4140 changes
to allow VTI netmask select
PR:
https://github.com/pfsense/p... Viktor Gurov
06:44 AM Revision 0bb934e9: IPsec VTI enable netmask. Issue #10418: Viktor Gurov
06:25 AM Bug #10414: Very high CPU usage of pfctl and more causing very high load and a hardly usable internet connection: I've had to revert back to 2.4.4-p3 because the workaround doesn't work if you need to keep using pfBlockerNG. There ... Benoit Lelievre
06:19 AM Revision 4d7bdf64: DHCPv6 RA show default values in certain fields. Issue #10448: Viktor Gurov
06:18 AM pfSense Packages Feature #9774: Squid logs / remote logs: Allow to download log files from WebGUI feature:
https://redmine.pfsense.org/issues/10468 Viktor Gurov
06:17 AM Feature #10468: Allow to download log files from WebGUI: https://github.com/pfsense/pfsense/pull/4281 Viktor Gurov
06:12 AM Feature #10468 (New): Allow to download log files from WebGUI: It could be nice to have ability to download separate log files from the Status / System Logs pages.
Can be useful... Viktor Gurov
03:31 AM Feature #10467 (New): Email alert functionality for system health: Email alerting is not well documented and not very inclusive.
I recently experienced an issue where services were ... tasty ratz
03:10 AM pfSense Packages Feature #10466 (New): Add checkbox to Suricata blocked host view to resolve all resolvable IP's automatically: Manually resolving individual IP's is cumbersome when I want to get a holistic view of the blocked hosts. Also, resol... tasty ratz
12:28 AM Bug #10465 (Resolved): possible routing performance regression due to non use of ip_tryforward: A few years back Netgate sponsored upstream enhancements to FreeBSD which replaced ip_fastforward() with ip_tryforwar... David Burns

04/16/2020

08:55 PM Bug #10414: Very high CPU usage of pfctl and more causing very high load and a hardly usable internet connection: +1 exactly the same issue here. Rich Mawdsley
05:00 PM Todo #10464 (Closed): Don't change the current update repo when new releases are available: I use a SG-1100 that was running 2.4.4-p3 and I noticed today there were updates for a couple of packages I had insta... Craig Leres
11:38 AM Revision abded4e4: Add ARM netboot services_dhcp_edit.php refs #10374: Michael Boever
11:30 AM Revision dd7188a8: Add ARM netboot to services_dhcp.php. refs #10374: Michael Boever
11:18 AM Revision 4c85579b: Add ARM32/64 netboot to services.inc. refs #10374: Michael Boever
08:52 AM Bug #10463 (Resolved): The ng_etf module is missing from base in armv6 and aarch64: ng_etf was available as a package in 2.4.4 for all architectures. In 2.4.5 it was included in base and hence not buil... Steve Wheeler
08:14 AM Feature #10448 (Pull Request Review): DHCPv6 RA - show default values in certain fields: Jim Pingle
05:31 AM Feature #10448: DHCPv6 RA - show default values in certain fields: PR:
https://github.com/pfsense/pfsense/pull/4278
It shows default values from services.inc
what about Router lif... Viktor Gurov
08:10 AM Feature #7284 (Pull Request Review): NTPd Autoset GPS device baud rate: Jim Pingle
04:54 AM Feature #7284: NTPd Autoset GPS device baud rate: tested and working on my 2.5.0
previusly speed was always set to 4800 now it work with this patch... Manuel Piovan
04:38 AM Feature #7284: NTPd Autoset GPS device baud rate: Fix to correctly set GPS baud rate
see https://forum.netgate.com/topic/152369/ntp-gps-settings-serial-port-speed
... Viktor Gurov
08:08 AM pfSense Packages Bug #10369 (Pull Request Review): Remote OpenVPN server protocol definition: Jim Pingle
03:14 AM pfSense Packages Bug #10369: Remote OpenVPN server protocol definition: OpenVPN < 2.4 doesn't support remote IPv4/IPv6 protocol definition (udp4/udp6/tcp4/tcp6),
If checkbox **Legacy Clien... Viktor Gurov
08:06 AM Bug #10460 (Pull Request Review): OpenVPN does not add IPv6 prefix to unbound DNS resolver: Jim Pingle
01:40 AM Bug #10460: OpenVPN does not add IPv6 prefix to unbound DNS resolver: Fix:
https://github.com/pfsense/pfsense/pull/4276
It adds OpenVPN IPv6 Tunnel Networks and IPsec Mobile Virtual I... Viktor Gurov
08:04 AM Bug #10461 (Not a Bug): Serial Installation fails if already on disk: There isn't enough information here to state definitively if there is a bug. Please post on the forum and describe th... Jim Pingle
01:00 AM Bug #10461 (Not a Bug): Serial Installation fails if already on disk: Having installed pfSense 2.4.5 on an PC Engines APU2E4 Board with 16GB SSD and 4GB of RAM. Due to some misconfigurati... Chris Knebb
07:44 AM Bug #9187 (Resolved): Status->Interfaces doesn't show useful data for lagg: now it shows LAGG members and MASTER/ACTIVE status (failover mode) on the dashboard widget and Status / Interface pag... Viktor Gurov
06:54 AM Feature #10374: Add ARM32/64 network booting support to dhcpd: Previous PR#4250 closed (was targeting stable release branch). New PR #4279 entered targeting master branch. Commit m... Michael Boever
06:32 AM Revision 79eef195: OpenVPN/IPsec IPv6 prefix in DNS Resolver access list. Issue #10460: Viktor Gurov
05:07 AM Bug #10386 (Resolved): A NTP Time Server name may only contain the characters a-z, 0-9, '-' and '.'.: input validation on 2.5.0.a.20200415.0942 is correct Viktor Gurov
01:05 AM pfSense Packages Feature #10462 (Resolved): CPU Temp Screen: Hello, is it possible to add to the lcdproc package on pfsense a screen with the CPU-Temperature? I know that is not ... odo maitre

04/15/2020

08:51 PM Revision f338b271: Improve help message for limiter/queue masks.: The user-facing most important change is that when setting masks on
Queues, we are not creating dynamic pipes (but qu... Felix Wolfsteller
07:17 PM Bug #10460 (Resolved): OpenVPN does not add IPv6 prefix to unbound DNS resolver: I added a private local IPv6 network (fd32:..../64) on the OpenVPN server setup. The idea was to avoid any real IP an... MIchael K
06:34 PM Revision 11360468: Fixed syntax issues: Ben Tyger
06:16 PM Revision 0bdae0b4: fixed tab issue: Fixed tab issue Ben Tyger
05:59 PM Revision 30c7b89b: Adding DynDNS response logging: When verbose logging is enabled for a dynamic DNS provider, the DynDNS code will now write the HTTP response to the s... Ben Tyger
01:42 PM Revision bee76575: More safety belts for upgrade_174_to_175(). Fixes #10458: (cherry picked from commit ca676aa35482c4e4fd64bfdcee9afe6d33b6c5fe) Jim Pingle
01:41 PM Revision ca676aa3: More safety belts for upgrade_174_to_175(). Fixes #10458: Jim Pingle
01:27 PM Feature #10459 (Pull Request Review): Improved DynDNS Logging: OK, that looks good then. Jim Pingle
01:20 PM Feature #10459: Improved DynDNS Logging: I updated the code to add the logging.
https://github.com/pfsense/pfsense/pull/4274 Ben Tyger
01:20 PM Feature #10459: Improved DynDNS Logging: I know but that verbose logging doesn't show the HTTP responses, only the request. The only way to get it the respons... Ben Tyger
01:17 PM Feature #10459 (Rejected): Improved DynDNS Logging: There is already a "verbose logging" checkbox on dyndns entries to do this. Jim Pingle
01:10 PM Feature #10459 (Resolved): Improved DynDNS Logging: Add improved DynDNS debugging log message. Currently, dynamic DNS HTTP API responses are not logged so it can't be de... Ben Tyger
10:44 AM pfSense Packages Bug #9350 (Pull Request Review): not appear proxy config: Jim Pingle
10:24 AM pfSense Packages Bug #9350: not appear proxy config: Fix:
https://github.com/pfsense/FreeBSD-ports/pull/841 Viktor Gurov
10:43 AM pfSense Packages Bug #9776 (Pull Request Review): Wrong function in squidguard_log.php: Jim Pingle
10:24 AM pfSense Packages Bug #9776: Wrong function in squidguard_log.php: PR: https://github.com/pfsense/FreeBSD-ports/pull/841
it also fixes https://redmine.pfsense.org/issues/9350 Viktor Gurov
10:41 AM Feature #10454 (Pull Request Review): OpenVPN+RADIUS+Cisco-AVPair IPv6 ACL: Viktor Gurov wrote:
> I think is better to have one vpn.attributes.php for both OpenVPN and IPsec
That should be ... Jim Pingle
10:28 AM Feature #10454: OpenVPN+RADIUS+Cisco-AVPair IPv6 ACL: I think is better to have one vpn.attributes.php for both OpenVPN and IPsec Viktor Gurov
09:18 AM Bug #10456 (Not a Bug): WAN DHCP6 Gateway pending in status: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
12:05 AM Bug #10456 (Not a Bug): WAN DHCP6 Gateway pending in status: I have here an cosmetic bug. Everything is working fine since 2.4.x
In Status / Gateways the WAN DHCP6 Gateway is ... Thilo Gass
09:08 AM Bug #10433 (Resolved): addMask() js code resets netmask size to 128/32: tested on 2.5.0.a.20200414.1347
works as expected - now doesn't allow to select /32 netmask on the firewall_nat_1t... Viktor Gurov
09:05 AM Feature #10449 (Resolved): Aggressive NSEC option: tested on 2.5.0.a.20200414.1347
works as expected,
I can see _aggressive-nsec: yes/no_ option in /var/unbound/un... Viktor Gurov
08:50 AM Bug #10458 (Feedback): Config update error: /etc/inc/upgrade_config.inc:5492: Applied in changeset commit:ca676aa35482c4e4fd64bfdcee9afe6d33b6c5fe. Jim Pingle
08:23 AM Bug #10458 (Resolved): Config update error: /etc/inc/upgrade_config.inc:5492: Importing an older config, v11.9 here, that contains:... Steve Wheeler
08:08 AM Bug #10457 (Not a Bug): Alias list freezes when trying to make edits: There is no limit that would act in the way you describe. That behavior is from your browser having problems renderin... Jim Pingle
08:00 AM Bug #10457 (Not a Bug): Alias list freezes when trying to make edits: I have an alias that has grown and when I try to load the page to make edits it freezes for ages. I'm on 2.4.5-RELEAS... Agustin Escoto
04:13 AM pfSense Packages Feature #9762: Squid Reverse Proxy Change redir domain(s) to use regex: Updated PR with checkbox switch:
https://github.com/pfsense/FreeBSD-ports/pull/840 Viktor Gurov

04/14/2020

07:16 PM Revision 6c773de2: status.php: Add upgrade_log.latest.txt. Issue #10455: Viktor Gurov
05:47 PM Revision 722e0b13: Merge pull request #4269 from vktg/ntpsrvnamevalidation: Renato Botelho
05:47 PM Revision f403b470: Merge pull request #4270 from vktg/ntpdisablefix: Renato Botelho
05:47 PM Revision 2fb29e99: Merge pull request #4271 from vktg/aggressivensec: Renato Botelho
04:49 PM Feature #10454: OpenVPN+RADIUS+Cisco-AVPair IPv6 ACL: https://github.com/pfsense/pfsense/pull/4273 Viktor Gurov
02:06 PM Feature #10454 (Resolved): OpenVPN+RADIUS+Cisco-AVPair IPv6 ACL: openvpn.attributes.php currently only supports Cisco-AVPair IPv4 ACL parsing,
Need to add IPv6 ACL support, to par... Viktor Gurov
02:21 PM Feature #10455 (Pull Request Review): status.php: Add upgrade_log.latest.txt: Jim Pingle
02:17 PM Feature #10455: status.php: Add upgrade_log.latest.txt: https://github.com/pfsense/pfsense/pull/4272 Viktor Gurov
02:14 PM Feature #10455 (Resolved): status.php: Add upgrade_log.latest.txt: upgrade_log.latest.txt contains more informative data than upgrade_log.txt, and is very useful for analyzing update i... Viktor Gurov
02:00 PM Feature #9206 (Resolved): OpenVPN+RADIUS+Cisco AVPair ACL Enhancements/BugFixes: works as expected on 2.5.0.a.20200414.0021
test radius attributes:... Viktor Gurov
01:45 PM Feature #9156: OpenVPN: Add tickbox for 'nopool' directive: Although, even nicer to just be able to define the pool as well in the GUI. Orion Poplawski
01:43 PM Feature #9156: OpenVPN: Add tickbox for 'nopool' directive: This would be very nice to have. Orion Poplawski
01:02 PM pfSense Packages Feature #10428 (Resolved): LCDProc: Add the EZIO driver to the lcdproc config page: Looks good. Tested using an EZIO-300
Tested package: 0.10.6_10 in: 2.4.5-rel Steve Wheeler
12:42 PM pfSense Packages Feature #10428 (Feedback): LCDProc: Add the EZIO driver to the lcdproc config page: PR has been merged. Thanks! Renato Botelho
12:57 PM pfSense Packages Feature #10356 (Feedback): Support for additional Notification Support: PR has been merged. Thanks! Renato Botelho
12:47 PM Feature #10449 (Feedback): Aggressive NSEC option: PR has been merged. Thanks! Renato Botelho
12:47 PM Feature #3567 (Feedback): Option to disable NTP: PR has been merged. Thanks! Renato Botelho
12:47 PM Bug #10386 (Feedback): A NTP Time Server name may only contain the characters a-z, 0-9, '-' and '.'.: PR has been merged. Thanks! Renato Botelho
12:43 PM pfSense Packages Feature #10297 (Feedback): IPv6 user attributes: PR has been merged. Thanks! Renato Botelho
12:37 PM pfSense Packages Bug #10450 (Feedback): Squid reverse proxy switching peers: PR has been merged. Thanks! Renato Botelho
11:40 AM Bug #10453 (Duplicate): Debugging output can be collected to share with pfSense developers or others providing support or assistance.: Duplicate of #9975
If you still have problems, please post on the "Netgate Forum":https://forum.netgate.com or the... Jim Pingle
11:35 AM Bug #10453 (Duplicate): Debugging output can be collected to share with pfSense developers or others providing support or assistance.: Crash report begins. Anonymous machine information:
amd64
11.2-RELEASE-p10
FreeBSD 11.2-RELEASE-p10 #9 4a2bfdce... Joel Enriquez Moya
11:22 AM pfSense Packages Bug #10452 (Resolved): acme - new DNS-Api namemaster.de in overview hash visible: Hi,
the new dnsapi-plugin for namemaster.de made it into my pfsense with package version 0.6.6
in Services / Ac... Thilo Gass
09:30 AM Bug #10398: RFC1918 external address in miniupnp does not work after upgrade to 2.4.5: There us a patch available to remove that behavior in miniupnpd that needs testing:
https://github.com/miniupnp/mini... Steve Wheeler
01:39 AM Bug #7721 (Closed): NTPd stops using external peers if listening on one interface only in a muliwan setup: no such issue on 2.4.5 and 2.5.0.a.20200409.0657
seems to be fixed in ntpd upstream Viktor Gurov

