Activity

30 days up to

User

Subprojects

Activity

From 11/20/2021 to 12/19/2021

12/19/2021

09:27 PM Bug #12003: Pie and ``fq_pie`` are missing options and do not handle floating point number input correctly: https://github.com/pfsense/pfsense/pull/4549 Anonymous
09:24 PM Bug #12003: Pie and ``fq_pie`` are missing options and do not handle floating point number input correctly: Latest patch fixes some fq_pie setting showing up in none fq_pie limiters. Anonymous
02:58 PM Feature #12618 (Duplicate): Support for Network Time Security for NTP (RFC 8915): Duplicate of #8149 Viktor Gurov
09:47 AM Feature #12618 (Duplicate): Support for Network Time Security for NTP (RFC 8915): Please add support for NTS, the Network Time Security for the Network Time Protocol, RFC 8915.
NTPSec, a hardened ... Adrian Zaugg

12/18/2021

04:59 PM Bug #7152: Unbound / DNS Resolver issue if "Register DHCP static mappings in the DNS Resolver" set before wildcard DNS custom options: Tested this on 2.5.2. Unable to reproduce issue any longer. This was likely resolved in a previous unbound update. Kris Phillips
04:41 PM Bug #5849: Routing fail on CARP IPsec: I haven't been able to reproduce this on the latest pfSense versions. Perhaps this functionality was improved in new... Kris Phillips
04:38 PM pfSense Packages Bug #12260: Update popup and version missmatch?: Freshports has 5.0 available in it. We should update ntop to the new version. Kris Phillips
04:32 PM Bug #7235: 4860 has not got significant IPsec performance rising with enabled HW acceleration: Sean McBride wrote in #note-2:
> I have a 4860 running newest pfsense, and I use IPSec. How could I do performance ... Kris Phillips
04:15 PM pfSense Packages Feature #11022: Add feeds from Firebog.net to pfBlockerNG: pfBlockerNG does not have a feeds section, but pfBlockerNG-devel 3.1.0 has a feeds list which now include firebog - S... Jordan G
02:58 PM Feature #12316 (Resolved): Include firewall rules generated from OpenVPN RADIUS ACL entries in status output: Tested on
2.6.0-BETA (amd64)
built on Fri Dec 17 17:03:58 UTC 2021
FreeBSD 12.3-STABLE
I see the OpenVPN-Gene... Max Leighton
02:56 PM Feature #12321 (Resolved): Pop-up window to view firewall rules generated from RADIUS ACL entries on the OpenVPN status page: Tested on
2.6.0-BETA (amd64)
built on Fri Dec 17 17:03:58 UTC 2021
FreeBSD 12.3-STABLE
I can see the RADIUS A... Max Leighton
11:12 AM Bug #12614 (Resolved): Pushover notifications fail: Tested against the:... Danilo Zrenjanin

12/17/2021

09:33 PM Feature #12342 (Resolved): Dynamic DNS client proxy support: check box is shown up if Proxy URL is added in Proxy Support.
2.6.0.b.20211217.1435
Alhusein Zawi
01:59 PM Revision 4dde40ec: Pushover notifications fix. Issue #12614: Viktor Gurov
01:44 PM Bug #12374 (Resolved): Update python to address vulnerabilities < 3.8.12: 22.01.b.20211216.1427 and 2.6.0.b.20211217.1435 uses python38-3.8.12_1 Viktor Gurov
01:42 PM Bug #12434 (Resolved): Multiple cURL Vulnerabilities: Viktor Gurov
01:32 PM Bug #12614 (Feedback): Pushover notifications fail: Merged Viktor Gurov
08:22 AM Bug #12614 (Pull Request Review): Pushover notifications fail: Jim Pingle
08:00 AM Bug #12614: Pushover notifications fail: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/514 Viktor Gurov
07:41 AM Bug #12614 (Resolved): Pushover notifications fail: https://forum.netgate.com/topic/168178/pushover-notifications-fail-to-work:... Viktor Gurov
12:24 PM Regression #12617 (Closed): Dynamic DNS client updates using a private IP address when it cannot determine the public IP address: Under some conditions the dyndns up client can send a private IP address even though 'Use public IP' is set.
For e... Steve Wheeler
11:28 AM Feature #12616: Option to filter state table contents by rule ID: See also: https://redmine.pfsense.org/issues/12092 Utilize new ``pfctl`` ability to kill states by label Steve Wheeler
11:28 AM Feature #12616 (Resolved): Option to filter state table contents by rule ID: The Diag > States page can already filter by ruleid but only when the page is called with that via the firewall rules... Steve Wheeler
10:49 AM Bug #12585: ``rc.notify_message`` only sends notifications via SMTP: Updating subject for release notes. Jim Pingle
10:48 AM Bug #12589: Dynamic DNS updates do not respect certificate authority trust store: Updating subject for release notes. Jim Pingle
10:47 AM Bug #12352: Update Dynamic DNS code for one.com to use their new login process: Updating subject for release notes. Jim Pingle
09:36 AM Regression #12615: MAC passthrough does not work on the latest snapshot: ipfw show output:... Viktor Gurov
09:01 AM Regression #12615 (Resolved): MAC passthrough does not work on the latest snapshot: CP login page always appears
config.xml is ok:... Viktor Gurov
08:46 AM Bug #11142: rc.newwanip restarts VPN services when the IP matches: original user issue:
"We've noticed every X hours that services restart on our pfSense FW and this results in people... Viktor Gurov
08:31 AM Bug #12590 (Pull Request Review): Dynamic DNS custom IPv6 service fails on 6rd tunnels: Jim Pingle
08:25 AM Bug #12590: Dynamic DNS custom IPv6 service fails on 6rd tunnels: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/515 Viktor Gurov
07:37 AM Bug #12612 (Pull Request Review): DNS Resolver is restarted during every ``rc.newwanip`` event even for interfaces not used in the resolver: Jim Pingle
06:46 AM Bug #12612: DNS Resolver is restarted during every ``rc.newwanip`` event even for interfaces not used in the resolver: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/513 Viktor Gurov
06:33 AM Bug #12612 (Resolved): DNS Resolver is restarted during every ``rc.newwanip`` event even for interfaces not used in the resolver: Regardless of the use of the interface in the DNS Resolver configuration, it's restarted at every rc.newwanip event
... Viktor Gurov
07:36 AM Bug #12611 (Pull Request Review): SNMP daemon is restarted during every ``rc.newwanip`` event: Jim Pingle
06:29 AM Bug #12611: SNMP daemon is restarted during every ``rc.newwanip`` event: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/512 Viktor Gurov
05:41 AM Bug #12611 (Resolved): SNMP daemon is restarted during every ``rc.newwanip`` event: Regardless of the use of the interface in the SNMP daemon configuration, it's restarted at every rc.newwanip event
... Viktor Gurov
07:35 AM Bug #12610 (Pull Request Review): Dynamic DNS services are restarted at every rc.newwanip event, regardless of whether the IP is changed or not: Jim Pingle
05:34 AM Bug #12610: Dynamic DNS services are restarted at every rc.newwanip event, regardless of whether the IP is changed or not: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/511 Viktor Gurov
05:27 AM Bug #12610 (Duplicate): Dynamic DNS services are restarted at every rc.newwanip event, regardless of whether the IP is changed or not: They should only run on the new/changed IP address Viktor Gurov
07:32 AM Bug #12609 (Pull Request Review): IGMP Proxy server is restarted during every ``rc.newwanip`` event: Jim Pingle
05:25 AM Bug #12609: IGMP Proxy server is restarted during every ``rc.newwanip`` event: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/510 Viktor Gurov
03:51 AM Bug #12609 (Resolved): IGMP Proxy server is restarted during every ``rc.newwanip`` event: Regardless of the use of the interface in the IGMP Proxy configuration, it's restarted at every rc.newwanip event
... Viktor Gurov
07:25 AM Bug #12613 (Resolved): DNS Resolver does not restart during link up/down events on a static IP address interface: How to reproduce:
1) Configure the interface with Static IPv4
2) Select this interface in the "Network Interfaces... Viktor Gurov

