Activity

30 days up to

User

Subprojects

Activity

From 11/04/2021 to 12/03/2021

11/29/2021

01:05 PM Bug #7547 (Feedback): Static routes using aliases are not automatically updated when alias content changes: Applied in changeset commit:332052b8bd2a5d35662be2dba773b7a9f0d50681. Viktor Gurov
01:05 PM Feature #11895 (Feedback): Require user to manually apply changes after altering static route entries: Applied in changeset commit:332052b8bd2a5d35662be2dba773b7a9f0d50681. Viktor Gurov
01:05 PM Bug #11599 (Feedback): Modifying static routes results in a logged error, changes are not reflected in routing table: Applied in changeset commit:332052b8bd2a5d35662be2dba773b7a9f0d50681. Viktor Gurov
09:05 AM Bug #12547 (Feedback): unsheduled system reboot/crash: This is not a general problem but one specific to your install or environment.
The backtrace in both cases is iden... Jim Pingle
09:00 AM Bug #12373 (Resolved): Update mpd5 to address vulnerabilities in < 5.9_2: Jim Pingle
09:00 AM Bug #12544: OpenSSH vulnerabilities: You cannot go by version number alone. FreeBSD typically carries patches for known vulnerabilities that don't bump th... Jim Pingle
08:47 AM Feature #12397 (Resolved): Distinguish between policy-based and route-based entries on IPsec status SPD tab: The @scope@ value is there it's just not called @scope@, that's what you see differentiating between VTI and tunnel m... Jim Pingle
08:36 AM Bug #12548: Kernel panic in ``nd6_dad_timer()``: Fixed review link in description to be https://reviews.freebsd.org/D32811
Mateusz said he'll look into it. Jim Pingle
08:20 AM Bug #12548 (Resolved): Kernel panic in ``nd6_dad_timer()``: I've hit this on my edge twice now on 22.01 snapshots but I don't have a lead on a cause yet. The panics happened a w... Jim Pingle
08:28 AM pfSense Packages Feature #10462 (Pull Request Review): CPU Temp Screen: Jim Pingle

11/28/2021

02:10 PM Bug #11296: Static route targets may still reachable via default route when the gateway they should route through is down: Thank you for reporting this issue, I have a very similar problem. In my case, I added a static route that goes throu... Jocelyn Viau
10:02 AM Feature #12248: Package Update Availability Notification: Things to consider:
* Handle cases where the installed package is newer than the available package. See @pkg_version_... Marcos M
08:03 AM Bug #12547: unsheduled system reboot/crash: Not every time !!!
after 45 minutes i have a succesfull result
Evgeny Korostelev
07:19 AM Bug #12547 (Feedback): unsheduled system reboot/crash: pfSense Community Edition 2.5.2
Try navigate to menu "Diagnostics" -> "Routes"
Then system crash/reboot, and after ... Evgeny Korostelev
04:13 AM Bug #12373: Update mpd5 to address vulnerabilities in < 5.9_2: pfSense 22.01.a.20211128.0600 uses mpd5-5.9_4 Viktor Gurov

11/27/2021

05:36 PM pfSense Plus Feature #12546 (New): Add 2FA Support to pfSense Plus Local Database Authentication: To eliminate the reliance on unsupported packages like freeRADIUS for making this work, we should add the capability ... Kris Phillips
05:31 PM Regression #12382: Certificate Depth checking creates OpenVPN micro-outages every time a user authenticates after 2.5.2 upgrade: Joao Assad wrote in #note-7:
> So this bug is affecting us too. We need to route all our VPN clients traffic through... Kris Phillips
05:28 PM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server: Viktor Gurov wrote in #note-2:
> openvpn(8):
> [...]
Since the option needs to be on both client and server, we ... Kris Phillips
05:23 PM Bug #12544: OpenSSH vulnerabilities: pfSense CE 2.6.0 and pfSense Plus 22.01 have OpenSSH-7.9p1 so they are also affected by this. Kris Phillips
02:24 PM Feature #12397: Distinguish between policy-based and route-based entries on IPsec status SPD tab: It seems this has made it into images, because I test and see some of this functionality.
Tested in:
2.6.0-DEV... Max Leighton
01:37 PM Feature #11935 (Resolved): Log external IP address of OpenVPN clients on connect and disconnect: Tested in:
2.6.0-DEVELOPMENT (amd64)
built on Sat Nov 27 06:23:02 UTC 2021
FreeBSD 12.3-PRERELEASE
In my test... Max Leighton

11/26/2021

09:36 PM pfSense Plus Bug #12545 (Not a Bug): /etc/inc/led.inc functions are not doing the right thing on 6100: At various points of the boot process, the LEDs are supposed to flash with different patterns to indicate stages of b... → luckman212

11/25/2021

07:30 PM Revision 332052b8: Static routes handling update. Fixes #11599 #11895 #7547: * Confirmation box to apply static routes add/route/change
* Reloading routes using aliases after changing the alias
... Viktor Gurov
10:57 AM Bug #12544 (Closed): OpenSSH vulnerabilities: openssh version on pfSense 2.5.2/21.05.2 is vulnerable to:
https://www.cvedetails.com/cve/CVE-2019-16905/
https://w... Viktor Gurov
10:40 AM Bug #12543: Deleteing a Outbound NAT rule gave me an empty rule and displayed php error in UI.: There's a horrible spelling mistake in the title but I can't edit.. Sorry! C J
10:38 AM Bug #12543 (Closed): Deleteing a Outbound NAT rule gave me an empty rule and displayed php error in UI.: When managing Outbound NAT rules
I managed to remove a duplicate rule
Which gave me the following error:... C J
08:26 AM Feature #12116 (Resolved): Support DNS server gateway selection on ``system.php`` for multiple gateways not assigned to interfaces: Tested against:... Danilo Zrenjanin
01:41 AM Bug #12542 (New): Cannot assign a same IPv6 Link-Local address to different interfaces: Hello,
I cannot assign a same IPv6 Link-local address to 2 different interface. (through Virtual IPs in the web in... Bertrand C
01:32 AM pfSense Packages Feature #10462: CPU Temp Screen: Request of feature to be implemented: https://github.com/pfsense/FreeBSD-ports/pull/1125 Geo Rou

