Project

General

Profile

Activity

From 12/24/2021 to 01/22/2022

01/22/2022

07:16 PM pfSense Plus Feature #12534: Generate a ISO Image for Remote Restore of pfSense Plus on the XG-1537 and 1541 units with IPMI
Will we be building an image for this for 22.01 or just using the generic amd64 ISO? Kris Phillips
06:06 PM Revision 4d2396e8: Revert clearing custom repo on boot
(cherry picked from commit 2368c2cf715d1fa7455fcc65b55e5cd96d4a21ca) Steve Beaver
06:04 PM Revision 2368c2cf: Revert clearing custom repo on boot
Steve Beaver
04:49 PM Bug #12680: Typo in the warning text
typographical error is not present in 22.05-DEVELOPMENT (amd64) built on Mon Jan 17 06:17:15 UTC 2022 Jordan G
03:26 PM Feature #12714: Show ``Inactive`` for Hardware Crypto output instead of empty field on System Information dashboard widget when nothing can be accelerated
@jimp it was a 1-line PR so I just went ahead...
https://github.com/pfsense/pfsense/pull/4553 → luckman212

01/21/2022

09:16 PM Bug #7329: DHCP Not Updating DNS
No, the MAC address is static. The IP Space in this case was approximately 50, and there were only 2-3 clients on th... Jon Noren
09:12 PM Bug #8151 (Resolved): Changing name on a gateway is not allowed

copy GW option is added.
use copy GW option, change the name and save, then delete unwanted GW from GW list. Alhusein Zawi
08:46 PM Bug #12712: Errors bring down the system
This is the result of ip aggregation. Duplicates should be removed.
Attachment file updated. yon Liu
07:52 AM Bug #12712 (Not a Bug): Errors bring down the system
I can't replicate this at all, but your two files have numerous overlapping networks which is invalid. Input validati... Jim Pingle
05:37 AM Bug #12712: Errors bring down the system
One of the reasons for the problem is that if many static routes are added to the settings, the pf2.6 system will cra... yon Liu
03:39 AM Bug #12712 (Not a Bug): Errors bring down the system
!https://i.imgur.com/icMXbjY.jpg! yon Liu
06:27 PM Revision 9ee4bec4: Revert "Move custom repo removal code to a better location in rc.reboot"
This reverts commit e696b0868a495af4f19505b8261f25d6604adc8d. Glen Barber
06:24 PM Revision 88e8de2c: Revert "Move custom repo removal code to a better location in rc.reboot"
This reverts commit e696b0868a495af4f19505b8261f25d6604adc8d Steve Beaver
05:19 PM pfSense Packages Bug #12705: IPsec Profile Wizard/Apple: IKEv2 VPN with ECDSA server certificate does not connect using generated profile
So my CA was created as follows:
- descriptive name: `MyCo IPSec CA`
- method: `create an internal CA`
- Trust S... Sean McBride
03:36 PM Bug #12715 (New): Long system startup time when LDAP is configured and unavailable during startup.
# Currently if LDAP is unavailable at system startup, several LDAP queries have to timeout before the system will pro... Christian McDonald
03:30 PM Revision d3217d85: Correct PHP syntax error. Fixes #12713
(cherry picked from commit f73ace96e837ca2f0957a5fafe5794e033231c2e) Jim Pingle
02:24 PM Feature #7416: DHCPv4 client does not support ``supersede`` statement for option 54
Updating subject for release notes. Jim Pingle
02:20 PM Revision f73ace96: Correct PHP syntax error. Fixes #12713
Jim Pingle
01:38 PM pfSense Packages Feature #12281 (New): Add support for Telegram/Pushover notifications
NUT tries to send notifications from an unprivileged user and can't do so because of the permissions on @/var/db/noti... Jim Pingle
12:55 PM Regression #12688 (Resolved): pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600
Thanks for following up! Jim Pingle
12:06 PM Regression #12688: pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600
Hello, I week ago PPPOE WAN did not work (I did report that in the forum). Today I felt comfortable enough to try the... Louis B
12:46 PM Feature #12714: Show ``Inactive`` for Hardware Crypto output instead of empty field on System Information dashboard widget when nothing can be accelerated
Ok, I would suggest a small wording change then
"Hardware crypto" → "Hardware crypto (active)"
And the @crypto_acc... → luckman212
12:05 PM Feature #12714: Show ``Inactive`` for Hardware Crypto output instead of empty field on System Information dashboard widget when nothing can be accelerated
It does show both supported (See the "Yes") and active/inactive. The Yes/No is whether or not the hardware supports ... Jim Pingle
11:59 AM Feature #12714: Show ``Inactive`` for Hardware Crypto output instead of empty field on System Information dashboard widget when nothing can be accelerated
Okay thanks Jim
FYI I have my crypto set to "QAT" on the 6100... which also seems to be the default setting.
S... → luckman212
11:33 AM Feature #12714 (Not a Bug): Show ``Inactive`` for Hardware Crypto output instead of empty field on System Information dashboard widget when nothing can be accelerated
It's working fine here on the latest RC on 6100 and several other platforms.
From the output in the widget above y... Jim Pingle
11:27 AM Feature #12714 (Resolved): Show ``Inactive`` for Hardware Crypto output instead of empty field on System Information dashboard widget when nothing can be accelerated
on 22.01.r.20220120.1938 I'm seeing an empty string on the Dashboard Widget under System Information -> Hardware cryp... → luckman212
11:37 AM Bug #12703: pf ``hostid`` value is handled inconsistently
https://reviews.freebsd.org/D33989 Kristof Provost
11:00 AM pfSense Packages Bug #12475 (Feedback): OpenVPN Client Export does not show certificate without private key
Fix pushed, will be available whenever the next build happens. Jim Pingle
10:39 AM pfSense Packages Bug #12475 (New): OpenVPN Client Export does not show certificate without private key
This has caused a problem, it's impossible to export a config now for a non-TLS RA config ("Remote Access (User Auth)... Jim Pingle
09:40 AM Feature #9092 (Resolved): Option to set interval of forced Dynamic DNS updates
Jim Pingle
09:40 AM Bug #12713: PHP error on ``pkg_mgr_install.php`` when multiple instances are running
Applied in changeset commit:f73ace96e837ca2f0957a5fafe5794e033231c2e. Jim Pingle
09:38 AM Bug #12713 (Feedback): PHP error on ``pkg_mgr_install.php`` when multiple instances are running
Merged and picked for 22.01/2.6.0 Jim Pingle
08:21 AM Bug #12713 (Pull Request Review): PHP error on ``pkg_mgr_install.php`` when multiple instances are running
MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/576 Jim Pingle
08:18 AM Bug #12713 (Resolved): PHP error on ``pkg_mgr_install.php`` when multiple instances are running
There is a PHP syntax error causing an error in @pkg_mgr_install.php@ which gets triggered if multiple @pkg@ processe... Jim Pingle
09:37 AM Regression #12707 (Resolved): Minnowboard Turbo cannot boot a clean install
UFS install now boots as expected.
Tested:... Steve Wheeler
09:27 AM Bug #12328 (Resolved): IPsec VTI interface remote endpoint is not resolved the correct way
Jim Pingle
09:20 AM Todo #12051 (Resolved): XMLRPC client improvements
This appears to be working well since it went in. Jim Pingle
09:18 AM Feature #12499 (Resolved): Allow Chelsio T6 CXGBE (``cc``) drivers to be used for ALTQ traffic shaping
Card is in the list now. Jim Pingle
09:17 AM Regression #12069 (Resolved): Panic in ``pfctl`` with large numbers of states
No sign of this being a problem since the fix went in. Jim Pingle
09:16 AM Regression #12660 (Resolved): High CPU usage due to incorrect gateway on some policy routed states
Can't replicate it on a current RC image with the fix built-in, and no negative side effects that I've noticed thus far. Jim Pingle
09:15 AM Bug #12694 (Resolved): PHP error when clicking Delete on Outbound NAT with no rules selected
Same here. No more PHP error when attempting to reproduce the problem. Selecting and deleting items still works as ex... Jim Pingle
09:13 AM Regression #12396 (Resolved): PHP Warning: Use of undefined constant ip - /etc/inc/services.inc on line 2465
Correct code is present in the repo. Jim Pingle
09:12 AM Bug #11290 (Resolved): Package ``<plugins>`` and ``<tabs>`` content missing from configuration in some cases
The expected tags are present after a fresh package install now, as expected. Jim Pingle
09:09 AM Todo #12145 (Resolved): Convert RAM disks to ``tmpfs``
This has been working well since it went in, no sign of problems thus far. Jim Pingle
09:09 AM Regression #12057 (Resolved): 21.09/2.6.0 - High CPU usage and slowness with ``pfctl -ss``
Jim Pingle
09:07 AM Feature #12011 (Closed): Disable log compression on new installations when ``/var/log`` is a ZFS dataset with compression enabled
Checked a few things I've recently reinstalled with zfs and they appear to have disabled compression on their own as ... Jim Pingle
09:05 AM Bug #11951 (Closed): IPsec status fails when many tunnels are connected
No sign of slowness or failures with many tunnels on the IPsec status page since the fix went in. I've tested with ~2... Jim Pingle
08:57 AM Regression #12550 (Resolved): PHP ``foreach`` error in IPsec status
No sign of this since the fix went in. Jim Pingle
08:56 AM Bug #12383 (Resolved): Typos in interfaces_assign.php configuration change description strings
No sign of the typos in current code or the referenced config descriptions/log messages. Jim Pingle
08:54 AM Regression #12288 (Closed): GRE and GIF tunnel inside addresses are missing at the OS level after applying changes on assigned interfaces
This has been working well since the fix went in. I've saved/applied on asigned GIF interfaces numerous times and the... Jim Pingle
08:51 AM Bug #11831 (Resolved): Certificate Revocation tab does not list active users of CRL entries
CRL consumers are now shown on the CRL list. Jim Pingle
08:50 AM Regression #12217 (Resolved): Kernel panic in IPFW when using Captive Portal
Captive portal has been stable without crashing since this went in. No further sign of problems. Jim Pingle
08:49 AM Todo #12093 (Resolved): Make AutoConfigBackup menu entry point to the settings tab so it loads faster when there is no WAN connectivity
Menu entry goes to settings now as expected. Jim Pingle
08:41 AM Regression #12698 (Resolved): ARP table interface column empty for entries on unassigned interfaces
Works as expected on 2.6.0.r.20220120.1937 Jim Pingle
07:56 AM Bug #12710 (Pull Request Review): Disabling DHCP Server RRD statistics does not work
Jim Pingle
12:45 AM Bug #12710: Disabling DHCP Server RRD statistics does not work
fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/575 Viktor Gurov
06:27 AM Regression #11512 (Feedback): DHCP Leases page and ARP table page fail to load if DNS is not available
Jim Pingle
12:48 AM Regression #11512 (Duplicate): DHCP Leases page and ARP table page fail to load if DNS is not available
system_get_dhcpleases() fixed in #11512 Viktor Gurov
02:54 AM pfSense Packages Feature #12711: Add InfluxDB V2 support
https://github.com/pfsense/FreeBSD-ports/pull/1137 Viktor Gurov
02:54 AM pfSense Packages Feature #12711 (New): Add InfluxDB V2 support
Added support for the InfluxDB V2 protocol and made some improvements to the UI
 Viktor Gurov
02:52 AM pfSense Packages Bug #12706: pfBlockerNG and unbound does not work after switching /var to RAM disk
fix:
https://github.com/pfsense/FreeBSD-ports/pull/1138 Viktor Gurov
12:48 AM Bug #12709 (Duplicate): RRD stats have many dropouts in all databases, with DHCPD RRD logging enabled and broken reverse DNS
system_get_dhcpleases() fixed in #11512 Viktor Gurov