12/16/2021

07:06 PM Revision 7054b63f: Use Trusted Store CAs for Dynamic DNS. Fixes #12589: Viktor Gurov
05:57 PM Revision da836151: Bounce dipinger when bringing down interface that has a gateway: Christian McDonald
05:12 PM Revision fc31c0dd: Restart RADVD on interface IPv6 address change. Fixes #12604: Viktor Gurov
04:47 PM Revision 5cf7119e: Fix autoloader paths: Without this change composer will put this in autoloader_static:
'pfSense\\' => array($baseDir . '/../../../../../..... Brad Davis
03:46 PM Bug #11142: rc.newwanip restarts VPN services when the IP matches: Pretty sure this breaks gateway monitoring when the WAN comes back on the same IP.
See https://redmine.pfsense.org... Scott Silver
03:46 PM Regression #11570: Gateway monitoring services is not always restarted on interface events, which may prevent a WAN from recovering back to an online state: Note that https://redmine.pfsense.org/issues/11142 was the bug that someone fixed that tries to solve some other prob... Scott Silver
01:03 PM Regression #11570: Gateway monitoring services is not always restarted on interface events, which may prevent a WAN from recovering back to an online state: I think I may have tracked down one of the problems here. It seems that pfSense is forgetting to reset the gateway mo... Scott Silver
03:14 PM pfSense Packages Bug #12608 (New): WireGuard tunnels monitored by dpinger causing system to stop routing completely in certain situations: Current workaround is to disable gateway monitoring on WireGuard tunnel gateways.
(I will be noting observations h... Christian McDonald
02:34 PM Regression #12581: Non Link-Local IPv6 CARP address does not get advertised to endpoints with RADVD: Please note: RFC compliant clients *must not* accept a router unless it is a link-local address (see "RFC4861 section... znerol znerol
01:15 PM pfSense Plus Bug #12607 (Closed): Instability with Snort Inline with AWS Instances: The ena driver seems to have instability when enabling inline snort. Because AWS is behind NAT Legacy mode is not vi... Kris Phillips
01:15 PM Bug #12589 (Feedback): Dynamic DNS updates do not respect certificate authority trust store: Applied in changeset commit:7054b63fc56fec307577c978d10f88e552141e53. Viktor Gurov
12:35 PM Bug #12589 (Pull Request Review): Dynamic DNS updates do not respect certificate authority trust store: Jim Pingle
12:31 PM Bug #12589: Dynamic DNS updates do not respect certificate authority trust store: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/509 Viktor Gurov
12:42 PM Bug #11416: OpenVPN IPv4 Tunnel Network incorrectly allows hostnames: Yes, I can confirm it's not fixed yet.
Tested against:... Danilo Zrenjanin
12:33 PM Feature #12325 (Resolved): IPv6 support for base system SNMP service: Tested against:... Danilo Zrenjanin
12:07 PM Bug #11764 (Pull Request Review): IPv6 link local gateway default status not indicated in GUI: Jim Pingle
11:58 AM Bug #11764: IPv6 link local gateway default status not indicated in GUI: it's better to have a separate fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/508 Viktor Gurov
05:01 AM Bug #11764: IPv6 link local gateway default status not indicated in GUI: fix in https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/336#note_46591 Viktor Gurov
11:20 AM Bug #12604 (Feedback): IPv6 interface prefix change not reflected in RADVD configuration: Applied in changeset commit:fc31c0dd22d5212c22696ec24f8ab174f22279bb. Viktor Gurov
10:30 AM Bug #12604 (Pull Request Review): IPv6 interface prefix change not reflected in RADVD configuration: Jim Pingle
06:06 AM Bug #12604: IPv6 interface prefix change not reflected in RADVD configuration: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/505 Viktor Gurov
05:23 AM Bug #12604 (Resolved): IPv6 interface prefix change not reflected in RADVD configuration: https://forum.netgate.com/topic/168410/ipv6-prefix-change-not-reflected-in-ra-messages:
"This may pre-date 20211210,... Viktor Gurov
11:18 AM Bug #11960: Gateway Monitoring Traffic Goes Out Default Gateway: James Blanton wrote in #note-3:
> UPDATE! Bug only exists upon "link down"
Unable to reproduce on 22.01.b.2021121... Viktor Gurov
10:10 AM Bug #12606: ``devd`` is not configured to act on USB interface attach/detach events: A WAN connectivity failure shouldn't cause the ue0 interface to disappear and reappear, though. Unless that's a new m... Jim Pingle
09:24 AM Bug #12606: ``devd`` is not configured to act on USB interface attach/detach events: Jim Pingle wrote in #note-1:
> Since we do not support hotplugging interfaces and a USB interface couldn't be assign... Viktor Gurov
08:25 AM Bug #12606: ``devd`` is not configured to act on USB interface attach/detach events: Since we do not support hotplugging interfaces and a USB interface couldn't be assigned and unplug/replug like that, ... Jim Pingle
08:20 AM Bug #12606 (Resolved): ``devd`` is not configured to act on USB interface attach/detach events: There us no rc.linkup events on USB modem attach/detach:
Detach:... Viktor Gurov
08:24 AM pfSense Plus Feature #12546: Add 2FA Support to pfSense Plus Local Database Authentication: Yes please! Eyvind Baadnes
08:23 AM Feature #4242: Two Factor or OTP Authentication for Admin Interface: We would like to see this implemented. This year we have seen a big increase from companies requiring this feature. A... Eyvind Baadnes
07:47 AM Regression #12605 (Resolved): ``diag_dump_states.php`` no longer filters by rule ID: The webgui state table output can be filtered by rule ID by calling it directly, for example:
https://26dev.stevew.l... Steve Wheeler
05:11 AM Feature #12416 (Resolved): Support OpenVPN ``client-kill`` to terminate remote clients instead of clearing their session: Tested again. This time against:... Danilo Zrenjanin
04:36 AM Bug #11662 (Resolved): QinQ using OpenVPN ``ovpn`` interface as a parent is not configured at boot time: I have overseen the fact that OpenVPN must be in TAP mode.
Tested QinQ with OpenVPN in TAP mode as a parent interf... Danilo Zrenjanin
03:17 AM Bug #11662: QinQ using OpenVPN ``ovpn`` interface as a parent is not configured at boot time: I replicated the issue on the following:... Danilo Zrenjanin
03:27 AM Feature #11496 (Resolved): Support for NTP Peer mode: Tested against:... Danilo Zrenjanin
02:50 AM Bug #10513: State issues with policy routing and HA failover: Tested in 2.5.2. This seems to still be a big issue.
pfSync is basically useless on a Multi-WAN setup, all states fr... Jose Duarte

12/15/2021

04:38 PM Revision e7de40d5: One.com DDNS update. Issue #12352: (cherry picked from commit 9a84d3b0b5e4709a5bde99d3edf4f8e89524b602) Viktor Gurov
03:25 PM Revision 26671c4d: Ensure we always save logs to S3, even when the built pkg list is the same: Brad Davis
01:08 PM Bug #12352 (Feedback): Update Dynamic DNS code for one.com to use their new login process: Merged Viktor Gurov
12:28 PM Todo #12601 (Pull Request Review): Optimize fw rules load on boot: Jim Pingle
12:20 PM Todo #12601: Optimize fw rules load on boot: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/504 Viktor Gurov
10:53 AM Todo #12601: Optimize fw rules load on boot: see also #12335 Viktor Gurov
10:53 AM Todo #12601 (Closed): Optimize fw rules load on boot: https://github.com/pfsense/pfsense/blob/master/src/etc/rc.bootup#L268-L274:... Viktor Gurov
11:00 AM Feature #12602 (New): DHCPv6 should allow DDNS Client updates for hosts: There is already a DDNS Option in the DHCPv6-Server but it can't be used together with the DDNS Client(s) in services... Bob Dig
10:45 AM Feature #12600 (New): allow custom mask for a network alias created from a FQDN: This is not IPv6 specific:
It would be nice if a network alias created from a FQDN could have a mask other then /128... Bob Dig
06:23 AM Bug #12003: Pie and ``fq_pie`` are missing options and do not handle floating point number input correctly: https://github.com/pfsense/pfsense/pull/4548 Viktor Gurov
06:23 AM Bug #12579: Utilize ``dnctl(8)`` to apply limiter changes without a filter reload: 1) #12003 should be merged first
2) Converting ipfw -> dnctl is not that difficult, but @dnctl(8)@ needs the "-f" op... Viktor Gurov

12/14/2021

07:20 PM pfSense Docs Correction #12598 (Closed): Alias use with static routes: The warning about using aliases for static routes no longer applies after the fixes in 22.01. There is still somethin... Marcos M
06:53 PM pfSense Docs New Content #12597: How to reset IPMI settings and password for Netgate appliances: General steps:
Load kernel module
# kldload ipmi
Reset password
# ipmitool user list
# ipmitool user set passw... Marcos M
06:50 PM pfSense Docs New Content #12597 (Resolved): How to reset IPMI settings and password for Netgate appliances: For cases in which the password is lost (e.g. label is worn out) or settings need to be reset to something specific, ... Marcos M
06:42 PM pfSense Docs Todo #12596 (Closed): OpenVPN Site to Site configuration examples should note to change the inactive value: For site to site OpenVPN configurations, the expectation is that the VPN will stay established. Since the default val... Marcos M
06:28 PM Revision 5ea2588a: 2.6.0 is now BETA: Glen Barber
05:46 PM Revision 7dc6967d: Added Netgate CA to image: Steve Beaver
03:19 PM Revision 99dc9ef7: Save rsync output to file instead of throwing it away: Brad Davis
01:54 PM Revision 2fbbd164: Init tracker ID before filter reload. Fixes #12588: Jim Pingle
01:17 PM Revision 5ae0ac7f: netgate-ca.pem is now in the base image at /usr/local/share/${product_name}/ssl/netgate-ca.pem: /etc/pfSense-rc has been updated to move the CA to /etc/ssl on boot
custom key and custom cert are now saved to /etc/... Steve Beaver
10:25 AM Bug #12588: Automatic rule tracker IDs incorrect after multiple filter reloads: Updating subject for release notes. Jim Pingle
08:19 AM Bug #12588: Automatic rule tracker IDs incorrect after multiple filter reloads: Looks good. Systems that were coming up incorrectly numbered at boot every time are no longer doing so with that patc... Steve Wheeler
08:00 AM Bug #12588 (Feedback): Automatic rule tracker IDs incorrect after multiple filter reloads: Applied in changeset commit:2fbbd1642e23c6c27ca27b73a556e25919d9c490. Jim Pingle
07:44 AM Bug #12588: Automatic rule tracker IDs incorrect after multiple filter reloads: The easiest way to replicate is to run:... Jim Pingle
07:43 AM Bug #12588: Automatic rule tracker IDs incorrect after multiple filter reloads: This can happen if @filter_configure_sync()@ runs twice and @filter.inc@ is only loaded once. The tracker variables a... Jim Pingle
09:07 AM Todo #12556: Comply with current iteration standards when encrypting and decrypting configuration files: Jim Pingle wrote in #note-7:
> Old backups can be restored what would fail is new backups made with different iterat... Phil Wardt
07:22 AM pfSense Packages Bug #11054 (Assigned): Check Client Certificate CN not working as described: Tested on 21.05_2 and on 22.01-DEVELOPMENT (built on Tue Dec 14 06:23:27 UTC 2021)
I can't make EAP-TLS working fo... Azamat Khakimyanov