11/24/2021

03:10 PM pfSense Packages Bug #11530: ntopng 4.2 needs to be updated to 4.3, Bug when accessing a host for details: upvote for this.
P.s. Also don't know what happen with pfsense repo, but installing ntopng from scratch with versi... DRago_Angel [InV@DER]
03:05 PM Revision 47e079f6: Support DNS server gateway selection on ``system.php`` for multiple gateways not assigned to interfaces. Implements #12116: Viktor Gurov
02:51 PM pfSense Docs Correction #9370: Update old screenshots: I started updating the OpenVPN+RADIUS via AD recipe. The existing recipe contained almost entirely redundant inform... Jim Pingle
11:03 AM Regression #11545: Primary interface address is not always used when VIPs are present: Sorry, new installs on SG2100's and XG7100's, 1 or 2 have been upgraded from 21.05 to 21.05.1 but same issue on all. Dan Edwards
10:54 AM Regression #11545: Primary interface address is not always used when VIPs are present: I was just bit by this again this morning. Every reboot. Very frustrating. Steve, if you need any information on the ... Denny Page
10:20 AM Regression #11545: Primary interface address is not always used when VIPs are present: To clarify, are these new installs, or upgrades? What platform (e.g. AWS)? And yes, try reproducing it and just click... Marcos M
08:49 AM Regression #11545: Primary interface address is not always used when VIPs are present: Also have the same issue on 21.05.1 on every install in 2 different scenarios. Scenario 1 WAN interface has /29 using... Dan Edwards
10:25 AM Feature #12267 (Resolved): OpenVPN option to limit concurrent connections per user: Tested, looks good. Marcos M
03:04 AM Feature #12267 (Feedback): OpenVPN option to limit concurrent connections per user: Merged Viktor Gurov
09:15 AM Feature #12116 (Feedback): Support DNS server gateway selection on ``system.php`` for multiple gateways not assigned to interfaces: Applied in changeset commit:47e079f67f31111a5d5b9e9819ded07438b68b94. Viktor Gurov
07:18 AM Todo #12511 (Resolved): Add note in log settings that disabling logging also disables ``sshguard`` login protection: Jim Pingle
04:41 AM Todo #12511: Add note in log settings that disabling logging also disables ``sshguard`` login protection: Tested against:... Danilo Zrenjanin
03:04 AM Todo #12511 (Feedback): Add note in log settings that disabling logging also disables ``sshguard`` login protection: Merged Viktor Gurov
04:53 AM Feature #9439 (Resolved): Poll Interval For GPS and PPS: Tested against:... Danilo Zrenjanin
04:21 AM pfSense Packages Feature #11210: 3rd party rulesets: Marcos Mendoza wrote in #note-4:
> Tested fine here. Only issue I see is the @Delete@ button will remove the @Check ... Viktor Gurov
12:25 AM Feature #11496: Support for NTP Peer mode: works as expected on 2.6.0.a.20211123.0600
but I don't see this option on 22.01.a.20211122.0600 Viktor Gurov

11/23/2021

07:23 PM Bug #11829: OpenVPN client certificate validation with OCSP always fails: Konstantin Panchenko wrote in #note-7:
> Renato Botelho wrote:
> > PR has been merged. Thanks!
>
> I'm not sure... Marcos M
06:21 PM Revision 04fbf68c: Update enableallowallwan to only include shaper.inc once.: Christian McDonald
02:53 PM Revision 535bba02: Hide the Duplicate Connection Limit input field until the Duplicate Connection check box is ticked. Issue #12267: Viktor Gurov
07:40 AM Bug #12541 (Rejected): IPsec remote side connection fails with: no maching peer if peer identifier is set to Any: Unable to reproduce, tunnels connect OK with peer ID = any here. This is likely a configuration error but may also be... Jim Pingle
04:58 AM Bug #12541: IPsec remote side connection fails with: no maching peer if peer identifier is set to Any: Setting the peer id to their remote gateway IP, is also not working
!clipboard-202111231157-2pp5e.png!
M. Pietersma
04:53 AM Bug #12541 (Rejected): IPsec remote side connection fails with: no maching peer if peer identifier is set to Any: It's currently a issue in version 2.5.2, can't test it in 2.6, because of a production status firewall.
IPsec betw... M. Pietersma
04:55 AM Bug #12455 (Resolved): Captive Portal online user statistics data is not cleared on unclean shutdown: Danilo Zrenjanin
04:55 AM Bug #12455: Captive Portal online user statistics data is not cleared on unclean shutdown: Tested against:... Danilo Zrenjanin
04:12 AM Bug #12539: Changing VLAN ID for LAN interface in assignments silently fails.: Chris Collins wrote:
>
> If you need the specifics, I will retest it and get you the specific log output.
Pleas... Viktor Gurov
01:35 AM Bug #12529 (Resolved): Interface group name starting with a digit creates invalid XML for rule separators: Tested against:... Danilo Zrenjanin

11/22/2021

05:08 PM Revision b58cb30a: Interface Groups start digit input validation. Fixes #12529: Viktor Gurov
05:07 PM Revision 76902a1a: Allow to select 3 (8s) NTP min poll value. Implements #9439: Viktor Gurov
03:28 PM pfSense Docs Correction #12540 (Duplicate): Feedback on pfSense Configuration Recipes — WireGuard Site-to-Site VPN Configuration Example: *Page:* https://docs.netgate.com/pfsense/en/latest/recipes/wireguard-s2s.html
*Feedback:*
1) In the network diagr... James Com
03:15 PM pfSense Docs Correction #9370: Update old screenshots: Updated OpenVPN RA doc and its screenshots:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/0f0d3085838d083a... Jim Pingle
03:01 PM Revision aa8af662: Fix typo: Jim Pingle
11:15 AM Bug #12529 (Feedback): Interface group name starting with a digit creates invalid XML for rule separators: Applied in changeset commit:b58cb30a0881a221c9c5ff1eb5752ac0660271b9. Viktor Gurov
08:20 AM Bug #12529 (Pull Request Review): Interface group name starting with a digit creates invalid XML for rule separators: Jim Pingle
11:15 AM Feature #9439 (Feedback): Poll Interval For GPS and PPS: Applied in changeset commit:76902a1a62bd2785c23fd87d34c9388ef4ebaa00. Viktor Gurov
08:38 AM Feature #9439 (Pull Request Review): Poll Interval For GPS and PPS: Jim Pingle
08:59 AM Bug #7096 (Feedback): Unbound fails to start on boot if specific network devices are configured in the "Network Interfaces": Jim Pingle
08:51 AM Bug #12537 (Rejected): IPsec -> Advanced Settings not working: PHP Fatal error: Jim Pingle
08:34 AM Feature #12267 (Pull Request Review): OpenVPN option to limit concurrent connections per user: Jim Pingle
08:32 AM Bug #4637 (Closed): system unreachable after deleting VLAN: Jim Pingle
08:26 AM Bug #12440 (Pull Request Review): Zero-value prefix IPv6 addresses are mishandled: Jim Pingle
08:18 AM Feature #12116 (Pull Request Review): Support DNS server gateway selection on ``system.php`` for multiple gateways not assigned to interfaces: Jim Pingle
05:38 AM Bug #12095: Memory leak in pcscd: pcscd bugreport:
https://github.com/LudovicRousseau/PCSC/issues/55 Viktor Gurov

11/21/2021

12:02 PM Bug #7547: Static routes using aliases are not automatically updated when alias content changes: See notes on #11599. Marcos M
12:02 PM Feature #11895: Require user to manually apply changes after altering static route entries: See notes on #11599. Marcos M
11:58 AM Bug #11599: Modifying static routes results in a logged error, changes are not reflected in routing table: Tested this on @22.01.a.20211108.0600@.
* Deleting a static route does not prompt for an "Apply Changes" confirmatio... Marcos M
09:14 AM Bug #7096: Unbound fails to start on boot if specific network devices are configured in the "Network Interfaces": Should be fixed in #11087 and #11547
Could you retest with the latest stable version? Viktor Gurov
09:09 AM Bug #12539: Changing VLAN ID for LAN interface in assignments silently fails.: I saw the same issue on 22.01.a.20211119.0600, with the same workaround, but couldn't reproduce again
I think some... Viktor Gurov
08:48 AM Bug #12539 (New): Changing VLAN ID for LAN interface in assignments silently fails.: Hi
Recently I changed my VLAN ID that I use for my LAN interface, this was to follow advice given to me a long tim... Chris Collins
04:18 AM Bug #12537 (Closed): IPsec -> Advanced Settings not working: PHP Fatal error: Viktor Gurov
03:17 AM Bug #12537: IPsec -> Advanced Settings not working: PHP Fatal error: Sorry, it has been a problem in globals.inc, a custom modification caused the failure, I'm sorry for your time waste ... Guillermo Martínez
12:14 AM Feature #9439: Poll Interval For GPS and PPS: ntp.conf(5):... Viktor Gurov

