Activity

30 days up to

User

Subprojects

Activity

From 05/17/2020 to 06/15/2020

06/15/2020

08:44 PM Bug #10666 (Rejected): DHCP Server sends NAK messages for declined offers: There is no bug. That is not a valid configuration. You can't have two DHCP servers in one segment. Jim Pingle
06:52 PM Bug #10666 (Rejected): DHCP Server sends NAK messages for declined offers: Test Scenario:
pfSense is configured to host two DHCP servers on the same network segment. Namely, configure two i... Alfredo Pironti
05:45 PM Revision f6e2e5aa: Create meta.conf symlink: Renato Botelho
05:45 PM Revision 18c764f6: Create meta.conf symlink: Renato Botelho
04:09 PM Revision 00177918: Fix implode() param order. Issue #10659: Jim Pingle
03:09 PM Bug #10610: Package upgrade or reinstall hangs indefintely on the console: Just had this issue while upgrading FFR package at one site, initialized from GUI. Open another Tab, go to Services -... Luki TJ
03:03 PM Bug #8429: radvd/IPv6 broken in 2.4.3 when using a LAN bridge: Hello,
this problem still persists. PRTG Syslog is being spammed with:... Edwin T
01:36 PM Revision c2a3954d: Merge pull request #4356 from vktg/gwgroupcheck: Jim Pingle
11:07 AM Todo #10659: PHP: Update to 7.4.x: Reading through the various notes for 7.4 (https://www.php.net/manual/en/migration74.php), the only bits which stand ... Jim Pingle
10:00 AM pfSense Packages Feature #10665 (Resolved): Manual OSPF neighbor definitions: OSPF interface modes "non-broadcast" and "point-to-miltipoint" rely on being able to manually define specific OSPF ne... Jim Pingle
09:34 AM Bug #10558: Multicast daemons work at boot, but fail if restarted: Understood..
Thanks for the follow up and info. Anything you can do from your side to draw some attention to it wo... Marc J
08:34 AM Bug #10558: Multicast daemons work at boot, but fail if restarted: That FreeBSD bug report does appear to be related, we'll try to draw some attention to that.
> -Basically, I am as... Jim Pingle
09:20 AM Bug #10660: PHP errors in the traffic shaper wizard: I'd at least expected the UI to load instead of just showing an full-screen error and forcing me to revert using back... Vincent Jansen
08:22 AM Bug #10660: PHP errors in the traffic shaper wizard: That is most likely because, as Viktor noted, you tried to use % bandwidth on an interface that can't properly identi... Jim Pingle
08:52 AM Bug #10663 (Not a Bug): dhcpd issues duplicate addresses in certain situations on 2.4.5-p1 in HA mode.: Jim Pingle
08:42 AM Feature #9891: QLogic 10 Gigabit Ethernet driver (qlxgb): It is present in the kernel config and in the kernel. Same output as on 2.4.5-p1 in my comment above.
Note that th... Jim Pingle
08:36 AM Bug #9435 (Feedback): Dynamic DNS Update events do not occur after certain failover event cases: PR merged Jim Pingle
07:49 AM Bug #9435 (Pull Request Review): Dynamic DNS Update events do not occur after certain failover event cases: Jim Pingle
08:26 AM Bug #10661 (Pull Request Review): pfSense configures fe80::1:1 on lan interface without track6: Jim Pingle
08:23 AM Feature #9155 (Pull Request Review): Add driver bnxt for Broadcom NetXtreme interfaces: Jim Pingle
07:59 AM Bug #10664 (Not a Bug): After 2.4.5_1 upgrade OpenVPN connections started leaking WAN IP DNS: There is not nearly enough detail here to classify this as a bug and not a symptom of some other problem. It sounds m... Jim Pingle
04:48 AM Bug #10664 (Not a Bug): After 2.4.5_1 upgrade OpenVPN connections started leaking WAN IP DNS: I was fiddling with browsers x webrtc leaks and then I found out that all OpenVPN connections were leaking my WAN IP ... Averium Prog
07:38 AM Bug #7725: Support for iwm: imho it would have been better to compile them out as modules instead
there is the possibility that the wrong driv... Manuel Piovan

06/14/2020

07:54 PM Revision d6eecfdc: DynDNS gateway group fix. Issue #9435: Viktor Gurov
04:11 PM Bug #9435: Dynamic DNS Update events do not occur after certain failover event cases: Thanks. Manually applied the commit and PHP dump is gone on reboot. Ronald Schellberg
02:58 PM Bug #9435: Dynamic DNS Update events do not occur after certain failover event cases: Ronald Schellberg wrote:
> The PR/Commit is triggering PHP errors on booting, see "PHP Errors after latest update (a... Viktor Gurov
11:06 AM Bug #9435: Dynamic DNS Update events do not occur after certain failover event cases: The PR/Commit is triggering PHP errors on booting, see "PHP Errors after latest update (amd64) built on Thu Jun 11 13... Ronald Schellberg
12:50 PM Bug #10663: dhcpd issues duplicate addresses in certain situations on 2.4.5-p1 in HA mode.: After further investigation, here is what occurred:
1. We previously used a combination of ifupdown and network ma... Chris Apsey
11:44 AM Bug #10663 (Not a Bug): dhcpd issues duplicate addresses in certain situations on 2.4.5-p1 in HA mode.: Ref: https://www.reddit.com/r/PFSENSE/comments/h8mwpn/dhcp_in_ha_mode_issuing_duplicate_addresses_in/?utm_source=shar... Chris Apsey
12:19 PM Bug #10558: Multicast daemons work at boot, but fail if restarted: Hello,
I completely agree that this problem is almost certain related to the FreeBSD bug
https://bugs.freebsd.o... Louis B
07:19 AM Bug #10558: Multicast daemons work at boot, but fail if restarted: Jim Pingle wrote:
> It might be that it only runs the first time after a reboot and anything that triggers the servi... Marc J
11:10 AM Feature #6626: Support for IPv6 firewall entries with dynamic delegated prefix and static host address: Some form of management for dynamic PD for IPv6 would be nice. It seems there are several, maybe many, ISPs that are ... Netnewb net
08:08 AM Feature #6626: Support for IPv6 firewall entries with dynamic delegated prefix and static host address: This issue should get a higher priority IMO. It renders IPv6 pretty much inoperable on (domestic) connections with ch... mpfusion _

06/13/2020

12:46 PM Bug #10662 (Resolved): Restoring from AutoConfigBackup presents reboot type selection option then reboots automatically: When restoring an AutoConfigBackup a "Yes" to reboot button is presented followed by a pulldown menu of the reboot st... Chris Linstruth
12:30 PM Revision 2bdf0364: Remove fe80::1:1 from interface. Issue #10661: Viktor Gurov
12:16 PM Bug #10660: PHP errors in the traffic shaper wizard: Opt1 = openvpn Vincent Jansen
11:53 AM Bug #10660: PHP errors in the traffic shaper wizard: Vincent Jansen wrote:
> 2.4.5-p1
What is your interface?
I got the same issue with _vtnet_ interface
This m... Viktor Gurov
11:37 AM Bug #10660: PHP errors in the traffic shaper wizard: Fix:
https://github.com/pfsense/pfsense/pull/4355 Viktor Gurov
09:55 AM Bug #10661: pfSense configures fe80::1:1 on lan interface without track6: Viktor Gurov wrote:
> but when I go to the Interfaces / LAN page, it shows IPv6 Configuration Type = None,
> becaus... Viktor Gurov
07:33 AM Bug #10661: pfSense configures fe80::1:1 on lan interface without track6: Remove fe80::1:1 alias from interface in interface_configure() "remove all IPv4 and IPv6 addresses" loop:
https://gi... Viktor Gurov
04:53 AM Bug #10661: pfSense configures fe80::1:1 on lan interface without track6: Found the issue -
on initial interface setup in console, it automatically set
DHCP + DHCP6 on the WAN interface, a... Viktor Gurov
04:10 AM Bug #10661 (Resolved): pfSense configures fe80::1:1 on lan interface without track6: While creating CARP IPv6 VIP interface on clean pfSense CE 2.4.5-p1 install,
I noticed that both nodes have fe80::1:... Viktor Gurov
01:49 AM Feature #9891: QLogic 10 Gigabit Ethernet driver (qlxgb): not present in 2.5 Viktor Gurov
01:46 AM Feature #9155: Add driver bnxt for Broadcom NetXtreme interfaces: https://github.com/pfsense/FreeBSD-src/pull/33 Viktor Gurov

06/12/2020

06:53 PM Bug #10660: PHP errors in the traffic shaper wizard: 2.4.5-p1 Vincent Jansen
06:51 PM Bug #10660: PHP errors in the traffic shaper wizard: % on opt1 was issue. Using mbps fixed it. Vincent Jansen
06:47 PM Bug #10660 (Resolved): PHP errors in the traffic shaper wizard: Created a shaper on interface, did not apply, set bandwidth to "100%", clicked apply
Cannot open firewall_shaper.php... Vincent Jansen
06:34 PM Bug #10636 (Resolved): The firmware table is filled: Looks good now.... Steve Wheeler
07:24 AM Bug #10636 (Feedback): The firmware table is filled: Jens Leinenbach wrote:
> Well the problem should be gone with the next FreeBSD version:
> https://github.com/freebs... Renato Botelho
07:02 AM Bug #10636: The firmware table is filled: Well the problem should be gone with the next FreeBSD version:
https://github.com/freebsd/freebsd/commit/7dfd7b3b1a0... Jens Leinenbach
06:57 AM Bug #10636: The firmware table is filled: I get the same error messages and some seem to be successful with FIRMWARE_MAX 100.
There is a similar discussion he... Jens Leinenbach
01:40 PM Todo #10659 (Resolved): PHP: Update to 7.4.x: Move PHP to 7.4.x Renato Botelho
09:50 AM pfSense Packages Bug #10656 (Pull Request Review): Acme letsencrypt doesn't change private key type: Jim Pingle
07:39 AM pfSense Packages Bug #10656: Acme letsencrypt doesn't change private key type: Fix:
https://github.com/pfsense/FreeBSD-ports/pull/881 Viktor Gurov
06:45 AM pfSense Packages Bug #10656 (Confirmed): Acme letsencrypt doesn't change private key type: Right, got the same issue Viktor Gurov
05:56 AM pfSense Packages Bug #10656: Acme letsencrypt doesn't change private key type: It isn't really a duplicate of that bug. The fallout of that bug sets up the conditions where you might want to chan... Howard Holm
12:23 AM pfSense Packages Bug #10656 (Rejected): Acme letsencrypt doesn't change private key type: Duplicate of #10655
Please add any additional comments to that issue. Viktor Gurov
09:44 AM pfSense Packages Bug #10654 (Pull Request Review): Whitelisted domains starting with a dot are ignored: Jim Pingle
06:48 AM pfSense Packages Bug #10654: Whitelisted domains starting with a dot are ignored: Fix:
https://github.com/pfsense/FreeBSD-ports/pull/880 Viktor Gurov
09:42 AM pfSense Packages Bug #10657 (Pull Request Review): FRR: AS-Path Filter doesn't work anymore: Jim Pingle
04:58 AM pfSense Packages Bug #10657: FRR: AS-Path Filter doesn't work anymore: Correct, see http://docs.frrouting.org/en/latest/bgp.html#as-path-access-lists
Fix:
https://github.com/pfsense/Fr... Viktor Gurov
04:21 AM pfSense Packages Bug #10657: FRR: AS-Path Filter doesn't work anymore: Syntax for as-path acl has changed in frr ...
Now it's ... Luki TJ
03:54 AM pfSense Packages Bug #10657 (Resolved): FRR: AS-Path Filter doesn't work anymore: Hi,
after upgrade from 2.4.4_p3 to 2.4.5_p1 route-maps for BGP metric altering based on AS-Path match don't work a... Luki TJ
09:41 AM pfSense Packages Bug #10655 (Resolved): ntopng fails with letsencrypt ECC certificates: If it works on the latest ntopng then it's already been fixed upstream. It may also be fixed by the newer OpenSSL on ... Jim Pingle
04:40 AM pfSense Packages Bug #10655: ntopng fails with letsencrypt ECC certificates: It seems ntopng 3.8 issue, is the same error ERR_SSL_VERSION_OR_CIPHER_MISMATCH with EC-256 certificate
but there ... Viktor Gurov
09:40 AM pfSense Packages Bug #8688 (Pull Request Review): Pass List Snort: Jim Pingle
01:38 AM pfSense Packages Bug #8688: Pass List Snort: https://github.com/pfsense/FreeBSD-ports/pull/878
see also #10493 Viktor Gurov
07:12 AM pfSense Packages Feature #10557 (Resolved): Add Zabbix 5.0 LTS (agent and proxy) packages: Renato Botelho
05:23 AM Feature #10658 (Resolved): Allow to generate ECDSA certs on User Manager page: Currently, if you are creating a new user on the system_usermanager.php?act=new page,
'Click to create a user certif... Viktor Gurov

06/11/2020

09:49 PM pfSense Packages Bug #10656 (Closed): Acme letsencrypt doesn't change private key type: As alluded to in this year and a half old post (https://forum.netgate.com/topic/116404/ntopng-and-let-s-encrypt-certi... Howard Holm
09:43 PM pfSense Packages Bug #10655 (Resolved): ntopng fails with letsencrypt ECC certificates: Configuring ntopng to use letsencrypt certificates (via the Acme package) works with default RSA 2048 bit certificate... Howard Holm
05:40 PM Revision 26665a25: Add Zabbix 5 config options: (cherry picked from commit 82376829119b61f9ab8eb81a82a2962e847c1c06) Danilo Baio
01:05 PM pfSense Packages Feature #10557: Add Zabbix 5.0 LTS (agent and proxy) packages: Seems to work for me Pim Janssen
12:55 PM pfSense Packages Feature #10557: Add Zabbix 5.0 LTS (agent and proxy) packages: Danilo Baio wrote:
> Yes, it's missing zabbix config options for the 2.4.5 packages:
> https://github.com/pfsense/F... Danilo Baio
12:31 PM pfSense Packages Feature #10557: Add Zabbix 5.0 LTS (agent and proxy) packages: Pim Janssen wrote:
> Thanks, i just upgraded my zabbix-proxy on pfsense.
> Now i am getting the following error:
>... Danilo Baio
11:55 AM pfSense Packages Feature #10557: Add Zabbix 5.0 LTS (agent and proxy) packages: Thanks, i just upgraded my zabbix-proxy on pfsense.
Now i am getting the following error:
`connection to database '... Pim Janssen
11:04 AM pfSense Packages Bug #10654 (Resolved): Whitelisted domains starting with a dot are ignored: https://forum.netgate.com/topic/153933/solved-squid-0-4-44_25-assertion-failed-http-cc-1533-comm-monitorsread-serverc... Viktor Gurov
09:58 AM pfSense Packages Bug #10146 (Resolved): squid4 obsolete options: OK - no NO_SSLv2 option in squid pkg 0.4.44_26 Viktor Gurov
09:55 AM Bug #10625 (Resolved): PFTop filter hide: works as expected on 2.5.0.a.20200611.0650 Viktor Gurov
08:50 AM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: The latest 2.5.0 snapshot now contains miniupnpd-2.2.0.r1,1 for testing Jim Pingle
08:21 AM Bug #10565: WAN_DHCP6 Stuck Pending / Unknown: I just upgraded from 2.4.5 to 2.4.5-RELEASE-p1 and now I am seeing the same issue. I have 3 gateways--ipv4 and ipv6 ... Thomas Clark
08:05 AM Bug #1353 (Pull Request Review): Number of queues possible: Jim Pingle
01:56 AM Bug #1353: Number of queues possible: error on the latest snapshot:... Viktor Gurov
06:52 AM Revision cd0c9e11: PRIQ queue array check. Issue #1353: Viktor Gurov
06:39 AM pfSense Docs Correction #10648: Feedback on IPsec — Mobile IPsec — Windows IKEv2 Client Configuration: need to add more info about Win10 rekeying issue:
https://wiki.strongswan.org/issues/3400 Viktor Gurov
04:38 AM pfSense Packages Feature #9874 (Resolved): safesearch enforcing: link is ok now Viktor Gurov
04:37 AM pfSense Packages Feature #10627 (Resolved): add Yandex Site Checker link: works as expected on the latest pfBlockerNG-devel Viktor Gurov
04:02 AM Bug #10337 (Closed): OpenVPN CSO changes require server restart: no such issue on 2.4.5-p1 and the latest 2.5
this seems to be fixed in OpenVPN 2.4.9 Viktor Gurov
01:21 AM pfSense Packages Feature #10653 (New): Allow to download frr_status: Add a button on the status_frr.php page to load all the frr status output as a txt file. Viktor Gurov
01:08 AM pfSense Packages Feature #10628 (Resolved): Allow to change url_rewrite_children options: pfSense-pkg-squidGuard-1.16.18_6 works as expected Viktor Gurov