04/13/2020

09:24 PM Revision 89757dbe: Revert "Disable ntopng until it's fixed on armv7": This reverts commit 4243cb0553f46f3b3568bb49effb1a45f04f7daf. Renato Botelho
06:29 PM Revision 4243cb05: Disable ntopng until it's fixed on armv7: Renato Botelho
03:16 PM Revision 7e9d72cf: Aggressive NSEC option. Issue #10449: Viktor Gurov
02:05 PM Bug #10414: Very high CPU usage of pfctl and more causing very high load and a hardly usable internet connection: I can verify this issue.
CPU Type Intel(R) Xeon(R) CPU E5645 @ 2.40GHz
12 CPUs: 2 package(s) x 6 core(s)
Memory ... Wesley Kirby
12:03 PM Feature #10449: Aggressive NSEC option: +1 DRago_Angel [InV@DER]
09:41 AM Feature #10449 (Pull Request Review): Aggressive NSEC option: Jim Pingle
02:30 AM Feature #10449: Aggressive NSEC option: https://github.com/pfsense/pfsense/pull/4271 Viktor Gurov
02:27 AM Feature #10449 (Resolved): Aggressive NSEC option: Very nice feature for DNS optimization, which can reduce the number of queries to authoritative name servers.
See ht... Viktor Gurov
11:25 AM Bug #7614 (Resolved): Port forwards where the destination is a network alias can create invalid refection rules if multiple subnets are in that alias.: resolved by https://redmine.pfsense.org/issues/10246
tested on 2.4.5 and 2.5.0.a.20200409.0657 Viktor Gurov
10:54 AM pfSense Docs Correction #10451 (Closed): Feedback on Releases — Versions of pfSense and FreeBSD: *Page:* https://docs.netgate.com/pfsense/en/latest/releases/versions-of-pfsense-and-freebsd.html
*Feedback:*
Th... Viktor Gurov
09:42 AM pfSense Packages Bug #7797 (Pull Request Review): Squid Reverse Proxy alternating between destinations: PR: https://github.com/pfsense/FreeBSD-ports/pull/839 Jim Pingle
09:42 AM pfSense Packages Bug #10450 (Pull Request Review): Squid reverse proxy switching peers: Jim Pingle
05:28 AM pfSense Packages Bug #10450: Squid reverse proxy switching peers: https://github.com/pfsense/FreeBSD-ports/pull/839 Viktor Gurov
05:25 AM pfSense Packages Bug #10450 (Feedback): Squid reverse proxy switching peers: https://forum.netgate.com/topic/118255/squid-reverse-proxy-switching-peers:
I want Squid to direct incoming requests... Viktor Gurov

04/12/2020

09:28 PM Bug #9610: picture.widget.php: Arbitrary file read/write: Hello,
I request the CVEID CVE-2019-16915.
and my id is LoRexxar@knownsec 404team.
I hope to change my id to... LoRexxar Romer
09:27 PM Bug #9609: Reflective xss in services_captiveportal_mac.php: Hello,
I request the CVEID CVE-2019-16914.
and my id is LoRexxar@knownsec 404team.
I hope to change my id to... LoRexxar Romer
05:57 PM pfSense Packages Bug #10427 (Resolved): LCDproc: Handle multiple lcdproc clients: This works in as far as it avoids blowing up if there is more than one client. It now successfully kills all php clie... Steve Wheeler
10:43 AM pfSense Packages Bug #10320 (Resolved): lcdproc Crash report begins: Looks good. Enabling the 'Addresses by traffic' screen shows the correct data and no longer throws a php error.
Te... Steve Wheeler
10:36 AM pfSense Packages Feature #10243 (Resolved): rawserial driver for lcdproc: Looks good. Size, speed and port are passed correctly to the conf file:... Steve Wheeler
10:21 AM pfSense Packages Feature #8198 (Resolved): pfSense-pkg-LCDproc: Add a link status screen for each interface: Looks good. Tested in lcdproc 0.10.6_9, pfSense 2.4.5-rel Steve Wheeler

04/11/2020

11:45 AM Feature #10448 (Resolved): DHCPv6 RA - show default values in certain fields: In Services -> DHCPv6 Server & RA -> Router Advertisements there are some fields - Minimum RA interval, Maximum RA in... e 1/1
02:42 AM pfSense Packages Feature #9217 (Resolved): Squid LDAP Authentication - spaces in ldif values: squid pkg 0.4.44_21 - works as expected Viktor Gurov
02:40 AM pfSense Packages Feature #10434 (Resolved): Squid whitelist/blacklist with IDN hostnames: squid pkg 0.4.44_21 works as expected Viktor Gurov
02:39 AM pfSense Packages Bug #10440 (Resolved): Squid proxy ignoring allowed_subnets after package upgrade 0.4.44_9 ==> 0.4.44_19: squid pkg 0.4.44_21 - OK Viktor Gurov

04/10/2020

02:03 PM Revision c62e31f2: NTP disable checkbox fix. Issue #3567: Viktor Gurov
09:47 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: This bug still persists in Build 2.4.5 date:2020.04.10
I can confirm my issue is the same as described by the ... Gabriel Ribeiro
09:38 AM Feature #3567 (Pull Request Review): Option to disable NTP: Jim Pingle
09:05 AM Feature #3567: Option to disable NTP: enable checkbox fix:
https://github.com/pfsense/pfsense/pull/4270 Viktor Gurov
09:37 AM pfSense Packages Bug #10447 (Pull Request Review): Framed-IP-Address with plus sign is deprecated: Jim Pingle
07:38 AM pfSense Packages Bug #10447: Framed-IP-Address with plus sign is deprecated: added to https://github.com/pfsense/FreeBSD-ports/pull/810 Viktor Gurov
02:13 AM pfSense Packages Bug #10447 (Resolved): Framed-IP-Address with plus sign is deprecated: if you use Framed-IP-Address with plus sign, i.e.... Viktor Gurov
09:21 AM pfSense Packages Bug #10442 (Pull Request Review): ACME: special characters in descriptions trigger silent error and rollback: Jim Pingle
05:13 AM pfSense Packages Bug #10442: ACME: special characters in descriptions trigger silent error and rollback: this fix uses descr field name instead of desc,
it's included in the $cdata_fields of xmlparser.inc:
https://github... Viktor Gurov
09:19 AM Bug #10386 (Pull Request Review): A NTP Time Server name may only contain the characters a-z, 0-9, '-' and '.'.: Jim Pingle
04:13 AM Bug #10386 (New): A NTP Time Server name may only contain the characters a-z, 0-9, '-' and '.'.: same fix for services_ntpd.php:
https://github.com/pfsense/pfsense/pull/4269 Viktor Gurov
03:39 AM Bug #10386 (Resolved): A NTP Time Server name may only contain the characters a-z, 0-9, '-' and '.'.: works OK on 2.5.0.a.20200409.0657,
I see an updated and more correct validation code:... Viktor Gurov
09:09 AM Revision cb92c086: NTP Time Server input validation. Issue #10386: Viktor Gurov
03:30 AM pfSense Packages Bug #7654 (Resolved): Can't use a LDAP search filter containing an accent: works as expected on 2.5.0.a.20200409.0657:... Viktor Gurov
03:26 AM Bug #10368 (Resolved): OpenVPN server no definition of protocol to use (udp4): IPv4/IPv6, UDP/TCP tested on 2.5.0.a.20200409.0657
works as expected Viktor Gurov
03:22 AM Bug #7558 (Resolved): l2tp configure kills and sleeps even if first time: works as expected on 2.5.0.a.20200409.0657 Viktor Gurov
03:21 AM Bug #7562 (Resolved): l2tp remoteip confusion: works as expected on 2.5.0.a.20200409.0657 Viktor Gurov
03:16 AM Bug #10264 (Resolved): Gateways created at the console do not apply the naming convention used in the GUI: works as expected on 2.5.0.a.20200409.0657 Viktor Gurov
01:44 AM pfSense Packages Bug #10369 (Resolved): Remote OpenVPN server protocol definition: openvpn-client-export 1.4.21
IPv4/IPv6 tested
works as expected Viktor Gurov

04/09/2020

07:59 PM Revision b3a077c2: Revert "Temporary fix to let 2.5.0 poudriere to run": This reverts commit 248909c2e37b45e9dbb8d4b5104e00f7683cd99a. Renato Botelho
07:58 PM Revision 7546cbce: Temporary fix to let 2.5.0 poudriere to run: Renato Botelho
07:56 PM Revision 248909c2: Temporary fix to let 2.5.0 poudriere to run: Renato Botelho
06:32 PM Bug #8179: Incorrect reverse DNS zone in DHCP server config for non-octet-aligned subnet mask: The PR is appreciated - However may I ask how this is going to help us? dhcpd doesn’t support the classless notation ... Yousif Hassan
06:20 AM Bug #8179 (Feedback): Incorrect reverse DNS zone in DHCP server config for non-octet-aligned subnet mask: PR has been merged. Thanks! Renato Botelho
05:46 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: How it was tested ? What was the result ? How it failed ? Luiz Souza
05:04 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: This bug still persists in Build 2.4.5 date:2020.04.09 Gabriel Ribeiro
03:05 PM Bug #10376: Duplicate logs from charon: I don't know about 2.5.0, but I can assure you it is not fixed in 2.4.5. Christian Ullrich
11:23 AM Revision bd78aead: Merge pull request #4262 from vktg/lagginfo: Renato Botelho
11:20 AM Revision 56241e59: Merge pull request #4266 from vktg/reversednsdhcp: Renato Botelho
11:12 AM Revision 061c1a1b: Merge pull request #4264 from vktg/addmaskfix: Renato Botelho
11:04 AM Revision 42d3d5fc: DigitalOcean IPv6 DDNS Client to find IPv6 entries when updating. Issue #10390: -[] Redmine Issue: https://redmine.pfsense.org/issues/10390
-[] Ready for review
(cherry picked from commit 08939cf... Csoban Kesmarki
11:03 AM Revision 22a94088: Merge pull request #4268 from csobankesmarki/master: Renato Botelho
11:01 AM Revision f0b343a2: Merge pull request #4235 from vktg/dhcpv6dyndns: Renato Botelho
10:56 AM Revision 0249b6f8: Style fixes: Renato Botelho
10:52 AM Revision 707db1bc: Merge pull request #4141 from vktg/set6routesmtu: Renato Botelho
10:38 AM Feature #10446: VIP address is not shown in firewall rules: Jim Pingle wrote:
> It's not a bug, but perhaps a feature request.
OK, let it be a feature request.
I think it... Silmor Senedlen
09:56 AM Feature #10446: VIP address is not shown in firewall rules: It's not a bug, but perhaps a feature request.
It's generally not necessary on firewall rules because they don't h... Jim Pingle
09:37 AM Feature #10446 (New): VIP address is not shown in firewall rules: Good day
I noticed that VIP address(Type: IP Alias) is not shown in Source/Destination drop-down menu in Firewall ru... Silmor Senedlen
07:10 AM pfSense Packages Feature #10428 (Pull Request Review): LCDProc: Add the EZIO driver to the lcdproc config page: Jim Pingle
06:22 AM Bug #9187 (Feedback): Status->Interfaces doesn't show useful data for lagg: PR has been merged. Thanks! Renato Botelho
06:12 AM Bug #10433 (Feedback): addMask() js code resets netmask size to 128/32: PR has been merged. Thanks! Renato Botelho
06:03 AM Bug #10390 (Feedback): Fix DigitalOcean Dynamic DNS client for IPv6: PR has been merged. Thanks! Renato Botelho
06:02 AM Bug #10346 (Feedback): DHCPv6 service Dynamic DNS errors: PR has been merged. Thanks! Renato Botelho
06:02 AM Feature #6600 (Feedback): DHCP Server - Primary DDNS Address won't accept IPv6 address: PR has been merged. Thanks! Renato Botelho
05:57 AM Bug #6868 (Feedback): Interface MTU Setting not applied to all IPv6 routes: PR has been merged. Thanks! Renato Botelho
04:49 AM pfSense Packages Bug #10445: BIND crashed when added RPZ. rpz is not a master or slave zone.: i was able to reproduce it here
https://forum.netgate.com/topic/152274/rpz-rpz-local-is-not-a-master-or-slave-zone-c... Manuel Piovan

