Activity

30 days up to

User

Subprojects

Activity

From 01/11/2022 to 02/09/2022

02/09/2022

11:17 PM Bug #8179: Incorrect reverse DNS zone in DHCP server config for non-octet-aligned subnet mask: OMG for 4 years they cannot add custom block to DHCP config. Unbelievable level of support! Vyacheslav Kononenko
10:29 PM Bug #12779 (Duplicate): Bogus domain generated for reverse DDNS when network mask is custom (not 24 16 or 8): Duplicate of #8179 Jim Pingle
06:43 PM Bug #12779 (New): Bogus domain generated for reverse DDNS when network mask is custom (not 24 16 or 8): I have network with 192.168.100.0/23 which would include hosts from 192.168.100 and 192.168.101. In such configuratio... Vyacheslav Kononenko
05:52 PM pfSense Packages Feature #10818: UDP Broadcast Relay: Hello Viktor Gurov, is there any ETA for this package to be merged into pfSense? It seems the GitLab linked does not ... James M
04:43 PM pfSense Packages Feature #12329: Add optional floating firewall rules for IPv4 and IPv6: Offstage Roller wrote in #note-1:
> Update to the original description, the destination for IPv4 would be better if ... Alan Wilson
03:19 PM Regression #12745 (Resolved): AutoConfigBackup does not delete temporary encrypted configuration files from ``/tmp``: Tested on... Christopher Cope
02:55 PM Bug #12778 (Rejected): OpenVPN Widget doesn't show logged in users: Logged-in users are correctly displayed on the dashboard here. There isn't nearly enough information to determine why... Jim Pingle
02:52 PM Bug #12778 (Rejected): OpenVPN Widget doesn't show logged in users: Version: 2.6.0-RC (amd64) built on Mon Jan 24 18:44:12 UTC 2022
Expected behaviour:
Users logged into VPN are sh... Peter Pain
12:26 PM pfSense Packages Bug #12777 (Resolved): STunnel writes config.xml on each start: This can flood ACB:... Viktor Gurov
12:09 PM Feature #12776 (Duplicate): Allow Multiple Subnets for DHCP Server: Duplicate of #2323 and some overlap with #2774
Jim Pingle
11:59 AM Feature #12776 (Duplicate): Allow Multiple Subnets for DHCP Server: Customer requested feature:
To be able to have pfSense handle multiple subnets on the same interface for the DHCP ... Kris Phillips
10:49 AM Bug #12774: Picture widget image is not saved in backup: But we can only backup image data if the "Include extra data" option is checked. Viktor Gurov
10:17 AM Bug #12774: Picture widget image is not saved in backup: That was an intentional change. See commit:1f0bbb13abd34ad06aa9272516b13a5c17a1dc08
Maybe we could suppress the pi... Jim Pingle
10:03 AM Bug #12774 (New): Picture widget image is not saved in backup: After restoring from a backup, the dashboard "picture widget" image is blank Viktor Gurov
10:43 AM pfSense Plus Bug #12759: Proprietary packages link to non-existant or non-public github pages: The other issue isn't really related. They are two distinct problems that wouldn't have a common solution.
This on... Jim Pingle
10:19 AM pfSense Plus Bug #12759: Proprietary packages link to non-existant or non-public github pages: Viktor Gurov wrote in #note-1:
> See also #9755
I understand Jim's comments on that redmine, but it seems since w... Kris Phillips
10:15 AM Bug #12775 (Pull Request Review): NTP service is not listed on ``status_services.php`` unless ``config.xml`` contains NTP configuration data: MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/607 Jim Pingle
10:14 AM Bug #12775 (Resolved): NTP service is not listed on ``status_services.php`` unless ``config.xml`` contains NTP configuration data: The NTP service is active by default and is running even on a fresh installation before the user configures NTP, whic... Jim Pingle
09:59 AM Feature #12773 (Pull Request Review): Ability to sort AutoConfigBackup entries: Jim Pingle
09:57 AM Feature #12773: Ability to sort AutoConfigBackup entries: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/606 Viktor Gurov
09:55 AM Feature #12773 (Closed): Ability to sort AutoConfigBackup entries: It would be useful to allow ACB columns to be sorted to quickly check the latest/first backup. Viktor Gurov
09:34 AM pfSense Packages Bug #12772 (Pull Request Review): Syslog-ng writes config.xml on each start: Jim Pingle
09:30 AM pfSense Packages Bug #12772: Syslog-ng writes config.xml on each start: fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/179 Viktor Gurov
08:20 AM pfSense Packages Bug #12772 (Resolved): Syslog-ng writes config.xml on each start: This can flood ACB:... Viktor Gurov
07:46 AM Bug #12771: Automatic filter reload with OpenVPN client gateway uplink happens too soon or not at all: after merging https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/516
`/usr/bin/touch /tmp/${1}_upstart4 (up... Viktor Gurov
02:31 AM Bug #12771 (Resolved): Automatic filter reload with OpenVPN client gateway uplink happens too soon or not at all: Not sure if this is strictly an OpenVPN client gateway issue or a gateway up/down issue in other scenarios as well, r... Jon8RFC .
07:46 AM Bug #12735 (Pull Request Review): Interface status "Total Interrupts" display is non-functional: Jim Pingle
07:18 AM Bug #12735: Interface status "Total Interrupts" display is non-functional: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/605 Viktor Gurov
07:36 AM Feature #2505 (Pull Request Review): Toggle button to disable/enable multiple firewall rules: The link is internal and only available to Netgate developers, the changes will be visible in the public repository a... Jim Pingle
04:23 AM Feature #2505: Toggle button to disable/enable multiple firewall rules: Viktor Gurov wrote in #note-5:
> https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/604
not working link Ameelien Niko
04:20 AM Feature #2505: Toggle button to disable/enable multiple firewall rules: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/604 Viktor Gurov
01:19 AM Feature #2505: Toggle button to disable/enable multiple firewall rules: This would be excellent!
I guess when it needs to be done, people just resign themselves to "I'll just do them all... Jon8RFC .
07:34 AM Todo #12701 (Pull Request Review): Reorganize CARP status page: Jim Pingle
04:00 AM Todo #12701: Reorganize CARP status page: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/603 Viktor Gurov
02:01 AM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: Fixed for me. Thank you! Jon8RFC .

02/08/2022

09:16 PM Bug #12754: Google Domains Dynamic DNS responses are not parsed properly: Thank you for this. I edited my /etc/inc/dyndns.class file with your code snippet and that resolved my same issue. Dakota Hourie
04:02 PM pfSense Packages Bug #11836: FRR ACCEPTFILTER shows out of order prefix-list: Regarding ACCEPTFILTER, you can test the patch here listed on #11686 Marcos M
04:01 PM pfSense Packages Bug #11686: FRR generated ACCEPTFILTER permit statement broken: This can be applied using the System Patches package. Marcos M
12:59 PM Bug #8100: pfsync Initially Deletes States on Primary for Connections Established through Secondary: See #12702 Viktor Gurov
12:56 PM pfSense Packages Todo #11574 (Duplicate): Add "nobind" to exported OpenVPN configurations by default: Duplicate of #11575 Viktor Gurov
10:50 AM Feature #7727 (Pull Request Review): uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/602
Diff for those wanting to test using the "Syst... Jim Pingle
10:48 AM Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port: Found a potential issue with the order of outbound NAT rule processing that seems to indicate that the new outbound N... Jim Pingle
07:35 AM pfSense Packages Bug #12758 (Pull Request Review): Route Handling Subnet field Input check: Jim Pingle
04:16 AM pfSense Packages Bug #12758: Route Handling Subnet field Input check: fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/178 Viktor Gurov
07:32 AM Bug #11416 (Pull Request Review): OpenVPN IPv4 Tunnel Network incorrectly allows hostnames: Jim Pingle
07:25 AM Bug #11416: OpenVPN IPv4 Tunnel Network incorrectly allows hostnames: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/601 Viktor Gurov

02/07/2022

07:43 PM pfSense Docs Todo #12770: Feedback on Firewall — Configuring firewall rules: Example text:
> Using @Invert Match@ on macros such as @LAN net@ can lead to undesired rule behavior when the interfa... Marcos M
07:25 PM pfSense Docs Todo #12770 (Resolved): Feedback on Firewall — Configuring firewall rules: *Page:* https://docs.netgate.com/pfsense/en/latest/firewall/configure.html
*Feedback:*
After the @Selecting Inver... Marcos M
02:45 PM Bug #12769 (Resolved): ZFS installations without an RTC battery boot with clock at BIOS/EFI default value because they do not receive initial clock value from filesystem data: Already fixed and covered by NG 7447 but adding here so it goes in the release notes.
Systems without an RTC batte... Jim Pingle
02:18 PM Bug #6799: Negating ``<interface> net`` when a VIP exists on the interface results in unintended behavior: I was able to reproduce this on 22.01 when using macros, but not when using aliases. Regarding pfBlockerNG, the VIP d... Marcos M
02:13 PM pfSense Packages Bug #12742 (Pull Request Review): freeRADIUS virtual-server-default: modules dailycounter, monthlycounter, noresetcounter, expire_on_login in authorize section prevent virtual server from loading: Christopher Cope
12:51 PM Bug #12766: Packages with custom ``internal_name`` values do not reinstall properly when restoring a backup: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/600 Viktor Gurov
12:20 PM Bug #12766: Packages with custom ``internal_name`` values do not reinstall properly when restoring a backup: + same issue with BIND package:... Viktor Gurov
11:51 AM Bug #12766: Packages with custom ``internal_name`` values do not reinstall properly when restoring a backup: I think this may be because @internal_name@ in the package tags is set to @radiusd@ though I can't recall why that is... Jim Pingle
11:26 AM Bug #12766 (Resolved): Packages with custom ``internal_name`` values do not reinstall properly when restoring a backup: After restoring pfSense 2.7 (2.7.0.a.20220207.0600) from the backup:... Viktor Gurov
12:39 PM pfSense Packages Bug #12403 (Resolved): WireGuard tunnel and peer edit pages do not prevent browser auto-fill: Fixed in 0.1.6:
https://github.com/pfsense/FreeBSD-ports/commit/49a79c01aa50cbf3da4dd28eca8b9d8e563e67e7#diff-384b8b... Viktor Gurov
12:24 PM Bug #12763: VTI gateway status stuck as "pending" after reboot: OK, that is likely because it doesn't have sufficient information to setup the interface at at that exact moment when... Jim Pingle
12:17 PM Bug #12763 (New): VTI gateway status stuck as "pending" after reboot: Thanks for looking. I traced it down to using an FQDN (issue) vs IP (no issue) for the remote gateway. When using FQD... Marcos M
08:24 AM Bug #12763 (Feedback): VTI gateway status stuck as "pending" after reboot: I can't reproduce this here. My VTI gateways with monitoring enabled are up at boot on 22.01/2.6.0.
More informati... Jim Pingle
11:45 AM Feature #12768 (Rejected): pfSense-repo: Make sure default config file exists: pfSense-repo port create an empty file with .default extension pointing to default repository config file. Add some ... Renato Botelho
11:28 AM pfSense Packages Bug #12767 (New): ```Package radavahi-daemon does does not exist in current pfSense version and it has been removed``` message on pfSense 2.7 restore: After restoring pfSense 2.7 (2.7.0.a.20220207.0600) from the backup:... Viktor Gurov
11:21 AM Todo #12762: Clarify that the IPsec keep alive check option ignores Child SA Start Action: Ok, edited my previous comment. Marcos M
11:11 AM Todo #12762: Clarify that the IPsec keep alive check option ignores Child SA Start Action: "Does not send traffic inside the tunnel" is a key fact about how this feature operates and differentiates it from th... Jim Pingle
11:06 AM Todo #12762: Clarify that the IPsec keep alive check option ignores Child SA Start Action: It caught me off-guard during testing, so I agree there should at least be some warning text on the option regardless... Marcos M
08:21 AM Todo #12762: Clarify that the IPsec keep alive check option ignores Child SA Start Action: That is somewhat by design. It's doing exactly what the user configured it to do, and it's not the same behavior as l... Jim Pingle
04:39 AM Todo #12762: Clarify that the IPsec keep alive check option ignores Child SA Start Action: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/599 Viktor Gurov
10:57 AM pfSense Packages Bug #11686 (Pull Request Review): FRR generated ACCEPTFILTER permit statement broken: Jim Pingle
10:54 AM pfSense Packages Bug #11686: FRR generated ACCEPTFILTER permit statement broken: fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/177 Viktor Gurov
10:50 AM pfSense Packages Feature #11798 (Duplicate): HA Sync for FRR config: Duplicate of #9141 Viktor Gurov
10:36 AM pfSense Packages Bug #12765 (Pull Request Review): AutoConfigBackup should ignore Lightsquid/lightparser cron changes: Jim Pingle
10:21 AM pfSense Packages Bug #12765: AutoConfigBackup should ignore Lightsquid/lightparser cron changes: fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/176 Viktor Gurov
05:55 AM pfSense Packages Bug #12765 (Resolved): AutoConfigBackup should ignore Lightsquid/lightparser cron changes: Dear,
I went to check the "Auto Configuration Backup" and I came across a serious problem that can cause the loss ... Marcelo Gondim
08:04 AM Bug #12757 (Pull Request Review): Clean up use of ``pfctl -F`` in ``/etc/inc/filter.inc``: Jim Pingle
05:41 AM Bug #12764 (New): VTI gateway status is pending after assigning the VTI interface: How to reproduce:
1) Configure IPsec VTI
2) Assign the VTI interface
3) Check the Status / Gateways page - it show... Viktor Gurov
03:50 AM Todo #12243: Implement ```plugin_interfaces()```: see also https://redmine.pfsense.org/issues/12760 Viktor Gurov
03:50 AM pfSense Packages Bug #12760: Link-local addresses disallowed on Wireguard interfaces: It's not possible on the Interface Assignments page, but you can configure the link-local address on the WireGuard / ... Viktor Gurov
03:19 AM pfSense Packages Bug #11461 (Resolved): zeek package - Web Interface does not display any log content Package/Zeek/Alerts/Real Time Inspection: Viktor Gurov
03:16 AM pfSense Plus Bug #12759: Proprietary packages link to non-existant or non-public github pages: See also #9755 Viktor Gurov

