Activity

30 days up to

User

Subprojects

Activity

From 03/03/2022 to 04/01/2022

04/01/2022

05:59 PM pfSense Packages Bug #13018 (New): TLD and DNSBL Safesearch DOH conflict disables TLD block when conflicting DOH FQDN is deselected or whitelisted: pfBlockerNG-devel 3.1.0_4
If a TLD (example .cn) is blacklisted and conflicts with DNSBL Safesearch DOH blocking (ex... James Wilson
04:27 PM pfSense Packages Feature #12963: Run nmap scans in the background: Add No DNS Resolution option for faster scans
Should be completed
Attached patch for pfsense 2.6.0 Phil Wardt
09:53 AM pfSense Packages Feature #12963: Run nmap scans in the background: Updated patch to fix this:
- only kill nmap process using the output file created in GUI
- code formatting Phil Wardt
03:56 PM Feature #13017: Packet capture: add preview results while capture is running: Commit:
https://github.com/pfsense/pfsense/pull/4567
Note: I added the -U option to unbuffer output and permit resul... Phil Wardt
03:54 PM Feature #13017 (Closed): Packet capture: add preview results while capture is running: Packet Capture: add preview results
- allow preview results while a capture is still running
- add a capture summar... Phil Wardt
01:12 PM Regression #13011 (Feedback): Ruleset can fail to load on snapshot from March 31st: Jim Pingle
01:09 PM Regression #13011: Ruleset can fail to load on snapshot from March 31st: Should be sorted out as of 8f782c1bf74a13fa9c8c40c37d6b2391387498c3 on devel-12 and aac961d1dbc43f1cc71acb701a54df0da... Mateusz Guzik
09:06 AM Regression #13011: Ruleset can fail to load on snapshot from March 31st: While not directly related, #13011 is contributing to this problem as it's one source of potentially duplicate rules. Jim Pingle
08:40 AM Regression #13011 (Resolved): Ruleset can fail to load on snapshot from March 31st: Adding this for tracking as we are aware of it and it's being actively worked on.
There is an issue on the latest ... Jim Pingle
01:06 PM pfSense Docs New Content #13016: Workaround for bandwith issues since 2.6 when installed in Hyper-V: There are other things out there that could also be a factor, multiple forum threads also mentioned switch settings i... Jim Pingle
12:52 PM pfSense Docs New Content #13016 (New): Workaround for bandwith issues since 2.6 when installed in Hyper-V: Extremely slow upload speeds since 2.6 when installed in Hyper-V. A workaround for windows 10 machines is disabling b... Christoph Obermoser
12:37 PM Feature #13010: Option to retain the existing serial number when renewing a CA or certificate: Evren Yurtesen wrote in #note-2:
> Excluding the CA serial from being used in future, in authorityKeyIdentifier, doe... Jim Pingle
01:57 AM Feature #13010: Option to retain the existing serial number when renewing a CA or certificate: Excluding the CA serial from being used in future, in authorityKeyIdentifier, does not solve the immediate problem wi... Evren Yurtesen
11:31 AM Bug #13015 (Resolved): NAT generates duplicate ``no nat on`` rules for port forwards with a destination of ``Any``: Port forwards with a destination of @Any@ get extra @no nat on@ NAT rules which can end up duplicated across multiple... Jim Pingle
11:14 AM Bug #13013: bsdinstall error while creating filesystem on the latest snapshots: I ran into what Jim set out yesterday. Had to memstick install 2.6.0 then update to 2.7.0 to get back into operation.... Ted Quade
10:21 AM Bug #13013: bsdinstall error while creating filesystem on the latest snapshots: I see the same issue with a clean install. Viktor Gurov
09:23 AM Bug #13013: bsdinstall error while creating filesystem on the latest snapshots: I was seeing this the other day but it doesn't matter what is on the disk for me, UFS or ZFS, in both cases trying to... Jim Pingle
09:20 AM Bug #13013: bsdinstall error while creating filesystem on the latest snapshots: see also #10690 Viktor Gurov
09:19 AM Bug #13013 (Closed): bsdinstall error while creating filesystem on the latest snapshots: Old ZFS layout (pfSense 2.5.2):... Viktor Gurov
11:03 AM Bug #13014: Deadlock in Charon VICI interface: Might be the same root cause as #7420 though we don't have enough information about either one of these to say for ce... Jim Pingle
10:53 AM Bug #13014 (Resolved): Deadlock in Charon VICI interface: The charon.vici daemon can get in a bad state where all of the qlen slots are "hung". This causes the Status --> IPS... Kris Phillips
09:05 AM Bug #13012 (Resolved): NAT Reflection generates duplicate rules when internal interface contains multiple VIPs in the same subnet: NAT reflection can generate multiple identical rules if the configuration contains multiple VIPs in the same subnet.
... Jim Pingle
01:36 AM pfSense Packages Bug #12814 (Feedback): OpenVPN Client Import does not populate 'remote_cert_tls' option: Merged Viktor Gurov

03/28/2022

11:17 PM pfSense Packages Bug #12808: Wireguard Gateways disabled when Wireguard Service is Manually Restarted: I found this bug after having WireGuard stop passing traffic after a WAN GW went down and came back up. Upon restorat... Scott Lykens
09:34 PM pfSense Packages Bug #12995: Installing stunnel only on the primary HA node leads to php crashes and sync issues: After the nodes are in sync, xmlrpc syn completes successfully. Marcos M
08:52 PM pfSense Packages Bug #12995 (Resolved): Installing stunnel only on the primary HA node leads to php crashes and sync issues: Tested on @22.05.a.20220328.0600@.
# Install stunnel on primary node
# Force xmlrpc sync
sync fails and the se... Marcos M
08:39 PM Bug #12940 (Resolved): Deleting a user on the primary node does not delete its home directory on secondary node during XMLRPC sync: Tested on @22.05.a.20220328.0600@. Works as expected. Marcos M
07:34 PM Regression #11805: Port forward rules only function through the default gateway interface, ``reply-to`` does not work for Multi-WAN (CE Only): Kristof Provost wrote in #note-4:
> Patrick Clara: I cannot tell from that post if this is the same problem or not. ... Luiz Garcia
02:06 PM Revision 568fdc9f: Unset $filename variable. Fixes #12986: Viktor Gurov
01:29 PM pfSense Docs Correction #12994 (Closed): Note in 4100 platform page refers to the 7100: https://docs.netgate.com/pfsense/en/latest/solutions/netgate-4100/reinstall-pfsense.html
Note
Choosing the ... Chris Linstruth
11:03 AM Feature #12968 (Resolved): Button to clear previous packet capture data: It functions as expected on... Christopher Cope
10:43 AM Bug #12991: DNS Resolver ACLs are not updated when OpenVPN networks change: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/691 Viktor Gurov
01:56 AM Bug #12991 (Resolved): DNS Resolver ACLs are not updated when OpenVPN networks change: The access_lists.conf file doesn't get updated automatically after creating a CSO entry. After the manual unbound res... Viktor Gurov
10:26 AM Bug #12959: dhcplease process wrongly update host file if client-hostname is empty: lease 172.16.8.16 {
starts 1 2022/03/28 15:23:31;
ends 1 2022/03/28 15:25:01;
cltt 1 2022/03/28 15:23:31;
... Max Bal
09:55 AM Bug #12959 (Feedback): dhcplease process wrongly update host file if client-hostname is empty: Unable to reproduce on 2.7.0.a.20220327.0600
Could you show an example of /var/dhcpd/var/db/dhcpd.leases entries? (y... Viktor Gurov
10:13 AM Bug #12947: Old IPv6 addresses may continue to be used after DHCP or RA changes: I neglected to mention that I was using "Disable Gateway Monitoring Action" on my gateways when the above issues occu... David Myers
10:08 AM Bug #12922: Classless static routes received on DHCP WAN can override chosen default gateway: I've discontinued my Starlink service so I may not be able to help the with debugging of a fix for this issue in the ... David Myers
09:49 AM pfSense Plus Bug #12993 (Not a Bug): DHCP Leases page: 504 timeout: I have used pfsense CE for about 5 years. Finally on December 2021, I acquired a pfsense plus machine: Netgate 1541. ... Antonio Charnichart
09:29 AM Regression #12827: High latency and packet loss during a filter reload: Mateusz Guzik wrote in #note-18:
> Hi Kevin,
>
> can tell me what are the hardware spec if the problematic machines?... Kevin Bentlage
07:05 AM Regression #12827: High latency and packet loss during a filter reload: Kevin Bentlage wrote in #note-15:
> Have the same issues on our PFSense 2.6.0 cluster (2 members) after upgrading fr... Mateusz Guzik
07:04 AM Regression #12827: High latency and packet loss during a filter reload: Apologies for late reply, other things got in the way.
Flole Systems wrote in #note-13:
> Why is there any need f... Mateusz Guzik
09:25 AM Regression #12971 (Resolved): Firewall rule usage counters showing 0/0 after latest pf merge: Confirmed - 22.05.a.20220327.0600 and 2.7.0.a.20220327.0600 are Ok Viktor Gurov
09:22 AM Bug #11830: Certificate validation with OCSP always fails in ``openvpn.tls-verify.php``: Konstantin Panchenko wrote in #note-12:
> Konstantin Panchenko wrote in #note-11:
> > This is still an issue in 2.5... Viktor Gurov
09:08 AM Bug #12986: DHCP network boot filename can be incorrectly placed in DHCP Pool Options: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/690 Viktor Gurov
08:16 AM pfSense Packages Bug #12992 (Resolved): error: nbproc is not supported any more since HAProxy 2.5: On latest 22.05 snaps, HAProxy-devel 0.62_8 pkg will not start, gives the following error "config : parsing [/var/etc... → luckman212
05:13 AM pfSense Packages Feature #12963: Run nmap scans in the background: To disable any code injection risks:
- input is matched against a white list allowing only alphanumeric, spaces (excl... Phil Wardt
05:09 AM pfSense Packages Feature #12963: Run nmap scans in the background: After the last nmap changes, I wanted to harmonize the package with "Packet Capture"
https://github.com/pfsense/Free... Phil Wardt
03:23 AM Feature #12809: Recover existing SSH keys during installation: Jim Pingle wrote in #note-5:
> This is giving an error when it tries to process the keys. When run with @sh -x@, it s... Viktor Gurov
01:57 AM Feature #12636 (Resolved): Automatically create DNS Resolver ACLs for OpenVPN CSO entries: Danilo Zrenjanin wrote in #note-5:
> Tested on the:
>
> [...]
>
> The access_lists.conf file doesn't get upda... Viktor Gurov
12:01 AM Feature #12724 (Resolved): Notify user if AutoConfigBackup is unable to successfully upload a backup: Viktor Gurov

03/27/2022

08:12 PM pfSense Docs Todo #12990 (Closed): Feedback on pfSense® software Configuration Recipes — Configuring CoDel Limiters for Bufferbloat: *Page:* https://docs.netgate.com/pfsense/en/latest/recipes/codel-limiters.html
*Feedback:*
Implementing this as-i... Marcos M
07:48 PM Feature #12973 (Resolved): Playback script to perform a configuration upgrade on an arbitrary ``config.xml`` file: Tested on @22.05.a.20220327.0600@ with a config from pfSense 2.2 (config version 11.6). The file was upgraded correctly. Marcos M
05:49 PM Feature #12982: Add support for RFC7499 in RADIUS library.: There's an MR that changes the way AVPair rules are handled with OpenVPN users (for a different feature request). Wou... Marcos M
12:48 PM Regression #12971: Firewall rule usage counters showing 0/0 after latest pf merge: This seems to be fixed in 22.05.a.20220327.0600 Kristof Provost
11:15 AM pfSense Packages Bug #12956 (Closed): suricata fails to use pcre in SID management (e.g. dropsid.conf): The commit says it resolves issue #10244. The reasoning given there is:
> The chosen solution was to mimic the curre... Marcos M

03/26/2022

09:54 PM Regression #11545: Primary interface address is not always used when VIPs are present: Jeff Quasarano wrote in #note-27:
> I have this exact issue on 22.01. It manifests on reboot with OpenVPN server st... Kris Phillips
09:51 PM pfSense Plus Feature #12989 (Rejected): Improve Load Balancing Gateway Groups to Include Bandwith Usage: Load balancing in pfSense is rather rudimentary and is completely random based on the weighting, with a default weigh... Kris Phillips
09:42 PM Regression #12827: High latency and packet loss during a filter reload: Wanted to add additional observations from situations I've seen this issue crop up:
1. pfBlockerNG causes this wit... Kris Phillips
09:38 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``: Tested the igb driver. Issue is no longer present in 22.01 or 2.6 with the custom driver compiled from kernel source... Kris Phillips
03:09 PM Feature #12879 (Resolved): Toggle button to disable/enable multiple entries on NAT pages: working successfully.
22.05.a.20220326.0600
Alhusein Zawi
02:26 PM Feature #12724: Notify user if AutoConfigBackup is unable to successfully upload a backup: received notification of failed backup attempt after initiating manual save and intentionally inhibiting upstream con... Jordan G
12:33 PM Feature #12636: Automatically create DNS Resolver ACLs for OpenVPN CSO entries: Tested on the: ... Danilo Zrenjanin
11:23 AM Bug #12988 (Not a Bug): packages.netgate.com does not resolve...: https://docs.netgate.com/pfsense/en/latest/troubleshooting/upgrades.html#packages-netgate-com-has-no-a-aaaa-record Jim Pingle
09:39 AM Bug #12988 (Not a Bug): packages.netgate.com does not resolve...: See https://forum.netgate.com/topic/171035/since-about-1400-hours-i-have-been-unable-to-get-updates-in-dashboard
H... Beat Siegenthaler
10:03 AM Feature #12685 (Resolved): Support encrypted ``config.xml`` files when restoring via ECL: Tested against:... Danilo Zrenjanin