04/08/2020

04:11 PM pfSense Packages Feature #8196 (Resolved): pfSense-pkg-LCDproc: add a shutdown/reboot control menu: Tested on several LCDs with lcdproc 0.10.6_9.
Works well. Steve Wheeler
02:09 PM pfSense Docs Correction #10417: Feedback on Packages — Package List: I added a basic description, it probably wants to be improved over time: https://docs.netgate.com/pfsense/en/latest/p... Jared Dillard
01:43 PM Revision 9fbd8f71: DHCPv6 service Dynamic DNS fix. Issue #10346: Viktor Gurov
12:31 PM pfSense Docs Correction #10435 (Closed): Console connection guide for PuTTY uses incorrect order of operations on first run of PuTTY: Thanks! The text has been updated to:... Jared Dillard
07:09 AM Feature #9251: DNS Resolver (Unbound) Python Integration: It's nice that there is the added option in the web config, but there is no hint whatsoever where to put these Python... Carsten Grafflage

04/07/2020

05:46 PM pfSense Packages Bug #10445 (Feedback): BIND crashed when added RPZ. rpz is not a master or slave zone.: Before upgrade pfsense to version 2.4.5 i try update packages on 2.4.4p3.
After updating BIND to 9.14_3 (Package Dep... lexxai lexxai
03:58 PM Feature #10237: Take ZFS snapshot on Upgrade: +1 for this feature (I don't see a voting button) David Reitz
03:23 PM pfSense Packages Bug #10444 (Resolved): FRR will not start in 2.4.5 aarch64: We have an internal bug open for this but it's not public.
https://redmine.netgate.com/issues/3765
Updates will b... Steve Wheeler
03:02 PM Bug #9263: Incorrect ICMP reply when using limiters: The ticket is explicitly for 2.4.4. Given that 2.4.5 is out now, the same issue is also impacting 2.4.5.
In my cas... Miroslav Shubernetskiy
11:44 AM pfSense Packages Bug #10443 (Closed): pfSense-pkg-squid-0.4.44_19 and pfSense-pkg-squid-0.4.44_20: Fixed:
see https://redmine.pfsense.org/issues/10434#note-4
and PR https://github.com/pfsense/FreeBSD-ports/pull/836 Viktor Gurov
11:00 AM pfSense Packages Bug #10443 (Closed): pfSense-pkg-squid-0.4.44_19 and pfSense-pkg-squid-0.4.44_20: After update from pfSense-pkg-squid-0.4.44_18 to pfSense-pkg-squid-0.4.44_19 Reverse proxy stopped working.
Squid do... Ilian Cheneshev
11:36 AM pfSense Packages Feature #10434 (Pull Request Review): Squid whitelist/blacklist with IDN hostnames: Jim Pingle
11:32 AM pfSense Packages Feature #10434: Squid whitelist/blacklist with IDN hostnames: Use idn_to_ascii() only for ACL
Otherwise sq_text_area_decode() create incorrect files (i.e. crt or key files)
Fi... Viktor Gurov
09:38 AM pfSense Packages Bug #10442: ACME: special characters in descriptions trigger silent error and rollback: Ah I see. Would just filtering out those characters via an error message before trying to save it be a better approac... Jens Groh
09:30 AM pfSense Packages Bug #10442: ACME: special characters in descriptions trigger silent error and rollback: No, it's not from htmlentities. It's that those characters are not valid in XML. So the field probably needs to have ... Jim Pingle
09:25 AM pfSense Packages Bug #10442: ACME: special characters in descriptions trigger silent error and rollback: small addition:
is related to Acme 0.6.6 (still happens on 2.5.x snapshots)
There are special chars that work (... Jens Groh
09:19 AM pfSense Packages Bug #10442 (Resolved): ACME: special characters in descriptions trigger silent error and rollback: pfSense: 2.4.5
Acme: 0.6.6
Re-create:
1) ACME > Certificates: create new certificate
2) enter any settings fo... Jens Groh
09:35 AM pfSense Packages Bug #10439: BandwidthD stopped working after update: Jim Pingle wrote:
> It works fine here on 2.4.5, and you did not provide enough detail to even guess at what might b... Mark Grant
08:05 AM pfSense Packages Bug #10439 (Rejected): BandwidthD stopped working after update: It works fine here on 2.4.5, and you did not provide enough detail to even guess at what might be wrong in your speci... Jim Pingle
09:17 AM pfSense Packages Bug #10440 (Feedback): Squid proxy ignoring allowed_subnets after package upgrade 0.4.44_9 ==> 0.4.44_19: PR has been merged. Thanks! Renato Botelho
08:50 AM pfSense Packages Bug #10440: Squid proxy ignoring allowed_subnets after package upgrade 0.4.44_9 ==> 0.4.44_19: Thanks for your quick update :)
I patched the file and it works as before. Tobias Meyer
08:06 AM pfSense Packages Bug #10440 (Pull Request Review): Squid proxy ignoring allowed_subnets after package upgrade 0.4.44_9 ==> 0.4.44_19: Jim Pingle
05:32 AM pfSense Packages Bug #10440: Squid proxy ignoring allowed_subnets after package upgrade 0.4.44_9 ==> 0.4.44_19: ACLs are blank on pre-2.4.5 pfSense,
caused by the absence of _idn_to_ascii()_
Fix:
https://github.com/pfsense/F... Viktor Gurov
02:59 AM pfSense Packages Bug #10440: Squid proxy ignoring allowed_subnets after package upgrade 0.4.44_9 ==> 0.4.44_19: Viktor Gurov wrote:
> can you check it in your squid.conf?
> Need more information
I can see the subnet on the U... Tobias Meyer
02:47 AM pfSense Packages Bug #10440: Squid proxy ignoring allowed_subnets after package upgrade 0.4.44_9 ==> 0.4.44_19: There is only one change in https://github.com/pfsense/FreeBSD-ports/pull/830
- fixes IPv6 duplicate addresses in lo... Viktor Gurov
02:31 AM pfSense Packages Bug #10440 (Resolved): Squid proxy ignoring allowed_subnets after package upgrade 0.4.44_9 ==> 0.4.44_19: We allow an additional subnet (OpenVPN Roadwarriors) on our squid proxy server additionally to the LAN interface.
... Tobias Meyer
08:22 AM pfSense Packages Feature #10441 (Pull Request Review): Integration of bfd daemon: Jim Pingle
07:48 AM pfSense Packages Feature #10441: Integration of bfd daemon: Corresponding PR :
https://github.com/pfsense/FreeBSD-ports/pull/835 Emmanuel Roger
07:34 AM pfSense Packages Feature #10441 (Resolved): Integration of bfd daemon: FRR package already include bfd daemon and it could be use to reduce fault detection.
Some changes are needed in o... Emmanuel Roger
07:59 AM pfSense Packages Bug #10338 (Resolved): FRR OSPF6 Router-ID configuration statement has changed: OK on frr 0.6.4_3 Viktor Gurov
07:15 AM Feature #10323 (Resolved): Allow limiting NTP pool server usage count: works fine on 2.5.0.a.20200404.2224 Viktor Gurov
03:30 AM pfSense Packages Bug #7048 (Resolved): Add IPv6 support to squid: resolved in https://redmine.pfsense.org/issues/10335
and https://redmine.pfsense.org/issues/8887 Viktor Gurov
03:26 AM pfSense Packages Feature #10335 (Resolved): Squid IPv6 transparent mode: works as expected on 2.4.5/2.5 with squid 0.4.44_19 Viktor Gurov
01:01 AM pfSense Packages Bug #10422 (Resolved): Squid LDAP auth must use LDAPURI option: works as expected on 2.4.5 with squid 0.4.44_19 Viktor Gurov
12:59 AM pfSense Packages Bug #10378 (Resolved): Add IPv6 network to Squid localnet: works as expected on 2.4.5 with squid 0.4.44_19 Viktor Gurov
12:54 AM pfSense Packages Bug #10379 (Resolved): squid not authenticate LDAP/RADIUS: works as expected on 2.4.5 with squid 0.4.44_19 Viktor Gurov

04/06/2020

07:19 PM pfSense Packages Bug #10436: softflowd no longer sends flow data after upgrade (v0.9.9_1 -> v1.0.0): Manuel Piovan wrote:
> me too
> can you try with the flag -P udp from console and report back?
> example /usr/loca... Mark Hassman
06:25 AM pfSense Packages Bug #10436: softflowd no longer sends flow data after upgrade (v0.9.9_1 -> v1.0.0): me too
can you try with the flag -P udp from console and report back?
example /usr/local/bin/softflowd -D -i 1:vmx1... Manuel Piovan
02:01 AM pfSense Packages Bug #10436 (Feedback): softflowd no longer sends flow data after upgrade (v0.9.9_1 -> v1.0.0): Hi, after upgrading pfsense from v2.4.4_3 -> v2.4.5 (which included an upgrade of softflowd from v0.9.9_1 -> v1.0), s... Mark Hassman
06:49 PM pfSense Packages Bug #10439 (Rejected): BandwidthD stopped working after update: BandwidthD package stopped working after an update.
it installs fine, but no graphs.
deinstall/reinstall, same ... Mark Grant
04:19 PM Revision 08939cfb: DigitalOcean IPv6 DDNS Client to find IPv6 entries when updating. Issue #10390: -[] Redmine Issue: https://redmine.pfsense.org/issues/10390
-[] Ready for review Csoban Kesmarki
04:04 PM Revision 779b5ee5: Merge pull request #4267 from vktg/l2tpradiusissue: Renato Botelho
04:04 PM Revision 4e3ba659: Merge pull request #4265 from vktg/squidauthumlaut: Renato Botelho
04:04 PM Revision 9ea5f56e: Merge pull request #4263 from vktg/dhcpv6updstatleases: Renato Botelho
03:08 PM Bug #10438 (Resolved): Prepare pfSense-upgrade to deal with pkg 1.13.x+: pkg 1.13.x bumped repository meta version from 1 -> 2 and older versions can't read new repo metadata.
Change pfS... Renato Botelho
02:21 PM pfSense Packages Feature #10428: LCDProc: Add the EZIO driver to the lcdproc config page: tested here https://forum.netgate.com/topic/115071/ezio-driver-for-lcdproc/115
PR https://github.com/pfsense/FreeBSD... Manuel Piovan
01:51 PM Revision ad1a6de3: L2TP RADIUS issued IPs fix. Issue #7562: Viktor Gurov
01:30 PM Bug #10437: Changing interface description will break gateway groups: Looking through the config.xml, I can see what you mean about DHCP interfaces (deriving names from the description)..... Jon Brabender
12:43 PM Bug #10437: Changing interface description will break gateway groups: Thanks, I guess it just confusing because it is "allowed", but the side effects are not clear. Is there anything else... Jon Brabender
12:30 PM Bug #10437: Changing interface description will break gateway groups: In effect the "description" of the interface is its name in this context. It alters the name of the gateway. The fiel... Jim Pingle
12:29 PM Bug #10437: Changing interface description will break gateway groups: Those issues are "changing the name"...this is "changing the description"...I realize changing the "name" is not allo... Jon Brabender
11:41 AM Bug #10437 (Duplicate): Changing interface description will break gateway groups: This is the same root issue as #8218 / #8151, so it doesn't need its own entry.
This would only happen with dynami... Jim Pingle
11:28 AM Bug #10437 (Duplicate): Changing interface description will break gateway groups: Reproduce:
* System with Multiple Wans (Description/Interface= WAN/em0, WAN2/em1)
* Create an gateway group using t... Jon Brabender
01:13 PM Bug #10420 (Confirmed): Miscellaneous page with pre-existing RAM disks config can't be saved: I was able to replicate this on an ARM system (SG-3100).
Kernel Memory before activating RAM disks:... Jim Pingle
11:33 AM Bug #10390: Fix DigitalOcean Dynamic DNS client for IPv6: Corrected pull request: https://github.com/pfsense/pfsense/pull/4268 Csoban Kesmarki
11:04 AM Bug #7562 (Feedback): l2tp remoteip confusion: PR has been merged. Thanks! Renato Botelho
09:13 AM Bug #7562 (Pull Request Review): l2tp remoteip confusion: Jim Pingle
09:01 AM Bug #7562: l2tp remoteip confusion: https://github.com/pfsense/pfsense/pull/4267 Viktor Gurov
11:04 AM pfSense Packages Bug #7654 (Feedback): Can't use a LDAP search filter containing an accent: PR has been merged. Thanks! Renato Botelho
07:55 AM pfSense Packages Bug #7654 (Pull Request Review): Can't use a LDAP search filter containing an accent: Jim Pingle
11:04 AM Feature #10412 (Feedback): DHCPv6 Static Entries are not updated on external DDNS server: PR has been merged. Thanks! Renato Botelho
07:50 AM Feature #10412 (Pull Request Review): DHCPv6 Static Entries are not updated on external DDNS server: Jim Pingle
11:04 AM Feature #9439: Poll Interval For GPS and PPS: Here is a link to the official documentation: https://www.eecis.udel.edu/~mills/ntp/html/poll.html
The FreeBSD docum... Pierre Poutine
08:23 AM Feature #9439: Poll Interval For GPS and PPS: > 3 offers reduced jitter over 4.
> Low poll interval is also valuable for polling a server on a low latency network... Jim Pingle
11:01 AM pfSense Packages Bug #10432 (Feedback): Arpwatch show unknown vendor: PR has been merged. Thanks! Renato Botelho
08:17 AM pfSense Packages Bug #10432 (Pull Request Review): Arpwatch show unknown vendor: Jim Pingle
11:00 AM pfSense Packages Feature #10434 (Feedback): Squid whitelist/blacklist with IDN hostnames: PR has been merged. Thanks! Renato Botelho
07:57 AM pfSense Packages Feature #10434 (Pull Request Review): Squid whitelist/blacklist with IDN hostnames: Jim Pingle
11:00 AM pfSense Packages Feature #10335 (Feedback): Squid IPv6 transparent mode: PR has been merged. Thanks! Renato Botelho
08:10 AM pfSense Packages Feature #10335 (Pull Request Review): Squid IPv6 transparent mode: Jim Pingle
10:55 AM pfSense Packages Bug #10427 (Feedback): LCDproc: Handle multiple lcdproc clients: PR has been merged. Thanks! Renato Botelho
07:49 AM pfSense Packages Bug #10427 (Pull Request Review): LCDproc: Handle multiple lcdproc clients: Jim Pingle
10:55 AM pfSense Packages Bug #10385 (Feedback): Pb with Username authorized characters when OTP is disabled: PR has been merged. Thanks! Renato Botelho
07:48 AM pfSense Packages Bug #10385 (Pull Request Review): Pb with Username authorized characters when OTP is disabled: Jim Pingle
09:58 AM Bug #10418 (New): IPsec VTI address/mask selection not functional: Reopening this since it's not quite so clear that we should lock this down after all. Maybe we should default it to a... Jim Pingle
09:31 AM Bug #10375: Double zfs entry in loader.conf: Jim Pingle wrote:
> Is it still there after the next reboot?
Same
>
> How about after saving under System > Ad... Viktor Gurov
09:14 AM Bug #7558 (Pull Request Review): l2tp configure kills and sleeps even if first time: Jim Pingle
09:02 AM Bug #7558: l2tp configure kills and sleeps even if first time: https://github.com/pfsense/pfsense/pull/4267 Viktor Gurov
08:16 AM Feature #7287 (Pull Request Review): NTP add support for ACTS ref clock: Jim Pingle
08:12 AM Bug #8179 (Pull Request Review): Incorrect reverse DNS zone in DHCP server config for non-octet-aligned subnet mask: Jim Pingle
07:58 AM Bug #9187 (Pull Request Review): Status->Interfaces doesn't show useful data for lagg: Jim Pingle
07:52 AM Bug #10433 (Pull Request Review): addMask() js code resets netmask size to 128/32: Jim Pingle
04:27 AM Bug #10414: Very high CPU usage of pfctl and more causing very high load and a hardly usable internet connection: I can confirm this problem. If there are changes to the routing table (because there is packet loss on some OpenVPN I... W M