02/06/2022

11:04 PM Bug #12763: VTI gateway status stuck as "pending" after reboot: The icmp state does not exist indicating that dpinger failed in some way. Marcos M
11:03 PM Bug #12763 (Resolved): VTI gateway status stuck as "pending" after reboot: After rebooting the firewall, VTI gateways stay pending until a restart of dpinger. Marcos M
11:01 PM pfSense Packages Bug #12751: Improve FRR route restoration after gateway events: Further testing with 22.01-REL:
VTI gateway with default settings *OR* with option checked: @Disable Gateway Monit... Marcos M
10:20 PM Todo #12762 (Resolved): Clarify that the IPsec keep alive check option ignores Child SA Start Action: The option @Enable periodic keep alive check@ on the P2 configuration does not take into account the P1 option @Child... Marcos M
01:33 PM Bug #12761 (Resolved): Input validation prevents configuring wildcard Dynamic DNS records on Google Domains: Copy of Bug #12750 but with Google Domains selected, gives same error. Apparently bug has been around for 2+ years, b... Ma Ar
12:46 AM pfSense Packages Bug #12760 (New): Link-local addresses disallowed on Wireguard interfaces: Wireguard supports link-local IPv6, however adding a static link-local to interfaces is not allowed, even for interfa... Alex Chang-Lam

02/05/2022

07:25 PM pfSense Packages Bug #11461: zeek package - Web Interface does not display any log content Package/Zeek/Alerts/Real Time Inspection: the web interface shows Logs.
2.6.0-RELEASE (amd64)
built on Tue Jan 25 19:18:35 UTC 2022
FreeBSD 12.3-STABLE
Alhusein Zawi
07:22 PM pfSense Plus Bug #12759 (New): Proprietary packages link to non-existant or non-public github pages: When clicking on the version number to view the code for packages like openvpn-import and aws-wizard, these link to a... Kris Phillips
10:26 AM pfSense Packages Bug #12738 (Resolved): Squid ignores CA Trust Store: Danilo Zrenjanin
10:26 AM pfSense Packages Bug #12738: Squid ignores CA Trust Store: Tested against:... Danilo Zrenjanin
09:56 AM pfSense Packages Bug #12758 (Resolved): Route Handling Subnet field Input check: If a subnet mask is not defined under the Services/FRR/Global Settings - Route Handling - Routes - Subnet field, the ... Danilo Zrenjanin
09:51 AM Bug #12757 (Resolved): Clean up use of ``pfctl -F`` in ``/etc/inc/filter.inc``: Two recommended clean up actions:
1) filter_flush_state_table() in /etc/inc/filter.inc calls 'pfctl -F state' which ... Mark Francis

02/04/2022

03:19 PM pfSense Packages Bug #10937 (Resolved): HAProxy frontend and backend entry limit: Christopher Cope
03:19 PM pfSense Packages Bug #10937: HAProxy frontend and backend entry limit: Tested on... Christopher Cope
02:46 PM Bug #12238 (Resolved): OpenVPN client connect/disconnect scripts are not used in Remote Access (SSL/TLS) mode: Christopher Cope
02:46 PM Bug #12238: OpenVPN client connect/disconnect scripts are not used in Remote Access (SSL/TLS) mode: Tested on... Christopher Cope
02:29 PM pfSense Packages Todo #12351: Remove non-functional feeds: pfBlockerNG-devel 3.1.0_1 has https://isc.sans.edu/feeds/suspiciousdomains_Medium.txt, https://isc.sans.edu/feeds/sus... Christopher Cope
10:29 AM Feature #4667: DNS Resolver - ability to save/restore cache went missing: I'm wondering if we can open this back up. I did some testing and couldn't replicate having any problems when dumpin... Josh Stompro
08:54 AM Bug #12754 (Pull Request Review): Google Domains Dynamic DNS responses are not parsed properly: Jim Pingle
04:36 AM Bug #12754: Google Domains Dynamic DNS responses are not parsed properly: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/598 Viktor Gurov
12:01 AM Bug #12754 (Resolved): Google Domains Dynamic DNS responses are not parsed properly: When using Google Domains with the Dynamic DNS feature, it fails for Unknown Response. This is due to Google requirin... Daniel Pontillo
08:51 AM pfSense Docs Todo #12756 (Closed): Add information on correct MTU to use with WireGuard: *Page:* https://docs.netgate.com/pfsense/en/latest/recipes/wireguard-ra.html
*Feedback:*
In all four Wireguard ... Viktor Gurov
05:26 AM pfSense Packages Bug #12623: acme.sh package | DNS-ISPConfig settings: Do we have an ETA on when the merge will be available in a release? Morten Trab
05:08 AM pfSense Packages Bug #12755 (Duplicate): Acme package dns_ispconfig not working.: Duplicate of #12623 Viktor Gurov
04:18 AM pfSense Packages Bug #12755: Acme package dns_ispconfig not working.: Found this in the acme_issuecert.log:
[Fri Feb 4 10:52:40 CET 2022] You haven't specified the ISPConfig Login dat... Morten Trab
04:15 AM pfSense Packages Bug #12755 (Duplicate): Acme package dns_ispconfig not working.: When trying to use ISPConfig for DNS verification in Acme Certificate, I get this output but no TXT records added to ... Morten Trab

02/03/2022

09:12 PM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound: Jiggling the handle on this one again. Just tracked another user complaint down to this issue - the outtage that occ... steven warner
08:37 AM Feature #11865 (Resolved): Option to validate OpenVPN peer TLS certificate key usage: Tested against:... Danilo Zrenjanin
08:21 AM Bug #12753: DynDNS entries not being updated in one netgate box: Thank you for let me know Jim! Fábio Cabrita
07:06 AM Bug #12753 (Rejected): DynDNS entries not being updated in one netgate box: There isn't enough here to say it's a bug and not a configuration problem, even considering what's on the forum threa... Jim Pingle
06:09 AM Bug #12753 (Rejected): DynDNS entries not being updated in one netgate box: Hello everyone,
I've two netgate boxs in HA with 22.05.2, both with multi WAN (but at the time only ix0 NIC have a... Fábio Cabrita
08:14 AM pfSense Packages Bug #12205 (Resolved): Certificate Manager page doesn't show Squid used certificates: Tested against:... Danilo Zrenjanin
07:54 AM Bug #12216 (Resolved): ARM 32/64 network boot options are not parsed on Static DHCP Mapping page: Tested against:... Danilo Zrenjanin
05:19 AM pfSense Packages Bug #11766 (Resolved): Certificate no more pointed "in use" by haproxy: Tested against:... Danilo Zrenjanin
04:57 AM pfSense Packages Bug #12258: Copy key buttons only work in HTTPS mode: Tested against:... Danilo Zrenjanin
04:11 AM pfSense Packages Bug #12339 (Resolved): SyslogNG PHP errors after starting the service: Tested:... Danilo Zrenjanin
02:06 AM Feature #12752 (Resolved): Support wildcard Dynamic DNS records on DigitalOcean: According to https://docs.digitalocean.com/products/networking/dns/how-to/manage-records/ DigitalOcean supports wildc... Viktor Gurov
01:08 AM Bug #11958 (Duplicate): Multi-wan Azure Dyndns updates not working when primary WAN is unplugged: Duplicate of #12631 Viktor Gurov
12:02 AM Revision 2518a721: move firewall functions to include file: Trevor Kerr

02/02/2022

09:48 PM pfSense Packages Bug #12751 (New): Improve FRR route restoration after gateway events: SETUP:
* FRR BGP over IPsec VTI using a localhost interface as update source.
* Check @Diagnostics / Routes@ for ro... Marcos M
06:04 PM pfSense Packages Feature #10466: Add checkbox to Suricata blocked host view to resolve all resolvable IP's automatically: Bill Meeks wrote in #note-2:
> I am hesitant about adding this feature. If there are lots of blocked IP entries (whi... tasty ratz
04:27 PM pfSense Packages Feature #10466: Add checkbox to Suricata blocked host view to resolve all resolvable IP's automatically: I am hesitant about adding this feature. If there are lots of blocked IP entries (which you reference in a different ... Bill Meeks
10:55 AM Bug #12750 (Pull Request Review): Input validation prevents configuring wildcard Dynamic DNS records on GoDaddy: Jim Pingle
08:42 AM Bug #12750: Input validation prevents configuring wildcard Dynamic DNS records on GoDaddy: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/597 Viktor Gurov
08:02 AM Bug #12750 (Resolved): Input validation prevents configuring wildcard Dynamic DNS records on GoDaddy: Dear Team;
when inserting a wildcard record in godaddy as a dynamic dns provider the pfsense rejects the input and... Abdulaziz Al-Marwani
08:22 AM Bug #12749 (Pull Request Review): Uninitialized array in ``array_remove_duplicates()``: Jim Pingle
06:22 AM Bug #12749: Uninitialized array in ``array_remove_duplicates()``: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/596 Viktor Gurov
06:21 AM Bug #12749 (Resolved): Uninitialized array in ``array_remove_duplicates()``: https://github.com/pfsense/pfsense/blob/master/src/etc/inc/util.inc#L3322-L3333:... Viktor Gurov
08:08 AM Feature #2456 (Pull Request Review): Option to choose default tab in IPsec status Dashboard widget: Jim Pingle
06:16 AM Feature #2456: Option to choose default tab in IPsec status Dashboard widget: default tab option:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/595 Viktor Gurov

02/01/2022

12:33 PM Feature #12724 (Pull Request Review): Notify user if AutoConfigBackup is unable to successfully upload a backup: Jim Pingle
06:13 AM Feature #12724: Notify user if AutoConfigBackup is unable to successfully upload a backup: improvements:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/594 Viktor Gurov
12:08 PM pfSense Packages Feature #10466: Add checkbox to Suricata blocked host view to resolve all resolvable IP's automatically: Wanted to bump this one up since it hasn't had any activity in the last few years. tasty ratz
12:06 PM pfSense Packages Feature #12748 (Resolved): Suricata blocked page timestamp breakout to it's own sortable column: It's nearly impossible to fish through the blocked page and find something new right now. The only way is to look thr... tasty ratz
08:47 AM Bug #12747 (Resolved): Restarting the logging daemon during rotation also restarts ``sshguard``, leading to frequent log messages: sshguard has to restart when he logs are rotated in 2.6 in order to monitor the current file. When it does so it logs... Steve Wheeler
01:42 AM Feature #12746 (New): IPoE feature for WAN interface: I'd like to please request the addition of IPoE as a selection method for IPv6 WAN interface configuration.
The reas... Anonymous

01/31/2022

07:26 PM Revision 474db80b: One-time NTP sync from static servers NG 7447: (cherry picked from commit 4745879c9967682624a2e87e190ebc12ba6f985b) Jim Pingle
07:26 PM Revision b62cfee9: Sanity check the clock at boot. Issue NG 7447: (cherry picked from commit 42ed3b9d540c101617eaa00581c527673f6206a2) Jim Pingle
07:25 PM Revision 4745879c: One-time NTP sync from static servers NG 7447: Jim Pingle
07:24 PM Revision 42ed3b9d: Sanity check the clock at boot. Issue NG 7447: Jim Pingle
06:19 PM Revision 7a9ce400: Delete temporary ACB files. Fixes #12745: (cherry picked from commit 17490b15e73c048f8ff42df203c31942e9e2ce73) Viktor Gurov
05:38 PM Revision 17490b15: Delete temporary ACB files. Fixes #12745: Viktor Gurov
01:03 PM Bug #12734: Long hostname breaks DHCP leases layout: I added better screenshot with disappeared buttons and scrollbar at the bottom (host with a long hostname is not show... Juri Oo
12:33 PM Feature #12744 (Pull Request Review): IPv6 support for DNSimple Dynamic DNS: Jim Pingle
12:27 PM Regression #12745: AutoConfigBackup does not delete temporary encrypted configuration files from ``/tmp``: Merged to 22.01/2.6 Viktor Gurov
12:20 PM Regression #12745 (Feedback): AutoConfigBackup does not delete temporary encrypted configuration files from ``/tmp``: Applied in changeset commit:17490b15e73c048f8ff42df203c31942e9e2ce73. Viktor Gurov
11:58 AM Regression #12745 (Pull Request Review): AutoConfigBackup does not delete temporary encrypted configuration files from ``/tmp``: Jim Pingle
11:39 AM Regression #12745: AutoConfigBackup does not delete temporary encrypted configuration files from ``/tmp``: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/593 Viktor Gurov
11:30 AM Regression #12745 (Resolved): AutoConfigBackup does not delete temporary encrypted configuration files from ``/tmp``: ... Viktor Gurov
06:10 AM Bug #12141: Lack of DNS or Internet connectivity causes GUI to be slow: Marcos Mendoza wrote in #note-17:
> Tested on @2.6.0-RELEASE@ by blocking upstream any connection to the internet. T... Viktor Gurov
02:56 AM pfSense Packages Bug #12030 (Resolved): Startup Errors for Avahi Package: Viktor Gurov
01:50 AM pfSense Packages Feature #12656: NextDNS: Marcos Mendoza wrote in #note-2:
> What is the advantage of a package versus using their DNS IP addresses as forward... Abdul Khaliq