12/13/2021

09:24 PM Revision 10006140: #12003 This commit adds missing settings, zero and floating point support for those settings to the limiter scheduler fq_pie.: Harley Peters
08:05 PM Revision 6317d66d: syslog: fix ridentifier retrieval when looking up by rule number: pf rules no longer include the ridentifier immediately after the rule
number but instead list it as a separate keywor... Kristof Provost
07:29 PM Bug #12590 (Resolved): Dynamic DNS custom IPv6 service fails on 6rd tunnels: I use a "Custom" DDNS service to register my dynamic home IP address as a subdomain of my dedicated server domain. T... Daniel Engel
07:14 PM Revision 02fcba75: Send Telegram/Pushover/Slack notifications on CARP MASTER event. Fixes #12584: Viktor Gurov
07:14 PM Revision 61a326a4: Use notify_all_remote() in /etc/rc.notify_message. Fixes #12585: Viktor Gurov
06:53 PM Bug #12589 (Closed): Dynamic DNS updates do not respect certificate authority trust store: I use a "Custom" DDNS service to register my dynamic home IP address as a subdomain of my dedicated server domain (st... Daniel Engel
06:02 PM Bug #12588 (Resolved): Automatic rule tracker IDs incorrect after multiple filter reloads: In some circumstances the generated ruleset is created with unexpected tracker ID values at boot.
The values seen ... Steve Wheeler
01:35 PM Revision 8acd2c9e: syslog: fix ridentifier retrieval: pf rules no longer include the ridentifier immediately after the rule
number but instead list it as a separate keywor... Kristof Provost
01:20 PM Bug #12584 (Feedback): ``rc.carpmaster`` only sends notifications via SMTP: Applied in changeset commit:02fcba75a005621591fe420d1301922109f70d1d. Viktor Gurov
08:02 AM Bug #12584 (Pull Request Review): ``rc.carpmaster`` only sends notifications via SMTP: Jim Pingle
01:20 PM Bug #12585 (Feedback): ``rc.notify_message`` only sends notifications via SMTP: Applied in changeset commit:61a326a45e72fc17fd84e103964f257fe176056f. Viktor Gurov
08:06 AM Bug #12585 (Pull Request Review): ``rc.notify_message`` only sends notifications via SMTP: Jim Pingle
11:36 AM Bug #12587 (Rejected): Ipsec lost trafic and status failed: There is not enough information here to classify this as a bug, though many IPsec issues have already been addressed ... Jim Pingle
11:32 AM Bug #12587: Ipsec lost trafic and status failed: ADMIN Please remove the image IPs Ricardo ot
11:19 AM Bug #12587 (Rejected): Ipsec lost trafic and status failed: I have a problem with an Ipsec tunnel.
I have a tunnel established between a Pfsense 2.5.2 and a Checkpoint and when... Ricardo ot
09:02 AM pfSense Packages Bug #12258 (Feedback): Copy key buttons only work in HTTPS mode: Christian McDonald
08:00 AM Todo #12556: Comply with current iteration standards when encrypting and decrypting configuration files: Old backups can be restored what would fail is new backups made with different iteration counts. A backup made on a c... Jim Pingle
07:52 AM Bug #12583 (Rejected): Static route overlap validation check: Overlapping routes of different sizes are valid. The more specific route will be chosen when possible. Jim Pingle
07:42 AM Regression #12582 (Pull Request Review): RADVD can be started on both HA nodes when configured with an IPv6 link-local address: Jim Pingle
07:38 AM Feature #12586 (Rejected): New widget for States: There is a reason we haven't done this already, it doesn't scale and is likely to cause problems.
Reading the stat... Jim Pingle
05:48 AM pfSense Packages Bug #12260: Update popup and version missmatch?: Maybe of interest to let you know that this is also experienced on pfSense+ 21.05.2-RELEASE (arm) R. B.

12/11/2021

08:14 PM Bug #7235: 4860 has not got significant IPsec performance rising with enabled HW acceleration: I have a 4860 running newest pfsense, and I use IPSec. How could I do performance measurements? Sean McBride
08:10 PM Bug #7235: 4860 has not got significant IPsec performance rising with enabled HW acceleration: The 4860 is end of sale and end of support, so may be time to put this one to bed regardless. We should re-run perfo... Kris Phillips
08:14 PM Bug #7387: New Traffic Graph in dashboard resets inverted view to normal view: Tested in 21.05.2:
Opened two tabs, one on Status --> Monitoring and one in Status --> Dashboard with the Traffic ... Kris Phillips
08:03 PM Bug #3796: States summary fails and is very slow with large state tables: Probably a better solution to this would be to limit the number of states displayed and have a multi-page view or hav... Kris Phillips
07:59 PM Bug #4604: NTP time server entries may or may not work, depending upon interfaces selected when configuring NTP service: I'm not able to recreate this issue on the latest versions of pfSense Plus. I suspect similar on CE. Likely this bu... Kris Phillips
07:51 PM Bug #1738: Restore fails when username in backup is not matching: In what situation would this issue present itself? If you're restoring a config file from a previous install to a fr... Kris Phillips
07:46 PM Bug #4451: Status DHCP Leases shows double entries for static entries without IP address: This is still the case today in pfSense Plus 21.05.2 and likely in pfSense CE 2.5.2. See attached screenshot. Kris Phillips
07:43 PM Bug #1667: L2TP server does not respond properly from a CARP VIP: Since we don't recommend L2TP for new IPSec VPN setups, this can likely be closed as Rejected. No point in keeping i... Kris Phillips
05:17 PM Bug #12543: Deleteing a Outbound NAT rule gave me an empty rule and displayed php error in UI.: I also was not able to reproduce this. This bug report should be marked as Feedback until we can determine the steps... Kris Phillips
07:51 AM Bug #12543: Deleteing a Outbound NAT rule gave me an empty rule and displayed php error in UI.: I couldn't replicate it either.
I created/deleted duplicate entries with no issues in Manual/Hybrid mode.
We w... Danilo Zrenjanin
05:13 PM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server: Kris Phillips wrote in #note-3:
> Viktor Gurov wrote in #note-2:
> > openvpn(8):
> > [...]
>
> Since the option... Kris Phillips
05:08 PM pfSense Packages Bug #8258 (Resolved): BIND responds with SERVFAIL when adding/changing records if 'allow-update' is configured for a zone: I tested this with BIND 9.16_11. I can add or change records without issues while allow-updates is set to localnets. ... Max Leighton
04:03 PM pfSense Packages Bug #12533 (Resolved): extra rules incorrect input validation: Tested with Suricata 6.0.3_4. I was able to download and use extra ruleset with and without MD5 check selected. Marki... Max Leighton
03:25 PM Feature #12586: New widget for States: ToDo: Documentation would also need new Widget entry.
https://docs.netgate.com/pfsense/en/latest/monitoring/dashboard... Patrick Mueller
03:22 PM Feature #12586: New widget for States: Added PR: https://github.com/pfsense/pfsense/pull/4547 Patrick Mueller
03:19 PM Feature #12586 (Rejected): New widget for States: Allow to display current states on Dashboard via a small widget.
Common settings which are also available in diag_... Patrick Mueller
08:40 AM Bug #12585: ``rc.notify_message`` only sends notifications via SMTP: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/498 Viktor Gurov
08:39 AM Bug #12585 (Resolved): ``rc.notify_message`` only sends notifications via SMTP: /etc/rc.notify_message should use @notify_all_remote()@ to send messages via telegram/pushover/slack too Viktor Gurov
08:23 AM Bug #12584: ``rc.carpmaster`` only sends notifications via SMTP: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/497 Viktor Gurov
08:20 AM Bug #12584 (Resolved): ``rc.carpmaster`` only sends notifications via SMTP: /etc/rc.carpmaster uses @notify_via_smtp()@ to send the 'HA cluster member "(<iface>): (<iface_descr>)" has resumed C... Viktor Gurov
07:38 AM Todo #12556: Comply with current iteration standards when encrypting and decrypting configuration files: Viktor Gurov wrote in #note-3:
> Phil Wardt wrote in #note-2:
> > I added a note in github
> > Obviously, the curr... Phil Wardt
07:30 AM Todo #12556: Comply with current iteration standards when encrypting and decrypting configuration files: Viktor Gurov wrote in #note-3:
> Phil Wardt wrote in #note-2:
> > I added a note in github
> > Obviously, the curr... Phil Wardt
02:21 AM Todo #12556: Comply with current iteration standards when encrypting and decrypting configuration files: Viktor Gurov wrote in #note-3:
> Phil Wardt wrote in #note-2:
> > I added a note in github
> > Obviously, the current... Phil Wardt
07:26 AM Bug #12583 (Rejected): Static route overlap validation check: It's allowed to add a static route to a network's subnet/supernet used in the existing static route.
e.g.,
... Danilo Zrenjanin
07:05 AM Bug #12554 (Resolved): Route overlap input validation does not work properly: Tested against:... Danilo Zrenjanin
06:32 AM Feature #12290 (Resolved): Add ``librdkafka`` package to the pfSense package repository: Tested against:... Danilo Zrenjanin
06:18 AM Regression #12582: RADVD can be started on both HA nodes when configured with an IPv6 link-local address: Upstream issue: https://github.com/radvd-project/radvd/issues/162 znerol znerol
06:03 AM Regression #12582: RADVD can be started on both HA nodes when configured with an IPv6 link-local address: h3. Theory
It is in fact expected behavior that @radvd@ is starting on both hosts. @radvd@ is supposed to send RAs... znerol znerol
05:48 AM Regression #12582: RADVD can be started on both HA nodes when configured with an IPv6 link-local address: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/496 Viktor Gurov
05:33 AM Regression #12582 (Resolved): RADVD can be started on both HA nodes when configured with an IPv6 link-local address: If IPv6 link-local address is used as `rainterface`, the status of the CARP VIP is not checked (@get_carp_interfaces_... Viktor Gurov
05:47 AM Bug #12575 (Resolved): IPsec Mobile Client RADIUS Advanced parameters are not reset to default values when disabled: Tested against:... Danilo Zrenjanin
04:05 AM Bug #12572 (Resolved): Log entries from ``acbupload.php`` are missing the upload URL: I couldn't replicate the issue on the 2.5.2 release.
Here are the logs:... Danilo Zrenjanin
03:45 AM Regression #12581: Non Link-Local IPv6 CARP address does not get advertised to endpoints with RADVD: Just forgot the traceroute...
Command: tracert -d -6 www.google.com
Tracing route to www.google.com [2a00:1450:... Patrick U
03:38 AM Regression #12581: Non Link-Local IPv6 CARP address does not get advertised to endpoints with RADVD: Hi Viktor,
It did work with the previous version 2.5.0 as designed.
Just like with 2.5.0 and earlier version, I... Patrick U
02:17 AM Regression #12581: Non Link-Local IPv6 CARP address does not get advertised to endpoints with RADVD: Patrick U wrote:
> With feature #11103 a fix is made to exclude "AdvRASrcAddress" section in the RADVD.CONF file and... Viktor Gurov
03:08 AM Feature #12035 (Resolved): Input validation to prevent unsupported UTF-8 characters from being used in certificate subject components: Tested against:... Danilo Zrenjanin