03/25/2022

11:45 PM Bug #12747: Restarting the logging daemon during rotation also restarts ``sshguard``, leading to frequent log messages: Having the same issue since 2.6.0. Car F
07:07 PM Revision 37f3e8f0: Do not sync root.key file if DNSSEC is not enabled. Issue #12985: Viktor Gurov
04:25 PM Feature #1826: PPPoE server IPv6 support: DS-Lite is coming more and more to the market and therefore working IPv6 is required.
Do you see any chance to imple... Thomas Levi
03:05 PM Bug #12987 (Not a Bug): Traffic going through wrong interface: There is not enough information here to rule out a configuration or local network environment problem and this site i... Jim Pingle
03:00 PM Bug #12987 (Not a Bug): Traffic going through wrong interface: Hi, I noticed that since 2.6, some traffic that should be managed by interface A, is actually going through B. If I d... Carlos Paixão
02:14 PM Bug #12985 (Pull Request Review): DNS Resolver updates trust anchor at boot even with DNSSEC disabled which can lead to a startup delay of ~2 minutes if the firewall does not have Internet access: Jim Pingle
02:08 PM Bug #12985: DNS Resolver updates trust anchor at boot even with DNSSEC disabled which can lead to a startup delay of ~2 minutes if the firewall does not have Internet access: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/688 Viktor Gurov
10:09 AM Bug #12985: DNS Resolver updates trust anchor at boot even with DNSSEC disabled which can lead to a startup delay of ~2 minutes if the firewall does not have Internet access: forum topic & solution:
https://forum.netgate.com/topic/162435/unbound-service-very-slow-to-start-in-offline-setup Viktor Gurov
09:07 AM Bug #12985 (Resolved): DNS Resolver updates trust anchor at boot even with DNSSEC disabled which can lead to a startup delay of ~2 minutes if the firewall does not have Internet access: The unbound-anchor starts after every unbound service (re)start, which causes delays if there is no active Internet c... Danilo Zrenjanin
01:29 PM Bug #12986 (Resolved): DHCP network boot filename can be incorrectly placed in DHCP Pool Options: After an upgrade from 2.5.2 to 2.6.0 we have been encountering an issue with network booting. Under inside the DHCP n... John Ward
01:01 PM Revision e1e388e4: Disable buttons on NAT pages if no rules selected. Fixes #12957: Viktor Gurov
11:53 AM Feature #7783: Support for hosting VMs on pfSense using bhyve: Corey Boyle wrote:
> Seems like pfSense would make a great host platform for VMs using bhyve.
I agree. pfsense c... Wayne Sherman
09:00 AM pfSense Docs Todo #12983 (Closed): Fix instances of double words: Fixed numerous double/repeated words and deployed the result.
> 33 files changed, 63 insertions(+), 64 deletions(-... Jim Pingle
07:37 AM pfSense Docs Todo #12983 (In Progress): Fix instances of double words: That one bit is an easy typo fix but I'll use this as an excuse to check for and fix double words like this ("it it")... Jim Pingle
08:49 AM pfSense Packages Bug #12818 (Feedback): IP block logging not working: Should be fixed in pfBlockerNG-devel_3.1.0_3 Viktor Gurov
08:45 AM Bug #12957 (Feedback): Delete button is always active for NAT rules, even if no rules are selected: Merged:
https://github.com/pfsense/pfsense/commit/e1e388e41849d14e514ba428e95a59e33111ff10 Viktor Gurov
07:20 AM Bug #12957 (Pull Request Review): Delete button is always active for NAT rules, even if no rules are selected: Jim Pingle
02:31 AM Bug #12957: Delete button is always active for NAT rules, even if no rules are selected: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/686 Viktor Gurov
08:45 AM Regression #12984 (Feedback): OpenVPN causes Crash Reports in the GUI: Merged:
https://github.com/pfsense/pfsense/commit/4533e50b84a6cfbeaa31d0a5529ab377029659b0 Viktor Gurov
07:22 AM Regression #12984 (Pull Request Review): OpenVPN causes Crash Reports in the GUI: Jim Pingle
03:40 AM Regression #12984: OpenVPN causes Crash Reports in the GUI: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/687 Viktor Gurov
03:08 AM Regression #12984 (Resolved): OpenVPN causes Crash Reports in the GUI: After defining an Alias Network(s) Type with FQDN/32 in the IPv4 Local network(s) under OpenVPN IPv4 Local network(s)... Danilo Zrenjanin
08:38 AM Revision 4533e50b: Skip unresolved OpenVPN alias DNS entries. Fixes #12984: Viktor Gurov
08:22 AM Feature #12809 (New): Recover existing SSH keys during installation: This is giving an error when it tries to process the keys. When run with @sh -x@, it shows:... Jim Pingle
02:43 AM Bug #12925 (Resolved): FQDN in network alias is omitted from OpenVPN networks list: Tested against:... Danilo Zrenjanin

03/24/2022

10:46 PM pfSense Docs Todo #12983 (Closed): Fix instances of double words: I found some unimportant typos in https://docs.netgate.com/pfsense/en/latest/services/dns/resolution-process.html#d... Tony Chi
10:34 PM Feature #12982 (Rejected): Add support for RFC7499 in RADIUS library.: It seems when there are too many entries (per user) in the Radreply table (using MySQL) of FreeRadius package, pfsens... Frank Lee
07:20 PM Revision 65adb193: Packet Capture: edit delete capure icon: Phil Wardt
02:51 PM Todo #12981 (Resolved): Warn about OpenVPN shared key deprecation: See #12980 for more info. OpenVPN shared key is being deprecated. It isn't being removed yet, but will be in the near... Jim Pingle
02:34 PM Feature #12968: Button to clear previous packet capture data: PR merged
Jim Pingle
01:58 PM Feature #12968: Button to clear previous packet capture data: I just noticed you have a delete icon
I pushed another enhancement with a proper delete icon:
https://github.com/pf... Phil Wardt
02:21 PM pfSense Packages Feature #12963: Run nmap scans in the background: Again, noticed the delete icon resource
https://github.com/pfsense/FreeBSD-ports/pull/1152
Phil Wardt
10:20 AM pfSense Packages Feature #12963: Run nmap scans in the background: The Makefile needed an additional fix or it wouldn't compile: https://github.com/pfsense/FreeBSD-ports/commit/d34af18... Jim Pingle
10:05 AM pfSense Packages Feature #12963 (Feedback): Run nmap scans in the background: PR merged, thanks! Jim Pingle
02:11 PM pfSense Docs Todo #12980 (Feedback): Add warnings against OpenVPN Shared Key mode: Warning added and some related refs cleaned up. All committed and deployed:
https://gitlab.netgate.com/docs/pfSens... Jim Pingle
12:47 PM pfSense Docs Todo #12980 (Resolved): Add warnings against OpenVPN Shared Key mode: OpenVPN is deprecating Shared Key mode in OpenVPN 2.6.0 and removing it in a future version (presumably 3.0 or 2.7, w... Jim Pingle
02:05 PM Regression #12977: Rule descriptions in firewall logs show wrong rule label: The rule description for the logs (and perhaps states if that pans out) should always be the last label on the rule. ... Jim Pingle
02:02 PM Regression #12977: Rule descriptions in firewall logs show wrong rule label: I did run into this, and I'm spending some time plumbing things through libpfctl to the pfSense php module. This will... Reid Linnemann
11:16 AM pfSense Packages Feature #12882: Add the option to specify CURLOPT_INTERFACE in pfBlockerNG IPv4/IPv6 lists: Sure thing, happy to contribute! Charles Hamilton
10:53 AM pfSense Packages Feature #12882 (Feedback): Add the option to specify CURLOPT_INTERFACE in pfBlockerNG IPv4/IPv6 lists: PR merged, thanks!
https://github.com/pfsense/commit/9e7c6e33857e42fa97ae04e57285ee180643440d
https://github.com... Viktor Gurov
10:48 AM pfSense Packages Feature #12795 (Feedback): Add *.pfsense.org and *.netgate.com to the default DNSBL whitelist: Merged:
https://github.com/pfsense/FreeBSD-ports/commit/b7a4f7d12cc68460d75ae7204d0e4f8381d6d162
Viktor Gurov
10:47 AM pfSense Packages Bug #12706 (Feedback): pfBlockerNG and unbound does not work after switching /var to RAM disk: Merged:
https://github.com/pfsense/commit/dc4f288b66af9b0ffc6dded8fe128aaeca0a9ac6 Viktor Gurov
10:16 AM pfSense Packages Bug #12772 (Resolved): Syslog-ng writes config.xml on each start: Tested against:... Danilo Zrenjanin
10:09 AM Todo #12934 (Feedback): Update strongSwan: The update is done in the ports tree. It's in CE snapshots now, will be in the next Plus snapshots shortly.... Jim Pingle
09:49 AM Feature #12702 (Resolved): Use consistent pf host ID and add GUI option to set a custom host ID in state synchronization settings: Christopher Cope
09:49 AM Feature #12702: Use consistent pf host ID and add GUI option to set a custom host ID in state synchronization settings: Marking resolved. As noted above, everything was good from version... Christopher Cope
09:02 AM pfSense Packages Bug #12979: Snort Rules Update Process Using Deprecated FreeBSD Subdirectory Name: *Updated Info:* a decision was made to simply cherry-pick the DEVEL change into the RELENG_2_6_0 branch because the S... Bill Meeks
07:22 AM pfSense Packages Bug #12979 (Pull Request Review): Snort Rules Update Process Using Deprecated FreeBSD Subdirectory Name: devel PR merged, left a note on the RELENG_2_6_0 PR as there is an issue there that needs resolved first. Jim Pingle
06:46 AM Bug #12925: FQDN in network alias is omitted from OpenVPN networks list: Thank you, I've just applied both and have confirmed that it is working as expected now. Adrien Carlyle

03/23/2022

10:10 PM Regression #12827: High latency and packet loss during a filter reload: Have the same issues on our PFSense 2.6.0 cluster (2 members) after upgrading from 2.5.2.
Firewalls have 75 interfac... Kevin Bentlage
07:59 PM Revision b77f85b0: Add upgradeconfig script. Implements #12973: Jim Pingle
07:58 PM Revision f4b777f0: Fix syntax errors. Issue #12940: Jim Pingle
06:26 PM Bug #12976: Captive Portal not working with CARP-VIP configured on Captive-Portal-Interface: Yeah this doesn't appear to be CP related. The generated ipfw rules allow access to the CARP VIP on the interface:
<... Steve Wheeler
03:05 PM Bug #12976 (Not a Bug): Captive Portal not working with CARP-VIP configured on Captive-Portal-Interface: Usually if you select any specific interface it doesn't necessarily include the VIPs, so it's somewhat surprising tha... Jim Pingle
02:49 PM Bug #12976: Captive Portal not working with CARP-VIP configured on Captive-Portal-Interface: It looks like I found the issue. I had to explicitly check the CARP-address on the guest-portal interface for unbound... Alex Boettrich
11:21 AM Bug #12976: Captive Portal not working with CARP-VIP configured on Captive-Portal-Interface: Thanks for pointing out #12834 - I missed that.
#12834 is installed now and I rebooted the box - same problem - capt... Alex Boettrich
07:58 AM Bug #12976: Captive Portal not working with CARP-VIP configured on Captive-Portal-Interface: Have you applied the workaround from #12834? It's possible this is the same root cause. Jim Pingle
03:53 PM pfSense Packages Bug #12979: Snort Rules Update Process Using Deprecated FreeBSD Subdirectory Name: A fix for this issue has been posted in Pull Requests https://github.com/pfsense/FreeBSD-ports/pull/1149 for RELEASE ... Bill Meeks
02:23 PM pfSense Packages Bug #12979 (Pull Request Review): Snort Rules Update Process Using Deprecated FreeBSD Subdirectory Name: Beginning around the first of March 2022, the Snort rules update package from the Snort VRT changed the subdirectory ... Bill Meeks
03:02 PM Bug #12940 (Feedback): Deleting a user on the primary node does not delete its home directory on secondary node during XMLRPC sync: Fix was merged + needed a syntax fix. Jim Pingle
08:01 AM Bug #12940 (Pull Request Review): Deleting a user on the primary node does not delete its home directory on secondary node during XMLRPC sync: Jim Pingle
07:03 AM Bug #12940 (New): Deleting a user on the primary node does not delete its home directory on secondary node during XMLRPC sync: Viktor Gurov wrote in #note-6:
> Marcos Mendoza wrote in #note-5:
> > This works if the bug was never hit before. If ... Viktor Gurov
06:20 AM Bug #12940 (Feedback): Deleting a user on the primary node does not delete its home directory on secondary node during XMLRPC sync: Viktor Gurov wrote in #note-2:
> fix:
> https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/680
Merged:
... Viktor Gurov
04:36 AM Bug #12940: Deleting a user on the primary node does not delete its home directory on secondary node during XMLRPC sync: Marcos Mendoza wrote in #note-5:
> This works if the bug was never hit before. If the orphaned directory still exist... Viktor Gurov
03:01 PM Feature #12973 (Feedback): Playback script to perform a configuration upgrade on an arbitrary ``config.xml`` file: Added script: https://gitlab.netgate.com/pfSense/pfSense/-/commit/b77f85b09f21c84eac8355ca805643eae8547221
Jim Pingle
02:35 PM Revision 97b49080: Always change .ssh directory permission. Issue #12940: Viktor Gurov
12:44 PM Revision 4d99cf21: Merge pull request #4562 from NobleKangaroo/increase-max-firewall-log-entries: Jim Pingle
12:34 PM Revision 5042d9e0: Merge pull request #4564 from PhilZ-cwm6/PhilZ-cwm6-patch-pckcapture: Jim Pingle
11:18 AM pfSense Docs Correction #12978: Correction to iftop section of Monitoring Bandwidth Usage: That whole section needs to be rewritten, iftop is a part of base now, and there is a way to use it in the GUI as well. Jim Pingle
11:01 AM pfSense Docs Correction #12978 (Resolved): Correction to iftop section of Monitoring Bandwidth Usage: https://docs.netgate.com/pfsense/en/latest/monitoring/graphs/bandwidth-usage.html#iftop
The instructions on this p... Max Leighton
09:37 AM Regression #12971: Firewall rule usage counters showing 0/0 after latest pf merge: I see the same issue, but believe the root cause is that we've not re-built the php-pfSense-module after the recent m... Kristof Provost
09:29 AM pfSense Packages Feature #12963: Run nmap scans in the background: Standardize nmap text in description: NMap -> Nmap
https://github.com/pfsense/FreeBSD-ports/pull/1148 Phil Wardt
07:28 AM pfSense Packages Feature #12963 (Pull Request Review): Run nmap scans in the background: Jim Pingle
07:41 AM pfSense Packages Bug #12917 (Resolved): LoopiaAPI changed: Loopia is working again, based on a comment left on the Github commit: https://github.com/pfsense/FreeBSD-ports/commi... Jim Pingle
07:39 AM Regression #12977: Rule descriptions in firewall logs show wrong rule label: This is a known issue at the moment. It's a side effect of #12092 and the fact that the methods we use to get the rul... Jim Pingle
07:35 AM Feature #12968 (Feedback): Button to clear previous packet capture data: PR Merged Jim Pingle
06:22 AM Regression #12949 (Feedback): The ruleset is not regenerated after assigning an interface: Merged:
https://github.com/pfsense/pfsense/commit/d1d1084eb4ebedbcc86cfe13c6d25cf9570646b0 Viktor Gurov