06/10/2020

06:09 PM Revision 6b624e41: Merge pull request #4327 from vktg/prioinputvalid: Renato Botelho
05:28 PM pfSense Packages Bug #10642: ACME certificate renewal with DNS-Gandi method fails when using multiple Gandi keys: I don't have SSH access to the router, so unfortunately I cannot run acme.sh outside pfSense. I suppose the answer li... Oriane Tury
05:24 PM Revision e2456a7a: Fix syntax error in shaper.inc: Jim Pingle
05:01 PM Revision 7e4e04ef: Fix duplicate upgrade function. Fixes #10652: Jim Pingle
04:51 PM Revision b0f0993d: PRIQ queue input validation. Issue #1353: Viktor Gurov
04:04 PM Revision f266729e: Enable build of zabbix 5 packages: Renato Botelho
04:04 PM Revision 24d814e0: Enable build of zabbix 5 packages: Renato Botelho
03:18 PM Revision e1c689ee: OpenVPN TCP client fix. Issue #10650: (cherry picked from commit 6ac20ad3db7bcb34ab72dcb16ced6c1e89802595) Viktor Gurov
03:04 PM Revision f4311a4f: Merge pull request #4321 from vktg/sanitizeacme: Renato Botelho
03:04 PM Revision 71d6bb91: Merge pull request #4322 from vktg/captivedisableperuserbw: Renato Botelho
03:04 PM Revision 5d40d3a8: Merge pull request #4323 from vktg/captiveautomacfix: Renato Botelho
03:04 PM Revision d2b35ca7: Merge pull request #4324 from vktg/statusl2tp: Renato Botelho
03:03 PM Revision 5a649783: Merge pull request #4352 from vktg/ovpntcpfix: Renato Botelho
02:56 PM Revision 057fd00a: Merge pull request #4328 from vktg/dnqueuerename: Renato Botelho
02:55 PM Revision bb2f2ab3: Merge pull request #4329 from vktg/gwhover: Renato Botelho
02:53 PM Revision 7b1ec2a4: Merge pull request #4335 from vktg/qlxgbaltq: Renato Botelho
02:52 PM Revision 4e164672: Merge pull request #4332 from vktg/gwfoverdyndns: Renato Botelho
02:51 PM Revision c1224a09: Merge pull request #4330 from vktg/doublerootqueuefix: Renato Botelho
02:49 PM Revision 79e269c9: Merge pull request #4337 from vktg/pppoehostuniq: Renato Botelho
02:45 PM Revision a7db13ac: Merge pull request #4150 from Augustin-FL/captiveportal-db-sync: Renato Botelho
02:33 PM Revision 0a904b81: Merge pull request #4338 from vktg/conferrorfix: Renato Botelho
02:31 PM Revision 57bb85a3: Merge pull request #4340 from vktg/6rd6to4mtu: Renato Botelho
02:30 PM Revision 6ac20ad3: OpenVPN TCP client fix. Issue #10650: Viktor Gurov
02:30 PM Revision b7f20acb: Merge pull request #4341 from vktg/6rdfloatfwfix: Renato Botelho
02:29 PM Revision 92b7987b: Merge pull request #4334 from csobankesmarki/master: Renato Botelho
02:27 PM Revision ded0357a: Merge pull request #4342 from vktg/6rddyndns: Renato Botelho
02:24 PM Revision e68308ae: Merge pull request #4343 from vktg/cleanupshapercode: Renato Botelho
02:23 PM Revision 5825b481: Merge pull request #4344 from einichi/master: Renato Botelho
02:22 PM Revision 7c5c9f90: PFTop filter hide for non-states views. Issue #10625: (cherry picked from commit 253102fd66c35762a28d44ceffdfba7f1752fcda) Viktor Gurov
02:22 PM Revision 7ca3a30c: Merge pull request #4345 from vktg/pftopview: Renato Botelho
02:21 PM Revision 47b10da2: Do not show stf(6RD/6to4) interface as parent physical. Issue #10626: (cherry picked from commit d764f8fc68f603eb164b830af9c7c7a4125d21fa) Viktor Gurov
02:21 PM Revision ccd9caac: Merge pull request #4346 from vktg/hidestfint: Renato Botelho
02:19 PM Revision f37ca3fc: Merge pull request #4347 from vktg/gifgreparentvlan: Renato Botelho
02:17 PM Revision 2d0b5798: Merge pull request #4348 from vktg/noreassign: Renato Botelho
02:15 PM Revision 61e98e28: Merge pull request #4339 from bailsman/rc-initial-multiple-parameters: Renato Botelho
02:14 PM Revision a0a6a205: Merge pull request #4349 from dbaio/zabbix5: Renato Botelho
02:12 PM Revision aed29c3b: Merge pull request #4351 from vktg/ovpnpushremove: Renato Botelho
01:29 PM Feature #7727 (Feedback): uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: Jim Pingle
01:28 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: We have added the 2.2.0-RC1 version of miniupnpd to the repository for pfSense 2.5.0 and so it should be included in ... Jim Pingle
01:12 PM Bug #9647: hn0: driver does not support altq: Luiz, can you check this one please?
Renato Botelho
01:09 PM Bug #1353 (Feedback): Number of queues possible: PR has been merged. Thanks! Renato Botelho
12:56 PM pfSense Packages Bug #10649: OpenVPN Cllient Export Wizard Using Wrong Root CA Certificate: Jim Pingle wrote:
> That particular document is outdated, the Cert Manager supports forming chains on its own now. I... Dennis Adler
12:15 PM pfSense Packages Bug #10649: OpenVPN Cllient Export Wizard Using Wrong Root CA Certificate: That particular document is outdated, the Cert Manager supports forming chains on its own now. I have a setup with in... Jim Pingle
12:10 PM pfSense Packages Bug #10649: OpenVPN Cllient Export Wizard Using Wrong Root CA Certificate: > Either your CA/Cert subjects are not unique and it formed an incorrect internal association on import, or you impor... Dennis Adler
08:42 AM pfSense Packages Bug #10649 (Not a Bug): OpenVPN Cllient Export Wizard Using Wrong Root CA Certificate: Either your CA/Cert subjects are not unique and it formed an incorrect internal association on import, or you importe... Jim Pingle
04:07 AM pfSense Packages Bug #10649: OpenVPN Cllient Export Wizard Using Wrong Root CA Certificate: Note: I posted this initially on the Netgate forums. Several views but no feedback. Perhaps not many people set up a ... Dennis Adler
04:05 AM pfSense Packages Bug #10649 (Not a Bug): OpenVPN Cllient Export Wizard Using Wrong Root CA Certificate: This occurs using pfSense 2.4.5-RELEASE (arm) on an SG-3100. OpenVPN CE Wizard v1.4.23.
I had two Root CAs in pfSe... Dennis Adler
12:10 PM Bug #10652 (Feedback): Duplicate upgrade_203_to_204() function in upgrade_config.inc: Applied in changeset commit:7e4e04efe923bcdfd3fe11ba4cf0a068714078bc. Jim Pingle
12:01 PM Bug #10652 (Resolved): Duplicate upgrade_203_to_204() function in upgrade_config.inc: After merging PR 4150, there are two @upgrade_203_to_204()@ functions, the newly merged one needs changed to @upgrade... Jim Pingle
11:32 AM Feature #10651: Remove/replace deprecated OpenVPN options: Pippin MMD wrote:
> From today's meeting:
> "(13:45:40) dazo: We also need to un-deprecate comp-lzo in the wiki"
... Jim Pingle
11:25 AM Feature #10651: Remove/replace deprecated OpenVPN options: From today's meeting:
"(13:45:40) dazo: We also need to un-deprecate comp-lzo in the wiki"
https://community.open... Pippin MMD
10:19 AM Feature #10651: Remove/replace deprecated OpenVPN options: We already have options for the new compress style. The older options are still there as well, but they can stay unti... Jim Pingle
10:17 AM Feature #10651 (New): Remove/replace deprecated OpenVPN options: some changes from https://github.com/OpenVPN/openvpn/blob/release/2.4/Changes.rst:... Viktor Gurov
11:04 AM pfSense Packages Feature #10557 (Feedback): Add Zabbix 5.0 LTS (agent and proxy) packages: PR has been merged. Thanks! Renato Botelho
11:01 AM pfSense Packages Feature #9874 (Feedback): safesearch enforcing: PR has been merged. Thanks! Renato Botelho
10:53 AM pfSense Packages Feature #10628 (Feedback): Allow to change url_rewrite_children options: PR has been merged. Thanks! Renato Botelho
10:53 AM pfSense Packages Feature #10627 (Feedback): add Yandex Site Checker link: PR has been merged. Thanks! Renato Botelho
10:52 AM pfSense Packages Feature #10618 (Feedback): Set sysDescr the same as bsnmpd unless overriden with net-snmp: PR has been merged. Thanks! Renato Botelho
10:51 AM pfSense Packages Bug #10146 (Feedback): squid4 obsolete options: PR has been merged. Thanks! Renato Botelho
10:50 AM pfSense Packages Bug #5168 (Feedback): squid doesn't function during/after HA failover: PR has been merged. Thanks! Renato Botelho
10:49 AM pfSense Packages Feature #9793 (Feedback): Add support for HAProxy ACLs "src -f /ipalias.lst" to use pfBlockerNG IP Alias Native: PR has been merged. Thanks! Renato Botelho
10:48 AM pfSense Packages Feature #8727 (Feedback): Clone button in cron pkg: PR has been merged. Thanks! Renato Botelho
10:11 AM pfSense Packages Bug #10647 (Feedback): FRR BGP Advanced > Aggregated Addresses ignores ipv6 subnets: PR has been merged. Thanks! Renato Botelho
09:19 AM pfSense Packages Bug #10647 (Pull Request Review): FRR BGP Advanced > Aggregated Addresses ignores ipv6 subnets: Jim Pingle
01:48 AM pfSense Packages Bug #10647: FRR BGP Advanced > Aggregated Addresses ignores ipv6 subnets: Fix:
https://github.com/pfsense/FreeBSD-ports/pull/877 Viktor Gurov
10:04 AM Bug #10650 (Feedback): OpenVPN TCP in 2.4.5-p1 not working: PR has been merged. Thanks! Renato Botelho
09:02 AM Bug #10650 (Pull Request Review): OpenVPN TCP in 2.4.5-p1 not working: Jim Pingle
08:55 AM Bug #10650: OpenVPN TCP in 2.4.5-p1 not working: https://github.com/pfsense/pfsense/pull/4352 Viktor Gurov
08:50 AM Bug #10650 (Resolved): OpenVPN TCP in 2.4.5-p1 not working: https://forum.netgate.com/topic/154365/openvpn-tcp-in-2-4-5-p1-not-working:
Hi, just upgraded to 2.4.5p1 last night ... Viktor Gurov
10:04 AM Feature #10583 (Feedback): status.php: Add L2TP VPN configuration: PR has been merged. Thanks! Renato Botelho
10:04 AM Bug #9933 (Feedback): Captive Portal + Voucher not keeping auto-added "Pass-through MAC Auto Entry": PR has been merged. Thanks! Renato Botelho
10:04 AM Bug #9311 (Feedback): Captive Portal continues to limit per-user bandwidth when not enabled: PR has been merged. Thanks! Renato Botelho
10:04 AM Bug #10569 (Feedback): Sanitize ACME passwords: PR has been merged. Thanks! Renato Botelho
09:56 AM Bug #3924 (Feedback): Renaming limiters removes them from firewall rules: PR has been merged. Thanks! Renato Botelho
09:55 AM Feature #885 (Feedback): Show gateway/group IPs on mouseover: PR has been merged. Thanks! Renato Botelho
09:53 AM Bug #10594 (Feedback): add QLogic 10 Gigabit Ethernet driver (qlxgb) to the ALTQ-capable list: PR has been merged. Thanks! Renato Botelho
09:52 AM Bug #9435 (Feedback): Dynamic DNS Update events do not occur after certain failover event cases: PR has been merged. Thanks! Renato Botelho
09:50 AM Bug #3381 (Feedback): LAN interface root Queue Bandwidth calculation is exactly double the total of the other child queues: PR has been merged. Thanks! Renato Botelho
09:49 AM Feature #10597 (Feedback): Setting host-uniq for PPPoE: PR has been merged. Thanks! Renato Botelho
09:47 AM Feature #97 (Feedback): Captive Portal should sync its database to other members of clusters: PR has been merged. Thanks! Renato Botelho
09:47 AM Bug #8807 (Feedback): HA sync : files voucher_{$cpzone}.cfg and voucher_{$cpzone}.public are not created on save in /var/save when enabling vouchers on master.: PR has been merged. Thanks! Renato Botelho
09:47 AM Bug #8809 (Feedback): HA sync : changing a voucher roll on master does not reset active tickets on slave.: PR has been merged. Thanks! Renato Botelho
09:47 AM Bug #9303 (Feedback): HA sync : disabling captive portal HA sync does remove all zones on slave: PR has been merged. Thanks! Renato Botelho
09:34 AM Feature #10556 (Feedback): Change action on 'XML configuration file not found' error: PR has been merged. Thanks! Renato Botelho
09:31 AM Feature #6377 (Feedback): 6rd ipv6 tunnel: MTU settings not editable and not correlated to interface MTU (hardcoded to 1280): PR has been merged. Thanks! Renato Botelho
09:30 AM Bug #7142 (Feedback): IPv6: Floating rules on 6rd enabled WAN interfaces doesn't get bound to wan_stf: PR has been merged. Thanks! Renato Botelho
09:29 AM Bug #10592 (Feedback): DigitalOcean DNS update adds new DNS record instead of update: PR has been merged. Thanks! Renato Botelho
09:27 AM Bug #9641 (Feedback): Dynamic DNS cannot update AAAA records on 6rd tunnel interfaces bound to PPPoE interfaces: PR has been merged. Thanks! Renato Botelho
09:24 AM Bug #10613 (Feedback): cleanup status_queues.php code: PR has been merged. Thanks! Renato Botelho
09:23 AM Feature #10617 (Feedback): freeDNS Dynamic DNS API v2 Support: PR has been merged. Thanks! Renato Botelho
09:22 AM Bug #10625 (Feedback): PFTop filter hide: PR has been merged. Thanks! Renato Botelho
09:20 AM Bug #10626 (Feedback): get_interface_list() shows _stf (6RD/6to4) interfaces as parent: PR has been merged. Thanks! Renato Botelho
09:20 AM Bug #10623 (Feedback): Wrong Route configured for GIF interface on VLAN on LAGG: PR has been merged. Thanks! Renato Botelho
09:17 AM Bug #10383 (Feedback): Additional interfaces do not survive a reboot before the setup wizard has been run: PR has been merged. Thanks! Renato Botelho
09:15 AM Feature #10603 (Feedback): Handle -c commands with arguments in rc.initial: PR has been merged. Thanks! Renato Botelho
09:14 AM pfSense Docs Correction #10648 (Pull Request Review): Feedback on IPsec — Mobile IPsec — Windows IKEv2 Client Configuration: Jim Pingle
02:12 AM pfSense Docs Correction #10648: Feedback on IPsec — Mobile IPsec — Windows IKEv2 Client Configuration: https://gitlab.netgate.com/docs/pfSense-book/-/merge_requests/6 Viktor Gurov
12:18 AM pfSense Docs Correction #10648 (Closed): Feedback on IPsec — Mobile IPsec — Windows IKEv2 Client Configuration: *Page:* https://docs.netgate.com/pfsense/en/latest/book/ipsec/mobile-ipsec-client-windows.html
*Feedback:*
need... Viktor Gurov
09:13 AM Feature #9702 (Feedback): OpenVPN "push-reset" option in Client Specific Override breaks "subnet" topology: PR has been merged. Thanks! Renato Botelho
09:07 AM Feature #9702 (Pull Request Review): OpenVPN "push-reset" option in Client Specific Override breaks "subnet" topology: Jim Pingle
03:53 AM Feature #9702: OpenVPN "push-reset" option in Client Specific Override breaks "subnet" topology: https://github.com/pfsense/pfsense/pull/4351 Viktor Gurov
08:49 AM Revision 8d44d56a: OpenVPN CSO remove routes option. Implements #9702: Viktor Gurov
06:13 AM pfSense Packages Feature #10599: Add support for hitless-reloads of HAproxy config: Thanks and sorry, missed it DRago_Angel [InV@DER]
05:40 AM pfSense Packages Feature #10599 (Rejected): Add support for hitless-reloads of HAproxy config: Already supported:
see https://github.com/pfsense/FreeBSD-ports/blob/76396719e6e1b7c0c54dc70c2bb91c127a7ff8c4/net/... Viktor Gurov

