Activity

30 days up to

User

Subprojects

Activity

From 03/22/2022 to 04/20/2022

04/20/2022

04:16 PM Regression #12183: Changing MAC address for PPP parent interface stopped working: Jim Pingle wrote in #note-5:
> Fernando Santos wrote in #note-4:
> > Jim Pingle wrote in #note-3:
> > > That page ... Fernando Santos
10:23 AM Regression #12183: Changing MAC address for PPP parent interface stopped working: Fernando Santos wrote in #note-4:
> Jim Pingle wrote in #note-3:
> > That page doesn't mention spoofing the MAC now... Jim Pingle
08:54 AM Regression #12183: Changing MAC address for PPP parent interface stopped working: Jim Pingle wrote in #note-3:
> That page doesn't mention spoofing the MAC now, and needing to spoof it with PPPoE is... Fernando Santos
02:46 PM Bug #13049 (Pull Request Review): Empty ``negate_networks`` table breaks policy routing rules: Marcos M
02:45 PM Bug #13049: Empty ``negate_networks`` table breaks policy routing rules: This introduces a significant delay to building the filter ruleset due to the introduction of @$vpns_list = filter_ge... Marcos M
02:43 PM Regression #13056: OpenVPN ``remote_cert_tls`` option does not behave correctly when enabled and later disabled: Viktor Gurov wrote in #note-7:
> Merged:
> https://github.com/pfsense/pfsense/commit/48cf54f850c5bf4fe26a8e33deb449... Thorsten Zitterell
09:24 AM Regression #13056: OpenVPN ``remote_cert_tls`` option does not behave correctly when enabled and later disabled: Michael Ruder wrote in #note-6:
> Works for me now as expected. I however noticed, that with the patch now in @confi... Viktor Gurov
09:22 AM Regression #13056 (Feedback): OpenVPN ``remote_cert_tls`` option does not behave correctly when enabled and later disabled: Merged:
https://github.com/pfsense/pfsense/commit/48cf54f850c5bf4fe26a8e33deb449807e71c204 Viktor Gurov
08:34 AM Regression #13056: OpenVPN ``remote_cert_tls`` option does not behave correctly when enabled and later disabled: Works for me now as expected. I however noticed, that with the patch now in @config.xml@ there is either @<remote_cer... Michael Ruder
07:44 AM Regression #13056 (New): OpenVPN ``remote_cert_tls`` option does not behave correctly when enabled and later disabled: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/733 Viktor Gurov
06:27 AM Regression #13056: OpenVPN ``remote_cert_tls`` option does not behave correctly when enabled and later disabled: I think this is a bug: Regardless of the newly introduced setting "Client Certificate Key Usage Validation", the @rem... Michael Ruder
02:31 PM Bug #13080 (Resolved): Cannot set EFI console as primary console when using both EFI and Serial: If a system is booting EFI it uses the console @efi@, whereas VGA uses @vidconsole@. When enabling the serial console... Jim Pingle
01:04 PM Revision 48cf54f8: OpenVPN Enforce key usage option fix. Issue #13056: Viktor Gurov
12:52 PM Revision 410cabc4: ddb.conf: log registers: When we crash also log the register values. They may contain useful
hints for debugging (especially if the unstripped... Kristof Provost
12:47 PM Revision 0b385c4e: Reload IPsec and OpenVPN on gateway IP or force_down option change. Issue #13076: Viktor Gurov
12:47 PM pfSense Docs Correction #13079 (Closed): Add WireGuard docs rewrites: Merged and deployed. Jim Pingle
12:44 PM pfSense Docs Correction #13079 (Closed): Add WireGuard docs rewrites: https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/35 Christian McDonald
12:46 PM Revision fcfa177b: NPT manual prefix fix. Issue #13070: Viktor Gurov
12:46 PM Revision bc68ed41: Send packages reload event on interface change. Issue #13064: Viktor Gurov
12:38 PM Bug #13078 (Not a Bug): Firewall schedules appear to ignore "month" field: pfSense 2.6.0-REL. The month field in firewall schedules appears to be totally ignored.
Reproduction:
Enter som... Stilez y
11:02 AM pfSense Packages Bug #10426 (Feedback): Filer must validate that File name is uniq: Fix merged. Christopher Cope
09:26 AM Regression #13064 (Feedback): Crash Report after saving any Interface configuration change: Merged:
https://github.com/pfsense/pfsense/commit/bc68ed41a9606a1bf88611a8d601f4d06aa3ec8a Viktor Gurov
07:25 AM Regression #13064 (Pull Request Review): Crash Report after saving any Interface configuration change: Jim Pingle
01:18 AM Regression #13064: Crash Report after saving any Interface configuration change: Marcos Mendoza wrote in #note-6:
> Edit: Bad test before. Still receiving the error after applying the patch:
> > F... Viktor Gurov
09:26 AM Feature #13070 (Feedback): Allow auto prefix with manual prefix-length in NPt: Merged:
https://github.com/pfsense/pfsense/commit/fcfa177bf11b2638c14a5f60526a657c63e0d308 Viktor Gurov
09:23 AM Feature #13070: Allow auto prefix with manual prefix-length in NPt: Applied patch and switched to /64 and it's looking good now. So it was the manual rule that was broken before and the... Marcos M
07:25 AM Feature #13070 (Pull Request Review): Allow auto prefix with manual prefix-length in NPt: Jim Pingle
01:43 AM Feature #13070: Allow auto prefix with manual prefix-length in NPt: Marcos Mendoza wrote in #note-6:
> The PD prefix changed so I tested this further. There's an issue currently; as is... Viktor Gurov
09:25 AM Bug #13076 (Feedback): Marking a gateway as down does not affect IPsec entries using gateway groups: Merged:
https://github.com/pfsense/pfsense/commit/0b385c4e183611a76a5a232f439564fcfe37d63f Viktor Gurov
08:52 AM Bug #13076: Marking a gateway as down does not affect IPsec entries using gateway groups: Updating the title to reflect the actual issue. Marcos M
07:26 AM Bug #13076 (Pull Request Review): Marking a gateway as down does not affect IPsec entries using gateway groups: Jim Pingle
03:00 AM Bug #13076: Marking a gateway as down does not affect IPsec entries using gateway groups: > Going into the gateway config and enabling Mark Gateway as Down will make the gateway show as Offline (Forced) unde... Viktor Gurov
09:21 AM Regression #12937 (Feedback): Traffic Shaper wizard can produce an invalid ruleset when configured with an IPv4 upstream SIP server: Merged:
https://github.com/pfsense/pfsense/commit/7d31047a38979d685a5a467d382201c317a69869 Viktor Gurov
07:24 AM Regression #12937 (Pull Request Review): Traffic Shaper wizard can produce an invalid ruleset when configured with an IPv4 upstream SIP server: Jim Pingle
01:14 AM Regression #12937: Traffic Shaper wizard can produce an invalid ruleset when configured with an IPv4 upstream SIP server: Marcos Mendoza wrote in #note-18:
> The VOIP rules were created with the @Any@ interface. However, this error is bac... Viktor Gurov
08:03 AM Bug #13077 (Duplicate): remote-cert-tls client set in configuration regardless of Client Certificate Key Usage Validation option (after server restart only!): Duplicate of #13056 Viktor Gurov
07:41 AM Bug #13077 (Rejected): remote-cert-tls client set in configuration regardless of Client Certificate Key Usage Validation option (after server restart only!): There is no code that treats that option differently in the way you describe and I cannot reproduce this as stated. Y... Jim Pingle
06:30 AM Bug #13077 (Duplicate): remote-cert-tls client set in configuration regardless of Client Certificate Key Usage Validation option (after server restart only!): Regardless of the newly introduced setting "Client Certificate Key Usage Validation", the @remote-cert-tls client@ en... Michael Ruder
07:17 AM pfSense Plus Bug #13075 (Duplicate): Netgate 2100 IPsec S2S AES GCM and SafeXcel mbuf overload: Duplicate of #13074 Jim Pingle
06:13 AM Revision 7d31047a: Traffic Shaper Wizard ipprotocol fix. Issue #12937: Viktor Gurov