01/30/2022

08:58 PM pfSense Packages Feature #12656: NextDNS: What is the advantage of a package versus using their DNS IP addresses as forwarding servers? Marcos M
08:55 PM pfSense Packages Feature #12736: Allow custom cron intervals: The lists included with the package aren't meant to be updated that frequently. You could probably create a second cr... Marcos M
12:42 AM Revision 77a0eb0d: Add IPv6 variant of DNSimple DynDNS Provider: Zac West

01/29/2022

07:58 PM Feature #12744: IPv6 support for DNSimple Dynamic DNS: https://github.com/pfsense/pfsense/pull/4555 Zac West
07:49 PM Feature #12744 (Resolved): IPv6 support for DNSimple Dynamic DNS: Their API doesn't require specifying record type, so this is a relatively straightforward change. Creating this issue... Zac West
06:03 PM Bug #12743 (Rejected): IPv6 LAN IP not displayed in Dashboard -> Interfaces: It shows up on all of mine (Static and tracked), must be something different locally on yours, so not enough informat... Jim Pingle
02:28 PM Bug #12743 (Rejected): IPv6 LAN IP not displayed in Dashboard -> Interfaces: The web UI dashboard does not properly display the IPv6 LAN address, only the IPV4. I filed an early bug on the devel... Eric Veum
03:30 PM pfSense Packages Bug #12030: Startup Errors for Avahi Package: Not seeing these messages upon install or startup of Avahi package 2.2_1 Jordan G

01/28/2022

06:37 PM Revision c1d924e8: Move OPenVPN server save functionality to include file: Steve Beaver
06:33 PM pfSense Packages Bug #12742: freeRADIUS virtual-server-default: modules dailycounter, monthlycounter, noresetcounter, expire_on_login in authorize section prevent virtual server from loading: Fix: https://github.com/pfsense/FreeBSD-ports/pull/1142 Christopher Cope
05:56 PM pfSense Packages Bug #12742: freeRADIUS virtual-server-default: modules dailycounter, monthlycounter, noresetcounter, expire_on_login in authorize section prevent virtual server from loading: This is on freeradius3 0.15.7_32 Christopher Cope
05:42 PM pfSense Packages Bug #12742 (Feedback): freeRADIUS virtual-server-default: modules dailycounter, monthlycounter, noresetcounter, expire_on_login in authorize section prevent virtual server from loading: This seems to be along the same line as this older bug https://redmine.pfsense.org/issues/10197
Creating a freeRAD... Christopher Cope
03:29 PM Revision 723c8402: Merge remote-tracking branch 'origin/master' into mvc_refactor: Steve Beaver
08:24 AM Feature #12741 (Pull Request Review): Eliminate duplicate shell commands from history file: Jim Pingle
08:21 AM Feature #12741: Eliminate duplicate shell commands from history file: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/589 Viktor Gurov
08:18 AM Feature #12741 (Resolved): Eliminate duplicate shell commands from history file: It would be useful to add @set histdup='prev'@ to /etc/skel/dot.tcshrc to ommit immediate duplicates (ie it won't add... Viktor Gurov
07:33 AM Bug #12632 (New): Changing an interface IP address and gateway at the console does not save the new gateway if one already exists for the interface: Jim Pingle
07:30 AM Bug #12632: Changing an interface IP address and gateway at the console does not save the new gateway if one already exists for the interface: I replicated the issue on 22.01.r.20220124.1828 and 2.6.0.r.20220124.1828.... Danilo Zrenjanin
03:24 AM pfSense Packages Bug #12738: Squid ignores CA Trust Store: Merged to 22.01/2.6 Viktor Gurov

01/27/2022

09:04 PM pfSense Packages Bug #11836: FRR ACCEPTFILTER shows out of order prefix-list: I am reproducing this issue (constantly changing FRR running configuration leading to inactive routes) and unfortunat... Matthew D
01:19 PM Bug #12740 (Incomplete): panic: esp_input_cb: Unexpected address family: There isn't enough information to go on here. We need at least the backtrace (ddb.txt) and preferably the full crash ... Jim Pingle
12:38 PM Bug #12740 (Incomplete): panic: esp_input_cb: Unexpected address family: On pfSense 21.05.02 I've started to get a panic with panic string:... Juraj Lutter
12:26 PM Bug #12170 (Resolved): Interface assignment mismatch is not detected if VLAN-only parent interface is removed: Jim Pingle
12:20 PM Bug #12170: Interface assignment mismatch is not detected if VLAN-only parent interface is removed: Behaves as expected on... Christopher Cope
09:01 AM pfSense Packages Bug #12738 (Feedback): Squid ignores CA Trust Store: Merged:
https://github.com/pfsense/FreeBSD-ports/commit/9f6b897648f3df69490fca0105748677f96d41f8 Viktor Gurov
08:06 AM pfSense Packages Bug #12738 (Pull Request Review): Squid ignores CA Trust Store: Jim Pingle
05:44 AM pfSense Packages Bug #12738: Squid ignores CA Trust Store: fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/175 Viktor Gurov
05:09 AM pfSense Packages Bug #12738 (Resolved): Squid ignores CA Trust Store: Squid Proxy uses /usr/local/share/certs/ as a CA path, but not /etc/ssl/certs (system CA Trust Store)
and it's not p... Viktor Gurov
08:01 AM Feature #12675 (Pull Request Review): Move command line history to a GUI option stored in ``config.xml`` rather than a manual flag file: Jim Pingle
04:27 AM Feature #12675: Move command line history to a GUI option stored in ``config.xml`` rather than a manual flag file: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/588 Viktor Gurov
06:59 AM pfSense Packages Bug #12739: Passlist generates invalid Virtual IP subnets: fix:
https://github.com/pfsense/FreeBSD-ports/pull/1141 Viktor Gurov
06:56 AM pfSense Packages Bug #12739 (Resolved): Passlist generates invalid Virtual IP subnets: Using the "Virtual IP Addresses" option on the passlist page, invalid entries are generated:
192.168.34.5/24
192.16... Viktor Gurov
05:35 AM pfSense Packages Bug #12692: Haproxy backend issue: → luckman212 wrote in #note-7:
> So just checking... the fix is only in pfSense 2.7 alpha? Not making it into 2.6 / 2... Danilo Zrenjanin
04:59 AM Bug #12737: CA path is not defined when using ``curl`` in the shell: This is why curl ignores Trust Store CA (/etc/ssl/certs) Viktor Gurov
04:55 AM Bug #12737 (Resolved): CA path is not defined when using ``curl`` in the shell: When executing the curl command from the pfSense, *CApath* is not defined by default.... Danilo Zrenjanin

01/26/2022

11:43 PM pfSense Packages Feature #12736 (New): Allow custom cron intervals: Hello,
Long time pfSense user that just discovered pfBlockerNG - works great.
I would like to request a "30 min... Trevor Wright
03:23 PM Bug #12735 (Resolved): Interface status "Total Interrupts" display is non-functional: The interface status page @status_interfaces.php@ is supposed to print a section called "Total Interrupts" at the bot... Jim Pingle
02:56 PM Bug #12734: Long hostname breaks DHCP leases layout: Jim Pingle wrote in #note-1:
> You have blanked out so much of the text on those images it's impossible to tell what... Juri Oo
02:06 PM Bug #12734 (Incomplete): Long hostname breaks DHCP leases layout: You have blanked out so much of the text on those images it's impossible to tell what the problem might be.
It's n... Jim Pingle
01:11 PM Bug #12734 (Incomplete): Long hostname breaks DHCP leases layout: It appears, that long hostnames will kind of break the dhcp leases status page.
With Nmap package and MAC vendors, ... Juri Oo
09:51 AM Bug #12733: Value of ``net.inet.ip.dummynet.*`` OIDs in ``sysctl`` are ignored: fixed in https://gitlab.netgate.com/pfSense/pfSense/-/commit/014970c9f0db03d805676f11b2b42cdd0222edd3 Viktor Gurov
09:37 AM Bug #12733 (Resolved): Value of ``net.inet.ip.dummynet.*`` OIDs in ``sysctl`` are ignored: If you set any net.inet.ip.dummynet.* values on the System / Advanced / System Tunables page,
they are ignored becau... Viktor Gurov
09:11 AM pfSense Packages Bug #12732 (New): Squid https filtering squidguard acl target list - erratic behaviour: Bug that could be described as an erratic behaviour in squid https filtering : some websites specified in squidgard t... fr scm
08:10 AM pfSense Packages Bug #12251 (Feedback): Wireguard 0.1.5 - ignores "KeepAlive" parameter if empty (instead of disabling): Merged Viktor Gurov
07:43 AM pfSense Packages Bug #12729: PFBlockerNG random timeouts on connections: Jim Pingle wrote in #note-1:
> This site is not for support or diagnostic discussion.
>
> For assistance in solvi... David Schmidt
07:32 AM pfSense Packages Bug #12729 (Rejected): PFBlockerNG random timeouts on connections: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
12:52 AM pfSense Packages Bug #12729 (Rejected): PFBlockerNG random timeouts on connections: Hi there, first bug I am reporting here.
Actually since quite a bit we noticed PFBlockerNG causing short timeouts on... David Schmidt
07:36 AM Bug #12727 (Pull Request Review): Renaming an alias does not update the alias names in static routes and OpenVPN instances: Jim Pingle
02:45 AM Bug #12727: Renaming an alias does not update the alias names in static routes and OpenVPN instances: same issue with OpenVPN aliases
fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/587 Viktor Gurov
07:35 AM Bug #12728 (Pull Request Review): Cannot remove IPv6 static routes: Jim Pingle
02:25 AM Bug #12728: Cannot remove IPv6 static routes: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/585 Viktor Gurov
05:13 AM Bug #12730: RADIUS accounting does not work if WAN is down: fixed in https://gitlab.netgate.com/pfSense/pfSense/-/commit/4fddff2570228e8560019f79d202c90ddb166a94 Viktor Gurov
05:01 AM Bug #12730 (Resolved): RADIUS accounting does not work if WAN is down: @captiveportal_send_server_accounting()@ always uses WAN IP address as NAS IP Address (because "!is_ipaddr($nasip)")
... Viktor Gurov
02:32 AM Todo #12093: Make AutoConfigBackup menu entry point to the settings tab so it loads faster when there is no WAN connectivity: Marcos Mendoza wrote in #note-10:
> From what I can tell, the changes that went in are for the DNS enhancements whic... Viktor Gurov

