Activity

30 days up to

User

Subprojects

Activity

From 09/17/2021 to 10/16/2021

10/16/2021

10:04 PM Feature #12466 (New): Option to Disable Renegotiation timer in OpenVPN Server: We should add an option to the OpenVPN server webConfigurator so that we can disable renegotiation in OpenVPN. This ... Kris Phillips
10:01 PM pfSense Packages Bug #12381 (Rejected): mOTP with RADIUS drops the VPN connection after 60 minutes: Jim Pingle wrote in #note-1:
> I don't think that's FreeRADIUS, but OpenVPN. IIRC OpenVPN defaults to reconnecting e... Kris Phillips
09:28 PM Bug #12038: System attempts to start inactive services at boot: Tested on 22.01. Looks good and disabled services don't show in the startup as far as I can tell. Kris Phillips
08:36 PM Feature #12169 (New): IPsec keep alive option to initiate phase 2 without using ICMP: I did some further testing on this.
@(substr($status[$ikeid]['p1']['interface'], 0, 4) == "_vip")@ returns a false... Marcos M
07:35 PM pfSense Packages Feature #12465 (New): Add forwardfor advanced usecases: By default haproxy creates new x-forward-for header and do not touch existing one. This could be found in documentati... DRago_Angel [InV@DER]
11:16 AM pfSense Packages Bug #11887 (Resolved): Squid service starts twice by /etc/rc.start_packages: Tested in:
22.01-DEVELOPMENT (amd64)
built on Wed Oct 13 05:25:11 UTC 2021
FreeBSD 12.2-STABLE
Squid: 0.4.45_5 ... Max Leighton
10:36 AM pfSense Packages Todo #12456: Remove zabbix 5.2 packages: I checked in
2.6.0-DEVELOPMENT (amd64)
built on Sat Oct 16 05:24:35 UTC 2021
FreeBSD 12.2-STABLE
And see tha... Max Leighton
10:13 AM Feature #12464: Option to control log level of authentication messages in system logs ("Emergency" vs "Notice" level): https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/427 Steve Wheeler
09:57 AM Feature #12464 (Resolved): Option to control log level of authentication messages in system logs ("Emergency" vs "Notice" level): All authentication logs are send with the Level set as Emergency even when authentication is successful:... Steve Wheeler
10:06 AM Feature #11957 (Resolved): XMLRPC synchronization for DHCP relay settings: Tested in
22.01-DEVELOPMENT (amd64)
built on Wed Oct 13 05:25:11 UTC 2021
FreeBSD 12.2-STABLE
The DHCP Relay... Max Leighton
09:44 AM Bug #12356: Validation when deleting a VIP does not check if the VIP is used by IPsec phase 1 entries: I tested on the:... Danilo Zrenjanin
09:44 AM Bug #12463 (Duplicate): Unexpected error message after trying to delete a VIP alias: There is an unexpected error message after trying to delete a VIP Alias type which is used as an interface for IPsec ... Danilo Zrenjanin
07:58 AM Feature #12416 (Resolved): Support OpenVPN ``client-kill`` to terminate remote clients instead of clearing their session: Tested on the:... Danilo Zrenjanin
07:44 AM Feature #12342 (Resolved): Dynamic DNS client proxy support: Tested on the:... Danilo Zrenjanin
07:23 AM Todo #12430: Add IPsec phase 2 BINAT subnet size input validation: Testet on the:... Danilo Zrenjanin

10/15/2021

09:37 PM pfSense Packages Bug #11592: Node exporter can not read system statistics: The issue is that in "node_collector v1.0.0":https://github.com/prometheus/node_exporter/blob/master/CHANGELOG.md#100... Daniel Kimsey
09:19 PM pfSense Packages Feature #11163: Preferred Chain option: I submitted a PR to implement this option as I found one my clients needed it for a particular cert I was issuing.
P... Daniel Kimsey
08:56 PM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: Ryan Roosa wrote in #note-12:
> Samuel Hanna wrote in #note-11:
> > The problem still persist on wireguard 0.1.5_1.... Samuel Hanna
08:55 PM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: Thank you for the detailed report here. This is immensely helpful. I will continue to poke at this next week and repo... Christian McDonald
05:18 PM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: Samuel Hanna wrote in #note-11:
> The problem still persist on wireguard 0.1.5_1.
> even after changing the keys and ... Ryan Roosa
08:52 PM Feature #9617: PPPoE Static IP Configuration in GUI: any update on this feature??
it would be great to have this option in pppoe interface gui, it's very useful if i h... Samuel Hanna
06:44 PM pfSense Packages Feature #12462 (Pull Request Review): Telegraf: Add "devfs" to ignore_fs: The Netgate XG-1537 has the following disk paths at 100% utilization:
* /dev
* /var/dhcpd/dev
* /var/unbound/dev
... Offstage Roller
03:47 PM pfSense Docs Todo #12461 (Resolved): Improve macOS Serial Command Instructions: Many of the devices no longer just show "/dev/cu.usbserial" for their path in macOS. For example the SG-5100 with th... Kris Phillips
01:27 PM Feature #7749: Support ``0`` CIDR mask for IGMP Proxy networks: The address for gitlab is in the private range. I can't tell if you want me to see the update or not, but I have no a... Juan Abonia
09:57 AM Bug #12460 (Resolved): Unbound falls back to using all outgoing network interfaces if manually selected outgoing interface(s) are unavailable: How to reproduce:
1) Configure OpenVPN client and assign OpenVPN interface
2) Select OpenVPN interface in `Outgoi... Viktor Gurov
09:35 AM Todo #12459 (New): Add IP Alias subnet input validation: From https://docs.netgate.com/pfsense/en/latest/firewall/virtual-ip-address-comparison.html#ip-alias:
- Can be in a ... Viktor Gurov
08:18 AM Feature #12458 (New): Use "unixHomeDirectory" instead of "homeDirectory" when LDAP authentication server is Active Directory: In many Active Directory environments, @homeDirectory@ is a UNC path to an SMB/CIFS shared folder, e.g.,... Charles Hamilton
03:28 AM Feature #12433: Icon for traffic direction on floating rules tab: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/426 Viktor Gurov
03:00 AM Feature #4769: IPv6 support in the Traffic Shaper Wizard: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/425 Viktor Gurov

10/14/2021

07:30 PM Bug #12408 (Resolved): Input validation prevents creating 1:1 NAT rules on OpenVPN: able to create 1:1 NAT on openvpn int.
2.6.0.a.20211013.0500
Alhusein Zawi
03:41 PM Revision 35c4d4fd: Ticket #12456: Retire Zabbix 5.2 packages: Renato Botelho
02:19 PM Bug #12410 (Resolved): 1:1 NAT edit page lists incorrect entries in the Destination field: fixed
2.6.0.a.20211013.0500
Alhusein Zawi
12:53 PM pfSense Docs Todo #12457 (New): Add UPS Configuration Recipes for apcupsd and nut UPS Packages with Common Brand Units: A customer requested that we add some basic "how to" recipes to the pfSense docs for basic operations in the apcupsd ... Kris Phillips
10:16 AM pfSense Packages Todo #12456 (Feedback): Remove zabbix 5.2 packages: Done Renato Botelho
10:15 AM pfSense Packages Todo #12456 (Resolved): Remove zabbix 5.2 packages: zabbix 5.2 were removed from FreeBSD ports because they are unsupported by upstream. Remove pfSense packages as well Renato Botelho
09:55 AM pfSense Packages Bug #10431 (Resolved): pfBlockerNG Cron Job wrong - Clear IP / DNSBL Statistics: no such issue with pfBlockerNG-devel 3.1.0 (fixed):... Viktor Gurov
09:48 AM pfSense Packages Feature #9798: add ipv4 and ipv6 dnscrypt-resolvers feeds: actual link:
https://download.dnscrypt.net/dnscrypt-resolvers/json/public-resolvers.json Viktor Gurov
09:42 AM pfSense Packages Bug #11817 (Closed): Enabling Firewall / pfBlockerNG / DNSBL / IPv6 DNSBL blocks radvd from starting: Viktor Gurov
08:38 AM Feature #8908 (Closed): setting default gateway using lower Tier in case gateway group is set as default: no such issue on 2.6.0.a.20211013.0500 -
If I set GW group in Default gateway IPv4 then, after pressing 'apply', low... Viktor Gurov
04:05 AM Bug #12455: Captive Portal online user statistics data is not cleared on unclean shutdown: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/424 Viktor Gurov
03:57 AM Bug #12455 (Resolved): Captive Portal online user statistics data is not cleared on unclean shutdown: `/var/db/captiveportal_online_users` (used for RRD) can contain incorrect data on unclean shutdown
and should be cle... Viktor Gurov
03:10 AM Bug #12355: Captive Portal database and ``ipfw`` rules are out of sync after unclean shutdown: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/423 Viktor Gurov
12:25 AM Feature #7749: Support ``0`` CIDR mask for IGMP Proxy networks: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/422 Viktor Gurov
12:14 AM Todo #12454: Suppress kernel messages when loading ``dummynet`` and thermal sensor modules: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/421 Viktor Gurov
12:09 AM Todo #12454 (Resolved): Suppress kernel messages when loading ``dummynet`` and thermal sensor modules: There is a console spam on boot after loading dummynet.ko:
https://github.com/pfsense/pfsense/blob/fd331bdcdee813f67... Viktor Gurov