06/09/2020

02:36 PM pfSense Packages Bug #10647 (Resolved): FRR BGP Advanced > Aggregated Addresses ignores ipv6 subnets: The php script generating the bgp.conf file only writes out the configuration if the subnet is an ipv4 subnet: https:... Max Maton
11:49 AM pfSense Packages Bug #10646 (Resolved): Reinstall package process stalls at pfBlockerNG when restoring a config: The package install process for pfBlockerNG completes but the processes do not close out preventing subsequent packag... Steve Wheeler
11:17 AM Feature #10645 (New): Choosing active repo after restoring config but before starting pkgs auto-installing: The current behavior is if a certain repo is set, config contains an entry for this, like @<pkg_repo_conf_path>/usr/l... Constantine Kormashev
09:14 AM Feature #10644: Feature request: MAC-based VLAN: You setup trunking between pfSense and your switch. All VLANs are carried on a single port.
This site is not for s... Jim Pingle
09:07 AM Feature #10644: Feature request: MAC-based VLAN: Jim Pingle wrote:
> That would be done on your switch (L2), not a firewall.
But the only way to manage multiple V... Christian Clark
08:57 AM Feature #10644 (Rejected): Feature request: MAC-based VLAN: That would be done on your switch (L2), not a firewall. Jim Pingle
08:50 AM Feature #10644 (Rejected): Feature request: MAC-based VLAN: Using the instructions here (https://docs.netgate.com/pfsense/en/latest/development/requesting-new-pfsense-features.h... Christian Clark
07:55 AM pfSense Packages Bug #10642: ACME certificate renewal with DNS-Gandi method fails when using multiple Gandi keys: Have you tried doing this with acme.sh on its own (not through pfSense)? It may be a problem in the Gandi script, it ... Jim Pingle
07:24 AM pfSense Docs Correction #10643 (Closed): Feedback on Routing and Multi-WAN — Gateway Settings: *Page:* https://docs.netgate.com/pfsense/en/latest/routing/gateway-configure.html
*Feedback:*
This doesn't seem t... Steve Scott

06/08/2020

03:17 PM pfSense Packages Bug #10642 (Duplicate): ACME certificate renewal with DNS-Gandi method fails when using multiple Gandi keys: With the ACME service, when trying to issue/renew a certificate on 2 domain names (or more) using the DNS-Gandi Live ... Oriane Tury
10:52 AM Bug #10558 (Confirmed): Multicast daemons work at boot, but fail if restarted: Jim Pingle
09:19 AM Feature #10641: Move logic code outside of /usr/local/www: Ok, thanks for your answer.
Let us know if we can contribute in any way to your long term plan to release an API (... Frederic Bor
08:31 AM Feature #10641 (Closed): Move logic code outside of /usr/local/www: That's part of a longer term plan for rewrite/integrating an API/etc. We'd rather not do it piecemeal in this fashion. Jim Pingle
09:11 AM pfSense Packages Feature #10640 (Rejected): Request addition of ZNC to Package Manager available packages: In my opinion, that kind of service is a poor fit for a firewall. Especially given its "poor security history":https:... Jim Pingle
09:06 AM Bug #9647 (Pull Request Review): hn0: driver does not support altq: Jim Pingle
09:05 AM Feature #7095 (Pull Request Review): Improve Remote Gateway field description for IPSec VPN Phase 1: Jim Pingle
08:45 AM Feature #10639 (Pull Request Review): Add rtwn(4) wireless support: Jim Pingle
08:41 AM pfSense Packages Feature #10557 (Pull Request Review): Add Zabbix 5.0 LTS (agent and proxy) packages: Jim Pingle

06/07/2020

04:01 PM Bug #9643: Limiters do not function properly on 2.5 snapshots: I'm having the same issue, running on a VK-T40E:
2.5.0.a.20200603.1253
If I enable the floating rule, I lose al... Tom Fuke
03:43 PM Feature #10641 (Closed): Move logic code outside of /usr/local/www: Hello,
We are developping ansible modules for pfSense (https://github.com/opoplawski/ansible-pfsense). Since there... Frederic Bor

06/06/2020

04:24 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: Thomas BERNARD wrote:
> please test with miniupnpd-2.2.0-RC1.tar.gz
> released on https://miniupnp.tuxfamily.org/fi... Marc 05
01:36 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: please test with miniupnpd-2.2.0-RC1.tar.gz
released on https://miniupnp.tuxfamily.org/files/ Thomas BERNARD
02:40 PM pfSense Packages Feature #10640 (Rejected): Request addition of ZNC to Package Manager available packages: I would like to request the addition of the ZNC package for installation via the pfSense Package Manager, pfSense rel... Murray Williams
11:30 AM Bug #9647: hn0: driver does not support altq: https://github.com/pfsense/FreeBSD-src/pull/32 Viktor Gurov
09:23 AM Bug #10638: ipsec VTI interface not setting tunnel parameters when phase1 Remote Gateway is 0.0.0.0: > You can create Site-to-Site VPN and set 0.0.0.0 as remote gateway address, see #7095 and #7410
Yes that is what ... Tim Carre
08:16 AM Bug #10638: ipsec VTI interface not setting tunnel parameters when phase1 Remote Gateway is 0.0.0.0: Tim Carre wrote:
> Jim Pingle wrote:
> > No, the IP address must be present when the interface is created. You end ... Viktor Gurov
08:46 AM Feature #7095: Improve Remote Gateway field description for IPSec VPN Phase 1: https://github.com/pfsense/pfsense/pull/4350 Viktor Gurov
05:36 AM Bug #8087: Provide Calling-Station-ID to RADIUS backed VPN connections: Calling-Station-Id is already supported by EAP-RADIUS strongswan plugin, see https://wiki.strongswan.org/projects/str... Viktor Gurov
02:23 AM Feature #10639: Add rtwn(4) wireless support: The current conf works with only with FreeBSD 11:
https://www.freebsd.org/cgi/man.cgi?query=rtwn&apropos=0&sektion=4... Viktor Gurov
01:40 AM Feature #10639 (Resolved): Add rtwn(4) wireless support: Current 2.5 kernel contains only rtwn firmwares:... Viktor Gurov

06/05/2020

08:20 PM pfSense Packages Feature #10557: Add Zabbix 5.0 LTS (agent and proxy) packages: Danilo Baio wrote:
> I'll open a PR later today for this...
https://github.com/pfsense/FreeBSD-ports/pull/876
ht... Danilo Baio
08:44 AM pfSense Packages Feature #10557: Add Zabbix 5.0 LTS (agent and proxy) packages: I'll open a PR later today for this... Danilo Baio
01:26 PM Bug #10638: ipsec VTI interface not setting tunnel parameters when phase1 Remote Gateway is 0.0.0.0: Jim Pingle wrote:
> No, the IP address must be present when the interface is created. You end up in a catch-22 where... Tim Carre
01:14 PM Bug #10638 (Not a Bug): ipsec VTI interface not setting tunnel parameters when phase1 Remote Gateway is 0.0.0.0: No, the IP address must be present when the interface is created. You end up in a catch-22 where the tunnel wouldn't ... Jim Pingle
01:10 PM Bug #10638 (Not a Bug): ipsec VTI interface not setting tunnel parameters when phase1 Remote Gateway is 0.0.0.0: Hello everyone,
I am very interested in the Route-Based IPsec VPN and all the possibilities in dynamic routing mad... Tim Carre
10:04 AM Bug #8686: IPsec VTI: Assigned interface firewall rules are never parsed: It doesn't appear to be related. Setting that sysctl to 1, the traffic still arrives on enc0 and is blocked by pf inb... Jim Pingle
08:44 AM pfSense Packages Todo #9880 (Resolved): Remove Zabbix 2.2 Packages: Jim Pingle
08:43 AM pfSense Packages Todo #9880: Remove Zabbix 2.2 Packages: This can be closed Danilo Baio
08:29 AM Bug #10176: Multiple duplicate / overlapping phase 2 Child SAs on IPsec tunnels: All of my test pairs still only have a single SA this morning (2.4.5 and 2.5.0, multiple causes and changes mentioned... Jim Pingle
08:18 AM Bug #10176: Multiple duplicate / overlapping phase 2 Child SAs on IPsec tunnels: If it happens on disconnect/reconnect that is more likely the race condition case and not the reauth case. I wouldn't... Jim Pingle
05:14 AM Bug #10176: Multiple duplicate / overlapping phase 2 Child SAs on IPsec tunnels: I have a GNS3 lab setup with two pfSense VMs connected via IPSec (IKEv2, VTI). Multi-WAN with failover on one side. W... Marc L
07:26 AM Feature #10637 (Resolved): Turn of spell checking on package upgrade progress textarea: When upgrading or installing a package the progress is shown in a html textarea
On my FireFox with Dutch spell che... Jos Groot Lipman

06/04/2020

07:38 PM Revision 82376829: Add Zabbix 5 config options: Danilo Baio
07:09 PM Revision 9a69dd4b: Fix VTI responder only on 2.4.x. Fixes #10176: This only affects 2.4.x, the swanctl rewrite in 2.5.0 fixed this already Jim Pingle
06:13 PM Bug #9634: rc.newwanipv6 is called although dhcp6c should discard Request messages: just to put you right on this Jim as there seems some confusion. The REQUEST you see in the ENV VAR REASON is just dh... Martin Wasley
05:34 PM Revision 31a6bd5e: Use close_action=trap, not hold. Fixes #10632: Jim Pingle
02:20 PM Bug #10176 (Feedback): Multiple duplicate / overlapping phase 2 Child SAs on IPsec tunnels: Applied in changeset commit:9a69dd4b8ff6eeeaf5779b7388a10743afae8e91. Jim Pingle
02:20 PM Bug #10176: Multiple duplicate / overlapping phase 2 Child SAs on IPsec tunnels: There is a small bug on 2.4.x which prevents responder only from working on VTI, I've pushed a fix for that, but it's... Jim Pingle
01:38 PM Bug #10176: Multiple duplicate / overlapping phase 2 Child SAs on IPsec tunnels: Digging deeper in strongSwan most of the times this has happened in the past have been due to the use of IKEv2 with r... Jim Pingle
01:03 PM Bug #10636 (Resolved): The firmware table is filled: In current 12.1-stable based 2.5 snapshots even the default config exhausts the available firmware space at boot:
<p... Steve Wheeler
12:45 PM Revision 772e14a2: Do not reset/reassign interfaces in certain cases. Fixes #10383: Viktor Gurov
12:45 PM Bug #10632 (Feedback): Incorrect swanctl.conf syntax from Child SA Close Action: Applied in changeset commit:31a6bd5e8fb5984e4e8a5a89126b7206f92fde5d. Jim Pingle
12:27 PM Bug #10632 (Confirmed): Incorrect swanctl.conf syntax from Child SA Close Action: You are right, that did change:
https://wiki.strongswan.org/projects/strongswan/wiki/Fromipsecconf
In the old f... Jim Pingle
03:34 AM Bug #10632: Incorrect swanctl.conf syntax from Child SA Close Action: To duplicate this issue, all I think you need to do is change a working IKEv2 connection "Child SA Close Action" to "... Jonathan Grande
02:23 AM Bug #10632 (Resolved): Incorrect swanctl.conf syntax from Child SA Close Action: I was trying the latest pfsense build (2.5.0.a.20200603.1253) when I ran across a snag with IPsec. If you set an IPse... Jonathan Grande
12:19 PM Bug #10383 (Pull Request Review): Additional interfaces do not survive a reboot before the setup wizard has been run: Jim Pingle
07:48 AM Bug #10383: Additional interfaces do not survive a reboot before the setup wizard has been run: Fix:
https://github.com/pfsense/pfsense/pull/4348 Viktor Gurov
12:18 PM pfSense Docs Correction #10631 (Resolved): Feedback on Packages — Fixing a Broken pkg Database: PR merged Jim Pingle
01:13 AM pfSense Docs Correction #10631: Feedback on Packages — Fixing a Broken pkg Database: https://github.com/pfsense/docs/pull/131 Viktor Gurov
01:10 AM pfSense Docs Correction #10631 (Resolved): Feedback on Packages — Fixing a Broken pkg Database: *Page:* https://docs.netgate.com/pfsense/en/latest/packages/fixing-a-broken-pkg-database.html
*Feedback:*
incor... Viktor Gurov
11:44 AM Feature #10635 (Resolved): status.php: Add DNS Resolver configuration: Add /var/unbound/unbound.conf
Useful for:
- Checking custom options
- Interface IP(s) to bind to (mostly IPv6 issu... Viktor Gurov
09:38 AM Bug #10634 (Not a Bug): Sticky connections not working with dual WAN: There isn't enough information here to definitely say there is a bug, it could very well be a configuration or test i... Jim Pingle
08:54 AM Bug #10634: Sticky connections not working with dual WAN: To clarify when I said, "it's not due to the states but I tried setting it to 1200 seconds", I was referring to the "... David Askew
08:45 AM Bug #10634 (Not a Bug): Sticky connections not working with dual WAN: I have sticky connections enabled and have been having issues browsing more than one site that requires me to login (... David Askew
07:38 AM Feature #10633: Add one a new "Server Mode" to the OpenVPN server configuration page or add the missing settings to an existing mode.: Jim Pingle wrote:
> We've considered that before and rejected it for a few reasons:
>
> 1. You shouldn't be mixin... alzee bum
07:20 AM Feature #10633 (Rejected): Add one a new "Server Mode" to the OpenVPN server configuration page or add the missing settings to an existing mode.: We've considered that before and rejected it for a few reasons:
1. You shouldn't be mixing purposes like that (pee... Jim Pingle
06:59 AM Feature #10633 (Rejected): Add one a new "Server Mode" to the OpenVPN server configuration page or add the missing settings to an existing mode.: "Server Mode" is a pfSense invention that determines what settings to expose in the GUI. The issue we're currently h... alzee bum
03:01 AM pfSense Packages Feature #10557: Add Zabbix 5.0 LTS (agent and proxy) packages: The above issue has now status fixed. Pim Janssen

06/03/2020

06:09 PM Bug #10630 (Not a Bug): ipsec p2 entries go down and doesn't reconnect: Not enough information here to say it's a bug. More likely a configuration issue. Post on the forum for assistance in... Jim Pingle
05:36 PM Bug #10630 (Not a Bug): ipsec p2 entries go down and doesn't reconnect: After upgrading to 2.4.5 ipsec vpn tunnels will go down several times per day. In fact it's only the P2 tunnels that ... Peter Ompeli
11:51 AM Bug #10629: miniupnp failed to migrate interface: Jim Pingle wrote:
> There isn't a problem with miniupnpd that I can see here. It had to have been elsewhere in your ... Tom Cosmos
11:09 AM Bug #10629 (Not a Bug): miniupnp failed to migrate interface: There isn't a problem with miniupnpd that I can see here. It had to have been elsewhere in your configuration.
The... Jim Pingle
11:03 AM Bug #10629 (Not a Bug): miniupnp failed to migrate interface: I recently went through a backup/restore to a new device (newer hardware, more interfaces, etc). My design, for conv... Tom Cosmos
11:34 AM Bug #10591 (Resolved): Cannot set a value for NAT Reflection timeout: works as expected on 2.4.5-p1
I can see correct <reflectiontimeout> in /cf/conf/config.xml and in /var/etc/xinetd.... Viktor Gurov
10:58 AM pfSense Packages Feature #10628 (Pull Request Review): Allow to change url_rewrite_children options: Jim Pingle
10:49 AM pfSense Packages Feature #10628: Allow to change url_rewrite_children options: https://github.com/pfsense/FreeBSD-ports/pull/875 Viktor Gurov
08:17 AM pfSense Packages Feature #10628 (Resolved): Allow to change url_rewrite_children options: https://forum.netgate.com/topic/153877/squid-and-squidguard-on-pfsense-for-large-deployment/2:... Viktor Gurov
10:39 AM pfSense Packages Bug #10611 (Pull Request Review): FRR applies file permissions to missing files: Jim Pingle
07:53 AM pfSense Packages Bug #10611: FRR applies file permissions to missing files: Fix:
https://github.com/pfsense/FreeBSD-ports/pull/874 Viktor Gurov
10:38 AM pfSense Packages Feature #10627 (Pull Request Review): add Yandex Site Checker link: Jim Pingle
07:05 AM pfSense Packages Feature #10627: add Yandex Site Checker link: https://github.com/pfsense/FreeBSD-ports/pull/873 Viktor Gurov
07:03 AM pfSense Packages Feature #10627 (Resolved): add Yandex Site Checker link: add link to https://yandex.com/safety/?url=_SITE_ on pfblockerng_threats.php page
See https://yandex.com/support/sea... Viktor Gurov
10:31 AM Bug #10623 (Pull Request Review): Wrong Route configured for GIF interface on VLAN on LAGG: Jim Pingle
03:10 AM Bug #10623: Wrong Route configured for GIF interface on VLAN on LAGG: Fix:
https://github.com/pfsense/pfsense/pull/4347 Viktor Gurov
10:26 AM Bug #10626 (Pull Request Review): get_interface_list() shows _stf (6RD/6to4) interfaces as parent: Jim Pingle
02:31 AM Bug #10626: get_interface_list() shows _stf (6RD/6to4) interfaces as parent: Fix:
https://github.com/pfsense/pfsense/pull/4346 Viktor Gurov
02:28 AM Bug #10626 (Resolved): get_interface_list() shows _stf (6RD/6to4) interfaces as parent: get_interface_list() shows _stf (6RD/6to4) interfaces as parent,
this is not correct since this function must not re... Viktor Gurov
10:24 AM Bug #10625 (Pull Request Review): PFTop filter hide: Jim Pingle
01:51 AM Bug #10625: PFTop filter hide: https://github.com/pfsense/pfsense/pull/4345 Viktor Gurov
01:48 AM Bug #10625 (Resolved): PFTop filter hide: https://forum.netgate.com/topic/154036/pftop-rules-filter-syntax
As filter rule can be used only with states https... Viktor Gurov
09:10 AM Bug #10176: Multiple duplicate / overlapping phase 2 Child SAs on IPsec tunnels: Contrary to my last note, I am seeing this still, but it still appears to be unpredictable. A system that doesn't sho... Jim Pingle
08:59 AM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: I started a forum thread for people to share experiences testing this: https://forum.netgate.com/topic/154153/test-re... Jim Pingle
08:36 AM Revision 082e92af: Use VLAN interface as parent for GIF/GRE. Fixes #10623: Viktor Gurov
07:30 AM Revision d764f8fc: Do not show stf(6RD/6to4) interface as parent physical. Issue #10626: Viktor Gurov
06:49 AM Revision 253102fd: PFTop filter hide for non-states views. Issue #10625: Viktor Gurov