03/22/2022

09:32 PM Regression #12977 (Resolved): Rule descriptions in firewall logs show wrong rule label: This was previously working on March 11th snapshot - now broken on 22.05.a.20220322.0600.
Only the default deny ru... Marcos M
09:24 PM pfSense Packages Bug #12951 (Feedback): FRR cannot remove IPv6 routes: There really isn't enough info to determine what may be happening. The error itself can be normal in some cases.
S... Marcos M
07:07 PM Revision a23b8930: Edit Clear Capture button text: Phil Wardt
07:05 PM Revision e01ea791: Unset the other PCRE options: Brad Davis
06:59 PM Revision 39fb897e: Use unlink_if_exists(): Phil Wardt
06:03 PM Revision 7691f0c7: Delete user home directory on user delete XMLRPC sync. Fixes #12940: Viktor Gurov
04:40 PM Revision 0590dfaa: Deprecate Zabbix 3.x and bring in Zabbix 6.x: Brad Davis
04:09 PM Bug #12976 (Not a Bug): Captive Portal not working with CARP-VIP configured on Captive-Portal-Interface: When Captive Portal is configured with a CARP VIP on the interface the captive portal does not work. DNS traffic to C... Alex Boettrich
03:37 PM Revision d1d1084e: Reload filter rules after reassigning an interface. Fixes #12949: Viktor Gurov
03:27 PM pfSense Packages Feature #12963: Run nmap scans in the background: Updated TAB and Button names from ...log to "View Results"
Patch attached above
https://github.com/pfsense/FreeBSD-p... Phil Wardt
01:29 AM pfSense Packages Feature #12963: Run nmap scans in the background: Github link again
https://github.com/pfsense/FreeBSD-ports/pull/1148 Phil Wardt
02:55 PM Bug #12975 (Resolved): IKEv2 Mobile IPsec clients do not receive ``INTERNAL_DNS_DOMAIN`` (value ``25``) attribute: DNS IP addresses must be supplied to the remote client when a mobile tunnel is created in order to resolve remote (pr... Serge Caron
02:13 PM Feature #12968: Button to clear previous packet capture data: With last changes
https://github.com/pfsense/pfsense/pull/4564 Phil Wardt
08:29 AM Feature #12968 (Pull Request Review): Button to clear previous packet capture data: Jim Pingle
01:27 AM Feature #12968: Button to clear previous packet capture data: Viktor Gurov wrote in #note-1:
> Please create a pull request with your changes:
> https://docs.netgate.com/pfsense... Phil Wardt
12:05 AM Feature #12968: Button to clear previous packet capture data: Please create a pull request with your changes:
https://docs.netgate.com/pfsense/en/latest/development/pull-request.... Viktor Gurov
01:47 PM pfSense Plus Bug #12974 (Closed): Typing anything into 1100/2100 recovery installer causes process to stop: During the installation process the user is prompted to select a filesystem or type enter to install with ZFS.
How... Ryan Coleman
01:36 PM Revision abddfcd2: Toggle Button for NAT Pages. Implements #12879: Viktor Gurov
01:34 PM Revision 065e0508: OpenVPN FQDN in alias netmask fix. Issue #12925: Viktor Gurov
01:25 PM Bug #12942 (New): Code to kill states for old gateway when reconnecting an interface is incorrect: Back burner this for now, can revisit soon. The current gateway behavior appears to be sufficient, this might be nice... Jim Pingle
01:10 PM Bug #12940: Deleting a user on the primary node does not delete its home directory on secondary node during XMLRPC sync: This works if the bug was never hit before. If the orphaned directory still exists, creating or deleting a user with ... Marcos M
08:09 AM Bug #12940 (Pull Request Review): Deleting a user on the primary node does not delete its home directory on secondary node during XMLRPC sync: Jim Pingle
01:09 PM pfSense Packages Bug #12917 (Feedback): LoopiaAPI changed: The acme.sh project made a new release with the fix, I've updated the ACME package with the new files, should be buil... Jim Pingle
12:33 PM pfSense Docs Correction #12970 (Closed): SG-2220 incorrectly referred to as SG-2200: There were a few bad refs in that doc, though most were in internal labels and not directly visible. All fixed now, w... Jim Pingle
09:29 AM pfSense Docs Correction #12970 (Closed): SG-2220 incorrectly referred to as SG-2200: On https://docs.netgate.com/pfsense/en/latest/solutions/sg-2220/m-2-sata-installation.html
The first note says
<p... Christopher Cope
12:22 PM Feature #12973 (Resolved): Playback script to perform a configuration upgrade on an arbitrary ``config.xml`` file: In the spirit of this feature:
pfSsh.php playback cryptconfig decrypt /root/enctest/test.xml /root/enctest/out... Chris Linstruth
12:16 PM Revision 3625ad41: Typo in log widget object name.: Jim Pingle
11:04 AM Bug #12972 (Rejected): After firmware update IPSEC connections to a FortiGate firewall fail.: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
11:03 AM Bug #12972 (Rejected): After firmware update IPSEC connections to a FortiGate firewall fail.: Even the FortiClient VPN client software on our PC's will not connect after update to 22.01.
If we connect our PC to... Henrik Villadsen
10:56 AM Regression #12971 (Resolved): Firewall rule usage counters showing 0/0 after latest pf merge: On the latest Plus (22.05) and CE (2.7.0) snapshots the counters on the firewall rule tabs are showing 0/0 even when ... Jim Pingle
10:04 AM Bug #12920: Gateway behavior differs when the gateway does not exist in the configuration: Seeing what looks top be related whilst testing: https://redmine.pfsense.org/issues/12949
After the WAN interface ... Steve Wheeler
09:40 AM Bug #12925: FQDN in network alias is omitted from OpenVPN networks list: Adrien Carlyle wrote in #note-13:
> Does the original patch get updated or would I need to apply a second or differe... Viktor Gurov
09:16 AM Bug #12925 (Feedback): FQDN in network alias is omitted from OpenVPN networks list: Merged:
https://github.com/pfsense/pfsense/commit/065e050890508ff0c97455a6352cdb914d34ddbd Viktor Gurov
09:13 AM Bug #12925: FQDN in network alias is omitted from OpenVPN networks list: Does the original patch get updated or would I need to apply a second or different one to test for you all? Adrien Carlyle
07:46 AM Bug #12925 (Pull Request Review): FQDN in network alias is omitted from OpenVPN networks list: Jim Pingle
09:27 AM Feature #12879 (Feedback): Toggle button to disable/enable multiple entries on NAT pages: Merged:
https://github.com/pfsense/pfsense/commit/abddfcd2d2ff236716002c88c0d045711cb17d7b Viktor Gurov
08:14 AM pfSense Packages Bug #12969 (Duplicate): Status_Traffic_Totals GUI showing graphical data for the wrong month: Duplicate of #9537 -- This is due to Daylight Saving Time and is a known issue in graphs made from vnstat data. Jim Pingle
08:04 AM pfSense Packages Bug #12965 (Pull Request Review): FRR BFD peer configuration is handled incorrectly in some cases: Jim Pingle
08:04 AM Regression #12949 (Pull Request Review): The ruleset is not regenerated after assigning an interface: Jim Pingle
07:45 AM Feature #12964 (Closed): Add toggle for vtnet ALTQ/multiqueue on Advanced - > Networking page below "hn ALTQ Support": This is not possible as the options which allow ALTQ to work on vtnet are compile-time options and not runtime option... Jim Pingle
06:22 AM pfSense Packages Bug #12808: Wireguard Gateways disabled when Wireguard Service is Manually Restarted: Here are some screenshots for reference.
Note: Disabling Gateway Monitoring and Using Non-local Gateway or using a /... Waqas Khan
06:07 AM pfSense Packages Bug #12808: Wireguard Gateways disabled when Wireguard Service is Manually Restarted: I am the original author of this post https://old.reddit.com/r/PFSENSE/comments/tc8zsx/wireguard_service_not_starting... Waqas Khan

03/21/2022

11:59 PM pfSense Packages Feature #10809 (Resolved): IDS/IPS - Notifications when new rule categories are released: Viktor Gurov
05:26 PM pfSense Packages Feature #10809: IDS/IPS - Notifications when new rule categories are released: Chiming in to note all is good, notifications are sent when new rule categories appear.
Can be closed. e 1/1
10:32 PM Revision ab46a1e2: Merge branch 'master' into mvc_refactor: Trevor Kerr
07:34 PM Revision f9d2c2c3: Packet capture: add clear log button: When there is a log file, show a "Clear Log" button to delete the last log without having to drop to cli Phil Wardt
04:55 PM pfSense Packages Feature #12963: Run nmap scans in the background: Phil Wardt wrote in #note-3:
> Phil Wardt wrote in #note-2:
> > Add a working test patch that can be copied into Sy... Phil Wardt
07:51 AM pfSense Packages Feature #12963: Run nmap scans in the background: Phil Wardt wrote in #note-2:
> Add a working test patch that can be copied into System Patches package:
Added opt... Phil Wardt
03:35 PM pfSense Packages Bug #12969 (Duplicate): Status_Traffic_Totals GUI showing graphical data for the wrong month: In the GUI for version 2.3.2_2, the Interactive Graph and Date Summary are both showing the current data under the wr... Oren Jellow
02:38 PM Feature #12968 (Resolved): Button to clear previous packet capture data: Packet Capture window:
When there is a log file, show a "Clear Log" button to delete the last log without having to ... Phil Wardt
10:59 AM Bug #12940: Deleting a user on the primary node does not delete its home directory on secondary node during XMLRPC sync: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/680 Viktor Gurov
10:43 AM Bug #12957 (In Progress): Delete button is always active for NAT rules, even if no rules are selected: Viktor Gurov
10:43 AM Bug #12966 (Duplicate): Some action buttons are always active, even if no NAT rule is selected: Viktor Gurov
03:39 AM Bug #12966 (Duplicate): Some action buttons are always active, even if no NAT rule is selected: The "Delete" and "Toggle" (#12879) buttons at the bottom of the NAT rules page are always active.
All of these butto... Viktor Gurov
08:39 AM pfSense Packages Bug #12965: FRR BFD peer configuration is handled incorrectly in some cases: fixes:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/199 Viktor Gurov
08:17 AM Bug #10513: State issues with policy routing and HA failover: > Tested in 2.5.2. This seems to still be a big issue.
In 2.6.0, too. I'm not sure about the lost states, but the tr... Christian Ullrich
04:32 AM Regression #12949: The ruleset is not regenerated after assigning an interface: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/679 Viktor Gurov
04:11 AM Bug #12440: Zero-value prefix IPv6 addresses are mishandled: Marcos Mendoza wrote in #note-5:
> Tested on @22.05.a.20220311.0600@ with the patch.
>
> The IP @::192.168.10.10@... Viktor Gurov
03:40 AM Bug #12871: Some action buttons are always active for firewall rules, even if no rules are selected: Christopher Cope wrote in #note-5:
> Tested on
> [...]
>
> and the buttons are disabled without a selection on t... Viktor Gurov
02:12 AM Feature #12675 (New): Move command line history to a GUI option stored in ``config.xml`` rather than a manual flag file: Jim Pingle wrote in #note-8:
> nd now if the user touches the file manually it gets cleared at the next boot, so the... Viktor Gurov
02:10 AM Feature #12675: Move command line history to a GUI option stored in ``config.xml`` rather than a manual flag file: Jim Pingle wrote in #note-10:
> I merged a fix for the option check and also added a GUI option when editing the use... Viktor Gurov
01:14 AM Bug #12790: Link-Local IPv6 address on WAN with MAC spoofing changes if there is an IP Alias on WAN: Tested on 22.05-DEVELOPMENT (built on Sun Mar 20 06:19:27 UTC 2022) with patch from https://gitlab.netgate.com/pfSens... Azamat Khakimyanov

03/20/2022

11:56 PM pfSense Packages Feature #12718 (Resolved): add igc(4) to the list of INLINE mode (iflib/netmap) supported cards: Viktor Gurov
04:04 PM pfSense Packages Bug #12965: FRR BFD peer configuration is handled incorrectly in some cases: To summarize:
* load the saved @Profile@ value on BFD peer edit
* allow the selection of VIPs for @Local Source Add... Marcos M
03:58 PM pfSense Packages Bug #12965 (Pull Request Review): FRR BFD peer configuration is handled incorrectly in some cases: Saving the following BFD peer configuration results in no configuration change (checked by looking at @FRR / Status /... Marcos M
12:52 PM Feature #12964: Add toggle for vtnet ALTQ/multiqueue on Advanced - > Networking page below "hn ALTQ Support": Sorry I meant below "hn ALTQ support" Chris Collins
12:50 PM Feature #12964 (Closed): Add toggle for vtnet ALTQ/multiqueue on Advanced - > Networking page below "hn ALTQ Support": The vtnet driver can only support multiqueue or ALTQ, and not both, I held of the feature request, but now I see hype... Chris Collins
08:48 AM pfSense Packages Feature #12963: Run nmap scans in the background: Add a working test patch that can be copied into System Patches package:
Phil Wardt
08:23 AM pfSense Packages Feature #12963: Run nmap scans in the background: Github commit, tested with screen shots:
https://github.com/pfsense/FreeBSD-ports/pull/1148
Note: it properly sup... Phil Wardt
08:19 AM pfSense Packages Feature #12963 (Feedback): Run nmap scans in the background: NMap package cannot actually run from gui because of nginx timeout
This patch adds the following features:
- run ... Phil Wardt
06:14 AM pfSense Packages Bug #12808: Wireguard Gateways disabled when Wireguard Service is Manually Restarted: Also see:
https://old.reddit.com/r/PFSENSE/comments/tc8zsx/wireguard_service_not_starting_on_system/
Can also con... Zep Man

03/19/2022

10:08 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``: I have compiled the igb driver for 12.3 to test this weekend.
Additionally, patches for the VLAN issue should be i... Kris Phillips
10:06 PM Regression #12827: High latency and packet loss during a filter reload: Have run into this bug twice with customers, once with a standalone firewall that had 200+ interfaces and another wit... Kris Phillips
06:23 PM Bug #12728 (Resolved): Cannot remove IPv6 static routes: I was able to add/remove IPv6 static routes without errors.
route is removed.
22.05.a.20220319.0600
Alhusein Zawi
03:21 PM pfSense Packages Bug #12917: LoopiaAPI changed: Jim Pingle wrote in #note-2:
> Viktor Gurov wrote in #note-1:
> > acme.sh updated to v3.0.2 in #12886
> >
> > Lo... Nim Djid
01:37 PM pfSense Packages Feature #12718: add igc(4) to the list of INLINE mode (iflib/netmap) supported cards: was able to start suricata inline mode on igc interface (6100) running 22.01 v6.0.4_1 Jordan G
12:53 PM Feature #12863: dynamically tune sha512crypt rounds: Here's a patch that can be applied by copying its contents
Tested with auth on my current system
Rounds could maybe... Phil Wardt
10:16 AM Feature #12863: dynamically tune sha512crypt rounds: Jim Pingle wrote in #note-2:
> Dynamic tuning sounds like more trouble than it's worth, IMO. We'd have to test and ca... Phil Wardt
09:27 AM Feature #12962 (Duplicate): Improve default sha512 password hashing rounds: Already covered by multiple other issues.
See: #12855, #12800, #12863
Jim Pingle
09:22 AM Feature #12962: Improve default sha512 password hashing rounds: Here's the commit:
https://github.com/pfsense/pfsense/pull/4563 Phil Wardt
09:18 AM Feature #12962 (Duplicate): Improve default sha512 password hashing rounds: After this change: https://redmine.pfsense.org/issues/10298
The default encryption for passwords is sha512
Howeve... Phil Wardt
09:11 AM pfSense Packages Bug #12951: FRR cannot remove IPv6 routes: https://github.com/FRRouting/frr/issues/10827 yon Liu
05:32 AM pfSense Packages Bug #12951: FRR cannot remove IPv6 routes: 2022/03/19 02:16:50 BGP: can't connect to 2604:8800:60:240::100 fd 34 : Permission denied
2022/03/19 02:16:50 BGP: c... yon Liu
06:31 AM pfSense Packages Bug #12777 (Resolved): STunnel writes config.xml on each start: Tested with Stunnel 5.50_10
It writes to config.xml only after config changes. Ticket resoloved. Danilo Zrenjanin
05:28 AM Bug #12780 (Resolved): L2TP/PPTP interface assignment page loses some values after input validation error: Tested on the:... Danilo Zrenjanin
05:12 AM Bug #12792 (Resolved): Automatic Outbound NAT rules do not include OpenVPN CSO entries: Tested on:... Danilo Zrenjanin
04:59 AM Bug #12887 (Resolved): GUI does not reject an invalid OpenVPN tap mode configuration with an empty tunnel network "Bridge DHCP" disabled: Tested against:... Danilo Zrenjanin