10/13/2021

06:41 PM pfSense Docs Todo #12453 (Closed): Support for translation: Hi
Can you give translation support for pfSense docs? I take a look in Readthedocs project and a way to bring supp... Claudio Ferreira
05:10 PM Revision e0019dfd: Added registration page and repo cert handling logic for CE -> Plus upgrade: Steve Beaver
02:47 PM pfSense Packages Bug #12251: Wireguard 0.1.5 - ignores "KeepAlive" parameter if empty (instead of disabling): → luckman212 wrote in #note-3:
> Hmm, seems like 86400 is not a valid value after all. It got silently accepted but ... Adam Cooper
01:51 PM Bug #12075 (Resolved): Changes to an existing IPsec configuration are not applied on HA secondary after XMLRPC sync: Tested on 22.01.a.20211010.0500 with configuration that I originally experienced the issue in. It works correctly now. Marcos M
01:45 PM Feature #12169 (Resolved): IPsec keep alive option to initiate phase 2 without using ICMP: Tested on 22.01.a.20211010.0500. Still works well. Marcos M
01:34 PM pfSense Packages Bug #12258: Copy key buttons only work in HTTPS mode: Created PR 150 to resolve this.
Tested on local dev instance with HTTP only access and it fallsback, does a consol... Adam Cooper
10:56 AM Bug #12452 (Resolved): Port forward rules are not created for special networks (pppoe, openvpn): https://forum.netgate.com/topic/167150/dns-redirect-on-pppoe-clients-failing:
"I have a pfSense server running suces... Viktor Gurov
10:53 AM Bug #12361 (Resolved): NAT rule overlap detection does not check special networks: Tested on 22.01.a.20211010.0500. Looks good. Marcos M
10:06 AM Bug #12451 (New): deleteVIP() does not check RFC2136 Update Source: It is possible to delete the Virtual IP that is used by RFC 2136 Dynamic DNS client in the 'Update Source' field
Viktor Gurov
09:17 AM pfSense Docs Todo #12428 (Closed): Feedback on Services — DNS Resolver — Host Overrides: + Viktor Gurov
09:08 AM pfSense Docs Correction #12450 (Closed): Typo in the Phase 2 proposal (Child SA) section.: Here is the link:
https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/configure.html#phase-2-proposal-child-sa
... Danilo Zrenjanin
09:06 AM pfSense Packages Bug #12443: DNSBL Category ```Enable All``` button not working: fix:
https://github.com/pfsense/FreeBSD-ports/pull/1113 Viktor Gurov
05:46 AM Revision fd331bdc: Dynamic DNS proxy option. Fixes #12342: Viktor Gurov
05:13 AM Revision b9fbc36a: Slack Notifications. Feature #12291: Viktor Gurov
05:10 AM Revision a3e79766: NAT 1:1 pseudo-interface input validation fix. Issue #12408: Viktor Gurov
04:47 AM Todo #12449: Update "DNS Server Override" and "DNS Query Forwarding" help text: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/420 Viktor Gurov
04:36 AM Todo #12449 (Resolved): Update "DNS Server Override" and "DNS Query Forwarding" help text: after implementing the 'Pull DNS' option for OpenVPN client
(Allow the firewall to use DNS servers provided to an Op... Viktor Gurov
03:36 AM Bug #12448: Set OpenVPN Gateway Creation value to "Both" by default for new instances: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/419 Viktor Gurov
03:32 AM Bug #12448 (Resolved): Set OpenVPN Gateway Creation value to "Both" by default for new instances: The ```Create Gateway``` radio button is unchecked by default, but the text below it says it should:
"If you assign ... Viktor Gurov
03:11 AM pfSense Packages Feature #12447 (Rejected): Acme add dnsapi dns_cpanel.sh: Hello,
Please add the following feature to the acme package:
https://github.com/acmesh-official/acme.sh/blob/mast... Akos Tomaschik
01:35 AM Bug #12350: Incorrect label for IPsec DH group 32: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/418 Viktor Gurov
01:23 AM Regression #11512: DHCP Leases page and ARP table page fail to load if DNS is not available: Ronald Schellberg wrote in #note-8:
> Noticed when executing a ndp diagnostic query, that _getHostName() is now decl... Viktor Gurov
12:55 AM Feature #12342 (Feedback): Dynamic DNS client proxy support: Applied in changeset commit:fd331bdcdee813f67ee111c43029d360febb79b1. Viktor Gurov
12:40 AM pfSense Docs Todo #12418 (Closed): AutoConfigBackup Menu Structure Documentation: Viktor Gurov
12:40 AM Bug #12446 (Duplicate): IPsec dashboard widget description: duplicate of #11910 Viktor Gurov
12:37 AM Feature #12291 (Feedback): Support for Slack notifications: Merged Viktor Gurov
12:36 AM Bug #12408 (Feedback): Input validation prevents creating 1:1 NAT rules on OpenVPN: Merged Viktor Gurov
12:10 AM Todo #12406 (Feedback): Remove unused functions: Merged Viktor Gurov
12:09 AM Bug #12410 (Feedback): 1:1 NAT edit page lists incorrect entries in the Destination field: Merged Viktor Gurov
12:08 AM Todo #12430 (Feedback): Add IPsec phase 2 BINAT subnet size input validation: Merged Viktor Gurov
12:06 AM Feature #12416 (Feedback): Support OpenVPN ``client-kill`` to terminate remote clients instead of clearing their session: Merged Viktor Gurov

10/12/2021

08:07 PM Bug #11481 (Closed): NAT Reflection does not work when "NAT Reflection mode for port forwards" is set to "pure nat": Closing as it's not an issue on 22.01. Marcos M
01:55 PM Bug #11481: NAT Reflection does not work when "NAT Reflection mode for port forwards" is set to "pure nat": This looks to be fixed in 2.6/22.01 without this PR.
Outbound NAT rules are added as expected when NAT reflection i... Steve Wheeler

10/11/2021

12:39 PM pfSense Packages Bug #12444: ntopng throws errors when viewing single host: https://redmine.pfsense.org/issues/11530 - same/same? Jordan G
12:00 PM Bug #12446 (Duplicate): IPsec dashboard widget description: Hello,
looks like description of the tunnel is wrong on the IPsec dashboard.
Consider the following:
IPsec Phase... Gabriele Villa
08:21 AM pfSense Packages Bug #12126: freeradius3 0.15.7_31: Ok thanks for the info.
Any chance to have freeradius3 package update for 2.5.2 release? Alexis Pellicier
08:14 AM pfSense Packages Bug #12126: freeradius3 0.15.7_31: This looks to be a bug in Freeradius 3.0.22. See the 3.0.23 release notes:
https://github.com/FreeRADIUS/freeradius-... Steve Wheeler
05:17 AM pfSense Packages Feature #11310 (Resolved): Adding a widget to apcupsd plug-in: Renato Botelho

10/10/2021

07:11 PM pfSense Docs Todo #12445 (Rejected): Feedback on pfSense Configuration Recipes: *Page:* https://docs.netgate.com/pfsense/en/latest/recipes/index.html
*Feedback:*
Your ebook won't open with ei... Jerry Lumpkins
11:16 AM Bug #12361 (Feedback): NAT rule overlap detection does not check special networks: Marcos M
09:53 AM Bug #12366 (Resolved): Rotation settings for individual log files do not take effect after saving: Marcos M
09:42 AM Regression #11512: DHCP Leases page and ARP table page fail to load if DNS is not available: Noticed when executing a ndp diagnostic query, that _getHostName() is now declared in both diag_ndp.php and system.in... Ronald Schellberg