11/20/2021

11:40 PM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server: openvpn(8):... Viktor Gurov
11:37 PM Feature #12267: OpenVPN option to limit concurrent connections per user: Max Leighton wrote in #note-5:
> It works. After setting the duplicate connection limit, any connections over the l... Viktor Gurov
04:52 PM Feature #12267: OpenVPN option to limit concurrent connections per user: Tested with
2.6.0-DEVELOPMENT (amd64)
built on Sat Nov 20 06:21:37 UTC 2021
FreeBSD 12.3-PRERELEASE
It works... Max Leighton
11:25 PM Bug #12536: Setting a default gateway of "None" does not remove the default gateway from the routing table: removing the default gateway, if set to 'none', may result in the removal of the route of dynamic routing protocols
... Viktor Gurov
12:59 PM Bug #12536 (Resolved): Setting a default gateway of "None" does not remove the default gateway from the routing table: selecting Default gateway as NONE should remove the default route from routing table.
making default GW as "NONE... Alhusein Zawi
11:08 PM Bug #12537: IPsec -> Advanced Settings not working: PHP Fatal error: Unable to reproduce it on 2.5.2 VM clean install
Where did you download the pfSense image? Viktor Gurov
04:37 PM Bug #12537: IPsec -> Advanced Settings not working: PHP Fatal error: Hi, I don't do anything special, I just access IPsec -> Advanced settings and get this error (see attached image), an... Guillermo Martínez
03:31 PM Bug #12537: IPsec -> Advanced Settings not working: PHP Fatal error: Hello,
I'm not able to reproduce this in 2.5.2. What specific steps are you doing to cause this error? Kris Phillips
01:55 PM Bug #12537 (Rejected): IPsec -> Advanced Settings not working: PHP Fatal error: On every pfSense 2.5.2 box I'm getting:
Fatal error: Uncaught TypeError: Argument 4 passed to Form_Select::__constru... Guillermo Martínez
09:44 PM pfSense Packages Bug #12538 (New): PIMD sub-interface bug: Hello,
I am running into a bug with PIMD. Running latest stable 2.5.2 virtual pfsense in ESXi.
I have two pfsens... Joe Janning
09:02 PM Bug #4637: system unreachable after deleting VLAN: Kindly see my previous comment where I already asked that it be closed with "can't reproduce" as the reason/status. Adam Thompson
04:41 PM Bug #4637: system unreachable after deleting VLAN: This bug should be marked as Incomplete as it's no longer relevant and very old. Kris Phillips
03:47 PM Bug #12434: Multiple cURL Vulnerabilities: cURL has been updated to 7.79.1 on pfSense CE as well. Both pfSense Plus 22.10 and pfSense 2.6.0 CE have fixes for t... Kris Phillips
01:44 PM Bug #11296: Static route targets may still reachable via default route when the gateway they should route through is down: Static route is still reachable while WAN gateway is Marked Gateway as Down.
22.01.a.20211120.0600 Alhusein Zawi
11:37 AM Bug #12452 (Resolved): Port forward rules are not created for special networks (pppoe, openvpn): Tested in
2.6.0-DEVELOPMENT (amd64)
built on Sat Nov 20 06:21:37 UTC 2021
FreeBSD 12.3-PRERELEASE
Input valid... Max Leighton
10:44 AM Todo #12093: Make AutoConfigBackup menu entry point to the settings tab so it loads faster when there is no WAN connectivity: Tested in
2.6.0-DEVELOPMENT (amd64)
built on Sat Nov 20 06:21:37 UTC 2021
FreeBSD 12.3-PRERELEASE
The landing... Max Leighton
09:39 AM Bug #12440: Zero-value prefix IPv6 addresses are mishandled: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/469
example:
fw rule on IPv6 interface with fc00:88... Viktor Gurov
03:31 AM pfSense Packages Bug #12506: Only selected instance is restarted on suppress list change: fix:
https://github.com/pfsense/FreeBSD-ports/pull/1124 Viktor Gurov
02:41 AM Bug #12529: Interface group name starting with a digit creates invalid XML for rule separators: input validation improvements:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/468 Viktor Gurov

11/19/2021

11:59 PM Feature #12116: Support DNS server gateway selection on ``system.php`` for multiple gateways not assigned to interfaces: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/467 Viktor Gurov
07:49 PM Revision 620ef850: Ui3 bandwidth: Steve Beaver
03:58 PM pfSense Packages Bug #12487 (Resolved): Netgate Firmware Upgrade 0.41.1 offers to upgrade FW version 01.00.00.11 to itself: Luiz Souza
03:19 PM Revision a506ea5a: Local Logging warning note. Issue #12511: Viktor Gurov
02:03 PM pfSense Docs Correction #12535 (New): Negate Rules function does not match the description: Originally the automatic Negate Network rules were intended to negate policy routing for locally connected subnets an... Steve Wheeler
10:37 AM pfSense Plus Feature #12534 (Closed): Generate a ISO Image for Remote Restore of pfSense Plus on the XG-1537 and 1541 units with IPMI: The 1537 and 1541 both have IPMI that supports booting ISO images. However, it does not support booting IMG files wh... Kris Phillips
07:40 AM Feature #11439 (Resolved): IPv6 support in ``easyrule`` CLI script: Tested against:... Danilo Zrenjanin
06:52 AM Bug #11999 (Resolved): OpenVPN IPv6 tunnel network is not validated properly: Tested against:... Danilo Zrenjanin
06:37 AM Feature #4769 (Resolved): IPv6 support in the Traffic Shaper Wizard: Tested against:... Danilo Zrenjanin
06:02 AM pfSense Packages Bug #12533: extra rules incorrect input validation: fix:
https://github.com/pfsense/FreeBSD-ports/pull/1123 Viktor Gurov
05:30 AM pfSense Packages Bug #12533 (Resolved): extra rules incorrect input validation: https://forum.netgate.com/topic/167995/suricata-download-extra-rules-fail:
a quick question for you. I'm currently t... Viktor Gurov