06/02/2020

08:25 PM Revision dba74e12: Fix Google Cloud Platform spelling: (cherry picked from commit 8a162959a3107f607722024356f788f610ac7fdf) Steve Beaver
08:25 PM Revision 107a8042: Deect Azure and differentiate from Hyper-V by looking at hte bios version: (cherry picked from commit 1279a7ac6890386a4224b6f7300e47cadfd6dbe7) Steve Beaver
08:25 PM Revision 123ac7a8: Fixed #10621. Identify Amazon AWS instances without breaking Hyper-V: (cherry picked from commit 6f552d6a5294bda42b5b205351c972892e9c135e) Steve Beaver
08:25 PM Revision 242f8d8d: Fixed #10621. Identify Amazon AWS instances: (cherry picked from commit f3df1d3eaa564da1d1b2c535a59ec269a9edab0f) Steve Beaver
07:34 PM Revision 8a162959: Fix Google Cloud Platform spelling: Steve Beaver
07:31 PM Revision 1279a7ac: Deect Azure and differentiate from Hyper-V by looking at hte bios version: Steve Beaver
06:31 PM Bug #10624 (Resolved): Memory leak in Unbound with Python module and DHCP lease registration active: Issue reported and diagnosed on forums here: Was able to see evidence of this on SG-1100 and SG-3100.
https://for... Adrien Carlyle
06:04 PM Revision 6f552d6a: Fixed #10621. Identify Amazon AWS instances without breaking Hyper-V: Steve Beaver
05:56 PM Revision f3df1d3e: Fixed #10621. Identify Amazon AWS instances: Steve Beaver
02:55 PM Bug #10623: Wrong Route configured for GIF interface on VLAN on LAGG: To add to this: I did select the WAN Interface in the GIF Configuration, so I would expect it to use my selected inte... Flole Systems
02:53 PM Bug #10623 (Resolved): Wrong Route configured for GIF interface on VLAN on LAGG: I am using a VLAN on a LAGG for WAN connectivity. When I configure a GIF, there is a static route forcing traffic to ... Flole Systems
01:05 PM Feature #10621 (Feedback): Update system.inc/system_identify_specific_platform() update to accommodate AWS, Azure and GCP: Applied in changeset commit:f3df1d3eaa564da1d1b2c535a59ec269a9edab0f. Anonymous
12:11 PM Feature #10621 (Resolved): Update system.inc/system_identify_specific_platform() update to accommodate AWS, Azure and GCP: The function system_identify_specific_platform() identifies the platform we are running on, but it needs to be update... Anonymous
10:25 AM Bug #10607 (Resolved): Remote syslog for "General Authentication Events" using wrong selectors: Jim Pingle
10:25 AM Bug #10607: Remote syslog for "General Authentication Events" using wrong selectors: Makes complete sense, thanks for clarifying. And appreciate all the help! Russell Morris
10:21 AM Bug #10607: Remote syslog for "General Authentication Events" using wrong selectors: auth and authpriv are facilities, not process names, so that would not work. It's correct as it is. That section isn'... Jim Pingle
09:57 AM Bug #10607: Remote syslog for "General Authentication Events" using wrong selectors: Hi,
2.5.0 got updated today (or late yesterday) ... :-). So I installed, and it works - thanks! Just one minor thi... Russell Morris
09:57 AM Bug #8686: IPsec VTI: Assigned interface firewall rules are never parsed: That is certainly worth testing but we've had problems flipping that in the past (See #2993, #2636, and several forum... Jim Pingle
12:55 AM Bug #8686: IPsec VTI: Assigned interface firewall rules are never parsed: Is this related:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=232522
filtertunnel sysctls seem to be 0 in pf... Ari Suutari
09:32 AM Bug #9476: pfSense 2.4.x sending ARP replies with non-CARP source MAC address: This is a problem for cable modem setups in particular. Many providers are willing to issue multiple IPs to allow CA... Marc H

06/01/2020

09:15 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: Gavin Stewart wrote:
> This is confirmed.
>
> I am able to replicate the failure in a test VM, using my instructi... Gavin Stewart
08:18 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: Donn Lasher wrote:
> Same problem here - 2.4.5-RELEASE (amd64)
This is confirmed.
I am able to replicate the f... Gavin Stewart
08:43 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: I disabled IPv6 from the WAN interface as I don't use it anyways.
Now I get this in the logs:
Seems possibly r... Marc J
03:45 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: I don't have two identical consoles with identical online games to test, but just testing with a upnp client I see th... Jim Pingle
02:54 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: According to one of our other developers, the @(name)@ syntax is resolved by pfctl so it isn't in the API. It uses @i... Jim Pingle
02:22 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: I don't know how that might be expressed in the ioctl/API, unfortunately. I've posed the question to some of our othe... Jim Pingle
04:38 PM Revision c7df496c: Adjusted freedns v2 API var name to be more readable: Ricky Burgin
02:44 PM Revision f9981994: Include platform name in update check JSON: Steve Beaver
02:33 PM Revision 12a3708e: Include platform name in update check JSON: Steve Beaver
02:00 PM Revision e07f6851: NAT Reflection timeout set fix. Issue #10591: (cherry picked from commit b8d9968cf44bc171c0b3eb020a72589d6c85d94e) Viktor Gurov
02:00 PM Revision bfa5b809: Merge pull request #4333 from vktg/reflectiontimeoutfix: Renato Botelho
01:51 PM pfSense Packages Feature #10618 (Pull Request Review): Set sysDescr the same as bsnmpd unless overriden with net-snmp: Jim Pingle
11:59 AM pfSense Packages Feature #10618 (Resolved): Set sysDescr the same as bsnmpd unless overriden with net-snmp: The current behaviour breaks detection with SNMP NMS' where it will show as a generic FreeBSD box.
https://github.... Ben Hughes
01:49 PM pfSense Packages Feature #10619 (Pull Request Review): Various FRR enhancements: Jim Pingle
12:01 PM pfSense Packages Feature #10619: Various FRR enhancements: Github PR: https://github.com/pfsense/FreeBSD-ports/pull/869 Ben Hughes
12:00 PM pfSense Packages Feature #10619 (Resolved): Various FRR enhancements: Started off tidying up the BFD integrating in #835 and found a few other things to tidy up.
1. Extend #10441 to be... Ben Hughes
01:41 PM pfSense Docs Correction #10593 (Closed): Feedback on Third Party Software and pfSense — Configure BIND as an RFC 2136 Dynamic DNS Server: Thanks! This has been merged. Jared Dillard
11:38 AM Revision 49d54787: Add support for freeDNS DynDNS v2 API refs #10617: Ricky Burgin
10:02 AM Bug #10613 (Pull Request Review): cleanup status_queues.php code: Jim Pingle
10:01 AM pfSense Packages Bug #10146 (Pull Request Review): squid4 obsolete options: Jim Pingle
09:58 AM pfSense Packages Bug #5168 (Pull Request Review): squid doesn't function during/after HA failover: Jim Pingle
09:57 AM Bug #9641 (Pull Request Review): Dynamic DNS cannot update AAAA records on 6rd tunnel interfaces bound to PPPoE interfaces: Jim Pingle
09:01 AM Bug #10591 (Feedback): Cannot set a value for NAT Reflection timeout: PR has been merged. Thanks! Renato Botelho
06:40 AM Feature #10617: freeDNS Dynamic DNS API v2 Support: Github PR URL: https://github.com/pfsense/pfsense/pull/4344 Ricky Burgin
06:31 AM Feature #10617 (Resolved): freeDNS Dynamic DNS API v2 Support: This adds support for freeDNS (afraid.org)'s DynDNS service's more recent API version, which hosts a IPv6 only endpoi... Ricky Burgin
06:31 AM Bug #10614: Unable to update packages due to missing/invalid certs: hi everyone,
first off all you need open this file /usr/local/share/cert/ca-root-nss.txt
and you need the delet... sezer h
06:30 AM Bug #10616: Out of date CA root store - FreeDNS (DynDNS) not working anymore: hi everyone,
first off all you need open this file /usr/local/share/cert/ca-root-nss.txt
and you need the dele... sezer h

05/31/2020

09:47 PM pfSense Docs New Content #10311: Default net.link.ifqmaxlen value leads to packet loss under load in OpenVPN: Tried simple setup of PFSense 2.4.5 (without bridges, just TUN adapter) on VPS server.
Same effect - 20-30 mbit O... Alexey Ab
03:33 PM Bug #10616 (Rejected): Out of date CA root store - FreeDNS (DynDNS) not working anymore: This is not a bug in the pfSense firewall software. The FreeDNS https server is misconfigured and is offering an expi... Chris Linstruth
01:09 PM Bug #10616: Out of date CA root store - FreeDNS (DynDNS) not working anymore: Same Problem for pfBlockerNG, while updating Blocking Lists:
@[ EasyList ] Downloading update . cURL Error: 60
... Johannes Wanink
12:14 PM Bug #10616 (Rejected): Out of date CA root store - FreeDNS (DynDNS) not working anymore: DynDNS FreeDNS is not working anymore. I get the following errors in the logs:
@Curl error occurred: SSL certifica... Johannes Wanink

05/30/2020

03:50 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: Same problem here - 2.4.5-RELEASE (amd64)... Donn Lasher
02:06 PM Revision b362e8c2: Cleanup status_queues.php code. Issue #10613: Viktor Gurov
12:26 PM Bug #10614 (Resolved): Unable to update packages due to missing/invalid certs: This was a server side issue and has been resolved. Jim Pingle
09:20 AM Bug #10614 (Resolved): Unable to update packages due to missing/invalid certs: Fresh pfSense 2.4.5-RELEASE installation. The package manager in the web interface states "Unable to retrieve packag... alzee bum
11:12 AM Feature #10615 (Closed): Allow to load kernel from previous release: It would be nice to add /boot/kernel.prev to enable kernel boot from a previous release for emergency/testing cases.
... Viktor Gurov
09:07 AM Bug #10613: cleanup status_queues.php code: https://github.com/pfsense/pfsense/pull/4343 Viktor Gurov
09:06 AM Bug #10613 (Resolved): cleanup status_queues.php code: remove old/unused code from status_queues.php
see
https://github.com/pfsense/pfsense/pull/4330#pullrequestreview-... Viktor Gurov
08:47 AM pfSense Packages Bug #10146: squid4 obsolete options: https://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit#Troubleshooting:
_NO_SSLv2 is relevant only fo... Viktor Gurov
06:43 AM pfSense Packages Bug #5168: squid doesn't function during/after HA failover: https://github.com/pfsense/FreeBSD-ports/pull/867
This is mainly for Transparent mode and IPv6 squid configuration... Viktor Gurov
06:11 AM Revision 30466aef: Allow to use 6RD/6to4 interfaces for DynDNS. Fixes #9641: Viktor Gurov
01:16 AM Bug #9641: Dynamic DNS cannot update AAAA records on 6rd tunnel interfaces bound to PPPoE interfaces: Fix:
https://github.com/pfsense/pfsense/pull/4342 Viktor Gurov

05/29/2020

11:31 PM pfSense Packages Feature #10612 (Resolved): Add pfSense package for Zeek (formerly Bro) Network Security Monitor: PR: https://github.com/pfsense/FreeBSD-ports/pull/866 Prosper Doko
09:24 PM Feature #2983: DHCPD: Add vendor-class-identifier and MAC-OIDs: I second the need for this feature. Ben Tyger
08:22 PM Revision fb477a9d: Fixed whitespace issues as requested by jim-p in the review.: Csoban Kesmarki
05:38 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: I don't know the equivalent of using '(re0)' with the ioctl() API. any pointer will be appreciated.
could you plea... Thomas BERNARD
01:34 PM Revision bae04c37: Floating rules 6RD and 6to4 interface. Fixes #7142: Viktor Gurov
01:00 PM pfSense Packages Bug #10611 (Resolved): FRR applies file permissions to missing files: When FRR starts it tries to apply file permissions to all the conf files for it's daemons. Including those that are n... Steve Wheeler
12:41 PM Bug #10610 (Resolved): Package upgrade or reinstall hangs indefintely on the console: Installing or upgrading FRR from the CLI hangs indefinitely when FRR is enabled and configured.
At some point duri... Jim Pingle
11:49 AM pfSense Packages Bug #10444 (Resolved): FRR will not start in 2.4.5 aarch64: Same here on SG-1100, services start and I am seeing neighbors and routes exchanged. Jim Pingle
11:47 AM pfSense Packages Bug #10444: FRR will not start in 2.4.5 aarch64: This looks good in 0.6.5. Service starts as expected.
Tested an SG-1100 running 2.4.5p1. Steve Wheeler
10:37 AM pfSense Packages Bug #10444: FRR will not start in 2.4.5 aarch64: Please re-test with pfSense-pkg-frr 0.6.5 / frr7-7.3.1 to make sure problem persists Renato Botelho
11:06 AM pfSense Packages Bug #10573 (Resolved): Netgate_Coreboot_Upgrade cannot write to flash in 2.4.5: Jim Pingle
11:04 AM pfSense Packages Bug #10573: Netgate_Coreboot_Upgrade cannot write to flash in 2.4.5: This works correctly in the 0.28 package.
Tested on an SG-4860 in a 2.4.5p1 snapshot.
!Selection_849.png!
Steve Wheeler
10:50 AM Bug #7142: IPv6: Floating rules on 6rd enabled WAN interfaces doesn't get bound to wan_stf: Viktor Gurov wrote:
> Fix:
> https://github.com/pfsense/pfsense/pull/4341
Wow.. two 6rd fixes in two days, you'r... Kewin Christensen
08:54 AM Bug #7142 (Pull Request Review): IPv6: Floating rules on 6rd enabled WAN interfaces doesn't get bound to wan_stf: Jim Pingle
08:37 AM Bug #7142: IPv6: Floating rules on 6rd enabled WAN interfaces doesn't get bound to wan_stf: Fix:
https://github.com/pfsense/pfsense/pull/4341 Viktor Gurov
10:26 AM Revision 5fff62d9: Do not halt on configuration file not found error. Implements #10556: Viktor Gurov
10:25 AM Bug #10351 (Resolved): Saving IPSEC connection breaks FRR BGP on VTI interfaces: This appears to be doing as much as it can. There may be other similar/related issues but this specific case appears ... Jim Pingle
10:19 AM Bug #9634 (Resolved): rc.newwanipv6 is called although dhcp6c should discard Request messages: Confirmed as resolved Jim Pingle
07:13 AM Bug #9634: rc.newwanipv6 is called although dhcp6c should discard Request messages: Daryl Morse wrote:
> Jim Pingle wrote:
> > By taking action we aren't technically discarding the message. It should... Jim Pingle
10:03 AM Todo #10609 (Resolved): Fix for CVE-2020-12762 (CVSS 3: 7.8) - json-c integer overflow and out-of-bounds write: New version is present in the staging repo. Jim Pingle
08:20 AM Todo #10609 (Feedback): Fix for CVE-2020-12762 (CVSS 3: 7.8) - json-c integer overflow and out-of-bounds write: Version 0.14 cherry-picked Renato Botelho
06:37 AM Todo #10609 (Resolved): Fix for CVE-2020-12762 (CVSS 3: 7.8) - json-c integer overflow and out-of-bounds write: Running "pkg audit -F" on a 2.4.5-RELEASE box yields:
Fetching vuln.xml.bz2: 100% 853 KiB 873.2kB/s 00:01
... e 1/1
06:28 AM Revision 4fa69727: 6RD and 6to4 interface MTU set fix. Issue #6377: Viktor Gurov
05:07 AM pfSense Packages Bug #10502: LLDP spamming errors on Netgate XG-7100: So maybe we can track this issue https://github.com/vincentbernat/lldpd/issues/394 and till it (or if it will not) fi... DRago_Angel [InV@DER]
04:53 AM pfSense Packages Bug #10502: LLDP spamming errors on Netgate XG-7100: DRago_Angel [InV@DER] wrote:
> Additionally LLDPd with active NDP (enabled and forced) throw errors if chosen interf... Viktor Gurov
04:27 AM Bug #9471: GIF tunnel not added to interface group after reboot: no such issue on 2.4.5-p1,
I added the GIF, GRE, VTI, and OPT1 interface to the group of interfaces and can see them... Viktor Gurov
02:43 AM Bug #10317 (Resolved): SMTP notifications validating SSL when option disabled: works as expected on 2.4.5-p1 - no SSL errors if 'Validate SSL/TLS' checkbox is not set Viktor Gurov
12:43 AM pfSense Packages Bug #10608 (Closed): Update squid port to 4.11-p2: Current pfSense ports squid version 4.10 contains a bug that may cause a crash when users navigate the Internet,
See... Viktor Gurov