01/20/2022

08:14 PM pfSense Packages Bug #12692: Haproxy backend issue
So just checking... the fix is only in pfSense 2.7 alpha? Not making it into 2.6 / 22.01 ?
Is there way to pull it i... → luckman212
06:09 AM pfSense Packages Bug #12692: Haproxy backend issue
Danilo Zrenjanin wrote in #note-5:
>
> All those fields should be using default values if nothing was defined. Ple... Viktor Gurov
07:58 PM Bug #12709: RRD stats have many dropouts in all databases, with DHCPD RRD logging enabled and broken reverse DNS
I installed
@2.6.0-RC (amd64)
built on Thu Jan 20 19:49:04 UTC 2022 @
and broke reverse DNS again. The problem is... John Hood
06:26 PM Bug #12709 (Duplicate): RRD stats have many dropouts in all databases, with DHCPD RRD logging enabled and broken reverse DNS
Seen on pfSense 2.5.2 Community Edition:
Since about 2021/03/01 I've had a problem where my RRD data has dropouts ... John Hood
06:41 PM Bug #12710: Disabling DHCP Server RRD statistics does not work
"has no effect" means that @/var/db/rrd/updaterrd.sh@ is not changed and DHCP RRD stats collection continues. I foun... John Hood
06:34 PM Bug #12710 (Resolved): Disabling DHCP Server RRD statistics does not work
Seen on CE 2.5.2.
DHCP RRD stats can be enabled by a checkbox on the DHCP Services page, but disabling it on that ... John Hood
06:37 PM Revision 900d20a9: Move custom repo removal code to a better location in rc.reboot
(cherry picked from commit e696b0868a495af4f19505b8261f25d6604adc8d) Steve Beaver
06:32 PM Revision e696b086: Move custom repo removal code to a better location in rc.reboot
Steve Beaver
04:07 PM Revision 1d75d9ef: openvpn.tls-verify.php exec() output fix. Issue #11829
(cherry picked from commit a80cf2c919c3abc5eb4eb479d7058ea6e69afc49) Viktor Gurov
03:41 PM Bug #12708 (Resolved): Alias with non-resolving FQDN entry breaks underlying PF table
Hi,
We've seen a number of cases where a mixed alias list (containing both IP and FQDN) results in either complete... Piet H
02:43 PM pfSense Docs Todo #12704 (Feedback): Add more HA DHCP troubleshooting info
Done:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/1c4627ca45f088720bae3be18a6a65a2f977fcb3
http://sta... Jim Pingle
10:27 AM pfSense Docs Todo #12704 (Closed): Add more HA DHCP troubleshooting info
The HA DHCP troubleshooting doc could use a bit more info:
https://docs.netgate.com/pfsense/en/latest/troubleshoot... Jim Pingle
02:35 PM Bug #12274: Unbound fails to start if its configuration references a python script which does not exist
Is that script chosen in the unbound options or inserted through custom options? If it's in custom options, it is not... Jim Pingle
12:31 PM Bug #12274 (New): Unbound fails to start if its configuration references a python script which does not exist
Doesn't work as expected, see https://redmine.pfsense.org/issues/12706
pfSense 22.01.r.20220117.2310 Viktor Gurov
01:50 PM Revision a80cf2c9: openvpn.tls-verify.php exec() output fix. Issue #11829
Viktor Gurov
01:31 PM Regression #12707 (Feedback): Minnowboard Turbo cannot boot a clean install
https://gitlab.netgate.com/pfSense/FreeBSD-src/-/merge_requests/52 Steve Wheeler
01:28 PM Regression #12707 (Assigned): Minnowboard Turbo cannot boot a clean install
Steve Wheeler
01:28 PM Regression #12707 (Resolved): Minnowboard Turbo cannot boot a clean install
The MBT-4220/2220 cannot boot a clean 2.6 install because it is loading the ZFS kernel module even when it is install... Steve Wheeler
01:15 PM Revision 63693e95: Fix ARP table interface names. Fixes #12698
(cherry picked from commit 81e7e462f00a031f6010bfcc955681a6ccdeac7b) Jim Pingle
12:29 PM pfSense Packages Bug #12706 (Resolved): pfBlockerNG and unbound does not work after switching /var to RAM disk
How to reproduce:
1) Install pfBlockerNG-devel, and configure DNSBL in python mode
2) Enable RAM disk for /var
3) ... Viktor Gurov
11:03 AM pfSense Packages Bug #12705: IPsec Profile Wizard/Apple: IKEv2 VPN with ECDSA server certificate does not connect using generated profile
In fact this started as a forum post, but there were no replies:
https://forum.netgate.com/topic/169207/ecdsa-cert... Sean McBride
10:47 AM pfSense Packages Bug #12705 (Incomplete): IPsec Profile Wizard/Apple: IKEv2 VPN with ECDSA server certificate does not connect using generated profile
There isn't enough information here, need a lot more info about your CA, cert, and P1 settings. Probably best to keep... Jim Pingle
10:36 AM pfSense Packages Bug #12705 (Resolved): IPsec Profile Wizard/Apple: IKEv2 VPN with ECDSA server certificate does not connect using generated profile
I have a working IPSec VPN. But my CA and cert are expiring soon so I thought I'd use the more modern ECDSA instead o... Sean McBride
10:51 AM Feature #12702: Use consistent pf host ID and add GUI option to set a custom host ID in state synchronization settings
Updated description, it works better when set in @$limitrules@ Jim Pingle
10:01 AM Feature #12702 (Resolved): Use consistent pf host ID and add GUI option to set a custom host ID in state synchronization settings
On @system_hasync.php@ we should add a GUI field to set a custom pf @hostid@ value. This value is a 32-bit number whi... Jim Pingle
10:25 AM Bug #12095: Memory leak in pcscd
This may be redundant information, just mentioning that this mem leak is not only an issue on lower memory systems.
... Mr Sparkles
10:23 AM Bug #11829: OpenVPN client certificate validation with OCSP always fails
Merged Viktor Gurov
09:46 AM Bug #11829 (Feedback): OpenVPN client certificate validation with OCSP always fails
Scott Long
07:23 AM Bug #11829 (Pull Request Review): OpenVPN client certificate validation with OCSP always fails
Jim Pingle
05:56 AM Bug #11829: OpenVPN client certificate validation with OCSP always fails
fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/573 Viktor Gurov
03:40 AM Bug #11829: OpenVPN client certificate validation with OCSP always fails
Sorry for the late reply, switched to some other projects.
> The suggested code was added - you can see it here:
> ... Konstantin Panchenko
10:21 AM Bug #12703 (Resolved): pf ``hostid`` value is handled inconsistently
We don't use this yet, but we should in the future (See #12702) but I've noticed an inconsistency in how pf handles t... Jim Pingle
09:35 AM Bug #7352: pfSense IPv6 static route is dumped after a WAN flap
So this is still an issue on 2.5.x. Route intermittently flaps and the static routes go away until you edit (with no... JC Denton
09:14 AM Todo #12701 (Resolved): Reorganize CARP status page
The CARP status page at @status_carp.php@ could be improved a bit. For example, the page refers to CARP VIPs as "CARP... Jim Pingle
07:20 AM Regression #12698 (Feedback): ARP table interface column empty for entries on unassigned interfaces
Applied in changeset commit:81e7e462f00a031f6010bfcc955681a6ccdeac7b. Jim Pingle
03:47 AM Bug #11830: Certificate validation with OCSP always fails in ``openvpn.tls-verify.php``
Konstantin Panchenko wrote in #note-11:
> This is still an issue in 2.5.2, validation code still checking only for t... Konstantin Panchenko

01/19/2022

05:50 PM Revision 24d5bb94: ldap_get_groups() return value fix. Issue #12699
(cherry picked from commit bbca801ce97dfee00be51175aa849f13d66e3738) Viktor Gurov
05:24 PM Revision 81e7e462: Fix ARP table interface names. Fixes #12698
Jim Pingle
04:53 PM Revision bbca801c: ldap_get_groups() return value fix. Issue #12699
Viktor Gurov
12:50 PM Bug #12694: PHP error when clicking Delete on Outbound NAT with no rules selected
Tested on:... Danilo Zrenjanin
12:39 PM pfSense Packages Bug #12692: Haproxy backend issue
Tested against:... Danilo Zrenjanin
11:49 AM Regression #12699: ldap_get_groups() must return an array value
This appears to be a regression from some recent change as it wasn't happening on previous releases. Excluding from t... Jim Pingle
11:44 AM Regression #12699 (Feedback): ldap_get_groups() must return an array value
Scott Long
10:54 AM Regression #12699: ldap_get_groups() must return an array value
fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/571 Viktor Gurov
10:50 AM Regression #12699 (Closed): ldap_get_groups() must return an array value
In some cases it can return false instead of empty array
No such issue with @radius_get_groups()@ and @local_user_ge... Viktor Gurov
10:45 AM Regression #12698 (Pull Request Review): ARP table interface column empty for entries on unassigned interfaces
MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/570 Jim Pingle
10:41 AM Regression #12698 (Resolved): ARP table interface column empty for entries on unassigned interfaces
On @diag_arp.php@ if there are entries in the ARP table for hosts on unassigned interfaces, the interface column is b... Jim Pingle
10:36 AM Bug #12691 (Pull Request Review): Support encrypted ``config.xml`` files when restoring during install
Viktor Gurov
09:44 AM Bug #12105: Packages are not automatically reinstalled when restoring configuration using the installer
It is noteworthy that the menu items for the removed packages were cleaned up which is nice. Chris Linstruth
09:42 AM Bug #12105 (Assigned): Packages are not automatically reinstalled when restoring configuration using the installer
Chris Linstruth
09:41 AM Bug #12105: Packages are not automatically reinstalled when restoring configuration using the installer
Existing 2.6.0 CE KVM/Proxmox Node.
Reinstalled ZFS using pfSense-CE-2.6.0-RC-amd64-20220117-2310.iso, Recovering ... Chris Linstruth
07:07 AM pfSense Packages Bug #12695 (Not a Bug): pfsense 2.5.2 vs ntopng 5.1
This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
04:17 AM pfSense Packages Bug #12695 (Not a Bug): pfsense 2.5.2 vs ntopng 5.1
Hello
Can i have an tutorial for install ntopng on pfsense correctly pls
I followed the link on ntop site official ... TT RD
05:53 AM Bug #12686 (Resolved): Incorrect copyright year
Tested:... Danilo Zrenjanin

01/18/2022

09:06 PM Revision 8ac2936a: Don't del ONAT rules w/o selection. Fixes #12694
(cherry picked from commit f783d68bd1708f7845fc21f035b4f3232a6f435d) Jim Pingle
08:38 PM Revision f783d68b: Don't del ONAT rules w/o selection. Fixes #12694
Jim Pingle
03:45 PM Revision 443679a9: Copyright update
Steve Beaver
03:43 PM Revision 0315035c: Changes to facilitate merge
Steve Beaver
03:12 PM Revision 27701ae1: Rework package repos for 2.6.0-RELEASE
Renato Botelho
03:10 PM Bug #12694: PHP error when clicking Delete on Outbound NAT with no rules selected
Applied in changeset commit:f783d68bd1708f7845fc21f035b4f3232a6f435d. Jim Pingle
03:09 PM Bug #12694 (Feedback): PHP error when clicking Delete on Outbound NAT with no rules selected
Scott Long
02:40 PM Bug #12694 (Pull Request Review): PHP error when clicking Delete on Outbound NAT with no rules selected
MR with fix: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/569 Jim Pingle
02:31 PM Bug #12694 (In Progress): PHP error when clicking Delete on Outbound NAT with no rules selected
Jim Pingle
01:13 PM Bug #12694 (Resolved): PHP error when clicking Delete on Outbound NAT with no rules selected
After pressing Delete button without selecting any NAT rule I got a PHP crash as follow:... Renato Botelho
11:57 AM Feature #7416: DHCPv4 client does not support ``supersede`` statement for option 54
Fabian Kurtz wrote in #note-6:
> The patch fixed it in OPNSense in 2017. It has been running flawlessly ever since. ... Viktor Gurov
09:45 AM Feature #7416 (Feedback): DHCPv4 client does not support ``supersede`` statement for option 54
This is now available on 2.6/22.01 from upstream.
https://github.com/pfsense/FreeBSD-src/commit/663441de575dbdd382... Marcos M
09:58 AM Feature #12291 (Resolved): Support for Slack notifications
Viktor Gurov
09:57 AM Feature #12291: Support for Slack notifications
Tested with... Christopher Cope
09:13 AM pfSense Packages Bug #12692 (Feedback): Haproxy backend issue
Merged:
https://github.com/pfsense/FreeBSD-ports/commit/0ef44539d3e10f6839ea577873b97756131a92a5 Viktor Gurov
07:19 AM pfSense Packages Bug #12692 (Pull Request Review): Haproxy backend issue
Jim Pingle
04:35 AM pfSense Packages Bug #12692: Haproxy backend issue
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/171 Viktor Gurov
04:16 AM pfSense Packages Bug #12692 (Resolved): Haproxy backend issue
https://forum.netgate.com/topic/168944/haproxy-backend-issue:
It seems that when not setting HSTS value to something... Viktor Gurov
08:59 AM Bug #12691: Support encrypted ``config.xml`` files when restoring during install
https://gitlab.netgate.com/pfSense/FreeBSD-src/-/merge_requests/51 Viktor Gurov
07:44 AM Regression #12660: High CPU usage due to incorrect gateway on some policy routed states
Not a problem in a release, excluding from release notes. Jim Pingle
07:19 AM pfSense Docs Correction #12693 (Closed): www.pfsense.org/snapshots still shows 2.6.0-DEVELOPMENT
Updated. Jim Pingle
06:07 AM pfSense Docs Correction #12693 (Closed): www.pfsense.org/snapshots still shows 2.6.0-DEVELOPMENT
Should be 2.7.0-DEVELOPMENT
https://www.pfsense.org/snapshots/ Viktor Gurov
06:28 AM pfSense Packages Bug #9500: HAproxy does not delete non-applicable action config
no such issue on pfSense-pkg-haproxy-devel 0.62_7
it may be related to the non-devel haproxy pkg Viktor Gurov
04:44 AM pfSense Packages Bug #9027 (Resolved): HAProxy: Unknown keyword lua-load
Viktor Gurov