10/09/2021

09:08 PM pfSense Packages Bug #12444 (Closed): ntopng throws errors when viewing single host: Users have reports that when navigating to Hosts>Hosts and clicking to view a single host within the ntopNG settings ... Max Leighton
07:27 PM pfSense Packages Bug #11886 (Resolved): WireGuard: PHP error in vpn_wg_peers_edit.php: No longer able to reproduce this in 22.01 of pfSense Plus. Closing as Resolved. Kris Phillips
07:19 PM pfSense Packages Bug #12101 (Assigned): ArpWatch Suppression Mac for "flip-flop" not suppressing: Moving status back to Assigned as this hasn't been confirmed as fixed in updated package. Kris Phillips
07:11 PM Bug #12356: Validation when deleting a VIP does not check if the VIP is used by IPsec phase 1 entries: Can confirm this hasn't been merged into the Oct 9th build of pfSense Plus 22.01. We need to patch this in pfSense P... Kris Phillips
01:09 PM Bug #12356: Validation when deleting a VIP does not check if the VIP is used by IPsec phase 1 entries: Yes, I tested again in the latest build of 2.6 and it works as expected.
2.6.0-DEVELOPMENT (amd64)
built on Sat ... Max Leighton
12:08 PM Bug #12356: Validation when deleting a VIP does not check if the VIP is used by IPsec phase 1 entries: Max Leighton wrote in #note-4:
> I tested this in:
>
> 22.01-DEVELOPMENT (amd64)
> built on Sat Oct 09 05:27:30... Viktor Gurov
11:42 AM Bug #12356: Validation when deleting a VIP does not check if the VIP is used by IPsec phase 1 entries: I tested this in:
22.01-DEVELOPMENT (amd64)
built on Sat Oct 09 05:27:30 UTC 2021
FreeBSD 12.2-STABLE
And I c... Max Leighton
07:04 PM Bug #10304: ``radvd`` only responds to the first Router Solicitation received after each multicast Router Advertisement: FWIW, this seems to have resolved at some point on the 2.6 nightlies Kev Kitchens
07:02 PM Bug #12366: Rotation settings for individual log files do not take effect after saving: Tested this in the latest build of pfSense Plus 22.01 and it seems to properly rotate logging. Looks good. Kris Phillips
06:24 PM pfSense Docs Todo #12418: AutoConfigBackup Menu Structure Documentation: Jim,
Looks good. This can be closed out. Kris Phillips
04:47 PM Feature #12416: Support OpenVPN ``client-kill`` to terminate remote clients instead of clearing their session: They were able to test that patch and confirmed it was working as expected. Max Leighton
02:58 AM Feature #12416: Support OpenVPN ``client-kill`` to terminate remote clients instead of clearing their session: Kris Phillips wrote in #note-3:
> Customer in internal ticket 96721 tested this. Their results seem to be that this... Viktor Gurov
04:34 PM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: The problem still persist on wireguard 0.1.5_1.
even after changing the keys and ports nothing seems to help.
wish ... Samuel Hanna
02:04 PM Bug #12075: Changes to an existing IPsec configuration are not applied on HA secondary after XMLRPC sync: This seems to work for me. When I make changes to an existing tunnel's encryption settings, interface, local ID, etc,... Max Leighton
01:41 PM pfSense Packages Bug #4615: /var/logs/c-icap/server.log & access.log growing without being rotated: Hi,
so I took a look: /var/log/c-icap/access.log - 272MB
the mentioned bugfix was meant for squid, I think?
... Stephan Berger
12:05 PM Feature #9633: PPPoE/L2TP Server Status Page: Any news ?
Evgeny Korostelev
11:39 AM Regression #12442: Unexpected error message after trying to delete a CARP VIP: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/416 Viktor Gurov
06:22 AM Regression #12442 (Resolved): Unexpected error message after trying to delete a CARP VIP: There is an unexpected error message after trying to delete a CARP VIP which is used as a parent interface for VIP Al... Danilo Zrenjanin
11:24 AM Regression #12288: GRE and GIF tunnel inside addresses are missing at the OS level after applying changes on assigned interfaces: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/415 Viktor Gurov
11:04 AM pfSense Packages Bug #12443 (Resolved): DNSBL Category ```Enable All``` button not working: https://forum.netgate.com/topic/167094/dnsbl-catagory-bug:
"I dunno if i'm doing something wrong but under Blacklist... Viktor Gurov
10:37 AM Bug #11430: PHP console spam after Assigning Interfaces: @mute_kernel_msg()@/@unmute_kernel_msg()@ can be used to avoid these messages Viktor Gurov
09:58 AM pfSense Packages Bug #12153 (Resolved): Incorrect Outgoing Network Interface on clean install: Viktor Gurov
07:52 AM pfSense Packages Bug #12153: Incorrect Outgoing Network Interface on clean install: on clean install of 0.4.45_5 the default outgoing network interface shows as "Default (auto)" upon first visit to Ser... Jordan G
09:58 AM Bug #12362 (Resolved): Validation when deleting a VIP does not prevent deleting a CARP VIP used as a parent for an IP Aliases VIP: Viktor Gurov
06:24 AM Bug #12362: Validation when deleting a VIP does not prevent deleting a CARP VIP used as a parent for an IP Aliases VIP: Tested on the:... Danilo Zrenjanin
09:43 AM Revision 1004053d: OpenVPN Generated RADIUS ACL Ruleset for status_output. Implements #12316: Viktor Gurov
08:16 AM Revision 61eb637d: Modal window to see RADIUS ACL generated rules on the status_openvpn.php page. Implements #12321: Viktor Gurov
07:37 AM Revision 253b9b62: IPsec PH2 BINAT subnet size input validation. Todo #12430: Viktor Gurov
07:35 AM Revision 59724429: Do not check subnet overlapping on 6RD interfaces. Fixes #12371: Viktor Gurov
07:35 AM pfSense Packages Feature #11310: Adding a widget to apcupsd plug-in: Dashboard widget for APCUPSD is available after installing and configuring package. Status, line voltage, load, batte... Jordan G
05:50 AM pfSense Packages Todo #12354: Update haproxy-devel to mitigate CVE-2021-40346: Viktor Gurov wrote in #note-6:
> You can try to apply the attached patch
No need to add this if version of haproxy w... DRago_Angel [InV@DER]
05:48 AM pfSense Packages Todo #12354: Update haproxy-devel to mitigate CVE-2021-40346: DRago_Angel [InV@DER] wrote in #note-3:
> Hi, this is serious CVE, and still no updates? Even it possible to workaro... Viktor Gurov
05:45 AM Bug #12388 (Resolved): Captive Portal input validation for "After authentication Redirection URL" and "Blocked MAC address redirect URL" is swapped: Tested on the:... Danilo Zrenjanin
05:36 AM Bug #12371: Remove subnet overlap check on LAN interfaces when using 6rd: Daniel Porsch wrote:
> Hello,
>
> Can the subnet overlapping check on the lan interfaces be removed if using 6rd?... Viktor Gurov
02:45 AM Bug #12371 (Feedback): Remove subnet overlap check on LAN interfaces when using 6rd: Applied in changeset commit:5972442910d7c6a7657810e35ee3d9975061a925. Viktor Gurov
05:03 AM Bug #12419 (Resolved): Console boot output includes ``Configuring IPsec VTI interfaces`` when no VTI interfaces are configured: Tested on the:... Danilo Zrenjanin
05:01 AM Feature #12441: Send notification for halt, reboot, and reroot events: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/414 Viktor Gurov
04:55 AM Feature #12441 (Resolved): Send notification for halt, reboot, and reroot events: Currently @notify_all_remote()@ is only used on boot:
https://github.com/pfsense/pfsense/blob/1004053d3ae9c350e20249... Viktor Gurov
04:50 AM Feature #12316 (Feedback): Include firewall rules generated from OpenVPN RADIUS ACL entries in status output: Applied in changeset commit:1004053d3ae9c350e20249d65783b6c4a63b0e58. Viktor Gurov
03:25 AM pfSense Packages Feature #11972 (Resolved): Arpwatch - Add support for Telegram notifications: there is no
Alhusein Zawi wrote in #note-4:
> there is no option to add Telegram in Arpwatch page.
>
> Tested... Viktor Gurov
03:25 AM Feature #12321 (Feedback): Pop-up window to view firewall rules generated from RADIUS ACL entries on the OpenVPN status page: Applied in changeset commit:61eb637d00c921d2ae64f9edc66dfa9611fec35c. Viktor Gurov
03:24 AM Bug #12389 (Resolved): Help text for RAM disk settings does not mention Captive Portal data: Tested on the:... Danilo Zrenjanin
03:18 AM Bug #12435 (Resolved): "6RD Prefix" field does not have input validation: Tested on the:... Danilo Zrenjanin
02:59 AM Bug #12439 (Resolved): "Default preferred lifetime" field for IPv6 RA does not have input validation: Tested on the:... Danilo Zrenjanin
02:17 AM Bug #12440: Zero-value prefix IPv6 addresses are mishandled: Steve Wheeler wrote:
> IPv6 addresses of that format appear to be deprecated though pf itself appears to be able to ... Viktor Gurov