01/25/2022

07:06 PM Revision 22f5f4d8: Welcome pfSense CE 2.6.0-RELEASE: Renato Botelho
06:50 PM Bug #12728 (Resolved): Cannot remove IPv6 static routes: Tested on 22.01
# Create an IPv6 static route. Save/apply.
# Remove the IPv6 static route.
# Error is shown on s... Marcos M
06:45 PM Bug #4893 (Resolved): Error loading rules when URL Table Ports content is empty: Marcos M
06:44 PM Bug #4893: Error loading rules when URL Table Ports content is empty: Tested on 22.01. An empty ports alias no longer results in an error after reboot. Marcos M
06:39 PM pfSense Packages Feature #9700: Secure Squid HTTPS Proxy: /usr/local/etc/squid/squid.conf output
before enabling 'transparent' mode:
> # This file is automatically generat... Kyle Klouzal
06:35 PM Bug #10706 (Resolved): Kernel route table entries are removed if they match disabled static route entries: Tested on @22.01-RELEASE@. Disabled routes do not get removed when OpenVPN adds them. Though if they are enabled and ... Marcos M
06:24 PM pfSense Packages Todo #12717: Squid 5.x Branch: Then why not have a separate devel branch like other packages do?
https://www.freshports.org/www/squid-devel/ looks ... Kyle Klouzal
06:05 PM Bug #12141 (New): Lack of DNS or Internet connectivity causes GUI to be slow: Tested on @2.6.0-RELEASE@ by blocking upstream any connection to the internet. Trying to load the dashboard took 40 t... Marcos M
05:49 PM Todo #12093 (Pull Request Review): Make AutoConfigBackup menu entry point to the settings tab so it loads faster when there is no WAN connectivity: From what I can tell, the changes that went in are for the DNS enhancements which #12141 is being used for. These cha... Marcos M
04:26 PM Feature #2668 (Resolved): Support aliases in OpenVPN local/remote/tunnel network fields: Viktor Gurov
03:52 PM Feature #2668: Support aliases in OpenVPN local/remote/tunnel network fields: Behaving as expected on... Christopher Cope
02:04 PM Bug #12727 (Resolved): Renaming an alias does not update the alias names in static routes and OpenVPN instances: Tested on @22.01.r.20220123.0133@.
# Create a network alias
# Create a static route using the alias
# Rename the... Marcos M
01:51 PM Revision a9bdbd97: Clean up pkg filter text before use. Fixes #12725: Also remove unnecessary echos of the value.
(cherry picked from commit 5d82cce0d615a76b738798577a28a15803e59aeb) Jim Pingle
01:48 PM Bug #12726 (New): LDAP select container button auto populate: Hi! I would like to suggest an improvement to the Authentication server page. I see that the Authentication container... Federico Galli
01:38 PM Revision 5d82cce0: Clean up pkg filter text before use. Fixes #12725: Also remove unnecessary echos of the value. Jim Pingle
01:14 PM Bug #12105: Packages are not automatically reinstalled when restoring configuration using the installer: If what is in now isn't sufficient we can revisit it for the next release. Jim Pingle
01:13 PM Bug #12274 (Resolved): Unbound fails to start if its configuration references a python script which does not exist: Closing this since the problem mentioned above appears to be specific to something pfBlocker is doing.
I can't repli... Jim Pingle
01:03 PM Feature #12213 (Resolved): Support SHA-256 hash NTP authentication: Jim Pingle
01:02 PM Bug #12391 (Resolved): Uninitialized config variable in ```interface_assign.php```: Jim Pingle
12:58 PM Bug #12076 (Resolved): OpenVPN RADIUS-based firewall rules do not use expected value for RADIUS-assigned IP addresses: Jim Pingle
12:57 PM Bug #12072 (Resolved): FQDN L2TP server address is only resolved at boot: Jim Pingle
12:54 PM Bug #11653 (Resolved): Duplicate ``comconsole_port`` lines in ``/boot/loader.conf``: Jim Pingle
12:53 PM Feature #9341 (Resolved): Support DNS Made Easy authentication without a username: Jim Pingle
12:52 PM Bug #11816 (Resolved): RFC 2136 Dynamic DNS client uses IPv6 alias VIP instead of Track IPv6 address for AAAA records: Jim Pingle
12:51 PM Regression #12021 (Resolved): NoIP.com incorrectly encodes Dynamic DNS update credentials: Jim Pingle
12:51 PM Bug #12352 (Resolved): Update Dynamic DNS code for one.com to use their new login process: Jim Pingle
12:50 PM Bug #12460 (Resolved): Unbound falls back to using all outgoing network interfaces if manually selected outgoing interface(s) are unavailable: Jim Pingle
12:47 PM Bug #11902 (Resolved): Incorrect variable substitution in captive portal error page: Jim Pingle
12:46 PM Todo #12406 (Resolved): Remove unused functions: The functions in question are no longer present. Jim Pingle
12:45 PM Todo #11985 (Resolved): Ensure ``/usr/local/sbin/`` scripts use full path to executable files: Jim Pingle
12:44 PM Feature #12194 (Resolved): Support Check IP services which return bare IP address values: Jim Pingle
12:43 PM Bug #10955 (Resolved): XMLRPC sync results in an error when a failover peer IP address is specified in DHCP server settings for an unconfigured interface: Jim Pingle
12:42 PM Regression #11470 (Resolved): Panic when using CBQ traffic shaping: No recent reports. Can always reopen it if someone manages to reproduce it again with the current fix in place. Jim Pingle
12:41 PM Bug #11599 (Resolved): Modifying static routes results in a logged error, changes are not reflected in routing table: Working as expected on current 22.01 RC and 2.6.0 RC snapshots. Jim Pingle
12:38 PM Feature #12109 (Resolved): Option to suppress expiration notifications for revoked certificates: Jim Pingle
12:36 PM Bug #9277 (Resolved): MBT-4220/2220: pfSense hangs when running sysctl -a: Jim Pingle
12:36 PM Todo #11976 (Resolved): Compliance with pfSense style guide in Dynamic DNS service code: Jim Pingle
12:35 PM Bug #12007 (Resolved): Dynamic DNS cache expiration time check calculation method may cause update to happen on the wrong day: Jim Pingle
12:34 PM Regression #11316 (Resolved): Unbound crashes with signal 11 when reloading: No recent reports of the crash happening on 22.01/2.6.0, anything happening on older versions wouldn't be a valid met... Jim Pingle
12:33 PM Bug #12470 (Resolved): Thermal Sensors Dashboard widget filter for negative values refers to invalid variable: Jim Pingle
12:31 PM Bug #12174 (Resolved): Firewall rule tabs load slowly when many rules on the tab utilize gateways: This seems to be working fine here. Jim Pingle
12:28 PM Bug #12257 (Resolved): Route data collection method on ``diag_routes.php`` has multiple issues: This has been working well, and the changes have been reviewed by the original reporter of the problem as well. See a... Jim Pingle
12:21 PM Bug #12713 (Resolved): PHP error on ``pkg_mgr_install.php`` when multiple instances are running: This was tricky to make happen on purpose before, but the correct syntax is present in the repo now so the PHP error ... Jim Pingle
12:15 PM Todo #12265 (Resolved): Improve uses of ``grep`` which utilize user-supplied patterns: These have been working better since the changes went in, no sign of side effects thus far either. Jim Pingle
12:14 PM Bug #12192 (Resolved): OpenVPN does not clean up previous CA and CRL files: This has been working well since it went in. Jim Pingle
12:11 PM Bug #12191 (Resolved): File overwrite in ``services_ntpd_gps.php`` via ``gpsport`` parameter: Jim Pingle
12:09 PM Bug #11891 (Resolved): strongSwan configuration contains incorrect structure for mobile pool DNS records: Jim Pingle
12:08 PM Bug #12315 (Resolved): IPsec tunnels using a gateway group do not get reloaded in some cases: Jim Pingle
11:02 AM Bug #12725: Potential XSS in ``pkg.php`` via ``pkg_filter``: Updated description with better info on reproducing the problem and confirming the fix. Jim Pingle
07:55 AM Bug #12725 (Feedback): Potential XSS in ``pkg.php`` via ``pkg_filter``: Applied in changeset commit:5d82cce0d615a76b738798577a28a15803e59aeb. Jim Pingle
07:39 AM Bug #12725 (Pull Request Review): Potential XSS in ``pkg.php`` via ``pkg_filter``: MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/584 Jim Pingle
07:37 AM Bug #12725 (Closed): Potential XSS in ``pkg.php`` via ``pkg_filter``: The @pkg_filter@ parameter on @pkg.php@ is not encoded before being printed back to the user, leading to a potential ... Jim Pingle
08:52 AM Bug #12723 (Pull Request Review): Disallow remote gateway of ``0.0.0.0`` for VTI mode: Jim Pingle
07:13 AM Bug #12723: Disallow remote gateway of ``0.0.0.0`` for VTI mode: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/583 Viktor Gurov
08:16 AM Regression #12622 (Resolved): Kernel panic when using ``fq_pie`` limiter scheduler: Thanks for following up, let us know if you experience any additional instability. Jim Pingle
06:46 AM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler: I am currently running the latest 2.60 release candidate snapshot and everything is working good. Anonymous
07:47 AM Feature #12675: Move command line history to a GUI option stored in ``config.xml`` rather than a manual flag file: It would need to be on the per-user settings since the file would need to be synchronized to each separate user accou... Jim Pingle
07:44 AM Feature #12675: Move command line history to a GUI option stored in ``config.xml`` rather than a manual flag file: Sure that would be even better. Steve Wheeler
07:40 AM Feature #12675: Move command line history to a GUI option stored in ``config.xml`` rather than a manual flag file: Maybe it's better to add an option to the WebGUI? Viktor Gurov
07:29 AM Feature #12724 (Resolved): Notify user if AutoConfigBackup is unable to successfully upload a backup: ACB may fail silently such that the user thinks a backup completed successfully when it did not.
A notification me... Anonymous

01/24/2022

10:15 PM Revision 671fd0d1: Fix formatting. Add get_ll_scope() check.: Loren McQuade
09:52 PM Regression #11545: Primary interface address is not always used when VIPs are present: Marcos Mendoza wrote in #note-23:
> For anyone that can reproduce this issue, it would be useful to know if this is ... M Felden
08:43 PM Regression #11545: Primary interface address is not always used when VIPs are present: For anyone that can reproduce this issue, it would be useful to know if this is still occurring in 22.01. Marcos M
09:18 PM pfSense Packages Bug #12692 (Resolved): Haproxy backend issue: After upgrading, I was able to correctly save the backend. Before, I was not able to save without the multiple input ... Marcos M
09:44 AM pfSense Packages Bug #12692: Haproxy backend issue: Merged to 22.01/2.6 Viktor Gurov
08:47 PM Revision 1e7b9b4a: Change get_gwgroup_members to include interface in link-local IPv6 addresses (Bug #12721): Loren McQuade
06:52 PM Feature #9304 (Resolved): DNS Rebind Protection should be configurable, defaults should be more sensible: The current option @System / Advanced / Admin Access // DNS Rebind Check@ can be checked which has the requested beha... Marcos M
06:32 PM Bug #6570 (Closed): Unbound breaks DNSSEC for pfSense's own hostname: The behavior for auto-added host entries can currently be disabled with the option @Disable Auto-added Host Entries@. Marcos M
06:28 PM Bug #4716 (Closed): "DNS Resolver" lacks SOA for ".local" domain setups: Currently there exists the option @Disable Auto-added Host Entries@. With this option, along with the ability to set ... Marcos M
06:15 PM Revision e8dad703: Default repo selector to stable repo after upgrade to Plus: (cherry picked from commit c83b195f258f472ce1d45305b56352bdd36cdbc0) Steve Beaver
06:13 PM Revision c83b195f: Default repo selector to stable repo after upgrade to Plus: Steve Beaver
03:32 PM Bug #12723: Disallow remote gateway of ``0.0.0.0`` for VTI mode: Because the remote gateway is a P1 setting but VTI is a P2 setting this needs to be checked in multiple places:
* ... Jim Pingle
03:12 PM Bug #12723 (Resolved): Disallow remote gateway of ``0.0.0.0`` for VTI mode: Since 0.0.0.0 is not compatible with building the correct VTI FreeBSD interface, disallow its use as a remote tunnel ... Chris Linstruth
03:22 PM pfSense Packages Bug #12705: IPsec Profile Wizard/Apple: IKEv2 VPN with ECDSA server certificate does not connect using generated profile: Hmmm, interesting. So maybe it is because of the old macOS 10.13 client. Best case, we'll be able to update the pfse... Sean McBride
10:10 AM pfSense Packages Bug #12705: IPsec Profile Wizard/Apple: IKEv2 VPN with ECDSA server certificate does not connect using generated profile: I can't reproduce that here. So long as I have the CA imported to the client, I can use either kind of certificate. I... Jim Pingle
03:11 PM Bug #12720 (Pull Request Review): Hide the ``tag`` field on non-floating tabs: See my note on the MR, this is not the case. Tags can be set and matched on any kind of rule. For example, pass in on... Jim Pingle
11:14 AM Bug #12720: Hide the ``tag`` field on non-floating tabs: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/582 Viktor Gurov
11:05 AM Bug #12720 (Rejected): Hide the ``tag`` field on non-floating tabs: The "Tag" field is relevant only for the Floating tab with an unchecked "Quick" option (match only)
In all other cas... Viktor Gurov
02:49 PM Bug #12721: IPv6 gateway group using link local addresses incorrectly logs a gateway change because it not including interface scope properly: https://github.com/pfsense/pfsense/pull/4554 Loren McQuade
02:39 PM Bug #12721 (Resolved): IPv6 gateway group using link local addresses incorrectly logs a gateway change because it not including interface scope properly: Change `get_gwgroup_memebers()` to include the interface in link-local IPv6 addresses. This way, the `gwip` value wi... Loren McQuade
07:25 AM pfSense Packages Feature #12281 (New): Add support for Telegram/Pushover notifications: That was just the workaround to suppress the error -- the longer term fix needs more thought on how NUT can send thes... Jim Pingle
05:52 AM pfSense Packages Feature #12281 (Feedback): Add support for Telegram/Pushover notifications: Merged:
https://github.com/pfsense/FreeBSD-ports/commit/3364533d7d08cd73ee8253bf979c71f3e7fcbe13 Viktor Gurov
07:18 AM pfSense Packages Feature #12719: add igc(4) to the list of INLINE mode (iflib/netmap) supported cards: https://github.com/pfsense/FreeBSD-ports/pull/1140 Viktor Gurov
06:04 AM pfSense Packages Feature #12719 (Resolved): add igc(4) to the list of INLINE mode (iflib/netmap) supported cards: add igc(4) to the list of INLINE mode (netmap) supported cards (pfSense 2.6/22.01):
https://github.com/pfsense/FreeB... Viktor Gurov
07:18 AM pfSense Docs Todo #12716 (Closed): Feedback on pfSense Configuration Recipes — Configuring DNS over TLS: > The section labeled "Testing DNS over TLS" should include or reference the note from the "DNS Lookup" diagnostics p... Jim Pingle
07:16 AM pfSense Packages Feature #12718: add igc(4) to the list of INLINE mode (iflib/netmap) supported cards: https://github.com/pfsense/FreeBSD-ports/pull/1139 Viktor Gurov
06:04 AM pfSense Packages Feature #12718 (Resolved): add igc(4) to the list of INLINE mode (iflib/netmap) supported cards: add igc(4) to the list of INLINE mode (netmap) supported cards (pfSense 2.6/22.01):
https://github.com/pfsense/FreeB... Viktor Gurov
07:12 AM Feature #12714 (Pull Request Review): Show ``Inactive`` for Hardware Crypto output instead of empty field on System Information dashboard widget when nothing can be accelerated: Jim Pingle
07:09 AM Bug #12680 (Resolved): Typo in the warning text: Jim Pingle
05:59 AM pfSense Packages Feature #9700 (Feedback): Secure Squid HTTPS Proxy: > This would involve adding a new configuration block inside Services->Squid->General after "Squid General Settings" ... Viktor Gurov
05:50 AM Bug #12715: Long system startup time when LDAP is configured and unavailable during startup.: Christian McDonald wrote:
> # Currently if LDAP is unavailable at system startup, several LDAP queries have to timeo... Viktor Gurov
05:47 AM Bug #12712: Errors bring down the system: Supplementary note: The system environment has frr ipv6 bgp full route running.
pfsense 2.6 rc yon Liu
05:41 AM Feature #9091: Chelsio TOE support using the ``t4_tom`` module: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/581 Viktor Gurov
05:32 AM pfSense Packages Todo #12717: Squid 5.x Branch: Currently FreeBSD 12-14 only support amd64 version of squid, but not ARM:
https://www.freshports.org/www/squid/ Viktor Gurov