04/19/2022

09:11 PM Bug #13076: Marking a gateway as down does not affect IPsec entries using gateway groups: Restarting dpinger does not change the behavior - it still runs and packet loss stays at 0. Forcing it as down will a... Marcos M
09:02 PM Bug #13076 (Resolved): Marking a gateway as down does not affect IPsec entries using gateway groups: Tested on @22.05.a.20220419.0600@ and @22.01@.
Going into the gateway config and enabling @Mark Gateway as Down@ w... Marcos M
08:19 PM Bug #13069 (Resolved): Input validation for IPv6 addresses allows invalid address compression in some cases: Marcos M
08:09 PM Regression #12937 (New): Traffic Shaper wizard can produce an invalid ruleset when configured with an IPv4 upstream SIP server: The VOIP rules were created with the @Any@ interface. However, this error is back now:
> There were error(s) loadin... Marcos M
06:48 PM Bug #12763 (Resolved): VTI gateway status stuck as "pending" after reboot: Tested on 22.01 with both patches applied and on @22.05.a.20220419.0600@ with the second patch applied. The FQDN gate... Marcos M
10:20 AM Bug #12763 (Feedback): VTI gateway status stuck as "pending" after reboot: Applied in changeset commit:a41488ff8d8c7647dd93a20fb4d4e3ebd52c175f. Viktor Gurov
10:10 AM Bug #12763 (Pull Request Review): VTI gateway status stuck as "pending" after reboot: Jim Pingle
09:32 AM Bug #12763: VTI gateway status stuck as "pending" after reboot: Marcos Mendoza wrote in #note-10:
> Tested on @22.05.a.20220417.0600@. The FQDN VTI gateway remains pending after re... Viktor Gurov
05:38 PM pfSense Packages Bug #12933: Vulnerability in ClamAV Engine Used by Squid: Are there any updates on when this might be addressed? We are required to contact the "vendor" every 30 days to requ... Derek Andree
04:47 PM pfSense Plus Bug #13075 (Duplicate): Netgate 2100 IPsec S2S AES GCM and SafeXcel mbuf overload: Hello everyone,
i run into a mbuf overload after change the S2S Setting (Netgate 6100 – 2100) from AES256 to AES128-... Dennis H
04:05 PM Bug #12900: Clicking Save & Force Update on a Dynamic DNS entry results in a GUI timeout: Confirmed this is happening with 22.01 as well. Unclear if it is updating the record as well, but receiving the 504 e... Ryan Coleman
03:52 PM Revision 2d82d2e3: Restart L2TP VPN on interface IP change. Fixes #13066: Viktor Gurov
02:31 PM Revision a41488ff: Restart dpinger on boot if IPsec PH1 remote gateway is FQDN and PH2 mode is VTI. Fixes #12763: Viktor Gurov
01:25 PM Regression #13064 (Confirmed): Crash Report after saving any Interface configuration change: Marcos M
01:19 PM Regression #13064 (Resolved): Crash Report after saving any Interface configuration change: Edit: Bad test before. Still receiving the error after applying the patch:
> Fatal error: Uncaught Error: Call to und... Marcos M
01:16 PM Feature #13070: Allow auto prefix with manual prefix-length in NPt: The PD prefix changed so I tested this further. There's an issue currently; as is, a manual rule behaves differently ... Marcos M
12:24 PM pfSense Packages Feature #13063 (Feedback): Improve modem support: PR has been merged. Thanks! Viktor Gurov
12:14 PM pfSense Plus Bug #13074: AES-GCM with SafeXcel on Netgate 2100 causes MBUF overload: Reverting to AES-CBC with SHA384 in P1 and P2 works perfectly, even with SafeXcel enabled. Only seems to apply to AES... Chris S
12:10 PM pfSense Plus Bug #13074 (New): AES-GCM with SafeXcel on Netgate 2100 causes MBUF overload: Running IPSec tunnels on a Netgate 2100 with AES-GCM and SafeXcel enabled seem to cause an MBUF overload requiring a ... Chris S
11:00 AM Bug #13066 (Feedback): L2TP MPD configuration is not updated when a dynamic WAN IP address changes: Applied in changeset commit:2d82d2e37a6c0042a7afd74752d8a4fe3df3936d. Viktor Gurov
09:17 AM Regression #12827: High latency and packet loss during a filter reload: Mateusz Guzik wrote in #note-21:
> Huh, apologies for lack of updates.
>
> The issue is largely fixed for over 3 wee... Marcos M
04:55 AM Regression #12827: High latency and packet loss during a filter reload: Mateusz Guzik wrote in #note-21:
> Huh, apologies for lack of updates.
>
> The issue is largely fixed for over 3 ... Kevin Bentlage
04:24 AM Regression #12827: High latency and packet loss during a filter reload: Huh, apologies for lack of updates.
The issue is largely fixed for over 3 weeks now in the snapshots. If you can't i... Mateusz Guzik
03:15 AM Regression #12827: High latency and packet loss during a filter reload: Any updates on this? Kevin Bentlage
07:32 AM Feature #13072 (Pull Request Review): Matching background/font colors of queue values with dark theme.: Jim Pingle
05:38 AM pfSense Packages Bug #13073 (New): ClamAV - clamd dies with high CPU load and thus the C-ICAP of squid-reverse proxy causes http:500 errors: ClamAV - clamd dies with high CPU load and thus the C-ICAP of squid-reverse proxy causes http:500 errors
user-ag... Konrad Lanz

04/18/2022

08:28 PM Revision 303c51fc: Allow auto prefix with manual prefix-length in NPT. Implements #13070: Viktor Gurov
07:21 PM Revision 888646db: Ensure same type comparison. Fixes #13059: Marcos M
06:03 PM Feature #13072: Matching background/font colors of queue values with dark theme.: https://github.com/pfsense/pfsense/pull/4571 Zedful ☺
05:45 PM Feature #13072 (Pull Request Review): Matching background/font colors of queue values with dark theme.: Zedful ☺
06:02 PM Revision 08219be9: Fix IPsec SAD delete. Fixes #13071: Jim Pingle
03:36 PM Revision 810f1026: Do not restart IPv4 OpenVPN on IPv6 gateway events and vice versa. Fixes #13061: Viktor Gurov
03:35 PM Feature #13070 (Feedback): Allow auto prefix with manual prefix-length in NPt: Applied in changeset commit:303c51fc2351300c3b5586bea0b885ada6a3f3e5. Viktor Gurov
02:42 PM Feature #13070: Allow auto prefix with manual prefix-length in NPt: Thank you very much!! I'll have to wait for the dynamic prefix to change from the ISP to see how that goes, but testi... Marcos M
02:28 PM Feature #13070 (Pull Request Review): Allow auto prefix with manual prefix-length in NPt: Jim Pingle
02:20 PM Feature #13070: Allow auto prefix with manual prefix-length in NPt: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/726 Viktor Gurov
11:53 AM Feature #13070 (Resolved): Allow auto prefix with manual prefix-length in NPt: The current NPt functionality in 22.05 does not allow for overriding the prefix-length of an automatically tracked in... Marcos M
03:12 PM Revision 8a89c115: Reject multiple IPv6 compressions. Fixes #13069: Having :: in an IPv6 address more than once is not valid, even if it
expands to an unambiguous result. Jim Pingle
02:30 PM Regression #13059 (Feedback): Error when saving changes to a disabled OpenVPN client: Applied in changeset commit:888646db3ec871b014b16af5b4fbb2aced4693c3. Marcos M
01:47 PM Revision ac0c9910: Traffic Shaper Wizard VOIP rules fix. Issue #12937: Viktor Gurov
01:15 PM Bug #13071 (Feedback): Delete function for IPsec SAD entries on ``status_ipsec_sad.php`` does not work: Applied in changeset commit:08219be9c56250f998585a7aec7539efbe933952. Jim Pingle
01:04 PM Bug #13071 (Pull Request Review): Delete function for IPsec SAD entries on ``status_ipsec_sad.php`` does not work: MR to fix it: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/725 Jim Pingle
01:02 PM Bug #13071 (Resolved): Delete function for IPsec SAD entries on ``status_ipsec_sad.php`` does not work: The delete function for IPsec SAD entries on @status_ipsec_sad.php@ is not working due to a misplaced @usepost@ attri... Jim Pingle
12:07 PM Bug #13065: Domain override for home.arpa not working: Please keep the discussion on the forum -- this is not a platform for support. Jim Pingle
12:00 PM Bug #13065: Domain override for home.arpa not working: Can I provide logs here so they can be looked at and to start reproducing the issue on your end? I really don't have ... Kevin Mychal Ong
11:30 AM Bug #13065: Domain override for home.arpa not working: That's what I thought, which is why I was pretty convinced this is a "bug". I've exhausted all troubleshooting that I... Kevin Mychal Ong
11:17 AM Bug #13065: Domain override for home.arpa not working: There is no special handling for home.arpa except when the firewall's own domain is set to home.arpa -- the only plac... Jim Pingle
11:07 AM Bug #13065: Domain override for home.arpa not working: Yes, I know what you're sayingand they do match with the site's domain. There is 100% no conflict. The pfsense dhcp s... Kevin Mychal Ong
11:03 AM Bug #13065: Domain override for home.arpa not working: Check the *Domain* under *System > General Setup* , that should match whatever the domain for the site is, if it's @h... Jim Pingle
10:58 AM Bug #13065: Domain override for home.arpa not working: Jim,I'm not sure what you mean. All three of my sites are on their own local domain (not subdomain).
Site 1 = home.a... Kevin Mychal Ong
08:11 AM Bug #13065 (Not a Bug): Domain override for home.arpa not working: This is a settings issue, not a bug. Your firewall is almost certainly still set at the default hostname+domain of @p... Jim Pingle
11:10 AM Bug #11764: IPv6 link local gateway default status not indicated in GUI: Viktor Gurov wrote in #note-9:
> Daryl Morse wrote in #note-7:
> > I was running 2.7.0-dev up to around mid-January... Daryl Morse
10:50 AM Bug #13061 (Feedback): Gateway events for IPv6 affect IPv4 OpenVPN instances and vice versa: Applied in changeset commit:810f1026a07e75f8f582f85c5f6a63450b2d8a8e. Viktor Gurov
07:57 AM Bug #13061 (Pull Request Review): Gateway events for IPv6 affect IPv4 OpenVPN instances and vice versa: Jim Pingle
10:40 AM Bug #13069 (Feedback): Input validation for IPv6 addresses allows invalid address compression in some cases: Applied in changeset commit:8a89c11574e9db83b7cc5e11f2e83d40f42cf614. Jim Pingle
10:27 AM Bug #13069: Input validation for IPv6 addresses allows invalid address compression in some cases: Tested with the IP that broke it previously in different places e.g. alias, interface, vip, freeradius. All worked (r... Marcos M
10:15 AM Bug #13069 (Pull Request Review): Input validation for IPv6 addresses allows invalid address compression in some cases: MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/724
With the change in the MR, the results are as ... Jim Pingle
10:11 AM Bug #13069 (In Progress): Input validation for IPv6 addresses allows invalid address compression in some cases: Jim Pingle
09:52 AM Bug #13069 (Confirmed): Input validation for IPv6 addresses allows invalid address compression in some cases: Marcos sent me a different IPv6 string directly and that does validate when it should not, which I then used to check... Jim Pingle
08:18 AM Bug #13069: Input validation for IPv6 addresses allows invalid address compression in some cases: Same here, validation works fine in places I've tried it (e.g. alias content)
We will need a list of *specific* pa... Jim Pingle
06:15 AM Bug #13069 (Feedback): Input validation for IPv6 addresses allows invalid address compression in some cases: unable to reproduce - @is_ipaddrv6('fc00::5::1')@ returns false Viktor Gurov
10:35 AM Revision ef9522c6: Include pkg-utils.inc to interfaces.php. Fixes #13064: Viktor Gurov
09:10 AM Regression #12937: Traffic Shaper wizard can produce an invalid ruleset when configured with an IPv4 upstream SIP server: Is this at all related to https://redmine.pfsense.org/issues/13026 ? I am eager to have limiters working again on 22.... → luckman212
08:57 AM Regression #12937 (Feedback): Traffic Shaper wizard can produce an invalid ruleset when configured with an IPv4 upstream SIP server: Merged:
https://github.com/pfsense/pfsense/commit/ac0c991083b910d82fcc52ceb52718f5bc40d4de Viktor Gurov
08:20 AM Regression #12937 (Pull Request Review): Traffic Shaper wizard can produce an invalid ruleset when configured with an IPv4 upstream SIP server: Jim Pingle
07:39 AM Regression #12937 (New): Traffic Shaper wizard can produce an invalid ruleset when configured with an IPv4 upstream SIP server: Marcos Mendoza wrote in #note-13:
> Everything works except for:
> > Floating rules without a specific interface sh... Viktor Gurov
08:55 AM Regression #13064 (Feedback): Crash Report after saving any Interface configuration change: Applied in changeset commit:ef9522c62f79845432d47a7fe1e735373ec72a2e. Viktor Gurov
08:15 AM Regression #13064 (Pull Request Review): Crash Report after saving any Interface configuration change: Jim Pingle
05:36 AM Regression #13064: Crash Report after saving any Interface configuration change: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/722 Viktor Gurov
08:14 AM Bug #13066 (Pull Request Review): L2TP MPD configuration is not updated when a dynamic WAN IP address changes: Jim Pingle
05:29 AM Bug #13066: L2TP MPD configuration is not updated when a dynamic WAN IP address changes: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/721 Viktor Gurov
08:13 AM Feature #12714 (Resolved): Show ``Inactive`` for Hardware Crypto output instead of empty field on System Information dashboard widget when nothing can be accelerated: Jim Pingle
08:13 AM Feature #13023 (Resolved): DNS Resolver option to keep probing when servers are down: Jim Pingle
08:07 AM Feature #13010 (Resolved): Option to retain the existing serial number when renewing a CA or certificate: Christopher Cope wrote in #note-7:
> Tested on
> [...]
>
> and it works, but it doesn't prevent the user from re... Jim Pingle
08:06 AM pfSense Packages Feature #13063 (Pull Request Review): Improve modem support: Jim Pingle
08:02 AM Bug #13062 (Not a Bug): Interface Mistmatch on Hyper V: That is likely an issue in your hypervisor configuration or potentially something that needs adjusted in your setting... Jim Pingle
08:00 AM pfSense Packages Bug #10426 (Pull Request Review): Filer must validate that File name is uniq: Jim Pingle
05:32 AM pfSense Packages Feature #11531 (Resolved): Show netmap compatible cards in IPS Mode note: accidentally deleted comment from Jordan Green:
on pfSense + 22.05.a.20220416.0747/Suricata 6.0.4_1 warning now di... Viktor Gurov