12/10/2021

04:55 PM Feature #12091: RFE: Add support for sssd authentication: I was very disappointed to see that sssd disappeared from the pfSense repository. Is there any chance it could be ad... Orion Poplawski
12:57 PM pfSense Docs Correction #12578 (Closed): Invalid video links: I fixed it manually in the releng/v22.01 branch first then picked back to avoid potential merge conflicts. Jim Pingle
11:10 AM Regression #12581 (Resolved): Non Link-Local IPv6 CARP address does not get advertised to endpoints with RADVD: With feature #11103 a fix is made to exclude "AdvRASrcAddress" section in the RADVD.CONF file and use the IPv6 link-l... Patrick U
10:22 AM Feature #12184: GUI options to configure IKE retransmission behavior: Updating subject for release notes. Jim Pingle
10:21 AM Bug #12572: Log entries from ``acbupload.php`` are missing the upload URL: Updating subject for release notes. Jim Pingle
10:12 AM Bug #12572: Log entries from ``acbupload.php`` are missing the upload URL: Updating subject for release notes. Jim Pingle
10:20 AM Feature #12290: Add ``librdkafka`` package to the pfSense package repository: Updating subject for release notes. Jim Pingle
10:19 AM Feature #12518: Restore RRD and extra data from configuration backups when restoring during installation: Updating subject for release notes. Jim Pingle
10:18 AM Bug #12575: IPsec Mobile Client RADIUS Advanced parameters are not reset to default values when disabled: Updating subject for release notes. Jim Pingle
10:13 AM Bug #12566: IPsec initiates on HA backup node when a tunnel interface is set to a gateway group: Updating subject for release notes. Jim Pingle
09:54 AM Todo #12556: Comply with current iteration standards when encrypting and decrypting configuration files: Phil Wardt wrote in #note-2:
> I added a note in github
> Obviously, the current GUI will not be able to decode old... Viktor Gurov
09:07 AM Bug #11960: Gateway Monitoring Traffic Goes Out Default Gateway: Looks like a duplicate of #11570 Viktor Gurov
09:00 AM Bug #11692 (Pull Request Review): ``fixup_default_gateway()`` should not remove a default gateway managed by a dynamic routing daemon: Viktor Gurov
07:17 AM pfSense Docs Todo #12577 (Rejected): Feedback on pfSense Configuration Recipes — Virtualizing with Proxmox® VE: > - "Apply Configuration" after adding vmbr1 and vmbr2. You mention a reboot might be necessary, but in my experience... Jim Pingle
04:27 AM pfSense Plus Bug #12580 (Duplicate): IPsec Status - incorrect match: Duplicate of #11910 Viktor Gurov
04:08 AM pfSense Plus Bug #12580 (Duplicate): IPsec Status - incorrect match: Netgate XG-7100
Serial: 1916200092
Version: 21.05.2-RELEASE (amd64)
If you are using mutliple Routed IPsec tunne... Georgian Matei
01:28 AM Bug #12579 (Resolved): Utilize ``dnctl(8)`` to apply limiter changes without a filter reload: FreeBSD 12.3 introduced a new @dnctl(8)@ utility, which can be used to change limiter parameters without reloading fi... Viktor Gurov
01:21 AM Bug #12003: Pie and ``fq_pie`` are missing options and do not handle floating point number input correctly: Please create a pull request:
https://docs.netgate.com/pfsense/en/latest/development/pull-request.html Viktor Gurov

12/09/2021

11:35 PM pfSense Docs Correction #12578: Invalid video links: fix:
https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/26 Viktor Gurov
11:31 PM pfSense Docs Correction #12578 (Closed): Invalid video links: ... Viktor Gurov
06:47 PM pfSense Docs Todo #12577 (Rejected): Feedback on pfSense Configuration Recipes — Virtualizing with Proxmox® VE: *Page:* https://docs.netgate.com/pfsense/en/latest/recipes/virtualize-proxmox-ve.html
*Feedback:
Three main thi... David Reitz
06:39 PM Feature #12555 (Resolved): Change Gateway/Group name in firewall rule list to clickable link to edit page for the entry: fixed
link is working if GW is from DHCP
22.01.a.20211209.0600
2.6.0.a.20211209.0600
Alhusein Zawi

12/04/2021

07:36 PM pfSense Packages Feature #10859 (Resolved): Add avahi filtering feature to pfSense: Can confirm this is now in Avahi in the 2.5.2 repo. Closing as resolved. Kris Phillips
07:36 AM pfSense Packages Feature #10859: Add avahi filtering feature to pfSense: Avahi v2.2 when enabled with enable reflection selected provides text entry box for reflection filtering services and... Jordan G
07:25 PM Feature #12564: add column to show that an Alias is in use by or not: Yes
thats what i meant
khaled osama
06:13 PM Feature #12564: add column to show that an Alias is in use by or not: Can you clarify this please? Are you referring to an alias under Firewall --> Aliases? If so, these are just lists ... Kris Phillips
08:14 AM Feature #12564 (New): add column to show that an Alias is in use by or not: can you add column to show that an Alias is in used or not
and it is clickable to show where it is used ?
is it a... khaled osama
06:07 PM pfSense Packages Bug #11530 (Feedback): ntopng 4.2 needs to be updated to 4.3, Bug when accessing a host for details: Tested on pfSense CE 2.5.2. Unable to reproduce. I installed, enabled, and went to the ntopng web interface. After... Kris Phillips
04:50 PM pfSense Packages Bug #11530: ntopng 4.2 needs to be updated to 4.3, Bug when accessing a host for details: I'll have to spin up a 2.5.2 install of CE to test this, but pfSense CE 2.6.0 includes ntopng-5.0.d20210923,1, so sho... Kris Phillips
05:51 PM Bug #12543: Deleteing a Outbound NAT rule gave me an empty rule and displayed php error in UI.: what are steps to produce the issue?
I was not able to produce it , deleted duplicated outbound NAT rules withou... Alhusein Zawi
04:36 PM Bug #12544: OpenSSH vulnerabilities: Jim Pingle wrote in #note-2:
> You cannot go by version number alone. FreeBSD typically carries patches for known vu... Kris Phillips
02:37 PM pfSense Docs New Content #12565 (Closed): Document new "Duplicate Connection Limit" option on OpenVPN server instances: Feature from:
https://redmine.pfsense.org/issues/12267
Update:
https://docs.netgate.com/pfsense/en/latest/vpn/pe... Marcos M
02:34 PM Bug #12332: OpenVPN does not clear old Cisco-AVPair anchor rules in some cases: This is much better than what it was previously. There still exists a rare case in which stale anchor rules will pers... Marcos M
01:51 PM Feature #12555 (Resolved): Change Gateway/Group name in firewall rule list to clickable link to edit page for the entry: Tested in
22.01-DEVELOPMENT (amd64)
built on Sat Dec 04 06:21:33 UTC 2021
FreeBSD 12.3-PRERELEASE
The gateway... Max Leighton
01:38 PM Regression #12559 (Resolved): Firewall rule direction indicator is displayed on all interfaces: Tested on
2.6.0-DEVELOPMENT (amd64)
built on Sat Dec 04 06:23:51 UTC 2021
FreeBSD 12.3-PRERELEASE
The arrows ... Max Leighton
10:17 AM Todo #12296: Explicitly state where AutoConfigBackup stores encrypted backup data: Tested against:... Danilo Zrenjanin
08:18 AM pfSense Packages Feature #8574: Enable AgentX-support in lldpd using GUI: with lldpd v0.9.11 and net-snmp v0.1.5_9 installed, lldpd settings offers enable agentx option Jordan G
05:52 AM Feature #11118 (Resolved): Backup and restore SSH host key(s): Tested against today's release.
It works as expected.
Ticket resolved. Danilo Zrenjanin
04:44 AM Bug #12554 (Feedback): Route overlap input validation does not work properly: Merged Viktor Gurov
02:34 AM Bug #8390 (Resolved): Input validation does not prevent removing a gateway used by a DNS server: I tested against today's development release.
I got an error message and couldn't remove a gateway that was define... Danilo Zrenjanin