01/23/2022

01:48 PM pfSense Packages Todo #12717 (New): Squid 5.x Branch: Squid is still actively updated and under development
http://www.squid-cache.org/Versions/v5/ChangeLog.html
Time to... Kyle Klouzal
11:51 AM pfSense Docs Todo #12716 (Closed): Feedback on pfSense Configuration Recipes — Configuring DNS over TLS: *Page:* https://docs.netgate.com/pfsense/en/latest/recipes/dns-over-tls.html
*Feedback:* The section labeled "Test... Jason Hovak
11:24 AM pfSense Packages Todo #9200: Add DNS support for Google domain to Acme manager: Google DNS is different from Google Domains. +1 for Google Domain support here.. Kyle Klouzal
11:12 AM pfSense Packages Feature #9700: Secure Squid HTTPS Proxy: Selecting 'transparent' mode adds the 'https_port' directive into configs but also adds 'intercept' which is undesire... Kyle Klouzal
11:01 AM Feature #12714: Show ``Inactive`` for Hardware Crypto output instead of empty field on System Information dashboard widget when nothing can be accelerated: Can this be "un-closed" so the PR can be considered → luckman212
10:01 AM Bug #12712: Errors bring down the system: I can't replicate this either. Adding the static route works as expected. The routing table is updated.
Tested:
<... Steve Wheeler
01:30 AM Revision d6365bba: Detect correct setting for custom repo and call pkg_switch_repo to be sure: (cherry picked from commit fccb675a6bb930ccb7cd62ff1287ee209929d49e) Steve Beaver
01:13 AM Revision fccb675a: Detect correct setting for custom repo and call pkg_switch_repo to be sure: Steve Beaver

01/22/2022

07:16 PM pfSense Plus Feature #12534: Generate a ISO Image for Remote Restore of pfSense Plus on the XG-1537 and 1541 units with IPMI: Will we be building an image for this for 22.01 or just using the generic amd64 ISO? Kris Phillips
06:06 PM Revision 4d2396e8: Revert clearing custom repo on boot: (cherry picked from commit 2368c2cf715d1fa7455fcc65b55e5cd96d4a21ca) Steve Beaver
06:04 PM Revision 2368c2cf: Revert clearing custom repo on boot: Steve Beaver
04:49 PM Bug #12680: Typo in the warning text: typographical error is not present in 22.05-DEVELOPMENT (amd64) built on Mon Jan 17 06:17:15 UTC 2022 Jordan G
03:26 PM Feature #12714: Show ``Inactive`` for Hardware Crypto output instead of empty field on System Information dashboard widget when nothing can be accelerated: @jimp it was a 1-line PR so I just went ahead...
https://github.com/pfsense/pfsense/pull/4553 → luckman212

01/21/2022

09:16 PM Bug #7329: DHCP Not Updating DNS: No, the MAC address is static. The IP Space in this case was approximately 50, and there were only 2-3 clients on th... Jon Noren
09:12 PM Bug #8151 (Resolved): Changing name on a gateway is not allowed: copy GW option is added.
use copy GW option, change the name and save, then delete unwanted GW from GW list. Alhusein Zawi
08:46 PM Bug #12712: Errors bring down the system: This is the result of ip aggregation. Duplicates should be removed.
Attachment file updated. yon Liu
07:52 AM Bug #12712 (Not a Bug): Errors bring down the system: I can't replicate this at all, but your two files have numerous overlapping networks which is invalid. Input validati... Jim Pingle
05:37 AM Bug #12712: Errors bring down the system: One of the reasons for the problem is that if many static routes are added to the settings, the pf2.6 system will cra... yon Liu
03:39 AM Bug #12712 (Not a Bug): Errors bring down the system: !https://i.imgur.com/icMXbjY.jpg! yon Liu
06:27 PM Revision 9ee4bec4: Revert "Move custom repo removal code to a better location in rc.reboot": This reverts commit e696b0868a495af4f19505b8261f25d6604adc8d. Glen Barber
06:24 PM Revision 88e8de2c: Revert "Move custom repo removal code to a better location in rc.reboot": This reverts commit e696b0868a495af4f19505b8261f25d6604adc8d Steve Beaver
05:19 PM pfSense Packages Bug #12705: IPsec Profile Wizard/Apple: IKEv2 VPN with ECDSA server certificate does not connect using generated profile: So my CA was created as follows:
- descriptive name: `MyCo IPSec CA`
- method: `create an internal CA`
- Trust S... Sean McBride
03:36 PM Bug #12715 (New): Long system startup time when LDAP is configured and unavailable during startup.: # Currently if LDAP is unavailable at system startup, several LDAP queries have to timeout before the system will pro... Christian McDonald
03:30 PM Revision d3217d85: Correct PHP syntax error. Fixes #12713: (cherry picked from commit f73ace96e837ca2f0957a5fafe5794e033231c2e) Jim Pingle
02:24 PM Feature #7416: DHCPv4 client does not support ``supersede`` statement for option 54: Updating subject for release notes. Jim Pingle
02:20 PM Revision f73ace96: Correct PHP syntax error. Fixes #12713: Jim Pingle
01:38 PM pfSense Packages Feature #12281 (New): Add support for Telegram/Pushover notifications: NUT tries to send notifications from an unprivileged user and can't do so because of the permissions on @/var/db/noti... Jim Pingle
12:55 PM Regression #12688 (Resolved): pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600: Thanks for following up! Jim Pingle
12:06 PM Regression #12688: pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600: Hello, I week ago PPPOE WAN did not work (I did report that in the forum). Today I felt comfortable enough to try the... Louis B
12:46 PM Feature #12714: Show ``Inactive`` for Hardware Crypto output instead of empty field on System Information dashboard widget when nothing can be accelerated: Ok, I would suggest a small wording change then
"Hardware crypto" → "Hardware crypto (active)"
And the @crypto_acc... → luckman212
12:05 PM Feature #12714: Show ``Inactive`` for Hardware Crypto output instead of empty field on System Information dashboard widget when nothing can be accelerated: It does show both supported (See the "Yes") and active/inactive. The Yes/No is whether or not the hardware supports ... Jim Pingle
11:59 AM Feature #12714: Show ``Inactive`` for Hardware Crypto output instead of empty field on System Information dashboard widget when nothing can be accelerated: Okay thanks Jim
FYI I have my crypto set to "QAT" on the 6100... which also seems to be the default setting.
S... → luckman212
11:33 AM Feature #12714 (Not a Bug): Show ``Inactive`` for Hardware Crypto output instead of empty field on System Information dashboard widget when nothing can be accelerated: It's working fine here on the latest RC on 6100 and several other platforms.
From the output in the widget above y... Jim Pingle
11:27 AM Feature #12714 (Resolved): Show ``Inactive`` for Hardware Crypto output instead of empty field on System Information dashboard widget when nothing can be accelerated: on 22.01.r.20220120.1938 I'm seeing an empty string on the Dashboard Widget under System Information -> Hardware cryp... → luckman212
11:37 AM Bug #12703: pf ``hostid`` value is handled inconsistently: https://reviews.freebsd.org/D33989 Kristof Provost
11:00 AM pfSense Packages Bug #12475 (Feedback): OpenVPN Client Export does not show certificate without private key: Fix pushed, will be available whenever the next build happens. Jim Pingle
10:39 AM pfSense Packages Bug #12475 (New): OpenVPN Client Export does not show certificate without private key: This has caused a problem, it's impossible to export a config now for a non-TLS RA config ("Remote Access (User Auth)... Jim Pingle
09:40 AM Feature #9092 (Resolved): Option to set interval of forced Dynamic DNS updates: Jim Pingle
09:40 AM Bug #12713: PHP error on ``pkg_mgr_install.php`` when multiple instances are running: Applied in changeset commit:f73ace96e837ca2f0957a5fafe5794e033231c2e. Jim Pingle
09:38 AM Bug #12713 (Feedback): PHP error on ``pkg_mgr_install.php`` when multiple instances are running: Merged and picked for 22.01/2.6.0 Jim Pingle
08:21 AM Bug #12713 (Pull Request Review): PHP error on ``pkg_mgr_install.php`` when multiple instances are running: MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/576 Jim Pingle
08:18 AM Bug #12713 (Resolved): PHP error on ``pkg_mgr_install.php`` when multiple instances are running: There is a PHP syntax error causing an error in @pkg_mgr_install.php@ which gets triggered if multiple @pkg@ processe... Jim Pingle
09:37 AM Regression #12707 (Resolved): Minnowboard Turbo cannot boot a clean install: UFS install now boots as expected.
Tested:... Steve Wheeler
09:27 AM Bug #12328 (Resolved): IPsec VTI interface remote endpoint is not resolved the correct way: Jim Pingle
09:20 AM Todo #12051 (Resolved): XMLRPC client improvements: This appears to be working well since it went in. Jim Pingle
09:18 AM Feature #12499 (Resolved): Allow Chelsio T6 CXGBE (``cc``) drivers to be used for ALTQ traffic shaping: Card is in the list now. Jim Pingle
09:17 AM Regression #12069 (Resolved): Panic in ``pfctl`` with large numbers of states: No sign of this being a problem since the fix went in. Jim Pingle
09:16 AM Regression #12660 (Resolved): High CPU usage due to incorrect gateway on some policy routed states: Can't replicate it on a current RC image with the fix built-in, and no negative side effects that I've noticed thus far. Jim Pingle
09:15 AM Bug #12694 (Resolved): PHP error when clicking Delete on Outbound NAT with no rules selected: Same here. No more PHP error when attempting to reproduce the problem. Selecting and deleting items still works as ex... Jim Pingle
09:13 AM Regression #12396 (Resolved): PHP Warning: Use of undefined constant ip - /etc/inc/services.inc on line 2465: Correct code is present in the repo. Jim Pingle
09:12 AM Bug #11290 (Resolved): Package ``<plugins>`` and ``<tabs>`` content missing from configuration in some cases: The expected tags are present after a fresh package install now, as expected. Jim Pingle
09:09 AM Todo #12145 (Resolved): Convert RAM disks to ``tmpfs``: This has been working well since it went in, no sign of problems thus far. Jim Pingle
09:09 AM Regression #12057 (Resolved): 21.09/2.6.0 - High CPU usage and slowness with ``pfctl -ss``: Jim Pingle
09:07 AM Feature #12011 (Closed): Disable log compression on new installations when ``/var/log`` is a ZFS dataset with compression enabled: Checked a few things I've recently reinstalled with zfs and they appear to have disabled compression on their own as ... Jim Pingle
09:05 AM Bug #11951 (Closed): IPsec status fails when many tunnels are connected: No sign of slowness or failures with many tunnels on the IPsec status page since the fix went in. I've tested with ~2... Jim Pingle
08:57 AM Regression #12550 (Resolved): PHP ``foreach`` error in IPsec status: No sign of this since the fix went in. Jim Pingle
08:56 AM Bug #12383 (Resolved): Typos in interfaces_assign.php configuration change description strings: No sign of the typos in current code or the referenced config descriptions/log messages. Jim Pingle
08:54 AM Regression #12288 (Closed): GRE and GIF tunnel inside addresses are missing at the OS level after applying changes on assigned interfaces: This has been working well since the fix went in. I've saved/applied on asigned GIF interfaces numerous times and the... Jim Pingle
08:51 AM Bug #11831 (Resolved): Certificate Revocation tab does not list active users of CRL entries: CRL consumers are now shown on the CRL list. Jim Pingle
08:50 AM Regression #12217 (Resolved): Kernel panic in IPFW when using Captive Portal: Captive portal has been stable without crashing since this went in. No further sign of problems. Jim Pingle
08:49 AM Todo #12093 (Resolved): Make AutoConfigBackup menu entry point to the settings tab so it loads faster when there is no WAN connectivity: Menu entry goes to settings now as expected. Jim Pingle
08:41 AM Regression #12698 (Resolved): ARP table interface column empty for entries on unassigned interfaces: Works as expected on 2.6.0.r.20220120.1937 Jim Pingle
07:56 AM Bug #12710 (Pull Request Review): Disabling DHCP Server RRD statistics does not work: Jim Pingle
12:45 AM Bug #12710: Disabling DHCP Server RRD statistics does not work: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/575 Viktor Gurov
06:27 AM Regression #11512 (Feedback): DHCP Leases page and ARP table page fail to load if DNS is not available: Jim Pingle
12:48 AM Regression #11512 (Duplicate): DHCP Leases page and ARP table page fail to load if DNS is not available: system_get_dhcpleases() fixed in #11512 Viktor Gurov
02:54 AM pfSense Packages Feature #12711: Add InfluxDB V2 support: https://github.com/pfsense/FreeBSD-ports/pull/1137 Viktor Gurov
02:54 AM pfSense Packages Feature #12711 (New): Add InfluxDB V2 support: Added support for the InfluxDB V2 protocol and made some improvements to the UI
Viktor Gurov
02:52 AM pfSense Packages Bug #12706: pfBlockerNG and unbound does not work after switching /var to RAM disk: fix:
https://github.com/pfsense/FreeBSD-ports/pull/1138 Viktor Gurov
12:48 AM Bug #12709 (Duplicate): RRD stats have many dropouts in all databases, with DHCPD RRD logging enabled and broken reverse DNS: system_get_dhcpleases() fixed in #11512 Viktor Gurov