11/18/2021

03:14 PM Bug #12529: Interface group name starting with a digit creates invalid XML for rule separators: I'd agree that simply disallowing them to start and end with a digit would be easier. Even if that means that a great... Jens Groh
02:58 PM Bug #12529 (Confirmed): Interface group name starting with a digit creates invalid XML for rule separators: That isn't quite right either, see my reply on your forum thread. The problem is actually separators being in the con... Jim Pingle
02:47 PM Bug #12529: Interface group name starting with a digit creates invalid XML for rule separators: Please have a look at https://forum.netgate.com/topic/167988/pot-bug-s-with-interface-groups-firewall-rules
I did ... Jens Groh
02:26 PM Bug #12529: Interface group name starting with a digit creates invalid XML for rule separators: Maybe it's already been fixed on 22.01 then. I get a rule in the GUI tab and in /tmp/rules.debug.... Jim Pingle
02:06 PM Bug #12529: Interface group name starting with a digit creates invalid XML for rule separators: I didn't think it would be hard to reproduce. Nice if it works for you, Jim, but no it is nothing about special chara... Jens Groh
01:09 PM Bug #12529 (Rejected): Interface group name starting with a digit creates invalid XML for rule separators: I can't replicate this as stated and there isn't nearly enough detail to guess what might be happening in your enviro... Jim Pingle
05:51 AM Bug #12529 (Resolved): Interface group name starting with a digit creates invalid XML for rule separators: Tested on: 2.5.2 as well as plus-25.01
As per the definition of Interface groups, group names may have digits in i... Jens Groh
02:16 PM Bug #12532 (Duplicate): Virtual IP problem with OpenVPN: It's the same as the other issue, no need for a separate entry. Jim Pingle
01:23 PM Bug #12532 (Duplicate): Virtual IP problem with OpenVPN: Hi, I wasn't sure if this should be tracked separately, but I've seen similar behavior to this issue: https://redmine... Gary Smithe
01:21 PM Bug #12528 (Rejected): Fatal error: Uncaught Exception when adding certificates to CRL: I can't replicate this as stated and there isn't enough information to guess what might be happening in your environm... Jim Pingle
03:00 AM Bug #12528 (Rejected): Fatal error: Uncaught Exception when adding certificates to CRL: Hello.
We have a CA certificate and i have created a CRL for it. When trying to add certificates to this CRL we ge... Chriss E
12:48 PM Feature #4128: Email notification webgui configuration: See also: #12531 Jim Pingle
12:47 PM pfSense Plus Feature #12531 (Duplicate): Improve Email and Push Notifications Granularity: Duplicate of #4128 Jim Pingle
12:36 PM pfSense Plus Feature #12531 (Duplicate): Improve Email and Push Notifications Granularity: There is little to no options under System --> Advanced --> Notifications in terms of what is notified. We should ad... Kris Phillips
12:20 PM pfSense Packages Bug #12530: wireguard 0.15 bypasses firewall: If your peers use a static port on both sides and initiate A->B and then immediately stop/start WG and try B->A this ... Jim Pingle
11:49 AM pfSense Packages Bug #12530: wireguard 0.15 bypasses firewall: Christian McDonald wrote in #note-2:
> As long as one peer can initiate a handshake and establish a UDP path, this s... Nicolas Embriz
11:43 AM pfSense Packages Bug #12530 (Rejected): wireguard 0.15 bypasses firewall: Christian McDonald
11:36 AM pfSense Packages Bug #12530: wireguard 0.15 bypasses firewall: Without an UDP allow rule on WAN, my remote peers are not able to initiate a connection.
The key here is 'initiate.... Christian McDonald
10:51 AM pfSense Packages Bug #12530 (Rejected): wireguard 0.15 bypasses firewall: I created a tunnel not assigning an interface and only defining the IP on the same page (interface address) but notic... Nicolas Embriz

11/17/2021

04:32 PM pfSense Packages Bug #12487: Netgate Firmware Upgrade 0.41.1 offers to upgrade FW version 01.00.00.11 to itself: Bug reporter here. With a 7100 on 21.05.1, Netgate Firmware Upgrade 0.41.2 appears to fix this bug. Thanks, user#41... Andrew Warren
10:09 AM Bug #12527: DHCPv6 server does not skip interfaces configured with invalid ranges: When configuring the DHCPv6 Server errors on other interfaces that break the DHCPv6 server as a whole are not detecte... Michael Lindman
10:01 AM Bug #12527 (Resolved): DHCPv6 server does not skip interfaces configured with invalid ranges: Michael Lindman

11/16/2021

05:01 PM Revision a5fd794b: Add librdkafka package to the pfSense repo. Feature #12290: Viktor Gurov
02:48 PM pfSense Packages Feature #12526 (New): WireGuard Widget: Hellow,
I want to request a feature to the WireGuard widget, probably not so important for many others.
Do you th... B. B.
02:45 PM pfSense Packages Feature #12525 (New): WireGuard Tunnel restore configuration: Hi,
I see the function for downloading the configuration "files" in the WireGuard - Tunnels (nice to backup the co... B. B.
01:07 PM Feature #12522: More GUI options for OpenVPN Client-Specific Overrides: Jim Pingle wrote in #note-5:
> Yes, that's exactly expected. When you check it, nothing from the server is pushed, on... Phil Wardt
09:43 AM Feature #12522: More GUI options for OpenVPN Client-Specific Overrides: Phil Wardt wrote in #note-3:
> Jim Pingle wrote in #note-2:
> The bug part is this:
> When that option is checked,... Jim Pingle
05:27 AM Feature #12522: More GUI options for OpenVPN Client-Specific Overrides: A last note if the features are revised added/once:
The title of the tab is "Client-Specific Override". I never expe... Phil Wardt
11:29 AM Bug #12141: Lack of DNS or Internet connectivity causes GUI to be slow: Perhaps we should hardcode / fall back to different DNS providers; e.g. use @1.1.1.1@ and @8.8.8.8@ (and IPv6 counter... Marcos M
11:00 AM Bug #12141 (Feedback): Lack of DNS or Internet connectivity causes GUI to be slow: Applied in changeset commit:bbb3bbebbf8059e72d60dbb1721d997568ae2090. Viktor Gurov
10:45 AM Bug #12141 (Pull Request Review): Lack of DNS or Internet connectivity causes GUI to be slow: Jim Pingle
02:32 AM Bug #12141: Lack of DNS or Internet connectivity causes GUI to be slow: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/463 Viktor Gurov
11:04 AM Todo #12093 (Feedback): Make AutoConfigBackup menu entry point to the settings tab so it loads faster when there is no WAN connectivity: Merged Viktor Gurov
10:45 AM Todo #12093 (Pull Request Review): Make AutoConfigBackup menu entry point to the settings tab so it loads faster when there is no WAN connectivity: Jim Pingle
02:45 AM Todo #12093: Make AutoConfigBackup menu entry point to the settings tab so it loads faster when there is no WAN connectivity: Marcos Mendoza wrote:
> # Navigating to @Services / Auto Configuration Backup@ should not be affected by internet co... Viktor Gurov
10:54 AM Feature #12290 (Pull Request Review): Add ``librdkafka`` package to the pfSense package repository: Jim Pingle
04:20 AM Feature #12290: Add ``librdkafka`` package to the pfSense package repository: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/464 Viktor Gurov
10:36 AM Todo #12511 (Pull Request Review): Add note in log settings that disabling logging also disables ``sshguard`` login protection: Updated subject to match the info in the comments. Jim Pingle
12:06 AM Todo #12511: Add note in log settings that disabling logging also disables ``sshguard`` login protection: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/462 Viktor Gurov
10:22 AM Bug #10662 (Pull Request Review): Restoring from AutoConfigBackup presents reboot type selection option then reboots automatically: Jim Pingle
09:46 AM Revision bbb3bbeb: DNS check improvements for fw check and ACB. Fixes #12141: Viktor Gurov