04/05/2020

10:23 PM Revision d95e86dc: Reverse DDNS zone in DHCP server for non-octet-aligned subnet. Issue #8179: Viktor Gurov
08:26 PM Feature #9439: Poll Interval For GPS and PPS: Jim Pingle wrote:
> What advantage would 3 have over 4 when using a local GPS though? Why would it need to probe tha... Pierre Poutine
07:05 PM Revision f14c9058: CDATA encode Squid LDAP options. Issue #7654: Viktor Gurov
05:39 PM pfSense Docs Correction #10435 (Closed): Console connection guide for PuTTY uses incorrect order of operations on first run of PuTTY: https://docs.netgate.com/pfsense/en/latest/solutions/sg-1100/connect-to-console.html
and the other "connect to con... Anonymous
05:26 PM Bug #8179: Incorrect reverse DNS zone in DHCP server config for non-octet-aligned subnet mask: Fix:
https://github.com/pfsense/pfsense/pull/4266 Viktor Gurov
03:38 PM Revision 44aea2e1: addMask() netmask reset fix. Issue #10433: Viktor Gurov
03:05 PM Bug #10420: Miscellaneous page with pre-existing RAM disks config can't be saved: I did not see the behavior on another installation I upgraded today neither. Adrian Zaugg
03:03 PM pfSense Packages Feature #10434: Squid whitelist/blacklist with IDN hostnames: https://github.com/pfsense/FreeBSD-ports/pull/832 Viktor Gurov
02:58 PM pfSense Packages Feature #10434 (Resolved): Squid whitelist/blacklist with IDN hostnames: Squid doesn't block non-ascii domans
non-ascii domains must first be converted to punycode:
https://unix.stackexcha... Viktor Gurov
02:11 PM pfSense Packages Bug #7654: Can't use a LDAP search filter containing an accent: TODO:
CDATA encode FreeRADIUS LDAP options Viktor Gurov
02:10 PM pfSense Packages Bug #7654: Can't use a LDAP search filter containing an accent: CDATA encode Squid LDAP options:
https://github.com/pfsense/pfsense/pull/4265 Viktor Gurov
12:53 PM Revision 1a618dc0: DHCPv6 update-static-leases. Issue #10412: Viktor Gurov
10:40 AM Bug #10433: addMask() js code resets netmask size to 128/32: Fix:
https://github.com/pfsense/pfsense/pull/4264 Viktor Gurov
10:37 AM Bug #10433 (Closed): addMask() js code resets netmask size to 128/32: from https://github.com/pfsense/pfsense/pull/4200:... Viktor Gurov
08:58 AM Bug #10430 (Not a Bug): Captive Portal shows 404 post login after upgrade to 2.4.5: There was no change in the configuration between 2.4.4-p3 and 2.4.5
The post-auth redirect URL should always have ... Jim Pingle
04:08 AM Bug #10430: Captive Portal shows 404 post login after upgrade to 2.4.5: I figured out the issue. It appears to be configuration problem, possible as a result of the upgrade. The default red... Jimmy Chen
04:02 AM Bug #10430: Captive Portal shows 404 post login after upgrade to 2.4.5: Testing the Captive Portal in a Windows machine allowed me to see the URL it's hitting post login.
https://guest.e... Jimmy Chen
03:47 AM Bug #10430 (Not a Bug): Captive Portal shows 404 post login after upgrade to 2.4.5: I just upgraded to 2.4.5 and when a user signs in via Captive Portal it immediately shows a "404 Not Found" nginx err... Jimmy Chen
07:56 AM Feature #10412: DHCPv6 Static Entries are not updated on external DDNS server: Right, https://ftp.isc.org/isc/dhcp/4.4.1/dhcp-4.4.1-RELNOTES:... Viktor Gurov
07:10 AM pfSense Packages Feature #10428: LCDProc: Add the EZIO driver to the lcdproc config page: EZIO is a serial connection type for HD44780. It must be set for the server to be able to talk to it.
https://github... Steve Wheeler
07:05 AM pfSense Packages Feature #10428: LCDProc: Add the EZIO driver to the lcdproc config page: https://github.com/lcdproc/lcdproc/releases
HD44780 connection type "serial" supports Portwell EZIO-100 and EZIO-300... Manuel Piovan
06:00 AM pfSense Packages Bug #10432: Arpwatch show unknown vendor: this is due to $oui = strtoupper(substr($mac, 0, 8));
the content of ethercodes.dat is not uppercase
PR https://... Manuel Piovan
05:55 AM pfSense Packages Bug #10432 (Resolved): Arpwatch show unknown vendor: arpwatch.inc
line 164
if (preg_match("/^$oui\s+(.*)$/m", file_get_contents(ARPWATCH_LOCAL_DIR.'/ethercodes.dat'), $... Manuel Piovan
05:31 AM pfSense Packages Bug #10431: pfBlockerNG Cron Job wrong - Clear IP / DNSBL Statistics: Preview function is your friend. Cron looks like... Luki TJ
05:26 AM pfSense Packages Bug #10431 (Resolved): pfBlockerNG Cron Job wrong - Clear IP / DNSBL Statistics: Configuring on the pfBlockerNG Widget the Statistic clearance on a weekly frequency results in this cron config:
*... Luki TJ

04/04/2020

05:10 PM pfSense Packages Feature #10335: Squid IPv6 transparent mode: https://github.com/pfsense/FreeBSD-ports/pull/830 Viktor Gurov
01:28 PM pfSense Packages Bug #10429: Status Traffic Total broken 2.4.5: https://forum.netgate.com/topic/151914/traffic-totals-hourly-report-problem/ Manuel Piovan
01:22 PM pfSense Packages Bug #10429 (New): Status Traffic Total broken 2.4.5: it's broken on 2.4.5
Hourly and Daily tab show data in the future
top 10 show ... some strange geometric figure Manuel Piovan
12:25 PM Revision 49e36202: Show LAGG Members info. Issue #9187: Viktor Gurov
10:33 AM Bug #8981 (Resolved): Uncheck DHCP registration does not clear entries: works as expected on 2.5.0.a.20200403.1936 Viktor Gurov
10:26 AM Feature #1019 (Resolved): Lagg Failover Mode Master Interface: works as expected on 2.5.0.a.20200403.1936 Viktor Gurov
10:24 AM Bug #8054 (Resolved): DHCP server accepts trailing dot in domain names, DNS resolver adds another and breaks: works as expected on 2.5.0.a.20200403.1936 Viktor Gurov
10:20 AM pfSense Packages Feature #10428: LCDProc: Add the EZIO driver to the lcdproc config page: LCDd.conf not lcdproc.conf Steve Wheeler
10:18 AM pfSense Packages Feature #10428 (Resolved): LCDProc: Add the EZIO driver to the lcdproc config page: The EZIO driver was written by forum member fmertz and accepted upstream, it's now part of the package but there is n... Steve Wheeler
10:15 AM pfSense Packages Bug #10427: LCDproc: Handle multiple lcdproc clients: https://github.com/pfsense/FreeBSD-ports/pull/829 Viktor Gurov
10:13 AM pfSense Packages Bug #10427 (Resolved): LCDproc: Handle multiple lcdproc clients: Return only one argument from pgrep to avoid breaking [ ]. Without that the client processes are not killed if there ... Viktor Gurov
09:55 AM pfSense Packages Bug #10422: Squid LDAP auth must use LDAPURI option: I upgraded squid to 0.4.44_18 on 2.4.5/2.5 but can't see this code
Viktor Gurov
08:49 AM Bug #10424 (Resolved): status.php: Calls using pkg should use pkg-static: Works as expected Jim Pingle
08:49 AM Todo #10423 (Resolved): status.php: Add kernel modules: Jim Pingle
05:02 AM Todo #10423: status.php: Add kernel modules: tested on 2.5.0.a.20200403.1936
OS-Kernel Modules.txt is OK. Viktor Gurov
08:44 AM Bug #10414: Very high CPU usage of pfctl and more causing very high load and a hardly usable internet connection: I can reproduce this at will. My hardware is a Supermicro 5018D-FN4T (Same as XG-1541). I can provide a config file i... John Jacobs
08:02 AM Bug #10418 (Resolved): IPsec VTI address/mask selection not functional: tested on 2.5.0.a.20200403.1936
OK now, I can see correct netmask:... Viktor Gurov
07:51 AM Feature #9251: DNS Resolver (Unbound) Python Integration: About python module and python files, suggestion "option two":
add Notice *(i) to Python Module Script about:
1. If... DRago_Angel [InV@DER]
04:34 AM Feature #9251: DNS Resolver (Unbound) Python Integration: @Jim maybe cool idea to add option to paste python files to unbound chroot like it done in HAproxy package from GUI s... DRago_Angel [InV@DER]
07:28 AM Bug #9187: Status->Interfaces doesn't show useful data for lagg: Fix:
https://github.com/pfsense/pfsense/pull/4262 Viktor Gurov
06:22 AM pfSense Packages Bug #10426 (Resolved): Filer must validate that File name is uniq: Filer Plugin allow create multiply files with same name which is not have any usecase. I think this bug. DRago_Angel [InV@DER]
04:56 AM pfSense Packages Bug #10385: Pb with Username authorized characters when OTP is disabled: MILO MEDIN wrote:
> There is also an issue with being able to user MAC addresses in the FreeRadius username in the X... Viktor Gurov
03:28 AM Feature #7287: NTP add support for ACTS ref clock: updated PR:
https://github.com/pfsense/pfsense/pull/4261 Viktor Gurov