12/03/2021

03:56 PM Bug #12552: "Pull DNS" option within OpenVPN client does not cause pfSense to use DNS servers assigned by remote OpenVPN server: Viktor Gurov wrote in #note-11:
> These lines:
> https://github.com/pfsense/pfsense/blob/master/src/usr/local/sbin/... John Williams
02:34 PM Revision d297504c: Do not display direction indicator on the non-floating tabs. Fixes #12559: Viktor Gurov
02:33 PM Revision fe31d06f: Certificate fields input validation. Issue #12035: Viktor Gurov
02:21 PM Revision cd974f08: SNMP IPv6 support. Implements #12325: Viktor Gurov
02:21 PM Revision d6bbbf35: Input validation to prevent removing a gateway if it is still in use by DNS servers. Fixes #8390: Viktor Gurov
02:20 PM Revision dc22e511: Backup and Restore SSH Host Key(s). Feature #11118: Viktor Gurov
01:16 PM Revision 288d56a6: Revert "Make the pkg repo mirror_type and signature_type overridable": This reverts commit f887aab939556fd44080358011d8fe7fddfb2403. Renato Botelho
12:42 PM Regression #12559: Firewall rule direction indicator is displayed on all interfaces: Bug in a newly added feature since the last release, so it doesn't need a release notes entry. Jim Pingle
08:40 AM Regression #12559 (Feedback): Firewall rule direction indicator is displayed on all interfaces: Applied in changeset commit:d297504c66c7aa1284295e403e01eab900cbdcc8. Viktor Gurov
07:33 AM Regression #12559 (Pull Request Review): Firewall rule direction indicator is displayed on all interfaces: Jim Pingle
12:42 PM Bug #12498: Input validation error can unintentionally result in removal of PPP type interface settings: Updating subject for release notes. Jim Pingle
12:40 PM Bug #12141: Lack of DNS or Internet connectivity causes GUI to be slow: Updating subject for release notes. Jim Pingle
12:36 PM Feature #12480: Wake on LAN button to wake all devices: Updating subject for release notes. Jim Pingle
12:34 PM Todo #12501: Traffic shaper wizard default bandwidth type should be Mbit/s: Updating subject for release notes. Jim Pingle
12:33 PM Feature #12325: IPv6 support for base system SNMP service: Updating subject for release notes. Jim Pingle
08:30 AM Feature #12325 (Feedback): IPv6 support for base system SNMP service: Applied in changeset commit:cd974f0831977eb352dc7eaf389ec455368ecb33. Viktor Gurov
12:33 PM Feature #12555: Change Gateway/Group name in firewall rule list to clickable link to edit page for the entry: Updating subject for release notes. Jim Pingle
12:32 PM Bug #12500: Automatic outbound NAT for reflection does not support IPv6: Updating subject for release notes. Jim Pingle
12:31 PM Bug #12452: Port forward rules are not created for special networks (pppoe, openvpn): Updating subject for release notes. Jim Pingle
12:30 PM Bug #12514: Trying to delete an assigned PPPoE interface fails without printing an error message: Updating subject for release notes. Jim Pingle
12:29 PM Feature #11496: Support for NTP Peer mode: Updating subject for release notes. Jim Pingle
12:28 PM Regression #12550: PHP ``foreach`` error in IPsec status: This was a bug with new code added after the last release, so no need for it to be in the release notes. Jim Pingle
12:28 PM Bug #12472: IPsec Keep Alive does not work correctly with gateway groups in HA: This was an issue with a newly added feature, so it does not need to be in the release notes. Jim Pingle
12:27 PM Feature #12035: Input validation to prevent unsupported UTF-8 characters from being used in certificate subject components: Updating subject for release notes. Jim Pingle
08:58 AM Feature #12035 (Feedback): Input validation to prevent unsupported UTF-8 characters from being used in certificate subject components: Merged Viktor Gurov
12:26 PM Todo #12296: Explicitly state where AutoConfigBackup stores encrypted backup data: Updating subject for release notes. Jim Pingle
12:25 PM Todo #12093: Make AutoConfigBackup menu entry point to the settings tab so it loads faster when there is no WAN connectivity: Updating subject for release notes. Jim Pingle
12:22 PM Regression #12549: Per-user Mobile IPsec settings are not applied to connecting mobile clients: I was able to connect to an IKEv2 MSCHAPv2 mobile tunnel on 2.6.0 running this patch. My test client was Windows 10. ... Max Leighton
08:26 AM Regression #12549: Per-user Mobile IPsec settings are not applied to connecting mobile clients: I did some experiments on a few different styles/settings but so far haven't been able to get it to work any better t... Jim Pingle
07:51 AM Regression #12549: Per-user Mobile IPsec settings are not applied to connecting mobile clients: The debian client sends the username as the IKE ID, others do not. It's not a great data point given the relative rar... Jim Pingle
05:25 AM Regression #12549: Per-user Mobile IPsec settings are not applied to connecting mobile clients: but it doesn't work with the email id:... Viktor Gurov
03:27 AM Regression #12549: Per-user Mobile IPsec settings are not applied to connecting mobile clients: works fine on pfSense-2.6.0.a.20211130.0600 without patch:... Viktor Gurov
12:21 PM Feature #11118: Backup and restore SSH host key(s): Updating subject for release notes. Jim Pingle
08:58 AM Feature #11118 (Feedback): Backup and restore SSH host key(s): Merged Viktor Gurov
12:20 PM Bug #10662: Restoring from AutoConfigBackup presents reboot type selection option then reboots automatically: Updating subject for release notes. Jim Pingle
11:49 AM Bug #10662 (Resolved): Restoring from AutoConfigBackup presents reboot type selection option then reboots automatically: Re-tested on today's release.... Danilo Zrenjanin
11:19 AM Bug #12563: OpenVPN server doesn't support Framed-IPv6-Address RADIUS attribute: current PHP RADIUS implementation doesn't support IPv6 attributes:
https://www.php.net/manual/en/radius.constants.at... Viktor Gurov
10:40 AM Bug #12563 (New): OpenVPN server doesn't support Framed-IPv6-Address RADIUS attribute: it only supports Framed-IP-Address,
see https://github.com/pfsense/pfsense/blob/master/src/etc/inc/openvpn.auth-us... Viktor Gurov
11:13 AM pfSense Docs Correction #12284 (Closed): Feedback on Packages — OpenVPN Client Export Package: I updated this a few weeks ago: http://stage-v22.01.docs.netgate.com/pfsense/en/latest/packages/openvpn-client-export... Jim Pingle
11:01 AM pfSense Docs Todo #12415 (Rejected): Feedback on pfSense Configuration Recipes: The majority of that is for Windows and not OpenVPN. Doesn't seem like a great fit for our recipes. It's already diff... Jim Pingle
10:58 AM pfSense Docs Todo #12478 (Closed): Feedback on Virtual Private Networks — IPsec — Mobile IPsec — Choosing a Mobile IPsec Style: Jim Pingle
10:57 AM pfSense Docs Correction #12471 (Closed): AES-XCBC should not be recommended as PRF for IPsec: Jim Pingle
10:57 AM pfSense Docs New Content #9753 (Closed): Feedback on Installing and Upgrading — Writing Disk Images: Jim Pingle
10:54 AM pfSense Docs Correction #12562 (Closed): Feedback on Virtual Private Networks — IPsec — Routed IPsec (VTI): Link fixed and deployed:
releng/v22.01: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/c26b03d1996142df92c6... Jim Pingle
09:05 AM pfSense Docs Correction #12562 (Closed): Feedback on Virtual Private Networks — IPsec — Routed IPsec (VTI): *Page:* https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/routed-vti.html
*Feedback:*
Invalid video link:
... Viktor Gurov
10:43 AM pfSense Docs Todo #12496 (Closed): Feedback on Virtual Private Networks — OpenVPN — Controlling Client Parameters via RADIUS: Note added: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/6100fe1de5806251a008b7cb5b1a77631ac03ec7
http://... Jim Pingle
10:41 AM pfSense Docs Todo #12496: Feedback on Virtual Private Networks — OpenVPN — Controlling Client Parameters via RADIUS: see #12563 Viktor Gurov
09:55 AM pfSense Docs Correction #9370: Update old screenshots: I rewrote the OpenVPN recipe for routing Internet traffic across a VPN, which included taking care of a good chunk of... Jim Pingle
09:53 AM pfSense Docs Correction #11221 (Closed): Feedback on pfSense Configuration Recipes — Routing Internet Traffic Through A Site-To-Site OpenVPN Tunnel: I completely rewrote the doc because the vast majority of it was redundant, repeating things already covered by other... Jim Pingle
08:30 AM Bug #8390 (Feedback): Input validation does not prevent removing a gateway used by a DNS server: Applied in changeset commit:d6bbbf3544326efe4f4970406f1a5c476cedddcb. Viktor Gurov
07:47 AM Feature #12561 (Duplicate): Enable/Disable Selected Button for Rules: Duplicate of #2505 Jim Pingle
07:45 AM Feature #12561 (Duplicate): Enable/Disable Selected Button for Rules: Currently rules can be enabled or disabled 1 at time. It would be nice to have a button to enable/disable rules that ... Matthew Drury