01/17/2022

07:24 PM Revision b938ee3a: Delete all custom files if the custom repo specification is incomplete
(cherry picked from commit 51ef2e44e96254b9b3019ebf3bcaa5799f03ce79) Steve Beaver
05:45 PM Revision 51ef2e44: Delete all custom files if the custom repo specification is incomplete
Steve Beaver
05:45 PM Revision fae2f2d5: OpenVPN validation improvements. Fixes #12677
Added validation for the following fields:
* OpenVPN Server:
* mode, dev_mode, protocol, interface, ecdh_curve, d... Jim Pingle
01:47 PM Regression #12622 (Feedback): Kernel panic when using ``fq_pie`` limiter scheduler
Scott Long
01:22 PM Regression #12622 (In Progress): Kernel panic when using ``fq_pie`` limiter scheduler
Scott Long
12:27 PM Bug #12686 (Feedback): Incorrect copyright year
Merged to devel/2.6/22.01 Viktor Gurov
12:22 PM Bug #12677: OpenVPN form validation issues
This has now been picked back to the RC branches for Plus and CE, and will be in the next RC build. Jim Pingle
12:21 PM Regression #12660 (Feedback): High CPU usage due to incorrect gateway on some policy routed states
This has been merged back to the RC branch now, the next RC build will have it included. Jim Pingle
12:07 PM Regression #12688 (Feedback): pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600
Merged:
https://github.com/pfsense/FreeBSD-ports/commit/650a032444e99e9b27c4baf8f45174f757a426bd Viktor Gurov
10:44 AM Regression #12688 (Pull Request Review): pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600
Jim Pingle
08:50 AM Regression #12688: pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/170 Viktor Gurov
08:01 AM Regression #12688: pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600
That'd make sense, because I deliberately waited to merge https://github.com/pfsense/FreeBSD-src/commit/fdcdd81fb82df... Kristof Provost
07:21 AM Regression #12688: pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600
Is this only on 2.7 snapshots and not 2.6-RC?
I have several systems with PPPoE and L2TP WANs in my lab on 2.6 RC ... Jim Pingle
04:26 AM Regression #12688: pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600
seems related to https://github.com/pfsense/FreeBSD-src/commit/fdcdd81fb82dfd8778e2c239162a596a756f236f
https://gi... Viktor Gurov
11:57 AM Regression #11316: Unbound crashes with signal 11 when reloading
There are two problems here.
1. There is no watchdog restarting the unbound service
2. An invalid unbound configu... Ben Ito
09:43 AM pfSense Docs Correction #12689 (Closed): Link fails with 404
Fixed:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/dc520e089212cfadc4e1e522043efddcd1504612
That link... Jim Pingle
08:47 AM Bug #12614: Pushover notifications fail
this is 2.6 only fix Viktor Gurov
07:27 AM Feature #12687 (Pull Request Review): Option to disable auto-addition of static routes for ``dpinger``
Jim Pingle
06:50 AM Bug #12691 (Resolved): Support encrypted ``config.xml`` files when restoring during install
Add a password prompt to bsdinstall if config.xml is encrypted, and skip it on <ENTER>
see ECL encrypted config.xm... Viktor Gurov
06:48 AM pfSense Packages Bug #11398: pfBlocker upgrade hangs forever
for some reason unbound does not terminated in 30s:... Viktor Gurov
06:43 AM pfSense Packages Bug #11632 (Duplicate): unbound service not restarted on pfBlocker-devel install/reinstall
Viktor Gurov
04:17 AM Bug #12690 (Duplicate): 6RD PPPoE WAN Configuration Broken in 2.7.0-DEVELOPMENT
Duplicate of #12688 Viktor Gurov
04:17 AM Regression #12382: Certificate Depth checking creates OpenVPN micro-outages every time a user authenticates after 2.5.2 upgrade
Viktor Gurov wrote in #note-10:
> > We are also hit with that now and that's only with ~10 users in VPN but as our c... Jens Groh

01/16/2022

04:59 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
I use 2.5.2-RELEASE (amd64) - Jul, 02 15:33:00 EDT 2021 - with exactly the same problem.
After killing filterdns (pk... Artur Mitrosz
04:45 PM Bug #12690 (Duplicate): 6RD PPPoE WAN Configuration Broken in 2.7.0-DEVELOPMENT
As soon as I upgraded to 2.7.0-DEVELOPMENT, my WAN configuration (6RD / PPPoE) with CenturyLink fails to PPPoE authen... Eric Veum
10:34 AM Feature #12267 (Pull Request Review): OpenVPN option to limit concurrent connections per user
Marcos M
10:31 AM Feature #12267: OpenVPN option to limit concurrent connections per user
New MR including fix to client-specific configuration not applying (static address issue): https://gitlab.netgate.com... Marcos M
10:33 AM Feature #12407 (Pull Request Review): Use deferred client connections in OpenVPN
Marcos M
10:32 AM Feature #12407: Use deferred client connections in OpenVPN
New MR, see: https://redmine.pfsense.org/issues/12267#note-16 Marcos M
10:33 AM Bug #12332 (Pull Request Review): OpenVPN does not clear old Cisco-AVPair anchor rules in some cases
New MR, see: https://redmine.pfsense.org/issues/12267#note-16 Marcos M
10:22 AM pfSense Docs Correction #12659: Correct inaccuracies in configuring Flow Control for ``ix`` and ``ixl`` interfaces
Looks like this applies to ixl as well: https://www.intel.com/content/www/us/en/download/18331/intel-network-adapter-... Marcos M
09:26 AM Bug #2514: static routes for monitor IPs should be removed
related: https://redmine.pfsense.org/issues/12687 → luckman212
01:57 AM pfSense Packages Todo #12317 (Resolved): Suricata UI improvements
Viktor Gurov

01/15/2022

09:48 PM Regression #12688: pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600
Kris Phillips wrote in #note-2:
> Can someone having this issue please provide their PPPoE system logs?
Jan 15 07... Dee D
08:19 PM Regression #12688: pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600
Can someone having this issue please provide their PPPoE system logs? Kris Phillips
06:02 AM Regression #12688: pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600
someone else had the same problem
https://www.reddit.com/r/PFSENSE/comments/s3x10p/cant_connect_to_internet_after_... Dee D
06:00 AM Regression #12688 (Resolved): pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600
I was on a 2.7 build from a few days previous where it was working. Dee D
08:35 PM Bug #7329: DHCP Not Updating DNS
I've never run into this issue because the DHCP server in pfSense tries to hand the same IP to the host. Is your vir... Kris Phillips
08:33 PM Bug #2234: Status: Traffic Graph - only shows interface's subnet
Generally speaking, having multiple subnets on the same L2 broadcast domain is not common or best practice. Splittin... Kris Phillips
08:29 PM Bug #6926: Miniupnp advertising expired IPv6 address
The miniupnpd component is on version 2.2.1 in pfSense Plus 21.05.2. What version of pfSense was this tested on? Pl... Kris Phillips
06:56 PM pfSense Packages Todo #12317: Suricata UI improvements
Seeing the noted changes, fixes and additions on suricata-6.0.4 Jordan G
06:09 PM Bug #12651: ``nginx`` logs an error that the port is already in use when restarting Captive Portal services
possibly related to #10159 A FL
01:20 PM pfSense Docs Correction #12689 (Closed): Link fails with 404
This link seems to be dead on page;
Under "Verifying HTTP Load Balancing"
A page on the Netgate site is available... Daniel van der Wal
12:09 PM pfSense Packages Feature #12674 (Resolved): Redistribute RIP to BGP
Viktor Gurov
11:25 AM pfSense Packages Feature #12674: Redistribute RIP to BGP

"Redistribute RIP" option is added to OSPF and BGP GUI
2.6.0.r.20220113.1926
 Alhusein Zawi
11:29 AM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler
I can confirm this is working in the latest 2.70 snapshot. Anonymous

01/14/2022

05:24 PM Revision ba815f3d: OpenVPN validation improvements. Fixes #12677
Added validation for the following fields:
* OpenVPN Server:
* mode, dev_mode, protocol, interface, ecdh_curve, d... Jim Pingle
04:52 PM Feature #12687 (Resolved): Option to disable auto-addition of static routes for ``dpinger``
*Summary*
* Currently, static routes are added for each gateway monitor IP, to force dpinger ICMP to leave via the g... → luckman212
02:27 PM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler
I pushed the fix, should be available in the next snapshot. Mateusz Guzik
02:12 PM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler
Ok, that's the same kind of problem, but it will have to be fixed differently. I'll try to do it today. Mateusz Guzik
01:46 PM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler
Ok I'm uploading two text dumps.
The first one occured right when I applied the floating firewall rules to pipe the ... Anonymous
01:02 PM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler
Can you attach a dump? Both already attached only show the fq pie crash. Mateusz Guzik
10:51 AM Regression #12622 (New): Kernel panic when using ``fq_pie`` limiter scheduler
Jim Pingle
10:01 AM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler
I guess i should have checked a little better.
The limiter scheduler fq_pie is indeed fixed but you also need to pat... Anonymous
02:10 PM Bug #12677: OpenVPN form validation issues
Applied in changeset commit:ba815f3d219e5bdf404be859e723db2ff0c9258c. Jim Pingle
02:07 PM Bug #12677 (Feedback): OpenVPN form validation issues
Tested and Merged. Christian McDonald
11:40 AM Bug #12677 (Pull Request Review): OpenVPN form validation issues
MR for the remaining validation:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/564
Added validati... Jim Pingle
07:55 AM Bug #12677 (In Progress): OpenVPN form validation issues
This affects a few more fields: @allow_compression, protocol, dev_mode, digest, verbosity_level@
But validating th... Jim Pingle
09:53 AM Feature #12685 (Pull Request Review): Support encrypted ``config.xml`` files when restoring via ECL
Viktor Gurov
06:49 AM Feature #12685: Support encrypted ``config.xml`` files when restoring via ECL
Password prompt on encrypted ECL config.xml load:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/563 Viktor Gurov
06:49 AM Feature #12685 (Resolved): Support encrypted ``config.xml`` files when restoring via ECL
Add a password prompt if ECL config.xml is encrypted and skip on <ENTER>
 Viktor Gurov
09:38 AM Bug #12686: Incorrect copyright year
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-src/-/merge_requests/50 Viktor Gurov
09:35 AM Bug #12686 (Resolved): Incorrect copyright year
Still 2021:
https://github.com/pfsense/FreeBSD-src/blob/RELENG_2_6_0/release/rc.local#L91 Viktor Gurov
06:36 AM Feature #12684: Automatic encryption/decryption of config files, for pfSense ECL configuration feature
Password prompt on encrypted ECL config.xml load:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/563
mo... Viktor Gurov
05:31 AM Feature #12684 (Rejected): Automatic encryption/decryption of config files, for pfSense ECL configuration feature
Using any predictable value as encryption/decryption key is not going to happen. It wouldn't be any better than handi... Jim Pingle
03:58 AM Feature #12684: Automatic encryption/decryption of config files, for pfSense ECL configuration feature
The whole idea is for this to run wo. any user interaction , using a Device derived key , for both encryption & decry... Bingo Bingo
03:22 AM Feature #12684: Automatic encryption/decryption of config files, for pfSense ECL configuration feature
I think it's better to add a password prompt to test_config() if "---- BEGIN config.xml ----" header is found:
https... Viktor Gurov
12:07 AM Feature #12684 (Rejected): Automatic encryption/decryption of config files, for pfSense ECL configuration feature
See
https://forum.netgate.com/topic/169077/improvement-idea-configuration-backup-restore-encryption-and-ecl
Readi... Bingo Bingo
03:35 AM Regression #12660: High CPU usage due to incorrect gateway on some policy routed states
Also merged upstream: https://cgit.freebsd.org/src/commit/?id=5f5e32f1b3945087a687c5962071d3f46e34e1ff Kristof Provost