04/03/2020

08:10 PM pfSense Packages Feature #10425 (Resolved): upgrade ntopng to 4.0.0: ntopng 4.0.0 has been released.
https://github.com/ntop/ntopng/commits/4.0
Could the ntopng package for pfSense... Jeffrey Altman
07:04 PM Revision b4ce86dc: status.php updates: * Add kldstat verbose output. Implements #10423
* Change pkg calls to pkg-static. Fixes #10424
(cherry picked from c... Jim Pingle
07:03 PM Revision b943d20d: status.php updates: * Add kldstat verbose output. Implements #10423
* Change pkg calls to pkg-static. Fixes #10424 Jim Pingle
04:13 PM Revision 6e2d9fa9: Deprecated is more appropriate: Renato Botelho
04:13 PM Revision ebbe8260: Deprecated is more appropriate: Renato Botelho
04:13 PM Revision b1f1c16f: Deprecated is more appropriate: Renato Botelho
03:42 PM Revision 411579d8: Reset PRODUCT_REVISION: Renato Botelho
03:02 PM Revision bad84d07: Merge pull request #4245 from vktg/defntpmaxpeers: Renato Botelho
03:01 PM Revision 15abd092: Merge pull request #4247 from vktg/laggmembermtu: Renato Botelho
03:00 PM Revision a98b3d58: Merge pull request #4248 from vktg/ovpnclientproto: Renato Botelho
02:59 PM Revision 56281195: Merge pull request #4252 from vktg/cleandnsdhcpleases: Renato Botelho
02:55 PM Revision f16b44a3: Merge pull request #4254 from kiokoman/master: Renato Botelho
02:55 PM Revision f380af3f: Merge pull request #4243 from vktg/ntpdisable: Renato Botelho
02:54 PM Revision 4fc1f7d6: Merge pull request #4246 from vktg/ignorelaggmemevent: Renato Botelho
02:53 PM Revision 47fb41cc: Merge pull request #4251 from vktg/sysdomainfix: Renato Botelho
02:48 PM Revision 76a102fb: Merge pull request #4249 from vktg/laggfailovermaster: Renato Botelho
02:44 PM Revision 3610b37a: Merge pull request #4260 from vktg/ipsecvti30: Renato Botelho
02:10 PM Bug #10424 (Feedback): status.php: Calls using pkg should use pkg-static: Applied in changeset commit:b943d20dcd9a580c18ce804b47f512855272f1dd. Jim Pingle
02:03 PM Bug #10424 (Resolved): status.php: Calls using pkg should use pkg-static: The status.php items which use @pkg@ should use @pkg-static@ instead, to avoid potential problems on systems which ar... Jim Pingle
02:10 PM Todo #10423 (Feedback): status.php: Add kernel modules: Applied in changeset commit:b943d20dcd9a580c18ce804b47f512855272f1dd. Jim Pingle
02:02 PM Todo #10423 (Resolved): status.php: Add kernel modules: The list of loaded kernel modules from @kldstat@ should be added to status.php Jim Pingle
01:50 PM Revision 159df52d: Rename 2.4.4 repo files: Renato Botelho
01:50 PM Revision 76d9d592: Rename 2.4.4 repo files: Renato Botelho
01:49 PM Revision e72665ec: Rename 2.4.4 repo files: Renato Botelho
01:26 PM Revision d4aa3c9d: Let user to stay on 2.4.4 for some time: Renato Botelho
01:25 PM Revision 9cc713c6: Let user to stay on 2.4.4 for some time: Renato Botelho
01:24 PM Revision 73c6bbaa: Let user to stay on 2.4.4 for some time: Renato Botelho
12:34 PM Revision 92ab21bb: IPsec VTI /30 netmask. Issue #10418: Viktor Gurov
12:08 PM pfSense Packages Bug #10422 (Feedback): Squid LDAP auth must use LDAPURI option: PR has been merged. Thanks! Renato Botelho
11:45 AM pfSense Packages Bug #10422: Squid LDAP auth must use LDAPURI option: Fix:
https://github.com/pfsense/FreeBSD-ports/pull/823
This PR also changes STARTTLS -Z option to -ZZ,
it's used... Viktor Gurov
11:39 AM pfSense Packages Bug #10422 (Resolved): Squid LDAP auth must use LDAPURI option: basic_ldap_auth must use LDAPURI option (-H) to successfully connect using ldaps.
see https://forum.netgate.com/topi... Viktor Gurov
10:41 AM Bug #10420: Miscellaneous page with pre-existing RAM disks config can't be saved: I have not seen that happen here when I was testing this initially, but I don't currently have any systems with RAM d... Jim Pingle
10:12 AM Bug #10420 (Resolved): Miscellaneous page with pre-existing RAM disks config can't be saved: Having an installation of pfSense using RAM disks one can't save any other changes made on the System->Advanced->Misc... Adrian Zaugg
10:31 AM pfSense Packages Feature #10421 (Resolved): suricata unix_stream support for telegraf: it would be nice if there was support for telegraf under suricata
input.suricata need unix socket to be created for ... Manuel Piovan
10:25 AM pfSense Packages Todo #10419 (Feedback): Update haproxy ports: Done. Bumped haproxy and haproxy-devel pfSense packages to 0.60_4 to let users to see a new version Renato Botelho
08:26 AM pfSense Packages Todo #10419 (Closed): Update haproxy ports: pfSense-pkg-haproxy depends on net/haproxy18 which is currently 1.8.23
pfSense-pkg-haproxy-devel depends on net/hapr... Jim Pingle
10:19 AM pfSense Packages Bug #10369 (Feedback): Remote OpenVPN server protocol definition: PR has been merged. Thanks! Renato Botelho
10:19 AM pfSense Packages Bug #10393 (Feedback): Syslog-ng TLS support is broken: PR has been merged. Thanks! Renato Botelho
10:17 AM pfSense Packages Bug #10413 (Feedback): BIND plugins are not copied into chroot: PR has been merged. Thanks! Renato Botelho
10:16 AM pfSense Packages Bug #10378 (Feedback): Add IPv6 network to Squid localnet: PR has been merged. Thanks! Renato Botelho
07:19 AM pfSense Packages Bug #10378 (Pull Request Review): Add IPv6 network to Squid localnet: Jim Pingle
10:16 AM pfSense Packages Feature #10415 (Feedback): FreeRADIUS Package: Add option to enter NT or MD5 prehashed passwords in configuration: PR has been merged. Thanks! Renato Botelho
07:28 AM pfSense Packages Feature #10415 (Pull Request Review): FreeRADIUS Package: Add option to enter NT or MD5 prehashed passwords in configuration: Jim Pingle
10:02 AM Feature #10323 (Feedback): Allow limiting NTP pool server usage count: PR has been merged. Thanks! Renato Botelho
10:01 AM Bug #8585 (Feedback): Logical interface MTU matches configuration of its physical port channel, not its own configuration: PR has been merged. Thanks! Renato Botelho
10:00 AM Bug #10368 (Feedback): OpenVPN server no definition of protocol to use (udp4): PR has been merged. Thanks! Renato Botelho
10:00 AM Bug #8981 (Feedback): Uncheck DHCP registration does not clear entries: PR has been merged. Thanks! Renato Botelho
09:58 AM Feature #10374 (Pull Request Review): Add ARM32/64 network booting support to dhcpd: Ops, my mistake here. PR was not merged yet Renato Botelho
09:56 AM Feature #10374 (Feedback): Add ARM32/64 network booting support to dhcpd: PR has been merged. Thanks! Renato Botelho
09:56 AM Bug #10386 (Feedback): A NTP Time Server name may only contain the characters a-z, 0-9, '-' and '.'.: PR has been merged. Thanks! Renato Botelho
09:54 AM Feature #3567 (Feedback): Option to disable NTP: PR has been merged. Thanks! Renato Botelho
09:53 AM Bug #10365 (Feedback): LAGG member event causes filter to reload: PR has been merged. Thanks! Renato Botelho
09:52 AM Bug #8054 (Feedback): DHCP server accepts trailing dot in domain names, DNS resolver adds another and breaks: PR has been merged. Thanks! Renato Botelho
09:48 AM Feature #1019 (Feedback): Lagg Failover Mode Master Interface: PR has been merged. Thanks! Renato Botelho
09:44 AM Bug #10418 (Feedback): IPsec VTI address/mask selection not functional: PR has been merged. Thanks! Renato Botelho
07:53 AM Bug #10418 (Pull Request Review): IPsec VTI address/mask selection not functional: Jim Pingle
07:36 AM Bug #10418: IPsec VTI address/mask selection not functional: /30 netmask fix:
https://github.com/pfsense/pfsense/pull/4260 Viktor Gurov
07:25 AM Bug #10418: IPsec VTI address/mask selection not functional: Viktor Gurov wrote:
> _2. After IPsec interface assignment it doesn't appear under Firewall/Rules:_
> I found that ... Jim Pingle
07:19 AM Bug #10418: IPsec VTI address/mask selection not functional: _1. Once the IPsec interface is assigned, it gets /32 subnet instead of /30._
simple fix in ipsec.inc
https://githu... Viktor Gurov
06:33 AM Bug #10418 (Resolved): IPsec VTI address/mask selection not functional: There are couple of oddities in 2.4.5.
1. Once the IPsec interface is assigned, it gets /32 subnet instead of /30.
... Danilo Zrenjanin
09:21 AM Bug #10416: dhcrelay command line options not properly configured for some DHCP failover scenarios: Jim Pingle wrote:
> Having separate choices for upstream and downstream would give the user manual control over whic... John Steele
09:09 AM Bug #10416: dhcrelay command line options not properly configured for some DHCP failover scenarios: John Steele wrote:
> Jim Pingle wrote:
> > Why would you need to relay to a server in the same subnet as the client... Jim Pingle
09:02 AM Bug #10416: dhcrelay command line options not properly configured for some DHCP failover scenarios: Jim Pingle wrote:
> Why would you need to relay to a server in the same subnet as the clients it serves and the fire... John Steele
07:37 AM Bug #10416: dhcrelay command line options not properly configured for some DHCP failover scenarios: Why would you need to relay to a server in the same subnet as the clients it serves and the firewall? They can get a ... Jim Pingle
01:31 AM Bug #10416 (Resolved): dhcrelay command line options not properly configured for some DHCP failover scenarios: Scenario: ISC DHCP failover, with one of the 2 servers in the failover association residing in a subnet that also se... John Steele
07:53 AM Bug #10414: Very high CPU usage of pfctl and more causing very high load and a hardly usable internet connection: Likely the same root cause as #10310 though that doesn't have quite the same symptoms.
> Cause:
> - it may be rel... Jim Pingle
07:07 AM Bug #10414: Very high CPU usage of pfctl and more causing very high load and a hardly usable internet connection: A few additions:
- it seems to happen more often if pfSense is installed and used in a virtual environement
- it se... Tobias H
07:05 AM Revision 09b9977b: Lagg Failover Mode Master Interface select. Issue #1019: Viktor Gurov
04:29 AM pfSense Docs Correction #10417 (Closed): Feedback on Packages — Package List: *Page:* https://docs.netgate.com/pfsense/en/latest/packages/list.html
*Feedback:*
Need to add info about PIMD p... Viktor Gurov
12:55 AM Feature #10293 (Resolved): DNS flag day - EDNS buffer size recommendation: works as expected on 2.5.0.a.20200402.0149 Viktor Gurov