12/02/2021

11:23 PM Regression #12559: Firewall rule direction indicator is displayed on all interfaces: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/482 Viktor Gurov
03:33 PM Regression #12559 (Resolved): Firewall rule direction indicator is displayed on all interfaces: Following the changes applied for this feature: https://redmine.pfsense.org/issues/12433
Rules with a direction ap... Steve Wheeler
11:04 PM Bug #12552: "Pull DNS" option within OpenVPN client does not cause pfSense to use DNS servers assigned by remote OpenVPN server: Michael Brennan wrote in #note-10:
> Viktor Gurov wrote in #note-9:
> > Workaround:
> > 1) cp /usr/local/sbin/pfSe... Viktor Gurov
04:28 PM Bug #12552: "Pull DNS" option within OpenVPN client does not cause pfSense to use DNS servers assigned by remote OpenVPN server: Viktor Gurov wrote in #note-9:
> Workaround:
> 1) cp /usr/local/sbin/pfSense-dhclient-script /usr/local/sbin/pfSens... John Williams
10:32 AM Bug #12552: "Pull DNS" option within OpenVPN client does not cause pfSense to use DNS servers assigned by remote OpenVPN server: Michael Brennan wrote in #note-8:
> Viktor Gurov wrote in #note-7:
> > What is the IPv4 Configuration Type for your... Viktor Gurov
08:14 AM Bug #12552: "Pull DNS" option within OpenVPN client does not cause pfSense to use DNS servers assigned by remote OpenVPN server: Viktor Gurov wrote in #note-7:
> What is the IPv4 Configuration Type for your WAN connection? If it's not "Static IP... John Williams
01:04 AM Bug #12552: "Pull DNS" option within OpenVPN client does not cause pfSense to use DNS servers assigned by remote OpenVPN server: Michael Brennan wrote in #note-2:
> Danilo Zrenjanin wrote in #note-1:
>
> > Can you confirm you enabled the *DNS... Viktor Gurov
04:25 PM Revision 2c21b4a4: Gateway / Gateway group edit on the firewall rules page. Implements #12555: Viktor Gurov
04:24 PM Revision b974b9d5: Add a note about the AutoConfig backup behavior. Implements #12296: Viktor Gurov
03:59 PM Revision a7644b40: Add repository key to list of saved files: Steve Beaver
03:26 PM Revision 15a4d4c0: Route overlap input validation fix. Issue #12554: Viktor Gurov
03:17 PM Bug #12558 (Rejected): Issue selecting Register DHCP static mappings in the DNS Resolver: I can't replicate this problem here and there is not enough information here to replicate the problem or determine a ... Jim Pingle
02:44 PM Bug #12558 (Rejected): Issue selecting Register DHCP static mappings in the DNS Resolver: I cant select this item. When I do, it hangs for a couple minutes and then says "The generated config file cannot be ... Cory Mckee
02:20 PM Todo #12556: Comply with current iteration standards when encrypting and decrypting configuration files: I added a note in github
Obviously, the current GUI will not be able to decode old backups Phil Wardt
08:25 AM Todo #12556: Comply with current iteration standards when encrypting and decrypting configuration files: For our own reference:
The man page doesn't state explicitly what the default number of iterations is, but it is s... Jim Pingle
07:35 AM Todo #12556 (Resolved): Comply with current iteration standards when encrypting and decrypting configuration files: I pushed a commit since this should be really and easy enhancement:
https://github.com/pfsense/pfsense/pull/4545
... Phil Wardt
01:29 PM Revision f3554a3c: IPsec status isset+is_array phase2 check. Fixes #12550: Viktor Gurov
10:59 AM pfSense Docs Correction #12557 (Closed): Feedback on DHCP — Using DHCP Search Domains on Windows DHCP Clients: Docs updated and deployed:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/008a719ea403db11b0df79f9de69f25bc... Jim Pingle
08:11 AM pfSense Docs Correction #12557 (Closed): Feedback on DHCP — Using DHCP Search Domains on Windows DHCP Clients: *Page:* https://docs.netgate.com/pfsense/en/latest/services/dhcp/client-search-domain.html
The documentation here ... Patrick .
10:35 AM Feature #12555 (Feedback): Change Gateway/Group name in firewall rule list to clickable link to edit page for the entry: Applied in changeset commit:2c21b4a44f383cdfe2c82de113671daa210a693a. Viktor Gurov
10:18 AM Feature #12555 (Pull Request Review): Change Gateway/Group name in firewall rule list to clickable link to edit page for the entry: Jim Pingle
08:46 AM Feature #12555: Change Gateway/Group name in firewall rule list to clickable link to edit page for the entry: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/481 Viktor Gurov
07:24 AM Feature #12555 (Resolved): Change Gateway/Group name in firewall rule list to clickable link to edit page for the entry: It would be useful to allow to click the gateway/gwgroup name for editing on the Firewall / Rules page,
in the same ... Viktor Gurov
10:35 AM Todo #12296 (Feedback): Explicitly state where AutoConfigBackup stores encrypted backup data: Applied in changeset commit:b974b9d52f3f8eab69a077bb25ffd79345ffeb4d. Viktor Gurov
08:00 AM Todo #12296 (Pull Request Review): Explicitly state where AutoConfigBackup stores encrypted backup data: Jim Pingle
03:19 AM Todo #12296: Explicitly state where AutoConfigBackup stores encrypted backup data: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/479 Viktor Gurov
10:25 AM pfSense Packages Regression #12476: Suricata 6.0.3_3 Pass List ignores all single IPs: As far as feedback from me, I had posted in the forum thread but apparently not here. Manually making the code chang... Steve Y
02:52 AM pfSense Packages Regression #12476 (Feedback): Suricata 6.0.3_3 Pass List ignores all single IPs: Merged Viktor Gurov
09:38 AM Regression #12550 (Feedback): PHP ``foreach`` error in IPsec status: Applied in changeset commit:f3554a3cf7d96888ead723b5ad7c3c86e327d2a8. Viktor Gurov
08:03 AM Regression #12550 (Pull Request Review): PHP ``foreach`` error in IPsec status: Jim Pingle
07:30 AM Regression #12550: PHP ``foreach`` error in IPsec status: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/480 Viktor Gurov
07:47 AM Feature #12035 (Pull Request Review): Input validation to prevent unsupported UTF-8 characters from being used in certificate subject components: Jim Pingle
01:34 AM Feature #12035: Input validation to prevent unsupported UTF-8 characters from being used in certificate subject components: do input validation to prevent from using UTF8 characters:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_reques... Viktor Gurov
07:38 AM Bug #12554 (Pull Request Review): Route overlap input validation does not work properly: Jim Pingle
12:53 AM Bug #12554: Route overlap input validation does not work properly: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/477 Viktor Gurov
12:27 AM Bug #12554 (Resolved): Route overlap input validation does not work properly: Route overlap input validation doesn't work after https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/342 fix Viktor Gurov
07:35 AM Regression #12549: Per-user Mobile IPsec settings are not applied to connecting mobile clients: Danilo Zrenjanin wrote in #note-4:
> With or without the patch applied, I couldn't establish a connection with the s... Jim Pingle
04:07 AM Regression #12549: Per-user Mobile IPsec settings are not applied to connecting mobile clients: Tested against:... Danilo Zrenjanin
03:21 AM Bug #11759: Traffic graphs on dashboard double upload on pppoe links: no such issue on 22.01.a.20211130.0600
Traffic graphs show the correct speed Viktor Gurov
02:51 AM Regression #12382: Certificate Depth checking creates OpenVPN micro-outages every time a user authenticates after 2.5.2 upgrade: Jens Groh wrote in #note-9:
> > > Is there an ETA on the fix for this ? We have a support contract.
> >
> > #1182... Viktor Gurov
02:04 AM Regression #12382: Certificate Depth checking creates OpenVPN micro-outages every time a user authenticates after 2.5.2 upgrade: > > Is there an ETA on the fix for this ? We have a support contract.
>
> #11829 is in Feedback and per the previo... Jens Groh
02:46 AM Bug #10662: Restoring from AutoConfigBackup presents reboot type selection option then reboots automatically: Tested against:... Danilo Zrenjanin

12/01/2021

11:38 PM Bug #11599: Modifying static routes results in a logged error, changes are not reflected in routing table: Alhusein Zawi wrote in #note-6:
> I added a static route 192.168.254.0/24 ,the route is added to routing table.
>
... Viktor Gurov
10:34 PM Bug #11599: Modifying static routes results in a logged error, changes are not reflected in routing table: I added a static route 192.168.254.0/24 ,the route is added to routing table.
after modifying it to be 192.0.0.0... Alhusein Zawi
06:19 PM Feature #12553 (New): Auto Config Backup: Allow selecting multiple backups for deletion: Currently backups can only be deleted individually. 100 backups are stored so you may want to remove a significant nu... Steve Wheeler
01:58 PM pfSense Packages Feature #9833: ACME: add ability to use custom ACME server: + 1 for this as well. This is critical for proper security in a homelab in 2021+ Invalid certs aren't cool and make... Manny Tew
01:44 PM Revision a5a4cf87: move firewall functions to include file: Trevor Kerr
01:36 PM Bug #12552: "Pull DNS" option within OpenVPN client does not cause pfSense to use DNS servers assigned by remote OpenVPN server: @Danilo however these appear right after that PUSH:... John Williams
01:33 PM Bug #12552: "Pull DNS" option within OpenVPN client does not cause pfSense to use DNS servers assigned by remote OpenVPN server: Danilo Zrenjanin wrote in #note-4:
> Can you confirm you're getting DNS-related Push control messages from the OpenV... John Williams
01:30 PM Bug #12552: "Pull DNS" option within OpenVPN client does not cause pfSense to use DNS servers assigned by remote OpenVPN server: Can you confirm you're getting DNS-related Push control messages from the OpenVPN server (Status -> System Logs -> Op... Danilo Zrenjanin
11:38 AM Bug #12552: "Pull DNS" option within OpenVPN client does not cause pfSense to use DNS servers assigned by remote OpenVPN server: Also, the DNS Resolution Mode is set to "Use local DNS (127.0.0.1), fall back to remote DNS Servers (Default)". John Williams
11:37 AM Bug #12552: "Pull DNS" option within OpenVPN client does not cause pfSense to use DNS servers assigned by remote OpenVPN server: Danilo Zrenjanin wrote in #note-1:
> Can you confirm you enabled the *DNS Server Override* option under *System/Ge... John Williams
11:28 AM Bug #12552: "Pull DNS" option within OpenVPN client does not cause pfSense to use DNS servers assigned by remote OpenVPN server: Michael Brennan wrote:
> I have an OpenVPN client setup to connect to ExpressVPN. ExpressVPN does not provide stati... Danilo Zrenjanin
11:19 AM Bug #12552 (New): "Pull DNS" option within OpenVPN client does not cause pfSense to use DNS servers assigned by remote OpenVPN server: I have an OpenVPN client setup to connect to ExpressVPN. ExpressVPN does not provide static DNS servers for use with... John Williams
01:19 PM Bug #12547: unsheduled system reboot/crash: I found the panicking instruction:
0xffffffff80eebdf2 <+418>: mov (%rcx),%rcx ... Mateusz Guzik
01:14 PM Revision 9b83e6fb: Do not show the pulldown menu when rebooting after restoring AutoConfigBackup. Fixes #10662: Viktor Gurov
11:18 AM Feature #12551 (New): Add ability to set DNS resolver search domain list: As it exists right now, the Domain set in System > General is added as a search domain in /etc/resolv.conf.
It wou... Chris Linstruth
11:08 AM Bug #7547 (Resolved): Static routes using aliases are not automatically updated when alias content changes: Tested against:... Danilo Zrenjanin
10:05 AM Regression #12550 (Resolved): PHP ``foreach`` error in IPsec status: In rare occasions I have hit a PHP error from the IPsec status page, though I haven't managed to replicate it on dema... Jim Pingle
08:52 AM Feature #11895 (Resolved): Require user to manually apply changes after altering static route entries: Tested against:... Danilo Zrenjanin
07:25 AM Bug #10662 (Feedback): Restoring from AutoConfigBackup presents reboot type selection option then reboots automatically: Applied in changeset commit:9b83e6fb838f16ba2d1d1e10d79129d4c0b696c3. Viktor Gurov
06:56 AM Regression #12549: Per-user Mobile IPsec settings are not applied to connecting mobile clients: It would apply against the current 2.6.0 code base, and not older versions. Jim Pingle
06:53 AM Regression #12549: Per-user Mobile IPsec settings are not applied to connecting mobile clients: I couldn't add that patch.... Danilo Zrenjanin
04:43 AM pfSense Packages Bug #12506 (Feedback): Only selected instance is restarted on suppress list change: PR has been merged. Thanks! Renato Botelho
04:43 AM pfSense Packages Bug #12533 (Feedback): extra rules incorrect input validation: PR has been merged. Thanks! Renato Botelho
02:15 AM pfSense Packages Bug #11182: NRPE in HA syncs the bind IP: On top of the listening IP it might be a problem for the NRPE items being synced, too.
I have e.g. on the master a p... Pim Pish