04/17/2022

09:11 PM Bug #13069 (Resolved): Input validation for IPv6 addresses allows invalid address compression in some cases: Tested on @22.05.a.20220412.0600@.
There is no input validation for IPv6 addresses with multiple instances of the ... Marcos M
08:55 PM Bug #13068 (Resolved): Firewall rules fail to load when a URL table alias file does not exist: If the firewall is unable to fetch the contents of a @URL Table (IPs)@ alias that did not previously exist, PF will f... Marcos M
07:45 PM Bug #13067 (Resolved): Resolve interval for ``filterdns`` may not match the configured value: Tested on @22.05.a.20220417.0600@.
Tested with the feature from:
https://redmine.pfsense.org/issues/13057
The ... Marcos M
07:41 PM Feature #13057: GUI option for IPsec ``dns-interval`` setting: Tested on @22.05.a.20220417.0600@.
The interval is added correctly:
> root 62793 0.0 0.3 12140 2784 - Is ... Marcos M
06:08 PM Bug #12763 (Confirmed): VTI gateway status stuck as "pending" after reboot: Tested on @22.05.a.20220417.0600@. The FQDN VTI gateway remains pending after reboot. Marcos M
05:52 PM Feature #12714: Show ``Inactive`` for Hardware Crypto output instead of empty field on System Information dashboard widget when nothing can be accelerated: Hardware crypto on the dashboard shows "Inactive" if AES-NI is disabled and the accelerated algorithms if it is activ... Chris Linstruth
05:49 PM Regression #12937: Traffic Shaper wizard can produce an invalid ruleset when configured with an IPv4 upstream SIP server: Everything works except for:
> Floating rules without a specific interface should be created with the Any interface ... Marcos M
05:41 PM Feature #13023: DNS Resolver option to keep probing when servers are down: After updating to today's snapshot:
1. The Keep probing advanced option was present
2. The Keep probing advanced ... Chris Linstruth
04:06 PM Feature #4881: Allow NPt to use dynamic IPv6 networks: I've seen the following from ISPs, both of which have some caveats in the current 22.05 NPt implementation:
*Dynamic... Marcos M
04:04 PM Feature #4881: Allow NPt to use dynamic IPv6 networks: L J wrote in #note-30:
> It is also not working to assign the ULA with a virtual IP to the LAN interface because the... Marcos M
11:31 AM pfSense Plus Bug #12974: Typing anything into 1100/2100 recovery installer causes process to stop: Kris Phillips wrote in #note-3:
> Ryan Coleman wrote in #note-2:
> > Kris Phillips wrote in #note-1:
> > > I'm no... Ryan Coleman
05:45 AM Bug #13066 (Resolved): L2TP MPD configuration is not updated when a dynamic WAN IP address changes: After an provider based change of the WAN IP the L2TP server is still listening on the OLD WAN IP.
The IP changed ... Nico Schmidt

04/16/2022

06:08 PM Bug #11416 (Resolved): OpenVPN IPv4 Tunnel Network incorrectly allows hostnames: Fixed
the host address will be changed to be the the network address in IPv4 Tunnel Network.
I entered 10.0.8... Alhusein Zawi
05:31 PM Bug #13055 (Resolved): The ``negate_networks`` table is not updated when an OpenVPN server is deleted: Alhusein Zawi
05:29 PM Bug #13055: The ``negate_networks`` table is not updated when an OpenVPN server is deleted: fixed
negate_networks table deleted openvpnnetwork without filter reload or rebooting.
2.7.0.a.20220416.06... Alhusein Zawi
11:49 AM Bug #13065 (Not a Bug): Domain override for home.arpa not working: When I setup a domain override for home.arpa to use the DNS Resolver on the remote wireguard node, unbound does not e... Kevin Mychal Ong
09:14 AM Bug #12870: Clicking Save & Force Update on a Dynamic DNS entry results in a GUI timeout: Logs is the same reply from Danilo Zrẹnanin. Please check ! Hong Duong Pham
08:37 AM Bug #12750 (Resolved): Input validation prevents configuring wildcard Dynamic DNS records on GoDaddy: Tested on the version below:... Danilo Zrenjanin
05:07 AM pfSense Packages Feature #13063: Improve modem support: https://github.com/pfsense/FreeBSD-ports/pull/1159 Konstantinos Kondylis
02:27 AM pfSense Packages Feature #13063 (Resolved): Improve modem support: Cellular package currently supports two Huawei modems and Simcom.
It creates symbolic links for data and control por... Konstantinos Kondylis
04:51 AM pfSense Packages Bug #12739 (Resolved): Passlist generates invalid Virtual IP subnets: Tested against:... Danilo Zrenjanin
04:15 AM Bug #12763: VTI gateway status stuck as "pending" after reboot: Tested the patch against the version below:... Danilo Zrenjanin
03:18 AM Bug #12790 (Resolved): Link-Local IPv6 address on WAN with MAC spoofing changes if there is an IP Alias on WAN: Tested with version below:... Danilo Zrenjanin
02:55 AM Regression #13064 (Resolved): Crash Report after saving any Interface configuration change: ... Danilo Zrenjanin

04/15/2022

08:40 PM Bug #12878: Traffic shaping by interface, route queue bandwidth inbound, out by a large factor.: Blake,
What model of device are you running? The redmine is stated it's for arm64. What type of NICs? Can you p... Kris Phillips
08:38 PM Bug #12870: Clicking Save & Force Update on a Dynamic DNS entry results in a GUI timeout: Hong Duong Pham wrote in #note-5:
> But when you disconnect the converter or renew the public IP, the IP was not upd... Kris Phillips
08:35 PM pfSense Plus Bug #12974: Typing anything into 1100/2100 recovery installer causes process to stop: Ryan Coleman wrote in #note-2:
> Kris Phillips wrote in #note-1:
> > I'm not able to reproduce this. What serial ... Kris Phillips
08:29 PM Bug #13014: Deadlock in Charon VICI interface: Someone with this issue:
If you could please run:
ps aux | grep charon
Output should look something like this... Kris Phillips
06:44 PM Bug #13062 (Not a Bug): Interface Mistmatch on Hyper V: Hello,
I just did the ugprade to 2.6.0 and received the error "Network Interface mismatch". It looks like it cant ... Brad Sterner
06:03 PM pfSense Packages Bug #10426: Filer must validate that File name is uniq: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/214 Christopher Cope
05:26 PM Feature #13057 (Resolved): GUI option for IPsec ``dns-interval`` setting: "FQDN Endpoints Resolve Interval" is added to IPsec Advanced Settings
2.7.0.a.20220415.0600
Alhusein Zawi
02:54 PM pfSense Packages Bug #12338: RRD Summary does not report data on 3100: Same issue on a 3100 Alan Wilson
12:50 PM Bug #12794 (Resolved): Link-local address does not reset after removing MAC address spoofing: Tested against:... Danilo Zrenjanin
12:37 PM Feature #13010: Option to retain the existing serial number when renewing a CA or certificate: Tested on... Christopher Cope
11:16 AM pfSense Packages Feature #12795 (Resolved): Add *.pfsense.org and *.netgate.com to the default DNSBL whitelist: Tested on 3.1.0_4
in... Christopher Cope
01:52 AM Bug #3132: Gateway events for IPv6 affect IPv4 services and vice versa: OpenVPN redmine issue: #13061 Viktor Gurov
01:52 AM Bug #13061: Gateway events for IPv6 affect IPv4 OpenVPN instances and vice versa: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/720 Viktor Gurov
01:36 AM Bug #13061 (Resolved): Gateway events for IPv6 affect IPv4 OpenVPN instances and vice versa: When a gateway of a specific type has an event, OpenVPN instaces on the interface are restarted, rather than just tho... Viktor Gurov

04/10/2022

05:52 PM Bug #13014: Deadlock in Charon VICI interface: Hi. I get the same error.
See below the IPSecs logs with the highest verbosity level:... Pierre-Emmanuel DEGRYSE
04:49 PM Bug #13040: Build failed pfsense source code: https://pastebin.com/SZBL5pkL Martin Filla
04:47 PM Bug #13040 (Rejected): Build failed pfsense source code: Hi,
i take pfsense devel branch devel-12 and build with this result
ESC[0;1;32m ~~~~~ ^
ESC[0mESC[1m/usr/... Martin Filla
04:36 PM Regression #12937 (New): Traffic Shaper wizard can produce an invalid ruleset when configured with an IPv4 upstream SIP server: Marcos M
04:36 PM Regression #12937: Traffic Shaper wizard can produce an invalid ruleset when configured with an IPv4 upstream SIP server: Tested on @22.05.a.20220410.0600@.
There are still places where it fails:
> There were error(s) loading the rules... Marcos M
01:17 PM Bug #12900: Clicking Save & Force Update on a Dynamic DNS entry results in a GUI timeout: Tested on @22.05.a.20220402.0600@; got a 504 timeout with @Cloudflare@, but not with @HE.net Tunnelbroker@. Marcos M
11:03 AM pfSense Packages Feature #13039 (New): Handle transit gateway VPNs in the AWS VPN wizard: I think the AWS VPN Wizard should not only handle VPC VPN connections, but also attachements to a transit gateway, fr... Soeren Malchow
10:36 AM pfSense Packages Bug #12924: DNS Resolver WireGuard ACL Inconsistency: Hey Christian. Were you able to recreate this problem already? Kevin Mychal Ong
02:54 AM pfSense Plus Feature #12524: OpenSSL QAT Engine: This not only accelerate OpenVPN, but also HAproxy as well.
Now at the moment as qat not loaded in openssl adding:
<... DRago_Angel [InV@DER]