01/20/2022

08:14 PM pfSense Packages Bug #12692: Haproxy backend issue: So just checking... the fix is only in pfSense 2.7 alpha? Not making it into 2.6 / 22.01 ?
Is there way to pull it i... → luckman212
06:09 AM pfSense Packages Bug #12692: Haproxy backend issue: Danilo Zrenjanin wrote in #note-5:
>
> All those fields should be using default values if nothing was defined. Ple... Viktor Gurov
07:58 PM Bug #12709: RRD stats have many dropouts in all databases, with DHCPD RRD logging enabled and broken reverse DNS: I installed
@2.6.0-RC (amd64)
built on Thu Jan 20 19:49:04 UTC 2022 @
and broke reverse DNS again. The problem is... John Hood
06:26 PM Bug #12709 (Duplicate): RRD stats have many dropouts in all databases, with DHCPD RRD logging enabled and broken reverse DNS: Seen on pfSense 2.5.2 Community Edition:
Since about 2021/03/01 I've had a problem where my RRD data has dropouts ... John Hood
06:41 PM Bug #12710: Disabling DHCP Server RRD statistics does not work: "has no effect" means that @/var/db/rrd/updaterrd.sh@ is not changed and DHCP RRD stats collection continues. I foun... John Hood
06:34 PM Bug #12710 (Resolved): Disabling DHCP Server RRD statistics does not work: Seen on CE 2.5.2.
DHCP RRD stats can be enabled by a checkbox on the DHCP Services page, but disabling it on that ... John Hood
06:37 PM Revision 900d20a9: Move custom repo removal code to a better location in rc.reboot: (cherry picked from commit e696b0868a495af4f19505b8261f25d6604adc8d) Steve Beaver
06:32 PM Revision e696b086: Move custom repo removal code to a better location in rc.reboot: Steve Beaver
04:07 PM Revision 1d75d9ef: openvpn.tls-verify.php exec() output fix. Issue #11829: (cherry picked from commit a80cf2c919c3abc5eb4eb479d7058ea6e69afc49) Viktor Gurov
03:41 PM Bug #12708 (Resolved): Alias with non-resolving FQDN entry breaks underlying PF table: Hi,
We've seen a number of cases where a mixed alias list (containing both IP and FQDN) results in either complete... Piet H
02:43 PM pfSense Docs Todo #12704 (Feedback): Add more HA DHCP troubleshooting info: Done:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/1c4627ca45f088720bae3be18a6a65a2f977fcb3
http://sta... Jim Pingle
10:27 AM pfSense Docs Todo #12704 (Closed): Add more HA DHCP troubleshooting info: The HA DHCP troubleshooting doc could use a bit more info:
https://docs.netgate.com/pfsense/en/latest/troubleshoot... Jim Pingle
02:35 PM Bug #12274: Unbound fails to start if its configuration references a python script which does not exist: Is that script chosen in the unbound options or inserted through custom options? If it's in custom options, it is not... Jim Pingle
12:31 PM Bug #12274 (New): Unbound fails to start if its configuration references a python script which does not exist: Doesn't work as expected, see https://redmine.pfsense.org/issues/12706
pfSense 22.01.r.20220117.2310 Viktor Gurov
01:50 PM Revision a80cf2c9: openvpn.tls-verify.php exec() output fix. Issue #11829: Viktor Gurov
01:31 PM Regression #12707 (Feedback): Minnowboard Turbo cannot boot a clean install: https://gitlab.netgate.com/pfSense/FreeBSD-src/-/merge_requests/52 Steve Wheeler
01:28 PM Regression #12707 (Assigned): Minnowboard Turbo cannot boot a clean install: Steve Wheeler
01:28 PM Regression #12707 (Resolved): Minnowboard Turbo cannot boot a clean install: The MBT-4220/2220 cannot boot a clean 2.6 install because it is loading the ZFS kernel module even when it is install... Steve Wheeler
01:15 PM Revision 63693e95: Fix ARP table interface names. Fixes #12698: (cherry picked from commit 81e7e462f00a031f6010bfcc955681a6ccdeac7b) Jim Pingle
12:29 PM pfSense Packages Bug #12706 (Resolved): pfBlockerNG and unbound does not work after switching /var to RAM disk: How to reproduce:
1) Install pfBlockerNG-devel, and configure DNSBL in python mode
2) Enable RAM disk for /var
3) ... Viktor Gurov
11:03 AM pfSense Packages Bug #12705: IPsec Profile Wizard/Apple: IKEv2 VPN with ECDSA server certificate does not connect using generated profile: In fact this started as a forum post, but there were no replies:
https://forum.netgate.com/topic/169207/ecdsa-cert... Sean McBride
10:47 AM pfSense Packages Bug #12705 (Incomplete): IPsec Profile Wizard/Apple: IKEv2 VPN with ECDSA server certificate does not connect using generated profile: There isn't enough information here, need a lot more info about your CA, cert, and P1 settings. Probably best to keep... Jim Pingle
10:36 AM pfSense Packages Bug #12705 (Resolved): IPsec Profile Wizard/Apple: IKEv2 VPN with ECDSA server certificate does not connect using generated profile: I have a working IPSec VPN. But my CA and cert are expiring soon so I thought I'd use the more modern ECDSA instead o... Sean McBride
10:51 AM Feature #12702: Use consistent pf host ID and add GUI option to set a custom host ID in state synchronization settings: Updated description, it works better when set in @$limitrules@ Jim Pingle
10:01 AM Feature #12702 (Resolved): Use consistent pf host ID and add GUI option to set a custom host ID in state synchronization settings: On @system_hasync.php@ we should add a GUI field to set a custom pf @hostid@ value. This value is a 32-bit number whi... Jim Pingle
10:25 AM Bug #12095: Memory leak in pcscd: This may be redundant information, just mentioning that this mem leak is not only an issue on lower memory systems.
... Mr Sparkles
10:23 AM Bug #11829: OpenVPN client certificate validation with OCSP always fails: Merged Viktor Gurov
09:46 AM Bug #11829 (Feedback): OpenVPN client certificate validation with OCSP always fails: Scott Long
07:23 AM Bug #11829 (Pull Request Review): OpenVPN client certificate validation with OCSP always fails: Jim Pingle
05:56 AM Bug #11829: OpenVPN client certificate validation with OCSP always fails: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/573 Viktor Gurov
03:40 AM Bug #11829: OpenVPN client certificate validation with OCSP always fails: Sorry for the late reply, switched to some other projects.
> The suggested code was added - you can see it here:
> ... Konstantin Panchenko
10:21 AM Bug #12703 (Resolved): pf ``hostid`` value is handled inconsistently: We don't use this yet, but we should in the future (See #12702) but I've noticed an inconsistency in how pf handles t... Jim Pingle
09:35 AM Bug #7352: pfSense IPv6 static route is dumped after a WAN flap: So this is still an issue on 2.5.x. Route intermittently flaps and the static routes go away until you edit (with no... JC Denton
09:14 AM Todo #12701 (Resolved): Reorganize CARP status page: The CARP status page at @status_carp.php@ could be improved a bit. For example, the page refers to CARP VIPs as "CARP... Jim Pingle
07:20 AM Regression #12698 (Feedback): ARP table interface column empty for entries on unassigned interfaces: Applied in changeset commit:81e7e462f00a031f6010bfcc955681a6ccdeac7b. Jim Pingle
03:47 AM Bug #11830: Certificate validation with OCSP always fails in ``openvpn.tls-verify.php``: Konstantin Panchenko wrote in #note-11:
> This is still an issue in 2.5.2, validation code still checking only for t... Konstantin Panchenko

01/19/2022

05:50 PM Revision 24d5bb94: ldap_get_groups() return value fix. Issue #12699: (cherry picked from commit bbca801ce97dfee00be51175aa849f13d66e3738) Viktor Gurov
05:24 PM Revision 81e7e462: Fix ARP table interface names. Fixes #12698: Jim Pingle
04:53 PM Revision bbca801c: ldap_get_groups() return value fix. Issue #12699: Viktor Gurov
12:50 PM Bug #12694: PHP error when clicking Delete on Outbound NAT with no rules selected: Tested on:... Danilo Zrenjanin
12:39 PM pfSense Packages Bug #12692: Haproxy backend issue: Tested against:... Danilo Zrenjanin
11:49 AM Regression #12699: ldap_get_groups() must return an array value: This appears to be a regression from some recent change as it wasn't happening on previous releases. Excluding from t... Jim Pingle
11:44 AM Regression #12699 (Feedback): ldap_get_groups() must return an array value: Scott Long
10:54 AM Regression #12699: ldap_get_groups() must return an array value: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/571 Viktor Gurov
10:50 AM Regression #12699 (Closed): ldap_get_groups() must return an array value: In some cases it can return false instead of empty array
No such issue with @radius_get_groups()@ and @local_user_ge... Viktor Gurov
10:45 AM Regression #12698 (Pull Request Review): ARP table interface column empty for entries on unassigned interfaces: MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/570 Jim Pingle
10:41 AM Regression #12698 (Resolved): ARP table interface column empty for entries on unassigned interfaces: On @diag_arp.php@ if there are entries in the ARP table for hosts on unassigned interfaces, the interface column is b... Jim Pingle
10:36 AM Bug #12691 (Pull Request Review): Support encrypted ``config.xml`` files when restoring during install: Viktor Gurov
09:44 AM Bug #12105: Packages are not automatically reinstalled when restoring configuration using the installer: It is noteworthy that the menu items for the removed packages were cleaned up which is nice. Chris Linstruth
09:42 AM Bug #12105 (Assigned): Packages are not automatically reinstalled when restoring configuration using the installer: Chris Linstruth
09:41 AM Bug #12105: Packages are not automatically reinstalled when restoring configuration using the installer: Existing 2.6.0 CE KVM/Proxmox Node.
Reinstalled ZFS using pfSense-CE-2.6.0-RC-amd64-20220117-2310.iso, Recovering ... Chris Linstruth
07:07 AM pfSense Packages Bug #12695 (Not a Bug): pfsense 2.5.2 vs ntopng 5.1: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
04:17 AM pfSense Packages Bug #12695 (Not a Bug): pfsense 2.5.2 vs ntopng 5.1: Hello
Can i have an tutorial for install ntopng on pfsense correctly pls
I followed the link on ntop site official ... TT RD
05:53 AM Bug #12686 (Resolved): Incorrect copyright year: Tested:... Danilo Zrenjanin