11/30/2021

04:46 PM Revision f88e9309: Parse cert by passing index rather than cert.: Steve Beaver
03:20 PM Revision cd9c8e55: Initial refactoring of system_certmanager: Steve Beaver
03:07 PM Revision 6a23e65d: Remove AUTH_NIS from www/squid since we set WITHOUT_NIS in src.conf: Brad Davis
03:05 PM Revision f887aab9: Make the pkg repo mirror_type and signature_type overridable: This will be used in a future commit to install from a local dir for CI
builds. Brad Davis
11:55 AM Regression #12549: Per-user Mobile IPsec settings are not applied to connecting mobile clients: Diff attached. The commit is on a private branch at https://gitlab.netgate.com/pfSense/pfSense/-/commit/2119d125f008d... Jim Pingle
11:52 AM Regression #12549 (New): Per-user Mobile IPsec settings are not applied to connecting mobile clients: Not sure when this regressed but it looks like the connection matching in strongSwan is different now than it used to... Jim Pingle

11/29/2021

01:05 PM Bug #7547 (Feedback): Static routes using aliases are not automatically updated when alias content changes: Applied in changeset commit:332052b8bd2a5d35662be2dba773b7a9f0d50681. Viktor Gurov
01:05 PM Feature #11895 (Feedback): Require user to manually apply changes after altering static route entries: Applied in changeset commit:332052b8bd2a5d35662be2dba773b7a9f0d50681. Viktor Gurov
01:05 PM Bug #11599 (Feedback): Modifying static routes results in a logged error, changes are not reflected in routing table: Applied in changeset commit:332052b8bd2a5d35662be2dba773b7a9f0d50681. Viktor Gurov
09:05 AM Bug #12547 (Feedback): unsheduled system reboot/crash: This is not a general problem but one specific to your install or environment.
The backtrace in both cases is iden... Jim Pingle
09:00 AM Bug #12373 (Resolved): Update mpd5 to address vulnerabilities in < 5.9_2: Jim Pingle
09:00 AM Bug #12544: OpenSSH vulnerabilities: You cannot go by version number alone. FreeBSD typically carries patches for known vulnerabilities that don't bump th... Jim Pingle
08:47 AM Feature #12397 (Resolved): Distinguish between policy-based and route-based entries on IPsec status SPD tab: The @scope@ value is there it's just not called @scope@, that's what you see differentiating between VTI and tunnel m... Jim Pingle
08:36 AM Bug #12548: Kernel panic in ``nd6_dad_timer()``: Fixed review link in description to be https://reviews.freebsd.org/D32811
Mateusz said he'll look into it. Jim Pingle
08:20 AM Bug #12548 (Resolved): Kernel panic in ``nd6_dad_timer()``: I've hit this on my edge twice now on 22.01 snapshots but I don't have a lead on a cause yet. The panics happened a w... Jim Pingle
08:28 AM pfSense Packages Feature #10462 (Pull Request Review): CPU Temp Screen: Jim Pingle

11/28/2021

02:10 PM Bug #11296: Static route targets may still reachable via default route when the gateway they should route through is down: Thank you for reporting this issue, I have a very similar problem. In my case, I added a static route that goes throu... Jocelyn Viau
10:02 AM Feature #12248: Package Update Availability Notification: Things to consider:
* Handle cases where the installed package is newer than the available package. See @pkg_version_... Marcos M
08:03 AM Bug #12547: unsheduled system reboot/crash: Not every time !!!
after 45 minutes i have a succesfull result
Evgeny Korostelev
07:19 AM Bug #12547 (Feedback): unsheduled system reboot/crash: pfSense Community Edition 2.5.2
Try navigate to menu "Diagnostics" -> "Routes"
Then system crash/reboot, and after ... Evgeny Korostelev
04:13 AM Bug #12373: Update mpd5 to address vulnerabilities in < 5.9_2: pfSense 22.01.a.20211128.0600 uses mpd5-5.9_4 Viktor Gurov

11/27/2021

05:36 PM pfSense Plus Feature #12546 (New): Add 2FA Support to pfSense Plus Local Database Authentication: To eliminate the reliance on unsupported packages like freeRADIUS for making this work, we should add the capability ... Kris Phillips
05:31 PM Regression #12382: Certificate Depth checking creates OpenVPN micro-outages every time a user authenticates after 2.5.2 upgrade: Joao Assad wrote in #note-7:
> So this bug is affecting us too. We need to route all our VPN clients traffic through... Kris Phillips
05:28 PM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server: Viktor Gurov wrote in #note-2:
> openvpn(8):
> [...]
Since the option needs to be on both client and server, we ... Kris Phillips
05:23 PM Bug #12544: OpenSSH vulnerabilities: pfSense CE 2.6.0 and pfSense Plus 22.01 have OpenSSH-7.9p1 so they are also affected by this. Kris Phillips
02:24 PM Feature #12397: Distinguish between policy-based and route-based entries on IPsec status SPD tab: It seems this has made it into images, because I test and see some of this functionality.
Tested in:
2.6.0-DEV... Max Leighton
01:37 PM Feature #11935 (Resolved): Log external IP address of OpenVPN clients on connect and disconnect: Tested in:
2.6.0-DEVELOPMENT (amd64)
built on Sat Nov 27 06:23:02 UTC 2021
FreeBSD 12.3-PRERELEASE
In my test... Max Leighton

11/26/2021

09:36 PM pfSense Plus Bug #12545 (Not a Bug): /etc/inc/led.inc functions are not doing the right thing on 6100: At various points of the boot process, the LEDs are supposed to flash with different patterns to indicate stages of b... → luckman212

11/25/2021

07:30 PM Revision 332052b8: Static routes handling update. Fixes #11599 #11895 #7547: * Confirmation box to apply static routes add/route/change
* Reloading routes using aliases after changing the alias
... Viktor Gurov
10:57 AM Bug #12544 (Closed): OpenSSH vulnerabilities: openssh version on pfSense 2.5.2/21.05.2 is vulnerable to:
https://www.cvedetails.com/cve/CVE-2019-16905/
https://w... Viktor Gurov
10:40 AM Bug #12543: Deleteing a Outbound NAT rule gave me an empty rule and displayed php error in UI.: There's a horrible spelling mistake in the title but I can't edit.. Sorry! C J
10:38 AM Bug #12543 (Closed): Deleteing a Outbound NAT rule gave me an empty rule and displayed php error in UI.: When managing Outbound NAT rules
I managed to remove a duplicate rule
Which gave me the following error:... C J
08:26 AM Feature #12116 (Resolved): Support DNS server gateway selection on ``system.php`` for multiple gateways not assigned to interfaces: Tested against:... Danilo Zrenjanin
01:41 AM Bug #12542 (New): Cannot assign a same IPv6 Link-Local address to different interfaces: Hello,
I cannot assign a same IPv6 Link-local address to 2 different interface. (through Virtual IPs in the web in... Bertrand C
01:32 AM pfSense Packages Feature #10462: CPU Temp Screen: Request of feature to be implemented: https://github.com/pfsense/FreeBSD-ports/pull/1125 Geo Rou

11/24/2021

03:10 PM pfSense Packages Bug #11530: ntopng 4.2 needs to be updated to 4.3, Bug when accessing a host for details: upvote for this.
P.s. Also don't know what happen with pfsense repo, but installing ntopng from scratch with versi... DRago_Angel [InV@DER]
03:05 PM Revision 47e079f6: Support DNS server gateway selection on ``system.php`` for multiple gateways not assigned to interfaces. Implements #12116: Viktor Gurov
02:51 PM pfSense Docs Correction #9370: Update old screenshots: I started updating the OpenVPN+RADIUS via AD recipe. The existing recipe contained almost entirely redundant inform... Jim Pingle
11:03 AM Regression #11545: Primary interface address is not always used when VIPs are present: Sorry, new installs on SG2100's and XG7100's, 1 or 2 have been upgraded from 21.05 to 21.05.1 but same issue on all. Dan Edwards
10:54 AM Regression #11545: Primary interface address is not always used when VIPs are present: I was just bit by this again this morning. Every reboot. Very frustrating. Steve, if you need any information on the ... Denny Page
10:20 AM Regression #11545: Primary interface address is not always used when VIPs are present: To clarify, are these new installs, or upgrades? What platform (e.g. AWS)? And yes, try reproducing it and just click... Marcos M
08:49 AM Regression #11545: Primary interface address is not always used when VIPs are present: Also have the same issue on 21.05.1 on every install in 2 different scenarios. Scenario 1 WAN interface has /29 using... Dan Edwards
10:25 AM Feature #12267 (Resolved): OpenVPN option to limit concurrent connections per user: Tested, looks good. Marcos M
03:04 AM Feature #12267 (Feedback): OpenVPN option to limit concurrent connections per user: Merged Viktor Gurov
09:15 AM Feature #12116 (Feedback): Support DNS server gateway selection on ``system.php`` for multiple gateways not assigned to interfaces: Applied in changeset commit:47e079f67f31111a5d5b9e9819ded07438b68b94. Viktor Gurov
07:18 AM Todo #12511 (Resolved): Add note in log settings that disabling logging also disables ``sshguard`` login protection: Jim Pingle
04:41 AM Todo #12511: Add note in log settings that disabling logging also disables ``sshguard`` login protection: Tested against:... Danilo Zrenjanin
03:04 AM Todo #12511 (Feedback): Add note in log settings that disabling logging also disables ``sshguard`` login protection: Merged Viktor Gurov
04:53 AM Feature #9439 (Resolved): Poll Interval For GPS and PPS: Tested against:... Danilo Zrenjanin
04:21 AM pfSense Packages Feature #11210: 3rd party rulesets: Marcos Mendoza wrote in #note-4:
> Tested fine here. Only issue I see is the @Delete@ button will remove the @Check ... Viktor Gurov
12:25 AM Feature #11496: Support for NTP Peer mode: works as expected on 2.6.0.a.20211123.0600
but I don't see this option on 22.01.a.20211122.0600 Viktor Gurov