11/15/2021

11:58 PM Bug #12249: Long configuration revision reasons can cause AutoConfigBackup upload to fail: config.xml file size should be checked before upload, and produce an info box with "ACB config.xml size limit exceed"... Viktor Gurov
11:56 PM Bug #10662: Restoring from AutoConfigBackup presents reboot type selection option then reboots automatically: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/461 Viktor Gurov
05:43 PM Revision 71f503d2: Uninitialized config variables in interface_assign.php: Christian McDonald
03:44 PM Feature #12522: More GUI options for OpenVPN Client-Specific Overrides: Jim Pingle wrote in #note-2:
> It's doing exactly what it says. Normally the client configuration would include the t... Phil Wardt
08:26 AM Feature #12522: More GUI options for OpenVPN Client-Specific Overrides: It's doing exactly what it says. Normally the client configuration would include the topology rather than having it p... Jim Pingle
02:51 PM Revision 7aaa20d9: Use OpenVPN async client-connect, clear stale rules, add option to limit connections per user. Implements #12407 and #12332 and #12267: Marcos M
02:47 PM Revision 6a41d476: Port Forward checks for special interfaces and reflection type. Fixes #12452: Viktor Gurov
02:13 PM Revision 0cfd0083: NTP Peer mode. Implements #11496: Viktor Gurov
12:27 PM Feature #4688: Missing TFC Traffic Flow Confidentiality support: Note:
According to https://wiki.strongswan.org/projects/strongswan/wiki/Swanctlconf this needs to be set on the chil... Marcos M
11:21 AM Todo #12511: Add note in log settings that disabling logging also disables ``sshguard`` login protection: There is no issue - sshguard will start after any AUTH event (ssh/webgui login) because such events transmits data vi... Viktor Gurov
09:40 AM Todo #12511: Add note in log settings that disabling logging also disables ``sshguard`` login protection: Rerooting the system does work too Viktor Gurov
01:15 AM Todo #12511: Add note in log settings that disabling logging also disables ``sshguard`` login protection: Same issue if you just press 'Save' on the status_logs_settings.php page or restart the syslogd service
something wro... Viktor Gurov
09:53 AM Bug #12141: Lack of DNS or Internet connectivity causes GUI to be slow: we can use @check_dnsavailable()@ from #11512 to optimize this behavior
see also #12335 and #9677 Viktor Gurov
09:06 AM Feature #12267 (Feedback): OpenVPN option to limit concurrent connections per user: Merged Viktor Gurov
09:05 AM Bug #12332 (Feedback): OpenVPN does not clear old Cisco-AVPair anchor rules in some cases: Merged Viktor Gurov
09:00 AM Feature #12407 (Feedback): Use deferred client connections in OpenVPN: Applied in changeset commit:7aaa20d95a345c4688e8786c755c7d0433451688. Marcos M
08:55 AM Bug #12452 (Feedback): Port forward rules are not created for special networks (pppoe, openvpn): Applied in changeset commit:6a41d4769dfcdfebc2bf827f67b7ca52613d7223. Viktor Gurov
08:34 AM Bug #12452 (Pull Request Review): Port forward rules are not created for special networks (pppoe, openvpn): Jim Pingle
04:18 AM Bug #12452: Port forward rules are not created for special networks (pppoe, openvpn): pfSense doesn't create rdr rules for special interfaces (openvpn, pppoe, ipsec) if destination = any
add extra che... Viktor Gurov
08:39 AM pfSense Plus Feature #12524: OpenSSL QAT Engine: It's not clear yet if that would be viable or beneficial, but it is under consideration.
Current implementations o... Jim Pingle
05:07 AM pfSense Plus Feature #12524 (New): OpenSSL QAT Engine: Hi all,
is possible to compile openssl to use QAT on PfSense plus, than accelerate OpenVPN ?
Thanks
Luca Luca De Andreis
08:20 AM Feature #11496 (Feedback): Support for NTP Peer mode: Applied in changeset commit:0cfd008330b543a1674787cb031507fb1951a1f9. Viktor Gurov
08:15 AM Bug #12095: Memory leak in pcscd: The problems you're hitting are a mix of somewhat but not really related things.
This issue being the memory leak ... Jim Pingle
07:40 AM Feature #12521: Add the BBR2, QUIC, RACK Congestion Control (CC) protocols: This is not a priority as those algorithms only come into play on pfSense software when the firewall is the *endpoint... Jim Pingle

11/14/2021

02:39 PM Feature #12522: More GUI options for OpenVPN Client-Specific Overrides: Notes:
Maybe one option would be to add an option "Client setting override server defined client options"
This opti... Phil Wardt
02:03 PM Feature #12522 (Resolved): More GUI options for OpenVPN Client-Specific Overrides: I setup an OpenVPN server, let's say 10.10.10.0/24, which works properly
I setup some custom exceptions for a specif... Phil Wardt
10:07 AM Bug #12141: Lack of DNS or Internet connectivity causes GUI to be slow: I agree. There are certain places in the GUI that are affected - the ACB page also being an example (see https://redm... Marcos M
07:26 AM Bug #12095: Memory leak in pcscd: I politely disagree with the assigned priority for this bug, particularly given that a CE release is likely months aw... Pedro Ribeiro
03:47 AM Feature #9544: Enable ``ROUTE_MPATH`` multipath routing: The current status of FreeBSD multipath:
https://www.freebsd.org/status/report-2020-10-2020-12.html#Scalable-routing... Viktor Gurov
03:46 AM Feature #4632: Support for Multipath TCP (MPTCP): FreeBSD multipath status:
https://www.freebsd.org/status/report-2020-10-2020-12.html#Scalable-routing-multipath-support Viktor Gurov