10/08/2021

07:30 PM Feature #12416: Support OpenVPN ``client-kill`` to terminate remote clients instead of clearing their session: Customer in internal ticket 96721 tested this. Their results seem to be that this patch breaks the OpenVPN client ki... Kris Phillips
05:44 PM Bug #12440 (Resolved): Zero-value prefix IPv6 addresses are mishandled: Zero-value prefix IPv6 addresses on the type ::/96 are mishandled when used in pfSense firewall or NAT rules.
For ... Steve Wheeler
04:56 PM Revision 9a18668d: Display default Reflection Timeout value. Feature #12318: Viktor Gurov
03:51 PM Revision 44a4215f: 1:1 NAT destination entries description fix. Issue #12410: Viktor Gurov
03:50 PM Revision e33311fe: DNS check optimization. Fixes #11512: Viktor Gurov
03:49 PM Revision 1ab2ec0a: IPv6 Port Forwarding Proxy+NAT input validation. Fixes #12319: Viktor Gurov
03:48 PM Revision ff90368d: fix #11734 NAT overlap validation does not check special networks: Marcos M
03:44 PM Revision 42259176: deleteVIP() IPsec PH1 input validation. Fixes #12356: Viktor Gurov
03:42 PM Revision 3e968849: Correct input validation on deleting a CARP VIP which is referenced by an IP Alias. Fixes #12362: Viktor Gurov
03:36 PM Revision b5332117: Improve XMLRPC Sync for dhcpd. Fixes #10955: Marcos M
03:36 PM Revision 83afa41a: Reload syslogd on log Rotation Size / Retention Count change. Fixes #12366: Viktor Gurov
03:35 PM Revision 08ef78ac: Allow to halt OpenVPN client on status page. Issue #12416: Viktor Gurov
03:34 PM Revision ed1ff340: Do not show Configuring IPsec VTI interfaces message at boot if no VTIs are configured. Fixes #12419.: Viktor Gurov
03:34 PM Revision 14e080ab: Swap Captive Portal Redirection URL and Blocked MAC redirect URL input validation messages. Fixes #12388: Viktor Gurov
03:33 PM Revision d9793efc: Update help text for RAM disk settings. Fixes #12389: Viktor Gurov
03:30 PM Revision 79b8b049: Remove unused function from pfsense-utils.inc. Todo #12406: Viktor Gurov
03:26 PM Revision b8cfee9d: 6RD Prefix input validation. Fixes #12435: Viktor Gurov
12:22 PM Revision 7cf69c98: Default preferred lifetime input validation. Fixes #12439: Viktor Gurov
12:09 PM pfSense Docs Todo #12418 (Feedback): AutoConfigBackup Menu Structure Documentation: Fixed (plus a few other changes):
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/160898325eff3f21fa77b9fc67... Jim Pingle
10:59 AM pfSense Docs Todo #12418 (In Progress): AutoConfigBackup Menu Structure Documentation: Jim Pingle
11:11 AM pfSense Docs Todo #11812 (Feedback): Feedback on pfSense Configuration Recipes — Configuring IPv6 Through A Tunnel Broker Service: Updated the doc and added the reboot advice.
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/465c63a97708665... Jim Pingle
11:00 AM Regression #11512 (Feedback): DHCP Leases page and ARP table page fail to load if DNS is not available: Applied in changeset commit:e33311fefd11f5b30c6822c298cf9d12adbb164e. Viktor Gurov
11:00 AM Bug #12319 (Feedback): NAT reflection does not work for IPv6 port forwarding rules when configured for NAT+Proxy mode: Applied in changeset commit:1ab2ec0a269f03dd7e865d21787331a7a2cb6f3f. Viktor Gurov
10:50 AM Bug #12356 (Feedback): Validation when deleting a VIP does not check if the VIP is used by IPsec phase 1 entries: Applied in changeset commit:42259176d0c0a4ca49099ef5cdbcbfdacdd64589. Viktor Gurov
10:50 AM Bug #12362 (Feedback): Validation when deleting a VIP does not prevent deleting a CARP VIP used as a parent for an IP Aliases VIP: Applied in changeset commit:3e968849be516d138cad7f021ee2d8df11bea202. Viktor Gurov
10:50 AM Bug #10955 (Feedback): XMLRPC sync results in an error when a failover peer IP address is specified in DHCP server settings for an unconfigured interface: Applied in changeset commit:b5332117fd5b675d9d7f81b9c2895ab452f3d610. Marcos M
10:45 AM Bug #12366 (Feedback): Rotation settings for individual log files do not take effect after saving: Applied in changeset commit:83afa41acfafdfd90fb71d8cdd5542a826bef315. Viktor Gurov
10:35 AM Regression #12288: GRE and GIF tunnel inside addresses are missing at the OS level after applying changes on assigned interfaces: This also applies to GIF interfaces. Additionally, it doesn't happen on assignment but any time changes are applied. Jim Pingle
10:35 AM Bug #12419 (Feedback): Console boot output includes ``Configuring IPsec VTI interfaces`` when no VTI interfaces are configured: Applied in changeset commit:ed1ff34051aa52395e91c84b7e4d2beb0f2e9b91. Viktor Gurov
10:35 AM Bug #12388 (Feedback): Captive Portal input validation for "After authentication Redirection URL" and "Blocked MAC address redirect URL" is swapped: Applied in changeset commit:14e080ab41419b4006130432c1e128deaaffdee0. Viktor Gurov
10:35 AM Bug #12389 (Feedback): Help text for RAM disk settings does not mention Captive Portal data: Applied in changeset commit:d9793efc0cb9d13aa812141ab509d288455f1f62. Viktor Gurov
10:35 AM Bug #12435 (Feedback): "6RD Prefix" field does not have input validation: Applied in changeset commit:b8cfee9dbaec99fc20ed0d816bb3cbe79943b150. Viktor Gurov
07:41 AM Bug #12435 (Pull Request Review): "6RD Prefix" field does not have input validation: Jim Pingle
12:49 AM Bug #12435: "6RD Prefix" field does not have input validation: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/411 Viktor Gurov
12:42 AM Bug #12435 (Resolved): "6RD Prefix" field does not have input validation: ```6RD Prefix``` field on the interfaces.php page has no input validation and allows any value to be entered Viktor Gurov
10:35 AM Bug #12439 (Feedback): "Default preferred lifetime" field for IPv6 RA does not have input validation: Applied in changeset commit:7cf69c985d73a2a3a418832bf9e6314a05f8efbe. Viktor Gurov
07:42 AM Bug #12439 (Pull Request Review): "Default preferred lifetime" field for IPv6 RA does not have input validation: Jim Pingle
07:23 AM Bug #12439: "Default preferred lifetime" field for IPv6 RA does not have input validation: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/412 Viktor Gurov
07:13 AM Bug #12439 (Resolved): "Default preferred lifetime" field for IPv6 RA does not have input validation: The "Default preferred lifetime" field allows to enter any value, including non-numeric Viktor Gurov
07:40 AM Bug #12371 (Pull Request Review): Remove subnet overlap check on LAN interfaces when using 6rd: Jim Pingle
12:36 AM Bug #12371: Remove subnet overlap check on LAN interfaces when using 6rd: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/410 Viktor Gurov
07:36 AM Feature #9827 (Duplicate): Add default route indicator to gateways dashboard widget to indicate which interface is currently selected as default in a gateways group scenario: duplicate of #11057 Viktor Gurov
07:24 AM Bug #12437 (Rejected): Firewall logs block item from appearing in logs creates an alias such as EasyRuleBlockHostsOPT10. OPT10 was renamed to e.g. “wirelessly when interface was created there is no way to find original OPTX from gui: Given the free-form nature of interface descriptions that isn't viable, and they would also not update if an interfac... Jim Pingle
03:19 AM Bug #12437 (Rejected): Firewall logs block item from appearing in logs creates an alias such as EasyRuleBlockHostsOPT10. OPT10 was renamed to e.g. “wirelessly when interface was created there is no way to find original OPTX from gui: Once interfaces have been renamed there does not seem to be an easy way to identify which OPTX interface it used to b... And Ritchie
07:21 AM Bug #12436 (Not a Bug): Pppoe server config gui does not allow setting of chap authentication, and sets the network start address for allocation to 0: An IP address ending in @.0@ is only invalid when used as a part of an actual subnet. In point-to-point interfaces li... Jim Pingle
03:55 AM Bug #12436: Pppoe server config gui does not allow setting of chap authentication, and sets the network start address for allocation to 0: Hi Victor,
This behaviour causes assigned client ip address to be 0 thus invalid.
E.g. 192.168.1.0 is not a valid ... And Ritchie
03:43 AM Bug #12436: Pppoe server config gui does not allow setting of chap authentication, and sets the network start address for allocation to 0: And Ritchie wrote:
> It is not possible to enable chap authentication via the gui. The service config file is genera... Viktor Gurov
03:08 AM Bug #12436 (New): Pppoe server config gui does not allow setting of chap authentication, and sets the network start address for allocation to 0: It is not possible to enable chap authentication via the gui. The service config file is generated with pap authentic... And Ritchie
07:13 AM Bug #12159 (Resolved): "Default preferred lifetime" router advertisement validation check uses incorrect variable: The original issue from the PR is resolved in 21.09.r.20210923.2242
but the "Default preferred lifetime" field all... Viktor Gurov
06:47 AM Regression #11938 (Resolved): DNS Resolver does not add PTR record for OpenVPN clients: Tested on the:... Danilo Zrenjanin
05:27 AM Regression #12233 (Resolved): VIP network addresses are not expanded on Port Forward rules: Tested on the:... Danilo Zrenjanin
03:40 AM Feature #12438 (Resolved): Option to select PPPoE Server authentication protocol: It is not possible to enable chap authentication via the gui. The service config file is generated with pap authentic... Viktor Gurov

10/07/2021

11:28 PM Feature #12094 (Resolved): Suppress kernel messages for ``lo0`` configuration during boot: there is no kernel messages for ``lo0``
Starting Secure Shell Services...done.
Setting up interfaces microco... Alhusein Zawi
06:17 PM Bug #12434 (Resolved): Multiple cURL Vulnerabilities: Vulnerabilities outlined here:
https://www.tenable.com/plugins/nessus/153812
CVEs Here:
https://cve.mitre.org/c... Kris Phillips
04:38 PM Feature #12433 (Resolved): Icon for traffic direction on floating rules tab: It’d be helpful to see the configured direction(s) for rules on the floating rule page without having to click on the... James Chambers
03:13 PM pfSense Docs Todo #11743 (Feedback): Feedback on Virtual Private Networks — VPN Scaling: Done:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/54c876ea107be13ffe3fcdfad3e8e27990c1f86c Jim Pingle
02:56 PM pfSense Docs Todo #11743 (In Progress): Feedback on Virtual Private Networks — VPN Scaling: https://docs.netgate.com/pfsense/en/latest/hardware/cryptographic-accelerators.html covers it in much more detail but... Jim Pingle
12:01 PM Bug #11481 (Pull Request Review): NAT Reflection does not work when "NAT Reflection mode for port forwards" is set to "pure nat": Jim Pingle
11:44 AM Bug #11481: NAT Reflection does not work when "NAT Reflection mode for port forwards" is set to "pure nat": https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/409 Viktor Gurov
10:34 AM pfSense Docs New Content #12432 (Feedback): Add documentation for DNS Resolver Status page: Added:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/b82cfce672ea111e49044889d08af69f47f52f86
https://git... Jim Pingle
10:10 AM pfSense Docs New Content #12432 (Closed): Add documentation for DNS Resolver Status page: The DNS Resolver status page ( *Status > DNS Resolver* , @status_unbound.php@) is not currently documented or referen... Jim Pingle
09:42 AM pfSense Packages Bug #12423: Dashboard shows "SQLite database missing, Force Reload DNSBL to recover!": Viktor, thanks for improving the error message. Two comments:
1. putting the full path might be even better. I assu... Sean McBride
12:41 AM pfSense Packages Bug #12423: Dashboard shows "SQLite database missing, Force Reload DNSBL to recover!": fix:
https://github.com/pfsense/FreeBSD-ports/pull/1112 Viktor Gurov
08:18 AM Regression #12382: Certificate Depth checking creates OpenVPN micro-outages every time a user authenticates after 2.5.2 upgrade: So this bug is affecting us too. We need to route all our VPN clients traffic through the VPN and this bug is causing... Joao Assad
08:16 AM pfSense Docs Todo #12428 (Feedback): Feedback on Services — DNS Resolver — Host Overrides: Fixed:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/86556c7171b5d22b3e2ce34cca2d9d98d98072b2
Jim Pingle
12:28 AM pfSense Docs Todo #12428 (Closed): Feedback on Services — DNS Resolver — Host Overrides: *Page:* https://docs.netgate.com/pfsense/en/latest/services/dns/resolver-host-overrides.html
*Feedback:*
"IP Ad... Viktor Gurov
08:16 AM pfSense Docs Todo #12429 (Feedback): Feedback on Bridging: Fixed:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/1c0e9ed82c951f12336c502ed9be7eabde30cab9
Jim Pingle
03:10 AM pfSense Docs Todo #12429 (Closed): Feedback on Bridging: *Page:* https://docs.netgate.com/pfsense/en/latest/bridges/index.html
*Feedback:*... Viktor Gurov
07:40 AM Todo #12431: GUI pages should use ``POST`` for AJAX calls, not ``GET``: True. May as well fix them all. Updated subject/category. Jim Pingle
07:36 AM Todo #12431: GUI pages should use ``POST`` for AJAX calls, not ``GET``: also:
pkg.php
services_captiveportal_vouchers.php
vendorstatus_graph.php
vpn_ipsec_phase1.php
status_graph.php... Viktor Gurov
07:24 AM Todo #12431 (Resolved): GUI pages should use ``POST`` for AJAX calls, not ``GET``: The AJAX buttons on the OpenVPN status page submit values using @GET@ when they should use @POST@. The variables used... Jim Pingle
07:37 AM Todo #12430 (Pull Request Review): Add IPsec phase 2 BINAT subnet size input validation: Jim Pingle
06:06 AM Todo #12430: Add IPsec phase 2 BINAT subnet size input validation: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/408 Viktor Gurov
04:36 AM Todo #12430 (Resolved): Add IPsec phase 2 BINAT subnet size input validation: from https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/phase-2-nat.html#nat-types:
"NAT+IPsec cannot be configure... Viktor Gurov
07:29 AM pfSense Packages Todo #12354 (Pull Request Review): Update haproxy-devel to mitigate CVE-2021-40346: Jim Pingle
02:40 AM pfSense Packages Todo #12354: Update haproxy-devel to mitigate CVE-2021-40346: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/136 Viktor Gurov
07:18 AM pfSense Packages Bug #12420 (Pull Request Review): rc file is not deleted: Jim Pingle
01:41 AM pfSense Packages Bug #12420: rc file is not deleted: fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/135 Viktor Gurov
04:19 AM pfSense Packages Bug #1620: Can't use transparent proxy when using bridge.: transparent mode on bridge works fine on pfSense 2.6.0.a.20211006.2213 with net.link.bridge.pfil_bridge=1 and net.lin... Viktor Gurov
12:25 AM pfSense Docs Correction #11121 (Resolved): Feedback on Services — DNS Resolver: OpenVPN Clients info added Viktor Gurov