04/09/2022

07:31 PM pfSense Docs Correction #12994: Note in 4100 platform page refers to the 7100: All three pages currently show only the 4100:
https://docs.netgate.com/pfsense/en/latest/solutions/netgate-4100/rein... Chris W
07:27 PM Bug #13012: NAT Reflection generates duplicate rules when internal interface contains multiple VIPs in the same subnet: LAN has 3 VIPs:
em1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500

inet 192.168.1.1 ... Alhusein Zawi
05:50 PM Feature #13023: DNS Resolver option to keep probing when servers are down: running 22.05.a.20220409.0600 the option for "Keep probing servers that are down" was default selected in Services>DN... Jordan G
05:46 PM Bug #12950: OpenVPN as default gateway does not get set at boot time: It appears that some states can get established out the default GW on boot as well. I have a OpenVPN client and have... Kris Phillips
05:37 PM Bug #13003: Malicious Driver Detection event on ``ixl(4)`` driver: I saw this occur on a 7100 that had two bridged ixl interfaces for an add in card on 21.05.2, so it may affect basica... Kris Phillips
05:23 PM Bug #13038: Auto Configuration Backup fails when set to automatically backup on every configuration change.: I can reproduce this, but I'm also unable to use the Backup Now option. It queues the task, but then never actually ... Kris Phillips
01:34 PM Bug #13038 (Closed): Auto Configuration Backup fails when set to automatically backup on every configuration change.: Here are the logs:... Danilo Zrenjanin
01:54 PM Bug #11226: IPsec VTI phase 2 traffic selectors default to address when defined as a network: when selecting VTi it gives "LAN subnet" in local network and "address" in remote network by default.
if there... Alhusein Zawi
01:11 PM pfSense Packages Bug #13032 (Resolved): openvpn-client-import PHP warning: Tested on the:... Danilo Zrenjanin
01:08 PM pfSense Packages Bug #12814 (Resolved): OpenVPN Client Import does not populate 'remote_cert_tls' option: Tested on the:... Danilo Zrenjanin
11:26 AM Feature #12522: More GUI options for OpenVPN Client-Specific Overrides: Attached patch for both *current master branch* , and for release 2.6.0
It includes last upstream 0/empty() fix
Phil Wardt
06:53 AM Feature #12522: More GUI options for OpenVPN Client-Specific Overrides: Had to reset the repo, sorry, updated links and a fixed patch
*I pushed the GUI changes code:*
https://github.com/p... Phil Wardt
11:08 AM Feature #13017: Packet capture: add preview results while capture is running: If it makes testing easier, here's attached a patch that applies to the current master branch
Phil Wardt
09:20 AM Bug #12991 (Resolved): DNS Resolver ACLs are not updated when OpenVPN networks change: Tested on the:... Danilo Zrenjanin
07:07 AM Bug #13015: NAT generates duplicate ``no nat on`` rules for port forwards with a destination of ``Any``: Tested the patch on the:... Danilo Zrenjanin
03:23 AM Bug #12892 (Resolved): ``HTTPClient`` option not sent when using UEFI HTTP Boot: Tested on the:... Danilo Zrenjanin
12:06 AM Feature #13037: Support Intel 2.5g and 5g interfaces: I'd appreciate this as well. I was under the impression it was already supported from what I've read, and have a new... Jon8RFC .

04/08/2022

11:36 PM Revision d0af588d: remove some dead code: see https://forum.netgate.com/topic/171394/sledgehammer-killall-in-shaper-php-and-inc-files → luckman212
10:46 PM Feature #13037 (Closed): Support Intel 2.5g and 5g interfaces: FreeBSD source has enabled the functionality for 2.5g and 5g Nbase-T interfaces in this commit https://cgit.freebsd.o... Simeon OnSecurity
04:24 PM Feature #12522: More GUI options for OpenVPN Client-Specific Overrides: Jim Pingle wrote in #note-5:
> Yes, that's exactly expected. When you check it, nothing from the server is pushed, on... Phil Wardt
03:11 PM Todo #12981 (Resolved): Warn about OpenVPN shared key deprecation: Jim Pingle
03:10 PM Todo #12981: Warn about OpenVPN shared key deprecation: Tested on... Christopher Cope
12:22 PM pfSense Packages Bug #12916: pfBlockerNG-devel cron job does not trigger xmlrpc sync: I can confirm this issue also on a HA pair running 22.01. We have had this issue since switching to pfBlockerNG-devel... Alexander Lindqvist
04:01 AM Bug #12790 (Feedback): Link-Local IPv6 address on WAN with MAC spoofing changes if there is an IP Alias on WAN: Merged:
https://github.com/pfsense/pfsense/commit/f91bca4947c25bb39ee4cb80c9b6e3cd1b314b41 Viktor Gurov

04/07/2022

06:57 PM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound: Curious Netgate customer wondering if the fix posted by Alexander Berkes 2 years ago (or any other fix) is in the wor... Dennis Adler
01:54 PM pfSense Plus Bug #13031: Openvpn Float bug: If it's the same on the widget and status page, then it's likely being misreported by OpenVPN itself.
You can try... Jim Pingle
01:20 PM pfSense Plus Bug #13031: Openvpn Float bug: Hi Jim,
This "Dynamic IP" feature on both the tunnels are already un-checked. Please advice. Sam Jay
11:31 AM pfSense Packages Feature #9833: ACME: add ability to use custom ACME server: +1 for this! Just set up step-ca and would love having this functionality too. Connor McBrine-Ellis
10:52 AM pfSense Docs Todo #13036 (Closed): Feedback on Cellular Wireless — Known Working 3G-4G Modems: Merged Jim Pingle
10:48 AM pfSense Docs Todo #13036: Feedback on Cellular Wireless — Known Working 3G-4G Modems: https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/34 Viktor Gurov
10:31 AM pfSense Docs Todo #13036 (Closed): Feedback on Cellular Wireless — Known Working 3G-4G Modems: *Page:* https://docs.netgate.com/pfsense/en/latest/cellular/hardware.html
*Feedback:*

Add the ZTE 833R to the ... Viktor Gurov
10:30 AM Todo #12093 (Resolved): Make AutoConfigBackup menu entry point to the settings tab so it loads faster when there is no WAN connectivity: Jim Pingle
10:21 AM Todo #12093: Make AutoConfigBackup menu entry point to the settings tab so it loads faster when there is no WAN connectivity: Tested in... Christopher Cope
05:10 AM Regression #11570: Gateway monitoring services is not always restarted on interface events, which may prevent a WAN from recovering back to an online state: Wayne Sherman wrote in #note-27:
> *Setup:*
> 2.6.0-RELEASE (amd64), dual WAN with both WANs on DHCP, and failover ... Viktor Gurov
04:54 AM Feature #9544: Enable ``ROUTE_MPATH`` multipath routing: Jim Pingle wrote in #note-9:
> If that is the case, then we'll pick it up naturally when we rebase onto 13.x or late... Alexander Deca
04:19 AM Bug #13013 (Closed): bsdinstall error while creating filesystem on the latest snapshots: no such issue with pfSense-CE-2.7.0-DEVELOPMENT-amd64-20220406-1307.iso
seems related to https://github.com/pfsens... Viktor Gurov

04/06/2022

06:32 PM Revision 394c1772: Merge branch 'master' into mvc_refactor: Trevor Kerr
04:43 PM Bug #12800: Suboptimal Password Hashing: sha512crypt should be deprecated and removed in favor of better and more established options. It is a mistake to defa... Tom Sham
03:34 PM Bug #13035: No default route following WAN Gateway Group PPPoE member failure: Thank you. The test equipement to run the snapshot will be available next Monday.
I did not ask the question prope... Serge Caron
12:08 PM Bug #13035 (Not a Bug): No default route following WAN Gateway Group PPPoE member failure: Seems closer to #12811 or maybe part of #11570 though it's also possible it's a part of your configuration. Not enoug... Jim Pingle
12:04 PM Bug #13035 (Not a Bug): No default route following WAN Gateway Group PPPoE member failure: This is probably a twist on BUG # 12920 [[https://redmine.pfsense.org/issues/12920?tab=properties]]
Tier 1 of a G... Serge Caron
03:30 PM Todo #12934 (Resolved): Update strongSwan: Jim Pingle
03:29 PM Todo #12934: Update strongSwan: Tested successfully on... Christopher Cope
01:44 PM Bug #13033: DNS lookups using DNS forwarder yields invalid cache entries in systemd-resolved: I'm pretty sure it's not a duplicate. It could be a duplicate of #12901 though.... Flole Systems
08:13 AM Bug #13033: DNS lookups using DNS forwarder yields invalid cache entries in systemd-resolved: Not sure about this being a duplicate, since we have "Use local DNS, fall back to remote DNS servers" configured in p... Philipp Hoppen
08:01 AM Bug #13033 (Duplicate): DNS lookups using DNS forwarder yields invalid cache entries in systemd-resolved: Looks like a duplicate of #12902 Jim Pingle
07:38 AM Bug #13033 (Duplicate): DNS lookups using DNS forwarder yields invalid cache entries in systemd-resolved: I have configured a wildcard record in DNS forwarder, supplied in the "custom options" like the following:... Philipp Hoppen
12:55 PM pfSense Packages Bug #13022: HAProxy - Sub Frontends ignore Client verification CA certificates: Hi, I have entered the line and received the following antowrt:... Anonymous
10:33 AM pfSense Packages Bug #13022: HAProxy - Sub Frontends ignore Client verification CA certificates: Shared frontends certificates are saved to the @/var/etc/haproxy/<frontend>.crt_list@
for example:... Viktor Gurov
11:59 AM pfSense Packages Bug #13034 (Feedback): Zabbix6 Agent and Proxy fail to set the PSK from the web GUI in its conf files: Merged:
https://github.com/pfsense/FreeBSD-ports/commit/93b8b43ec23cbe6ae71ad2a792ced07d60589db6 Viktor Gurov
11:34 AM pfSense Packages Bug #13034 (Pull Request Review): Zabbix6 Agent and Proxy fail to set the PSK from the web GUI in its conf files: Jim Pingle
11:30 AM pfSense Packages Bug #13034: Zabbix6 Agent and Proxy fail to set the PSK from the web GUI in its conf files: fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/209 Viktor Gurov
10:58 AM pfSense Packages Bug #13034 (Resolved): Zabbix6 Agent and Proxy fail to set the PSK from the web GUI in its conf files: The Zabbix 6 agent and proxy running on pfSense 2.6.0 fails to set the PSK values from the web GUI in the zabbix conf... Mat Clarke
11:34 AM pfSense Packages Bug #13032 (Feedback): openvpn-client-import PHP warning: Merged Viktor Gurov
10:18 AM pfSense Packages Bug #13032 (Pull Request Review): openvpn-client-import PHP warning: Jim Pingle
09:31 AM pfSense Packages Bug #13032: openvpn-client-import PHP warning: fix:
https://gitlab.netgate.com/pfSense/factory-ports/-/merge_requests/50 Viktor Gurov
06:27 AM pfSense Packages Bug #13032 (Resolved): openvpn-client-import PHP warning: Crash report shows:... Steve Wheeler
08:06 AM pfSense Plus Bug #13031 (Not a Bug): Openvpn Float bug: Looks like it's doing what you're telling it to do and what the server allows you to do.
We just report the status... Jim Pingle
02:35 AM pfSense Plus Bug #13031: Openvpn Float bug: I think it's important: Sam uses the same certificate for these 2 different OpenVPN tunnels (2 different OpenVPN Serv... Azamat Khakimyanov