01/13/2022

07:02 PM Revision 3c98c881: Using DEVEL URL
(cherry picked from commit a47a5edd25a11971659a53fbcaf69ab97a1d9a71) Renato Botelho
07:02 PM Revision a50dd4dc: Small fixes missed on last commit to devel repo
(cherry picked from commit 1903b56a2b000da37447f70ce4b79d57dd454c8b) Renato Botelho
07:01 PM Revision 3d4d08ab: Using DEVEL URL
(cherry picked from commit a47a5edd25a11971659a53fbcaf69ab97a1d9a71) Renato Botelho
07:00 PM Revision a47a5edd: Using DEVEL URL
Renato Botelho
06:59 PM Revision 1903b56a: Small fixes missed on last commit to devel repo
Renato Botelho
06:58 PM Revision ac8d840e: Small fixes missed on last commit to devel repo
Renato Botelho
06:48 PM Revision 5474d583: Fix repository config files
Add a new repo called next to point to 2.6.0-RC and reduce differences
between branches Renato Botelho
06:43 PM Revision 8f8b00ee: Rework pkg repositories
Keep 3 main files reflecting what users see today on 2.5.2 and add
2.6.0-RC as Next Release Candidate, setting it as ... Renato Botelho
06:43 PM Revision 68afc597: Improve OpenVPN Data Cipher handling. Fixes #12677
(cherry picked from commit 78ce96a9af3b2ab5159ef6623078bfc4b15f8a89) Jim Pingle
06:41 PM Revision c216e94b: Rework repository config
Leave all branches with the same repo definitions Renato Botelho
06:36 PM Revision 78ce96a9: Improve OpenVPN Data Cipher handling. Fixes #12677
Jim Pingle
02:58 PM Revision 4199a5d9: build: Fix pkg.txz.sig link
When pkg transitioned from .txz to .pkg extension we enabled an option
to keep a symlink of old extension around and ... Renato Botelho
02:33 PM Regression #12057: 21.09/2.6.0 - High CPU usage and slowness with ``pfctl -ss``
Tested in
2.6.0-RC (amd64)
built on Wed Jan 12 20:10:43 UTC 2022
FreeBSD 12.3-STABLE
no High CPU usage or slo... Christopher Cope
01:57 PM Revision 9a51687d: Fix typo in warning text.Issue #12680
Danilo-Z
12:50 PM Bug #12677 (Feedback): OpenVPN form validation issues
Applied in changeset commit:78ce96a9af3b2ab5159ef6623078bfc4b15f8a89. Jim Pingle
12:31 PM Feature #12518 (Feedback): Restore RRD and extra data from configuration backups when restoring during installation
Merged Viktor Gurov
08:23 AM Bug #12680 (Feedback): Typo in the warning text
Merged:
https://github.com/pfsense/pfsense/commit/9a51687d08bbb62e6a21fa9f0da4b8d79dcaa969 Viktor Gurov
07:55 AM Bug #12680 (Pull Request Review): Typo in the warning text
Viktor Gurov
08:12 AM pfSense Packages Todo #12354: Update haproxy-devel to mitigate CVE-2021-40346
Hi I want to ask is you implemented mentioned "Temporary workaround"?
> No need to add this if version of haproxy ... DRago_Angel [InV@DER]
08:02 AM pfSense Packages Bug #12670 (Feedback): ACME package writes credentials to system log
Merged:
https://github.com/pfsense/FreeBSD-ports/commit/deff5ad17b0809521d0c083ebbe619ebfd089d6f Viktor Gurov
07:20 AM pfSense Packages Bug #12670 (Pull Request Review): ACME package writes credentials to system log
Jim Pingle
06:23 AM pfSense Packages Bug #12670: ACME package writes credentials to system log
WebGUI debug option:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/169 Viktor Gurov
07:21 AM Feature #12682 (Duplicate): RADIUS authentication fallback for pfSense GUI
The other issue already covers "authentication servers" which would include both LDAP and RADIUS. No need for a secon... Jim Pingle
04:25 AM Feature #12682: RADIUS authentication fallback for pfSense GUI
same for LDAP - #10843 Viktor Gurov
05:13 AM Regression #12288: GRE and GIF tunnel inside addresses are missing at the OS level after applying changes on assigned interfaces
This is 2.6 only regression fix, related to #6507 changes Viktor Gurov
04:34 AM pfSense Packages Bug #12683: snort_get_vpns_list() does not include OpenVPN CSO
fix:
https://github.com/pfsense/FreeBSD-ports/pull/1135 Viktor Gurov
04:24 AM pfSense Packages Bug #12683 (Resolved): snort_get_vpns_list() does not include OpenVPN CSO
"Pass List -> Auto-Generated IP Addresses -> VPN Addresses" does not include OpenVPN Client Specific Override.
 Danilo Zrenjanin
04:23 AM pfSense Packages Feature #11879: Add support for SSL.com ACME server
SSL.com and ZeroSSL.com support added to acme.sh - https://github.com/acmesh-official/acme.sh/releases/tag/3.0.0:
"Z... Viktor Gurov
04:20 AM pfSense Packages Bug #12623: acme.sh package | DNS-ISPConfig settings
Fix is merged to the upstream acme.sh repository Viktor Gurov
04:13 AM pfSense Packages Bug #12642 (Resolved): suricata_get_vpns_list() does not include OpenVPN CSO
Tested against:... Danilo Zrenjanin
02:40 AM Regression #12660: High CPU usage due to incorrect gateway on some policy routed states
MR (devel-12): https://gitlab.netgate.com/pfSense/FreeBSD-src/-/merge_requests/46
MR (RELENG_2_6_0): https://gitlab.... Kristof Provost

01/12/2022

10:29 PM pfSense Packages Feature #12658: Adding prometheus metrics to darkstat
It looks like a commit had been made to the main branch: https://cgit.freebsd.org/ports/commit/?id=038bcb21cbd11930ab... Karim Elatov
08:17 PM Feature #12682 (Duplicate): RADIUS authentication fallback for pfSense GUI
Feature request to allow specifying multiple RADIUS servers with a fallback database for authentication when logging ... Chris W
07:31 PM Revision 37f83ddb: Fix FREEBSD_BRANCH
Glen Barber
03:39 PM Regression #12660: High CPU usage due to incorrect gateway on some policy routed states
I booted a kernel with the patch and ran for over 5 hours without any problems. Looks like that took care of the prob... Jim Pingle
03:37 PM pfSense Docs Todo #12639 (Closed): Feedback on System Monitoring — System Logs
Jim Pingle
03:37 PM pfSense Docs Correction #12598 (Closed): Alias use with static routes
Jim Pingle
03:37 PM pfSense Docs Todo #12596 (Closed): OpenVPN Site to Site configuration examples should note to change the inactive value
Jim Pingle
03:29 PM Revision fd2740b3: Update master to 2.7.0
Glen Barber
03:25 PM Revision 3b283c27: Revert "Update master to 2.7.0"
This reverts commit ac7ec30f39a3069d3192a73b78e5977fc834482e. Glen Barber
03:16 PM Revision ac7ec30f: Update master to 2.7.0
Glen Barber
02:51 PM pfSense Docs New Content #12681 (Closed): WireGuard Site-to-Multisite Recipe
Reviewed, merged & deployed Jim Pingle
01:27 PM pfSense Docs New Content #12681 (Pull Request Review): WireGuard Site-to-Multisite Recipe
MR: https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/29 Christian McDonald
01:20 PM pfSense Docs New Content #12681 (Closed): WireGuard Site-to-Multisite Recipe
Adds new recipe for WireGuard site-to-multisite configurations. Christian McDonald
02:44 PM Bug #5592 (Closed): fsck sometimes fails to repair filesystem automatically, resulting in Panic: ufs_dirbad bad dir ino ... mangled entry
Nothing we can really do for this. We have changed the default filesystem type to ZFS, and fsck is not relevant there... Jim Pingle
02:41 PM Bug #5383 (Closed): CODELQ Traffic Shaper Causes Panic and Reboot During Speed Test
Doesn't seem to be an issue anymore, and there is a lack of detail here (no details of the config, not even if it's A... Jim Pingle
02:31 PM Regression #12622 (Resolved): Kernel panic when using ``fq_pie`` limiter scheduler
Thanks for testing. I'll assume the issue is resolved, please reopen if the crash pops up again. Mateusz Guzik
01:58 PM Revision f1654805: Switch configurations to point to 2.6.0.
Reviewed by: garga Glen Barber
01:58 PM Revision 89b2a39f: Update repo configurations for 2.6.0.
Reviewed by: garga Glen Barber
01:19 PM Revision 03a43ff3: Rework repository config files
Instead of use version on file names, just call them repo, repo-devel
and repo-previous. Also, do not keep relying o... Renato Botelho
12:21 PM Bug #12604 (Resolved): IPv6 interface prefix change not reflected in RADVD configuration
Danilo Zrenjanin
12:20 PM Bug #12604: IPv6 interface prefix change not reflected in RADVD configuration
Tested on:... Danilo Zrenjanin
07:34 AM Bug #12678 (Pull Request Review): Applying firewall rule changes does not clear dirty flag for aliases subsystem
Jim Pingle
02:59 AM Bug #12678: Applying firewall rule changes does not clear dirty flag for aliases subsystem
same issue with the NAT and Shaper pages
fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/553 Viktor Gurov
02:17 AM Bug #12678 (Resolved): Applying firewall rule changes does not clear dirty flag for aliases subsystem
How to reproduce:
1) Change Aliases
2) You'll see a message on top of the page:... Viktor Gurov
06:05 AM Bug #12680: Typo in the warning text
fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/555 Danilo Zrenjanin
05:48 AM Bug #12680 (Resolved): Typo in the warning text
If setting the DNS Resolver in forwarding mode and DNS servers were not previously defined under System>General, the ... Danilo Zrenjanin
04:37 AM Feature #12679: Remind user to update DHCPv6 range when changing interface IPv6 prefix
see also #12527 Viktor Gurov
04:17 AM Feature #12679 (New): Remind user to update DHCPv6 range when changing interface IPv6 prefix
Having a reminder to update the DHCPv6 range (address pool) after changing the IPv6 prefix under an interface with DH... Danilo Zrenjanin
02:21 AM Bug #12635 (Resolved): PHP: Error generated when backing up a config file with SSH disabled
Tested against:... Danilo Zrenjanin

01/11/2022

07:39 PM Revision 3e5fa898: Redirect user to / if Plus and attempting to directly access system_register.php
Steve Beaver
07:17 PM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler
I tested the latest community edition 2.6.0.b.20220111.0600 on two different machines and everything is working good.... Anonymous
03:46 PM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler
Ok I don't have Netgate hardware so I won't be able to test any Pfsense plus versions. Anonymous
02:49 PM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler
This snapshot contains the fix: https://firmware-nyi.netgate.com/beta/snapshots/installer/pfSense-plus-22.01-BETA-amd... Mateusz Guzik
07:13 PM Revision 5895065c: Make registration process contingent on PLus vs CE to accommodate automatic CE -> Plus merging
Steve Beaver
06:26 PM Revision b8fd0558: netgate-ca.pem is now in the base image at /usr/local/share/${product_name}/ssl/netgate-ca.pem
Steve Beaver
03:00 PM Revision a02e2cf8: Merge remote-tracking branch 'origin/master' into CE_Plus_Upgrade
Luiz Souza
02:59 PM Revision 73141a42: Update the git protocol.
For more details see: https://github.blog/2021-09-01-improving-git-protocol-security-github/ Luiz Souza
10:44 AM pfSense Packages Feature #12658: Adding prometheus metrics to darkstat
FreeBSD ports bug created: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261123 Karim Elatov
09:35 AM Bug #12677 (Pull Request Review): OpenVPN form validation issues
Jim Pingle
09:20 AM Bug #12677: OpenVPN form validation issues
MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/550 Jim Pingle
09:15 AM Bug #12677 (Closed): OpenVPN form validation issues
There are a few issues with how we currently handle the data cipher list in OpenVPN client and server pages, includin... Jim Pingle
05:52 AM Feature #12676 (New): Add the Tagged option on the Port Forward rules edit page
When editing the firewall rules, we can see the following note under the Tag option:
"A packet matching this rule ca... Viktor Gurov