11/23/2021

07:23 PM Bug #11829: OpenVPN client certificate validation with OCSP always fails: Konstantin Panchenko wrote in #note-7:
> Renato Botelho wrote:
> > PR has been merged. Thanks!
>
> I'm not sure... Marcos M
06:21 PM Revision 04fbf68c: Update enableallowallwan to only include shaper.inc once.: Christian McDonald
02:53 PM Revision 535bba02: Hide the Duplicate Connection Limit input field until the Duplicate Connection check box is ticked. Issue #12267: Viktor Gurov
07:40 AM Bug #12541 (Rejected): IPsec remote side connection fails with: no maching peer if peer identifier is set to Any: Unable to reproduce, tunnels connect OK with peer ID = any here. This is likely a configuration error but may also be... Jim Pingle
04:58 AM Bug #12541: IPsec remote side connection fails with: no maching peer if peer identifier is set to Any: Setting the peer id to their remote gateway IP, is also not working
!clipboard-202111231157-2pp5e.png!
M. Pietersma
04:53 AM Bug #12541 (Rejected): IPsec remote side connection fails with: no maching peer if peer identifier is set to Any: It's currently a issue in version 2.5.2, can't test it in 2.6, because of a production status firewall.
IPsec betw... M. Pietersma
04:55 AM Bug #12455 (Resolved): Captive Portal online user statistics data is not cleared on unclean shutdown: Danilo Zrenjanin
04:55 AM Bug #12455: Captive Portal online user statistics data is not cleared on unclean shutdown: Tested against:... Danilo Zrenjanin
04:12 AM Bug #12539: Changing VLAN ID for LAN interface in assignments silently fails.: Chris Collins wrote:
>
> If you need the specifics, I will retest it and get you the specific log output.
Pleas... Viktor Gurov
01:35 AM Bug #12529 (Resolved): Interface group name starting with a digit creates invalid XML for rule separators: Tested against:... Danilo Zrenjanin

11/22/2021

05:08 PM Revision b58cb30a: Interface Groups start digit input validation. Fixes #12529: Viktor Gurov
05:07 PM Revision 76902a1a: Allow to select 3 (8s) NTP min poll value. Implements #9439: Viktor Gurov
03:28 PM pfSense Docs Correction #12540 (Duplicate): Feedback on pfSense Configuration Recipes — WireGuard Site-to-Site VPN Configuration Example: *Page:* https://docs.netgate.com/pfsense/en/latest/recipes/wireguard-s2s.html
*Feedback:*
1) In the network diagr... James Com
03:15 PM pfSense Docs Correction #9370: Update old screenshots: Updated OpenVPN RA doc and its screenshots:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/0f0d3085838d083a... Jim Pingle
03:01 PM Revision aa8af662: Fix typo: Jim Pingle
11:15 AM Bug #12529 (Feedback): Interface group name starting with a digit creates invalid XML for rule separators: Applied in changeset commit:b58cb30a0881a221c9c5ff1eb5752ac0660271b9. Viktor Gurov
08:20 AM Bug #12529 (Pull Request Review): Interface group name starting with a digit creates invalid XML for rule separators: Jim Pingle
11:15 AM Feature #9439 (Feedback): Poll Interval For GPS and PPS: Applied in changeset commit:76902a1a62bd2785c23fd87d34c9388ef4ebaa00. Viktor Gurov
08:38 AM Feature #9439 (Pull Request Review): Poll Interval For GPS and PPS: Jim Pingle
08:59 AM Bug #7096 (Feedback): Unbound fails to start on boot if specific network devices are configured in the "Network Interfaces": Jim Pingle
08:51 AM Bug #12537 (Rejected): IPsec -> Advanced Settings not working: PHP Fatal error: Jim Pingle
08:34 AM Feature #12267 (Pull Request Review): OpenVPN option to limit concurrent connections per user: Jim Pingle
08:32 AM Bug #4637 (Closed): system unreachable after deleting VLAN: Jim Pingle
08:26 AM Bug #12440 (Pull Request Review): Zero-value prefix IPv6 addresses are mishandled: Jim Pingle
08:18 AM Feature #12116 (Pull Request Review): Support DNS server gateway selection on ``system.php`` for multiple gateways not assigned to interfaces: Jim Pingle
05:38 AM Bug #12095: Memory leak in pcscd: pcscd bugreport:
https://github.com/LudovicRousseau/PCSC/issues/55 Viktor Gurov

11/21/2021

12:02 PM Bug #7547: Static routes using aliases are not automatically updated when alias content changes: See notes on #11599. Marcos M
12:02 PM Feature #11895: Require user to manually apply changes after altering static route entries: See notes on #11599. Marcos M
11:58 AM Bug #11599: Modifying static routes results in a logged error, changes are not reflected in routing table: Tested this on @22.01.a.20211108.0600@.
* Deleting a static route does not prompt for an "Apply Changes" confirmatio... Marcos M
09:14 AM Bug #7096: Unbound fails to start on boot if specific network devices are configured in the "Network Interfaces": Should be fixed in #11087 and #11547
Could you retest with the latest stable version? Viktor Gurov
09:09 AM Bug #12539: Changing VLAN ID for LAN interface in assignments silently fails.: I saw the same issue on 22.01.a.20211119.0600, with the same workaround, but couldn't reproduce again
I think some... Viktor Gurov
08:48 AM Bug #12539 (New): Changing VLAN ID for LAN interface in assignments silently fails.: Hi
Recently I changed my VLAN ID that I use for my LAN interface, this was to follow advice given to me a long tim... Chris Collins
04:18 AM Bug #12537 (Closed): IPsec -> Advanced Settings not working: PHP Fatal error: Viktor Gurov
03:17 AM Bug #12537: IPsec -> Advanced Settings not working: PHP Fatal error: Sorry, it has been a problem in globals.inc, a custom modification caused the failure, I'm sorry for your time waste ... Guillermo Martínez
12:14 AM Feature #9439: Poll Interval For GPS and PPS: ntp.conf(5):... Viktor Gurov

11/20/2021

11:40 PM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server: openvpn(8):... Viktor Gurov
11:37 PM Feature #12267: OpenVPN option to limit concurrent connections per user: Max Leighton wrote in #note-5:
> It works. After setting the duplicate connection limit, any connections over the l... Viktor Gurov
04:52 PM Feature #12267: OpenVPN option to limit concurrent connections per user: Tested with
2.6.0-DEVELOPMENT (amd64)
built on Sat Nov 20 06:21:37 UTC 2021
FreeBSD 12.3-PRERELEASE
It works... Max Leighton
11:25 PM Bug #12536: Setting a default gateway of "None" does not remove the default gateway from the routing table: removing the default gateway, if set to 'none', may result in the removal of the route of dynamic routing protocols
... Viktor Gurov
12:59 PM Bug #12536 (Resolved): Setting a default gateway of "None" does not remove the default gateway from the routing table: selecting Default gateway as NONE should remove the default route from routing table.
making default GW as "NONE... Alhusein Zawi
11:08 PM Bug #12537: IPsec -> Advanced Settings not working: PHP Fatal error: Unable to reproduce it on 2.5.2 VM clean install
Where did you download the pfSense image? Viktor Gurov
04:37 PM Bug #12537: IPsec -> Advanced Settings not working: PHP Fatal error: Hi, I don't do anything special, I just access IPsec -> Advanced settings and get this error (see attached image), an... Guillermo Martínez
03:31 PM Bug #12537: IPsec -> Advanced Settings not working: PHP Fatal error: Hello,
I'm not able to reproduce this in 2.5.2. What specific steps are you doing to cause this error? Kris Phillips
01:55 PM Bug #12537 (Rejected): IPsec -> Advanced Settings not working: PHP Fatal error: On every pfSense 2.5.2 box I'm getting:
Fatal error: Uncaught TypeError: Argument 4 passed to Form_Select::__constru... Guillermo Martínez
09:44 PM pfSense Packages Bug #12538 (New): PIMD sub-interface bug: Hello,
I am running into a bug with PIMD. Running latest stable 2.5.2 virtual pfsense in ESXi.
I have two pfsens... Joe Janning
09:02 PM Bug #4637: system unreachable after deleting VLAN: Kindly see my previous comment where I already asked that it be closed with "can't reproduce" as the reason/status. Adam Thompson
04:41 PM Bug #4637: system unreachable after deleting VLAN: This bug should be marked as Incomplete as it's no longer relevant and very old. Kris Phillips
03:47 PM Bug #12434: Multiple cURL Vulnerabilities: cURL has been updated to 7.79.1 on pfSense CE as well. Both pfSense Plus 22.10 and pfSense 2.6.0 CE have fixes for t... Kris Phillips
01:44 PM Bug #11296: Static route targets may still reachable via default route when the gateway they should route through is down: Static route is still reachable while WAN gateway is Marked Gateway as Down.
22.01.a.20211120.0600 Alhusein Zawi
11:37 AM Bug #12452 (Resolved): Port forward rules are not created for special networks (pppoe, openvpn): Tested in
2.6.0-DEVELOPMENT (amd64)
built on Sat Nov 20 06:21:37 UTC 2021
FreeBSD 12.3-PRERELEASE
Input valid... Max Leighton
10:44 AM Todo #12093: Make AutoConfigBackup menu entry point to the settings tab so it loads faster when there is no WAN connectivity: Tested in
2.6.0-DEVELOPMENT (amd64)
built on Sat Nov 20 06:21:37 UTC 2021
FreeBSD 12.3-PRERELEASE
The landing... Max Leighton
09:39 AM Bug #12440: Zero-value prefix IPv6 addresses are mishandled: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/469
example:
fw rule on IPv6 interface with fc00:88... Viktor Gurov
03:31 AM pfSense Packages Bug #12506: Only selected instance is restarted on suppress list change: fix:
https://github.com/pfsense/FreeBSD-ports/pull/1124 Viktor Gurov
02:41 AM Bug #12529: Interface group name starting with a digit creates invalid XML for rule separators: input validation improvements:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/468 Viktor Gurov

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

12/19/2021

12/18/2021

12/17/2021

12/16/2021

12/15/2021

12/14/2021

12/13/2021

12/11/2021

12/10/2021

12/09/2021

12/08/2021

12/07/2021

12/06/2021

12/05/2021

12/04/2021

12/03/2021

12/02/2021

12/01/2021

11/30/2021

11/29/2021

11/28/2021

11/27/2021

11/26/2021

11/25/2021

11/24/2021

11/23/2021

11/22/2021

11/21/2021

11/20/2021