05/28/2020

11:43 PM Bug #9634: rc.newwanipv6 is called although dhcp6c should discard Request messages: Jim Pingle wrote:
> Daryl Morse wrote:
> > Jim Pingle wrote:
> > > The intent of the patch was to not run rc.newwa... Daryl Morse
07:59 PM Bug #9634: rc.newwanipv6 is called although dhcp6c should discard Request messages: Daryl Morse wrote:
> Jim Pingle wrote:
> > The intent of the patch was to not run rc.newwanipv6 and the "without RA... Jim Pingle
07:21 PM Bug #9634: rc.newwanipv6 is called although dhcp6c should discard Request messages: Jim Pingle wrote:
> The intent of the patch was to not run rc.newwanipv6 and the "without RA" path wasn't doing that... Daryl Morse
06:10 PM Revision e2119c73: Correct selectors for remote auth logs. Fixes #10607: Jim Pingle
06:09 PM Revision c472f9a1: Reindex users before performing XMLRPC auth. Fixes #10585: The users may have changed between XMLRPC calls, so take that into
account. Jim Pingle
01:49 PM Bug #10607: Remote syslog for "General Authentication Events" using wrong selectors: Sounds great, thanks! And appreciate all the help!
Russell Morris
01:38 PM Bug #10607: Remote syslog for "General Authentication Events" using wrong selectors: It will be in the next 2.5.0 snapshot that includes it, so as soon as the build happens, likely later today. Jim Pingle
01:22 PM Bug #10607: Remote syslog for "General Authentication Events" using wrong selectors: Thanks! Sorry, but a dumb question ... how to know when this will show up in an "official" build (to install, and con... Russell Morris
01:20 PM Bug #10607 (Feedback): Remote syslog for "General Authentication Events" using wrong selectors: Applied in changeset commit:e2119c732291143e0e0eff4f2aa1be70554b6315. Jim Pingle
01:08 PM Bug #10607 (Resolved): Remote syslog for "General Authentication Events" using wrong selectors: When "General Authentication Events" is selected, the remote syslog line uses "*.*" and not "auth.*;authpriv.*". This... Jim Pingle
01:15 PM Bug #10585 (Feedback): auth.inc: Exception calling XMLRPC method restore_config_section #-1 : Authentication failed: Invalid username or password: Applied in changeset commit:c472f9a103be09a023141207ed2d2dc94dd3002e. Jim Pingle
01:12 PM Bug #10588: syslog (remote) receiving DHCP logging, even when disabled: NP, thanks!
Russell Morris
01:11 PM Bug #10588: syslog (remote) receiving DHCP logging, even when disabled: OK, I was able to reproduce the problem with the auth log, I moved it over to #10607 -- it may be what caused the pro... Jim Pingle
12:58 PM Feature #6377 (Pull Request Review): 6rd ipv6 tunnel: MTU settings not editable and not correlated to interface MTU (hardcoded to 1280): Jim Pingle
11:01 AM Feature #6377: 6rd ipv6 tunnel: MTU settings not editable and not correlated to interface MTU (hardcoded to 1280): https://github.com/pfsense/pfsense/pull/4340 Viktor Gurov
10:06 AM pfSense Packages Bug #10606: Snort Inline stopped working after upgrade to FreeBSD 12.1 (network traffic blocked after heavy load randomly): You might post on the IDS/IPS category of the forum to catch the snort developer's attention there. Similar issues ha... Jim Pingle
10:02 AM pfSense Packages Bug #10606 (New): Snort Inline stopped working after upgrade to FreeBSD 12.1 (network traffic blocked after heavy load randomly): Snort Inline stopped working after upgrade to FreeBSD 12.1 (network traffic blocked after heavy load randomly).
Ne... David Rupprechter
10:01 AM pfSense Packages Feature #10605 (Resolved): Add certificates from Trusted Store to Squid cert store: PfSense 2.5 has the 'add to Trust Store' feature #4068, which allows you to add pfSense certificates to /etc/ssl/cert... Viktor Gurov
08:49 AM Feature #10603 (Pull Request Review): Handle -c commands with arguments in rc.initial: Jim Pingle
08:47 AM pfSense Docs Correction #10604 (Resolved): Feedback on System Monitoring — Monitoring Bandwidth Usage: PR merged Jim Pingle
12:57 AM pfSense Docs Correction #10604: Feedback on System Monitoring — Monitoring Bandwidth Usage: fix:
https://github.com/pfsense/docs/pull/130 Viktor Gurov
08:46 AM pfSense Docs Correction #10598 (Resolved): Feedback on Cellular Wireless — Known Working 3G-4G Modems: PR merged Jim Pingle
08:13 AM Bug #9246 (Closed): dhcp configuration v4/v6 ignores VLAN priority configuration: This is correct behavior,
see https://redmine.pfsense.org/issues/7425#note-21:
Bob Gray wrote:
> In 2.4.4-RELEA... Viktor Gurov
06:46 AM Revision 71465708: Setting host-uniq for PPPoE. Implements #10597: Viktor Gurov
04:44 AM Bug #6579 (Resolved): IPv6 CARP VIPs lost upon config sync where they include non-significant zeros: works as expected on 2.4.5-p1 HA pair,
I can set fc00:3::512/64, fc00:003::512/64, fc00:0003::0512/64, etc. CARP VIP... Viktor Gurov
04:40 AM Bug #3896 (Resolved): ipv6 pppoe ISP with static adress: Resolved in #7598 Viktor Gurov
04:34 AM Bug #7822 (Closed): pppoe gui ivp6 set to none still enables in conf: Duplicate of #7386 Viktor Gurov
01:55 AM Feature #7618: Add support for user-supplied Host-Uniq tag and handle PADM messages in Netgraph PPPoE: > We’ll pull the support for this in as soon as FreeBSD accepts it. (It’s too big to carry.)
Accepted: https://githu... Viktor Gurov
01:07 AM Revision 0cf9ffc2: rc.initial: handle -c command with arguments: before this change rc.initial only passes the first -c parameter.
instead passing every parameter allows you to run c... Emanuel Rietveld

05/27/2020

08:14 PM Feature #10603: Handle -c commands with arguments in rc.initial: Pull request submitted https://github.com/pfsense/pfsense/pull/4339 Emanuel Rietveld
08:10 PM Feature #10603: Handle -c commands with arguments in rc.initial: Patch attached. Emanuel Rietveld
08:05 PM Feature #10603 (Resolved): Handle -c commands with arguments in rc.initial: Following #4422 rc.initial now handles a -c parameter consisting of a single command with no arguments.
With this ... Emanuel Rietveld
08:11 PM pfSense Docs Correction #10604 (Resolved): Feedback on System Monitoring — Monitoring Bandwidth Usage: *Page:* https://docs.netgate.com/pfsense/en/latest/monitoring/monitoring-bandwidth-usage.html
*Feedback:*
ntopng ... Paighton Bisconer
07:44 PM pfSense Packages Bug #10602 (Resolved): Dashboard->Traffic Graphs bandwidth designations on hover pop-ups: The scales are reporting Mbytes/sec but the pop-up is using the Mbits/sec designation: Mb/s. Needs to be corrected ... Randall Barth
07:42 PM pfSense Packages Bug #10601 (New): Dashboard->Traffic Graphs Scale is capped for outbound: The WAN out and LAN in scales are capped at 1 Mbyte/sec. They should adjust scale range as do the WAN in and LAN out. Randall Barth
03:32 PM Bug #10430: Captive Portal shows 404 post login after upgrade to 2.4.5: "After authentication Redirection URL" works for me when I have the client load the portal login page and login. Afte... Jim Pingle
12:15 PM Bug #10430: Captive Portal shows 404 post login after upgrade to 2.4.5: Hi, Jim, I can confirm that something must have changed, possibly during the upgrade, between the two settings "Pre-a... simon lock
03:13 PM Feature #10556 (Pull Request Review): Change action on 'XML configuration file not found' error: Jim Pingle
08:55 AM Feature #10556: Change action on 'XML configuration file not found' error: With this PR it goes forward and shows a console menu that allow you to make a factory reset for example:
https://gi... Viktor Gurov
03:08 PM pfSense Packages Feature #10600: Add support for pfBlockerNG "Action list" feature: It would be cool if you add both flows. Thank you guys. And about HAproxy Reload Integration it better to be done as ... DRago_Angel [InV@DER]
03:04 PM pfSense Packages Feature #10600 (New): Add support for pfBlockerNG "Action list" feature: Some other plugins that can use pfBlockerNG native aliases can need additional reload/restart action to load new IPs ... DRago_Angel [InV@DER]
03:03 PM Feature #10597 (Pull Request Review): Setting host-uniq for PPPoE: Jim Pingle
04:18 AM Feature #10597: Setting host-uniq for PPPoE: https://github.com/pfsense/pfsense/pull/4337 Viktor Gurov
01:27 AM Feature #10597 (Resolved): Setting host-uniq for PPPoE: https://forum.netgate.com/topic/153911/setting-host-uniq-for-pppoe:
"My ISP uses the host-uniq part of the PPPoE PAD... Viktor Gurov
02:48 PM pfSense Packages Feature #9793 (Pull Request Review): Add support for HAProxy ACLs "src -f /ipalias.lst" to use pfBlockerNG IP Alias Native: Jim Pingle
01:24 PM pfSense Packages Feature #9793: Add support for HAProxy ACLs "src -f /ipalias.lst" to use pfBlockerNG IP Alias Native: Ok, thanks DRago_Angel [InV@DER]
12:15 PM pfSense Packages Feature #9793: Add support for HAProxy ACLs "src -f /ipalias.lst" to use pfBlockerNG IP Alias Native: it would be nice to use "hitless-reloads" with 'action list'
Please create a new redmine issue for this
Viktor Gurov
11:43 AM pfSense Packages Feature #9793: Add support for HAProxy ACLs "src -f /ipalias.lst" to use pfBlockerNG IP Alias Native: Tested this patch, it works as expected, thanks!
Could you please advice what the best|correct way(command) to recre... DRago_Angel [InV@DER]
11:24 AM pfSense Packages Feature #9793: Add support for HAProxy ACLs "src -f /ipalias.lst" to use pfBlockerNG IP Alias Native: Yep, this fine. And yes, I understand what this commit adds, thanks =)
Will try to test it now. DRago_Angel [InV@DER]
11:04 AM pfSense Packages Feature #9793: Add support for HAProxy ACLs "src -f /ipalias.lst" to use pfBlockerNG IP Alias Native: This PR adds support for the URL Table alias type, and it can be not only the pfBlockerNG URL, but also a list on you... Viktor Gurov
10:39 AM pfSense Packages Feature #9793: Add support for HAProxy ACLs "src -f /ipalias.lst" to use pfBlockerNG IP Alias Native: Hi Viktor,
I speak with @bbcan177 about this initially and tested changing files on filesystem. Reloading of SrcIPs ... DRago_Angel [InV@DER]
03:30 AM pfSense Packages Feature #9793: Add support for HAProxy ACLs "src -f /ipalias.lst" to use pfBlockerNG IP Alias Native: Allows to use URL Table type alias:
https://github.com/pfsense/FreeBSD-ports/pull/865 Viktor Gurov
02:44 PM Bug #9450 (Pull Request Review): Multiwan gateway group fail-over not working as expected (possible race condition): Proposed fix PR: https://github.com/pfsense/pfsense/pull/4336 Jim Pingle
02:44 PM Bug #10546 (Pull Request Review): Gateways removed from routing groups based on low alert thresholds: Proposed fix PR: https://github.com/pfsense/pfsense/pull/4336 Jim Pingle
01:34 PM pfSense Packages Feature #10599 (Rejected): Add support for hitless-reloads of HAproxy config: HAproxy allows reload configs without restart of service via socket command: https://www.haproxy.com/blog/hitless-rel... DRago_Angel [InV@DER]
01:33 PM Revision 658b4b7f: Do not halt on configuration file not found error. Implements #10556: Viktor Gurov
06:13 AM Bug #9643: Limiters do not function properly on 2.5 snapshots: not working for me either
2.5.0.a.20200522.0732
I need to disable the floating rule to make internet work again Manuel Piovan
02:01 AM pfSense Docs Correction #10598: Feedback on Cellular Wireless — Known Working 3G-4G Modems: https://github.com/pfsense/docs/pull/129 Viktor Gurov
01:51 AM pfSense Docs Correction #10598 (Resolved): Feedback on Cellular Wireless — Known Working 3G-4G Modems: *Page:* https://docs.netgate.com/pfsense/en/latest/cellular/known-working-3g-4g-modems.html
*Feedback:*
add Sie... Viktor Gurov

05/26/2020

10:04 PM Bug #10588: syslog (remote) receiving DHCP logging, even when disabled: OK, never mind on 2) ... I think ... LOL. I believe that's my mis-read of the logic in the configuration file. But I ... Russell Morris
09:40 PM Bug #10588: syslog (remote) receiving DHCP logging, even when disabled: Posted the question to the forum, like you suggested - let's see if anyone has seen similar issues. But also, doing s... Russell Morris
08:47 PM Bug #10588: syslog (remote) receiving DHCP logging, even when disabled: Hi,
BTW, I just stumbled on to the fact that pfSense seems to be sending duplicate remote syslog messages for all ... Russell Morris
08:21 AM Bug #10588: syslog (remote) receiving DHCP logging, even when disabled: OK, will do. And the comment about the *.* was just my thinking ... :-). It still holds that the button is deselected... Russell Morris
08:12 AM Bug #10588 (Not a Bug): syslog (remote) receiving DHCP logging, even when disabled: The "*.*" lines are fine as they are filtered on the process name from the line(s) above them ("!name").
There isn... Jim Pingle
06:38 PM Revision 40ce94b4: Status / Queues root queue bandwidth calculation fix. Issue #3381: Viktor Gurov
06:35 PM Revision b85557f4: DynDNS with gateway group restart on failover event. Issue #9435: Viktor Gurov
04:50 PM Bug #10586: IPv6 interfaces seem to have hardcoded Link Local Address: It seemed that Issue 9998 was just changing the method of hard coding to an alias. At least that is what the fix see... Rick Coats
07:50 AM Bug #10586 (Duplicate): IPv6 interfaces seem to have hardcoded Link Local Address: This is already being discussed on #9998 Jim Pingle
02:51 PM Revision a3021603: Add REQUEST back to dhcp6c without RA path. Issue #9634: (cherry picked from commit 19fe32b0fe32faf290ea2b74c005c165579277bf) Jim Pingle
02:50 PM Revision 19fe32b0: Add REQUEST back to dhcp6c without RA path. Issue #9634: Jim Pingle
01:52 PM pfSense Docs Correction #10593: Feedback on Third Party Software and pfSense — Configure BIND as an RFC 2136 Dynamic DNS Server: https://ftp.isc.org/isc/bind9/cur/9.16/CHANGES:... Viktor Gurov
12:59 PM Bug #10383: Additional interfaces do not survive a reboot before the setup wizard has been run: This also happens if you restore a config from the CLI after defaulting. To regain access via other interfaces for ex... Steve Wheeler
10:16 AM Bug #10585: auth.inc: Exception calling XMLRPC method restore_config_section #-1 : Authentication failed: Invalid username or password: > - In the previous code the global variable $debug, is not used and it could disappear.
It may not be used direct... Jim Pingle
09:54 AM Bug #9634 (New): rc.newwanipv6 is called although dhcp6c should discard Request messages: The intent of the patch was to not run rc.newwanipv6 and the "without RA" path wasn't doing that, it was running rtso... Jim Pingle
09:44 AM Bug #9634: rc.newwanipv6 is called although dhcp6c should discard Request messages: The patch is to adhere to the standard: DHCPv6 "clients MUST discard any received Request messages". If fixing that r... Karl Klempner
09:43 AM Bug #10595 (Rejected): RADIUS authentication server incorrectly processing "Accept" messages: I can't reproduce this here. There must be some other factor about your configuration or environment causing the pack... Jim Pingle
09:39 AM Bug #10594 (Pull Request Review): add QLogic 10 Gigabit Ethernet driver (qlxgb) to the ALTQ-capable list: Jim Pingle
09:39 AM Bug #10592 (Pull Request Review): DigitalOcean DNS update adds new DNS record instead of update: Jim Pingle
09:35 AM pfSense Docs Correction #9651 (Resolved): Feedback on Services — DHCP — Configuring the DHCPv6 Server: PR Merged Jim Pingle
09:34 AM pfSense Docs Correction #10262 (Resolved): Feedback on High Availability — Configuring High Availability: PR Merged Jim Pingle
09:31 AM Bug #10591 (Pull Request Review): Cannot set a value for NAT Reflection timeout: Jim Pingle
09:30 AM Bug #9435 (Pull Request Review): Dynamic DNS Update events do not occur after certain failover event cases: Jim Pingle
09:26 AM Bug #10589 (Pull Request Review): interfaces_staticarp_configure() doesnt need to disable staticarp on boot: Jim Pingle
08:21 AM Bug #3381 (Pull Request Review): LAN interface root Queue Bandwidth calculation is exactly double the total of the other child queues: Jim Pingle
08:15 AM Bug #3488 (Pull Request Review): Deleting an interface doesn't delete associated shaper queues: Jim Pingle
08:13 AM Feature #885 (Pull Request Review): Show gateway/group IPs on mouseover: Jim Pingle
07:59 AM Bug #3924 (Pull Request Review): Renaming limiters removes them from firewall rules: Jim Pingle
07:57 AM Bug #1353 (Pull Request Review): Number of queues possible: Jim Pingle