01/10/2022

09:03 PM pfSense Plus Bug #12607: Instability with Snort Inline with AWS Instances
https://github.com/pfsense/FreeBSD-src/commit/7dbcef9536b410426e8b391e721e5800f5d503b5
@* Netmap support for ENAv3... Marcos M
08:27 PM Revision 95960701: Only setup the certificates for the pkg repo access when the Plus Upgrade branch is selected.
Luiz Souza
06:34 PM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler
Apologies for late reply, I somehow did not get notification of your response.
I pushed the patch to pfSense, shou... Mateusz Guzik
03:05 PM Revision 26c55656: Merge remote-tracking branch 'origin/master' into CE_Plus_Upgrade
Luiz Souza
03:04 PM Revision 94850c8a: Remove stray white spaces.
No functional changes. Luiz Souza
02:21 PM Revision fe5ba225: Use /conf/restore_config_data trigger file to restore extra data on install. Feature #12518
Viktor Gurov
02:00 PM Feature #12267: OpenVPN option to limit concurrent connections per user
Jim Pingle wrote in #note-14:
> Phil Wardt wrote in #note-12:
> > Note: I have the option "Strict User-CN Matching"... Phil Wardt
07:41 AM Feature #12267: OpenVPN option to limit concurrent connections per user
Phil Wardt wrote in #note-12:
> Note: I have the option "Strict User-CN Matching" enabled, not sure if each certific... Jim Pingle
01:20 PM Regression #12660: High CPU usage due to incorrect gateway on some policy routed states
Can you test this patch? It should prevent simultaneous access in pf_map_addr(), hopefully (and expected) without maj... Kristof Provost
12:33 PM Regression #12660: High CPU usage due to incorrect gateway on some policy routed states
I already talked with Kristof about this on Slack, but so it's also on Redmine:
> Would you be able to test if the... Jim Pingle
08:30 AM Regression #12660: High CPU usage due to incorrect gateway on some policy routed states
I think I see where the problem happens and it's indeed in the PF_POOL_ROUDROBIN case of pf_map_addr().
In get_addr:... Kristof Provost
03:48 AM Regression #12660: High CPU usage due to incorrect gateway on some policy routed states
Would you be able to test if the problem occurs if the rule doesn't use round-robin but uses random or source-hash in... Kristof Provost
12:35 PM pfSense Plus Bug #12669 (Duplicate): Improvements to pkg update handling
Duplicate of #10464 which already had a similar planned solution in mind. Jim Pingle
10:42 AM pfSense Plus Bug #11626: Google LDAP connections fail due to lack of SNI for TLS 1.3
Nudge this ahead so we have more time to ensure there aren't any regressions from the change. Jim Pingle
10:06 AM Feature #12675 (Resolved): Move command line history to a GUI option stored in ``config.xml`` rather than a manual flag file
Currently the CLI history is retained if the file .keephistory is present.
It would be nice if that option was ret... Steve Wheeler
09:19 AM pfSense Packages Feature #12674 (Feedback): Redistribute RIP to BGP
Merged Viktor Gurov
08:11 AM pfSense Packages Feature #12674 (Pull Request Review): Redistribute RIP to BGP
Jim Pingle
04:48 AM pfSense Packages Feature #12674: Redistribute RIP to BGP
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/167 Viktor Gurov
04:19 AM pfSense Packages Feature #12674 (Resolved): Redistribute RIP to BGP
Current version only support redistributing OSPF to BGP, but not RIP Viktor Gurov
08:56 AM pfSense Packages Todo #12354 (Feedback): Update haproxy-devel to mitigate CVE-2021-40346
Marcos Mendoza wrote in #note-9:
> This patch results in the following warning when starting @haproxy@:
> [...]
> ... Viktor Gurov
08:51 AM Feature #12518 (Pull Request Review): Restore RRD and extra data from configuration backups when restoring during installation
Jim Pingle
08:34 AM Feature #12518: Restore RRD and extra data from configuration backups when restoring during installation
Improved:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/549
https://gitlab.netgate.com/pfSense/Fr... Viktor Gurov
08:15 AM Bug #12672 (Pull Request Review): GleSYS Dynamic DNS responses are not parsed properly
Jim Pingle
05:20 AM Bug #12672: GleSYS Dynamic DNS responses are not parsed properly
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/547 Viktor Gurov
08:14 AM Bug #12661 (Needs Patch): Increase Maximum Allowable Bandwidth on Limiters
Since this is blocked on an upstream limitation, there isn't anything we can do here at the moment. Once it's fixed i... Jim Pingle
04:55 AM Bug #12661: Increase Maximum Allowable Bandwidth on Limiters
current limiter maximums is 4Gb/s, see #7979
related FreeBSD issue: https://bugs.freebsd.org/bugzilla/show_bug.cgi?i... Viktor Gurov
08:10 AM Bug #1849: Traffic shaper - By Queue view needs to show/use friendly inerface names
It shows the friendly names these days but it doesn't show the root queues still, so this can remain open. Jim Pingle
08:03 AM Feature #9393 (Pull Request Review): Improved support for USB interfaces that may not always be present
Jim Pingle
04:08 AM Feature #9393: Improved support for USB interfaces that may not always be present
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/506 Viktor Gurov
07:55 AM pfSense Packages Bug #12668: Clear System OS Boot Log removes Cypto information on Status Page
Jim Pingle wrote in #note-4:
> This is normal and expected. That information is obtained by inspecting the OS boot l... Jim Middleton
07:34 AM pfSense Packages Bug #12668 (Not a Bug): Clear System OS Boot Log removes Cypto information on Status Page
This is normal and expected. That information is obtained by inspecting the OS boot log and if you clear it, there is... Jim Pingle
07:21 AM pfSense Packages Bug #12668: Clear System OS Boot Log removes Cypto information on Status Page
Local network with 3 users. Its not an office with a bazillion VLAN's, etc. Jim Middleton
07:20 AM pfSense Packages Bug #12668: Clear System OS Boot Log removes Cypto information on Status Page
Viktor Gurov wrote in #note-1:
> Please provide more information about your configuration -
>
> unable to reprod... Jim Middleton
05:49 AM pfSense Packages Bug #12668 (Feedback): Clear System OS Boot Log removes Cypto information on Status Page
Please provide more information about your configuration -
unable to reproduce on 2.6.0.b.20220109.0600
fixed ... Viktor Gurov
07:45 AM Regression #12666 (Resolved): Default password warning is not displayed for new installs
Jim Pingle
07:04 AM pfSense Packages Bug #11836 (Feedback): FRR ACCEPTFILTER shows out of order prefix-list
Unable to reproduce on FRR 1.1.1_2:... Viktor Gurov
05:55 AM pfSense Packages Feature #10818: UDP Broadcast Relay
build pkg:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/548 Viktor Gurov
05:39 AM Bug #12654 (Resolved): Nat issue after 20211220 version
works as expected on 22.01.b.20220109.0600 Viktor Gurov
05:01 AM Bug #12671 (Rejected): Load balancing stop working...
This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Viktor Gurov
04:15 AM Bug #12497 (Duplicate): OpenVPN Server assignes random IPv4 addresses to active clients even if FreeRadius has configured Framed-IP for all these remote clients
Duplicate of #12076 Viktor Gurov
04:11 AM pfSense Packages Bug #12443 (Resolved): DNSBL Category ```Enable All``` button not working
Viktor Gurov
04:11 AM Bug #12452 (Resolved): Port forward rules are not created for special networks (pppoe, openvpn)
Viktor Gurov
01:26 AM Bug #12673: Firewall Logs Dashboard Widget is slow and may fail to update
This is being discussed here
https://forum.netgate.com/topic/168895/please-help-firewall-logs-dashboard-widget-not... JohnPoz _

01/09/2022

06:16 PM Bug #12095: Memory leak in pcscd
Not sure there's a lot of value in my post, if this service has now been set to disabled by default..
I just wante... Simon Quigley
04:28 PM Bug #12673: Firewall Logs Dashboard Widget is slow and may fail to update
Tested:... Steve Wheeler
04:28 PM Bug #12673 (Resolved): Firewall Logs Dashboard Widget is slow and may fail to update
As stated the firewall logs dashboard widget fails to update at all if you set an update interval below 5 seconds.
... Steve Wheeler
07:22 AM Bug #12672 (Resolved): GleSYS Dynamic DNS responses are not parsed properly
Expected response from GLeSYS is wrong in _checkStatus
pfsense/src/etc/inc/dyndns.class
if (preg_match('/Recor... Martin Pegler
06:59 AM Bug #12671 (Rejected): Load balancing stop working...
Hello,
I have this issue since long time ago but never put so much effort into it... I mostly use Failover but now... Atanas Paunoff
06:31 AM pfSense Packages Bug #12670: ACME package writes credentials to system log
It is probably due to https://github.com/pfsense/FreeBSD-ports/blob/94457075a991331b9c0bcee44ea7d4fd9427ab36/security... Florian Apolloner
06:26 AM pfSense Packages Bug #12670 (New): ACME package writes credentials to system log
The acme renewal cron currently dumps the config into the system log:... Florian Apolloner

01/08/2022

06:21 PM Feature #12267: OpenVPN option to limit concurrent connections per user
There could be additional code to address the behavior with certs differently, however it wouldn't be "instead of" si... Marcos M
01:25 PM Feature #12267: OpenVPN option to limit concurrent connections per user
Jim Pingle wrote in #note-11:
> Commit reverted. We can revisit this in the next release.
Instead of this shell h... Phil Wardt
05:21 PM pfSense Packages Bug #12443: DNSBL Category ```Enable All``` button not working
Enable All and Disable All buttons appear to function as desired (compared to 21.05.2) for these blacklists on 22.01.... Jordan G
05:02 PM Bug #5253: 3gstats.php 100% CPU
Unable to reproduce this issue. The Status --> Interfaces tab shows proper data and the CPU usage does not hit 100% ... Kris Phillips
04:56 PM Bug #1849: Traffic shaper - By Queue view needs to show/use friendly inerface names
Not sure what this bug report is for as the friendly name for interfaces is shown for traffic shapers and for the que... Kris Phillips
04:35 PM Regression #12666: Default password warning is not displayed for new installs
The default password banner is present on 22.01.b.20220108.0600 Jordan G
04:25 PM Bug #12661: Increase Maximum Allowable Bandwidth on Limiters
I can confirm that setting a limiter of 5 gigabit produces the following error in the system logs:
/rc.filter_con... Kris Phillips
04:17 PM pfSense Plus Bug #12669 (Duplicate): Improvements to pkg update handling
Currently when a new pfSense release comes out pkg updates the repo files immediately so that the current stable rele... Kris Phillips
03:53 PM Revision 145b0a99: Final text string for product registration
Steve Beaver
03:21 PM Revision 22ef0707: Add product field to registration chec so that CE can be distinguished from Plus
Steve Beaver
01:03 PM Feature #12567 (Resolved): Add Dynamic DNS support for Name.com

Name.com is listed in Dynamic DNS
2.6.0.b.20220107.0600
 Alhusein Zawi
06:24 AM pfSense Packages Bug #12668 (Not a Bug): Clear System OS Boot Log removes Cypto information on Status Page
When I clear the System Log OS Boot and return to the System Status page Crypto information changes from "AES-NI CPU ... Jim Middleton
05:53 AM pfSense Packages Bug #12260: Update popup and version missmatch?
Possible workaround: Use a web-browser plugin like 'uBlock Origin' to select this 'popup' (it's a div actually) eleme... R. B.
01:27 AM Revision 2d5e802f: Add $cafile and $cafilesrc into the global variables list.
Luiz Souza
01:14 AM Revision 8fa84573: Copy the Netgate CA file to the proper place before start.
Luiz Souza

01/07/2022

08:15 PM pfSense Packages Bug #12260: Update popup and version missmatch?
+1 for this, if only to get rid of the unavoidable notification on every page load. Matt D
03:52 PM Revision 526e8425: Add help menu upgrade link
Steve Beaver
03:03 PM Revision 5165bfa5: Fix default password warning check. Fixes #12666
Use the existing function to check the password to avoid duplicating
effort. Jim Pingle
02:52 PM Regression #12605: ``diag_dump_states.php`` no longer filters by rule ID
Updating subject for release notes. Jim Pingle
02:46 PM Revision 3b067d80: Validate repo definition files before saving
Steve Beaver
01:04 PM Bug #12452: Port forward rules are not created for special networks (pppoe, openvpn)

Input validation prevented me to create a port forward with destination ANY on all interfaces( WAN,LAN....) and all... Alhusein Zawi
09:30 AM Feature #12665: Ability to add custom pf rules from the GUI
... Having thought further, I'm not sure merely appending the custom rules would give users the versality they need. ... Andrew -
05:01 AM Feature #12665 (New): Ability to add custom pf rules from the GUI
I'd be grateful if you could please consider adding the ability to specify custom pf rules from the GUI.
I'm envis... Andrew -
09:18 AM pfSense Packages Bug #12667 (Bogus): Firewall Crashed After Upgrading Wireguard
Upgraded wireguard from 0.1.5 to 0.1.5_3 and after the upgrade was complete firewall crashed. Kyle Sampson
09:15 AM Regression #12666 (Feedback): Default password warning is not displayed for new installs
Applied in changeset commit:5165bfa5e5e029c75239204b8cffff8d9d5ab6c5. Jim Pingle
09:05 AM Regression #12666: Default password warning is not displayed for new installs
Not a problem in a release, so exclude from release notes. Jim Pingle
08:57 AM Regression #12666 (In Progress): Default password warning is not displayed for new installs
Jim Pingle
08:56 AM Regression #12666 (Resolved): Default password warning is not displayed for new installs
Since the change to SHA-512 hash passwords in #10298 the warning banner that alerts the user they are using the defau... Jim Pingle
07:35 AM Bug #12664 (Rejected): URL table never updates
There isn't enough detail here to say what might be happening, and this site is not for support or diagnostic discuss... Jim Pingle
04:25 AM Bug #12664 (Rejected): URL table never updates
Hello,
I waited over 48 hours but my URL tables don't update anymore. When I manually click save without editing a... Bas de Vet

01/06/2022

06:56 PM Regression #12660: High CPU usage due to incorrect gateway on some policy routed states
To confirm the NAT hypothesis I added a NAT rule on that interface and the problem disappeared. So this appears to on... Jim Pingle
12:00 PM Regression #12660: High CPU usage due to incorrect gateway on some policy routed states
Further testing with Load Balancing showed the problem happens at a 3:2 and even a 1:1 ratio of weights for load bala... Jim Pingle
11:14 AM Regression #12660: High CPU usage due to incorrect gateway on some policy routed states
I made a commit which should make this a non-issue for failover groups (one gateway per tier) but it does still happe... Jim Pingle
04:26 PM Revision be84a4a4: Improve solo weighted GW in Failover. Issue #12660
If there is only one gateway to add in a macro definition, there is
no point in repeating the string based on the gat... Jim Pingle
03:02 PM Bug #12663 (Rejected): IPV6 Neighbor Solicitation not answered => No IPV6 possilbe ! TrueNas or pfSense?
This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
02:54 PM Bug #12663 (Rejected): IPV6 Neighbor Solicitation not answered => No IPV6 possilbe ! TrueNas or pfSense?
Hello,
I have multiple vlans between an TrueNAS-core system and pfSense. IPV6 does not work, due to a failing Neig... Louis B
02:42 PM pfSense Docs Correction #12662 (Closed): Interface Types and Configuration -> Limitations | Grammar
Fixed: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/2b2dfe70d64391b4331d1d9552645450c8766b93 Jim Pingle
12:46 PM pfSense Docs Correction #12662: Interface Types and Configuration -> Limitations | Grammar
https://docs.netgate.com/pfsense/en/latest/interfaces/index.html Christopher Cope
12:44 PM pfSense Docs Correction #12662 (Closed): Interface Types and Configuration -> Limitations | Grammar
The following sentence should have the bold section added.
"For example, the firewall may take much longer *to* c... Christopher Cope