11/13/2021

08:44 PM Regression #11316: Unbound crashes with signal 11 when reloading: I've tested this a bit in 1.13.2 on 22.01 and have been unable to reproduce DHCP/DNS crashes with the latest unbound ... Kris Phillips
08:37 PM Todo #12511: Add note in log settings that disabling logging also disables ``sshguard`` login protection: Testing on 22.01:
Before making any changes running "ps aux | grep sshguard":
root 193 0.0 0.3 11540 3... Kris Phillips
08:32 PM Todo #12511: Add note in log settings that disabling logging also disables ``sshguard`` login protection: Testing on 21.05.2:
I disabled and re-enabled Local Logging and have the following:
root 59415 0.0 0.1 11452 ... Kris Phillips
08:28 PM Bug #10352: RADIUS authentication fails with MSCHAPv1 or MSCHAPv2 when passwords contain international characters: Similar issue with LDAP authentication #12519 Kris Phillips
06:44 PM pfSense Packages Bug #12030: Startup Errors for Avahi Package: Are we going to move this forward? This has been in a pull request review for 2 months. Can the changes be merged s... Kris Phillips
06:42 PM Bug #12141: Lack of DNS or Internet connectivity causes GUI to be slow: Marcos Mendoza wrote in #note-8:
> I tried reproducing this on a lab. The gateway is online but pfSense is not able ... Kris Phillips
04:47 PM pfSense Packages Bug #12073: ``netsnmptrapd.conf`` syntax for ``snmpTrapdAddr`` is wrong: ver 0.1.5_9 reports snmpTrapdAddr when running head -n 1 /var/etc/netsnmptrapd.conf Jordan G
01:47 PM pfSense Packages Bug #11889 (Resolved): BIND starts twice by /etc/rc.start_packages: Tested bind 9.16_11 in
2.6.0-DEVELOPMENT (amd64)
built on Sat Nov 13 06:22:43 UTC 2021
FreeBSD 12.3-PRERELEASE
... Max Leighton
01:19 PM pfSense Packages Bug #12487: Netgate Firmware Upgrade 0.41.1 offers to upgrade FW version 01.00.00.11 to itself: 7100 on 22.01 with Netgate_Firmware_Upgrade 0.46 does not offer "Upgrade and Reboot" when current = latest; 0.45 did ... Jordan G
12:34 PM Feature #11496: Support for NTP Peer mode: Awesome! Thank you Viktor.
Running this latest revision and it all looks good to me.
There was a bounty attach... Christian Borchert
08:35 AM Feature #11496: Support for NTP Peer mode: Christian Borchert wrote in #note-11:
> I'm not sure - but I think we need an 'else' added to the code:
>
> !clip... Viktor Gurov
08:22 AM Feature #11496: Support for NTP Peer mode: I'm not sure - but I think we need an 'else' added to the code:
!clipboard-202111130822-wawmh.png!
Christian Borchert
07:47 AM Feature #11496: Support for NTP Peer mode: Thanks Viktor,
I installed the "System_Patches" package, reverted to backup copies I made of system.inc and servic... Christian Borchert
02:04 AM Feature #11496: Support for NTP Peer mode: Christian Borchert wrote in #note-7:
> OK - I was able to find the ntpd.conf file in pfsense's /var/etc directory
>... Viktor Gurov
10:55 AM Bug #12498 (Resolved): Input validation error can unintentionally result in removal of PPP type interface settings: Tested in:
2.6.0-DEVELOPMENT (amd64)
built on Sat Nov 13 06:22:43 UTC 2021
FreeBSD 12.3-PRERELEASE
I can crea... Max Leighton
10:32 AM Bug #12514 (Resolved): Trying to delete an assigned PPPoE interface fails without printing an error message: Tested in
2.6.0-DEVELOPMENT (amd64)
built on Sat Nov 13 06:22:43 UTC 2021
FreeBSD 12.3-PRERELEASE
The error m... Max Leighton

11/12/2021

09:11 PM Feature #12521 (New): Add the BBR2, QUIC, RACK Congestion Control (CC) protocols: Changing character of traffic in last 5-7 years powered extremely by the fact that
- 80%+ of users using mobile dev... Sergei Shablovsky
07:35 PM Revision fc19062e: Input error message box on the interfaces_ppps.php page. Fixes #12514: Viktor Gurov
03:41 PM Revision 56b1a253: Fix reservation on CE installs with a pool called 'zroot'.: Brad Davis
02:13 PM pfSense Packages Feature #12520 (New): [Squid] - Allow or Deny Mappings from IP/Host/GeoIP sources: Hello,
Do you think it's possible to add the functionality to filter (via IP, Hostname or Alias ?) the access of c... Jean-Michel Pattulacci
01:50 PM Bug #11984: Automatic Outbound NAT mode can create incorrect rules in some cases: may be related to #11764 Viktor Gurov
01:45 PM Bug #12514 (Feedback): Trying to delete an assigned PPPoE interface fails without printing an error message: Applied in changeset commit:fc19062e73c99d55b39bdeb55acde07e8e0427ef. Viktor Gurov
12:15 PM Bug #12514 (Pull Request Review): Trying to delete an assigned PPPoE interface fails without printing an error message: Jim Pingle
01:20 PM Feature #11496: Support for NTP Peer mode: OK - I was able to find the ntpd.conf file in pfsense's /var/etc directory
Looks like it is specifying server/pool... Christian Borchert
12:43 PM Feature #11496: Support for NTP Peer mode: Thanks Viktor,
I believe I applied the changes to the files correctly - where does pfsense save the ntp.conf file ... Christian Borchert
12:19 PM Feature #11496 (Pull Request Review): Support for NTP Peer mode: Jim Pingle
07:11 AM Feature #11496: Support for NTP Peer mode: Christian Borchert wrote in #note-3:
> Viktor Gurov wrote in #note-2:
> > https://gitlab.netgate.com/pfSense/pfSens... Viktor Gurov
06:59 AM Feature #11496: Support for NTP Peer mode: Viktor Gurov wrote in #note-2:
> https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/458
Hi Viktor,
Th... Christian Borchert
01:55 AM Feature #11496: Support for NTP Peer mode: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/458 Viktor Gurov
11:29 AM Regression #11570 (New): Gateway monitoring services is not always restarted on interface events, which may prevent a WAN from recovering back to an online state: same issue on 22.01.a.20211029.0500 - once failover from WAN to LTE(WAN2) happens it will never fail back until I man... Viktor Gurov
09:42 AM Regression #12517 (Resolved): pfSense-rc console errors on old zfs scheme (zroot): Thanks for the report. The fix will be in tomorrows snapshot. Brad Davis
08:43 AM Regression #12517 (Waiting on Merge): pfSense-rc console errors on old zfs scheme (zroot): Brad Davis
07:39 AM Bug #12519: Fail authentication using special character in password via the LDAP connector: a similar issue with RADIUS authentication - #10352 Viktor Gurov
07:10 AM Bug #12519 (New): Fail authentication using special character in password via the LDAP connector: Hi all,
using openVPN authentication by ldap connector to AD 2016 server, I realized that using a character in the... Luca De Andreis
12:09 AM Feature #12518 (Closed): Restore RRD and extra data from configuration backups when restoring during installation: Currently bsdinstall script simply removes any extra data or RRD data from the config.xml:
https://github.com/pfsens... Viktor Gurov

11/11/2021

11:01 PM Bug #12010 (Closed): System default gateway doesn't automatically switch from an inactive gateway if a specific gateway is selected: actually the correct behavior Viktor Gurov
10:57 PM Bug #12514: Trying to delete an assigned PPPoE interface fails without printing an error message: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/457 Viktor Gurov
04:27 PM Revision 7d34f350: Unbreak build: vim doesn't have console FLAVOR: Renato Botelho
02:38 PM Regression #12517 (Resolved): pfSense-rc console errors on old zfs scheme (zroot): After update to 2.6.0.a.20211111.0600 from ~Oct.24-2021 build, and booting with older zfs layout (zroot instead of pf... B C
09:05 AM Bug #12498 (Feedback): Input validation error can unintentionally result in removal of PPP type interface settings: Applied in changeset commit:6a9435a66ee6257dd411b3c6a7248d7a29f9a35a. Viktor Gurov
08:14 AM Bug #12498 (Pull Request Review): Input validation error can unintentionally result in removal of PPP type interface settings: Jim Pingle
02:33 AM Bug #12498 (New): Input validation error can unintentionally result in removal of PPP type interface settings: PPPoE/L2TP/PPTP configuration on the interfaces.php without creating associated interfaces on the interfaces_ppps.php... Viktor Gurov
08:16 AM pfSense Packages Bug #11525: pfsense 2.5.0 release version for vlan issue to suricata: may be related: https://forum.netgate.com/topic/166844/important-info-inline-ips-mode-with-suricata-and-vlans Viktor Gurov
08:06 AM Revision 6a9435a6: Keep port value for PPPoE/L2TP/PPTP on interfaces.php page. Fixes #12498: Viktor Gurov
03:53 AM pfSense Packages Bug #12507 (Pull Request Review): Add support for bi-directional flows in softflowd: Viktor Gurov
12:36 AM Bug #12515 (Duplicate): Missing input validation check for 6RD Tunnel IPv6 Configuration Type setup: Duplicate of #12435 Viktor Gurov