10/06/2021

03:38 PM pfSense Docs Todo #12261 (Closed): Feedback on pfSense Configuration Recipes — WireGuard VPN Client Configuration Example: Jim Pingle
03:38 PM pfSense Docs New Content #12417 (Closed): Add section to IPsec troubleshooting for VTI tunnels not reconnecting: Jim Pingle
03:36 PM pfSense Docs Correction #11176 (Feedback): Feedback on Services — DNS Resolver: DNS Resolver docs have been updated and now include the requested content.
https://gitlab.netgate.com/docs/pfSense... Jim Pingle
03:36 PM pfSense Docs Todo #11417 (Feedback): Feedback on Services — DNS Resolver — DNS Resolver Advanced Options: DNS Resolver docs have been updated and now include the requested content.
https://gitlab.netgate.com/docs/pfSense... Jim Pingle
03:35 PM pfSense Docs Correction #11121 (Feedback): Feedback on Services — DNS Resolver: DNS Resolver docs have been updated and now include the requested content.
https://gitlab.netgate.com/docs/pfSense... Jim Pingle
03:35 PM pfSense Docs Correction #9373 (Feedback): Feedback on Services — DNS — Configuring the DNS Resolver: DNS Resolver docs have been updated and now include the requested content.
https://gitlab.netgate.com/docs/pfSense... Jim Pingle
07:17 AM Bug #12426 (Rejected): Captive portal not working with 5 vlan interface in version 2.5: There is not enough information here to classify this as a bug, and this site is not for support or diagnostic discus... Jim Pingle
03:27 AM Bug #12426: Captive portal not working with 5 vlan interface in version 2.5: The same configuration on 2.4.5-RELEASE-p1 works without issue.
the issue on 2.5.x Mohamed Ahmed
03:14 AM Bug #12426 (Rejected): Captive portal not working with 5 vlan interface in version 2.5: I use captive portal with 4 vlan interface, it works flawlessly. The problem is that when I activate the captive port... Mohamed Ahmed
07:14 AM pfSense Packages Bug #12365 (Not a Bug): PFBlockerNG - Unbound fails to start 3.1.0: No worries, thanks for following up and letting us know. Those kinds of problems can be quite frustrating to track down. Jim Pingle
04:54 AM pfSense Packages Bug #12365: PFBlockerNG - Unbound fails to start 3.1.0: Seems this was down to a hard to find memory problem that gave random errors.
Apologies D B
07:02 AM pfSense Packages Todo #12427 (New): ha-proxy: action order in the GUI is not keeped in the resulting ha-proxy configuration: If there are (for example) 'Use Backend' and 'http-request redirect' actions are defined in the GUI in a specific ord... Thomas Eckardt

10/05/2021

12:23 PM pfSense Docs Correction #9394 (Feedback): Feedback on Services — DNS — Configuring the DNS Resolver: Additional updates:
1. Added a new section to the DNS Lookup page which describes how it selects servers to test.
... Jim Pingle
08:23 AM Regression #12069: Panic in ``pfctl`` with large numbers of states: So can we close it now? Mateusz Guzik
07:33 AM Feature #12425 (Rejected): Remove DHCP Leases automatically: That is not a typical requirement for DHCP as it will automatically recycle expired leases with the appropriate setti... Jim Pingle
05:25 AM Feature #12425 (Rejected): Remove DHCP Leases automatically: Hello,
We use Pfsense's DHCP server to assign IP addresses on a WIFI network used with lots of users and BYOD. We ... Nicolas Pissard

10/04/2021

03:33 PM pfSense Docs Correction #9394 (In Progress): Feedback on Services — DNS — Configuring the DNS Resolver: There are multiple items here that aren't directly related:
1. The DNS test page reports times for configured serv... Jim Pingle
01:53 PM pfSense Packages Bug #12424 (Pull Request Review): OpenVPN silent install uses incorrect parameters: Jim Pingle
01:37 PM pfSense Packages Bug #12424: OpenVPN silent install uses incorrect parameters: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/133 Marcos M
01:07 PM pfSense Packages Bug #12424 (Resolved): OpenVPN silent install uses incorrect parameters: The @.exe@ and @.msi@ installers require different parameters for a silent install. Currently, the same parameter is ... Marcos M
07:20 AM Bug #12419 (Pull Request Review): Console boot output includes ``Configuring IPsec VTI interfaces`` when no VTI interfaces are configured: Jim Pingle

10/03/2021

08:47 PM Bug #11432: status_dhcp_leases.php doesn't load: This is likely a duplicate of https://redmine.pfsense.org/issues/11512. Marcos M
06:54 PM pfSense Packages Bug #12423 (Resolved): Dashboard shows "SQLite database missing, Force Reload DNSBL to recover!": See screenshot. The message tells to 'force reload' which I did, yet the error persists.
There's one post on the ... Sean McBride
03:53 PM pfSense Packages Feature #10739: Update HAproxy-devel package to 2.2 and HAproxy to 2.0: Hi, here many points are still undone. DRago_Angel [InV@DER]
03:34 PM pfSense Packages Todo #12354: Update haproxy-devel to mitigate CVE-2021-40346: Hi, this is serious CVE, and still no updates? Even it possible to workaround issue by adding own check, I sure most ... DRago_Angel [InV@DER]

10/02/2021

05:58 PM pfSense Packages Bug #12188: client export breaks multi remote configurations: Based on reviewing the bug report with OpenVPN there doesn't appear to be anything that needs to be done here. They'... Kris Phillips
05:52 PM pfSense Packages Bug #12365 (Feedback): PFBlockerNG - Unbound fails to start 3.1.0: Completed the following tests:
1. Installed pfBlockerNG-dev
2. Ran a force update and reload
3. Monitored loggin... Kris Phillips
05:41 PM pfSense Packages Bug #12030: Startup Errors for Avahi Package: Jim Pingle wrote in #note-11:
> It's a package, not a part of the base system, so updates are not tied to any releas... Kris Phillips
03:37 PM pfSense Packages Bug #11768 (Resolved): FRR OSPF - Comment field within the ospf interfaces gets longer and longer: Tested with FRR 1.1.0_15
Looks to be fixed. The description only matches the interface that it is actually set on... Max Leighton
01:30 PM Bug #12168 (Resolved): 1:1 NAT rule with internal IP address of "Any" results in an invalid firewall rule: Tested on the:... Danilo Zrenjanin
11:45 AM Regression #12398 (Resolved): "Expiration and Replacement" section is shown twice when editing a mobile IPsec phase 2 entry: I checked and saw it in 21.09. The fix works. The Expiration and Replacement section only appears once in 22.01:
2... Max Leighton
08:44 AM Bug #12421 (New): IPV6 limiter bug: I attempted to set a IPV6 limiter along with an IPV4 limiter. I had previously had a QOS setup which was deleted, and... Juan Abonia
08:27 AM pfSense Packages Bug #11465: Input validation does not prevent multiple conflicting WireGuard peers on a single tunnel from attempting to act as default route: Submitted PR 19 (https://github.com/theonemcdonald/pfSense-pkg-WireGuard/pull/149).
Few queries on the PR regardin... Adam Cooper
01:07 AM pfSense Packages Bug #12420 (Resolved): rc file is not deleted: /usr/local/etc/rc.d/pimd.sh file is not deleted after disabling the service Viktor Gurov
12:38 AM Bug #12419: Console boot output includes ``Configuring IPsec VTI interfaces`` when no VTI interfaces are configured: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/407 Viktor Gurov
12:21 AM Bug #12419 (Resolved): Console boot output includes ``Configuring IPsec VTI interfaces`` when no VTI interfaces are configured: I am seeing VTI interface while I do not have any IPsec configuration:... Viktor Gurov
12:22 AM Bug #12002 (Resolved): Boot messages contain entries about configuring LAGG/VLAN/QinQ interfaces even when no entries of those types are configured: Alhusein Zawi wrote in #note-6:
> I am seeing VTI interface while I do not have any IPsec configuration in tested vm... Viktor Gurov