01/05/2022

06:20 PM Revision ebd1a3e3: Update copyright year
Steve Beaver
06:17 PM Revision 23a71d17: Merge remote-tracking branch 'origin/master' into CE_Plus_Upgrade
Steve Beaver
03:47 PM Regression #12605 (Resolved): ``diag_dump_states.php`` no longer filters by rule ID
This looks good in the current snapshots. The link(s) works. The states are filtered as expected.
Tested:... Steve Wheeler
08:31 AM Regression #12605: ``diag_dump_states.php`` no longer filters by rule ID
For interested parties, the issue was caused by network byte order backpedaling being moved into libpfctl for state e... Christian McDonald
08:19 AM Regression #12605 (Feedback): ``diag_dump_states.php`` no longer filters by rule ID
Christian McDonald
02:14 PM pfSense Plus Bug #11626: Google LDAP connections fail due to lack of SNI for TLS 1.3
Looks like the ports tree is setup to where we can define the version to use without much fuss. It _may_ be as simple... Jim Pingle
02:09 PM Bug #12604: IPv6 interface prefix change not reflected in RADVD configuration
I couldn't replicate the issue on:... Danilo Zrenjanin
10:51 AM pfSense Plus Bug #12545 (Not a Bug): /etc/inc/led.inc functions are not doing the right thing on 6100
The LEDs on the 6100 and several other models are diven by GPIO and adjusted via a special script. They do not use th... Jim Pingle
08:53 AM Feature #12518 (New): Restore RRD and extra data from configuration backups when restoring during installation
This can be activated unintentionally on upgrade the way it is now. It looks like the installer made @/conf/installer... Jim Pingle
08:21 AM Regression #12660: High CPU usage due to incorrect gateway on some policy routed states
This appears to be related to the gateway "weight" advanced parameter. When the problem happens, the gateway in quest... Jim Pingle

01/04/2022

09:13 PM Bug #12661 (Needs Patch): Increase Maximum Allowable Bandwidth on Limiters
This is a continuation from the topic discussed on the forum here:
https://forum.netgate.com/topic/168866/maximum-... Timo M
06:20 PM Bug #9277 (Feedback): MBT-4220/2220: pfSense hangs when running sysctl -a
Tested this against 2.6 beta:... Steve Wheeler
03:23 PM Bug #9277 (Resolved): MBT-4220/2220: pfSense hangs when running sysctl -a
I committed a patch to hide the problematic sysctls when running sysctl -a, which should be good enough for the time ... Mateusz Guzik
05:44 PM Regression #12605: ``diag_dump_states.php`` no longer filters by rule ID
MR: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/165 Christian McDonald
04:56 PM pfSense Packages Feature #12658: Adding prometheus metrics to darkstat
Are you referring to following this process to submit a patch:
https://docs.freebsd.org/en/books/porters-handbook/... Karim Elatov
03:11 PM Bug #12548 (Resolved): Kernel panic in ``nd6_dad_timer()``
Pushed to devel-12 and plus-devel-12. Mateusz Guzik
03:06 PM Bug #12548: Kernel panic in ``nd6_dad_timer()``
I applied the change on top of devel-12 (needed minor editing because patch somehow failed to apply some of it).
h... Mateusz Guzik
02:48 PM Regression #12660 (Resolved): High CPU usage due to incorrect gateway on some policy routed states
It's not clear why, but sometimes pf is putting the interface address as the gateway on a state instead of the actual... Jim Pingle
02:20 PM Bug #12657 (Closed): "Skip rules when gateway is down" doesn't function on gateway down events until state is reset
Yes, that's still as expected. Once a state is established the state passes the traffic. Rules are not consulted agai... Jim Pingle
01:24 PM Bug #12657: "Skip rules when gateway is down" doesn't function on gateway down events until state is reset
Jim Pingle wrote in #note-2:
> This is almost certainly expected behavior. States are not touched when events happen... Kris Phillips
01:37 PM Revision f922a6b4: Update file name in comment
Steve Beaver
01:21 PM Revision 90f370a6: Merge branch 'mvc_refactor' of gitlab.netgate.com:pfsense/pfsense into mvc_refactor
Steve Beaver
01:20 PM Revision 8b8573cb: Merge recent changes in master
2 Steve Beaver
01:18 PM Revision 552b7b52: Refactor OpenVPNServer edit/duplicate for MVC
Steve Beaver
01:15 PM Revision 51077882: OpenVPNServer code refactored for MVC
Steve Beaver
01:15 PM Revision 2b11b002: Revert commit test
Steve Beaver
01:15 PM Revision e65562bb: Parse cert by passing index rather than cert.
Steve Beaver
01:15 PM Revision 837cf752: Initial refactoring of system_certmanager
Steve Beaver
01:15 PM Revision 3a8663f0: Commit test
Steve Beaver
12:07 PM Feature #4242: Two Factor or OTP Authentication for Admin Interface
That can be accomplished using the FreeRadius package.
# Install the FreeRADIUS package and configure it for OT... Danilo Zrenjanin
11:48 AM Bug #12584 (Resolved): ``rc.carpmaster`` only sends notifications via SMTP
Tested:... Danilo Zrenjanin
03:31 AM Bug #12588 (Resolved): Automatic rule tracker IDs incorrect after multiple filter reloads
Tested:... Danilo Zrenjanin
02:04 AM pfSense Packages Bug #11696 (Resolved): SquidGuard Disable "Groups ACL" no work
Tested on 21.05.2
I've created 10 different Group ACLs for 3 VM PCs I had (Ubuntu, Windows10 and Xubuntu).
After ... Azamat Khakimyanov

01/03/2022

06:40 PM Revision 283f9e8c: Disable DNS Resolver recursion if the selected outgoing interfaces are not available. Fixes #12460
Originally-By: Viktor Gurov Jim Pingle
06:31 PM Revision 1f3baf61: Revert "Use OpenVPN async client-connect, clear stale rules, add option to limit connections per user. Implements #12407 and #12332 and #12267"
This reverts commit 7aaa20d95a345c4688e8786c755c7d0433451688. Jim Pingle
05:50 PM Revision fc53bed4: Fix "assignement" typo. Fixes #12383
Jim Pingle
04:17 PM Feature #11927 (Feedback): Allow DHCP not to serve a gateway - small fix
This appears to be complete in 2.5.2.
A new feature request should be opened for similar function in Static Mappin... Steve Wheeler
02:11 PM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler
Never done it before but I should be able to. I have a test setup I can run it on. Anonymous
12:32 PM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler
I diagnosed the problem and wrote a patch for it, but don't heavy easy means to test:... Mateusz Guzik
12:50 PM Bug #12460: Unbound falls back to using all outgoing network interfaces if manually selected outgoing interface(s) are unavailable
Applied in changeset commit:283f9e8cbe7274db84aeb31e0c6166608c2ff087. Jim Pingle
12:45 PM Bug #12460 (Feedback): Unbound falls back to using all outgoing network interfaces if manually selected outgoing interface(s) are unavailable
New MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/544
Merged. Jim Pingle
12:49 PM Feature #12407 (New): Use deferred client connections in OpenVPN
Jim Pingle
12:45 PM Feature #12407 (Feedback): Use deferred client connections in OpenVPN
Applied in changeset commit:1f3baf61c1647ffcfbc6b6e26132d3ce56abeb96. Jim Pingle
12:36 PM Feature #12407: Use deferred client connections in OpenVPN
Commit reverted. We can revisit this in the next release. Jim Pingle
12:23 PM Feature #12407 (New): Use deferred client connections in OpenVPN
The commit for this, commit:7aaa20d95a345c4688e8786c755c7d0433451688 , broke static IP address assignments from RADIUS. Jim Pingle
12:37 PM Bug #12076 (Feedback): OpenVPN RADIUS-based firewall rules do not use expected value for RADIUS-assigned IP addresses
The above commit has been reverted. Please test this issue again on the next new snapshot, or on a snapshot with that... Jim Pingle
12:23 PM Bug #12076: OpenVPN RADIUS-based firewall rules do not use expected value for RADIUS-assigned IP addresses
The static addresses were broken by commit:7aaa20d95a345c4688e8786c755c7d0433451688 which is related to #12407 / #123... Jim Pingle
12:36 PM Bug #12332: OpenVPN does not clear old Cisco-AVPair anchor rules in some cases
Commit reverted. We can revisit this in the next release. Jim Pingle
12:22 PM Bug #12332 (New): OpenVPN does not clear old Cisco-AVPair anchor rules in some cases
The commit for this, commit:7aaa20d95a345c4688e8786c755c7d0433451688 , broke static IP address assignments from RADIUS. Jim Pingle
12:36 PM Feature #12267: OpenVPN option to limit concurrent connections per user
Commit reverted. We can revisit this in the next release. Jim Pingle
12:22 PM Feature #12267 (New): OpenVPN option to limit concurrent connections per user
The commit for this, commit:7aaa20d95a345c4688e8786c755c7d0433451688 , broke static IP address assignments from RADIUS. Jim Pingle
12:00 PM Bug #12383: Typos in interfaces_assign.php configuration change description strings
Applied in changeset commit:fc53bed4c086866394771950b4e5b51ad953d59e. Jim Pingle
11:52 AM Bug #12383 (Feedback): Typos in interfaces_assign.php configuration change description strings
Fixed in a new PR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/542
 Jim Pingle
11:58 AM Regression #12549: Per-user Mobile IPsec settings are not applied to connecting mobile clients
A user testing this patch mentioned that after some days, the client received a different IP assigned reserved for a ... Marcos M
11:58 AM Todo #12431: GUI pages should use ``POST`` for AJAX calls, not ``GET``
Need more comprehensive testing. Jim Pingle
11:41 AM Feature #12518 (Feedback): Restore RRD and extra data from configuration backups when restoring during installation
Already merged. Jim Pingle
11:40 AM Bug #12635 (Feedback): PHP: Error generated when backing up a config file with SSH disabled
Already merged. Jim Pingle
09:31 AM Regression #12605: ``diag_dump_states.php`` no longer filters by rule ID
Looks like we are passing in the ruleid to the @pfSense_get_pf_states();@ function in the pfSense module correctly, b... Jim Pingle
08:28 AM pfSense Docs Correction #12659 (Resolved): Correct inaccuracies in configuring Flow Control for ``ix`` and ``ixl`` interfaces
*Page:* https://docs.netgate.com/pfsense/en/latest/hardware/tune.html
*Feedback:*
The entry for Flow Control for ... Andreas Gunnarsson
07:54 AM pfSense Packages Feature #12658: Adding prometheus metrics to darkstat
If the FreeBSD port for Darkstat is out of date, the proper procedure is to ask the FreeBSD port maintainer to update... Jim Pingle
07:50 AM Bug #12657 (Feedback): "Skip rules when gateway is down" doesn't function on gateway down events until state is reset
This is almost certainly expected behavior. States are not touched when events happen unless the user has enabled the... Jim Pingle
07:47 AM Bug #9572 (Closed): uPNP not working - miniupnpd needs an update, reporting "interface index not matching", which has been fixed upstream
Jim Pingle
07:47 AM Bug #6369 (Closed): Config without mouse not possible
Jim Pingle
07:05 AM Bug #12654 (Feedback): Nat issue after 20211220 version
This looks to have been an edge case caused by enabling RSS. Possibly a race condition.
RSS is now disabled in curre... Steve Wheeler

01/02/2022

03:56 PM pfSense Packages Feature #12658 (Closed): Adding prometheus metrics to darkstat
I wanted to get *darkstat* metrics in *prometheus* and it looks like a new commit (in 2017) has been created in the o... Karim Elatov
11:41 AM pfSense Packages Todo #12354 (Pull Request Review): Update haproxy-devel to mitigate CVE-2021-40346
This patch results in the following warning when starting @haproxy@:... Marcos M
01:05 AM Revision 8f2f85c3: Update the Copyright year of the files owned by Rubicon/Netgate.
Luiz Souza

01/01/2022

11:13 AM Bug #12657: "Skip rules when gateway is down" doesn't function on gateway down events until state is reset
The plot thickens:
When I kill the gateway and look at my firewall rules for matches, it's not actually matching o... Kris Phillips
10:47 AM Bug #12657 (Closed): "Skip rules when gateway is down" doesn't function on gateway down events until state is reset
Testing environment:
Inside subnet: 192.168.5.0/24
Host: 192.168.5.20
System --> Advanced --> Misc --> "Skip rul... Kris Phillips
12:31 AM Feature #7626: Add IPoE support for WAN
Does anyone know if selecting using DHCP will solve the need to select IPoE?
Or is there an IPoE option in the works... Anonymous