03/18/2022

10:45 PM Revision 44c4a509: Increase max firewall log entries: Christopher Embry
02:07 PM Revision 062972b3: pf host ID support. Issue #12702: Jim Pingle
02:01 PM Bug #12947: Old IPv6 addresses may continue to be used after DHCP or RA changes: The patch didn't work.
I applied the patch to my 2.5.2 system then enabled DHCP6 client debug mode and saved the i... David Myers
01:16 PM Revision 98ecfb9f: Add user opt to keep history. Implements #12675: Jim Pingle
12:46 PM Regression #12961 (Resolved): CARP event storm when leaving persistent CARP maintenance mode: Hi,
this is a very weird issue so I will try my best to describe it. I think this is a regression that we are seei... Florian Apolloner
12:27 PM Bug #12960 (Resolved): VGA install defaults to serial as primary console when loading/saving admin GUI settings without making changes: When booting from a VGA installer such as the ISO or VGA USB memstick, the boot menu is set to Serial.
See attache... Jim Pingle
12:16 PM Feature #12702: Use consistent pf host ID and add GUI option to set a custom host ID in state synchronization settings: That's from #12703 and is fixed on snapshots later than what you're running. Upgrade and test again. Jim Pingle
12:13 PM Feature #12702: Use consistent pf host ID and add GUI option to set a custom host ID in state synchronization settings: Tested, from the patch, on both a single system and a HA pair all running... Christopher Cope
09:08 AM Feature #12702 (Feedback): Use consistent pf host ID and add GUI option to set a custom host ID in state synchronization settings: Changes merged, will be in snapshots soon for testing. Jim Pingle
11:26 AM Bug #12959 (Feedback): dhcplease process wrongly update host file if client-hostname is empty: I've activated "Register DHCP leases in DNS forwarder" option.
I case where one of my device requests an IP without ... Max Bal
10:38 AM pfSense Docs Todo #12958 (Closed): Feedback on Configuration — Advanced Configuration Options — Miscellaneous Tab: It's correct as it is. tmpfs uses regular RAM, space in RAM used by RAM disks means there is less RAM for other progr... Jim Pingle
09:58 AM pfSense Docs Todo #12958 (Closed): Feedback on Configuration — Advanced Configuration Options — Miscellaneous Tab: *Page:* https://docs.netgate.com/pfsense/en/latest/config/advanced-misc.html
*Feedback:*
re: https://docs.netgate... Steve Y
09:33 AM Bug #12957 (Resolved): Delete button is always active for NAT rules, even if no rules are selected: This is the same issue as #12871 but on all NAT pages instead of the rules page.
Port Forward, 1:1, Outbound, & NP... Christopher Cope
09:01 AM Feature #12675 (Feedback): Move command line history to a GUI option stored in ``config.xml`` rather than a manual flag file: I merged a fix for the option check and also added a GUI option when editing the user. Will be in snapshots soon. Jim Pingle
07:32 AM Feature #12675 (In Progress): Move command line history to a GUI option stored in ``config.xml`` rather than a manual flag file: Jim Pingle
07:30 AM Bug #12871 (Resolved): Some action buttons are always active for firewall rules, even if no rules are selected: This issue was just for the firewall rules page which is good now. The other pages should get a fresh Redmine issue i... Jim Pingle
05:28 AM Bug #12953 (Resolved): ESP description in IPsec phase 2 proposal help text is ambiguous: Tested against:... Danilo Zrenjanin
12:38 AM pfSense Packages Bug #12956: suricata fails to use pcre in SID management (e.g. dropsid.conf): Indeed, I've found the commit that caused the regression:
https://github.com/pfsense/FreeBSD-ports/commit/9d8801b498... Adam CM
12:31 AM pfSense Packages Bug #12956 (Resolved): suricata fails to use pcre in SID management (e.g. dropsid.conf): In suricata/suricata.inc, under "Test the SID token for the PCRE: keyword", the match for the regular expression will... Adam CM

03/17/2022

04:28 PM Bug #12871: Some action buttons are always active for firewall rules, even if no rules are selected: Tested on... Christopher Cope
02:03 PM Feature #12675 (New): Move command line history to a GUI option stored in ``config.xml`` rather than a manual flag file: The MR implemented the config setting/backend part but not the GUI option. And now if the user touches the file manua... Jim Pingle
01:06 PM Revision f14a50f8: Clarify ESP help text. Fixes #12953: Jim Pingle
12:38 PM Feature #12702 (Pull Request Review): Use consistent pf host ID and add GUI option to set a custom host ID in state synchronization settings: MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/675 Jim Pingle
10:00 AM Feature #12702 (In Progress): Use consistent pf host ID and add GUI option to set a custom host ID in state synchronization settings: Jim Pingle
11:05 AM Bug #12955 (Not a Bug): DHCP Leases not loading: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
10:36 AM Bug #12955 (Not a Bug): DHCP Leases not loading: al cargar la pagina DHCP leases ipv4 y tras el minuto de espera del navegador sale el error de la imagen que adjunto
... Nicolas Torres Andrades
09:26 AM Bug #12829: Dummynet kernel module fails to load after upgrade.: See #12954 for Limiters failing to pass traffic.
That is not related to the dummynet kernel module being unavailab... Steve Wheeler
09:22 AM Bug #12830 (Closed): Traffic Shaper (Limiters) broken: This is now better understood. See: #12954 Steve Wheeler
09:19 AM Regression #12954 (Resolved): Traffic routed through DUMMYNET by PF fails when IPFW is enabled: If you have Limiters configured and are sending traffic through then using pf firewall rules that traffic can fail if... Steve Wheeler
08:10 AM Bug #12953 (Feedback): ESP description in IPsec phase 2 proposal help text is ambiguous: Changed wording to "Encapsulating Security Payload (ESP) performs encryption and authentication [...]"
Jim Pingle
05:43 AM Bug #12953 (Resolved): ESP description in IPsec phase 2 proposal help text is ambiguous: Under VPN>IPsec>Tunnels>Edit Phase 2 - Phase 2 Proposal (SA/Key Exchange), help text says:
"Encapsulating Security ... Danilo Zrenjanin
08:01 AM pfSense Packages Bug #12952 (Closed): After update to v. 22.01 DNS Resolver Custom Options for bypassing PfBlockerNG not working: I cannot reproduce any issues with views in the DNS resolver as described. It's possible there is a local issue in pf... Jim Pingle
03:45 AM pfSense Packages Bug #12952 (Closed): After update to v. 22.01 DNS Resolver Custom Options for bypassing PfBlockerNG not working: Immediately after updating PfSense+ on Netgate 7100 from v. 21.05.2 to 22.01 the bypass setting for PfBlockerNG sto... Thomas Kauders
07:57 AM Bug #12950: OpenVPN as default gateway does not get set at boot time: I can reproduce this on snapshots if I set an OpenVPN gateway as default directly, but there is a workaround.
Crea... Jim Pingle
07:32 AM Bug #12703 (Resolved): pf ``hostid`` value is handled inconsistently: This is good on the latest snapshot which was built after our recent upstream merge.... Jim Pingle
12:52 AM pfSense Packages Bug #12951 (Feedback): FRR cannot remove IPv6 routes: pfsense 2.6 system
frr log show:
2022/03/16 21:46:42 ZEBRA: [EC 100663303] kernel_rtm: 2606:2800:e004::/48: r... yon Liu

03/16/2022

06:39 PM Regression #12949: The ruleset is not regenerated after assigning an interface: Also seeing this in:... Steve Wheeler
06:17 PM Regression #12949: The ruleset is not regenerated after assigning an interface: I was able to reproduce this on 2.6 with a default config. Marcos M
06:14 PM Regression #12949: The ruleset is not regenerated after assigning an interface: Logs from a 2.5.2 VM where I reassigned WAN from em0 to vtnet0 and am able to login at the new IP imediately:... Steve Wheeler
05:44 PM Regression #12949 (Resolved): The ruleset is not regenerated after assigning an interface: In some circumstances the ruleset is not reloaded or regenerated after re-assigning an interface.
For example afte... Steve Wheeler
06:32 PM Bug #12950 (New): OpenVPN as default gateway does not get set at boot time: I have an OpenVPN gateway configured as my default gateway with a static route in place to ensure the VPN connects vi... James Chambers
02:37 PM Bug #12947: Old IPv6 addresses may continue to be used after DHCP or RA changes: I tried altering the script so it would fire during a renew with mixed success. Though I found another odd behavior. ... Jim Pingle
07:58 AM Bug #12947: Old IPv6 addresses may continue to be used after DHCP or RA changes: For that to trigger the client would have to fire the script during an event when the change occurs. It may not, but ... Jim Pingle
07:39 AM Bug #12947 (Feedback): Old IPv6 addresses may continue to be used after DHCP or RA changes: I recently started using T-Mobile 5G Home Internet. The gateway device you're required to use is almost completely un... David Myers
12:13 PM Feature #6626: Support for IPv6 firewall entries with dynamic delegated prefix and static host address: Thilo Gass wrote in #note-39:
> In https://redmine.pfsense.org/issues/12190 you find the information:
>
> Forma... Thilo Gass
11:38 AM pfSense Packages Bug #12948 (Resolved): IPsec Profile Wizard/Windows: Script generated for IKEv2 VPN using GCM does not use an optimal Phase 2 hash configuration: When mixing AE ciphers in a P2 with AEAD ciphers (e.g. AES with AES128-GCM), the wizard will generate a script with t... Marcos M
07:41 AM Bug #12946 (Duplicate): Unbound will not resolve long CNAME chains: Duplicate of #11595
We can't take on the technical debt that would come with carrying custom patches for this fore... Jim Pingle

03/15/2022

08:16 PM Revision 719da3ee: Remember dyn GW when if is down. Issue #12931: * When a dynamic interface goes down, retain its old gateway address in
a place we can read if if necessary
* When ... Jim Pingle
06:06 PM Bug #12946 (Duplicate): Unbound will not resolve long CNAME chains: This is relates to Bug #11595. Also documented with the Unbound team, https://github.com/NLnetLabs/unbound/issues/43... Steve Boyle
03:42 PM Feature #12945 (Resolved): Implement missing ipfw equivalents in libpfctl necessary for captiveportal: As indicated by Viktor Gurov:
> pfSense_ipfw_*() functions have been rewritten to use shell scripts, which is slow, ... Reid Linnemann
03:28 PM Feature #12931 (Feedback): Retain knowledge of previous dynamic gateway IP address when interface is down: Changes merged. Jim Pingle
03:23 PM Bug #12942 (In Progress): Code to kill states for old gateway when reconnecting an interface is incorrect: While this does work, it can be harsh and should be made optional if possible. A global option similar to the option ... Jim Pingle
02:57 PM pfSense Docs Correction #12944 (Closed): Hashtab no longer avaliable: Replaced HashTab with OpenHashTab: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/9246ff1a5ea5df1b56186f1e3133... Jim Pingle
02:50 PM pfSense Docs Correction #12944 (In Progress): Hashtab no longer avaliable: Jim Pingle
02:49 PM pfSense Docs Correction #12944 (Closed): Hashtab no longer avaliable: At the following link we recommend Hashtab for Windows users, but they went out of business and for now it isn't avai... Christopher Cope
02:38 PM Revision 2e326e19: Enable /etc/rc.d/zfsbe support in pfSense-rc: Christian McDonald
10:12 AM pfSense Docs Todo #12158 (Closed): Feedback on Installing and Upgrading — Prepare Installation Media — Prepare a USB Memstick: This was fixed a while back, the linked page is just Etcher now. The page linked at the end with alternate techniques... Jim Pingle
10:04 AM pfSense Docs Todo #12704 (Closed): Add more HA DHCP troubleshooting info: Jim Pingle
07:32 AM Bug #12829: Dummynet kernel module fails to load after upgrade.: Lewis Smith wrote in #note-14:
> Luca De Andreis wrote in #note-13:
> > Hello everybody,
> >
> > I can confirm t... Luca De Andreis
07:14 AM Bug #12829: Dummynet kernel module fails to load after upgrade.: Luca De Andreis wrote in #note-13:
> Hello everybody,
>
> I can confirm that there are problems with PfSense 2.6.... Lewis Smith
07:18 AM Bug #12922: Classless static routes received on DHCP WAN can override chosen default gateway: I think there's a similar issue "here":https://github.com/pfsense/pfsense/blob/07fe3d3d60a61621171fbc0a1a5e42c1462fb5... David Myers
07:17 AM Bug #12943 (Duplicate): Routing bad if rename Alias destination network: Duplicate of #12727 Jim Pingle
01:16 AM Bug #12943 (Duplicate): Routing bad if rename Alias destination network: pfsense 2.5.2
Routing bad if rename Alias destination network
Create Alias for network destination routing
Creat... Aleks Bug
03:14 AM Bug #12941: Captive Portal on specific VLAN prevents routing to other networks (since 22.01): @jimp The suggested system patch successfully fixed the issue! Thank you. Lorenzo Marroccoli
02:35 AM pfSense Plus Feature #11732: Add VXLAN Support to pfSense Plus: Understand that VXLAN was supported but removed some time ago for not being enterprise ready.
From my understanding ... Reine Hålldin

03/14/2022

04:33 PM Revision 4cd703e9: Add bhyve config package: Brad Davis
03:11 PM Revision d250c083: Revert "Skip gateway if interface is down. Fixes #12920": This breaks some gateway operations because the gateways disappear
entirely when the interface loses link.
This reve... Jim Pingle
02:24 PM Bug #12942 (Pull Request Review): Code to kill states for old gateway when reconnecting an interface is incorrect: MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/673
Might be too aggressive, also might need to cove... Jim Pingle
10:45 AM Bug #12942 (Resolved): Code to kill states for old gateway when reconnecting an interface is incorrect: There are a few places where we may want to clear states using an old gateway when it's no longer valid, and there is... Jim Pingle
01:07 PM Feature #12931 (Pull Request Review): Retain knowledge of previous dynamic gateway IP address when interface is down: MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/672
Jim Pingle
08:35 AM Feature #12931 (In Progress): Retain knowledge of previous dynamic gateway IP address when interface is down: Jim Pingle
10:22 AM Bug #12920 (New): Gateway behavior differs when the gateway does not exist in the configuration: Jim Pingle
10:20 AM Bug #12920 (Feedback): Gateway behavior differs when the gateway does not exist in the configuration: Applied in changeset commit:d250c083dffa1e1d429f871f2081644dfa9d2f62. Jim Pingle
10:19 AM Bug #12920 (New): Gateway behavior differs when the gateway does not exist in the configuration: With this in place it removes dynamic gateway entries for interfaces such as DHCP entirely when they are down, which ... Jim Pingle
08:55 AM pfSense Packages Bug #12808: Wireguard Gateways disabled when Wireguard Service is Manually Restarted: I have the same issue. One side of the Wireguard VPN is disabled after reboot. Both sides of the VPN appear to have t... B P
08:02 AM Bug #12941: Captive Portal on specific VLAN prevents routing to other networks (since 22.01): @jimp thank you for your quick reply.
That would explain why I can RDP into devices on other VLAN and load a page... Lorenzo Marroccoli
07:28 AM Bug #12941 (Duplicate): Captive Portal on specific VLAN prevents routing to other networks (since 22.01): This is almost certainly a duplicate of #12834 or at least the same root cause. First thing to try is the patch in th... Jim Pingle
06:08 AM Bug #12941 (Duplicate): Captive Portal on specific VLAN prevents routing to other networks (since 22.01): Hello there,
this weekend I updated my 1537 to 22.01-RELEASE from the previous latest stable version.
The update ... Lorenzo Marroccoli
07:54 AM pfSense Docs Correction #12936 (Closed): HAproxy current versions: I removed all of the version-specific information from the doc as there wasn't a good reason to keep it.
I also cl... Jim Pingle
07:38 AM Feature #12939 (Rejected): Extend DNS query log: A client would never tell the DNS server the whole URL it is querying, only the address of the server which is what g... Jim Pingle
07:33 AM Regression #12904 (Not a Bug): Intel X500 series interfaces (ixgbe) show incoming errors in 2.6/22.01, whereas they did not in 2.5.2: That's what I expected given the behavior. It's just more accurate than it was in the past, so there isn't a bug here... Jim Pingle
07:28 AM Bug #11764 (New): IPv6 link local gateway default status not indicated in GUI: Jim Pingle