04/02/2020

11:38 PM Bug #10380: Unable to upgrade from 2.4.4 p3 to 2.4.5: Peter Cronwright wrote:
> Just had the same thing
I am also experiencing the same issue ... houmehr aghabozorgi
09:50 PM pfSense Packages Feature #10415: FreeRADIUS Package: Add option to enter NT or MD5 prehashed passwords in configuration: Link to pull request: https://github.com/pfsense/FreeBSD-ports/pull/822 Implements #10415 Adds prehashed NT-Password ... Tet-Woo Lee
09:19 PM pfSense Packages Feature #10415 (Resolved): FreeRADIUS Package: Add option to enter NT or MD5 prehashed passwords in configuration: The FreeRADIUS Package currently provides the option to use 'Cleartext-Password' and only hashing option - 'MD5-Passw... Tet-Woo Lee
08:57 PM Bug #10414 (Resolved): Very high CPU usage of pfctl and more causing very high load and a hardly usable internet connection: There are several threads in the forum complaining about high CPU usage of pfctl and some other processs. This is cau... Tobias H
03:19 PM pfSense Packages Bug #10413 (Pull Request Review): BIND plugins are not copied into chroot: PR: https://github.com/pfsense/FreeBSD-ports/pull/816 Jim Pingle
02:55 PM pfSense Packages Bug #10413 (Resolved): BIND plugins are not copied into chroot: BIND 9.13.5 introduced a new plugin system, and the filter-aaaa support was moved to a plugin, so we need to copy the... Scott Dial
03:07 PM pfSense Packages Bug #10378: Add IPv6 network to Squid localnet: Fix:
https://github.com/pfsense/FreeBSD-ports/pull/817 Viktor Gurov
02:59 PM Todo #10349 (Resolved): status.php: Sanitize ldapbindpass and ldap_pass: Jim Pingle
01:08 PM Bug #10390 (Pull Request Review): Fix DigitalOcean Dynamic DNS client for IPv6: Jim Pingle
01:07 PM Bug #10390: Fix DigitalOcean Dynamic DNS client for IPv6: Yes sir, just did: https://github.com/pfsense/pfsense/pull/4259 Csoban Kesmarki
01:07 PM pfSense Packages Bug #10411: ACME only uses DoH, Broken renewal: Jim Pingle wrote:
> Still seems like acme.sh should handle that more gracefully without relying on such a long timeo... theodore adams
12:44 PM pfSense Packages Bug #10411: ACME only uses DoH, Broken renewal: Still seems like acme.sh should handle that more gracefully without relying on such a long timeout, or have an option... Jim Pingle
12:41 PM pfSense Packages Bug #10411: ACME only uses DoH, Broken renewal: Thank you for reviewing Jim.
I have been researching further and found closed issues on the acme.sh github:
https... theodore adams
10:36 AM pfSense Packages Bug #10411 (Needs Patch): ACME only uses DoH, Broken renewal: That will need to be raised as an issue directly with acme.sh not here. Jim Pingle
10:21 AM pfSense Packages Bug #10411 (Needs Patch): ACME only uses DoH, Broken renewal: The issue is described on the forum here:
> https://forum.netgate.com/topic/150984/doh-verification-method
DoH ap... theodore adams
12:30 PM Feature #10412: DHCPv6 Static Entries are not updated on external DDNS server: Suggesting the following change (based on the services.inc in 2.4.5):
--- old/src/etc/inc/services.inc 2020-03-17 ... Csoban Kesmarki
12:29 PM Feature #10412 (Resolved): DHCPv6 Static Entries are not updated on external DDNS server: Since pfSense 2.4.5 the isc-dhcp-server is 4.4.1 which supports "update-static-leases" statment for DHCPv6, too. Csoban Kesmarki
12:25 PM Bug #10346: DHCPv6 service Dynamic DNS errors: See also: #6600 (some overlap in the PR) Jim Pingle
12:25 PM Feature #6600 (Pull Request Review): DHCP Server - Primary DDNS Address won't accept IPv6 address: Jim Pingle
10:54 AM Feature #6600: DHCP Server - Primary DDNS Address won't accept IPv6 address: see https://redmine.pfsense.org/issues/10346
fix in progress: https://github.com/pfsense/pfsense/pull/4235 Viktor Gurov
12:25 PM pfSense Packages Bug #10379 (Feedback): squid not authenticate LDAP/RADIUS: PR 814 was merged Jim Pingle
12:07 PM Bug #8522 (Resolved): SMTP test says success when actually fails: works as expected on 2.5.0.a.20200331.2303 Viktor Gurov
11:40 AM Revision 8ee5aa03: DHCP Domain trailing dot validation. Issue #8054: Viktor Gurov
11:00 AM Bug #10306 (Resolved): Incorrect IPsec service status: Renato Botelho wrote:
> PR has been merged. Thanks!
works as expected on 2.5.0.a.20200331.2303 Viktor Gurov
07:42 AM Feature #10410 (Rejected): Display changelog on update in System->Package Manager: There is no "changelog" to display. There is no viable way to accomplish this automatically. Even linking to things l... Jim Pingle
05:31 AM Feature #10410 (Rejected): Display changelog on update in System->Package Manager: It good to know what changes was done in new version of package or even get link to git merge commit and so on. DRago_Angel [InV@DER]
07:40 AM Bug #10409 (Pull Request Review): OpenVPN client without userpass hangs system startup: Copying note here from Github:
I seem to recall there was a specific reason we allowed the password to be empty. ... Jim Pingle
04:32 AM Bug #10409: OpenVPN client without userpass hangs system startup: OpenVPN client userpass is mandatory
Fix:
https://github.com/pfsense/pfsense/pull/4257 Viktor Gurov
04:16 AM Bug #10409 (Resolved): OpenVPN client without userpass hangs system startup: If you create OpenVPN client connection with user authentication,
but don’t enter the password
System hangs on star... Viktor Gurov
07:21 AM Bug #10408 (Rejected): Unable to upgrade from 2.4.4 p3 to 2.4.5: This site is not for support or diagnostic discussion. Please post on the forum for assistance. Jim Pingle
03:24 AM Bug #10408: Unable to upgrade from 2.4.4 p3 to 2.4.5: ask for help/ check the forum, not here https://forum.netgate.com/topic/151403/readline-so-0-bytes-after-upgrade/7 Manuel Piovan
12:19 AM Bug #10408 (Rejected): Unable to upgrade from 2.4.4 p3 to 2.4.5: Error: Warning: PHP Startup: Unable to load dynamic library 'readline.so' (tried: /usr/local/lib/php/20170718/readlin... Joseph Comendador
07:20 AM Bug #10396 (Not a Bug): rc.start_packages after modem loose connection: OK, if you do manage to track down the source of the problem and have enough detail for others to reproduce it and so... Jim Pingle
12:42 AM Bug #10396: rc.start_packages after modem loose connection: I think it can be closed. After some further investigations I am sure it is not a problem with the rc.start_packages ... odo maitre
07:15 AM Bug #10407 (Needs Patch): L2TP static route not re-added after connection down/up: The L2TP WAN-type interface design is not designed to be used with VPNs. It may work, but not intentionally. It is de... Jim Pingle
01:54 AM Bug #10397: Changing default or static route gateway on 2.5.0 does not remove old route: Jim Pingle wrote:
> This also affects static routes. Changing a route gateway does not remove the old route.
It i... Viktor Gurov

04/01/2020

06:03 PM Bug #10407: L2TP static route not re-added after connection down/up: Better explanation on Reddit: https://www.reddit.com/r/PFSENSE/comments/dt6181/static_route_problem_with_l2tpipsec_vpn/ Federico Chiaravalli
05:59 PM Bug #10407 (Resolved): L2TP static route not re-added after connection down/up: How to recreate:
Create L2TP VPN
Create a default gw to the VPN subnet
Create the static route
* route is added t... Federico Chiaravalli
02:21 PM pfSense Packages Bug #9347 (Resolved): Domain SAN list displays "Key Algorithm: HMAC-MD5, API Endpoint: portal.nexcess.net": Jim Pingle
02:17 PM pfSense Packages Feature #10403 (Feedback): Add Proxy support to ACME package: This has been implemented in ACME package version 0.6.6
I tested it against a local squid instance and it worked. ... Jim Pingle
09:49 AM pfSense Packages Feature #10403 (Resolved): Add Proxy support to ACME package: The ACME package does not utilize the system proxy settings when making outbound queries.
Though there is not spec... Jim Pingle
02:16 PM pfSense Packages Bug #10405 (Feedback): Additional instances of ACME Domain SAN list entries with passwords are rendered as checkboxes: This is fixed in ACME package version 0.6.6 Jim Pingle
10:29 AM pfSense Packages Bug #10405 (Resolved): Additional instances of ACME Domain SAN list entries with passwords are rendered as checkboxes: When adding more than one Domain SAN list entry to an ACME certificate, password type fields are rendered as checkbox... Jim Pingle
01:30 PM Bug #10406 (Confirmed): Interfaces.php PPPoE selection display inappropriate "Toggle All" button when periodic reset set to "pre-set": I did, but apparently I was looking on the actual PPP interface settings page not interfaces.php. I see it there.
... Jim Pingle
01:23 PM Bug #10406: Interfaces.php PPPoE selection display inappropriate "Toggle All" button when periodic reset set to "pre-set": Did you choose Pre-Set at "Periodic reset" ? Grischa Zengel
12:52 PM Bug #10406: Interfaces.php PPPoE selection display inappropriate "Toggle All" button when periodic reset set to "pre-set": It should always show the button, even for you.
If I have this:... Grischa Zengel
12:22 PM Bug #10406: Interfaces.php PPPoE selection display inappropriate "Toggle All" button when periodic reset set to "pre-set": Are you sure?
I get it with Linux Firefox, Windows 10 Edge.
From different customers intranet.
Even with Netgate... Grischa Zengel
11:44 AM Bug #10406 (Rejected): Interfaces.php PPPoE selection display inappropriate "Toggle All" button when periodic reset set to "pre-set": I don't see a "Toggle All" button on the page in the source or rendered in the browser. I tried in Firefox and Chrome... Jim Pingle
10:39 AM Bug #10406 (Resolved): Interfaces.php PPPoE selection display inappropriate "Toggle All" button when periodic reset set to "pre-set": "cron based reset" for PPPoE connections at interfaces.php uses radio buttons and shows Toggle All Button.... Grischa Zengel
12:08 PM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound: Thanks @Nick B this workaround works well. Brittney Lars
10:54 AM Feature #10404: Consider using chrony for NTP services: Forgot to add - it might be a good topic for when TNSR's base gets to be CentOS 8. e 1/1
10:07 AM Feature #10404 (New): Consider using chrony for NTP services: Please consider chronyd's advantages and disadvantages vs ntpd - see https://chrony.tuxfamily.org/comparison.html
... e 1/1
09:47 AM Bug #10400: SystemUser ManagerUsers add buttom does not appear: If I may - a suggestion: show the add and delete buttons, but have them "greyed out", and when the mouse is hovered o... e 1/1
07:24 AM Feature #10402: OpenVPN ifconfig-pool: Sorry, missed the #9156, thank you Jim.
I hope it will be available soon, it's open more than a year. Norbert Csanádi
07:16 AM Feature #10402 (Duplicate): OpenVPN ifconfig-pool: There is already an open issue for nopool: #9156 Jim Pingle
05:08 AM Feature #10402 (Duplicate): OpenVPN ifconfig-pool: The ifconfig-pool option is missing from OpenVPN settings and it could be conflict with static IP address assigned wi... Norbert Csanádi
05:14 AM Bug #10380: Unable to upgrade from 2.4.4 p3 to 2.4.5: Just had the same thing Peter Cronwright
01:33 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: Ismael Peixoto Azambuja wrote:
> O 71 wrote:
> > Hi Ismael,
> >
> > Can you give me the line write in the squid... O 71

03/31/2020

09:37 PM Revision c4c42f28: Correct Indentation: if statement covering multiple lines was formatted incorrectly. John Kap
08:02 PM Revision 84422a37: Ignore events on LAGG members. Issue #10365: Viktor Gurov
07:57 PM Revision b5d5da0c: Add option to disable NTP server. Issue #3567: Viktor Gurov
06:29 PM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: O 71 wrote:
> Hi Ismael,
>
> Can you give me the line write in the squid.conf file ?
> If you check or uncheck "... Ismael Peixoto Azambuja
03:43 PM pfSense Packages Bug #10379 (Pull Request Review): squid not authenticate LDAP/RADIUS: Jim Pingle
02:53 PM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: Fix: https://github.com/pfsense/FreeBSD-ports/pull/814 Viktor Gurov
10:05 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: I test and it works if I modify the file /usr/local/pkg/squid.inc like this :... O 71
04:37 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: Hi Ismael,
Can you give me the line write in the squid.conf file ?
If you check or uncheck "LDAP follow referrals... O 71
02:06 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: available update: 0.4.44_16, here all work perfect now.
do not know who to thank, but thanks for the correction! Ismael Peixoto Azambuja
04:48 PM Feature #10401 (New): Request: ability to sort/separate stopped/running Service(s) on Dashboard -> Services Status widget: The Dashboard -> Services Status widget provides no sorting on the status (or a separation area) of stopped vs. runni... P L
04:25 PM Bug #10396: rc.start_packages after modem loose connection: After some further research and back and forth posts in the forum thread on this issue, I am pretty confident it is n... Bill Meeks
07:22 AM Bug #10396 (Incomplete): rc.start_packages after modem loose connection: There is not nearly enough information here for a valid bug report. Please keep the discussion on your forum thread u... Jim Pingle
02:21 AM Bug #10396 (Not a Bug): rc.start_packages after modem loose connection: Hello,
I found this issue in conjunction with Snort and after a discussion with bmeeks (https://forum.netgate.com/to... odo maitre
12:53 PM Bug #10400 (Rejected): SystemUser ManagerUsers add buttom does not appear: This is not a bug. Your user and/or group have the "Deny Config Write" privilege. Fix your privileges. Jim Pingle
12:48 PM Bug #10400 (Rejected): SystemUser ManagerUsers add buttom does not appear: 378/5000
after upgrading to PFSENSE 2.4.5-RELEASE (amd64) the ADD and DELETE buttons in System / User Manager / User... Pedro Luis Dominguez
10:33 AM pfSense Packages Bug #10385: Pb with Username authorized characters when OTP is disabled: There is also an issue with being able to user MAC addresses in the FreeRadius username in the XX:XX:XX:XX:XX:XX beca... MILO MEDIN
09:55 AM Bug #10398: RFC1918 external address in miniupnp does not work after upgrade to 2.4.5: Ok, I opened an issue on the miniupnp tracker for this -
https://github.com/miniupnp/miniupnp/issues/433 Andy Kwong
09:17 AM Bug #10398: RFC1918 external address in miniupnp does not work after upgrade to 2.4.5: I agree, the changes in miniupnpd are unnecessary and harmful to some use cases. They should at least provide an opti... Jim Pingle
09:07 AM Bug #10398: RFC1918 external address in miniupnp does not work after upgrade to 2.4.5: >That's what the "Override WAN address" option does.
Thanks. So that's passed through as the ext_ip. I did some ad... Andy Kwong
08:01 AM Bug #10398 (Needs Patch): RFC1918 external address in miniupnp does not work after upgrade to 2.4.5: We've seen this internally as well. This must be solved by miniupnpd.
> One of the solutions recommended is to sta... Jim Pingle
07:53 AM Bug #10398 (Needs Patch): RFC1918 external address in miniupnp does not work after upgrade to 2.4.5: After upgrading pfSense to 2.4.5, MiniUPnP refuses to assign port mappings when the WAN interface is RFC1918 -
ISP... Andy Kwong
09:14 AM Bug #10399 (Rejected): On upgrading to 2.4.5 /usr/local/lib/php/20170718 is not created or is deleted shortly after upgrade.: The PHP errors during the upgrade are normal and are resolved by the end of the entire process. You might have logged... Jim Pingle
09:06 AM Bug #10399 (Rejected): On upgrading to 2.4.5 /usr/local/lib/php/20170718 is not created or is deleted shortly after upgrade.: On upgrading (from the previous latest version to 2.4.5) the system came up and then reported an php error in all of ... And Ritchie
09:03 AM Feature #10000: Enable ``@`` support for Azure in Dynamic DNS: Workaround
1. azure dns create record
- name: test
- type: A
2. azure dns create record
- name: @
-... Dominik Hürzeler
08:27 AM Feature #10000: Enable ``@`` support for Azure in Dynamic DNS: Affected Version: 2.4.5 Dominik Hürzeler
07:56 AM Bug #10397: Changing default or static route gateway on 2.5.0 does not remove old route: This also affects static routes. Changing a route gateway does not remove the old route. Jim Pingle
07:51 AM Bug #10397 (Resolved): Changing default or static route gateway on 2.5.0 does not remove old route: 2.5.0 has multi-path (RADIX_MPATH) enabled in its kernel (#9544) which allows multiple routes to the same destination... Jim Pingle
07:53 AM Feature #9544: Enable ``ROUTE_MPATH`` multipath routing: See also: #10397 Jim Pingle
07:10 AM Bug #10394 (Rejected): NAT Portmap: Source host/net field not editable: I can't reproduce this as stated either. Please start a forum thread to discuss the issue first, and provide more det... Jim Pingle
07:05 AM Bug #10394: NAT Portmap: Source host/net field not editable: i have no problem with that on my 2.4.5, i checked with firefox/chrome and edge, did you try to clean browser cache? Manuel Piovan
02:41 AM Feature #10374: Add ARM32/64 network booting support to dhcpd: I tested the PR with the "System Patches" package details from https://docs.netgate.com/pfsense/en/latest/development... Michael Boever
12:45 AM Revision 9948b5b5: Logic & Formatting: Corrected logic not to perform API to Telegram under certain conditions.
Edited to comply with standard formatting r... John Kap