12/31/2021

06:02 PM Bug #9572: uPNP not working - miniupnpd needs an update, reporting "interface index not matching", which has been fixed upstream
pfSense Plus 21.05.2, which is our current stable release, runs the following version:
miniupnpd 2.2.1 Oct 20 2021... Kris Phillips
05:58 PM pfSense Packages Bug #8516: FreeRADIUS requires settings re-saved after pfSense upgrade
Is FreeRADIUS communicating on a VIP in your configuration or using the actual interface IP? There is a bug for VIPs... Kris Phillips
05:55 PM Bug #8113: MTU setting on bridge, openvpn clients ignored
OpenVPN's MTU is set by a command passed to the client/server, not on the interface itself.
As for bridge interfac... Kris Phillips
05:47 PM Bug #7400: Traffic Graphs show bad data on 2.3.3_1
I'm not able to reproduce any issues here in pfSense Plus 21.05.2 or pfSense CE 2.5.2. Graphs look normal to me. Kris Phillips
05:44 PM Bug #6993: OpenVPN status error during CARP state transition
If this is still relevant, you can likely work around this by setting the VIP that you're using for OpenVPN to also b... Kris Phillips
05:40 PM Bug #7113: Interface name in Traffic Graphs
Not sure this is a bug. This seems to be by design that the "friendly name" would be displayed. What purpose would h... Kris Phillips
05:36 PM Bug #6369: Config without mouse not possible
Tested in Firefox on pfSense Plus 21.05.2. I can select all of these fields with just the keyboard and change them wi... Kris Phillips
05:30 PM Bug #4345: Traffic Shaping doesn't work with Xen netfront driver
This should be retested. There is a lot of kernel changes and Xen improvements in the FreeBSD kernel in the last 6 ye... Kris Phillips
05:21 PM Bug #5629: Allow for IPsec configuration using certs without a CA
This is only necessary for self-signed certs. Not sure what the functional benefit of removing the CA requirements w... Kris Phillips
04:19 PM pfSense Packages Feature #11130: FRR RIP support
After performing the workaround in https://redmine.pfsense.org/issues/12653, I am able to successfully exchange route... Max Leighton
03:42 PM pfSense Packages Bug #11391 (Resolved): Zeek crashes on 2.5.0
Tested with Zeek 3.0.6_3
The service starts successfully without any crashes. Marking the ticket resolved. Max Leighton
01:20 PM Bug #12632: Changing an interface IP address and gateway at the console does not save the new gateway if one already exists for the interface
I tested again, against the same version:... Danilo Zrenjanin
10:35 AM Bug #12632 (Feedback): Changing an interface IP address and gateway at the console does not save the new gateway if one already exists for the interface
Danilo Zrenjanin
06:09 AM Bug #12632 (Resolved): Changing an interface IP address and gateway at the console does not save the new gateway if one already exists for the interface
Tested against:... Danilo Zrenjanin
01:06 PM pfSense Packages Bug #12423: Dashboard shows "SQLite database missing, Force Reload DNSBL to recover!"
So is this in pfBlockerNG-devel 3.1.0 or not yet released? Sean McBride
10:27 AM pfSense Packages Feature #12656 (New): NextDNS
NetDNS package and the the ability to change setting, especially the configuration file via the web gui.
 Abdul Khaliq
04:54 AM Bug #12637 (Resolved): Incorrect SSH key permission after restore
Tested against:... Danilo Zrenjanin

12/30/2021

08:01 PM Revision 7034ac09: Create port forward rules for PPPoE Servers interface. Fixes #12452
Viktor Gurov
05:51 PM pfSense Packages Bug #12655 (New): telegraf, wireguard plugin failing
Hi,
I'm trying to use the Wireguard plugin for telegraf, more info on the plugin here,
https://github.com/influxd... Russell Morris
02:51 PM pfSense Packages Bug #12443 (Feedback): DNSBL Category ```Enable All``` button not working
Merged Viktor Gurov
02:50 PM pfSense Packages Bug #12423 (Feedback): Dashboard shows "SQLite database missing, Force Reload DNSBL to recover!"
Merged Viktor Gurov
02:49 PM pfSense Packages Bug #12414 (Feedback): DNSBL SafeSearch page displays input validation error if DoH / DoT blocking is not enabled
Merged Viktor Gurov
02:33 PM pfSense Packages Feature #10818: UDP Broadcast Relay
MILO MEDIN wrote in #note-7:
> Is there any work going on to integrate this? I have a problem with chromecast audio... Axel Taferner
12:20 PM pfSense Packages Feature #10818: UDP Broadcast Relay
Is there any work going on to integrate this? I have a problem with chromecast audio groups that this would fix (tha... MILO MEDIN
02:25 PM Bug #12452 (Feedback): Port forward rules are not created for special networks (pppoe, openvpn)
Applied in changeset commit:7034ac0946c63f77708f28643f5efc8fb0fe96a1. Viktor Gurov
02:02 PM Bug #12452 (Pull Request Review): Port forward rules are not created for special networks (pppoe, openvpn)
Jim Pingle
12:12 PM Bug #12452: Port forward rules are not created for special networks (pppoe, openvpn)
extra fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/541 Viktor Gurov
01:26 PM Bug #12626: Router Advertisement DNS search domain from one interface may unintentionally be used by other interfaces
Updating subject for release notes. Jim Pingle
01:20 PM Feature #11750: Support for network interfaces using the ``qlnxe`` driver
Updating subject for release notes. Jim Pingle
01:19 PM Regression #12631: Dynamic DNS may not use the correct interface when updating during failover
Updating subject for release notes. Jim Pingle
01:06 PM pfSense Packages Bug #12482 (Resolved): Outdated doc links
Tested against:... Danilo Zrenjanin
12:43 PM Bug #12585 (Resolved): ``rc.notify_message`` only sends notifications via SMTP
Tested against:... Danilo Zrenjanin
11:40 AM Bug #12651: ``nginx`` logs an error that the port is already in use when restarting Captive Portal services
fixed in https://gitlab.netgate.com/pfSense/pfSense/-/commit/86b5382c97fd8cb965a7dc74cd12d94ab3a3af9c#a8c0c118e374175... Viktor Gurov
11:19 AM pfSense Packages Feature #12646 (Resolved): FRR: Feature request: Expose "nht resolve-via-default" in GUI
Tested against:... Danilo Zrenjanin
10:35 AM pfSense Docs Todo #12627 (Closed): Feedback on pfSense Configuration Recipes — WireGuard Site-to-Site VPN Configuration Example
Merged this a few days ago Jim Pingle
09:40 AM pfSense Packages Bug #12206 (Feedback): Certificate Manager page doesn't show Net-SNMP used certificates
Merged Viktor Gurov
08:57 AM pfSense Packages Bug #12206 (Pull Request Review): Certificate Manager page doesn't show Net-SNMP used certificates
Jim Pingle
09:37 AM Bug #12654: Nat issue after 20211220 version
This appears to affect any traffic using outbound NAT from an IP on the firewall itself. So, for example, localhost:
... Steve Wheeler
08:49 AM Bug #12654 (Resolved): Nat issue after 20211220 version
Upgrading to version 20211220+ results in loss of pfSense box internet connection *if Outbound NAT Source "any" is us... Viktor Gurov
09:10 AM pfSense Packages Bug #12623: acme.sh package | DNS-ISPConfig settings
upstream fix:
https://github.com/acmesh-official/acme.sh/pull/3868 Viktor Gurov
08:37 AM pfSense Packages Regression #12653 (Feedback): RIP related startup error
Merged Viktor Gurov
07:31 AM pfSense Packages Regression #12653 (Pull Request Review): RIP related startup error
Jim Pingle
04:35 AM pfSense Packages Regression #12653: RIP related startup error
workaround:... Viktor Gurov
04:23 AM pfSense Packages Regression #12653 (Resolved): RIP related startup error
... Viktor Gurov
07:36 AM Bug #11984 (Pull Request Review): Automatic Outbound NAT mode can create incorrect rules in some cases
Jim Pingle
06:22 AM Bug #11984: Automatic Outbound NAT mode can create incorrect rules in some cases
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/540 Viktor Gurov
07:31 AM Bug #12652 (Not a Bug): Firewall Alias: Fatal Error - Upgrade from 2.5.0 to 2.5.2
You have a problem with your installation, that isn't from a bug.
This site is not for support or diagnostic discu... Jim Pingle
03:58 AM Bug #12652 (Not a Bug): Firewall Alias: Fatal Error - Upgrade from 2.5.0 to 2.5.2
After upgrading, I saw some errors in the notifications (Attached screenshots).
I can no longer edit my existing A... Kyle Keagy
07:29 AM Regression #12183: Changing MAC address for PPP parent interface stopped working
That page doesn't mention spoofing the MAC now, and needing to spoof it with PPPoE is so rare I don't think that it's... Jim Pingle
03:55 AM Regression #12183: Changing MAC address for PPP parent interface stopped working
Jim Pingle wrote in #note-1:
> That was changed in #11387 to prevent the field from being set on interfaces which do... Viktor Gurov
04:45 AM Bug #12638: Telegram notification is broken
related to https://forum.netgate.com/topic/168768/nat-issue-after-20211220-version Viktor Gurov
04:17 AM Bug #6289: IPv6 address not given to track6 interfaces on create
dhcp6c needs to be restarted to add and a new track interface to dhcp6c.conf Viktor Gurov
04:06 AM Bug #9471 (Feedback): GIF tunnel not added to interface group after reboot
Could you test it on the latest development snapshot? Viktor Gurov
04:00 AM Bug #11872: gif interfaces reporting incorrect traffic counters
Maybe related to #11759 Viktor Gurov
04:00 AM Bug #11759: Traffic graphs on dashboard double upload on pppoe links
net blues wrote in #note-3:
> It happens when comparing pppoe traffic and physical interface. Physical shows correct... Viktor Gurov
03:44 AM pfSense Packages Regression #12643: Rule categories are cleared after clicking the save button on the Global Settings page
Marcos Mendoza wrote in #note-4:
> I still see the following issue noted in the related bug report:
> 1) The @Delet... Viktor Gurov

12/29/2021

06:44 PM Revision 50907bc8: Revise OpenVPN server save functions for MVC
Steve Beaver
04:06 PM Revision f840fb17: Refactor OpenVPNServer edit/duplicate for MVC
Steve Beaver
02:17 PM Revision 7161c4e0: OpenVPNServer code refactored for MVC
Steve Beaver
01:50 PM Feature #11790 (Rejected): Support hiding interface groups via special tag
Closing in response to discussion in the github merge request. Christian McDonald
01:43 PM Bug #11494 (Rejected): Wireguard interface sends ICMP Redirect when routing between two peers
Unable to replicate.
We can revisit if someone can demonstrate that this issue is still valid. Christian McDonald
11:55 AM Bug #12651 (Closed): ``nginx`` logs an error that the port is already in use when restarting Captive Portal services
After restarting Captive Portal on the Status / Services page or via clicking the restart icon, an error occurs:
<pr... Viktor Gurov
10:21 AM pfSense Packages Feature #12646 (Feedback): FRR: Feature request: Expose "nht resolve-via-default" in GUI
Merged Viktor Gurov
09:53 AM Revision 49eba660: Fix SSH keys permissions on restore. Fixes #12637
Viktor Gurov
09:36 AM pfSense Packages Bug #10937 (Feedback): HAProxy frontend and backend entry limit
Merged Viktor Gurov
07:51 AM pfSense Packages Bug #10937 (Pull Request Review): HAProxy frontend and backend entry limit
Jim Pingle
04:14 AM pfSense Packages Bug #10937: HAProxy frontend and backend entry limit
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/159 Viktor Gurov
06:06 AM pfSense Packages Feature #11130 (Feedback): FRR RIP support
Merged Viktor Gurov
06:03 AM pfSense Packages Bug #12386 (Feedback): ```bgp as-path``` and ```bgp community-list``` are present in configuration even when BGP daemon is not enabled
Merged Viktor Gurov
04:57 AM pfSense Plus Bug #12607: Instability with Snort Inline with AWS Instances
Need to test with the latest 22.01/2.6 snapshot - ena(4) updated from 2.2.0 to 2.4.1 in FreeBSD 12.3
see https://www... Viktor Gurov
04:39 AM pfSense Packages Bug #12205 (Feedback): Certificate Manager page doesn't show Squid used certificates
Merged Viktor Gurov
04:33 AM pfSense Packages Bug #12339 (Feedback): SyslogNG PHP errors after starting the service
Merged Viktor Gurov
04:00 AM Bug #12637 (Feedback): Incorrect SSH key permission after restore
Applied in changeset commit:49eba6609d52d9fca416fd487937c37f1daf98dc. Viktor Gurov
03:54 AM Bug #12649: Allowed IP/Hostname "Direction" option is never used
fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/539 Viktor Gurov