03/13/2022

10:04 PM Bug #11764: IPv6 link local gateway default status not indicated in GUI: I was running 2.7.0-dev up to around mid-January, then I shut it down to test the 2.6.0 release candidate and release... Daryl Morse
08:17 PM pfSense Packages Feature #9833: ACME: add ability to use custom ACME server: +1 for this as well.
Just started looking into sorting out the self-signed cert and thought there would be a better ... David Kemp
07:50 PM Bug #12940 (Resolved): Deleting a user on the primary node does not delete its home directory on secondary node during XMLRPC sync: In an HA configuration, deleting a user (System / User Manager) will only delete the user home directory on the prima... Marcos M
12:53 PM pfSense Docs Correction #12400: NAT 1:1 documentation - multi-wan information: May be better to say
> All traffic originating from that private IPv4 address leaving the selected interface will be... Marcos M
12:42 PM pfSense Docs Correction #11085 (Closed): Feedback on System Monitoring — CARP Status: Documentation now includes details on each mode/button. Marcos M
12:17 PM Bug #9358 (Closed): Lost default gateway after recover from failover with CARP VIP and HA: Tested on 22.01. This is no longer an issue. Marcos M
11:46 AM pfSense Packages Bug #12912 (Resolved): ACME is failing to fully issue a new certificate: This works again on 0.7_4. Marcos M
11:33 AM Bug #12440: Zero-value prefix IPv6 addresses are mishandled: Tested on @22.05.a.20220311.0600@ with the patch.
The IP @::192.168.10.10@ and @::ffff:192.168.10.10@ is being con... Marcos M
03:41 AM Feature #8173: dhcp6c - RAW Options: Is there any workaround for this? I'm experiencing problems because this isn't implemented - with Orange in FR. I've ... Nigel Smith

03/12/2022

02:08 PM Bug #12877: Cloudflare DynDNS fails to update more than two addresses: As a follow-up, I changed my DNS servers and my dynamic control of the domain back to Google. I stopped using Cloudfl... Bob Carpenter
01:56 PM Bug #12902 (Resolved): DNS Forwarder creates a loop when "Use local DNS, ignore remote DNS servers" is selected: Tested against:... Danilo Zrenjanin
11:42 AM Bug #12536 (Resolved): Setting a default gateway of "None" does not remove the default gateway from the routing table: fixed
Mark Gateway as Down/Disable this gateway removes the default GW from the routing table.
22.05.a.202203... Alhusein Zawi
10:18 AM Feature #12939: Extend DNS query log: Note that the problem is related to the redirect with as consequence that everything is referring to 127.0.0.1 . So a... Louis B
10:01 AM Feature #12939 (Rejected): Extend DNS query log: Hello,
I would like to monitor which computer is trying to reach which URL. I also like to block certain URL's. Fo... Louis B
09:37 AM Bug #12938 (Resolved): Incorrect warning from ``radvd`` about ``AdvRDNSSLifetime`` value: Hello,
I now this is not the first time that this issue pops up, however never the less it is not ok. (refer to e.... Louis B
08:23 AM Regression #12904: Intel X500 series interfaces (ixgbe) show incoming errors in 2.6/22.01, whereas they did not in 2.5.2: This looks almost certainly because of a driver change in 22.01/2.6:
https://github.com/pfsense/FreeBSD-src/commit/5... Steve Wheeler
07:10 AM Regression #12937 (Resolved): Traffic Shaper wizard can produce an invalid ruleset when configured with an IPv4 upstream SIP server: After running the traffic shaper wizard and defining an Upstream SIP server IP address under the VOIP specific settin... Danilo Zrenjanin
03:33 AM pfSense Docs Correction #12936 (Closed): HAproxy current versions: ... Danilo Zrenjanin
02:55 AM pfSense Packages Bug #12898 (Resolved): Update HAProxy Backend to Latest LTS: Installed HAproxy on the:... Danilo Zrenjanin

03/11/2022

08:33 PM Regression #12904: Intel X500 series interfaces (ixgbe) show incoming errors in 2.6/22.01, whereas they did not in 2.5.2: That was in a lagg of ix0+1 but as a single interface it's no different:... Steve Wheeler
04:22 PM Regression #12904: Intel X500 series interfaces (ixgbe) show incoming errors in 2.6/22.01, whereas they did not in 2.5.2: I'm unable to replicate this using an x520 NIC in an XG-7100:... Steve Wheeler
07:14 PM pfSense Docs Todo #12935 (Duplicate): Update ClamAV to 0.104.2 or latest non-release candidate (CVE-2022-20698): Duplicate of #12933 Jim Pingle
07:11 PM pfSense Docs Todo #12935 (Duplicate): Update ClamAV to 0.104.2 or latest non-release candidate (CVE-2022-20698): Currently ClamAV 0.104.1 is packaged in 22.01/2.6 and contains this vulnerability which was fixed in version 0.104.2.... Chris W
07:13 PM Todo #12934: Update strongSwan: That vulnerability is not relevant to pfSense. It affects EAP clients, and pfSense can only act as an EAP server.
... Jim Pingle
07:11 PM Todo #12934 (Resolved): Update strongSwan: Currently StrongSwan 5.9.4 is packaged in 22.01/2.6, and contains this vulnerability which was fixed in version 5.9.5... Chris W
06:51 PM pfSense Packages Bug #12933 (Resolved): Vulnerability in ClamAV Engine Used by Squid: https://www.tenable.com/plugins/nessus/156698
pfSense CE 2.6 and pfSense Plus 22.01 use ClamAV 0.104.1,1, which is... Kris Phillips
03:59 PM Revision 64b2a187: Disable buttons on the firewall_rules.php page if no rules selected. Fixes #12871: Viktor Gurov
01:19 PM Revision c5d0d75d: New methods for killing states. Implements #12092: Jim Pingle
11:42 AM pfSense Packages Bug #12924: DNS Resolver WireGuard ACL Inconsistency: Christian McDonald wrote in #note-2:
> Hi Kevin,
>
> I am having a hard time replicating this based on your initi... Kevin Mychal Ong
09:20 AM pfSense Packages Bug #12924: DNS Resolver WireGuard ACL Inconsistency: Hi Kevin,
I am having a hard time replicating this based on your initial issue description. Can you please outline... Christian McDonald
11:08 AM pfSense Packages Feature #12932 (New): pfblockerng per user whitelist: Have the ability to not have DNS blocking applied to certain IPs. Right now this can be written into Unbound using cu... Mike Moore
10:42 AM pfSense Docs Todo #12910 (Closed): Add warning to VTI and OpenVPN assignment docs about automatic default gateway: Another place the warning was needed: https://docs.netgate.com/pfsense/en/latest/vpn/wireguard/assign.html#assign-a-w... Jim Pingle
10:15 AM pfSense Docs Todo #12908 (Closed): Add notes to e-mail notification docs about Gmail App Passwords: Note added & deployed
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/45d235f0274f0686b00ea5a57975227e3b216066 Jim Pingle
10:05 AM Bug #12871 (Feedback): Some action buttons are always active for firewall rules, even if no rules are selected: Applied in changeset commit:64b2a18796fbdb36123c117bb2463f9501a43b36. Viktor Gurov
08:24 AM Feature #855: Ability to selectively kill states on gateway recovery: Updating subject. Many scenarios are now possible with #12092 and also some more will be covered by #12931 so this ca... Jim Pingle
08:14 AM Feature #12807 (Duplicate): Clear Active Secondary WAN Connections: Jim Pingle
08:13 AM Bug #8555 (Duplicate): Selectively killing states on WAN failure: Closing as this is solved by #12092 which ended up covering what is currently possible in this kind of case. Jim Pingle
08:11 AM Feature #12931 (Resolved): Retain knowledge of previous dynamic gateway IP address when interface is down: Our current methods for determining a gateway IP address only work while an interface with a dynamic address is up (e... Jim Pingle
08:00 AM Feature #12092: Utilize new ``pfctl`` abilities to kill states: These changes will be available in snapshots soon. It grew a little bit since the initial description but it ended up... Jim Pingle
07:25 AM Feature #12092 (Feedback): Utilize new ``pfctl`` abilities to kill states: Applied in changeset commit:c5d0d75dbdb11753fb95b3ffb933e546d49924ca. Jim Pingle
07:39 AM Bug #12925: FQDN in network alias is omitted from OpenVPN networks list: Thanks for the quick fix. Let me know when the patch is updated and I'll re-apply and verify. Adrien Carlyle
06:15 AM Bug #12925 (New): FQDN in network alias is omitted from OpenVPN networks list: Adrien Carlyle wrote in #note-9:
> I tracked this down, the FQDN entry isn't being resolved and passed to openvpn wit... Viktor Gurov

03/10/2022

09:12 PM Revision 87b9ecff: Add rule ID text input to state dump page. Issue #12616: Reid Linnemann
05:09 PM Regression #12884: OpenVPN status display for TAP mode services shows peer-to-peer instead of client list in certain cases: Thanks, the combination of @5f3aa9464e9b9b8062faa47e7552552ff3841d92@ then @9be20fdf57fe9c9c17aa16542189854dbf1cbebd@... Evan Pearce
03:42 PM pfSense Packages Bug #12623: acme.sh package | DNS-ISPConfig settings: This one fixes the issue: https://github.com/acmesh-official/acme.sh/commit/01ace11293f4cf27f8e761114f48148bbcbad063 Morten Trab
03:05 PM pfSense Packages Bug #12623: acme.sh package | DNS-ISPConfig settings: Leaving the Allow Insecure blank, results in a different error:... Morten Trab
02:37 PM pfSense Packages Bug #12623: acme.sh package | DNS-ISPConfig settings: I should add, I tested the script and it is placing the correct variables into the environment and the script does se... Jim Pingle
02:32 PM pfSense Packages Bug #12623 (New): acme.sh package | DNS-ISPConfig settings: The upstream code still has a problem. If you leave "Allow Insecure" blank now it should at least get past that part,... Jim Pingle
06:35 AM pfSense Packages Bug #12623: acme.sh package | DNS-ISPConfig settings: I'm on 0.7_4 now and still see the exact same error - so no, still not fixed Morten Trab
03:23 PM Feature #12616 (Feedback): Option to filter state table contents by rule ID: Reid Linnemann
03:20 PM Feature #12616 (Resolved): Option to filter state table contents by rule ID: Input field added in 87b9ecff572e364f58b36293981b4c9b9ae20683
Mapping states to rules by rule id to get descriptio... Reid Linnemann
02:55 PM Regression #12866 (Resolved): Disabled Captive Portal configuration prevents adding an interface to a bridge: Tested on... Christopher Cope
02:55 PM Revision 60c0b333: OpenVPN FQDN in alias support. Fixes #12925: Viktor Gurov
02:51 PM Revision 773902ef: DHCPD: deny MAC Deny entries instead of ignore. Fixes #12923: Viktor Gurov
01:34 PM Bug #12925: FQDN in network alias is omitted from OpenVPN networks list: I tracked this down, the FQDN entry isn't being resolved and passed to openvpn with a /32 mask
This is an FQDN/32 ... Adrien Carlyle
01:13 PM Bug #12925: FQDN in network alias is omitted from OpenVPN networks list: I just noticed that this now shows in my OpenVPN client log when I try to connect while an FQDN entry is present in t... Adrien Carlyle
12:25 PM Bug #12925: FQDN in network alias is omitted from OpenVPN networks list: Adrien Carlyle wrote in #note-6:
> I applied the patch and rebooted the system. There is no change in behavior.
>... Viktor Gurov
11:53 AM Bug #12925: FQDN in network alias is omitted from OpenVPN networks list: I applied the patch and rebooted the system. There is no change in behavior.
Is there anything I can run on the ap... Adrien Carlyle
09:31 AM Bug #12925: FQDN in network alias is omitted from OpenVPN networks list: Adrien Carlyle wrote in #note-3:
> Viktor Gurov wrote in #note-1:
> > fix:
> > https://gitlab.netgate.com/pfSense/... Viktor Gurov
09:05 AM Bug #12925 (Feedback): FQDN in network alias is omitted from OpenVPN networks list: Applied in changeset commit:60c0b333c7ee5b951ad659a42693a1070a762ec1. Viktor Gurov
07:16 AM Bug #12925: FQDN in network alias is omitted from OpenVPN networks list: Viktor Gurov wrote in #note-1:
> fix:
> https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/667
That was... Adrien Carlyle
07:04 AM Bug #12925 (Pull Request Review): FQDN in network alias is omitted from OpenVPN networks list: Jim Pingle
01:38 AM Bug #12925: FQDN in network alias is omitted from OpenVPN networks list: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/667 Viktor Gurov
12:55 PM Bug #12871 (Pull Request Review): Some action buttons are always active for firewall rules, even if no rules are selected: Jim Pingle
10:31 AM Bug #12871: Some action buttons are always active for firewall rules, even if no rules are selected: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/670 Viktor Gurov
12:52 PM pfSense Docs Todo #12930 (Closed): HA Proxy package support: Fixed and deployed. Jim Pingle
12:20 PM pfSense Docs Todo #12930 (Closed): HA Proxy package support: HA Proxy is not on the list of officially supported packages:
https://www.netgate.com/supported-pfsense-plus-package... Danilo Zrenjanin
11:58 AM Regression #12817 (Resolved): PHP error when terminating OpenVPN sessions via the dashboard widget: Tested on... Christopher Cope
11:52 AM Bug #12929 (Closed): pfSense Does Not Properly Boot on UEFI in KVM: No problems here with e1000 or virtio NICs, or virtio disk controller. Might be specific to that version of KVM/qemu ... Jim Pingle
11:48 AM Bug #12929: pfSense Does Not Properly Boot on UEFI in KVM: Jim Pingle wrote in #note-1:
> I can't reproduce this, at least with KVM through Proxmox. It boots the ISO fine UEFI... Kris Phillips
11:16 AM Bug #12929 (Feedback): pfSense Does Not Properly Boot on UEFI in KVM: I can't reproduce this, at least with KVM through Proxmox. It boots the ISO fine UEFI, installs fine, and boots up an... Jim Pingle
10:45 AM Bug #12929 (Closed): pfSense Does Not Properly Boot on UEFI in KVM: It appears that pfSense is unable to boot in KVM on UEFI. It will only boot with BIOS mode. When selecting the Free... Kris Phillips
10:52 AM Bug #12926: Changing LAGG type on CARP interfaces makes VIPs go to an "init" State: Viktor Gurov wrote in #note-1:
> Unable to reproduce:
> [...]
>
> after changing the LAGG mode from LACP to ROUN... Kris Phillips
02:02 AM Bug #12926 (Feedback): Changing LAGG type on CARP interfaces makes VIPs go to an "init" State: Unable to reproduce:... Viktor Gurov
10:07 AM Feature #12741 (Resolved): Eliminate duplicate shell commands from history file: Tested on... Christopher Cope
09:43 AM Bug #12892 (Feedback): ``HTTPClient`` option not sent when using UEFI HTTP Boot: Merged:
https://github.com/pfsense/pfsense/commit/b68d8fe695bb0b03bef9d4d8a0e70ca238303e35 Viktor Gurov
07:08 AM Bug #12892 (Pull Request Review): ``HTTPClient`` option not sent when using UEFI HTTP Boot: Jim Pingle
03:28 AM Bug #12892 (New): ``HTTPClient`` option not sent when using UEFI HTTP Boot: small fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/669 Viktor Gurov
09:26 AM Revision b68d8fe6: Do not add HTTPClient entries if netboot is disabled. Issue #12892: Viktor Gurov
09:18 AM Bug #12923: DHCP "Ignore denied clients" option with MAC Deny list set causes DHCP server to not start: Patch works for me, thanks! Steve Y
09:05 AM Bug #12923 (Feedback): DHCP "Ignore denied clients" option with MAC Deny list set causes DHCP server to not start: Applied in changeset commit:773902efa92299d35b4b77bd6af1cba24cb65dba. Viktor Gurov
07:07 AM Bug #12923 (Pull Request Review): DHCP "Ignore denied clients" option with MAC Deny list set causes DHCP server to not start: Jim Pingle
03:08 AM Bug #12923: DHCP "Ignore denied clients" option with MAC Deny list set causes DHCP server to not start: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/668 Viktor Gurov
06:45 AM pfSense Packages Bug #12917: LoopiaAPI changed: Viktor Gurov wrote in #note-1:
> acme.sh updated to v3.0.2 in #12886
>
> Looks like we need to update acme.sh mon... Jim Pingle
02:07 AM pfSense Packages Bug #12917: LoopiaAPI changed: acme.sh updated to v3.0.2 in #12886
Looks like we need to update acme.sh monthly/quarterly. Viktor Gurov
06:10 AM pfSense Packages Bug #12928 (Not a Bug): FRR When using vtysh to save the configuration, any changes to the webgui are invalid: This is correct behavior.
The "Raw Config" tab is used for custom configuration:
https://docs.netgate.com/pfsense... Viktor Gurov
05:45 AM pfSense Packages Bug #12928 (Not a Bug): FRR When using vtysh to save the configuration, any changes to the webgui are invalid: about FRR，When using vtysh to save the configuration, any changes to the webgui are invalid.
Because there are man... yon Liu
05:30 AM Revision c07c5cf5: Skip gateway if interface is down. Fixes #12920: Viktor Gurov
04:20 AM Bug #12927 (Incomplete): OpenVPN with OCSP enabled allows connections with revoked certificates: OpenVPN doesn't honor certificate validity status against the site listed in the OCSP URL field.
See:
https://red... Danilo Zrenjanin