10/01/2021

11:32 PM Bug #12002: Boot messages contain entries about configuring LAGG/VLAN/QinQ interfaces even when no entries of those types are configured: I am seeing VTI interface while I do not have any IPsec configuration in tested vm
Configuring loopback interf... Alhusein Zawi
09:13 PM Bug #12039 (Resolved): Gateway alarm always triggers IPsec restart: /etc/rc.ipsec is created
/etc/rc.gateway_alarm:
/usr/local/sbin/pfSctl \
-c "service reload dyndns ${GW... Alhusein Zawi
07:14 PM pfSense Docs Todo #12418 (Closed): AutoConfigBackup Menu Structure Documentation: Documentation here states to use Diagnostics --> AutoConfigBackup to reach the service's configuration. It's actuall... Kris Phillips
11:53 AM pfSense Packages Bug #12058: pfBlockerNG / "Cannot allocate memory" from Geo blocking IP list: Indeed increasing that has eliminated the "Cannot allocate memory" messages.
Could the error message be improved t... Sean McBride
10:45 AM pfSense Docs New Content #12417 (Feedback): Add section to IPsec troubleshooting for VTI tunnels not reconnecting: Done:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/0a4089d8298e230db7ef3c9ab146bca409521a7e
http://sta... Jim Pingle
10:37 AM pfSense Docs New Content #12417 (Closed): Add section to IPsec troubleshooting for VTI tunnels not reconnecting: Add section to IPsec troubleshooting for VTI tunnels not reconnecting. The new periodic check keep alive option in P2... Jim Pingle
08:05 AM Feature #12416 (Pull Request Review): Support OpenVPN ``client-kill`` to terminate remote clients instead of clearing their session: Jim Pingle
03:44 AM Feature #12416: Support OpenVPN ``client-kill`` to terminate remote clients instead of clearing their session: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/406 Viktor Gurov
01:25 AM Feature #12416 (Resolved): Support OpenVPN ``client-kill`` to terminate remote clients instead of clearing their session: Killing a user remote access vpn session from the firewall through the pfsense GUI only works temporarily.
Less the... Viktor Gurov
06:05 AM Feature #4881: Allow NPt to use dynamic IPv6 networks: Hi,
So the CARP fixing is broken as of yet: the script founds the old CARP address as interface address and fixes ... Csoban Kesmarki
04:42 AM pfSense Packages Bug #12033: maxmindb and _sqlite3 modules not found: How to resolve:... Viktor Gurov
04:26 AM pfSense Packages Bug #12033: maxmindb and _sqlite3 modules not found: see the same error on SG-3100 with pfSense-21.09.r.20210923.2242 and pfBlockerNG-3.1.0:... Viktor Gurov
12:23 AM pfSense Packages Bug #12414: DNSBL SafeSearch page displays input validation error if DoH / DoT blocking is not enabled: fix:
https://github.com/pfsense/FreeBSD-ports/pull/1111 Viktor Gurov
12:12 AM pfSense Packages Bug #12414 (Resolved): DNSBL SafeSearch page displays input validation error if DoH / DoT blocking is not enabled: You need to enable DoH/DoT Blocking and select entries in the DoH/DoT Blocking List, otherwise you'll see:... Viktor Gurov
12:16 AM pfSense Docs Todo #12415 (Rejected): Feedback on pfSense Configuration Recipes: *Page:* https://docs.netgate.com/pfsense/en/latest/recipes/index.html
*Feedback:*
https://forum.netgate.com/top... Viktor Gurov

09/30/2021

03:16 PM pfSense Docs Todo #12412 (Closed): Feedback on Virtual Private Networks — IPsec — Routed IPsec (VTI): Fixed (plus a bunch more that were out of date):
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/d7496cc5e09... Jim Pingle
11:41 AM pfSense Docs Todo #12412 (Closed): Feedback on Virtual Private Networks — IPsec — Routed IPsec (VTI): *Page:* https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/routed-vti.html
*Feedback:*
"The Hangouts Archive ... Viktor Gurov
03:16 PM pfSense Docs Todo #12413 (Closed): Feedback on Services — SNMP: Fixed (plus a bunch more that were out of date):
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/d7496cc5e09... Jim Pingle
11:43 AM pfSense Docs Todo #12413 (Closed): Feedback on Services — SNMP: *Page:* https://docs.netgate.com/pfsense/en/latest/services/snmp.html
*Feedback:*
"The Hangouts Archive contain... Viktor Gurov
07:30 AM Regression #12398: "Expiration and Replacement" section is shown twice when editing a mobile IPsec phase 2 entry: It won't show on 2.5.2, only on recent builds of 2.6.0 (after I introduced the bug and before I fixed it) and on curr... Jim Pingle
03:21 AM Regression #12398: "Expiration and Replacement" section is shown twice when editing a mobile IPsec phase 2 entry: I tested on the 2.5.2-RELEASE (amd64). With all defaults settings under Phase 2, I couldn't replicate it.
Is there... Danilo Zrenjanin
04:37 AM pfSense Plus Bug #12341 (Resolved): Gateway Monitoring Percentage Not Decreasing After Gateway Packet Loss Event: I tested on XG-7100 latest RC.
I can confirm it works as expected. I am resolving this ticket. Danilo Zrenjanin
04:03 AM Regression #12377 (Resolved): NAT Rule Reorder: I couldn't replicate it on the latest pfSense plus RC nor the latest CE version. It may be closed. Danilo Zrenjanin

09/29/2021

10:39 AM pfSense Docs Todo #12411 (Resolved): Feedback on High Availability — pfSense XML-RPC Config Sync Overview: *Page:* https://docs.netgate.com/pfsense/en/latest/highavailability/xmlrpc-sync.html
*Feedback:*
A description ... Viktor Gurov
09:19 AM Todo #12235 (Resolved): ``pfSense-upgrade`` should reinstall all packages on new version upgrades: Fixed now Renato Botelho
07:30 AM Todo #12406 (Pull Request Review): Remove unused functions: Jim Pingle
03:06 AM Todo #12406: Remove unused functions: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/405 Viktor Gurov
07:22 AM Bug #12410 (Pull Request Review): 1:1 NAT edit page lists incorrect entries in the Destination field: Jim Pingle
02:56 AM Bug #12410: 1:1 NAT edit page lists incorrect entries in the Destination field: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/404 Viktor Gurov
01:36 AM Bug #12410 (Resolved): 1:1 NAT edit page lists incorrect entries in the Destination field: Destination type doesn't have "net" suffix:... Viktor Gurov
07:19 AM Bug #12408 (Pull Request Review): Input validation prevents creating 1:1 NAT rules on OpenVPN: Jim Pingle
12:56 AM Bug #12408: Input validation prevents creating 1:1 NAT rules on OpenVPN: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/403 Viktor Gurov
12:02 AM pfSense Packages Feature #12297 (Resolved): Suricata: show actual GID:SID rule on click: Viktor Gurov

09/28/2021

10:13 AM Todo #12235 (Feedback): ``pfSense-upgrade`` should reinstall all packages on new version upgrades: Fixed by pfSense-upgrade 1.0_6 Renato Botelho
09:45 AM Todo #12235 (In Progress): ``pfSense-upgrade`` should reinstall all packages on new version upgrades: There were some reports of crash logs showing up after upgrade and also PHP complaining about libpfctl missing during... Renato Botelho
09:27 AM pfSense Docs Correction #12405 (Closed): Wireguard Docs Spelling Error: Merged & Deployed. Jim Pingle

09/27/2021

07:15 PM Feature #12267: OpenVPN option to limit concurrent connections per user: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/402 Marcos M
03:33 PM pfSense Docs Correction #12405 (Waiting on Merge): Wireguard Docs Spelling Error: MR: https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/24 Christian McDonald
03:04 PM pfSense Docs Todo #12182 (Feedback): Update IPsec to match recent changes: Additional updates:
* https://gitlab.netgate.com/docs/pfSense-docs/-/commit/9f424c44b6c9f95f8728e3699db4f9b47fb6e699... Jim Pingle
02:30 PM pfSense Docs New Content #11862 (Closed): Document High Availability IPSec: I suspect mostly you were hitting bugs in IPsec that are fixed in 2.6.0/21.09. HA IPsec was covered already, at https... Jim Pingle
10:24 AM Bug #12409: Automatic-default-gateway-mode selects OpenVPN-Server interfaces: What is this mode made for? As long as there are only valid internet gateways it is safe to use. But as soon as there... Lars Möller
09:47 AM Bug #12409 (Not a Bug): Automatic-default-gateway-mode selects OpenVPN-Server interfaces: That's the nature of the default "automatic" mode -- when left to select it will select whatever gateway is the first... Jim Pingle
09:39 AM Bug #12409 (Not a Bug): Automatic-default-gateway-mode selects OpenVPN-Server interfaces: If the gateway selection is in automatic mode, the default gateway is switched from the monitored WAN gateway to an O... Lars Möller
08:57 AM Regression #11570: Gateway monitoring services is not always restarted on interface events, which may prevent a WAN from recovering back to an online state: We are having the same problem on SG-3100, XG-7100, SG-5100. It occours on 21.* up to 21.05.1. On 2.4.5 everything wa... Lars Möller
08:45 AM Bug #12408: Input validation prevents creating 1:1 NAT rules on OpenVPN: I worked around the issue temporarily by adding opt-interfaces to the array,
$vpn_and_ppp_ifs = array("l2tp", "p... Chriss E
07:30 AM Bug #12408: Input validation prevents creating 1:1 NAT rules on OpenVPN: The problem seems to be that the array value of 'openvpn' does not reflect the actual value sent by firewall_nat_1to1... Chriss E
04:33 AM Bug #12408: Input validation prevents creating 1:1 NAT rules on OpenVPN: Tested on Netgate pfSense Plus 21.05.1-RELEASE (amd64) Chriss E
04:31 AM Bug #12408 (Resolved): Input validation prevents creating 1:1 NAT rules on OpenVPN: Maybe related to https://redmine.pfsense.org/issues/11751 but for 1:1 NAT rules with OpenVPN interface selected
Wh... Chriss E
08:10 AM pfSense Packages Bug #12030: Startup Errors for Avahi Package: It's a package, not a part of the base system, so updates are not tied to any release.
It could be updated any tim... Jim Pingle
06:39 AM pfSense Packages Bug #12365: PFBlockerNG - Unbound fails to start 3.1.0: php-fpm 52285 /status_services.php: The command '/usr/local/sbin/unbound -c /var/unbound/unbound.conf' returned exi... D B

09/26/2021

05:44 PM Bug #12332: OpenVPN does not clear old Cisco-AVPair anchor rules in some cases: I've submitted a new merge request which solves this issue. The solution is dependent on #12407
https://gitlab.netg... Marcos M
05:42 PM Feature #12407: Use deferred client connections in OpenVPN: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/402 Marcos M
05:16 PM Feature #12407 (Resolved): Use deferred client connections in OpenVPN: New in OpenVPN 2.5 is the ability to use deferred client-connect. See @Deferred client-connect@:
https://github.com/... Marcos M