01/18/2022

09:06 PM Revision 8ac2936a: Don't del ONAT rules w/o selection. Fixes #12694: (cherry picked from commit f783d68bd1708f7845fc21f035b4f3232a6f435d) Jim Pingle
08:38 PM Revision f783d68b: Don't del ONAT rules w/o selection. Fixes #12694: Jim Pingle
03:45 PM Revision 443679a9: Copyright update: Steve Beaver
03:43 PM Revision 0315035c: Changes to facilitate merge: Steve Beaver
03:12 PM Revision 27701ae1: Rework package repos for 2.6.0-RELEASE: Renato Botelho
03:10 PM Bug #12694: PHP error when clicking Delete on Outbound NAT with no rules selected: Applied in changeset commit:f783d68bd1708f7845fc21f035b4f3232a6f435d. Jim Pingle
03:09 PM Bug #12694 (Feedback): PHP error when clicking Delete on Outbound NAT with no rules selected: Scott Long
02:40 PM Bug #12694 (Pull Request Review): PHP error when clicking Delete on Outbound NAT with no rules selected: MR with fix: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/569 Jim Pingle
02:31 PM Bug #12694 (In Progress): PHP error when clicking Delete on Outbound NAT with no rules selected: Jim Pingle
01:13 PM Bug #12694 (Resolved): PHP error when clicking Delete on Outbound NAT with no rules selected: After pressing Delete button without selecting any NAT rule I got a PHP crash as follow:... Renato Botelho
11:57 AM Feature #7416: DHCPv4 client does not support ``supersede`` statement for option 54: Fabian Kurtz wrote in #note-6:
> The patch fixed it in OPNSense in 2017. It has been running flawlessly ever since. ... Viktor Gurov
09:45 AM Feature #7416 (Feedback): DHCPv4 client does not support ``supersede`` statement for option 54: This is now available on 2.6/22.01 from upstream.
https://github.com/pfsense/FreeBSD-src/commit/663441de575dbdd382... Marcos M
09:58 AM Feature #12291 (Resolved): Support for Slack notifications: Viktor Gurov
09:57 AM Feature #12291: Support for Slack notifications: Tested with... Christopher Cope
09:13 AM pfSense Packages Bug #12692 (Feedback): Haproxy backend issue: Merged:
https://github.com/pfsense/FreeBSD-ports/commit/0ef44539d3e10f6839ea577873b97756131a92a5 Viktor Gurov
07:19 AM pfSense Packages Bug #12692 (Pull Request Review): Haproxy backend issue: Jim Pingle
04:35 AM pfSense Packages Bug #12692: Haproxy backend issue: fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/171 Viktor Gurov
04:16 AM pfSense Packages Bug #12692 (Resolved): Haproxy backend issue: https://forum.netgate.com/topic/168944/haproxy-backend-issue:
It seems that when not setting HSTS value to something... Viktor Gurov
08:59 AM Bug #12691: Support encrypted ``config.xml`` files when restoring during install: https://gitlab.netgate.com/pfSense/FreeBSD-src/-/merge_requests/51 Viktor Gurov
07:44 AM Regression #12660: High CPU usage due to incorrect gateway on some policy routed states: Not a problem in a release, excluding from release notes. Jim Pingle
07:19 AM pfSense Docs Correction #12693 (Closed): www.pfsense.org/snapshots still shows 2.6.0-DEVELOPMENT: Updated. Jim Pingle
06:07 AM pfSense Docs Correction #12693 (Closed): www.pfsense.org/snapshots still shows 2.6.0-DEVELOPMENT: Should be 2.7.0-DEVELOPMENT
https://www.pfsense.org/snapshots/ Viktor Gurov
06:28 AM pfSense Packages Bug #9500: HAproxy does not delete non-applicable action config: no such issue on pfSense-pkg-haproxy-devel 0.62_7
it may be related to the non-devel haproxy pkg Viktor Gurov
04:44 AM pfSense Packages Bug #9027 (Resolved): HAProxy: Unknown keyword lua-load: Viktor Gurov

01/17/2022

07:24 PM Revision b938ee3a: Delete all custom files if the custom repo specification is incomplete: (cherry picked from commit 51ef2e44e96254b9b3019ebf3bcaa5799f03ce79) Steve Beaver
05:45 PM Revision 51ef2e44: Delete all custom files if the custom repo specification is incomplete: Steve Beaver
05:45 PM Revision fae2f2d5: OpenVPN validation improvements. Fixes #12677: Added validation for the following fields:
* OpenVPN Server:
* mode, dev_mode, protocol, interface, ecdh_curve, d... Jim Pingle
01:47 PM Regression #12622 (Feedback): Kernel panic when using ``fq_pie`` limiter scheduler: Scott Long
01:22 PM Regression #12622 (In Progress): Kernel panic when using ``fq_pie`` limiter scheduler: Scott Long
12:27 PM Bug #12686 (Feedback): Incorrect copyright year: Merged to devel/2.6/22.01 Viktor Gurov
12:22 PM Bug #12677: OpenVPN form validation issues: This has now been picked back to the RC branches for Plus and CE, and will be in the next RC build. Jim Pingle
12:21 PM Regression #12660 (Feedback): High CPU usage due to incorrect gateway on some policy routed states: This has been merged back to the RC branch now, the next RC build will have it included. Jim Pingle
12:07 PM Regression #12688 (Feedback): pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600: Merged:
https://github.com/pfsense/FreeBSD-ports/commit/650a032444e99e9b27c4baf8f45174f757a426bd Viktor Gurov
10:44 AM Regression #12688 (Pull Request Review): pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600: Jim Pingle
08:50 AM Regression #12688: pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/170 Viktor Gurov
08:01 AM Regression #12688: pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600: That'd make sense, because I deliberately waited to merge https://github.com/pfsense/FreeBSD-src/commit/fdcdd81fb82df... Kristof Provost
07:21 AM Regression #12688: pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600: Is this only on 2.7 snapshots and not 2.6-RC?
I have several systems with PPPoE and L2TP WANs in my lab on 2.6 RC ... Jim Pingle
04:26 AM Regression #12688: pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600: seems related to https://github.com/pfsense/FreeBSD-src/commit/fdcdd81fb82dfd8778e2c239162a596a756f236f
https://gi... Viktor Gurov
11:57 AM Regression #11316: Unbound crashes with signal 11 when reloading: There are two problems here.
1. There is no watchdog restarting the unbound service
2. An invalid unbound configu... Ben Ito
09:43 AM pfSense Docs Correction #12689 (Closed): Link fails with 404: Fixed:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/dc520e089212cfadc4e1e522043efddcd1504612
That link... Jim Pingle
08:47 AM Bug #12614: Pushover notifications fail: this is 2.6 only fix Viktor Gurov
07:27 AM Feature #12687 (Pull Request Review): Option to disable auto-addition of static routes for ``dpinger``: Jim Pingle
06:50 AM Bug #12691 (Resolved): Support encrypted ``config.xml`` files when restoring during install: Add a password prompt to bsdinstall if config.xml is encrypted, and skip it on <ENTER>
see ECL encrypted config.xm... Viktor Gurov
06:48 AM pfSense Packages Bug #11398: pfBlocker upgrade hangs forever: for some reason unbound does not terminated in 30s:... Viktor Gurov
06:43 AM pfSense Packages Bug #11632 (Duplicate): unbound service not restarted on pfBlocker-devel install/reinstall: Viktor Gurov
04:17 AM Bug #12690 (Duplicate): 6RD PPPoE WAN Configuration Broken in 2.7.0-DEVELOPMENT: Duplicate of #12688 Viktor Gurov
04:17 AM Regression #12382: Certificate Depth checking creates OpenVPN micro-outages every time a user authenticates after 2.5.2 upgrade: Viktor Gurov wrote in #note-10:
> > We are also hit with that now and that's only with ~10 users in VPN but as our c... Jens Groh

01/16/2022

04:59 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: I use 2.5.2-RELEASE (amd64) - Jul, 02 15:33:00 EDT 2021 - with exactly the same problem.
After killing filterdns (pk... Artur Mitrosz
04:45 PM Bug #12690 (Duplicate): 6RD PPPoE WAN Configuration Broken in 2.7.0-DEVELOPMENT: As soon as I upgraded to 2.7.0-DEVELOPMENT, my WAN configuration (6RD / PPPoE) with CenturyLink fails to PPPoE authen... Eric Veum
10:34 AM Feature #12267 (Pull Request Review): OpenVPN option to limit concurrent connections per user: Marcos M
10:31 AM Feature #12267: OpenVPN option to limit concurrent connections per user: New MR including fix to client-specific configuration not applying (static address issue): https://gitlab.netgate.com... Marcos M
10:33 AM Feature #12407 (Pull Request Review): Use deferred client connections in OpenVPN: Marcos M
10:32 AM Feature #12407: Use deferred client connections in OpenVPN: New MR, see: https://redmine.pfsense.org/issues/12267#note-16 Marcos M
10:33 AM Bug #12332 (Pull Request Review): OpenVPN does not clear old Cisco-AVPair anchor rules in some cases: New MR, see: https://redmine.pfsense.org/issues/12267#note-16 Marcos M
10:22 AM pfSense Docs Correction #12659: Correct inaccuracies in configuring Flow Control for ``ix`` and ``ixl`` interfaces: Looks like this applies to ixl as well: https://www.intel.com/content/www/us/en/download/18331/intel-network-adapter-... Marcos M
09:26 AM Bug #2514: static routes for monitor IPs should be removed: related: https://redmine.pfsense.org/issues/12687 → luckman212
01:57 AM pfSense Packages Todo #12317 (Resolved): Suricata UI improvements: Viktor Gurov

01/15/2022

09:48 PM Regression #12688: pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600: Kris Phillips wrote in #note-2:
> Can someone having this issue please provide their PPPoE system logs?
Jan 15 07... Dee D
08:19 PM Regression #12688: pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600: Can someone having this issue please provide their PPPoE system logs? Kris Phillips
06:02 AM Regression #12688: pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600: someone else had the same problem
https://www.reddit.com/r/PFSENSE/comments/s3x10p/cant_connect_to_internet_after_... Dee D
06:00 AM Regression #12688 (Resolved): pppoe won’t connect after upgrade to 2.7.0.a.20220115.0600: I was on a 2.7 build from a few days previous where it was working. Dee D
08:35 PM Bug #7329: DHCP Not Updating DNS: I've never run into this issue because the DHCP server in pfSense tries to hand the same IP to the host. Is your vir... Kris Phillips
08:33 PM Bug #2234: Status: Traffic Graph - only shows interface's subnet: Generally speaking, having multiple subnets on the same L2 broadcast domain is not common or best practice. Splittin... Kris Phillips
08:29 PM Bug #6926: Miniupnp advertising expired IPv6 address: The miniupnpd component is on version 2.2.1 in pfSense Plus 21.05.2. What version of pfSense was this tested on? Pl... Kris Phillips
06:56 PM pfSense Packages Todo #12317: Suricata UI improvements: Seeing the noted changes, fixes and additions on suricata-6.0.4 Jordan G
06:09 PM Bug #12651: ``nginx`` logs an error that the port is already in use when restarting Captive Portal services: possibly related to #10159 A FL
01:20 PM pfSense Docs Correction #12689 (Closed): Link fails with 404: This link seems to be dead on page;
Under "Verifying HTTP Load Balancing"
A page on the Netgate site is available... Daniel van der Wal
12:09 PM pfSense Packages Feature #12674 (Resolved): Redistribute RIP to BGP: Viktor Gurov
11:25 AM pfSense Packages Feature #12674: Redistribute RIP to BGP: "Redistribute RIP" option is added to OSPF and BGP GUI
2.6.0.r.20220113.1926
Alhusein Zawi
11:29 AM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler: I can confirm this is working in the latest 2.70 snapshot. Anonymous

01/14/2022

05:24 PM Revision ba815f3d: OpenVPN validation improvements. Fixes #12677: Added validation for the following fields:
* OpenVPN Server:
* mode, dev_mode, protocol, interface, ecdh_curve, d... Jim Pingle
04:52 PM Feature #12687 (Resolved): Option to disable auto-addition of static routes for ``dpinger``: *Summary*
* Currently, static routes are added for each gateway monitor IP, to force dpinger ICMP to leave via the g... → luckman212
02:27 PM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler: I pushed the fix, should be available in the next snapshot. Mateusz Guzik
02:12 PM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler: Ok, that's the same kind of problem, but it will have to be fixed differently. I'll try to do it today. Mateusz Guzik
01:46 PM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler: Ok I'm uploading two text dumps.
The first one occured right when I applied the floating firewall rules to pipe the ... Anonymous
01:02 PM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler: Can you attach a dump? Both already attached only show the fq pie crash. Mateusz Guzik
10:51 AM Regression #12622 (New): Kernel panic when using ``fq_pie`` limiter scheduler: Jim Pingle
10:01 AM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler: I guess i should have checked a little better.
The limiter scheduler fq_pie is indeed fixed but you also need to pat... Anonymous
02:10 PM Bug #12677: OpenVPN form validation issues: Applied in changeset commit:ba815f3d219e5bdf404be859e723db2ff0c9258c. Jim Pingle
02:07 PM Bug #12677 (Feedback): OpenVPN form validation issues: Tested and Merged. Christian McDonald
11:40 AM Bug #12677 (Pull Request Review): OpenVPN form validation issues: MR for the remaining validation:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/564
Added validati... Jim Pingle
07:55 AM Bug #12677 (In Progress): OpenVPN form validation issues: This affects a few more fields: @allow_compression, protocol, dev_mode, digest, verbosity_level@
But validating th... Jim Pingle
09:53 AM Feature #12685 (Pull Request Review): Support encrypted ``config.xml`` files when restoring via ECL: Viktor Gurov
06:49 AM Feature #12685: Support encrypted ``config.xml`` files when restoring via ECL: Password prompt on encrypted ECL config.xml load:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/563 Viktor Gurov
06:49 AM Feature #12685 (Resolved): Support encrypted ``config.xml`` files when restoring via ECL: Add a password prompt if ECL config.xml is encrypted and skip on <ENTER>
Viktor Gurov
09:38 AM Bug #12686: Incorrect copyright year: fix:
https://gitlab.netgate.com/pfSense/FreeBSD-src/-/merge_requests/50 Viktor Gurov
09:35 AM Bug #12686 (Resolved): Incorrect copyright year: Still 2021:
https://github.com/pfsense/FreeBSD-src/blob/RELENG_2_6_0/release/rc.local#L91 Viktor Gurov
06:36 AM Feature #12684: Automatic encryption/decryption of config files, for pfSense ECL configuration feature: Password prompt on encrypted ECL config.xml load:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/563
mo... Viktor Gurov
05:31 AM Feature #12684 (Rejected): Automatic encryption/decryption of config files, for pfSense ECL configuration feature: Using any predictable value as encryption/decryption key is not going to happen. It wouldn't be any better than handi... Jim Pingle
03:58 AM Feature #12684: Automatic encryption/decryption of config files, for pfSense ECL configuration feature: The whole idea is for this to run wo. any user interaction , using a Device derived key , for both encryption & decry... Bingo Bingo
03:22 AM Feature #12684: Automatic encryption/decryption of config files, for pfSense ECL configuration feature: I think it's better to add a password prompt to test_config() if "---- BEGIN config.xml ----" header is found:
https... Viktor Gurov
12:07 AM Feature #12684 (Rejected): Automatic encryption/decryption of config files, for pfSense ECL configuration feature: See
https://forum.netgate.com/topic/169077/improvement-idea-configuration-backup-restore-encryption-and-ecl
Readi... Bingo Bingo
03:35 AM Regression #12660: High CPU usage due to incorrect gateway on some policy routed states: Also merged upstream: https://cgit.freebsd.org/src/commit/?id=5f5e32f1b3945087a687c5962071d3f46e34e1ff Kristof Provost