03/30/2020

11:08 PM Revision 518fa664: Update system.php: is_ipaddr + error reword Manuel Piovan
09:28 PM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound: Brittney Lars wrote:
> How are other people dealing with this issue or working around it? For me it's causing such f... Nick B
04:26 PM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound: How are other people dealing with this issue or working around it? For me it's causing such frequent internet outages... Brittney Lars
07:34 PM Feature #10395 (New): Add Dashboard System Information support for more PC Engines APU boards: Running pfSense 2.4.4-p3 on a PC Engines APU4.
In the Dashboard System Information panel - a PC Engines APU4 board... David Burns
05:44 PM Bug #10394 (Rejected): NAT Portmap: Source host/net field not editable: Noticed since upgrading to 2.4.5:
Add new NAT Portmap item -> can't edit Advanced...Source field.
Workaround:
... Eduard Rozenberg
05:09 PM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: Hello,
I update to 0.4.44_16, I use LDAP Authentification. The password is ok, but it doesn't work correctly with ... O 71
12:45 PM pfSense Packages Bug #10379 (Feedback): squid not authenticate LDAP/RADIUS: PR was merged Jim Pingle
03:13 PM Revision a5d17952: Revert "Attempt to build telegraf on armv6": This reverts commit e8a9c9b431f8ebb0200f84c466a5b0638278edc9. Renato Botelho
03:13 PM Revision 2c9e1e43: Revert "Attempt to build telegraf on armv7": This reverts commit 2c61d1deb9000fdbae69bfacfc7744e0820839e9. Renato Botelho
02:56 PM pfSense Packages Bug #10393 (Pull Request Review): Syslog-ng TLS support is broken: Jim Pingle
02:53 PM pfSense Packages Bug #10393 (Resolved): Syslog-ng TLS support is broken: The TLS support currently is broken because the CA certificate file name is not correct. For this reason the clients ... Daniel Fariña
02:48 PM Revision e8a9c9b4: Attempt to build telegraf on armv6: Renato Botelho
02:48 PM Revision 2c61d1de: Attempt to build telegraf on armv7: Renato Botelho
02:40 PM Bug #10386 (Pull Request Review): A NTP Time Server name may only contain the characters a-z, 0-9, '-' and '.'.: Jim Pingle
02:35 PM pfSense Packages Feature #10297 (Pull Request Review): IPv6 user attributes: Jim Pingle
02:23 PM Feature #10374: Add ARM32/64 network booting support to dhcpd: PR: https://github.com/pfsense/pfsense/pull/4250 Jim Pingle
02:22 PM Feature #10374 (Pull Request Review): Add ARM32/64 network booting support to dhcpd: Jim Pingle
02:19 PM Bug #10365 (Pull Request Review): LAGG member event causes filter to reload: Jim Pingle
02:05 PM Bug #8981 (Pull Request Review): Uncheck DHCP registration does not clear entries: Jim Pingle
02:03 PM Bug #8054 (Pull Request Review): DHCP server accepts trailing dot in domain names, DNS resolver adds another and breaks: Jim Pingle
02:01 PM Feature #1019 (Pull Request Review): Lagg Failover Mode Master Interface: Jim Pingle
01:55 PM pfSense Packages Bug #10369 (Pull Request Review): Remote OpenVPN server protocol definition: Jim Pingle
01:54 PM Bug #10368 (Pull Request Review): OpenVPN server no definition of protocol to use (udp4): Jim Pingle
01:16 PM Bug #8585 (Pull Request Review): Logical interface MTU matches configuration of its physical port channel, not its own configuration: Jim Pingle
01:14 PM Feature #10323 (Pull Request Review): Allow limiting NTP pool server usage count: Jim Pingle
12:38 PM Feature #10392: GRE: Tunnels cannot have IPv6 and IPv4 addresses at the same time: It may be in the RFC but have you confirmed that it actually works on FreeBSD? Jim Pingle
12:34 PM Feature #10392: GRE: Tunnels cannot have IPv6 and IPv4 addresses at the same time: Skyler Mäntysaari wrote:
> For some unknown reason, pfSense does not ask in the GUI for local/remote IPv6 addresses ... Skyler Mäntysaari
12:33 PM Feature #10392 (Resolved): GRE: Tunnels cannot have IPv6 and IPv4 addresses at the same time: For some unknown reason, pfSense does not ask in the GUI for local/remote IPv6 addresses when a user wants to use it ... Skyler Mäntysaari
11:43 AM pfSense Packages Feature #10377: Allow usage of TOTP (Google-Authenticator) without PIN: Since the user enters the PIN alongside the randomly generated OTP code (password=PIN+CODE) I am not seeing how any c... Jim Pingle
11:36 AM pfSense Packages Feature #10377: Allow usage of TOTP (Google-Authenticator) without PIN: Thanks for your answers.
I would agree, generally the 4 digit pin + totp makes the system safer.
Here are our t... Andreas Heckmann
10:23 AM pfSense Packages Feature #10377: Allow usage of TOTP (Google-Authenticator) without PIN: While the GA script allows omitting the PIN I don't see why you'd want to reduce the security in that way. Part of th... Jim Pingle
11:10 AM Bug #10391 (Rejected): Hostname not showing up in Arp Table: You seem to have some fundamental misunderstanding of how that page works/doesn't work, and this site is not for supp... Jim Pingle
06:46 AM Bug #10391: Hostname not showing up in Arp Table: I found a old post from 2006 that describe this
https://forum.netgate.com/topic/649/dnsmasq-error-reading-var-db-... Tobias Müllauer
06:20 AM Bug #10391: Hostname not showing up in Arp Table: IN -> diag_arp.php
// Read in leases file
$leasesfile = "{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases";
Comment... Tobias Müllauer
06:17 AM Bug #10391 (Rejected): Hostname not showing up in Arp Table: Ok i start to get tyerd of this problem.
after a reboot i check arp table(diag_arp.php) and find all IP and hostn... Tobias Müllauer
11:08 AM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: That isn't relevant to this feature. It's a different FreeBSD issue. I don't see anything about masquerade being adde... Jim Pingle
11:06 AM Bug #10390: Fix DigitalOcean Dynamic DNS client for IPv6: Can you submit that change as a pull request on Github?
https://docs.netgate.com/pfsense/en/latest/development/sub... Jim Pingle
11:04 AM Feature #10389 (Duplicate): 2.4.5: *reload* unbound to avoid constant service outages, rather than restart: Duplicate of #5413 Jim Pingle
11:03 AM Bug #10381 (Rejected): dhcrelay does not start after upgrade to 2.4.5: DHCP Relay doesn't like to run on OpenVPN (any more?) See #8443
That may depend on specific OpenVPN modes/options,... Jim Pingle
10:56 AM Feature #10388: Upgrade to Python 3.8: It's already at python 3.7.x on pfSense 2.4.5-RELEASE and pfSense 2.5.0 snapshots. AFAIK we're using whatever the def... Jim Pingle
10:50 AM Bug #10384 (Rejected): 2.4.5 breaks apipa-nat rules: I tested the option and it's working as expected. When the box is checked, the APIPA rules are omitted. When unchecke... Jim Pingle
10:39 AM Bug #9467: vmx(4) interfaces do not have ALTQ support on pfSense 2.5, they had ALTQ support on 2.4: "shamelessly copied" meant I copied the text of the issue directly, only changing the version numbers.
ALTQ for vm... Jim Pingle
10:38 AM Feature #9439 (New): Poll Interval For GPS and PPS: What advantage would 3 have over 4 when using a local GPS though? Why would it need to probe that frequently?
If w... Jim Pingle
10:28 AM Bug #10380 (Rejected): Unable to upgrade from 2.4.4 p3 to 2.4.5: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
10:02 AM Bug #10376 (Rejected): Duplicate logs from charon: Fairly certain this has been solved on at least 2.5.0, if not also on 2.4.5. I used to see this regularly and haven't... Jim Pingle
09:47 AM Bug #10375: Double zfs entry in loader.conf: Is it still there after the next reboot?
How about after saving under System > Advanced? Jim Pingle
09:44 AM Bug #10372 (Rejected): PfSense crashes for TIL: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
08:31 AM Bug #9267 (Resolved): dhclient does not handle protocol timeouts or script failures correctly: Jim Pingle
04:19 AM pfSense Packages Bug #10261: Arpwatch fails to download ethercodes.dat: This is still a issue !!
I have all vendors as unknown.
I fix it and after a while it get broken again.
Us... Tobias Müllauer

03/29/2020

10:45 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: Jim Pingle wrote:
> AFAIK This is because last I looked, miniupnpd doesn't support its "masquerade" options on FreeB... Russell Graville
02:58 PM Bug #10390: Fix DigitalOcean Dynamic DNS client for IPv6: The corresponding line causes the failure is in /etc/in/dyndns.class, line 1054 (in pfSense v2.4.5 RELEASE):
if ($th... Csoban Kesmarki
02:55 PM Bug #10390 (Resolved): Fix DigitalOcean Dynamic DNS client for IPv6: The DigitalOcean IPv6 Dynamic DNS Client could not find the proper IPv6 entry when updating and fails with the error ... Csoban Kesmarki
01:36 PM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: O 71 wrote:
> I have the same problem after update.
>
> I think the problem comes from the -w parameter. It shoul... Viktor Gurov
08:13 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: A picture of my test to illustrate O 71
08:06 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: I have the same problem after update.
I think the problem comes from the -w parameter. It should be done like this... O 71
05:36 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: Ismael Peixoto Azambuja wrote:
> Hi, i test this fix, but dont work here...
I have successfully tested this PR w... Viktor Gurov
01:19 PM Bug #10381: dhcrelay does not start after upgrade to 2.4.5: Thing is - windows OpenVPN clients got DHCP IP address all along, with no fw rules and no dhcrelay running.
macOS cl... Ivars Strazdins
01:10 PM Bug #10381: dhcrelay does not start after upgrade to 2.4.5: Ivars Strazdins wrote:
>
> However, after reading that _DHCP is a special case on pfSense, it is allowed with hidd... Viktor Gurov
08:29 AM Bug #10381: dhcrelay does not start after upgrade to 2.4.5: > Do you select only one interface and two upstream servers from the same network?
Yes. I don't have anything more... Ivars Strazdins
07:37 AM Bug #10381: dhcrelay does not start after upgrade to 2.4.5: Ivars Strazdins wrote:
> Thanks.
> I applied the patch, but dhcrelay still doesn't start.
>
Can you provide mo... Viktor Gurov
01:17 PM Feature #10389 (Duplicate): 2.4.5: *reload* unbound to avoid constant service outages, rather than restart: Unbound is not fast to restart:... Brittney Lars
12:09 PM Feature #10388 (Rejected): Upgrade to Python 3.8: I saw that in pfSense 2.5.0, Python will be upgraded from 2.7 to 3.6. Why not upgrade to the latest version (currentl... retnikt the