09/25/2021

09:05 PM pfSense Packages Bug #12030: Startup Errors for Avahi Package: Tested on RC3 of 21.09. Still present. Is this going to make it into 21.09 before it's pushed public? Kris Phillips
03:15 PM pfSense Packages Feature #12297: Suricata: show actual GID:SID rule on click: GID:SID is clickable using suricata 6.0.3_2 on 21.09.r.20210923.1842 Jordan G
11:07 AM Feature #4881: Allow NPt to use dynamic IPv6 networks: Hi,
I made a sort of workaround: I created two php scripts (checknpt and fixnpt) which checks all NPT settings and... Csoban Kesmarki
09:39 AM Regression #11512: DHCP Leases page and ARP table page fail to load if DNS is not available: the MR/patch works as expected - https://forum.netgate.com/topic/161424/dhcp-lease-screen-not-loading/86:... Viktor Gurov
04:44 AM Todo #12406 (Resolved): Remove unused functions: from https://github.com/pfsense/pfsense/blob/df945787c7b7784444381eabeeaf519361cbc2ec/src/etc/inc/pfsense-utils.inc:
... Viktor Gurov
04:36 AM Bug #12227 (Resolved): Changing VHID on CARP VIP does not update VHID of related IP Alias VIPs: Tested on the:... Danilo Zrenjanin
01:28 AM Feature #12086 (Resolved): New Dynamic DNS Provider: deSEC: Danilo Zrenjanin
01:28 AM Feature #12086: New Dynamic DNS Provider: deSEC: Tested on the :... Danilo Zrenjanin
12:00 AM pfSense Packages Feature #11320 (Resolved): Update NAS client type: Viktor Gurov

09/24/2021

11:58 PM Regression #12396: PHP Warning: Use of undefined constant ip - /etc/inc/services.inc on line 2465: Many thanks. Do you want me to close this? JP Versteeg
10:18 PM pfSense Packages Feature #11320: Update NAS client type: clients are added to clients type list
2.5.2
Alhusein Zawi
08:36 PM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: Christian McDonald wrote in #note-9:
> Thanks.
>
> We might need to hook the gateway alarm and trigger WireGuard se... Ryan Roosa
06:46 PM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: Thanks.
We might need to hook the gateway alarm and trigger WireGuard service to be restarted when gateway status... Christian McDonald
05:35 PM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: Christian McDonald wrote in #note-7:
> Interesting... I can replicate this if my WAN is using DHCP, but as soon as I... Ryan Roosa
05:26 PM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: Interesting... I can replicate this if my WAN is using DHCP, but as soon as I switch to a static address I can unplug... Christian McDonald
05:13 PM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: Christian McDonald wrote in #note-5:
> Ryan, out of curiosity, are you using DHCP are static addressing on your WAN?... Ryan Roosa
05:09 PM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: Ryan, out of curiosity, are you using DHCP are static addressing on your WAN? Christian McDonald
05:03 PM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: Just tested this on my 2100. I will test more next week.
I have a WireGuard tunnel to Mullvad.
# Started a persiste... Christian McDonald
04:26 PM pfSense Docs Correction #12405 (Closed): Wireguard Docs Spelling Error: Warning bubble here uses "were" instead of "where". Super minor.
https://docs.netgate.com/pfsense/en/latest/recip... Kris Phillips
03:33 PM pfSense Docs Todo #12404 (Closed): LaTeX Error: Too deeply nested.: Fixed:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/50d8b58a6e5c79cb10b8ee400f02d3f4ccc3be39
https://g... Jim Pingle
02:50 PM pfSense Docs Todo #12404 (Closed): LaTeX Error: Too deeply nested.: PDF builds are failing with an error:... Jim Pingle
12:38 PM pfSense Docs Todo #12182: Update IPsec to match recent changes: Updated EAP-TLS document and the Windows IKEv2 client doc. There was quite a bit of overlap that is now greatly sim... Jim Pingle
12:36 PM pfSense Docs Todo #12261 (Feedback): Feedback on pfSense Configuration Recipes — WireGuard VPN Client Configuration Example: PR merged and deployed. Jim Pingle
12:25 PM pfSense Docs Todo #12261 (Pull Request Review): Feedback on pfSense Configuration Recipes — WireGuard VPN Client Configuration Example: Christian McDonald
12:02 PM Bug #11863 (Resolved): Unable to create nested URL aliases: Viktor Gurov
10:59 AM Bug #11863: Unable to create nested URL aliases: Working as expected on:... Chris W
10:36 AM Regression #11512 (Pull Request Review): DHCP Leases page and ARP table page fail to load if DNS is not available: Jim Pingle
09:09 AM Regression #11512: DHCP Leases page and ARP table page fail to load if DNS is not available: We don't yet know if this issue affects Plus. No reports originating from that version have been observed. Anonymous
08:34 AM Regression #11512: DHCP Leases page and ARP table page fail to load if DNS is not available: optimization:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/401 Viktor Gurov
08:13 AM pfSense Packages Bug #12205 (Pull Request Review): Certificate Manager page doesn't show Squid used certificates: Jim Pingle
05:07 AM pfSense Packages Bug #12205: Certificate Manager page doesn't show Squid used certificates: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/130 Viktor Gurov
07:37 AM pfSense Packages Bug #12403 (Resolved): WireGuard tunnel and peer edit pages do not prevent browser auto-fill: The WireGuard tunnel (@vpn_wg_tunnels_edit.php@) and peer (@vpn_wg_peers_edit.php@) edit pages do not prevent the bro... Jim Pingle
03:58 AM Feature #4881: Allow NPt to use dynamic IPv6 networks: I found this issue two days ago while I tried to provide internet access via IPv6 to my OpenVPN clients.
Right now... Jard Leex
02:50 AM Bug #11337 (Resolved): Interface column empty in list of GIF tunnels when using IP Alias on CARP VIP as Interface: Tested on the:... Danilo Zrenjanin
12:46 AM pfSense Docs New Content #12402 (Rejected): Add recipe for configuring Telegram to receive notifications from pfSense software: *Page:* https://docs.netgate.com/pfsense/en/latest/config/advanced-notifications.html
*Feedback:*
How to config... Viktor Gurov

09/23/2021

10:57 PM pfSense Packages Feature #11972: Arpwatch - Add support for Telegram notifications: there is no option to add Telegram in Arpwatch page.
Tested :
2.6.0.a.20210923.0100
&
21.05.1 Alhusein Zawi
09:18 PM Bug #12401 (New): Traffic graphs with untagged and tagged VLAN on same interface: My setup is a single interface with multiple VLANs. Still using VLAN 1 as the LAN VLAN but got a couple others.
Sa... Derek Wuelfrath
04:01 PM pfSense Docs Todo #12182: Update IPsec to match recent changes: Additional updates for mobile IPsec:
* https://gitlab.netgate.com/docs/pfSense-docs/-/commit/a19ea35d7b35b0617bd40... Jim Pingle
02:36 PM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: In rebooting my ISP modem many times and tracking the behavior of pfSense and WireGuard, I observed that when the mod... Ryan Roosa
10:55 AM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: Christian McDonald wrote in #note-1:
> Thanks for the tag, I will investigate this and circle back.
Awesome! Grea... Ryan Roosa
10:35 AM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: Thanks for the tag, I will investigate this and circle back. Christian McDonald
09:26 AM pfSense Packages Bug #12399 (Resolved): WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: Hi Christian,
Really appreciate your work on the Wireguard package for pfSense :)
Sadly, there seems to be a show... Ryan Roosa
02:03 PM Regression #12382: Certificate Depth checking creates OpenVPN micro-outages every time a user authenticates after 2.5.2 upgrade: The solution here should be to implement async auth plugin. It's already being done with @/usr/local/sbin/ovpn_auth_v... Marcos M
03:20 AM Regression #12382: Certificate Depth checking creates OpenVPN micro-outages every time a user authenticates after 2.5.2 upgrade: Just want to thank you Brett for the debug of the problem that unfortunately affects us as well.
Doesn't change an... Denis Grilli
01:33 PM Revision 863ab7d4: Fix IPsec P2 Keep Alive mobile check. Issue #12398: Jim Pingle
01:29 PM pfSense Docs Correction #12400: NAT 1:1 documentation - multi-wan information: Dear Jim thank you for the quick reply.
I do agree on the concept of NAT not controlling outgoing traffic and how th... Ricardo Mendes
01:24 PM pfSense Docs Correction #12400: NAT 1:1 documentation - multi-wan information: NAT never controls where traffic exits the firewall in any context (1:1, outbound, port forwards). NAT only manipulat... Jim Pingle
01:10 PM pfSense Docs Correction #12400 (Resolved): NAT 1:1 documentation - multi-wan information: Dear pfSense team,
I would like to submit a suggestion to the NAT 1:1 page. This suggestion comes from an issue I ... Ricardo Mendes
12:12 PM Feature #4881: Allow NPt to use dynamic IPv6 networks: I'm going to chime in to the usefulness of this. My use case is a little different, but the same principle. I have ... Marc Mapplebeck
08:52 AM Regression #12398 (Feedback): "Expiration and Replacement" section is shown twice when editing a mobile IPsec phase 2 entry: Fixed in commit:863ab7d4 Jim Pingle
08:30 AM Regression #12398: "Expiration and Replacement" section is shown twice when editing a mobile IPsec phase 2 entry: The type bit wasn't the case, it was the remoteid type which was lost but that isn't necessary from what I can tell. ... Jim Pingle
08:16 AM Regression #12398 (Resolved): "Expiration and Replacement" section is shown twice when editing a mobile IPsec phase 2 entry: When editing a phase 2 entry for a mobile IPsec tunnel the "Expiration and Replacement" section is shown twice.
Th... Jim Pingle
07:43 AM Feature #12342 (Pull Request Review): Dynamic DNS client proxy support: Jim Pingle
05:01 AM Feature #12342: Dynamic DNS client proxy support: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/399 Viktor Gurov
07:38 AM Bug #12385 (Pull Request Review): deleteVIP() does not check 1:1 NAT and Outbound NAT rules: Jim Pingle
07:23 AM Bug #12389 (Pull Request Review): Help text for RAM disk settings does not mention Captive Portal data: Jim Pingle
12:43 AM Bug #12389: Help text for RAM disk settings does not mention Captive Portal data: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/398 Viktor Gurov
01:51 AM Bug #10955: XMLRPC sync results in an error when a failover peer IP address is specified in DHCP server settings for an unconfigured interface: Joachim Tingvold wrote in #note-20:
> So, while going through the configuration to sanitize them, I noticed the foll... Manuel Trier