05/25/2020

11:37 PM Bug #9634: rc.newwanipv6 is called although dhcp6c should discard Request messages: The description says, "pfsense sends DHCPv6 Request messsages to ff02::1:2 on its WAN interface at an interval of abo... Daryl Morse
09:58 PM Revision b117552c: Update system_advanced_notifications.php: John Kap
08:31 PM Revision a036763d: Add qlxgb to ALTQ-capable list. Issue #10594: Viktor Gurov
06:44 PM Bug #10595 (Rejected): RADIUS authentication server incorrectly processing "Accept" messages: The internal RADIUS authentication mechanism is failing to acknowledge received "Accept" messages from a RADIUS serve... Nathan Dragun
04:41 PM Revision d5e1cbd6: Redmine Issue: https://redmine.pfsense.org/issues/10592: Csoban Kesmarki
03:56 PM pfSense Packages Bug #10476 (Resolved): Services - Acme - Certificates using loopia API: resolved in the latest acme pkg 0.6.8:... Viktor Gurov
03:32 PM Bug #10594: add QLogic 10 Gigabit Ethernet driver (qlxgb) to the ALTQ-capable list: https://github.com/pfsense/pfsense/pull/4335 Viktor Gurov
03:28 PM Bug #10594 (Resolved): add QLogic 10 Gigabit Ethernet driver (qlxgb) to the ALTQ-capable list: according to:
https://www.freebsd.org/cgi/man.cgi?query=altq&apropos=0&sektion=4&manpath=FreeBSD+11.3-RELEASE&arch=d... Viktor Gurov
03:19 PM Bug #8545: LACP can't be established on QLogic NetXtreme II BCM57810 NICs: see #8324 and https://redmine.pfsense.org/issues/8324
Viktor Gurov
03:19 PM Bug #8324: bxe cards require promisc for OSPF: same issue with LACP - #8545
see https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=213606 Viktor Gurov
01:01 PM pfSense Docs Correction #10593 (Closed): Feedback on Third Party Software and pfSense — Configure BIND as an RFC 2136 Dynamic DNS Server: *Page:* https://docs.netgate.com/pfsense/en/latest/book/thirdparty/configure-bind-for-rfc2136.html
*Feedback:*
... Viktor Gurov
12:46 PM Bug #10592: DigitalOcean DNS update adds new DNS record instead of update: Fix tested on pfSense 2.4.5 with successfully working on IPv4 and IPv6 NS records. Csoban Kesmarki
11:46 AM Bug #10592: DigitalOcean DNS update adds new DNS record instead of update: Draft pull request created to resolve this: https://github.com/pfsense/pfsense/pull/4334
Testing in live pfsense 2.4.5. Csoban Kesmarki
11:38 AM Bug #10592 (Resolved): DigitalOcean DNS update adds new DNS record instead of update: The DigitalOcean API lists NS records in pages, 20 per page.
The pfSense Dynamic DNS update only downloads the first... Csoban Kesmarki
12:11 PM Feature #10412: DHCPv6 Static Entries are not updated on external DDNS server: Side note: I'm using this modified configuration on my 2.4.5 as a patch since 4/02/2020 and updates my bind9 with all... Csoban Kesmarki
12:09 PM Bug #10390: Fix DigitalOcean Dynamic DNS client for IPv6: A note for testing: I'm using this modified code on my 2.4.5 as a patch since 3/29/2020 without any issue. Csoban Kesmarki
10:20 AM Bug #10591: Cannot set a value for NAT Reflection timeout: Move to 2.5.0 Renato Botelho
04:22 AM pfSense Docs Correction #9651: Feedback on Services — DHCP — Configuring the DHCPv6 Server: https://github.com/pfsense/docs/pull/128 Viktor Gurov
01:54 AM pfSense Docs Correction #10262: Feedback on High Availability — Configuring High Availability: https://github.com/pfsense/docs/pull/127 Viktor Gurov
01:47 AM pfSense Docs Correction #10567: Feedback on Cellular Wireless — Known Working 3G-4G Modems: https://github.com/pfsense/docs/pull/126 Viktor Gurov

05/24/2020

08:45 PM Revision b8d9968c: NAT Reflection timeout set fix. Issue #10591: Viktor Gurov
03:46 PM Bug #10591: Cannot set a value for NAT Reflection timeout: fix:
https://github.com/pfsense/pfsense/pull/4333 Viktor Gurov
11:41 AM Bug #10591 (Resolved): Cannot set a value for NAT Reflection timeout: It's not possible to set a value for 'Reflection Timeout' in the Network Address Translation section of System > Adva... Steve Wheeler
02:44 PM pfSense Packages Bug #10502: LLDP spamming errors on Netgate XG-7100: Additionally LLDPd with active NDP (enabled and forced) throw errors if chosen interfaces are parent or child of VLAN... DRago_Angel [InV@DER]
04:27 AM pfSense Packages Bug #10502: LLDP spamming errors on Netgate XG-7100: From github:
Sorry for late reply,
Yep, I have lagg on SPF+ ix0 & ix1 for reductant connection.
In the UI I select... DRago_Angel [InV@DER]
02:14 PM Bug #9435: Dynamic DNS Update events do not occur after certain failover event cases: https://github.com/pfsense/pfsense/pull/4332 Viktor Gurov
01:49 PM Revision 402012d9: Limiters/queues rename/delete fix. Issue #3924: Viktor Gurov
11:19 AM Bug #7915: CBQ Child queue set bandwidth does not apply correctly: see https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=155736:
_Unfortunately it seems that borrowing does not work w... Viktor Gurov
11:16 AM Bug #6431 (Resolved): Cannot set queue bandwidth (CBQ): pfSense 2.4.5 has the "Bandwidth" field and the "Borrow from other queues when available" checkbox Viktor Gurov
10:35 AM Bug #10589: interfaces_staticarp_configure() doesnt need to disable staticarp on boot: Link to Pull Request: https://github.com/pfsense/pfsense/pull/4331 Jonas Christoffersen
10:10 AM Bug #10589 (Resolved): interfaces_staticarp_configure() doesnt need to disable staticarp on boot: When interfaces are created staticarp is not enabled on them.
Therefore we dont need to disable staticarp on an inte... Jonas Christoffersen
10:16 AM pfSense Packages Bug #10590 (Closed): pfBlockerNG: Invalid argument supplied for foreach(): Dear
I received this crash report today on my router. Maybe this should be checked.... Kevin Holvoet
08:40 AM Bug #3381: LAN interface root Queue Bandwidth calculation is exactly double the total of the other child queues: Ignat Esso wrote:
> Further to this, the " Borrow from other queues when available" doesn't work when you go 1 level... Viktor Gurov
12:29 AM Bug #3488: Deleting an interface doesn't delete associated shaper queues: should be fixed by https://github.com/pfsense/pfsense/pull/4328 Viktor Gurov

05/23/2020

05:17 PM Revision ad4021d6: Show gateway/group IPs on mouseover. Implements #885: Viktor Gurov
12:18 PM Feature #885: Show gateway/group IPs on mouseover: https://github.com/pfsense/pfsense/pull/4329 Viktor Gurov
12:00 PM Bug #10588 (Not a Bug): syslog (remote) receiving DHCP logging, even when disabled: Hi,
I have DHCP logging disabled (for remote), and not "Everything" selected - yet my remote logs are getting a lo... Russell Morris
09:13 AM Bug #3924: Renaming limiters removes them from firewall rules: Thanks! I just did that to myself multiple times yesterday! Steve Russell
08:50 AM Bug #3924: Renaming limiters removes them from firewall rules: https://github.com/pfsense/pfsense/pull/4328 Viktor Gurov
06:27 AM Bug #1353: Number of queues possible: PRIQ also doesn't allow the use of the same priority for more than one queue:... Viktor Gurov
05:12 AM pfSense Packages Feature #9315: Add Package: dnscrypt-proxy: And Nginx can be used as DoH server with common DNS server as upstream which can be localhost unbound server. One min... DRago_Angel [InV@DER]
02:09 AM Bug #8434 (Resolved): Chelsio T4/T5 CXGBE drivers not loaded as ALTq capable in the PfSense UI: cxl is in the altq capable list on 2.4.5 / 2.5:
https://github.com/pfsense/pfsense/blob/d2abe7c919eaf0c40b911278b96f... Viktor Gurov
01:00 AM Feature #10587 (Resolved): UPnP/NAT-PMP STUN configuration options: miniupnp allow to use external STUN server to learn WAN IP address in case of NAT 1:1,
this may be useful for double... Viktor Gurov

05/22/2020

09:06 PM Bug #9634: rc.newwanipv6 is called although dhcp6c should discard Request messages: Jim Pingle wrote:
> This appears to be working OK. The generated script matches the new code, and I no longer see an... Daryl Morse
05:06 PM Bug #10586 (Duplicate): IPv6 interfaces seem to have hardcoded Link Local Address: The link-local address of each non-WAN interface seems to be hard coded to fe80::1:1. This causes a problem when mul... Rick Coats
03:10 PM Bug #10373 (Resolved): Incorrect copyright year: Looks good on the parts relevant to 2.4.5-p1. Jim Pingle
02:04 PM Bug #10463 (Resolved): The ng_etf module is missing from base in armv6 and aarch64: aarch64 is also OK.... Jim Pingle
01:03 PM Bug #10463: The ng_etf module is missing from base in armv6 and aarch64: Module is in armv6 kernel now. Still need to check aarch64.... Jim Pingle
01:32 PM Bug #10585 (Resolved): auth.inc: Exception calling XMLRPC method restore_config_section #-1 : Authentication failed: Invalid username or password: Hi:
I opened a discussion on this problem in the forum:
https://forum.netgate.com/topic/152604/exception-calling... Abelardo Acosta Moyano
01:05 PM Bug #10584 (New): SG-3100 with M.2: shutdown instead of reboot: after installing pfSense 2.4.5 on M.2 drive, appliance goes to shutdown instead of reboot on '/sbin/reboot', '/sbin/s... Viktor Gurov
01:04 PM Bug #10420 (Resolved): Miscellaneous page with pre-existing RAM disks config can't be saved: Calculation is correct on 2.4.5-p1 internal testing snapshot. RAM disk space is accounted for properly and used space... Jim Pingle
12:56 PM Todo #10564 (Resolved): Update pkg to 1.13.x: System picked up pkg-1.13.2 during the upgrade, upgrade went fine, still works after. Seems OK to me. Can reopen if o... Jim Pingle
10:41 AM Todo #10564 (Feedback): Update pkg to 1.13.x: done Renato Botelho
12:45 PM Revision 65abee14: Welcome pfSense-2.4.5-RELEASE-p1: Renato Botelho
12:36 PM Bug #10414 (Resolved): Very high CPU usage of pfctl and more causing very high load and a hardly usable internet connection: Both Hyper-V and Proxmox look good on our internal testing snapshots. Both test systems have 4 CPUs. Same systems fro... Jim Pingle
12:08 PM pfSense Packages Bug #10573 (Feedback): Netgate_Coreboot_Upgrade cannot write to flash in 2.4.5: New flashrom fails with `-p internal:ich_spi_force=yes`. It should be fixed on version 0.28 Renato Botelho
10:14 AM pfSense Packages Feature #8727 (Pull Request Review): Clone button in cron pkg: Jim Pingle
09:11 AM pfSense Packages Feature #8727: Clone button in cron pkg: https://github.com/pfsense/FreeBSD-ports/pull/864 Viktor Gurov
10:12 AM Feature #1984 (Pull Request Review): Allow CP Voucher submission via URL so they can be distributed as QR code: Jim Pingle
08:03 AM Feature #1984: Allow CP Voucher submission via URL so they can be distributed as QR code: This PR allow the submission of voucher via such URL:... Viktor Gurov
09:59 AM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: Thomas BERNARD wrote:
> @jim
> you can already have a look at what I've done :
> https://github.com/miniupnp/miniu... Jim Pingle
09:54 AM Feature #2146 (Pull Request Review): Allow concurrent logins when using vouchers: We can try this but I seem to remember a problem with this in the past. If I recall correctly it was issues with how ... Jim Pingle
05:07 AM Feature #2146: Allow concurrent logins when using vouchers: https://github.com/pfsense/pfsense/pull/4325 Viktor Gurov
09:52 AM Feature #10583 (Pull Request Review): status.php: Add L2TP VPN configuration: Jim Pingle
03:41 AM Feature #10583: status.php: Add L2TP VPN configuration: https://github.com/pfsense/pfsense/pull/4324 Viktor Gurov
03:39 AM Feature #10583 (Resolved): status.php: Add L2TP VPN configuration: Add /var/etc/l2tp-vpn/mpd.conf with 'redacted' l2tp shared secret and radius secret Viktor Gurov
09:50 AM Bug #9437 (Pull Request Review): Captive Portal Bandwidth Limiter application issue (Credentials Vs. MacAddr Validation): Jim Pingle
12:10 AM Bug #9437: Captive Portal Bandwidth Limiter application issue (Credentials Vs. MacAddr Validation): see also #9311
fix:
https://github.com/pfsense/pfsense/pull/4322 Viktor Gurov
09:48 AM Bug #9933 (Pull Request Review): Captive Portal + Voucher not keeping auto-added "Pass-through MAC Auto Entry": Jim Pingle
09:45 AM Bug #9311 (Pull Request Review): Captive Portal continues to limit per-user bandwidth when not enabled: Jim Pingle
12:10 AM Bug #9311: Captive Portal continues to limit per-user bandwidth when not enabled: see also #9437 Viktor Gurov
09:45 AM Bug #3039 (Pull Request Review): New vouchers doesn't sync with CARP slave: Jim Pingle
09:43 AM Bug #10569 (Pull Request Review): Sanitize ACME passwords: Jim Pingle
09:37 AM pfSense Docs Correction #9305 (Resolved): Feedback on Virtual LANs (VLANs) — pfSense VLAN Configuration: PR Merged. Jim Pingle
09:37 AM pfSense Docs Correction #9637 (Resolved): Feedback on High Availability — Example Redundant Configuration: PR Merged. Jim Pingle
09:35 AM pfSense Packages Feature #9874 (Pull Request Review): safesearch enforcing: Jim Pingle
09:26 AM Feature #8952 (Resolved): Dynamic DNS Copy Button: works as expected
tested on 2.5.0.a.20200520.0846 Viktor Gurov
08:40 AM Revision ef1bc81d: status.php: Add L2TP VPN configuration. Implements #10583: Viktor Gurov
07:19 AM Feature #10321: URL/URL Table alias with IDN hostnames: this feature allows to use IDN hostnames in files pointed to by the URL/URL Table alias,
to use IDN hostnames in ali... Viktor Gurov
05:10 AM Feature #9432 (Closed): Block additional Captive Portal Logins: Duplicate of #2146
see https://github.com/pfsense/pfsense/pull/4325 Viktor Gurov
03:55 AM Bug #8092 (Resolved): Captive Portal Allowed MAC bandwidth changes: no such issue on 2.4.5 or 2.5
after changing the bandwidth, pipe successfully recreated with the new values
https... Viktor Gurov