04/05/2022

09:29 PM pfSense Plus Bug #13031 (Not a Bug): Openvpn Float bug: We have notice that There is a bug with the pfSense CE version: 2.6.0-RELEASE. When there is a two tunnels are initi... Sam Jay
03:07 PM Bug #13030 (Not a Bug): login without password in captive portal: Your LDAP server must be allowing the bind -- MS AD is notoriously bad about allowing binding without a password in c... Jim Pingle
02:57 PM Bug #13030 (Not a Bug): login without password in captive portal: Captive portal with LDAP authentication entering without password. putting only the username and password field blan... Octavio Morato
02:28 PM Bug #13029 (Not a Bug): Captive portal "ip allowed": That is most likely a configuration error or something in your setup. This site is not for support or diagnostic disc... Jim Pingle
02:27 PM Bug #13029 (Not a Bug): Captive portal "ip allowed": I have a problem that when I add some ip in the allowed ip field, the captive portal apparently releases all ip's on ... Octavio Morato
12:52 PM pfSense Packages Bug #12956 (Confirmed): suricata fails to use pcre in SID management (e.g. dropsid.conf): I'm reopening this issue, as the function @preg_quote@ escapes all special characters, rather than just delimiters.
h... Marcos M
10:28 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: Been fighting this issue on 2.5 and 2.4.5 and I am talking about using only 1 DNS entry in the Alias to a Dynamic DNS... Charlie Blalock
10:02 AM Bug #13028 (Needs Patch): Crash when reconfiguring interface using if_qlnxe: It's either a bug in the FreeBSD driver or a hardware issue.
Either way here it's not something we can address. If... Jim Pingle
09:55 AM Bug #13028: Crash when reconfiguring interface using if_qlnxe: may be related:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238646
https://bugs.freebsd.org/bugzilla/show_bug... Viktor Gurov
09:25 AM Bug #13028 (Needs Patch): Crash when reconfiguring interface using if_qlnxe: We are using a "FastLinQ 41232 Dual Port" (OCP 3.0) in our Dell R650xs for our WAN connection. Any "bigger" change se... J Radmacher
08:12 AM pfSense Packages Bug #11343 (Feedback): Invalid link to pfSense-pkg-bind changelog: Merged:
https://github.com/pfsense/FreeBSD-ports/commit/a3bbd61e6a0376f80674a83b6bf99e74cb013bc5 Viktor Gurov
07:32 AM pfSense Packages Bug #11343 (Pull Request Review): Invalid link to pfSense-pkg-bind changelog: Jim Pingle
01:40 AM pfSense Packages Bug #11343: Invalid link to pfSense-pkg-bind changelog: fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/206 Viktor Gurov
07:35 AM Feature #13023 (Feedback): DNS Resolver option to keep probing when servers are down: Applied in changeset commit:8490fdae1718e802d10f25729a41f55bb52dcd5f. Marcos M
02:13 AM Revision 8490fdae: Unbound option to keep probing when servers are down. Implements #13023: Marcos M
01:51 AM pfSense Packages Bug #10900 (Feedback): /packages/backup/backup.php?a=download&t=backup HTTP 504, or Sends PHP Error Message as ASCII/Text file Named pfsense.bak.tgz: Should be fixed in #11098.
Please re-test. Viktor Gurov

04/04/2022

03:40 PM Revision b409b29c: Do not generate duplicate ``no nat on`` rules for port forwards with a destination of ``Any``. Fixes #13015: Viktor Gurov
01:46 PM Revision f91bca49: Regenerate link-local address on MAC change. Fixes #12794: Viktor Gurov
01:34 PM Revision a876c333: Do not generate duplicate NAT Reflection rules. Fixes #13012: Viktor Gurov
01:03 PM Bug #13015: NAT generates duplicate ``no nat on`` rules for port forwards with a destination of ``Any``: Applied in changeset commit:b409b29c0e549d966aed312d3ec53b8ae4d0fe29. Viktor Gurov
10:48 AM Bug #13015 (Feedback): NAT generates duplicate ``no nat on`` rules for port forwards with a destination of ``Any``: Merged:
https://github.com/pfsense/pfsense/commit/b409b29c0e549d966aed312d3ec53b8ae4d0fe29 Viktor Gurov
08:21 AM Bug #13015 (Pull Request Review): NAT generates duplicate ``no nat on`` rules for port forwards with a destination of ``Any``: Jim Pingle
05:13 AM Bug #13015: NAT generates duplicate ``no nat on`` rules for port forwards with a destination of ``Any``: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/706 Viktor Gurov
01:03 PM Bug #12794: Link-local address does not reset after removing MAC address spoofing: Applied in changeset commit:f91bca4947c25bb39ee4cb80c9b6e3cd1b314b41. Viktor Gurov
08:52 AM Bug #12794 (Feedback): Link-local address does not reset after removing MAC address spoofing: Merged:
https://github.com/pfsense/pfsense/commit/f91bca4947c25bb39ee4cb80c9b6e3cd1b314b41 Viktor Gurov
01:03 PM Bug #13012: NAT Reflection generates duplicate rules when internal interface contains multiple VIPs in the same subnet: Applied in changeset commit:a876c333310c6874acd4820a4e02374675b7c069. Viktor Gurov
08:36 AM Bug #13012 (Feedback): NAT Reflection generates duplicate rules when internal interface contains multiple VIPs in the same subnet: Merged:
https://github.com/pfsense/pfsense/commit/a876c333310c6874acd4820a4e02374675b7c069 Viktor Gurov
08:25 AM Bug #13012 (Pull Request Review): NAT Reflection generates duplicate rules when internal interface contains multiple VIPs in the same subnet: Jim Pingle
06:07 AM Bug #13012: NAT Reflection generates duplicate rules when internal interface contains multiple VIPs in the same subnet: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/707 Viktor Gurov
01:03 PM Feature #12267: OpenVPN option to limit concurrent connections per user: Applied in changeset commit:70e7b0c12a16143293b7e05f66ac4f9995bc4cb9. Marcos M
01:03 PM Bug #12332: OpenVPN does not clear old Cisco-AVPair anchor rules in some cases: Applied in changeset commit:971b9a642df9cba81d91459c56e0dd92107f6115. Marcos M
01:03 PM Todo #12981: Warn about OpenVPN shared key deprecation: Applied in changeset commit:209ad2e3f59f6e5a11802298b397dfaadfb04921. Jim Pingle
01:03 PM Bug #11226: IPsec VTI phase 2 traffic selectors default to address when defined as a network: Applied in changeset commit:544be7a5360324249e8e389ad5a6de60288cf57f. Marcos M
01:03 PM Regression #12937: Traffic Shaper wizard can produce an invalid ruleset when configured with an IPv4 upstream SIP server: Applied in changeset commit:030fab3edaee1c2f10ea8695a041864810d94390. Viktor Gurov
01:03 PM Bug #12440: Zero-value prefix IPv6 addresses are mishandled: Applied in changeset commit:02004e7ad1ef9ed56b035b4a821b5951e6a05125. Viktor Gurov
01:03 PM Bug #12986: DHCP network boot filename can be incorrectly placed in DHCP Pool Options: Applied in changeset commit:568fdc9f7f4d9d6952f6ef51c922dd3603c5aa30. Viktor Gurov
01:03 PM Regression #12949: The ruleset is not regenerated after assigning an interface: Applied in changeset commit:d1d1084eb4ebedbcc86cfe13c6d25cf9570646b0. Viktor Gurov
12:14 PM pfSense Packages Bug #13022: HAProxy - Sub Frontends ignore Client verification CA certificates: I have taken screenshots of my settings. In principle, the Main Frontent is almost empty, since all settings are cove... Anonymous
07:02 AM pfSense Packages Bug #13022 (Feedback): HAProxy - Sub Frontends ignore Client verification CA certificates: Unable to reproduce with pfSense-pkg-haproxy-devel 0.62_9
Could you provide detailed step-by-step instructions to ... Viktor Gurov
10:59 AM Bug #11764: IPv6 link local gateway default status not indicated in GUI: Daryl Morse wrote in #note-7:
> I was running 2.7.0-dev up to around mid-January, then I shut it down to test the 2.... Viktor Gurov
08:17 AM pfSense Packages Feature #12963 (Feedback): Run nmap scans in the background: Merged to devel for testing in snapshots. Jim Pingle
07:58 AM Bug #13027 (Pull Request Review): Input validation requires a gateway for floating ``match out`` rules: Jim Pingle
07:42 AM Regression #13025 (Feedback): Some services won't start - wrong syntax in autogenerated rc.d scripts: Merged:
https://github.com/pfsense/pfsense/commit/bfa801a664d5ff7e266c323e333b03c33e72e0d4 Viktor Gurov
07:36 AM Regression #13025 (Pull Request Review): Some services won't start - wrong syntax in autogenerated rc.d scripts: Jim Pingle
01:26 AM Regression #13025: Some services won't start - wrong syntax in autogenerated rc.d scripts: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/705 Viktor Gurov
07:39 AM Regression #13026: Limiters do not work: There is ongoing work here as part of the transition to purely pf based handling of these things. See #12579 for some... Jim Pingle
07:29 AM pfSense Docs Correction #13024 (Closed): Feedback on Virtual Private Networks — OpenVPN — Controlling Client Parameters via RADIUS: Merged. Jim Pingle
07:21 AM Bug #13019 (Rejected): Setting an NTP FQDN kills DHCP Server: I can't reproduce it either. This site is not for support or diagnostic discussion, however. Please start a post on t... Jim Pingle
02:00 AM Bug #13019 (Feedback): Setting an NTP FQDN kills DHCP Server: Viktor Gurov
07:10 AM Feature #12819 (Feedback): GUI option to configure layers for LACP hash: That only showed that the GUI option was there -- It still needs to be tested at the OS level to make sure the select... Jim Pingle
06:25 AM Feature #12819 (Resolved): GUI option to configure layers for LACP hash: Viktor Gurov
06:24 AM Revision bfa801a6: write_rcfile() restart fix. Issue #13025: Viktor Gurov
04:48 AM Bug #12774: Picture widget image is not saved in backup: Where the picture data is stored while the system is operating is IMO of no consequence regarding as to whether or no... Ronald Antony
01:59 AM Bug #13021 (Duplicate): Image data of dashboard image widget does not get backed up: Duplicate of #12774 Viktor Gurov