09/22/2021

10:22 PM Bug #11923: Input validation not working for 1:1 NAT entries using an alias as a destination: Confirmed that bug is still present in 2.5.2. Running most recent version and I cannot create 1:1 NAT mappings with a... Evan Hellman
02:56 PM pfSense Docs Todo #12182: Update IPsec to match recent changes: Additional Updates:
* https://gitlab.netgate.com/docs/pfSense-docs/-/commit/091b27f589e2ca992b4fb40aeebaef31c65131... Jim Pingle
12:39 PM Revision 0512975e: Fixes redmine #12396: Christian McDonald
09:09 AM Feature #12397 (Resolved): Distinguish between policy-based and route-based entries on IPsec status SPD tab: The IPsec Status SPD tab at @status_ipsec_spd.php@ prints information from the security policy database and it curren... Jim Pingle
08:50 AM Regression #12396: PHP Warning: Use of undefined constant ip - /etc/inc/services.inc on line 2465: Jim Pingle wrote in #note-1:
> Most likely the latest version of PHP in use now is being more strict about such thin... Christian McDonald
08:49 AM Regression #12396 (Feedback): PHP Warning: Use of undefined constant ip - /etc/inc/services.inc on line 2465: Christian McDonald
07:56 AM Regression #12396 (Pull Request Review): PHP Warning: Use of undefined constant ip - /etc/inc/services.inc on line 2465: Odd that it would just start giving an error now since that line, as obviously wrong as it is, hasn't changed in 7 ye... Jim Pingle
12:59 AM Regression #12396 (Resolved): PHP Warning: Use of undefined constant ip - /etc/inc/services.inc on line 2465: Hi Team,
Could you please confirm. Many thanks.
Issue identified following the first reboot, after fully complet... JP Versteeg
03:29 AM pfSense Packages Feature #9833: ACME: add ability to use custom ACME server: +1 Would be nice to have this. Invalid certs are just not cool anymore with ACME available. Should be possible to sel... Krisjanis Morkans

09/21/2021

04:32 PM pfSense Docs New Content #12395 (New): FRR: Add information about the private use AS reservation from RFC 6996: *Page:* https://docs.netgate.com/pfsense/en/latest/packages/frr/bgp/required-info.html
*Feedback:*
Would be hel... Marc Mapplebeck
03:19 PM pfSense Docs Todo #12182: Update IPsec to match recent changes: Additional updates:
* https://gitlab.netgate.com/docs/pfSense-docs/-/commit/5f6977cf1b44daa49656c2ba2f050f4cccb387... Jim Pingle
03:06 PM pfSense Docs Todo #12394 (Closed): Broken link on Redmine home page: Fixed, thanks! Jim Pingle
02:54 PM pfSense Docs Todo #12394 (Closed): Broken link on Redmine home page: https://redmine.pfsense.org home page has a link:
Read the [Reporting Issues with pfSense Software] article comple... Steve Y
02:48 PM Bug #12393 (New): Priority of qOthersLow higher than default queues: I posted in the forum (https://forum.netgate.com/post/1002109) but received no response so far.
In the wizard for ... Steve Y
09:58 AM Bug #12368 (Closed): Disk widget alignment issue when only two items are in the list: Looks good here on both ZFS and UFS systems on RC2. Christian McDonald

09/20/2021

04:17 PM Revision b9885720: Bump up the config version to match a change in plus.: Luiz Souza
03:46 PM Feature #12392 (Resolved): Allow the selection of "any" interface in floating rules: Currently, a floating rule can be created without specifying an interface which allows for filtering on interfaces no... Marcos M
03:37 PM pfSense Docs Todo #12182: Update IPsec to match recent changes: Additional WIP updates:
* https://gitlab.netgate.com/docs/pfSense-docs/-/commit/f5a285f648d86f4d4c2115537cf7cbae6f... Jim Pingle
12:06 PM pfSense Docs Todo #12309 (Closed): Add Light Pattern/Light Meaning for 6100 to Documentation Similar to Other Hardware: LED settings have been added to https://docs.netgate.com/pfsense/en/latest/solutions/netgate-6100/io-ports.html#front... Doug McIntire
09:32 AM pfSense Docs Todo #12309 (In Progress): Add Light Pattern/Light Meaning for 6100 to Documentation Similar to Other Hardware: Doug McIntire
10:24 AM Bug #12391 (Pull Request Review): Uninitialized config variable in ```interface_assign.php```: Christian McDonald
10:21 AM Bug #12391: Uninitialized config variable in ```interface_assign.php```: plus: https://gitlab.netgate.com/pfSense/factory/-/merge_requests/29
ce: https://gitlab.netgate.com/pfSense/pfSense/... Christian McDonald
10:13 AM Bug #12391 (Resolved): Uninitialized config variable in ```interface_assign.php```: ... Christian McDonald
07:39 AM Bug #12390 (Duplicate): i18n zh-hant-TW translate error, incomplete HTML "a" tag: Duplicate of #9344 Jim Pingle
06:31 AM Bug #12390 (Duplicate): i18n zh-hant-TW translate error, incomplete HTML "a" tag: Page path: /vpn_openvpn_server.php?act=edit
Source Code: https://github.com/pfsense/pfsense/blob/master/src/usr/loca... a0000778 a0000778
07:38 AM Bug #12274 (Resolved): Unbound fails to start if its configuration references a python script which does not exist: Jim Pingle
07:37 AM Bug #12389: Help text for RAM disk settings does not mention Captive Portal data: This can wait, it's not critical for it to be in this release. Jim Pingle
07:13 AM pfSense Packages Bug #11888 (Resolved): FreeRADIUS starts twice by /etc/rc.start_packages: Jim Pingle
06:50 AM Bug #11437 (Closed): WireGuard group is not printed in the interface column of the NAT rule list: Not an issue with package. Christian McDonald
06:49 AM Bug #11587 (Closed): WireGuard interfaces do not have data on traffic graphs: WireGuard package and latest kmod correctly reports traffic. Christian McDonald
06:48 AM Bug #11538 (Closed): WireGuard Panic: Unable to hit this panic on wireguard package Christian McDonald
06:47 AM Bug #11691 (Closed): WireGuard MSS Clamping and TCP traffic issues after reboot.: Doesn't seem to be an issue with latest WireGuard package. Christian McDonald
06:46 AM Feature #11374 (Closed): WireGuard Status in GUI: Christian McDonald
01:36 AM Feature #11374: WireGuard Status in GUI: I believe between the status page and the dashboard widget this request is now satisfied. Adam Cooper
12:29 AM Revision 8e2de557: Keep 'enableserial_force' in /conf when a factory reset is performed.: Ticket: #6880 Luiz Souza

09/19/2021

10:16 AM Feature #11588: Automatically suggest next IP address in Wireguard interface subnet when creating a peer: Opened PR 145 (https://github.com/theonemcdonald/pfSense-pkg-WireGuard/pull/145) to resolve this feature request.
Cu... Adam Cooper

09/18/2021

09:50 PM Bug #12274: Unbound fails to start if its configuration references a python script which does not exist: Tested in RC builds of pfSense Plus. Confirmed no longer an issue. Kris Phillips
09:46 PM Regression #12377: NAT Rule Reorder: Tested and confirmed fixed with patch. Tested on RC1 and recreated the bug. Applied the patch and bug went away. A... Kris Phillips
09:28 PM pfSense Plus Bug #12341: Gateway Monitoring Percentage Not Decreasing After Gateway Packet Loss Event: Odd. Not sure why I'm the only one that can't reproduce this one, but this can be closed out. Clearly my testing is... Kris Phillips
04:01 PM Bug #12389 (Resolved): Help text for RAM disk settings does not mention Captive Portal data: Under System>Advanced>Miscellaneous -> RAM Disk Settings > Help text doesn't list captive portal data.
The current... Danilo Zrenjanin
01:38 PM pfSense Packages Bug #11695 (Resolved): PHP error in the last step of the wizard: Tested in:
21.09-RC (amd64)
built on Wed Sep 15 09:10:53 EDT 2021
FreeBSD 12.2-STABLE
The wizard completes su... Max Leighton
12:31 PM Bug #11846 (Resolved): Logging configuration added by a package is not removed on uninstall: Tested with haproxy-devel 0.62_4
/var/etc/syslog.d/haproxy.log.conf is removed on deinstall and no errors are pres... Max Leighton
11:10 AM pfSense Packages Todo #12351: Remove non-functional feeds: I checked with pfBlockerNG-devel 3.1.0. Some of the feeds listed above are removed, but some are still there.
http... Max Leighton
07:07 AM Bug #12388: Captive Portal input validation for "After authentication Redirection URL" and "Blocked MAC address redirect URL" is swapped: hello, how can i solve this problem with this page showing? eyeg eyenop eyenop

09/17/2021

11:38 PM pfSense Packages Bug #11888: FreeRADIUS starts twice by /etc/rc.start_packages: seems fixed
[2.5.2-RELEASE][root@pfSense.home.arpa]/root: /etc/rc.start_packages
Starting package FRR...done.
... Alhusein Zawi
01:28 PM pfSense Docs Todo #12182: Update IPsec to match recent changes: Additional updates:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/de91716aacbf5581c366dea884c2543ebae3c769... Jim Pingle
10:08 AM Bug #12368: Disk widget alignment issue when only two items are in the list: This looks better on the latest CE snapshot. Will need to wait for a new Plus build to test it there. Jim Pingle

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

10/16/2021

10/15/2021

10/14/2021

10/13/2021

10/12/2021

10/11/2021

10/10/2021

10/09/2021

10/08/2021

10/07/2021

10/06/2021

10/05/2021

10/04/2021

10/03/2021

10/02/2021

10/01/2021

09/30/2021

09/29/2021

09/28/2021

09/27/2021

09/26/2021

09/25/2021

09/24/2021

09/23/2021

09/22/2021

09/21/2021

09/20/2021

09/19/2021

09/18/2021

09/17/2021