05/21/2020

08:36 PM Feature #10581: Provide ability to disable nginx access logging to remote syslog server: And to try to help, make this easier if possible. Some info here,
https://forum.netgate.com/topic/153755/disable-ngi... Russell Morris
06:07 PM Revision aa63a2e2: Captive Portal keep Pass-through MAC Auto Entry. Issue #9933: Viktor Gurov
05:20 PM Revision d2abe7c9: Improve handling of an empty IPsec phase1 tag. Fixes #10580: Also fixes another PHP error after config upgrade which behaved in a
similar way. Jim Pingle
04:47 PM Revision 08d9f432: Fix #10525: Move locale directories to proper name: Renato Botelho
04:46 PM Revision 70b71447: Fix #10525: Move locale directories to proper name: Renato Botelho
04:23 PM pfSense Packages Bug #9139: telegraf: add ping for default gateway(s): The current ping plugin works well for pinging external IPs, but it would be really nice if the local gateway(s) were... Ryan Jaeb
04:21 PM Revision 183964bd: Captive Portal per-user bandwidth input validation fix. Issue #9311: Viktor Gurov
02:24 PM Feature #10321 (Resolved): URL/URL Table alias with IDN hostnames: IDN URL is accepted, though without a known file hosted on an IDN host it's difficult to confirm it works 100%. It wo... Jim Pingle
01:56 PM Bug #10346 (Resolved): DHCPv6 service Dynamic DNS errors: 1) The code now supports IPv6 addresses in the DNS server field(s).
2) The domain key is properly validated now
3) ... Jim Pingle
01:48 PM Feature #10412 (Resolved): DHCPv6 Static Entries are not updated on external DDNS server: Directive is present in the configuration, service runs without errors. Jim Pingle
01:37 PM Bug #8054 (Resolved): DHCP server accepts trailing dot in domain names, DNS resolver adds another and breaks: The trailing dot is no longer allowed in input on the fields in question which would result in an error. Jim Pingle
01:23 PM Bug #10540: is_process_running can generate error for empty process: Thanks for the fix. Orion Poplawski
01:20 PM Bug #10540 (Resolved): is_process_running can generate error for empty process: The pgrep error no longer appears when querying an invalid service. Jim Pingle
01:22 PM Bug #9632 (Resolved): DynDNS not updating IP address for DNSExit: New URL is present in the code, no direct way to test without an account. Jim Pingle
01:21 PM Bug #10390 (Resolved): Fix DigitalOcean Dynamic DNS client for IPv6: New code is present. No direct way to test without an account, but the logic looks sound. Jim Pingle
01:18 PM Bug #8256 (Resolved): IPv6 IP Alias VIP not added to Interface Network Macros: IPv6 IP Alias VIP subnet is now present in interface network macros. Jim Pingle
01:12 PM Bug #9933: Captive Portal + Voucher not keeping auto-added "Pass-through MAC Auto Entry": https://github.com/pfsense/pfsense/pull/4323 Viktor Gurov
12:54 PM Bug #10525 (Resolved): Chinese (taiwan) / HK Translation using incorrect identifier on 2.4.5: The identifiers now match the language files on the filesystem, and changing to the language works as expected.
Un... Jim Pingle
11:55 AM Bug #10525 (Feedback): Chinese (taiwan) / HK Translation using incorrect identifier on 2.4.5: Applied in changeset commit:70b7144719d4ba6782bdd4f90af51ed736c9008e. Renato Botelho
09:39 AM Bug #10525 (In Progress): Chinese (taiwan) / HK Translation using incorrect identifier on 2.4.5: There is still some discrepancy here.
For HK the GUI is setting zh_Hans_HK and for TW the GUI is setting zh_Hant_T... Jim Pingle
12:30 PM Bug #10580 (Feedback): PHP error when restoring to 2.5.0: Applied in changeset commit:d2abe7c919eaf0c40b911278b96f9bab4fa0be45. Jim Pingle
09:37 AM Bug #9311: Captive Portal continues to limit per-user bandwidth when not enabled: This fix clears <bwdefaultdn> and <bwdefaultup> if <peruserbw> is disabled:
https://github.com/pfsense/pfsense/pull/... Viktor Gurov
09:35 AM Revision 6fee2381: Sanitize ACME passwords. Issue #10569: Viktor Gurov
09:33 AM pfSense Packages Bug #10444: FRR will not start in 2.4.5 aarch64: Jim Pingle wrote:
> Luiz told me he'd work on this
Any news on this? Really looking forward to getting my bgp ba... Zachary McGibbon
09:15 AM Bug #3039: New vouchers doesn't sync with CARP slave: fix:
https://github.com/pfsense/pfsense/pull/4150 Viktor Gurov
06:02 AM Feature #10467: Email alert functionality for system health: + as well voting for configurable buildin SMTP notifications by types/monitors. This needed specially when pfSense mo... DRago_Angel [InV@DER]
05:42 AM pfSense Docs Correction #10582 (Closed): Feedback on Services — DNS — Blocking DNS Queries to External Resolvers: *Page:* https://docs.netgate.com/pfsense/en/latest/recipes/dns-block-external.html
*Feedback:*
Step #4 instruct... Jesse Sheidlower
04:37 AM Bug #10569: Sanitize ACME passwords: https://github.com/pfsense/pfsense/pull/4321 Viktor Gurov
03:42 AM pfSense Docs Correction #9637: Feedback on High Availability — Example Redundant Configuration: https://gitlab.netgate.com/docs/pfSense-book/-/merge_requests/3 Viktor Gurov
03:38 AM pfSense Packages Feature #10500: Build HAProxy Package with buildin Prometheus exporter: If someone need how-to, I wrote it here: https://www.reddit.com/r/PFSENSE/comments/gns3qr/haproxy_20_prometheus_monit... DRago_Angel [InV@DER]
03:10 AM pfSense Packages Feature #10500: Build HAProxy Package with buildin Prometheus exporter: OK:... Viktor Gurov
03:17 AM pfSense Packages Bug #9635 (Resolved): lldpd (and probably ladvd) doesn't work on units with an integrated switch: tested on SG-1100 and XG-7100 - works as expected, lldpd uses the correct interfaces for integrated switches instead ... Viktor Gurov
01:29 AM pfSense Packages Feature #9874: safesearch enforcing: Minor WebGUI fix:
https://github.com/pfsense/FreeBSD-ports/pull/863 Viktor Gurov
12:52 AM Bug #10558: Multicast daemons work at boot, but fail if restarted: Same result here. After a restart of the service it fails. After that if you reboot it still fails to start.
Now I ... Maarten Hendrix

05/20/2020

07:50 PM Feature #10581: Provide ability to disable nginx access logging to remote syslog server: FYI, a snippet from the start of my /var/etc/syslog.d/pfSense.conf file (remote-hostname replaced for security). Not ... Russell Morris
03:14 PM Feature #10581 (New): Provide ability to disable nginx access logging to remote syslog server: Hi,
It would be helpful to be able to disable nginx access logging, to a remote syslog server - reduce the bandwid... Russell Morris
07:29 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: @jim
you can already have a look at what I've done :
https://github.com/miniupnp/miniupnp/pull/455
Thomas BERNARD
03:47 PM Bug #10576 (Resolved): Update unbound to mitigate CVE-2020-12662: Jim Pingle
03:47 PM Bug #10576: Update unbound to mitigate CVE-2020-12662: New version is offered on 2.4.5:... Jim Pingle
08:24 AM Bug #10576 (Feedback): Update unbound to mitigate CVE-2020-12662: Done Renato Botelho
01:40 AM Bug #10576 (Resolved): Update unbound to mitigate CVE-2020-12662: Unbound is vulnerable to a new type of DNS amplification attack dubbed NXNSAttack.
* "CVE-2020-12662":https://nlne... znerol znerol
03:26 PM Bug #10568 (Resolved): Sanitize FreeRADIUS user password: Fine on 2.4.5-p1 via gitsync:... Jim Pingle
07:40 AM Bug #10568 (Feedback): Sanitize FreeRADIUS user password: PR has been merged. Thanks! Renato Botelho
03:21 PM Bug #10574: nginx flooding syslog, but "Web Server Log" disabled: No problem, that makes sense. Thanks! Russell Morris
03:20 PM Bug #10574: nginx flooding syslog, but "Web Server Log" disabled: Probably not terribly difficult but not trivial, you'd have to setup the right directives to exclude things from the ... Jim Pingle
03:15 PM Bug #10574: nginx flooding syslog, but "Web Server Log" disabled: OK, perfect - thanks! New feature created, here: https://redmine.pfsense.org/issues/10581.
And do you know, is the... Russell Morris
09:39 AM Bug #10574: nginx flooding syslog, but "Web Server Log" disabled: It's currently in a closed state so no worries about closing it out. You can certainly drop a link here to the new on... Jim Pingle
09:38 AM Bug #10574: nginx flooding syslog, but "Web Server Log" disabled: Sure, will do - NP! Let me created it, add a link here (OK?), then close this "bug" out. Russell Morris
07:16 AM Bug #10574: nginx flooding syslog, but "Web Server Log" disabled: It would be better to make a fresh one since fixing this one would involve editing/changing all of the info to match ... Jim Pingle
05:52 AM Bug #10574: nginx flooding syslog, but "Web Server Log" disabled: Hmmm ... I don't seem to be able to change this from a Bug to a Feature Request - is that just me, or do I need to en... Russell Morris
05:51 AM Bug #10574: nginx flooding syslog, but "Web Server Log" disabled: Hi,
Ahh, OK - that makes sense. I wondered based on the wording. Thanks for clarifying!
Yes, it would be great... Russell Morris
03:21 PM Feature #6228: Please provide a means for IGMPv3 and MLDv2 support: According to the IGMP Proxy documentation, it supports IGMPv3 on the WAN side only - _just because FreeBSD already su... Jens Leinenbach
03:11 PM pfSense Docs Correction #10578 (Resolved): Feedback on Cellular Wireless — Known Working 3G-4G Modems: PR merged Jim Pingle
01:14 PM pfSense Docs Correction #10578: Feedback on Cellular Wireless — Known Working 3G-4G Modems: https://github.com/pfsense/docs/pull/124 Viktor Gurov
12:29 PM pfSense Docs Correction #10578 (Resolved): Feedback on Cellular Wireless — Known Working 3G-4G Modems: *Page:* https://docs.netgate.com/pfsense/en/latest/cellular/known-working-3g-4g-modems.html
Huawei ME909u-521 4G/L... Viktor Gurov
03:07 PM Bug #10580 (Resolved): PHP error when restoring to 2.5.0: When testing #10458 I tried using a 2.5.0 base to restore a configuration with revision 17.4 containing this IPsec co... Jim Pingle
02:57 PM Bug #10558: Multicast daemons work at boot, but fail if restarted: I concur: I just tried to restart the service via Status/Services and it fails. Jens Leinenbach
02:16 PM Bug #10558: Multicast daemons work at boot, but fail if restarted: It might be that it only runs the first time after a reboot and anything that triggers the service to restart may mak... Jim Pingle
02:04 PM Bug #10558: Multicast daemons work at boot, but fail if restarted: That indeed looks like it started again.
Will it still work after a reboot or do i need to disable it every time i ... Maarten Hendrix
01:53 PM Bug #10558: Multicast daemons work at boot, but fail if restarted: Maarten Hendrix wrote:
> Looks the same indeed:
> [...]
I disabled the service and the debug mode, updated pfsen... Jens Leinenbach
03:35 AM Bug #10558: Multicast daemons work at boot, but fail if restarted: Looks the same indeed:... Maarten Hendrix
03:28 AM Bug #10558: Multicast daemons work at boot, but fail if restarted: Maarten Hendrix wrote:
> I tested with PIMD because it does a similar job.
> I tested with it installed and without... Jens Leinenbach
02:55 PM Bug #10458 (Resolved): Config update error: /etc/inc/upgrade_config.inc:5492: No errors restoring a config with rev 17.4 containing the bad section to 2.4.5. Jim Pingle
12:41 PM pfSense Packages Bug #10579 (Rejected): Blinkled segfaults with SEGV_MAPERR: Hello,
blinkled seem to segfault on my pfSense.... Kacper Boström
12:39 PM Revision 6f9c63cd: Sanitize FreeRADIUS passwords. Fixes #10568: (cherry picked from commit e8bf78f2bac413d86f2646669fda823f6502293e) Viktor Gurov
12:39 PM Revision a88b841b: Merge pull request #4319 from vktg/sanitizeradius: Renato Botelho
12:38 PM Revision 1d045b3e: Build HAProxy Package with buildin Prometheus exporter. Implement #10500: (cherry picked from commit b7e6b62e8eadbef3b1d1c1ff88cbe7448aaa62e2) Viktor Gurov
12:38 PM Revision 662a8d3b: Merge pull request #4320 from vktg/buildhaproxypromex: Renato Botelho
10:45 AM pfSense Packages Feature #10500 (Resolved): Build HAProxy Package with buildin Prometheus exporter: Jim Pingle
10:30 AM pfSense Packages Feature #10500: Build HAProxy Package with buildin Prometheus exporter: Tested, build-in exporter works. Thank you. DRago_Angel [InV@DER]
07:41 AM pfSense Packages Feature #10500 (Feedback): Build HAProxy Package with buildin Prometheus exporter: PR has been merged. Thanks! Renato Botelho
10:44 AM Feature #1205: VPN: User-based / Group-based firewall rules: It has also seen some recent fixes and has some pending enhancements: #9206 #10454 Jim Pingle
10:42 AM Feature #1205: VPN: User-based / Group-based firewall rules: https://docs.netgate.com/pfsense/en/latest/book/openvpn/controlling-client-parameters-via-radius.html Jim Pingle
10:39 AM Feature #1205: VPN: User-based / Group-based firewall rules: Jim Pingle wrote:
> This has been in place since pfSense 2.1. It uses the same syntax as cisco inacl/outacl, for exa... Christoph Haas
10:38 AM Bug #10492 (Resolved): LDAP groups conflict in privileges: Confirmed problem on stock 2.4.5 and confirmed fix after gitsync. The admin user (id=0) and members of the "admins" g... Jim Pingle
10:10 AM Bug #10577: intel x553 (c3000 chipset) loading x520 driver: here is upload the system.log and files of the system without the x520 card installed.
Peter Martens
09:35 AM Bug #10577: intel x553 (c3000 chipset) loading x520 driver: There still isn't enough info to say what might be happening, this basically boils down to "it doesn't work" with no ... Jim Pingle
09:09 AM Bug #10577: intel x553 (c3000 chipset) loading x520 driver: the unit works normally on 1gb without the x520 card. but when the card is installed the unit stops working.
the x52... Peter Martens
07:13 AM Bug #10577 (Feedback): intel x553 (c3000 chipset) loading x520 driver: Can you try that on a 2.5.0 snapshot?
The "speed" in the screenshots you show isn't relevant. The ix driver is cap... Jim Pingle
06:45 AM Bug #10577 (Not a Bug): intel x553 (c3000 chipset) loading x520 driver: We have an supermicro (SYS-5019A-FTN4) based on the c3000 serie cpu (atom C3758) with 2.4.5-RELEASE pfsense on the sy... Peter Martens
09:26 AM Feature #9985: Build virtio_console.ko: See #9877 for info about the state of qemu-guest-agent Jim Pingle
09:25 AM Feature #9877: QEMU Guest Agent: It looks like that port has not been added to FreeBSD yet. The linked PR shows they added some code to the main qemu ... Jim Pingle
09:12 AM Bug #10414: Very high CPU usage of pfctl and more causing very high load and a hardly usable internet connection: I was able to replicate this to a lesser extent on Proxmox VE (6.2-4) as well, with a 4-core VM. Similar setup to the... Jim Pingle
07:44 AM pfSense Packages Bug #10572 (Feedback): STARTTLS option is ignored: PR has been merged. Thanks! Renato Botelho