04/03/2022

08:29 PM pfSense Packages Bug #12995 (Resolved): Installing stunnel only on the primary HA node leads to php crashes and sync issues: Tested on @22.05.a.20220403.0600@; works as expected. Marcos M
08:06 PM Bug #13027: Input validation requires a gateway for floating ``match out`` rules: This works on @22.01@ with the following rule and patch:... Marcos M
07:55 PM Bug #13027 (Resolved): Input validation requires a gateway for floating ``match out`` rules: When implementing limiters using floating *match* rules, a gateway should not be necessary. Without selecting one, th... Marcos M
07:49 PM Regression #13026 (Resolved): Limiters do not work: h3. SETUP
@/tmp/rules.limiter@ (no change between versions)... Marcos M
04:36 PM Regression #13025 (Resolved): Some services won't start - wrong syntax in autogenerated rc.d scripts: 22.05-DEVELOPMENT (amd64)
built on Sun Apr 03 06:21:55 UTC 2022
FreeBSD 12.3-STABLE
noticed avahi and other s... johnny stecchino
02:32 PM Regression #12961: CARP event storm when leaving persistent CARP maintenance mode: I can confirm to see the absolute same behaviour in pfSense 2.6.0 CE with a very similar setup! Steffen Wagner
11:27 AM pfSense Docs Correction #13024 (Pull Request Review): Feedback on Virtual Private Networks — OpenVPN — Controlling Client Parameters via RADIUS: Marcos M
11:26 AM pfSense Docs Correction #13024: Feedback on Virtual Private Networks — OpenVPN — Controlling Client Parameters via RADIUS: https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/33 Marcos M
11:02 AM pfSense Docs Correction #13024 (Closed): Feedback on Virtual Private Networks — OpenVPN — Controlling Client Parameters via RADIUS: *Page:* https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/client-parameters-radius.html
*Feedback:*
@Framed-... Marcos M
10:48 AM Feature #13023 (Pull Request Review): DNS Resolver option to keep probing when servers are down: I've been running this option for months and it's helped whenever there are ISP issues.
https://gitlab.netgate.com... Marcos M
09:47 AM Feature #13023 (Resolved): DNS Resolver option to keep probing when servers are down: When servers are down and in the "blocking regime", they are currently probed every 15 minutes which is a relatively ... Marcos M
10:28 AM pfSense Plus Bug #12974: Typing anything into 1100/2100 recovery installer causes process to stop: Kris Phillips wrote in #note-1:
> I'm not able to reproduce this. What serial emulator are you using? Have you tri... Ryan Coleman
06:50 AM pfSense Packages Bug #13022 (Feedback): HAProxy - Sub Frontends ignore Client verification CA certificates: I noticed that when I create sub frontends in HAProxa and enable the "Client verification CA certificates" in them (e... Anonymous
05:03 AM Feature #13017: Packet capture: add preview results while capture is running: Fix previous patch did not properly apply dns option during view/preview results
Add a warning that running preview ... Phil Wardt

04/02/2022

09:11 PM Bug #13021: Image data of dashboard image widget does not get backed up: Oops, sorry, there’s something to clarify: the widget is called “Picture” not “Image” Ronald Antony
09:03 PM Bug #13021: Image data of dashboard image widget does not get backed up: Oh, and ANYTHING can be stored in an XML file, that’s what base64 encoded blobs are for. Ronald Antony
09:01 PM Bug #13021: Image data of dashboard image widget does not get backed up: I’m not sure how I’m supposed to clarify.
It’s pretty easy what I’m talking about: go to the dashboard, add an image... Ronald Antony
07:02 PM Bug #13021: Image data of dashboard image widget does not get backed up: Ronald,
The only thing that is backed up when pfSense is backed up is the config file. I'm not sure what "image" ... Kris Phillips
08:49 AM Bug #13021 (Duplicate): Image data of dashboard image widget does not get backed up: The dashboard has a rather useful image widget, which by using distinctive images, drastically lowers the chance of m... Ronald Antony
07:18 PM pfSense Plus Bug #12974: Typing anything into 1100/2100 recovery installer causes process to stop: I'm not able to reproduce this. What serial emulator are you using? Have you tried Putty or Screen? I've seen this... Kris Phillips
07:15 PM Bug #13019: Setting an NTP FQDN kills DHCP Server: I'm not able to reproduce this issue. I added two NTP settings under Advanced to the DHCP server, restarted the serv... Kris Phillips
02:11 AM Bug #13019 (Rejected): Setting an NTP FQDN kills DHCP Server: Very strange issue here. Setting a FQDN for one of the 3 NTP server options in the IPv4 DHCP server settings kills I... Kristopher Kolpin
01:46 PM Feature #12982: Add support for RFC7499 in RADIUS library.: To add some details from the test:
The file contents did have just 65 rules. I also tried increasing the php @max_in... Marcos M
01:13 PM Regression #12862: Some ``sysctl`` OIDs in ``loader.conf.local`` are silently removed: Running 22.05.a.20220402.0600 on the 1100, kern.ipc.nmbclusters is not present in /boot/loader.conf or system tunables Jordan G
11:45 AM Feature #12819: GUI option to configure layers for LACP hash: tested on 22.05.a.20220402.0600 options for LAGG now show -
Layer 2/3/4/ (default)
Layer 2 (MAC Address)
... Jordan G
09:31 AM Bug #12957 (Resolved): Delete button is always active for NAT rules, even if no rules are selected: Tested on the:... Danilo Zrenjanin
08:44 AM pfSense Docs Todo #13020 (Resolved): Improve ``easyrule`` command documentation: At https://docs.netgate.com/pfsense/en/latest/firewall/easyrule.html#easyrule-in-the-shell the documentation is typic... Ronald Antony
04:25 AM Feature #13017: Packet capture: add preview results while capture is running: Fix upstream original version not applying "DNS resolution" option during capture, but only during display
patch for... Phil Wardt
04:03 AM pfSense Packages Feature #12963: Run nmap scans in the background: I squashed commits since the last review
I reviewed and cleaned up some code readability
Updated the attached patch... Phil Wardt

04/01/2022

05:59 PM pfSense Packages Bug #13018 (New): TLD and DNSBL Safesearch DOH conflict disables TLD block when conflicting DOH FQDN is deselected or whitelisted: pfBlockerNG-devel 3.1.0_4
If a TLD (example .cn) is blacklisted and conflicts with DNSBL Safesearch DOH blocking (ex... James Wilson
04:27 PM pfSense Packages Feature #12963: Run nmap scans in the background: Add No DNS Resolution option for faster scans
Should be completed
Attached patch for pfsense 2.6.0 Phil Wardt
09:53 AM pfSense Packages Feature #12963: Run nmap scans in the background: Updated patch to fix this:
- only kill nmap process using the output file created in GUI
- code formatting Phil Wardt
03:56 PM Feature #13017: Packet capture: add preview results while capture is running: Commit:
https://github.com/pfsense/pfsense/pull/4567
Note: I added the -U option to unbuffer output and permit resul... Phil Wardt
03:54 PM Feature #13017 (Closed): Packet capture: add preview results while capture is running: Packet Capture: add preview results
- allow preview results while a capture is still running
- add a capture summar... Phil Wardt
01:12 PM Regression #13011 (Feedback): Ruleset can fail to load on snapshot from March 31st: Jim Pingle
01:09 PM Regression #13011: Ruleset can fail to load on snapshot from March 31st: Should be sorted out as of 8f782c1bf74a13fa9c8c40c37d6b2391387498c3 on devel-12 and aac961d1dbc43f1cc71acb701a54df0da... Mateusz Guzik
09:06 AM Regression #13011: Ruleset can fail to load on snapshot from March 31st: While not directly related, #13011 is contributing to this problem as it's one source of potentially duplicate rules. Jim Pingle
08:40 AM Regression #13011 (Resolved): Ruleset can fail to load on snapshot from March 31st: Adding this for tracking as we are aware of it and it's being actively worked on.
There is an issue on the latest ... Jim Pingle
01:06 PM pfSense Docs New Content #13016: Workaround for bandwith issues since 2.6 when installed in Hyper-V: There are other things out there that could also be a factor, multiple forum threads also mentioned switch settings i... Jim Pingle
12:52 PM pfSense Docs New Content #13016 (New): Workaround for bandwith issues since 2.6 when installed in Hyper-V: Extremely slow upload speeds since 2.6 when installed in Hyper-V. A workaround for windows 10 machines is disabling b... Christoph Obermoser
12:37 PM Feature #13010: Option to retain the existing serial number when renewing a CA or certificate: Evren Yurtesen wrote in #note-2:
> Excluding the CA serial from being used in future, in authorityKeyIdentifier, doe... Jim Pingle
01:57 AM Feature #13010: Option to retain the existing serial number when renewing a CA or certificate: Excluding the CA serial from being used in future, in authorityKeyIdentifier, does not solve the immediate problem wi... Evren Yurtesen
11:31 AM Bug #13015 (Resolved): NAT generates duplicate ``no nat on`` rules for port forwards with a destination of ``Any``: Port forwards with a destination of @Any@ get extra @no nat on@ NAT rules which can end up duplicated across multiple... Jim Pingle
11:14 AM Bug #13013: bsdinstall error while creating filesystem on the latest snapshots: I ran into what Jim set out yesterday. Had to memstick install 2.6.0 then update to 2.7.0 to get back into operation.... Ted Quade
10:21 AM Bug #13013: bsdinstall error while creating filesystem on the latest snapshots: I see the same issue with a clean install. Viktor Gurov
09:23 AM Bug #13013: bsdinstall error while creating filesystem on the latest snapshots: I was seeing this the other day but it doesn't matter what is on the disk for me, UFS or ZFS, in both cases trying to... Jim Pingle
09:20 AM Bug #13013: bsdinstall error while creating filesystem on the latest snapshots: see also #10690 Viktor Gurov
09:19 AM Bug #13013 (Closed): bsdinstall error while creating filesystem on the latest snapshots: Old ZFS layout (pfSense 2.5.2):... Viktor Gurov
11:03 AM Bug #13014: Deadlock in Charon VICI interface: Might be the same root cause as #7420 though we don't have enough information about either one of these to say for ce... Jim Pingle
10:53 AM Bug #13014 (Resolved): Deadlock in Charon VICI interface: The charon.vici daemon can get in a bad state where all of the qlen slots are "hung". This causes the Status --> IPS... Kris Phillips
09:05 AM Bug #13012 (Resolved): NAT Reflection generates duplicate rules when internal interface contains multiple VIPs in the same subnet: NAT reflection can generate multiple identical rules if the configuration contains multiple VIPs in the same subnet.
... Jim Pingle
01:36 AM pfSense Packages Bug #12814 (Feedback): OpenVPN Client Import does not populate 'remote_cert_tls' option: Merged Viktor Gurov