03/09/2022

11:40 PM Bug #12920 (Feedback): Gateway behavior differs when the gateway does not exist in the configuration: Applied in changeset commit:c07c5cf5f2387cb2b9efdf25545bafebfa414f00. Viktor Gurov
05:33 PM Bug #12920: Gateway behavior differs when the gateway does not exist in the configuration: Tested fixes on current 22.05 snap on an 1100 and 5100.
The gateway status / dpinger behavior is now the same:
Gatew... Marcos M
01:56 PM Bug #12920 (Pull Request Review): Gateway behavior differs when the gateway does not exist in the configuration: Jim Pingle
12:08 PM Bug #12920 (New): Gateway behavior differs when the gateway does not exist in the configuration: extra fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/666 Viktor Gurov
08:00 AM Bug #12920 (Feedback): Gateway behavior differs when the gateway does not exist in the configuration: Applied in changeset commit:e7954a79ce0d386706dcde2e039ef57875ecee0a. Viktor Gurov
07:34 AM Bug #12920 (Pull Request Review): Gateway behavior differs when the gateway does not exist in the configuration: Jim Pingle
06:21 AM Bug #12920: Gateway behavior differs when the gateway does not exist in the configuration: related to https://github.com/pfsense/pfsense/commit/da836151dbd6dff0f8759ef165b24e0e173b078e
improvement:
https:... Viktor Gurov
05:55 PM Bug #12926 (Duplicate): Changing LAGG type on CARP interfaces makes VIPs go to an "init" State: When changing a LAGG from any mode to another mode while it has child interfaces that are something like VLANs and CA... Kris Phillips
02:42 PM Bug #12925 (Resolved): FQDN in network alias is omitted from OpenVPN networks list: I implemented this new feature (https://redmine.pfsense.org/issues/2668) on our OpenVPN server but have noticed some ... Adrien Carlyle
01:57 PM Revision 07fe3d3d: Update HAProxy-stable to version 2.2. Implements #12898: Viktor Gurov
01:54 PM Revision 9be20fdf: OpenVPN status TAP mode double entries fix. Issue #12884: Viktor Gurov
01:49 PM Revision e7954a79: Restart gateways monitor on dynamic interface down. Fixes #12920: Viktor Gurov
12:38 PM pfSense Packages Bug #12869 (Feedback): Bind DNS Package AAAA filtering Broken on new ZFS Installs: Merged to devel and 22.01/2.6 Viktor Gurov
07:34 AM pfSense Packages Bug #12869 (Pull Request Review): Bind DNS Package AAAA filtering Broken on new ZFS Installs: Jim Pingle
07:10 AM pfSense Packages Bug #12869 (New): Bind DNS Package AAAA filtering Broken on new ZFS Installs: regression: https://forum.netgate.com/topic/170558/bind-package-9-16_12-reads-from-cf-named-but-changes-in-the-gui-ar... Viktor Gurov
10:59 AM pfSense Packages Bug #12924 (New): DNS Resolver WireGuard ACL Inconsistency: Initially, I had two pfsense nodes connected via the WireGuard package. My tunnel network was 10.0.3.0/30 for p2p. I ... Kevin Mychal Ong
10:57 AM pfSense Packages Bug #12898: Update HAProxy Backend to Latest LTS: FreeBSD-ports merge:
https://github.com/pfsense/FreeBSD-ports/commit/da9ed529f30212fd826aebc3b7e896fce7a15217 Viktor Gurov
08:05 AM pfSense Packages Bug #12898 (Feedback): Update HAProxy Backend to Latest LTS: Applied in changeset pfsense:commit:07fe3d3d60a61621171fbc0a1a5e42c1462fb5ed. Viktor Gurov
10:52 AM Bug #12922: Classless static routes received on DHCP WAN can override chosen default gateway: Rewording the subject to be more precise.
It's unusual to get classless static routes from DHCP in most cases so the... Jim Pingle
10:30 AM Bug #12922 (Confirmed): Classless static routes received on DHCP WAN can override chosen default gateway: Although I'm still running 2.5.2 I believe this bug is also in 2.6.0 based on a diff of the file in question.
I ha... David Myers
10:44 AM Feature #8861: Show SFP module details on ``status_interfaces.php``: I just applied this patch and it fixed the issue. Thanks! Glenn Hall
10:42 AM Feature #8861 (Feedback): Show SFP module details on ``status_interfaces.php``: Merged:
https://github.com/pfsense/pfsense/commit/e4b4c3d2f919621eb7c684c0ed5d7593f255349f Viktor Gurov
07:11 AM Feature #8861 (Pull Request Review): Show SFP module details on ``status_interfaces.php``: Jim Pingle
02:21 AM Feature #8861 (New): Show SFP module details on ``status_interfaces.php``: Glenn Hall wrote in #note-9:
> I am now receiving the following PHP errors when I view the Status-->Interfaces page ... Viktor Gurov
10:41 AM Regression #12884 (Feedback): OpenVPN status display for TAP mode services shows peer-to-peer instead of client list in certain cases: Merged:
https://github.com/pfsense/pfsense/commit/9be20fdf57fe9c9c17aa16542189854dbf1cbebd Viktor Gurov
07:37 AM Regression #12884 (Pull Request Review): OpenVPN status display for TAP mode services shows peer-to-peer instead of client list in certain cases: Jim Pingle
07:17 AM Regression #12884 (New): OpenVPN status display for TAP mode services shows peer-to-peer instead of client list in certain cases: Evan Pearce wrote in #note-9:
> The patch above resolves my issue -- once applied, the user remote access service di... Viktor Gurov
05:07 AM Regression #12884: OpenVPN status display for TAP mode services shows peer-to-peer instead of client list in certain cases: The patch above resolves my issue -- once applied, the user remote access service displays client connections.
How... Evan Pearce
10:40 AM Bug #12923 (Resolved): DHCP "Ignore denied clients" option with MAC Deny list set causes DHCP server to not start: Scenario:
* in DHCP server config, MAC Deny option is set with a MAC address
* user wants to not log that every few... Steve Y
10:36 AM Regression #11545: Primary interface address is not always used when VIPs are present: I have this exact issue on 22.01. It manifests on reboot with OpenVPN server start binding to wrong IP. Note that o... Jeff Quasarano
08:20 AM Revision e4b4c3d2: Status Interfaces SPF details fix. Feature #8861: Viktor Gurov
08:06 AM Feature #12092: Utilize new ``pfctl`` abilities to kill states: Updating subject as this has evolved a bit to encompass both killing by label for rule IDs and killing by gateway. Jim Pingle
07:15 AM pfSense Plus Bug #12919 (Not a Bug): Enabling gateway failover introduces latency increase and causes artificial failover scenario: The symptoms sound similar to #12827 -- it might be worth trying the workaround which is available in the recommended... Jim Pingle
03:25 AM pfSense Plus Bug #12919: Enabling gateway failover introduces latency increase and causes artificial failover scenario: The issue issue is resolved, or rather is not an issue / not an accurate description. The same latency increase to >1... Ash Morris
05:51 AM Bug #12921 (Not a Bug): Interface status shows DHCP down after bouncing interface: This is the correct behavior - if you manually execute @ifconfig eth0 up@, it will not restart DHCPd using the servic... Viktor Gurov

03/08/2022

09:36 PM Feature #8861: Show SFP module details on ``status_interfaces.php``: I am now receiving the following PHP errors when I view the Status-->Interfaces page while running 2.7.0.a.20220308.0... Glenn Hall
07:21 PM Bug #12921 (Not a Bug): Interface status shows DHCP down after bouncing interface: Tested on 22.01 and 21.05. Issue can be reproduced on ESXi with pass-through NIC, and on an @1100@; unable to reprodu... Marcos M
06:59 PM Bug #12920: Gateway behavior differs when the gateway does not exist in the configuration: Some notes:
It shouldn't be an issue for WAN failover on 22.05 given that @dpinger@ starts back up. However, it's ... Marcos M
06:56 PM Bug #12920 (Resolved): Gateway behavior differs when the gateway does not exist in the configuration: The gateway status and @dpinger@ behave differently when the respective gateway entry does not exist in the @config.x... Marcos M
03:24 PM pfSense Plus Bug #12919: Enabling gateway failover introduces latency increase and causes artificial failover scenario: Apologies, affected version should read 22.01. Ash Morris
11:53 AM pfSense Plus Bug #12919: Enabling gateway failover introduces latency increase and causes artificial failover scenario: Forum post: https://forum.netgate.com/topic/170595/sg-5100-wan-failover-at-gigabit-saturation?_=1646751316923
... Ash Morris
11:45 AM pfSense Plus Bug #12919 (Not a Bug): Enabling gateway failover introduces latency increase and causes artificial failover scenario: Forum post: https://forum.netgate.com/topic/170595/sg-5100-wan-failover-at-gigabit-saturation?_=1646751316923
Issu... Ash Morris
01:49 PM Regression #12897: Attempting to decrypt an encrypted backup with the wrong password makes the GUI timeout: Jim Pingle wrote in #note-10:
> I took a slightly different approach since I wasn't a fan of the repetition of the c... Phil Wardt
09:32 AM Feature #12092: Utilize new ``pfctl`` abilities to kill states: Kristof let me know that we do also have @pfctl -k gateway -k x.x.x.x@ which would fill the missing pieces in here. I... Jim Pingle
07:40 AM Feature #12092: Utilize new ``pfctl`` abilities to kill states: The more I consider how this might work the less sure I am that the gateway part would be useful in a way most users ... Jim Pingle

03/07/2022

09:32 PM Revision 2404ca68: Encrypt/Decrypt Robustness & Testing. Issue #12897: * Move cleanup to separate function.
* Be more aggressive with cleanup when performing multiple crypto
attempts.
* ... Jim Pingle
07:03 PM Revision 5f3aa946: OpenVPN status incorrect TAP mode RA server+empty tunnel. Fixes #12884: Viktor Gurov
05:59 PM Revision 0d186018: Encode pftop output. Fixes #12915: Jim Pingle
04:50 PM Revision 9a36d901: Define dnsmasq upstream DNS via --server option. Fixes #12902: Viktor Gurov
04:49 PM Revision fc455333: Show SFP module details on status_interfaces.php. Implements #8861: Viktor Gurov
03:51 PM pfSense Packages Bug #12907: PIMD: Nonexistent interfaces should be hidden/disabled in pimd.conf before bringing up the service: I faced an issue similar to this with the Snort and Suricata packages some time back. I handled it there by always ch... Bill Meeks
10:02 AM pfSense Packages Bug #12907: PIMD: Nonexistent interfaces should be hidden/disabled in pimd.conf before bringing up the service: The base system has no way to scan/inform packages about an interface being removed, it's up to the admin to maintain... Jim Pingle
09:30 AM pfSense Packages Bug #12907: PIMD: Nonexistent interfaces should be hidden/disabled in pimd.conf before bringing up the service: Jim Pingle wrote in #note-1:
> PIMD has options to not behave that way.
>
> Sounds like what you really want is t... Pete Holzmann
08:26 AM pfSense Packages Bug #12907 (Feedback): PIMD: Nonexistent interfaces should be hidden/disabled in pimd.conf before bringing up the service: PIMD has options to not behave that way.
Sounds like what you really want is to have PIMD set to "Bind to None" an... Jim Pingle
03:40 PM Regression #12897: Attempting to decrypt an encrypted backup with the wrong password makes the GUI timeout: I took a slightly different approach since I wasn't a fan of the repetition of the cleanup code.
I also added a PHP ... Jim Pingle
03:27 AM Regression #12897: Attempting to decrypt an encrypted backup with the wrong password makes the GUI timeout: the clean of temp files lines are also maybe excessive. This can only occur if at the end, the GUI times out
Maybe I... Phil Wardt
03:17 AM Regression #12897: Attempting to decrypt an encrypted backup with the wrong password makes the GUI timeout: Jim Pingle wrote in #note-5:
>
> I did, and it worked as expected. It failed in a timely manner with the correct e... Phil Wardt
02:34 PM Feature #12092 (In Progress): Utilize new ``pfctl`` abilities to kill states: Adding basic functions here is pretty straightforward. It's easy enough to add a means to kill states created by a ru... Jim Pingle
02:29 PM pfSense Packages Feature #12918 (New): pfBlockerNG-devel changes from xmlrpc sync do not take effect immediately: When pfBlockerNG-devel syncs its settings (e.g. custom IPv4 list) to a secondary firewall, the settings on the second... Marcos M
01:54 PM pfSense Packages Bug #12917 (Resolved): LoopiaAPI changed: Any users using LoopiaAPI can't issue or renew certificates. This has been fixed upstream at the below link.
https... Christopher Cope
01:34 PM pfSense Packages Bug #12916 (New): pfBlockerNG-devel cron job does not trigger xmlrpc sync: Tested on pfSense 2.6.0 and pfBlockerNG-devel 3.1.0_1
pfBlockerNG-devel option "Enable Sync" with "Sync to host(s) d... Marcos M
01:10 PM Regression #12884 (Feedback): OpenVPN status display for TAP mode services shows peer-to-peer instead of client list in certain cases: Applied in changeset commit:5f3aa9464e9b9b8062faa47e7552552ff3841d92. Viktor Gurov
11:05 AM Regression #12884 (Pull Request Review): OpenVPN status display for TAP mode services shows peer-to-peer instead of client list in certain cases: Jim Pingle
12:10 PM Regression #12915 (Feedback): ``diag_pftop.php`` does not fully encode output: Applied in changeset commit:0d1860181f0660704b3e749bbb0a4c207ad68925. Jim Pingle
11:58 AM Regression #12915 (Confirmed): ``diag_pftop.php`` does not fully encode output: Jim Pingle
11:54 AM Regression #12915 (Resolved): ``diag_pftop.php`` does not fully encode output: diag_pftop.php shows rules without quoting "<>".... Grischa Zengel
11:01 AM pfSense Packages Bug #12912 (Feedback): ACME is failing to fully issue a new certificate: Fix merged, will be in ACME pkg v 0.7_4.
In the meantime, check the debug option on a certificate and it should wo... Jim Pingle
10:44 AM pfSense Packages Bug #12912 (Resolved): ACME is failing to fully issue a new certificate: Creating a new certificate in ACME is not working properly. The GUI output only shows that it generates the private k... Jim Pingle
11:00 AM Bug #12902 (Feedback): DNS Forwarder creates a loop when "Use local DNS, ignore remote DNS servers" is selected: Applied in changeset commit:9a36d90138b5230abeacd80162fca7c4937263de. Viktor Gurov
07:42 AM Bug #12902 (Pull Request Review): DNS Forwarder creates a loop when "Use local DNS, ignore remote DNS servers" is selected: Jim Pingle
11:00 AM Feature #8861 (Feedback): Show SFP module details on ``status_interfaces.php``: Applied in changeset commit:fc455333eedb53ce6fcad1db01d5a736467c997b. Viktor Gurov
10:58 AM pfSense Packages Bug #12670: ACME package writes credentials to system log: If we try this again as a debug option we must test this better, at a minimum:
* Creating a new account key should... Jim Pingle
10:44 AM pfSense Packages Bug #12670 (New): ACME package writes credentials to system log: The debug option added broke several things. It broke the ability to create account keys, and it is breaking new ACME... Jim Pingle
10:21 AM Feature #12687: Option to disable auto-addition of static routes for ``dpinger``: Flole Systems wrote in #note-16:
> Uhm, this PR gets rid of the entries in the routing table. If that's a problem th... Jim Pingle
10:16 AM Feature #12687: Option to disable auto-addition of static routes for ``dpinger``: Uhm, this PR gets rid of the entries in the routing table. If that's a problem then this shouldn't have been merged.
... Flole Systems
09:01 AM Feature #12687: Option to disable auto-addition of static routes for ``dpinger``: Flole Systems wrote in #note-14:
> dpinger binds itself to an interface, the routing table is never used since dping... Jim Pingle
08:55 AM Feature #12687: Option to disable auto-addition of static routes for ``dpinger``: dpinger binds itself to an interface, the routing table is never used since dpinger makes that decision. I am sometim... Flole Systems
08:45 AM Feature #12687: Option to disable auto-addition of static routes for ``dpinger``: #1 should definitely be in its own separate PR with its own feature request. I'm not sure that's viable even without ... Jim Pingle
07:53 AM Feature #12687: Option to disable auto-addition of static routes for ``dpinger``: @jimp I was going to open a new PR for the additional 2 changes:
1) allow same monitor IP to be used across multi... → luckman212
07:41 AM Feature #12687 (Pull Request Review): Option to disable auto-addition of static routes for ``dpinger``: Adding cleanup for routes when activating the option should probably get filed under a separate request, since this i... Jim Pingle
10:10 AM pfSense Docs Todo #12910 (Closed): Add warning to VTI and OpenVPN assignment docs about automatic default gateway: The docs for assigning VTI and OpenVPN interfaces could use a warning about automatic default gateway behavior, simil... Jim Pingle
08:28 AM pfSense Packages Feature #12909 (New): Convert Suricata GeoIP Lookup feature on ALERTS tab to use local GeoIP2 database: Convert the GeoIP lookup feature available on the ALERTS tab in the Suricata package to use the local GeoIP2 database... Bill Meeks
08:13 AM Bug #12906 (Rejected): services_dyndns_edit.php - syntax error: That isn't invalid syntax. It's OK to have a trailing comma on an array entry, and in some cases encouraged as it mak... Jim Pingle
08:05 AM Bug #12905: Add VLAN Re-assignment to Import Interface Mismatch Wizard: There is no "interface mismatch wizard" all it does is present the existing interface assignment screen. So however t... Jim Pingle
07:56 AM pfSense Docs Todo #12908 (Closed): Add notes to e-mail notification docs about Gmail App Passwords: Google is shutting down access to e-mail services with traditional username/password authentication for security reas... Jim Pingle
07:52 AM Feature #12903: alternative authentication methods for email notifications?: I can add a note in the documentation but adding a provider-specific note in the GUI doesn't seem like a good trend t... Jim Pingle
07:49 AM Regression #12904: Intel X500 series interfaces (ixgbe) show incoming errors in 2.6/22.01, whereas they did not in 2.5.2: On the thread the person reporting it says the value of @dev.ix.0.mac_stats.checksum_errs@ correlates to the very low... Jim Pingle
07:35 AM pfSense Packages Bug #12898 (Pull Request Review): Update HAProxy Backend to Latest LTS: They are still putting out 2.2.x releases and it's a smaller and therefore safer jump. If that is OK then after a whi... Jim Pingle
07:32 AM Bug #12901 (Needs Patch): DNS Forwarder refuses valid retries from clients in certain cases: That does sound like a problem inside dnsmasq itself. When they put that into a release and that release gets into po... Jim Pingle