12/28/2021

08:52 PM pfSense Packages Regression #12643: Rule categories are cleared after clicking the save button on the Global Settings page
Tested the patch and it works well; the categories no longer reset.
I still see the following issue noted in the r... Marcos M
01:17 PM Bug #12649 (Closed): Allowed IP/Hostname "Direction" option is never used
The "Direction" (@dir@ in config) is never used in the @captiveportal_allowedip_configure_entry()@:
https://github.c... Viktor Gurov
12:50 PM Revision 1fa4c473: Do not update Dynamic DNS if the public IP address cannot be determined. Fixes #12617
Viktor Gurov
11:55 AM Bug #11285 (Closed): Kernel crash on ALTQ-enabled wg interfaces
The current validation logic in traffic shaper prevents enabling traffic shaping on tun_wgN interfaces built by the W... Christian McDonald
11:41 AM Bug #11613 (Rejected): Pushing WireGuard traffic out a specific GW using static routes requires a reboot to revert.
This is no longer an issue. Christian McDonald
11:41 AM Bug #11450 (Rejected): Problem with IPv6 netmask /128 in WireGuard
Unable to reproduce with current WireGuard implementation. Christian McDonald
10:44 AM Bug #12648: Undocumented variables 'listenporthttp' and 'listenporthttps'
another port overlap issue - #5786 Viktor Gurov
10:06 AM Bug #12648: Undocumented variables 'listenporthttp' and 'listenporthttps'
I seem to recall that was intentional, as it let people who really needed to adjust it do so by altering config.xml b... Jim Pingle
09:59 AM Bug #12648 (New): Undocumented variables 'listenporthttp' and 'listenporthttps'
It's not possible to set the variables 'listenporthttp' and 'listenporthttps' via WebGUI
and there is no mention in ... Viktor Gurov
07:28 AM pfSense Docs Correction #12647 (Rejected): Feedback on Virtual Private Networks — IPsec — IPsec Configuration
Already fixed in the staged docs a while ago.
http://stage-v22.01.docs.netgate.com/pfsense/en/latest/vpn/ipsec/con... Jim Pingle
03:49 AM pfSense Docs Correction #12647: Feedback on Virtual Private Networks — IPsec — IPsec Configuration
https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/28 Viktor Gurov
03:40 AM pfSense Docs Correction #12647: Feedback on Virtual Private Networks — IPsec — IPsec Configuration
see https://redmine.pfsense.org/projects/pfsense/repository/1/revisions/81949bee72813bbd8b57b75563cd40b9cdaf68e0 Viktor Gurov
03:38 AM pfSense Docs Correction #12647 (Rejected): Feedback on Virtual Private Networks — IPsec — IPsec Configuration
*Page:* https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/configure.html
*Feedback:*... Viktor Gurov
07:25 AM pfSense Packages Feature #12646 (Pull Request Review): FRR: Feature request: Expose "nht resolve-via-default" in GUI
Jim Pingle
04:19 AM pfSense Packages Feature #12646: FRR: Feature request: Expose "nht resolve-via-default" in GUI
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/158 Viktor Gurov
07:25 AM Regression #12617 (Feedback): Dynamic DNS client updates using a private IP address when it cannot determine the public IP address
Applied in changeset commit:1fa4c4731bca54652becfb6737bdc3ea8851d6b7. Viktor Gurov
07:11 AM Regression #12617 (Pull Request Review): Dynamic DNS client updates using a private IP address when it cannot determine the public IP address
Jim Pingle
06:52 AM Regression #12617: Dynamic DNS client updates using a private IP address when it cannot determine the public IP address
same fix for DynDNS (non-RFC2136):
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/538 Viktor Gurov
07:12 AM Todo #12624 (Pull Request Review): Reorganize UPnP options
Jim Pingle
05:58 AM Todo #12624: Reorganize UPnP options
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/537 Viktor Gurov

12/27/2021

11:40 PM pfSense Packages Feature #12646 (Resolved): FRR: Feature request: Expose "nht resolve-via-default" in GUI
Multiple scenarios exist where frr.conf needs to contain
@!
ip nht resolve-via-default
ipv6 nht resolve-via-def... M Felden
03:28 PM Bug #12645 (Pull Request Review): ``filterdns`` does not monitor remote IPsec gateways for IPv6 address changes
Jim Pingle
01:35 PM Bug #12645: ``filterdns`` does not monitor remote IPsec gateways for IPv6 address changes
fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/535 Viktor Gurov
01:18 PM Bug #12645 (Resolved): ``filterdns`` does not monitor remote IPsec gateways for IPv6 address changes
if Internet Protocol = IPv6 and Remote Gateway is FQDN, IPv6 address changes are not tracked
@add_hostname_to_watch(... Viktor Gurov
03:02 PM Revision dd00c97d: Remove keeping old packages
We thought this would be useful if we needed to switch back to an
older version of the repo, but we have never used i... Brad Davis
02:36 PM Revision c3474eef: Ignore DynDNS requestif for non-custom providers. Fixes #12631
Viktor Gurov
02:25 PM Revision 8a6fea89: Use installer_copied_config as an extra data restore trigger. Issue #12518
Viktor Gurov
02:08 PM pfSense Docs Todo #12639 (Feedback): Feedback on System Monitoring — System Logs
I cleaned up quite a few outdated clog references and other related info, and updated things to refer to plain text l... Jim Pingle
12:23 PM pfSense Packages Bug #12424 (Resolved): OpenVPN silent install uses incorrect parameters
Works well - tested on Windows 10x64. Marcos M
12:16 PM pfSense Packages Bug #12642 (Feedback): suricata_get_vpns_list() does not include OpenVPN CSO
Merged Viktor Gurov
04:16 AM pfSense Packages Bug #12642: suricata_get_vpns_list() does not include OpenVPN CSO
https://github.com/pfsense/FreeBSD-ports/pull/1132 Viktor Gurov
03:49 AM pfSense Packages Bug #12642 (Resolved): suricata_get_vpns_list() does not include OpenVPN CSO
"Pass List -> Auto-Generated IP Addresses -> VPN Addresses" does not include OpenVPN Client Specific Override
sam... Viktor Gurov
12:16 PM pfSense Packages Regression #12643 (Feedback): Rule categories are cleared after clicking the save button on the Global Settings page
Merged Viktor Gurov
05:54 AM pfSense Packages Regression #12643: Rule categories are cleared after clicking the save button on the Global Settings page
fix:
https://github.com/pfsense/FreeBSD-ports/pull/1133 Viktor Gurov
04:25 AM pfSense Packages Regression #12643 (Resolved): Rule categories are cleared after clicking the save button on the Global Settings page
After clicking the save button on the Global Settings page all rule categories are removed from all interfaces
and I... Viktor Gurov
10:15 AM Regression #12631 (Feedback): Dynamic DNS may not use the correct interface when updating during failover
Applied in changeset commit:c3474eef834d4b77631e961c5569254a8094b12f. Viktor Gurov
08:14 AM Regression #12631 (Pull Request Review): Dynamic DNS may not use the correct interface when updating during failover
Jim Pingle
10:06 AM pfSense Docs Todo #12634 (Closed): Feedback on Services — DNS Resolver — Host Overrides
Fixed: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/5e6d2a97ad2cf84ff4cbdef07da85799285572e7 Jim Pingle
09:32 AM pfSense Docs Correction #12540 (Duplicate): Feedback on pfSense Configuration Recipes — WireGuard Site-to-Site VPN Configuration Example
Will be tracking as https://redmine.pfsense.org/issues/12627
Closing as duplicate. Christian McDonald
09:28 AM pfSense Docs Todo #12627 (Pull Request Review): Feedback on pfSense Configuration Recipes — WireGuard Site-to-Site VPN Configuration Example
Christian McDonald
09:28 AM pfSense Docs Todo #12627: Feedback on pfSense Configuration Recipes — WireGuard Site-to-Site VPN Configuration Example
Fixed here: https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/27
Also added some clarification in respon... Christian McDonald
08:49 AM pfSense Docs Todo #12627: Feedback on pfSense Configuration Recipes — WireGuard Site-to-Site VPN Configuration Example
That does appear to be a typo, thanks for letting us know! Jim Pingle
09:26 AM pfSense Docs Correction #12644 (Duplicate): WireGuard S2S Recipe Corrections
(Closed as duplicate of https://redmine.pfsense.org/issues/12627) Christian McDonald
09:11 AM pfSense Docs Correction #12644: WireGuard S2S Recipe Corrections
https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/27 Christian McDonald
09:09 AM pfSense Docs Correction #12644 (Duplicate): WireGuard S2S Recipe Corrections
# Fixed some typos concerning the tunnel subnet.
# Added a few notes concerning RFC5737 addresses and routing. Christian McDonald
08:41 AM pfSense Plus Bug #12641 (Not a Bug): OpenVPN GUI Config Editor removes newlines of "Custom options" field in parsing
This is expected behavior and not a bug. As stated in the text under that field and in the documentation, directives ... Jim Pingle
08:29 AM Feature #12636 (Pull Request Review): Automatically create DNS Resolver ACLs for OpenVPN CSO entries
Jim Pingle
08:20 AM Bug #12637 (Pull Request Review): Incorrect SSH key permission after restore
Jim Pingle
08:18 AM Feature #12518 (Pull Request Review): Restore RRD and extra data from configuration backups when restoring during installation
Jim Pingle
08:17 AM Bug #12635 (Pull Request Review): PHP: Error generated when backing up a config file with SSH disabled
Jim Pingle
08:15 AM Bug #12633 (Pull Request Review): Gateway monitoring should mark gateway as "offline" on PPPoE parent interface disconnect
Jim Pingle
08:12 AM Bug #12630 (Not a Bug): States are always created on the default gateway interface.
This is the expected behavior. The outgoing interface is chosen by the operating system routing table and can't be in... Jim Pingle
08:00 AM Feature #9544: Enable ``ROUTE_MPATH`` multipath routing
If that is the case, then we'll pick it up naturally when we rebase onto 13.x or later and we can close this at that ... Jim Pingle
07:55 AM Bug #12628 (Pull Request Review): OpenVPN re-synchronization also synchronizes override entries unnecessarily in some cases
Jim Pingle
07:52 AM Feature #12392 (Pull Request Review): Allow the selection of "any" interface in floating rules
Jim Pingle
07:51 AM Bug #11864 (Pull Request Review): OpenVPN stays bound to previous IP address after interface changes
Jim Pingle
07:47 AM Feature #8861 (Pull Request Review): Show SFP module details on ``status_interfaces.php``
Jim Pingle
03:28 AM Bug #12640 (Duplicate): problem with ssh host key permissions after restore from backup, sshd fails to start
Duplicate of #12637 Viktor Gurov

12/26/2021

03:22 PM pfSense Plus Bug #12641 (Not a Bug): OpenVPN GUI Config Editor removes newlines of "Custom options" field in parsing
# Create an OpenVPN Server using the UI with multiple "custom options", e.g. two Push directives like... Sebastian Wagner
09:09 AM Bug #12640 (Duplicate): problem with ssh host key permissions after restore from backup, sshd fails to start
_figured this should be on redmine, so this is a xpost from https://forum.netgate.com/topic/168618/22-01-problem-with... → luckman212
08:46 AM pfSense Docs Todo #12639 (Closed): Feedback on System Monitoring — System Logs
*Page:* https://docs.netgate.com/pfsense/en/latest/monitoring/logs/index.html
*Feedback:*
The content of the 3r... Steve Tremayne

12/25/2021

02:42 PM pfSense Packages Feature #6651: Loopback interfaces

lo0/Loopback is added
https://redmine.pfsense.org/issues/11186 Alhusein Zawi
12:34 PM pfSense Docs Correction #12469 (Resolved): Automatic outbound NAT rules are applied to the WG interface
Tested against:... Danilo Zrenjanin
11:01 AM Feature #11750 (Resolved): Support for network interfaces using the ``qlnxe`` driver
Tested against:... Danilo Zrenjanin
07:16 AM Bug #12632: Changing an interface IP address and gateway at the console does not save the new gateway if one already exists for the interface
seems to be fixed in #11581
please test on the latest development snapshot Viktor Gurov

12/24/2021

12:38 PM Bug #12638 (Closed): Telegram notification is broken
not an issue, something wrong with my appliance Viktor Gurov
12:31 PM Bug #12638: Telegram notification is broken
fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/534 Viktor Gurov
12:27 PM Bug #12638 (Closed): Telegram notification is broken
Error message:... Viktor Gurov
11:11 AM Feature #12636: Automatically create DNS Resolver ACLs for OpenVPN CSO entries
fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/533 Viktor Gurov
10:27 AM Feature #12636 (Resolved): Automatically create DNS Resolver ACLs for OpenVPN CSO entries
DNS Resolver creates ACLs OpenVPN client/server IPv4/IPv6 tunnel networks entries,
but not for Client Specific Overr... Viktor Gurov
10:53 AM Bug #12637: Incorrect SSH key permission after restore
fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/532 Viktor Gurov
10:49 AM Bug #12637 (Resolved): Incorrect SSH key permission after restore
restore_sshdata() must set 600 permission mode for *_key files:... Viktor Gurov
09:24 AM pfSense Packages Feature #6651 (Feedback): Loopback interfaces
Merged Viktor Gurov
09:23 AM pfSense Packages Bug #12420 (Resolved): rc file is not deleted
Tested with PIMD 0.0.3_5
/usr/local/etc/rc.d/pimd.sh is removed when the service is disabled. Marking the ticket r... Max Leighton
08:49 AM Feature #12518: Restore RRD and extra data from configuration backups when restoring during installation
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-src/-/merge_requests/43
https://gitlab.netgate.com/pfSense/pfSe... Viktor Gurov
07:03 AM Feature #12518: Restore RRD and extra data from configuration backups when restoring during installation
bsdinstaller does not create the '/cf/conf/trigger_restore_config_after_bsdinstall' file for some reason (https://git... Viktor Gurov
05:57 AM pfSense Packages Bug #12206: Certificate Manager page doesn't show Net-SNMP used certificates
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/157 Viktor Gurov
01:33 AM Revision 407c9036: Merge branch 'pfsense:master' into master
Harley Peters
 

Also available in: Atom