01/13/2022

07:02 PM Revision 3c98c881: Using DEVEL URL: (cherry picked from commit a47a5edd25a11971659a53fbcaf69ab97a1d9a71) Renato Botelho
07:02 PM Revision a50dd4dc: Small fixes missed on last commit to devel repo: (cherry picked from commit 1903b56a2b000da37447f70ce4b79d57dd454c8b) Renato Botelho
07:01 PM Revision 3d4d08ab: Using DEVEL URL: (cherry picked from commit a47a5edd25a11971659a53fbcaf69ab97a1d9a71) Renato Botelho
07:00 PM Revision a47a5edd: Using DEVEL URL: Renato Botelho
06:59 PM Revision 1903b56a: Small fixes missed on last commit to devel repo: Renato Botelho
06:58 PM Revision ac8d840e: Small fixes missed on last commit to devel repo: Renato Botelho
06:48 PM Revision 5474d583: Fix repository config files: Add a new repo called next to point to 2.6.0-RC and reduce differences
between branches Renato Botelho
06:43 PM Revision 8f8b00ee: Rework pkg repositories: Keep 3 main files reflecting what users see today on 2.5.2 and add
2.6.0-RC as Next Release Candidate, setting it as ... Renato Botelho
06:43 PM Revision 68afc597: Improve OpenVPN Data Cipher handling. Fixes #12677: (cherry picked from commit 78ce96a9af3b2ab5159ef6623078bfc4b15f8a89) Jim Pingle
06:41 PM Revision c216e94b: Rework repository config: Leave all branches with the same repo definitions Renato Botelho
06:36 PM Revision 78ce96a9: Improve OpenVPN Data Cipher handling. Fixes #12677: Jim Pingle
02:58 PM Revision 4199a5d9: build: Fix pkg.txz.sig link: When pkg transitioned from .txz to .pkg extension we enabled an option
to keep a symlink of old extension around and ... Renato Botelho
02:33 PM Regression #12057: 21.09/2.6.0 - High CPU usage and slowness with ``pfctl -ss``: Tested in
2.6.0-RC (amd64)
built on Wed Jan 12 20:10:43 UTC 2022
FreeBSD 12.3-STABLE
no High CPU usage or slo... Christopher Cope
01:57 PM Revision 9a51687d: Fix typo in warning text.Issue #12680: Danilo-Z
12:50 PM Bug #12677 (Feedback): OpenVPN form validation issues: Applied in changeset commit:78ce96a9af3b2ab5159ef6623078bfc4b15f8a89. Jim Pingle
12:31 PM Feature #12518 (Feedback): Restore RRD and extra data from configuration backups when restoring during installation: Merged Viktor Gurov
08:23 AM Bug #12680 (Feedback): Typo in the warning text: Merged:
https://github.com/pfsense/pfsense/commit/9a51687d08bbb62e6a21fa9f0da4b8d79dcaa969 Viktor Gurov
07:55 AM Bug #12680 (Pull Request Review): Typo in the warning text: Viktor Gurov
08:12 AM pfSense Packages Todo #12354: Update haproxy-devel to mitigate CVE-2021-40346: Hi I want to ask is you implemented mentioned "Temporary workaround"?
> No need to add this if version of haproxy ... DRago_Angel [InV@DER]
08:02 AM pfSense Packages Bug #12670 (Feedback): ACME package writes credentials to system log: Merged:
https://github.com/pfsense/FreeBSD-ports/commit/deff5ad17b0809521d0c083ebbe619ebfd089d6f Viktor Gurov
07:20 AM pfSense Packages Bug #12670 (Pull Request Review): ACME package writes credentials to system log: Jim Pingle
06:23 AM pfSense Packages Bug #12670: ACME package writes credentials to system log: WebGUI debug option:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/169 Viktor Gurov
07:21 AM Feature #12682 (Duplicate): RADIUS authentication fallback for pfSense GUI: The other issue already covers "authentication servers" which would include both LDAP and RADIUS. No need for a secon... Jim Pingle
04:25 AM Feature #12682: RADIUS authentication fallback for pfSense GUI: same for LDAP - #10843 Viktor Gurov
05:13 AM Regression #12288: GRE and GIF tunnel inside addresses are missing at the OS level after applying changes on assigned interfaces: This is 2.6 only regression fix, related to #6507 changes Viktor Gurov
04:34 AM pfSense Packages Bug #12683: snort_get_vpns_list() does not include OpenVPN CSO: fix:
https://github.com/pfsense/FreeBSD-ports/pull/1135 Viktor Gurov
04:24 AM pfSense Packages Bug #12683 (Resolved): snort_get_vpns_list() does not include OpenVPN CSO: "Pass List -> Auto-Generated IP Addresses -> VPN Addresses" does not include OpenVPN Client Specific Override.
Danilo Zrenjanin
04:23 AM pfSense Packages Feature #11879: Add support for SSL.com ACME server: SSL.com and ZeroSSL.com support added to acme.sh - https://github.com/acmesh-official/acme.sh/releases/tag/3.0.0:
"Z... Viktor Gurov
04:20 AM pfSense Packages Bug #12623: acme.sh package | DNS-ISPConfig settings: Fix is merged to the upstream acme.sh repository Viktor Gurov
04:13 AM pfSense Packages Bug #12642 (Resolved): suricata_get_vpns_list() does not include OpenVPN CSO: Tested against:... Danilo Zrenjanin
02:40 AM Regression #12660: High CPU usage due to incorrect gateway on some policy routed states: MR (devel-12): https://gitlab.netgate.com/pfSense/FreeBSD-src/-/merge_requests/46
MR (RELENG_2_6_0): https://gitlab.... Kristof Provost

01/12/2022

10:29 PM pfSense Packages Feature #12658: Adding prometheus metrics to darkstat: It looks like a commit had been made to the main branch: https://cgit.freebsd.org/ports/commit/?id=038bcb21cbd11930ab... Karim Elatov
08:17 PM Feature #12682 (Duplicate): RADIUS authentication fallback for pfSense GUI: Feature request to allow specifying multiple RADIUS servers with a fallback database for authentication when logging ... Chris W
07:31 PM Revision 37f83ddb: Fix FREEBSD_BRANCH: Glen Barber
03:39 PM Regression #12660: High CPU usage due to incorrect gateway on some policy routed states: I booted a kernel with the patch and ran for over 5 hours without any problems. Looks like that took care of the prob... Jim Pingle
03:37 PM pfSense Docs Todo #12639 (Closed): Feedback on System Monitoring — System Logs: Jim Pingle
03:37 PM pfSense Docs Correction #12598 (Closed): Alias use with static routes: Jim Pingle
03:37 PM pfSense Docs Todo #12596 (Closed): OpenVPN Site to Site configuration examples should note to change the inactive value: Jim Pingle
03:29 PM Revision fd2740b3: Update master to 2.7.0: Glen Barber
03:25 PM Revision 3b283c27: Revert "Update master to 2.7.0": This reverts commit ac7ec30f39a3069d3192a73b78e5977fc834482e. Glen Barber
03:16 PM Revision ac7ec30f: Update master to 2.7.0: Glen Barber
02:51 PM pfSense Docs New Content #12681 (Closed): WireGuard Site-to-Multisite Recipe: Reviewed, merged & deployed Jim Pingle
01:27 PM pfSense Docs New Content #12681 (Pull Request Review): WireGuard Site-to-Multisite Recipe: MR: https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/29 Christian McDonald
01:20 PM pfSense Docs New Content #12681 (Closed): WireGuard Site-to-Multisite Recipe: Adds new recipe for WireGuard site-to-multisite configurations. Christian McDonald
02:44 PM Bug #5592 (Closed): fsck sometimes fails to repair filesystem automatically, resulting in Panic: ufs_dirbad bad dir ino ... mangled entry: Nothing we can really do for this. We have changed the default filesystem type to ZFS, and fsck is not relevant there... Jim Pingle
02:41 PM Bug #5383 (Closed): CODELQ Traffic Shaper Causes Panic and Reboot During Speed Test: Doesn't seem to be an issue anymore, and there is a lack of detail here (no details of the config, not even if it's A... Jim Pingle
02:31 PM Regression #12622 (Resolved): Kernel panic when using ``fq_pie`` limiter scheduler: Thanks for testing. I'll assume the issue is resolved, please reopen if the crash pops up again. Mateusz Guzik
01:58 PM Revision f1654805: Switch configurations to point to 2.6.0.: Reviewed by: garga Glen Barber
01:58 PM Revision 89b2a39f: Update repo configurations for 2.6.0.: Reviewed by: garga Glen Barber
01:19 PM Revision 03a43ff3: Rework repository config files: Instead of use version on file names, just call them repo, repo-devel
and repo-previous. Also, do not keep relying o... Renato Botelho
12:21 PM Bug #12604 (Resolved): IPv6 interface prefix change not reflected in RADVD configuration: Danilo Zrenjanin
12:20 PM Bug #12604: IPv6 interface prefix change not reflected in RADVD configuration: Tested on:... Danilo Zrenjanin
07:34 AM Bug #12678 (Pull Request Review): Applying firewall rule changes does not clear dirty flag for aliases subsystem: Jim Pingle
02:59 AM Bug #12678: Applying firewall rule changes does not clear dirty flag for aliases subsystem: same issue with the NAT and Shaper pages
fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/553 Viktor Gurov
02:17 AM Bug #12678 (Resolved): Applying firewall rule changes does not clear dirty flag for aliases subsystem: How to reproduce:
1) Change Aliases
2) You'll see a message on top of the page:... Viktor Gurov
06:05 AM Bug #12680: Typo in the warning text: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/555 Danilo Zrenjanin
05:48 AM Bug #12680 (Resolved): Typo in the warning text: If setting the DNS Resolver in forwarding mode and DNS servers were not previously defined under System>General, the ... Danilo Zrenjanin
04:37 AM Feature #12679: Remind user to update DHCPv6 range when changing interface IPv6 prefix: see also #12527 Viktor Gurov
04:17 AM Feature #12679 (New): Remind user to update DHCPv6 range when changing interface IPv6 prefix: Having a reminder to update the DHCPv6 range (address pool) after changing the IPv6 prefix under an interface with DH... Danilo Zrenjanin
02:21 AM Bug #12635 (Resolved): PHP: Error generated when backing up a config file with SSH disabled: Tested against:... Danilo Zrenjanin

01/11/2022

07:39 PM Revision 3e5fa898: Redirect user to / if Plus and attempting to directly access system_register.php: Steve Beaver
07:17 PM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler: I tested the latest community edition 2.6.0.b.20220111.0600 on two different machines and everything is working good.... Anonymous
03:46 PM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler: Ok I don't have Netgate hardware so I won't be able to test any Pfsense plus versions. Anonymous
02:49 PM Regression #12622: Kernel panic when using ``fq_pie`` limiter scheduler: This snapshot contains the fix: https://firmware-nyi.netgate.com/beta/snapshots/installer/pfSense-plus-22.01-BETA-amd... Mateusz Guzik
07:13 PM Revision 5895065c: Make registration process contingent on PLus vs CE to accommodate automatic CE -> Plus merging: Steve Beaver
06:26 PM Revision b8fd0558: netgate-ca.pem is now in the base image at /usr/local/share/${product_name}/ssl/netgate-ca.pem: Steve Beaver
03:00 PM Revision a02e2cf8: Merge remote-tracking branch 'origin/master' into CE_Plus_Upgrade: Luiz Souza
02:59 PM Revision 73141a42: Update the git protocol.: For more details see: https://github.blog/2021-09-01-improving-git-protocol-security-github/ Luiz Souza
10:44 AM pfSense Packages Feature #12658: Adding prometheus metrics to darkstat: FreeBSD ports bug created: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261123 Karim Elatov
09:35 AM Bug #12677 (Pull Request Review): OpenVPN form validation issues: Jim Pingle
09:20 AM Bug #12677: OpenVPN form validation issues: MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/550 Jim Pingle
09:15 AM Bug #12677 (Closed): OpenVPN form validation issues: There are a few issues with how we currently handle the data cipher list in OpenVPN client and server pages, includin... Jim Pingle
05:52 AM Feature #12676 (New): Add the Tagged option on the Port Forward rules edit page: When editing the firewall rules, we can see the following note under the Tag option:
"A packet matching this rule ca... Viktor Gurov

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

02/09/2022

02/08/2022

02/07/2022

02/06/2022

02/05/2022

02/04/2022

02/03/2022

02/02/2022

02/01/2022

01/31/2022

01/30/2022

01/29/2022

01/28/2022

01/27/2022

01/26/2022

01/25/2022

01/24/2022

01/23/2022

01/22/2022

01/21/2022

01/20/2022

01/19/2022

01/18/2022

01/17/2022

01/16/2022

01/15/2022

01/14/2022

01/13/2022

01/12/2022

01/11/2022