03/06/2022

08:14 PM Bug #7347 (Closed): Config Sync - Breaks on null value: Tested on 22.01 and could not reproduce issue - likely already resolved; closing due to lack of feedback and age. Marcos M
06:37 PM Bug #11864 (Resolved): OpenVPN stays bound to previous IP address after interface changes: Tested on @22.05.a.20220227.0100@; working correctly now. Marcos M
05:41 PM pfSense Packages Feature #9833: ACME: add ability to use custom ACME server: Manny Tew wrote in #note-5:
> + 1 for this as well. This is critical for proper security in a homelab in 2021+ Inval... Manny Tew
05:30 PM pfSense Packages Bug #12907 (Feedback): PIMD: Nonexistent interfaces should be hidden/disabled in pimd.conf before bringing up the service: At this point, pimd is unaware of nonexistent interfaces. This can lead to a kernel panic.
(My case: I removed newly... Pete Holzmann
05:18 PM Regression #12884 (Feedback): OpenVPN status display for TAP mode services shows peer-to-peer instead of client list in certain cases: Feel free to test the following patch and let us know if it resolves your issue:... Marcos M
01:03 PM Bug #12906 (Rejected): services_dyndns_edit.php - syntax error: Syntax error:
https://github.com/pfsense/pfsense/blob/master/src/usr/local/www/services_dyndns_edit.php#L505 BBcan177 .
04:31 AM pfSense Packages Feature #11827: Please include acme deploy folder/scripts: +1 for this as well. Note, the certs seem to be stored in a non-standard acme.sh way under /conf/acme, so more work m... Simon Cosyd
02:16 AM Bug #12895: pfSense single interface upload speed bug: After testing for few days, finally got what is wrong with it. I have to run "pfctl -d" to disable pfsense firewall f... pf bug
01:28 AM pfSense Packages Bug #12898: Update HAProxy Backend to Latest LTS: Kris Phillips wrote in #note-2:
> Viktor Gurov wrote in #note-1:
> > HAProxy-devel is already 2.4 (2026-Q2 (LTS))
... Viktor Gurov

03/05/2022

11:47 PM pfSense Packages Bug #12844 (Resolved): Invalid title link in the apcupsd package dashboard widget: Viktor Gurov
02:47 PM pfSense Packages Bug #12844: Invalid title link in the apcupsd package dashboard widget: Patch works to correct Apcupsd widget link to status page - applied to 22.01 and 22.05.a.20220305.0600 Jordan G
08:46 PM Bug #12871: Some action buttons are always active for firewall rules, even if no rules are selected: The delete button being always available even without selection is present in 2.6/22.01 and 21.05.X/2.5.X. It does t... Kris Phillips
08:38 PM Bug #12905: Add VLAN Re-assignment to Import Interface Mismatch Wizard: Also important to note that this would greatly improve the current situation with importing configs with discrete int... Kris Phillips
08:31 PM Bug #12905 (New): Add VLAN Re-assignment to Import Interface Mismatch Wizard: Currently if an interface is assigned to an interface in an imported config, there is no way to re-assign the interfa... Kris Phillips
08:35 PM pfSense Packages Bug #11530: ntopng 4.2 needs to be updated to 4.3, Bug when accessing a host for details: Sish Kitane wrote in #note-4:
> I can reproduce this in VMs for both 2.5.2 and 2.6. I don't think the new 5.0 packag... Kris Phillips
08:27 PM pfSense Packages Bug #12898: Update HAProxy Backend to Latest LTS: Viktor Gurov wrote in #note-1:
> HAProxy-devel is already 2.4 (2026-Q2 (LTS))
>
> HAProxy-stable update to 2.2 ve... Kris Phillips
01:10 AM pfSense Packages Bug #12898: Update HAProxy Backend to Latest LTS: HAProxy-devel is already 2.4 (2026-Q2 (LTS))
HAProxy-stable update to 2.2 version (2025-Q2 (LTS)):
https://gitlab... Viktor Gurov
04:11 PM Bug #10784 (Closed): HA-sync with ssh keys: Unable to reproduce - tested on 22.01 by checking @/home/<user>/.ssh@ after:
* using default admin account to sync
... Marcos M
03:25 PM Bug #7841 (Closed): CARP Sync Issue - when no internet on standby: Tested on 22.01 following the same steps (blocked secondary node's IP address on upstream firewall). Config sync work... Marcos M
01:51 PM Revision 99196f13: Gateways edit page double content fix. Issue #12687: Viktor Gurov
01:34 PM Bug #12892 (Resolved): ``HTTPClient`` option not sent when using UEFI HTTP Boot: Tested against:... Danilo Zrenjanin
01:28 PM Feature #12392 (Resolved): Allow the selection of "any" interface in floating rules: tested 2.7.0.a.20220305.0600 (interface: any) no php error.
Alhusein Zawi
12:50 PM Bug #12876 (Resolved): Changing RAM disk size does not prompt to reboot: Tested against:... Danilo Zrenjanin
11:50 AM Feature #12903: alternative authentication methods for email notifications?: Jim Pingle wrote in #note-2:
> We can look into other ways to authenticate, but in the Gmail case it should still wo... gavin penney
09:43 AM Feature #12903: alternative authentication methods for email notifications?: We can look into other ways to authenticate, but in the Gmail case it should still work with App Passwords: https://s... Jim Pingle
01:15 AM Feature #12903: alternative authentication methods for email notifications?: oops, i meant to add the email from google, not that it matters that much.... gavin penney
10:48 AM Regression #12904 (Not a Bug): Intel X500 series interfaces (ixgbe) show incoming errors in 2.6/22.01, whereas they did not in 2.5.2: Notes as of the time of filing:
- Errors are only on incoming packets, not outgoing.
- All users reporting so far a... Chris W
10:43 AM Bug #12902 (New): DNS Forwarder creates a loop when "Use local DNS, ignore remote DNS servers" is selected: Confirmed
fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/657 Viktor Gurov
09:17 AM Bug #12902: DNS Forwarder creates a loop when "Use local DNS, ignore remote DNS servers" is selected: No.... Can you please just leave issues that you don't understand for someone else to take care of? Thanks. Or at lea... Flole Systems
09:09 AM Bug #12902: DNS Forwarder creates a loop when "Use local DNS, ignore remote DNS servers" is selected: Flole Systems wrote in #note-2:
> Why should this be related to DNS rebind protection? It happens for any query. Also... Viktor Gurov
04:58 AM Bug #12902: DNS Forwarder creates a loop when "Use local DNS, ignore remote DNS servers" is selected: Why should this be related to DNS rebind protection? It happens for any query. Also on my system DNS rebind protectio... Flole Systems
03:40 AM Bug #12902 (Not a Bug): DNS Forwarder creates a loop when "Use local DNS, ignore remote DNS servers" is selected: Your issue is related to DNS rebind protection,
please read https://docs.netgate.com/pfsense/en/latest/services/dns/... Viktor Gurov
10:42 AM Feature #12687: Option to disable auto-addition of static routes for ``dpinger``: Wow thanks, that was a fast response! I think you simply need to check if the option is set for the current gateway o... Flole Systems
10:23 AM Feature #12687: Option to disable auto-addition of static routes for ``dpinger``: @Flole Systems you're right that in theory you should be able to use the same monitor IP for multiple gateways after ... → luckman212
10:11 AM Feature #12687: Option to disable auto-addition of static routes for ``dpinger``: Also I tried to enable this option for all my Gateways now but the static routes are still there. So it looks like th... Flole Systems
10:02 AM Feature #12687: Option to disable auto-addition of static routes for ``dpinger``: With this change it should be possible to set the same monitor IP on multiple different gateways, right? The GUI isn'... Flole Systems
09:13 AM Feature #12687: Option to disable auto-addition of static routes for ``dpinger``: → luckman212 wrote in #note-5:
> Thanks Viktor! Ouch, I don't know how I missed that.
>
> I can't see the private... Viktor Gurov
09:03 AM Feature #12687: Option to disable auto-addition of static routes for ``dpinger``: Thanks Viktor! Ouch, I don't know how I missed that.
I can't see the private gitlab but I assume you just removed th... → luckman212
07:54 AM Feature #12687 (New): Option to disable auto-addition of static routes for ``dpinger``: after this merge, the "Gateway Edit Page" has double content
fix:
https://gitlab.netgate.com/pfSense/pfSense/-/me... Viktor Gurov
10:18 AM Bug #12852: Gateway which is forced as inactive does still trigger filter reloads: Maybe the UI is just misleading here: There is an option to disable the gateway monitoring action (which states that ... Flole Systems
09:52 AM Bug #12852: Gateway which is forced as inactive does still trigger filter reloads: I don't need support. I have fixed the issue for me by modifying /etc/rc.gateway_alarm (which by the way unconditiona... Flole Systems
09:07 AM Bug #12852 (Rejected): Gateway which is forced as inactive does still trigger filter reloads: Unable to reproduce this issue - "forced down" gate doesn't trigger filter reload (tested on 22.01/2.6/2.7)
Th... Viktor Gurov
08:19 AM Regression #12827: High latency and packet loss during a filter reload: Why is there any need for hashing? You want to compare rules if I understand that correctly, there's no need to hash ... Flole Systems
06:46 AM Regression #12827: High latency and packet loss during a filter reload: As a status update I added a red-black tree so that rules can be looked up cheaper. Pre-computed md5 hash is used as ... Mateusz Guzik
05:45 AM Feature #8365 (Resolved): Button to copy rules from one interface to another: Tested on the:... Danilo Zrenjanin
05:42 AM Regression #12897: Attempting to decrypt an encrypted backup with the wrong password makes the GUI timeout: And a full patch attached that I properly tested
It should be applied in place of https://redmine.pfsense.org/issues... Phil Wardt
03:50 AM Regression #12897: Attempting to decrypt an encrypted backup with the wrong password makes the GUI timeout: Jim Pingle wrote in #note-5:
> Phil Wardt wrote in #note-4:
> > please test it before merging, even if it looks prope... Phil Wardt
05:35 AM Bug #12896 (Resolved): ``HTTPClient`` option does not work for static mappings: Tested aginst:... Danilo Zrenjanin