03/28/2020

06:48 PM Bug #9263: Incorrect ICMP reply when using limiters: People on forum are wrongly attributing this issue as the same as #932 which is something quite different, omitting r... Kacper Michajłow
06:21 PM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: Viktor Gurov wrote:
> Local and RADIUS auth works fine
>
> LDAP auth fix:
> https://github.com/pfsense/FreeBSD-p... Ismael Peixoto Azambuja
04:16 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: Local and RADIUS auth works fine
LDAP auth fix:
https://github.com/pfsense/FreeBSD-ports/pull/811 Viktor Gurov
12:57 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: I have not found the problem yet, but I did test on an outdated server, 2.4.4p3 squid 0.4.44_8 and everything works p... Ismael Peixoto Azambuja
06:18 PM Revision 53d5cc19: Bug #10386: Manuel Piovan
05:00 PM Feature #10387 (Resolved): Reevaluate the GUI upgrade language presented to the user: When a user is performing an upgrade using the Web GUI they are presented with this message after the files are copie... Chris Linstruth
03:00 PM Bug #10381: dhcrelay does not start after upgrade to 2.4.5: Thanks.
I applied the patch, but dhcrelay still doesn't start.
Mar 28 21:54:27 gw php-fpm: /system_patches.php: B... Ivars Strazdins
09:53 AM Bug #10381 (New): dhcrelay does not start after upgrade to 2.4.5: Ivars Strazdins wrote:
> You're not paying attention. This setup is working and is required to OpenVPN clients to ge... Viktor Gurov
08:57 AM Bug #10381: dhcrelay does not start after upgrade to 2.4.5: You're not paying attention. This setup is working and is required to OpenVPN clients to get DHCP address from intern... Ivars Strazdins
01:21 PM Bug #10386: A NTP Time Server name may only contain the characters a-z, 0-9, '-' and '.'.: Manuel Piovan wrote:
> System / General Setup
> localization -> time server
> if it is populated with an ipv6 ser... Manuel Piovan
01:10 PM Bug #10386 (Resolved): A NTP Time Server name may only contain the characters a-z, 0-9, '-' and '.'.: System / General Setup
localization -> time server
if it is populated with an ipv6 server you can't save anymore
... Manuel Piovan
12:58 PM pfSense Packages Bug #10385: Pb with Username authorized characters when OTP is disabled: Hi, thanks for your fast answer.
So I have modifief the file /usr/local/pkg/freeradius.inc, line 3668 and 3669 wit... Olivier GUENET
12:08 PM pfSense Packages Bug #10385: Pb with Username authorized characters when OTP is disabled: need to revert back https://github.com/pfsense/FreeBSD-ports/pull/775/
and cherry-pick https://redmine.pfsense.org... Viktor Gurov
11:34 AM pfSense Packages Bug #10385 (Resolved): Pb with Username authorized characters when OTP is disabled: Hi,
I have done the update to the 2.4.5 version of pfsense, with the update of the last package of freeradius3.
... Olivier GUENET
12:01 PM pfSense Packages Feature #8878 (Resolved): Propagate user's description field into QR code for FreeRADIUS: works as expected on pfSense 2.4.5 with freeradius3 0.15.7_11 Viktor Gurov
08:38 AM Bug #10384 (Rejected): 2.4.5 breaks apipa-nat rules: had a setup running under 2.4.4-RELEASE-p3 which worked fine, but stopped working after the 2.4.5 update.
I have a... Tim Hartmann
05:17 AM Bug #9467: vmx(4) interfaces do not have ALTQ support on pfSense 2.5, they had ALTQ support on 2.4: Don't think it's "shamelessly copied". 7066 was Affected Version: 2.4.0 from a 2.3 upgrade.
This is 2.5.0, it was fi... Justin Smith
01:07 AM Bug #8357 (Resolved): Static mapping of dhcp leases on bridge interfaces links to the real interface.: static mapping correctly works on bridge or lagg interfaces,
tested on 2.4.5 and 2.5.0.a.20200325.1429 Viktor Gurov
12:57 AM pfSense Packages Feature #10297: IPv6 user attributes: https://forum.netgate.com/topic/151725/freeradius-ipv6-framed-ip-issue-with-2-4-5:... Viktor Gurov

03/27/2020

10:12 PM Feature #9439: Poll Interval For GPS and PPS: Jim Pingle wrote:
> The GUI part of this is I mentioned is in #6787
>
> This can remain open to investigate wheth... Pierre Poutine
08:31 PM Bug #10383 (Resolved): Additional interfaces do not survive a reboot before the setup wizard has been run: In a fresh install before the setup wizard has been run or dismissed the file /conf/trigger_initial_wizard exists.
... Steve Wheeler
08:01 PM Bug #9179: NAT reflection fix implemented for #8604 is causing WebUI and XMLRPC to fail on slave: This affects 2.4.5 as well Valentin N
05:49 PM pfSense Docs Correction #10382 (Closed): Feedback on Hardware — Tuning and Troubleshooting Network Cards: *Page:* https://docs.netgate.com/pfsense/en/latest/hardware/tune.html
*Feedback:* This section in the documentatio... Anonymous
12:48 PM Bug #10381 (Closed): dhcrelay does not start after upgrade to 2.4.5: Ivars Strazdins wrote:
> LAN interface == bce1
> LAN network 10.67.20.0/24
> DHCP servers are 10.67.20.31 and 10.6... Viktor Gurov
11:18 AM Bug #10381: dhcrelay does not start after upgrade to 2.4.5: LAN interface == bce1
LAN network 10.67.20.0/24
DHCP servers are 10.67.20.31 and 10.67.20.34 - ISC DHCP servers wit... Ivars Strazdins
11:15 AM Bug #10381: dhcrelay does not start after upgrade to 2.4.5: Interface details:
[2.4.5-RELEASE][admin@gw]/root: ifconfig
bce0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTIC... Ivars Strazdins
11:01 AM Bug #10381: dhcrelay does not start after upgrade to 2.4.5: Please post more details to reproduce:
Destination server IP,
All interfaces IPs
it seems interface/server netwo... Viktor Gurov
10:38 AM Bug #10381: dhcrelay does not start after upgrade to 2.4.5: Sorry, I meant *dhcrelay* service, NOT dhclient service. Ivars Strazdins
10:36 AM Bug #10381 (Rejected): dhcrelay does not start after upgrade to 2.4.5: After upgrade to version 2.4.5 dhclient service does not start from GUI.
Trying to start it produces error
Mar 27 1... Ivars Strazdins
09:38 AM Bug #10380 (Rejected): Unable to upgrade from 2.4.4 p3 to 2.4.5: Error: Warning: PHP Startup: Unable to load dynamic library 'readline.so' (tried: /usr/local/lib/php/20170718/readlin... Al Mello
09:31 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: Cache.log
[2.4.4-RELEASE][admin@PFLog01.intra.uergs.rs]/var/squid/logs: cat cache.log
2020/03/27 10:29:52 kid1| S... Ismael Peixoto Azambuja
09:18 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: Apparently everything is right in the configuration, when I type user and password, in the log appears users. In this... Ismael Peixoto Azambuja
09:07 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: Ismael Peixoto Azambuja wrote:
> pfsense 2.4.4p3 with all packages updated, using squid with LDAP authentication wa... Viktor Gurov
08:36 AM pfSense Packages Bug #10379: squid not authenticate LDAP/RADIUS: seems regression by https://redmine.pfsense.org/issues/9217 Viktor Gurov
05:19 AM pfSense Packages Bug #10379 (Resolved): squid not authenticate LDAP/RADIUS: pfsense 2.4.4p3 with all packages updated, using squid with LDAP authentication was working perfectly, server with 2 ... Ismael Peixoto Azambuja
04:40 AM pfSense Packages Bug #10367 (Resolved): squid reverse proxy not starting: works as expected on 2.5.0.a.20200326.1148 with squid 0.4.44_15 Viktor Gurov
02:22 AM pfSense Packages Bug #10367: squid reverse proxy not starting: tested on 2.4.5 with squid 0.4.44_15
reverse proxy starts successfully Viktor Gurov
03:50 AM Bug #10359: Require State Filter setting breaks filter rule link to associated states: Jens Groh wrote:
> Just as a short question: I suppose after following the quick release of 2.4.5 that fix didn't go... Viktor Gurov
02:38 AM Bug #10359: Require State Filter setting breaks filter rule link to associated states: Just as a short question: I suppose after following the quick release of 2.4.5 that fix didn't go into 2.4.5, too? Ju... Jens Groh
03:18 AM pfSense Packages Bug #8774 (Resolved): Whitelist ALC type not supported by ssl_bump: tested on 2.4.5 with squid 0.4.44_15
works as expected Viktor Gurov
02:19 AM pfSense Packages Bug #10378 (Resolved): Add IPv6 network to Squid localnet: Currently, the “Allow users in the interface” option only adds the IPv4 interface subnet to the list of allowed subne... Viktor Gurov
02:13 AM pfSense Packages Bug #8887 (Resolved): Squid Proxy Interface not assignee to IPv6: tested on 2.4.5 with squid 0.4.44_15
now it works as expected Viktor Gurov
02:04 AM pfSense Packages Feature #10357 (Resolved): Add Iperf verbose output option: works as expected on 2.4.5 with iperf 3.0.2_4 Viktor Gurov
02:02 AM pfSense Packages Feature #9272 (Resolved): Allow multiple IP in ListenIP for Zabbix Agent: works as expected on 2.4.5 with zabbix-agent44 1.0.4_4 Viktor Gurov
01:30 AM Bug #4218 (Resolved): Bridge does not have AUTO_LINKLOCAL flag: works as expected on 2.4.4-p3, 2.4.5 and 2.5.0.a.20200325.1429 Viktor Gurov

03/26/2020

12:57 PM pfSense Packages Feature #10377: Allow usage of TOTP (Google-Authenticator) without PIN: Pardon my lack of experience using openvpn, but would this request mean all someone needs is the username? TOTP reall... Ben Cronce
09:10 AM pfSense Packages Feature #10377 (New): Allow usage of TOTP (Google-Authenticator) without PIN: Currently it is not possible to create a radius user with TOTP enabled without entering an additional pin.
So to aut... Andreas Heckmann
12:21 PM Revision 7e79c173: Clear DNS dhcpleases entries. Issue #8981: Viktor Gurov
08:54 AM Feature #8027 (Closed): Add second password field for validation when doing encrypted config.xml backup: fixed in https://redmine.pfsense.org/issues/10301 Viktor Gurov
08:53 AM Feature #10301 (Resolved): Password confirmation when exporting encrypted backup file: works as expected on 2.5.0.a.20200325.1429 Viktor Gurov
08:30 AM Feature #10333 (Resolved): Increase the number of DHCP NTP server options to three for DHCP Static Mappings: see https://redmine.pfsense.org/issues/8990
works as expected on 2.5.0.a.20200325.1429 Viktor Gurov
08:30 AM Bug #8990 (Resolved): Additional BOOTP/DHCP Options per host: works as expected on 2.5.0.a.20200325.1429 Viktor Gurov
06:30 AM pfSense Packages Feature #9272 (Feedback): Allow multiple IP in ListenIP for Zabbix Agent: Renato Botelho
06:29 AM pfSense Packages Bug #10338 (Feedback): FRR OSPF6 Router-ID configuration statement has changed: PR has been merged. Thanks! Renato Botelho
06:29 AM pfSense Packages Feature #10357 (Feedback): Add Iperf verbose output option: PR has been merged. Thanks! Renato Botelho
06:24 AM pfSense Packages Bug #8774 (Feedback): Whitelist ALC type not supported by ssl_bump: PR has been merged. Thanks! Renato Botelho
06:24 AM pfSense Packages Bug #8887 (Feedback): Squid Proxy Interface not assignee to IPv6: PR has been merged. Thanks! Renato Botelho
06:24 AM pfSense Packages Bug #10367 (Feedback): squid reverse proxy not starting: PR has been merged. Thanks! Renato Botelho
06:19 AM pfSense Packages Bug #8625 (Feedback): PFsense squidGuard faulty URL check: PR has been merged. Thanks! Renato Botelho
05:26 AM Bug #8981: Uncheck DHCP registration does not clear entries: Unchecking "static entries" successfully updates host_entries.conf,- tested on 2.5.0.a.20200325.1429
dhcpleases_en... Viktor Gurov
02:53 AM Bug #8054: DHCP server accepts trailing dot in domain names, DNS resolver adds another and breaks: This is true only for the DHCP static mapping "domain name" or the System / General / Domain, but not for the "domain... Viktor Gurov
01:55 AM Bug #5806 (Closed): Alias URL table containing an unresolvable FQDN entry causes rules to not load: no such issue on 2.4.5 and 2.5.0.a.20200324.1145
it ignores unresolved hosts, putting only valid IPs in /var/db/alia... Viktor Gurov
01:31 AM Bug #10376: Duplicate logs from charon: pfSense is 2.4.4-p3. Christian Ullrich
01:30 AM Bug #10376 (Rejected): Duplicate logs from charon: Intermittently the IPsec log receives every log line from charon twice, formatted slightly differently. The differenc... Christian Ullrich
12:42 AM Bug #10276 (Resolved): NTP "No Select" does not work: works as expected on 2.5.0.a.20200324.1145 Viktor Gurov
12:39 AM Feature #2850 (Resolved): add units in ntp status page: OK on 2.5.0.a.20200324.1145 Viktor Gurov
12:38 AM Feature #2568 (Resolved): Allow dashed DUID to be entered in a DHCPv6 Mapping: works as expected on 2.5.0.a.20200324.1145 Viktor Gurov

03/25/2020

10:22 PM Revision 3e851891: Be ready for 2.4.5-RELEASE: Renato Botelho
10:19 PM Revision dddcbffc: Be ready for 2.4.5-RELEASE: Renato Botelho
12:34 PM Feature #10340: IPsec Mobile GUI Improvement (Dashboard and Status > IPsec > Leases): Appreciate Jim's idea: either *bolding* the green lines (like when pfSense indicates that it is up to date) or possib... Jum Pers
09:04 AM Bug #10375 (Resolved): Double zfs entry in loader.conf: Clean 2.4.5 install on ZFS,
after checking loader.conf I see double _zfs_load="YES"_ entries:... Viktor Gurov
08:26 AM Feature #10374 (Resolved): Add ARM32/64 network booting support to dhcpd: Similar to Bug #5046 which added EFI64 (arch = 00:09) support to DHCPd, but this is for ARM 32/64 architecture (arch ... Michael Boever
03:12 AM Bug #10373: Incorrect copyright year: same on the Dashboard copyright notice:
https://github.com/pfsense/pfsense/blob/d5cbbe6a0fa23a45525019f0bca1af613cf3... Viktor Gurov
02:11 AM Bug #10373 (Resolved): Incorrect copyright year: Latest 2.4.5 build shows:
_pfSense is Copyright 2004-2019 Rubicon Communications, LLC (Netgate)._
it should be:
... Viktor Gurov

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

04/23/2020

04/22/2020

04/21/2020

04/20/2020

04/19/2020

04/18/2020

04/17/2020

04/16/2020

04/15/2020

04/14/2020

04/13/2020

04/12/2020

04/11/2020

04/10/2020

04/09/2020

04/08/2020

04/07/2020

04/06/2020

04/05/2020

04/04/2020

04/03/2020

04/02/2020

04/01/2020

03/31/2020

03/30/2020

03/29/2020

03/28/2020

03/27/2020

03/26/2020

03/25/2020