05/19/2020

11:35 PM Bug #10574 (Not a Bug): nginx flooding syslog, but "Web Server Log" disabled: The checkbox controls errors, not the access log. And the access logging is only sent to remote syslog servers, not l... Jim Pingle
09:29 PM Bug #10574 (Not a Bug): nginx flooding syslog, but "Web Server Log" disabled: Hi,
I have the "Web Server Log" disabled ("If this is checked, errors from the web server process for the GUI or C... Russell Morris
02:57 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: Thomas BERNARD wrote:
> thanks, so
> [...]
> is the additional pf rule that need to be created for outbound traffi... Jim Pingle
02:38 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: thanks, so... Thomas BERNARD
09:38 AM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: Thomas BERNARD wrote:
> unfortunately it shows that everything is OK when the external port is mapped to the same in... Jim Pingle
01:08 PM Revision 6dee908b: Revert "Disable rust on suricata for aarch64": This reverts commit b52e3cb736148ed826908cb76e8da9982f8c3a6e. Renato Botelho
11:52 AM pfSense Packages Bug #10573 (Resolved): Netgate_Coreboot_Upgrade cannot write to flash in 2.4.5: The adi_flash_util binary appears to be handing bad parameters to flashrom in pfSense 2.4.5.
It can read the flash... Steve Wheeler
10:16 AM pfSense Packages Bug #10572 (Pull Request Review): STARTTLS option is ignored: Jim Pingle
08:46 AM pfSense Packages Bug #10572: STARTTLS option is ignored: https://github.com/pfsense/FreeBSD-ports/pull/862 Viktor Gurov
08:44 AM pfSense Packages Bug #10572 (Feedback): STARTTLS option is ignored: STARTTLS option ($usetls or "-ZZ") is never used as arg for _basic_ldap_auth_ Viktor Gurov
10:12 AM pfSense Packages Feature #10570: OpenVPN Export for iOS should use .ovpn12 for certs and private key: If we change anything at all, it should only affect the Viscosity bundle export format. Nothing else.
If Apple uti... Jim Pingle
03:04 AM pfSense Packages Feature #10570 (New): OpenVPN Export for iOS should use .ovpn12 for certs and private key: https://forum.netgate.com/topic/144204/openvpn-export-for-ios-should-use-ovpn12-for-certs-and-private-key:
Have a ... Viktor Gurov
10:08 AM Bug #10568 (Pull Request Review): Sanitize FreeRADIUS user password: Jim Pingle
01:33 AM Bug #10568: Sanitize FreeRADIUS user password: Fix:
https://github.com/pfsense/pfsense/pull/4319 Viktor Gurov
01:25 AM Bug #10568 (Resolved): Sanitize FreeRADIUS user password: fields to sanitize:
<varuserspassword>
<varsqlconfpassword>
<varsqlconf2password>
<varmodulesldappassword>
<varm... Viktor Gurov
10:07 AM pfSense Docs Correction #10567 (Resolved): Feedback on Cellular Wireless — Known Working 3G-4G Modems: PR merged. Jim Pingle
12:59 AM pfSense Docs Correction #10567: Feedback on Cellular Wireless — Known Working 3G-4G Modems: https://github.com/pfsense/docs/pull/123 Viktor Gurov
09:55 AM Bug #9643: Limiters do not function properly on 2.5 snapshots: Hi.
Same behavior on Proxmox/KVM - pfSense 2.5.0.a.20200518.1031 with vtnet driver.
Any update on this?
Thanks! Gyula Kelemen
09:43 AM Bug #10566: password for OpenDNS (under DynDNS) not being passed correctly: Does it work if you put the password in with the @&@ changed to &@amp;@?
Change this:... Jim Pingle
08:55 AM Revision b7e6b62e: Build HAProxy Package with buildin Prometheus exporter. Implement #10500: Viktor Gurov
08:39 AM pfSense Packages Feature #10500: Build HAProxy Package with buildin Prometheus exporter: Kilian Ries wrote:
> I'm also interested in the haproxy prometheus exporter - if you need a tester just let me know.... DRago_Angel [InV@DER]
07:34 AM pfSense Packages Feature #10500: Build HAProxy Package with buildin Prometheus exporter: I'm also interested in the haproxy prometheus exporter - if you need a tester just let me know... Kilian Ries
04:06 AM pfSense Packages Feature #10500: Build HAProxy Package with buildin Prometheus exporter: Hi @Viktor can I test it on my pfsense 2.4.5? And if yes - then how? I have System Patcher but doesn't know if it can... DRago_Angel [InV@DER]
03:57 AM pfSense Packages Feature #10500: Build HAProxy Package with buildin Prometheus exporter: https://github.com/pfsense/pfsense/pull/4320 Viktor Gurov
06:32 AM Revision e8bf78f2: Sanitize FreeRADIUS passwords. Fixes #10568: Viktor Gurov
05:58 AM Bug #7386 (Resolved): IPv6 not disabled in mpd.conf w/ IPv6 GUI option set to 'disabled': tested with PPP and PPPoE interfaces on 2.5.0.a.20200518.1031 Viktor Gurov
05:54 AM Feature #10538 (Resolved): DNS/Ping/Traceroute IDN support: works as expected on 2.5.0.a.20200518.1031 Viktor Gurov
05:52 AM Bug #10537 (Resolved): wrong link on diag_dns.php: tested on 2.5.0.a.20200518.1031 - OK Viktor Gurov
05:47 AM Bug #7255 (Resolved): Firewall alias FQDN field rejects IDNs (Internationalized domain names): editing, resolving, import/export - all works as expected
pfSense 2.5.0.a.20200518.1031 Viktor Gurov
04:26 AM pfSense Packages Feature #10571: Add zabbix-proxy50 and zabbix-agent50 packages: sorry, tried search before create ticket and doesn't saw this one. DRago_Angel [InV@DER]
04:15 AM pfSense Packages Feature #10571 (Rejected): Add zabbix-proxy50 and zabbix-agent50 packages: duplicate of #10557 Viktor Gurov
04:09 AM pfSense Packages Feature #10571 (Rejected): Add zabbix-proxy50 and zabbix-agent50 packages: Hi, there is some days ago was been released new version of Zabbix LTS 5.0, could you please add packages for it to p... DRago_Angel [InV@DER]
04:18 AM pfSense Packages Feature #10557: Add Zabbix 5.0 LTS (agent and proxy) packages: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=246447 Viktor Gurov
04:11 AM Revision c68acc14: Set the default ICMP data payload size to 1 in dpinger probes.: This fixes the dropping of the ICMP probes in some broken routers/ISPs.
There is no increase of the packet size on ... Luiz Souza
04:09 AM Revision ea0d5cbe: Set the default ICMP data payload size to 1 in dpinger probes.: This fixes the dropping of the ICMP probes in some broken routers/ISPs.
There is no increase of the packet size on ... Luiz Souza
02:29 AM Bug #10569 (Resolved): Sanitize ACME passwords: All <dns_***_key>, <dns_***_password>, <dns_***_secret>, <dns_***_token>, <dns_***_pwd> and <dns_***_pw> fields must ... Viktor Gurov

05/18/2020

11:59 PM pfSense Docs Correction #10567 (Resolved): Feedback on Cellular Wireless — Known Working 3G-4G Modems: *Page:* https://docs.netgate.com/pfsense/en/latest/cellular/known-working-3g-4g-modems.html
*Feedback:*
Add Hua... Viktor Gurov
06:03 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: Thank you very much, Thomas. I emailed the captures to you.
For what it's worth, I did have both PC's showing "Ope... Connor Ness
05:42 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: Connor Ness wrote:
> If you need me to check anything else, I may not be able to until tomorrow. Hopefully this he... Thomas BERNARD
05:28 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: I can test this right now. I currently have two PCs unable to play Call of Duty together behind a pfSense 2.4.4-RELEA... Connor Ness
02:59 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: Dakota Marshall wrote:
> At this point, what is needed to try and further troubleshoot this issue? I will be more th... Thomas BERNARD
12:48 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: I've been watching this bug for the past 2 years and am excited that there is some traction on it. Though I'm very di... Dakota Marshall
12:17 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: I removed the irrelevant comments made after the warning and locked their account. Further comments unrelated to the ... Jim Pingle
11:26 AM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: Joel S wrote:
> Jim Pingle wrote:
> > Joel,
> >
> > Please stop. That kind of unhelpful dialog is unproductive a... Thomas BERNARD
10:39 AM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: We have not enough precise details on the issue :
What AddPortMapping requests the XBoxes are doing and what traffic... Thomas BERNARD
10:02 AM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: Thomas BERNARD wrote:
> I have seen no detailed description of the problem (AddPortMapping requests from the console... Jim Pingle
09:26 AM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: Joel,
Please stop. That kind of unhelpful dialog is unproductive and not welcome here, and is getting in the way o... Jim Pingle
07:16 AM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: Thomas BERNARD wrote:
> Hello, I'm miniupnp main author.
>
> The user Joel S came from here to open an issue on h... Joel S
03:20 AM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: Hello, I'm miniupnp main author.
The user Joel S came from here to open an issue on https://github.com/miniupnp/mi... Thomas BERNARD
05:56 PM Bug #10566 (Closed): password for OpenDNS (under DynDNS) not being passed correctly: When utilizing the dynDNS service to update a WAN IP on the OpenDNS, the password was not accepted even though it was... Frank Graffagnino
04:36 PM Revision 146b0a43: Enforce saving logins across reboots when captive portal HA is enabled: Redmine #97 A FL
04:36 PM Revision f2708fe6: Do not remove captive portal zones on backup node if captive portal HA sync is disabled: Fix #9303 A FL
04:36 PM Revision 8e770b88: Reset in-use/expired vouchers on backup node if vouchers are reset on master node.: Redmine #8809 A FL
04:36 PM Revision 6960993d: Remove non captive-portal logs from Local4 syslog facility.: Various logs are recorded in local4 in HA situation. They should not be recorded here.
Redmine #97 A FL
04:36 PM Revision c392f1f5: Write vouchers public key and config in /var/db/ on backup node: Fix #8807 A FL
04:36 PM Revision 0eae38cd: Refresh connected users on primary when becoming master node.: Redmine #97 A FL
04:36 PM Revision 6bfb5b9e: Forward in-use/expired vouchers to the other node when performing a voucher expiration: Redmine #97 A FL
04:36 PM Revision 896889e9: Do not save in-use vouchers to config.: Saving in use/expired vouchers to XML config does trigger an ACB Save and has many undesirable effects in HA situatio... A FL
04:36 PM Revision 318e3f81: Forward in-use/expired vouchers to the other node when performing a voucher auth.: Redmine #97 A FL
04:36 PM Revision 78784180: Forward "Disconnect all" to the other node: Redmine #97 A FL
04:36 PM Revision 4a778ba9: Forward an user disconnection to the other node: Redmine #97 A FL
04:36 PM Revision 24600471: Forward an user connection to the backup node: Redmine #97 A FL
04:36 PM Revision 13164061: Do not perform RADIUS accounting/prune operations when node is in backup mode: Implement Redmine #97 A FL
04:35 PM Revision f72a37e7: Backup node : fetch user list and in-use/expired vouchers from master node.: Implement Redmine #97 A FL
04:35 PM Revision 06ef0830: Create a new page dedicated to backward sync: Implement Redmine #97 A FL
04:33 PM Revision 65a51647: Fix backward vouchers synchronization: Redmine #7972 A FL
02:42 PM Revision a0e4148c: Merge pull request #4306 from vktg/hidearmnetboot: Renato Botelho
02:42 PM Revision 3e1da340: Merge pull request #4304 from vktg/aliasclone: Renato Botelho
02:41 PM Revision 3215d564: Merge branch 'master' into aliasclone: Renato Botelho
02:38 PM Revision 5cd0ec9d: Merge pull request #4311 from vktg/dyndnscopy: Renato Botelho
02:37 PM Revision eeb38d3e: Merge pull request #4312 from vktg/dynv6: Renato Botelho
02:37 PM Revision 0d1adbeb: Merge pull request #4309 from vktg/idndnslookup: Renato Botelho
02:35 PM Revision 1c17a5fa: Merge pull request #4316 from vktg/idnalias: Renato Botelho
02:32 PM Revision 38247b49: is_proccess_running empty proc fix. Issue #10540: (cherry picked from commit 050e18cf3b37e67eda2a16b07f86217421f5b582) Viktor Gurov
02:32 PM Revision e724b5a8: Merge pull request #4318 from vktg/isprocfix: Renato Botelho
02:30 PM Bug #10565 (Rejected): WAN_DHCP6 Stuck Pending / Unknown: There isn't enough information to suggest it's a bug. Around that time is when the base OS moved to FreeBSD 12.1-STAB... Jim Pingle
12:35 PM Bug #10565 (Rejected): WAN_DHCP6 Stuck Pending / Unknown: Around May 8th, updated pfSense test system running development snapshot. Was working fine before update. After updat... Daryl Morse
02:30 PM Revision 341fa0b7: Merge pull request #4308 from xrm/master: Renato Botelho
10:40 AM Feature #2358: NAT64 support: Is it possible that anyone here is skilled in packaging?
Would it be possible for someone to make a Tayga package ... Brandon Jackson
10:32 AM Todo #10564 (Resolved): Update pkg to 1.13.x: In order to avoi any possible problems of building metadata with more recent pkg than installed on supported systems,... Renato Botelho
10:24 AM Bug #4765: NAT Reflection (Pure NAT) rules not setup for traffic originating from same subnet as final destination: I know this is an old issue, but I am hitting the same problem as the OP here.
I followed up on the thread as well..... Charles Ross
09:56 AM pfSense Packages Feature #10479 (Feedback): Keep settings after deinstall option: PR has been merged. Thanks! Renato Botelho
09:56 AM pfSense Packages Bug #9635 (Feedback): lldpd (and probably ladvd) doesn't work on units with an integrated switch: PR has been merged. Thanks! Renato Botelho
09:42 AM Feature #10374 (Feedback): Add ARM32/64 network booting support to dhcpd: PR has been merged. Thanks! Renato Botelho
09:42 AM Feature #6908 (Feedback): Alias copy, sort, search/replace functions: PR has been merged. Thanks! Renato Botelho
09:39 AM Feature #8952 (Feedback): Dynamic DNS Copy Button: PR has been merged. Thanks! Renato Botelho
09:38 AM Feature #9642 (Feedback): Add DDNS support for dynv6.com: PR has been merged. Thanks! Renato Botelho
09:37 AM Feature #10538 (Feedback): DNS/Ping/Traceroute IDN support: PR has been merged. Thanks! Renato Botelho
09:35 AM Bug #7255 (Feedback): Firewall alias FQDN field rejects IDNs (Internationalized domain names): PR has been merged. Thanks! Renato Botelho
09:34 AM Feature #6228: Please provide a means for IGMPv3 and MLDv2 support: FreeBSD seems to support MLDv2 since version 8R as per https://www.freebsd.org/releases/8.0R/relnotes.html
"The IG... Loh Phat
09:32 AM Bug #10540 (Feedback): is_process_running can generate error for empty process: PR has been merged. Thanks! Renato Botelho
09:31 AM Feature #10392 (Feedback): GRE: Tunnels cannot have IPv6 and IPv4 addresses at the same time: PR has been merged. Thanks! Renato Botelho
09:15 AM Feature #10563 (Rejected): Update Traffic Shaper Wizard Services: The traffic shaper wizard services list works on lists of ports, and most if not all those are web-based services whi... Jim Pingle

05/17/2020

07:52 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: Jim Pingle wrote:
>
> pf is capable of doing this kind of NAT, it's the same kind of NAT rules people set manuall... Joel S
07:40 PM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: Jim Pingle wrote:
>
> pf is capable of doing this kind of NAT, it's the same kind of NAT rules people set manually... Joel S
04:35 PM Bug #5999: IPv6 IP Alias prevents Track Interface from working with DHCPv6 and RA: Jim Pingle wrote:
> If it is "simple" and "not difficult", we would happily accept a pull request to fix the issue.
... Rick Coats
06:39 AM Bug #10558: Multicast daemons work at boot, but fail if restarted: I tested with PIMD because it does a similar job.
I tested with it installed and without it installed. Both the same... Maarten Hendrix
06:12 AM Bug #10558: Multicast daemons work at boot, but fail if restarted: Maarten Hendrix wrote:
> Problem:
> IGMPProxy (and PIMD) will not start after pfSense update on 05-02-2020.
Does... Jens Leinenbach
01:51 AM Feature #10563: Update Traffic Shaper Wizard Services: And PLEASE don't forget Twitch and other upload heavy streaming services. tag wolf
01:49 AM Feature #10563 (Rejected): Update Traffic Shaper Wizard Services: Please update traffic shaper wizard's services/games to relevant services/games such as:
(just a few examples. but I... tag wolf

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

06/15/2020

06/14/2020

06/13/2020

06/12/2020

06/11/2020

06/10/2020

06/09/2020

06/08/2020

06/07/2020

06/06/2020

06/05/2020

06/04/2020

06/03/2020

06/02/2020

06/01/2020

05/31/2020

05/30/2020

05/29/2020

05/28/2020

05/27/2020

05/26/2020

05/25/2020

05/24/2020

05/23/2020

05/22/2020

05/21/2020

05/20/2020

05/19/2020

05/18/2020

05/17/2020