11/10/2021

05:43 PM Revision 639d6600: Add a bit more output when figuring out which distfile cache to use: Brad Davis
05:43 PM Revision 4fd12650: Try to use the distfiles cache for our branch but fall back if needed: This will allow us to avoid downloading everything new when we start a
new release Brad Davis
05:43 PM Revision 2e6f6523: Save the distfiles to s3 with the git branch as part of the name: This will help us clean out old distfiles we do not need while providing
the ability to keep old distfiles around if ... Brad Davis
05:43 PM Revision 662b59e7: Clean up old distfiles using poudriere distclean: Brad Davis
05:42 PM Revision 9637896b: Tell us the name of the logs tarball so we don't have to go hunting through s3: Brad Davis
05:42 PM Revision 11408c41: Add missing quotes: Renato Botelho
05:42 PM Revision 88ae8b00: Replace - by _ on repository path: Renato Botelho
05:42 PM Revision 64d4269d: Followup e324755bee, combine sed and add g flag: Renato Botelho
05:42 PM Revision a726f9ce: poudriere upstream is not supporting dashes in ports tree names.: This is to prevent issues with sets, so we need to respect the change
https://github.com/freebsd/poudriere/issues/897 Brad Davis
05:42 PM Revision da99d38d: Increase the number of logs we are keeping: Brad Davis
05:41 PM Revision 9c18a3ef: Remove a trailing \r that prevents s3 rm from working: Brad Davis
05:41 PM Revision 174eded8: Set the output format to avoid \r on line endings preventing log files from being deleted: Brad Davis
05:41 PM Revision b6da492d: AWS: Separate release tarballs by branch: Renato Botelho
05:41 PM Revision 4a9f9c8d: AWS: Add FLAVOR to distfiles.tar: Renato Botelho
05:40 PM Revision f189057c: AWS: Add branch name to pkgs tarball: Renato Botelho
05:40 PM Revision 5e4fae22: AWS: Simplify logic using 's3 ls' to check if file exists: Renato Botelho
05:40 PM Revision bc93182c: AWS: Make sure distfiles.tar exist before try to download it: Renato Botelho
05:40 PM Revision 3d35f537: AWS: Add missing s3 parameter to ls: Renato Botelho
05:40 PM Revision a74b6ac8: AWS: Add FLAVORS to pkgs cache: Renato Botelho
05:40 PM Revision 86c3bc4f: Do not force git remote to be called origin: Renato Botelho
05:39 PM Revision 405e82b7: AWS: Create initial stashed ports tree on S3: Renato Botelho
05:39 PM Revision 5796b157: AWS: Simplify logic: Create aws_exec() and replace all direct calls to use it Renato Botelho
05:39 PM Revision 5c13cded: Always save built pkgs progress: Brad Davis
05:39 PM Revision fae5a143: Replace factory by ${FLAVOR}: Renato Botelho
05:38 PM Revision 8d49874f: Build improvements for using AWS:: * Use release artifacts from S3 to populate poudriere jails
* Pull prebuilt pkgs from S3 to only rebuild changed item... Brad Davis
03:57 PM Revision e53c0bf4: pfSense-rc: Fix ZFS reservation: e804230c08 introduced an error when USE_ZFS is not set:
Starting syslog...done.
[: : bad number
Starting CRON... don... Renato Botelho
02:48 PM Bug #12095: Memory leak in pcscd: The same happened to me today. I realized it when I started receiving e-mails with lines like... Phil K
08:19 AM pfSense Plus Bug #12516 (Rejected): Backup/Restore NAT should auto-create associated firewall rules: That wouldn't be possible. The associated rules are linked but separate, you have to restore both NAT and firewall ru... Jim Pingle
08:06 AM pfSense Plus Bug #12516 (Rejected): Backup/Restore NAT should auto-create associated firewall rules: I am in the process of migrating settings from an older HA pair of XG-7100 units to a new HA pair of XG-1537. I just... Marc Mapplebeck
04:15 AM Bug #12515 (Duplicate): Missing input validation check for 6RD Tunnel IPv6 Configuration Type setup: You can add any value in the *6RD Prefix* field under Interfaces/WAN - IPv6 Configuration Type 6RD Tunnel. The input ... Danilo Zrenjanin
03:49 AM Bug #12371 (Resolved): Remove subnet overlap check on LAN interfaces when using 6rd: Tested against:... Danilo Zrenjanin
03:03 AM Bug #12514 (Resolved): Trying to delete an assigned PPPoE interface fails without printing an error message: If you try to delete a PPPoE interface (under Interfaces/PPPs) assigned to a physical interface, it will fail without... Danilo Zrenjanin
02:33 AM Bug #12498 (Resolved): Input validation error can unintentionally result in removal of PPP type interface settings: Tested against:... Danilo Zrenjanin
12:11 AM Revision e804230c: Add a ZFS reservation of 10%: Brad Davis

11/09/2021

07:30 PM Feature #9877: QEMU Guest Agent: Let me know if your wanting anyone to help test, I have several proxmox servers and cant wait to be able to install t... jake xanaro
03:59 PM pfSense Packages Feature #12513: WireGuard Utilization Status (Beyond Active Connection): Actually, perhaps it would be better if the yellow indicator could show if the WG connection was used in the previous... Jum Pers
03:46 PM pfSense Packages Feature #12513 (New): WireGuard Utilization Status (Beyond Active Connection): WG and pfSense are working very well together these days - thank you for the continued code and UI updates.
A feat... Jum Pers
11:18 AM pfSense Packages Bug #12399 (Resolved): WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: Excellent! Thanks for the continued feedback!
:) Christian McDonald
11:02 AM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: Christian McDonald wrote in #note-24:
> Look for Package Version 0.1.5_2, which will also upgrade net/wireguard-kmod... Ryan Roosa
07:27 AM pfSense Plus Bug #12512 (Closed): Netgate Hardware (SG-1100 - SG3100) preloaded firmware issues: Tim,
Unfortunately we can't replicate anything like that update check issue here, and there isn't enough detail to... Jim Pingle
07:10 AM pfSense Packages Bug #12487 (Feedback): Netgate Firmware Upgrade 0.41.1 offers to upgrade FW version 01.00.00.11 to itself: Fixed in the latest package update (0.46 for CE and 0.43 for Plus).
Let me know if something doesn't work. Luiz Souza