03/31/2022

08:02 PM Revision 9f534f4b: Use correct rx/tx index. Fixes #8861: Jim Pingle
04:04 PM pfSense Packages Feature #12963: Run nmap scans in the background: I modified the code to disable any custom commands.
This is safer since nmap already changed in the past the -o opti... Phil Wardt
03:47 PM Regression #12897 (Resolved): Attempting to decrypt an encrypted backup with the wrong password makes the GUI timeout: Tested and working correctly on... Christopher Cope
03:44 PM Regression #12834: Only TCP traffic is passed outbound through IPFW: → luckman212 wrote in #note-11:
> @jimp was this one merged as of 22.05.a.20220331.1603? I'm looking in System Patch... Jim Pingle
03:06 PM Regression #12834: Only TCP traffic is passed outbound through IPFW: @jimp was this one merged as of 22.05.a.20220331.1603? I'm looking in System Patches under "Recommended System Patche... → luckman212
03:44 PM Revision 82a6f401: CLI history option optimization. Fixes #12675: There is no longer a need to use the ~/.keephistory flag file. Scripts
can check the config.xml value for a user dire... Jim Pingle
03:42 PM Revision 0049d009: Fix syntax error: Jim Pingle
03:40 PM Bug #12998: Wireless interface WPA configuration fields are always visible: Updating subject for release notes. Jim Pingle
03:39 PM Bug #12710: Disabling DHCP Server RRD statistics does not work: Updating subject for release notes. Jim Pingle
03:38 PM Feature #12616: Option to filter state table contents by rule ID: Updating subject for release notes. Jim Pingle
03:37 PM Bug #12440: Zero-value prefix IPv6 addresses are mishandled: Updating subject for release notes. Jim Pingle
03:37 PM Bug #11226: IPsec VTI phase 2 traffic selectors default to address when defined as a network: Updating subject for release notes. Jim Pingle
03:36 PM Bug #11941: Many ``exec()`` functions do not use full path to executable files: Updating subject for release notes. Jim Pingle
03:35 PM Regression #12937: Traffic Shaper wizard can produce an invalid ruleset when configured with an IPv4 upstream SIP server: Updating subject for release notes. Jim Pingle
03:34 PM Bug #12003: Pie and ``fq_pie`` are missing options and do not handle floating point number input correctly: Updating subject for release notes. Jim Pingle
03:33 PM Bug #12611: SNMP daemon is restarted during every ``rc.newwanip`` event: Updating subject for release notes. Jim Pingle
03:32 PM Bug #12957: Delete button is always active for NAT rules, even if no rules are selected: Updating subject for release notes. Jim Pingle
03:32 PM Bug #12871: Some action buttons are always active for firewall rules, even if no rules are selected: Updating subject for release notes. Jim Pingle
03:32 PM Bug #12871: Some action buttons are always active for firewall rules, even if no rules are selected: Updating subject for release notes. Jim Pingle
03:31 PM Bug #12803: Error loading ruleset due to illegal TOS value: Updating subject for release notes. Jim Pingle
03:31 PM Bug #12792: Automatic Outbound NAT rules do not include OpenVPN CSO entries: Updating subject for release notes. Jim Pingle
03:31 PM Bug #12678: Applying firewall rule changes does not clear dirty flag for aliases subsystem: Updating subject for release notes. Jim Pingle
03:30 PM Feature #12392: Allow the selection of "any" interface in floating rules: Updating subject for release notes. Jim Pingle
03:30 PM Feature #8365: Button to copy rules from one interface to another: Updating subject for release notes. Jim Pingle
03:29 PM Feature #4881: Allow NPt to use dynamic IPv6 networks: Updating subject for release notes. Jim Pingle
03:27 PM Bug #12536: Setting a default gateway of "None" does not remove the default gateway from the routing table: Updating subject for release notes. Jim Pingle
03:26 PM Feature #12968: Button to clear previous packet capture data: Updating subject for release notes. Jim Pingle
03:26 PM Bug #13004: ``write_rcfile()`` does not create ``rc_restart()`` entry: Updating subject for release notes. Jim Pingle
11:23 AM Bug #13004 (Feedback): ``write_rcfile()`` does not create ``rc_restart()`` entry: Merged:
https://github.com/pfsense/pfsense/commit/4e2a765a9f5979aaa2e10ef31ecccd0466e6cc2f Viktor Gurov
07:45 AM Bug #13004 (Pull Request Review): ``write_rcfile()`` does not create ``rc_restart()`` entry: Jim Pingle
05:24 AM Bug #13004: ``write_rcfile()`` does not create ``rc_restart()`` entry: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/699 Viktor Gurov
05:18 AM Bug #13004 (Resolved): ``write_rcfile()`` does not create ``rc_restart()`` entry: @write_rcfile()@ creates only rc_start() and rc_stop() entries, but ignores the contents of 'restart', which is used ... Viktor Gurov
03:25 PM Bug #12766: Packages with custom ``internal_name`` values do not reinstall properly when restoring a backup: Updating subject for release notes. Jim Pingle
06:00 AM Bug #12766 (Resolved): Packages with custom ``internal_name`` values do not reinstall properly when restoring a backup: Tested against:... Danilo Zrenjanin
03:24 PM Todo #12981: Warn about OpenVPN shared key deprecation: Updating subject for release notes. Jim Pingle
03:24 PM Bug #12925: FQDN in network alias is omitted from OpenVPN networks list: Updating subject for release notes. Jim Pingle
03:22 PM Bug #12887: GUI does not reject an invalid OpenVPN tap mode configuration with an empty tunnel network "Bridge DHCP" disabled: Updating subject for release notes. Jim Pingle
03:21 PM Regression #12884: OpenVPN status display for TAP mode services shows peer-to-peer instead of client list in certain cases: Updating subject for release notes. Jim Pingle
03:20 PM Regression #12817: PHP error when terminating OpenVPN sessions via the dashboard widget: Updating subject for release notes. Jim Pingle
03:19 PM Bug #12628: OpenVPN re-synchronization also synchronizes override entries unnecessarily in some cases: Updating subject for release notes. Jim Pingle
03:17 PM Bug #11864: OpenVPN stays bound to previous IP address after interface changes: Updating subject for release notes. Jim Pingle
03:16 PM Bug #11416: OpenVPN IPv4 Tunnel Network incorrectly allows hostnames: Updating subject for release notes. Jim Pingle
03:12 PM Feature #12819: GUI option to configure layers for LACP hash: Updating subject for release notes. Jim Pingle
03:10 PM Bug #12953: ESP description in IPsec phase 2 proposal help text is ambiguous: Updating subject for release notes. Jim Pingle
03:10 PM Bug #12723: Disallow remote gateway of ``0.0.0.0`` for VTI mode: Updating subject for release notes. Jim Pingle
03:08 PM Regression #12866: Disabled Captive Portal configuration prevents adding an interface to a bridge: Updating subject for release notes. Jim Pingle
03:07 PM Bug #12735 (Resolved): Interface status "Total Interrupts" display is non-functional: This looks right on current snapshots now. The value is displayed as expected. Jim Pingle
03:04 PM Feature #8861 (Feedback): Show SFP module details on ``status_interfaces.php``: Fix committed, commit:9f534f4b7af51600ce37e10978f3f1eb977768f3
Jim Pingle
03:02 PM Feature #8861 (In Progress): Show SFP module details on ``status_interfaces.php``: There is a small error keeping it from displaying the RX/TX signal levels from an SFP. To me, I have a fix. Jim Pingle
02:51 PM Bug #12691: Support encrypted ``config.xml`` files when restoring during install: Updating subject for release notes. Jim Pingle
02:51 PM Bug #12609: IGMP Proxy server is restarted during every ``rc.newwanip`` event: Updating subject for release notes. Jim Pingle
02:50 PM Feature #12702: Use consistent pf host ID and add GUI option to set a custom host ID in state synchronization settings: Updating subject for release notes. Jim Pingle
02:49 PM Feature #9091: Chelsio TOE support using the ``t4_tom`` module: Updating subject for release notes. Jim Pingle
02:47 PM Bug #12721: IPv6 gateway group using link local addresses incorrectly logs a gateway change because it not including interface scope properly: Updating subject for release notes. Jim Pingle
02:42 PM Bug #11692: ``fixup_default_gateway()`` should not remove a default gateway managed by a dynamic routing daemon: Updating subject for release notes. Jim Pingle
02:28 PM Feature #13010: Option to retain the existing serial number when renewing a CA or certificate: It could perhaps be made optional but I've seen more trouble from retaining the serial than from changing it, though.... Jim Pingle
01:20 PM Feature #13010 (Resolved): Option to retain the existing serial number when renewing a CA or certificate: I believe this issue is related to Bug #11514 - "Renewing a self-signed CA or certificate does not update the serial ... Evren Yurtesen
01:18 PM Todo #12881: Update ``dpinger`` to 3.2: Updating subject for release notes. Jim Pingle
01:17 PM Bug #12811: Services are not restarted when PPP interfaces connect: Updating subject for release notes. Jim Pingle
01:14 PM Regression #12816: Namecheap Dynamic DNS responses are not parsed properly: Updating subject for release notes. Jim Pingle
01:13 PM Bug #12761: Input validation prevents configuring wildcard Dynamic DNS records on Google Domains: Updating subject for release notes. Jim Pingle
01:12 PM Bug #12754: Google Domains Dynamic DNS responses are not parsed properly: Updating subject for release notes. Jim Pingle