03/04/2022

11:25 PM Feature #12903 (New): alternative authentication methods for email notifications?: i have been using gmail for years but they are disabling password only access to accounts.
since pfsense has only pa... gavin penney
08:40 PM Bug #12901: DNS Forwarder refuses valid retries from clients in certain cases: I believe the fix for this could be this patch which seems to be already merged upstream: https://thekelleys.org.uk/g... Flole Systems
06:44 PM Bug #12901 (Resolved): DNS Forwarder refuses valid retries from clients in certain cases: Since upgrading to 22.02 I noticed that some Windows clients are sometimes refusing to load websites. Looking at the ... Flole Systems
08:17 PM Revision dde642ca: Fix infinite CPU loop on failed restore: When restoring a backup with wrong password or a user custom iterations count different than 10k or 500k, GUI timed o... Phil Wardt
06:48 PM Bug #12902 (Resolved): DNS Forwarder creates a loop when "Use local DNS, ignore remote DNS servers" is selected: I am using the DNS Forwarder, I set up a few DNS Servers in System->General Settings. Also I selected "Use local DNS,... Flole Systems
02:46 PM Feature #2505 (Resolved): Toggle button to disable/enable multiple firewall rules: Tested successfully on... Christopher Cope
02:37 PM Revision bf9d32bf: Revert "captiveportal: fix ipfw rules": This reverts commit 9dac41af43a5b977a604098688776987c4f76722. Kristof Provost
02:34 PM Regression #12897: Attempting to decrypt an encrypted backup with the wrong password makes the GUI timeout: Phil Wardt wrote in #note-4:
> please test it before merging, even if it looks proper to me
I did, and it worked ... Jim Pingle
02:20 PM Regression #12897: Attempting to decrypt an encrypted backup with the wrong password makes the GUI timeout: Jim Pingle wrote in #note-3:
> Yep, I see it now, too. Good catch, thanks! I merged your PR, it will be in the next ... Phil Wardt
02:18 PM Regression #12897 (Feedback): Attempting to decrypt an encrypted backup with the wrong password makes the GUI timeout: Yep, I see it now, too. Good catch, thanks! I merged your PR, it will be in the next snapshot. Jim Pingle
02:11 PM Regression #12897: Attempting to decrypt an encrypted backup with the wrong password makes the GUI timeout: Jim Pingle wrote:
> Following the changes in #12556 attempting to decrypt an encrypted backup with the wrong password... Phil Wardt
11:21 AM Regression #12897 (Resolved): Attempting to decrypt an encrypted backup with the wrong password makes the GUI timeout: Following the changes in #12556 attempting to decrypt an encrypted backup with the wrong password makes the GUI timeo... Jim Pingle
02:19 PM Bug #12900: Clicking Save & Force Update on a Dynamic DNS entry results in a GUI timeout: It's not just CloudFlare, I'm seeing this on Namecheap as well. Jim Pingle
02:12 PM Bug #12900 (Duplicate): Clicking Save & Force Update on a Dynamic DNS entry results in a GUI timeout: When creating a new Cloudflare Dynamic DNS entry or saving and forcing an update nginx will timeout with 504. The upd... Max Leighton
02:19 PM Todo #12556: Comply with current iteration standards when encrypting and decrypting configuration files: Jim Pingle wrote in #note-18:
> Seems to OK here as well for backup/restore in the regular GUI page and ACB. A negat... Phil Wardt
11:22 AM Todo #12556 (Resolved): Comply with current iteration standards when encrypting and decrypting configuration files: Jim Pingle
11:14 AM Todo #12556: Comply with current iteration standards when encrypting and decrypting configuration files: Seems to OK here as well for backup/restore in the regular GUI page and ACB. A negative side effect seems to be that ... Jim Pingle
09:36 AM Todo #12556: Comply with current iteration standards when encrypting and decrypting configuration files: Jim Pingle wrote in #note-15:
> Changes merged. See commit:dd9b24e95cf90bb5d1c61a693aea3b98b746d539 . Will be in sna... Phil Wardt
01:46 PM Revision 5c5a7bc8: DHCPD HTTPClient option for static mappings. Fixes #12896: Viktor Gurov
01:29 PM Revision ed58094b: Merge pull request #4551 from luckman212/dpinger_dont_add_static_routes: Jim Pingle
01:28 PM Revision be33dc43: Merge pull request #4553 from luckman212/dashboard-hw-crypto-patch-1: Jim Pingle
01:25 PM Bug #12895: pfSense single interface upload speed bug: Just had more tests, tried the same setup with opnsense, which is also freebsd based is also facing the same issue. H... pf bug
08:03 AM Bug #12895: pfSense single interface upload speed bug: Thanks. If you are confirming this is working for everyone then it is good to know, this is because I was doing this ... pf bug
07:51 AM Bug #12895: pfSense single interface upload speed bug: It's not happening to anyone else but you. It's working fine for thousands of other people. If it's not a configurati... Jim Pingle
07:46 AM Bug #12895: pfSense single interface upload speed bug: I can't confirm if this is configuration problem but I don't think it is, this is because I have tried to mess around... pf bug
07:21 AM Bug #12895 (Rejected): pfSense single interface upload speed bug: Sounds like you have a configuration problem (like needing a lower MTU on WAN).
This site is not for support or di... Jim Pingle
01:22 PM pfSense Packages Bug #12899 (Resolved): Suricata doesn't honor Pass List: It sometimes blocks the hosts defined in the selected Pass List. No matter whether you used IP subnet or Alias under ... Danilo Zrenjanin
01:19 PM pfSense Packages Bug #12898 (Resolved): Update HAProxy Backend to Latest LTS: The version of HAProxy in stable is very old and due to be unsupported at the end of the year. We should really move... Kris Phillips
12:20 PM pfSense Packages Todo #12865: RRD Summary improvements: cherry-picked to 22.01/2.6 Viktor Gurov
07:51 AM pfSense Packages Todo #12865 (Feedback): RRD Summary improvements: Merged to 2.7/22.05:
https://github.com/pfsense/FreeBSD-ports/commit/fb702643e590f7545cbbaf5bd4e5060f9ab293cc Viktor Gurov
12:20 PM pfSense Packages Bug #12869: Bind DNS Package AAAA filtering Broken on new ZFS Installs: cherry-picked to 22.01/2.6 Viktor Gurov
08:04 AM pfSense Packages Bug #12869 (Feedback): Bind DNS Package AAAA filtering Broken on new ZFS Installs: Merged to 2.7/22.05:
https://github.com/pfsense/FreeBSD-ports/commit/a6943737bb6b2df2dcc050bd0db5ebf127be2df4 Viktor Gurov
11:08 AM Feature #12842 (Resolved): Retain descriptions when exporting and importing aliases: Tested successfully on... Christopher Cope
10:56 AM Feature #12773 (Closed): Ability to sort AutoConfigBackup entries: That's not possible because by default the list is sorted "naturally" and no arrow would indicate a valid state since... Jim Pingle
10:51 AM Feature #12773: Ability to sort AutoConfigBackup entries: Tested on... Christopher Cope
08:48 AM Bug #12579 (New): Utilize ``dnctl(8)`` to apply limiter changes without a filter reload: PHP changes:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/654 Viktor Gurov
05:01 AM Bug #12579 (Feedback): Utilize ``dnctl(8)`` to apply limiter changes without a filter reload: https://gitlab.netgate.com/pfSense/FreeBSD-src/-/merge_requests/57 has been merged. Kristof Provost
08:27 AM Regression #11316: Unbound crashes with signal 11 when reloading: I hate to bring up a sore point especially in a closed ticket, but this is _still_ happening for me on two up-to-date... Kevin Grelling
07:55 AM Bug #12896 (Feedback): ``HTTPClient`` option does not work for static mappings: Applied in changeset commit:5c5a7bc874be8228aceffae0b2436a2358aea577. Viktor Gurov
07:37 AM Bug #12896 (Pull Request Review): ``HTTPClient`` option does not work for static mappings: Jim Pingle
01:37 AM Bug #12896: ``HTTPClient`` option does not work for static mappings: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/652 Viktor Gurov
01:15 AM Bug #12896 (Resolved): ``HTTPClient`` option does not work for static mappings: The HTTPClient option works fine for interfaces and pools, but not for static mappings. Viktor Gurov
07:30 AM Feature #12687 (Feedback): Option to disable auto-addition of static routes for ``dpinger``: PR merged, thanks! Jim Pingle
07:30 AM Feature #12714 (Feedback): Show ``Inactive`` for Hardware Crypto output instead of empty field on System Information dashboard widget when nothing can be accelerated: PR merged, thanks! Jim Pingle
03:40 AM Revision dd965531: adds option to not auto-create static routes for dpinger (squashed): → luckman212
02:55 AM Revision 5cc9c9ed: minor display change, redmine #12714 (updated & squashed): → luckman212

03/03/2022

11:16 PM pfSense Packages Bug #12706: pfBlockerNG and unbound does not work after switching /var to RAM disk: This bug causes a delay in boot processing when the ramdisk option is enabled. If the option is disabled, no delay i... Loh Phat
10:17 PM Bug #12895: pfSense single interface upload speed bug: One more thing to mention, if I run OpenVPN on my PC and connect with some vpn services provider. The upload speed be... pf bug
10:11 PM Bug #12895 (Rejected): pfSense single interface upload speed bug: Reporting a very straightforward bug and it is easy to reproduce.
Tested on 2.4.X 2.5.X 2.6.0, I believe it is also ... pf bug
09:04 PM Revision 284878d7: DHCPD HTTPClient custom option. Fixes #12892: Viktor Gurov
08:27 PM Revision 225f86af: Modify CP rules to work on 22.01/2.6.0. Fixes #12834: Reid Linnemann
06:38 PM Revision dd9b24e9: Increase OpenSSL iterations. Issue #12556: When encrypting and decrypting content such as config.xml backups,
increase the default number of iterations used by ... Jim Pingle
04:19 PM Regression #12834: Only TCP traffic is passed outbound through IPFW: Excellent! I'm glad to know you are back up and running again. Thank you for the confirmation! Reid Linnemann
04:17 PM Regression #12834: Only TCP traffic is passed outbound through IPFW: Okay thats completely right. After rebooting everything works as expected. Thank you a lot for fixing this!
B P
04:01 PM Regression #12834: Only TCP traffic is passed outbound through IPFW: You will need to reboot so that all of the ipfw rules are reloaded, have you done so? Reid Linnemann
03:56 PM Regression #12834: Only TCP traffic is passed outbound through IPFW: Maybe i miss something, but after applying the patch i have no connectivity (from captive portal enabled interfaces) ... B P
03:18 PM Regression #12834: Only TCP traffic is passed outbound through IPFW: You can install the "System Patches package":https://docs.netgate.com/pfsense/en/latest/development/system-patches.ht... Jim Pingle
02:35 PM Regression #12834 (Feedback): Only TCP traffic is passed outbound through IPFW: Applied in changeset commit:225f86af947822e6bd6f816f6b8fa926c34fe857. Reid Linnemann
04:19 PM Todo #12556: Comply with current iteration standards when encrypting and decrypting configuration files: Jim Pingle wrote in #note-15:
> Changes merged. See commit:dd9b24e95cf90bb5d1c61a693aea3b98b746d539 . Will be in sna... Phil Wardt
12:51 PM Todo #12556 (Feedback): Comply with current iteration standards when encrypting and decrypting configuration files: Changes merged. See commit:dd9b24e95cf90bb5d1c61a693aea3b98b746d539 . Will be in snapshots tomorrow for testing. Jim Pingle
03:10 PM Bug #12892 (Feedback): ``HTTPClient`` option not sent when using UEFI HTTP Boot: Applied in changeset commit:284878d7d0a82503cf34c6a8983eaecb9e742769. Viktor Gurov
02:41 PM Bug #12892 (Pull Request Review): ``HTTPClient`` option not sent when using UEFI HTTP Boot: Jim Pingle
01:27 PM Bug #12892: ``HTTPClient`` option not sent when using UEFI HTTP Boot: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/650 Viktor Gurov
07:49 AM Bug #12892: ``HTTPClient`` option not sent when using UEFI HTTP Boot: Related forum thread: https://forum.netgate.com/post/1029319 Jim Pingle
07:47 AM Bug #12892 (Resolved): ``HTTPClient`` option not sent when using UEFI HTTP Boot: Hey thanks for adding support HTTP Boot from issue 11659. I couldn't make it work w/ my systems and notice from a pac... Ben Breard
02:51 PM Revision 15ae0ea0: Rename Copy to Paste. Implements #8365: Viktor Gurov
02:35 PM pfSense Plus Bug #12894: duplicating freshly created certificates through refreshing: You have to force your browser to resubmit the form when in that state. I'm not sure I'd classify that as a bug since... Jim Pingle
02:30 PM pfSense Plus Bug #12894 (New): duplicating freshly created certificates through refreshing: Version 22.01-Release FreeBSD 12.3-Stable
Bug: After successfully creating a certificate. The certificate gets dup... Van Quach
02:29 PM pfSense Packages Feature #12882: Add the option to specify CURLOPT_INTERFACE in pfBlockerNG IPv4/IPv6 lists: >Thanks for the contribution! Its appreciated!
Sure thing! This solves a big problem for me :-)
Your revisions ... Charles Hamilton
02:03 PM pfSense Packages Feature #12882: Add the option to specify CURLOPT_INTERFACE in pfBlockerNG IPv4/IPv6 lists: Great Thanks.
I have done some limited testing and it seems to be ok.
I made some minor formatting changes in ... BBcan177 .
07:46 AM pfSense Packages Feature #12882: Add the option to specify CURLOPT_INTERFACE in pfBlockerNG IPv4/IPv6 lists: Ok, all done! https://github.com/pfsense/FreeBSD-ports/pull/1146 Charles Hamilton
02:24 PM Revision 60c2ff12: Reboot prompt on RAM disk size change. Fixes #12876: Viktor Gurov
12:25 PM Bug #12893 (Not a Bug): Invalid source address of Unbound: It's not a bug, that traffic is being blocked outbound. Unbound sent a RST+ACK packet after the state from a previous... Jim Pingle
11:56 AM Bug #12893 (Not a Bug): Invalid source address of Unbound: I have noticed some bad traffic leaving with invalid source IP address, which i think it belongs to Unbound traffic.
... Samuel Hanna
09:01 AM pfSense Packages Bug #12891: Trailing space in Acme Account Keys "name" breaks UI functions: Commit: https://github.com/pfsense/FreeBSD-ports/commit/29bab84437fcdde206f205610d341302093fa4f3
Package update is... Jim Pingle
08:47 AM pfSense Packages Bug #12891 (Feedback): Trailing space in Acme Account Keys "name" breaks UI functions: Fix merged. Jim Pingle
08:39 AM pfSense Packages Bug #12891 (Pull Request Review): Trailing space in Acme Account Keys "name" breaks UI functions: This approach is a more comprehensive fix: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/193
Jim Pingle
08:25 AM pfSense Packages Bug #12891 (In Progress): Trailing space in Acme Account Keys "name" breaks UI functions: Jim Pingle
12:50 AM pfSense Packages Bug #12891: Trailing space in Acme Account Keys "name" breaks UI functions: fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/192 Viktor Gurov
09:00 AM Feature #8365 (Feedback): Button to copy rules from one interface to another: Applied in changeset commit:15ae0ea0c037af7f2667fc004d2696352a2ad97c. Viktor Gurov
08:26 AM Feature #8365 (Pull Request Review): Button to copy rules from one interface to another: Jim Pingle
03:33 AM Feature #8365 (New): Button to copy rules from one interface to another: Danilo Zrenjanin wrote in #note-8:
> Tested on the:
> [...]
>
> I can confirm that the functionality works as ex... Viktor Gurov
08:30 AM Bug #12876 (Feedback): Changing RAM disk size does not prompt to reboot: Applied in changeset commit:60c2ff124e5e547d110a99a14b5c920c0310634a. Viktor Gurov
12:53 AM pfSense Packages Feature #11531 (Feedback): Show netmap compatible cards in IPS Mode note: Merged Viktor Gurov
12:52 AM Feature #9877: QEMU Guest Agent: There is a feature request for the QEMU package:
https://redmine.pfsense.org/issues/12179 Viktor Gurov

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

04/01/2022

03/31/2022

03/30/2022

03/29/2022

03/28/2022

03/27/2022

03/26/2022

03/25/2022

03/24/2022

03/23/2022

03/22/2022

03/21/2022

03/20/2022

03/19/2022

03/18/2022

03/17/2022

03/16/2022

03/15/2022

03/14/2022

03/13/2022

03/12/2022

03/11/2022

03/10/2022

03/09/2022

03/08/2022

03/07/2022

03/06/2022

03/05/2022

03/04/2022

03/03/2022