11/08/2021

04:17 PM pfSense Plus Bug #12512 (Closed): Netgate Hardware (SG-1100 - SG3100) preloaded firmware issues: I have noticed on all of our Netgate hardware we have to re-install the OS upon receiving, failure to do so prevents ... Tim Brogdon
03:13 PM Revision a69cd017: Add a bit more output when figuring out which distfile cache to use: Brad Davis
01:08 PM Revision c58db203: Do not change ports value for PPPoE/L2TP/PPTP on interfaces.php page. Fixes #12498: Viktor Gurov
12:03 PM Todo #12511 (Resolved): Add note in log settings that disabling logging also disables ``sshguard`` login protection: Tested on @21.05@ and @22.01.a.20211103.2115@.
Before changes:... Marcos M
09:42 AM Bug #12510 (Not a Bug): pfSense selecting unwanted GW as default: There is already a mechanism to control which gateways are selected for automatic use by the firewall as a default ga... Jim Pingle
02:30 AM Bug #12510 (Not a Bug): pfSense selecting unwanted GW as default: There must be something I do wrong but I cannot seem to find the right answer.
I've switched my pfSense to BGP so ... Joey Doe
09:40 AM Regression #12345 (Resolved): Captive Portal users cannot get past portal even after successfully logging in: Jim Pingle
07:15 AM Bug #12498 (Feedback): Input validation error can unintentionally result in removal of PPP type interface settings: Applied in changeset commit:c58db2033bacd99196ee025377ac1d654eddb28e. Viktor Gurov
04:14 AM Feature #11118: Backup and restore SSH host key(s): https://gitlab.netgate.com/pfSense/FreeBSD-src/-/merge_requests/28 Viktor Gurov
04:01 AM Bug #12509: Deffered authentication does not work with auth-gen-token external-auth or pusk "auth-token": Some more info - with deferred plugin we get:
Nov 8 10:02:46 openvpn 53695 arek/192.168.100.3:58560 TLS Error: loc... Arkadiusz Rzadkowolski
02:18 AM Bug #12509 (New): Deffered authentication does not work with auth-gen-token external-auth or pusk "auth-token": I am able to use properly deferred authentication on normal login.
Problem rises when I try to use auth-gen-token ... Arkadiusz Rzadkowolski

11/06/2021

03:41 PM Regression #12345: Captive Portal users cannot get past portal even after successfully logging in: I tested Captive Portal in
22.01-DEVELOPMENT (amd64)
built on Fri Nov 05 05:21:41 UTC 2021
FreeBSD 12.3-PRERELEA... Max Leighton
11:53 AM Bug #11960: Gateway Monitoring Traffic Goes Out Default Gateway: I failed to replicate that in
22.01-DEVELOPMENT (amd64)
built on Fri Nov 05 05:21:41 UTC 2021
FreeBSD 12.3-PRERE... Max Leighton
11:25 AM Bug #12508 (New): DHCP Relay over VPN: Currently, DHCP Relay does not work with OpenVPN TAP nor IPsec VTI.
Since the VTI doesn't have a MAC, the interfac... Marcos M
03:01 AM pfSense Packages Bug #12507: Add support for bi-directional flows in softflowd: PR exists in github here: https://github.com/pfsense/FreeBSD-ports/pull/1119 Vito Piserchia
02:59 AM pfSense Packages Bug #12507 (Pull Request Review): Add support for bi-directional flows in softflowd: In order to support IPFIX bi-directional flows, the "-b" param should be added Vito Piserchia
01:01 AM pfSense Packages Bug #12506 (Resolved): Only selected instance is restarted on suppress list change: How to reproduce:
1) Create a Suppress List 'testsupplist'
2) Configure Suricata for the LAN interface and select... Viktor Gurov
12:15 AM Todo #8451 (Resolved): System Information dashboard widget - Kernel PTI toggle: implemented in #9532 Viktor Gurov

11/05/2021

10:06 PM Feature #11496: Support for NTP Peer mode: Bounty here: https://forum.netgate.com/topic/167670/ntp-add-peer-100 Christian Borchert
03:49 PM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: Look for Package Version 0.1.5_2, which will also upgrade net/wireguard-kmod to 0.0.20210606_2. Both are available on... Christian McDonald
02:35 PM Regression #11545: Primary interface address is not always used when VIPs are present: Kris Phillips wrote in #note-16:
> What version of pfSense are you running right now?
As noted above, 21.05.2.
... Denny Page
02:16 PM Bug #11679 (Closed): Policy-based Routing (outbound) and port forwarding (inbound) "selectively" working through WG tunnel: Christian McDonald
01:29 PM Bug #12505: NAT issues with IPsec passthrough: Understandable that this is a limitation of pf, and I appreciate the info on using a floating rule to prevent the lea... Kev Kitchens
01:04 PM Bug #12505 (Not a Bug): NAT issues with IPsec passthrough: This is expected behavior when using static port on outbound NAT rules, and is not a bug.
We already have numerous... Jim Pingle
12:35 PM Bug #12505 (Not a Bug): NAT issues with IPsec passthrough: I've noticed some issues with the automatic IPsec passthrough rules generated when the outbound NAT is set to automat... Kev Kitchens
04:51 AM Bug #12504 (New): BCM57412 NetXtreme-E 10Gb RDMA Ethernet controller issue: We have pfSense 2.5.2 installed and faced with same issue as described in https://lists.freebsd.org/archives/freebsd-... Sergey Dyatko

11/04/2021

09:36 PM Bug #12259: Intel em NICs Suffering Performance Degradation on FreeBSD12: Based on the bug report as long as TCP Offload is disabled this shouldn't be an issue on FreeBSD 12.X. With TCP Offl... Kris Phillips
09:30 PM Bug #12434: Multiple cURL Vulnerabilities: cURL has been updated to 7.79.1 pfSense Plus 22.01. This only affects CE at this point. Kris Phillips
09:21 PM Regression #11545: Primary interface address is not always used when VIPs are present: Denny Page wrote in #note-15:
> I can share info from my install if you like. Unless I disable DHCP6 on the WAN inte... Kris Phillips
03:06 PM Revision d1e65bb2: Automatic outbound NAT for Reflection IPv6 support. Fixes #12500: Viktor Gurov
03:03 PM Revision dd8f951d: IPsec Keep Alive Gateway Group CARP support. Fixes #12472: Viktor Gurov
01:01 PM pfSense Packages Bug #12490 (Rejected): pfSense(CE) completely freezes up with WireGuard: Closing due to inactivity.
If this continues to be a problem, please reach out via our social media and/or forum c... Christian McDonald
12:58 PM pfSense Packages Bug #12399 (Feedback): WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: We have pulled in the upstream patches and bumped our version numbers. You should find a new package version availabl... Christian McDonald
12:57 PM Bug #12503 (Resolved): Unable to delete limiter referenced in filter rules: Tested on the:... Danilo Zrenjanin
01:45 AM Bug #12503 (Feedback): Unable to delete limiter referenced in filter rules: Applied in changeset commit:d0c6bc9a88fd5f054eabf379863e453c0228e808. Viktor Gurov
10:15 AM Bug #12500 (Feedback): Automatic outbound NAT for reflection does not support IPv6: Applied in changeset commit:d1e65bb28972baab2adab0d665b0fb6ea30447e0. Viktor Gurov
10:15 AM Bug #12472 (Feedback): IPsec Keep Alive does not work correctly with gateway groups in HA: Applied in changeset commit:dd8f951de8ffd0546cb15e97569701859db2a111. Viktor Gurov
06:34 AM Revision d0c6bc9a: Allow to delete limiter referenced in filter rules. Fixes #12503: Viktor Gurov

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

12/03/2021

12/02/2021

12/01/2021

11/30/2021

11/29/2021

11/28/2021

11/27/2021

11/26/2021

11/25/2021

11/24/2021

11/23/2021

11/22/2021

11/21/2021

11/20/2021

11/19/2021

11/18/2021

11/17/2021

11/16/2021

11/15/2021

11/14/2021

11/13/2021

11/12/2021

11/11/2021

11/10/2021

11/09/2021

11/08/2021

11/06/2021

11/05/2021

11/04/2021