01:11 PM Feature #12752: Support wildcard Dynamic DNS records on DigitalOcean: Updating subject for release notes. Jim Pingle
01:11 PM Bug #12750: Input validation prevents configuring wildcard Dynamic DNS records on GoDaddy: Updating subject for release notes. Jim Pingle
01:10 PM Feature #12744: IPv6 support for DNSimple Dynamic DNS: Updating subject for release notes. Jim Pingle
01:09 PM Bug #12672: GleSYS Dynamic DNS responses are not parsed properly: Updating subject for release notes. Jim Pingle
01:08 PM Bug #12590: Dynamic DNS custom IPv6 service fails on 6rd tunnels: Updating subject for release notes. Jim Pingle
01:05 PM Bug #12991: DNS Resolver ACLs are not updated when OpenVPN networks change: Updating subject for release notes. Jim Pingle
11:33 AM Bug #12991 (Feedback): DNS Resolver ACLs are not updated when OpenVPN networks change: Merged:
https://github.com/pfsense/pfsense/commit/34fc7cd6b5a1b9cb9edafb13cd3dbb4142c66294 Viktor Gurov
07:44 AM Bug #12991 (Pull Request Review): DNS Resolver ACLs are not updated when OpenVPN networks change: Jim Pingle
05:08 AM Bug #12991 (New): DNS Resolver ACLs are not updated when OpenVPN networks change: Danilo Zrenjanin wrote in #note-5:
> Tested with the patch against:
> [...]
>
> The tunnel network from the serv... Viktor Gurov
03:49 AM Bug #12991: DNS Resolver ACLs are not updated when OpenVPN networks change: Tested with the patch against:... Danilo Zrenjanin
01:04 PM Bug #12985: DNS Resolver updates trust anchor at boot even with DNSSEC disabled which can lead to a startup delay of ~2 minutes if the firewall does not have Internet access: Updating subject for release notes. Jim Pingle
11:32 AM Bug #12985 (Resolved): DNS Resolver updates trust anchor at boot even with DNSSEC disabled which can lead to a startup delay of ~2 minutes if the firewall does not have Internet access: > > fix:
> > https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/700
>
> I applied the patch and it fixed... Viktor Gurov
09:22 AM Bug #12985: DNS Resolver updates trust anchor at boot even with DNSSEC disabled which can lead to a startup delay of ~2 minutes if the firewall does not have Internet access: Viktor Gurov wrote in #note-7:
> Glenn Hall wrote in #note-5:
> > This commit seems to break enabling of DNSSEC on ... Glenn Hall
07:47 AM Bug #12985 (Pull Request Review): DNS Resolver updates trust anchor at boot even with DNSSEC disabled which can lead to a startup delay of ~2 minutes if the firewall does not have Internet access: Jim Pingle
07:46 AM Bug #12985: DNS Resolver updates trust anchor at boot even with DNSSEC disabled which can lead to a startup delay of ~2 minutes if the firewall does not have Internet access: Glenn Hall wrote in #note-5:
> This commit seems to break enabling of DNSSEC on 2.7.0.a.20220328.0600. I previously ... Viktor Gurov
01:02 PM Bug #12613: DNS Resolver does not restart during link up/down events on a static IP address interface: Updating subject for release notes. Jim Pingle
01:02 PM Bug #12612: DNS Resolver is restarted during every ``rc.newwanip`` event even for interfaces not used in the resolver: Updating subject for release notes. Jim Pingle
01:01 PM Bug #12749: Uninitialized array in ``array_remove_duplicates()``: Updating subject for release notes. Jim Pingle
01:00 PM Regression #12582: RADVD can be started on both HA nodes when configured with an IPv6 link-local address: Updating subject for release notes. Jim Pingle
12:58 PM Bug #12527: DHCPv6 server does not skip interfaces configured with invalid ranges: Updating subject for release notes. Jim Pingle
12:55 PM Revision 4e2a765a: write_rcfile() restart support. Issue #13004: Viktor Gurov
12:55 PM Bug #12986: DHCP network boot filename can be incorrectly placed in DHCP Pool Options: Updating subject for release notes. Jim Pingle
12:55 PM Revision 34fc7cd6: Improve unbound DNSSEC option check. Issue #12985: Viktor Gurov
12:53 PM Bug #12896: ``HTTPClient`` option does not work for static mappings: Updating subject for release notes. Jim Pingle
12:53 PM Bug #12892: ``HTTPClient`` option not sent when using UEFI HTTP Boot: Updating subject for release notes. Jim Pingle
12:52 PM Feature #12973: Playback script to perform a configuration upgrade on an arbitrary ``config.xml`` file: Updating subject for release notes. Jim Pingle
12:50 PM Feature #12675: Move command line history to a GUI option stored in ``config.xml`` rather than a manual flag file: Updating subject for release notes. Jim Pingle
10:54 AM Feature #12675 (Feedback): Move command line history to a GUI option stored in ``config.xml`` rather than a manual flag file: Merged: https://github.com/pfsense/pfsense/commit/82a6f401d07ac88bb66cc29110d249dd8302bcbf Jim Pingle
10:40 AM Feature #12675 (In Progress): Move command line history to a GUI option stored in ``config.xml`` rather than a manual flag file: Taking another look at this, there is no need to use the flag file at all now. It can be read directly from the confi... Jim Pingle
12:49 PM Bug #12810: Sanitize SHA-512 user password hashes in ``status.php`` output: Updating subject for release notes. Jim Pingle
12:48 PM Feature #12773: Ability to sort AutoConfigBackup entries: Updating subject for release notes. Jim Pingle
12:45 PM Feature #12724: Notify user if AutoConfigBackup is unable to successfully upload a backup: Updating subject for release notes. Jim Pingle
12:44 PM Feature #12685: Support encrypted ``config.xml`` files when restoring via ECL: Updating subject for release notes. Jim Pingle
12:43 PM Feature #12855: GUI option to select the user password hashing algorithm: Updating subject for release notes. Jim Pingle
12:42 PM Feature #13009 (New): Add option for multiple remote addresses to OpenVPN Client: With the ability to bind OpenVPN Servers to localhost and then use port forwarding for multiple interfaces and failov... Kris Phillips
12:41 PM Feature #12842: Retain descriptions when exporting and importing aliases: Updating subject for release notes. Jim Pingle
12:41 PM Bug #12727: Renaming an alias does not update the alias names in static routes and OpenVPN instances: Updating subject for release notes. Jim Pingle
12:23 PM Bug #12868 (Resolved): Output from ``pfctl -vvsr`` does not include ``ridentifier`` value in the expected location: This was merged a while ago and has been working fine.
The @(0)@ bit after the pf rule number is no longer present... Jim Pingle
12:22 PM pfSense Packages Bug #12818 (Resolved): IP block logging not working: Christopher Cope
12:21 PM pfSense Packages Bug #12818: IP block logging not working: Tested and working in... Christopher Cope
12:14 PM pfSense Packages Regression #13002 (Feedback): BIND 9.16_13 could not find existing DNSSEC keys at /cf/named/etc/namedb/keys due to directory change: Merged:
https://github.com/pfsense/FreeBSD-ports/commit/1a4f1fdbd14484e4ea4630fe4cd16ac777a32f5a Viktor Gurov
07:43 AM pfSense Packages Regression #13002 (Pull Request Review): BIND 9.16_13 could not find existing DNSSEC keys at /cf/named/etc/namedb/keys due to directory change: Jim Pingle
04:59 AM pfSense Packages Regression #13002: BIND 9.16_13 could not find existing DNSSEC keys at /cf/named/etc/namedb/keys due to directory change: fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/205 Viktor Gurov
12:01 PM Bug #12794: Link-local address does not reset after removing MAC address spoofing: forum topic:
https://forum.netgate.com/topic/169727/link-local-address-behavior-when-spoofing-wan-interface-mac-address Viktor Gurov
11:51 AM pfSense Packages Bug #12916: pfBlockerNG-devel cron job does not trigger xmlrpc sync: Marcos Mendoza wrote:
> Tested on pfSense 2.6.0 and pfBlockerNG-devel 3.1.0_1
> pfBlockerNG-devel option "Enable Sy... Israel Goldstein
10:06 AM Revision 3a792acf: OpenVPN unbound restart fixes. Issue #12991: Viktor Gurov
07:40 AM Feature #12982: Add support for RFC7499 in RADIUS library.: The number that works is too conveniently close to 64 to be a coincidence. It sounds like it's hitting a limit somewh... Jim Pingle

03/30/2022

09:19 PM Revision dabd214e: php: replace DEFAULT_VERSIONS from 74 to 7.4: Glen Barber
07:00 PM Revision 05e58cf4: Make openvpn.connect_async.sh executable: Marcos M
07:00 PM Revision 70e7b0c1: Add option to limit concurrent connections per OpenVPN user. Implements #12267: Marcos M
07:00 PM Revision 971b9a64: Clear stale Cisco-AVPair anchor rules. Fixes #12332: Marcos M
07:00 PM Revision 96a1e759: Improve OpenVPN client connection logging and logic: In preperation for fixes and features Marcos M
07:00 PM Revision acb0c154: Use OpenVPN deferred client-connect. Implements #12407: Marcos M
07:00 PM Revision fdfa9859: Move openvpn client-connect script to separate file: to prepare for deferred client-connect Marcos M
04:26 PM Feature #12982: Add support for RFC7499 in RADIUS library.: Tested with the patch applied, but the issue remains. Note: the rule syntax originally tested was incorrect - this te... Marcos M
04:19 PM Bug #12332: OpenVPN does not clear old Cisco-AVPair anchor rules in some cases: Tested on 2.6 with patch. The rules are being applied correctly, and files get added/removed as expected. Using the f... Marcos M
03:22 PM Bug #12332 (Feedback): OpenVPN does not clear old Cisco-AVPair anchor rules in some cases: Merged Viktor Gurov
04:13 PM Revision ae017785: Duplicate wireless interfaces fix. Issue #12999: Viktor Gurov
04:12 PM Revision f9d9d77e: Interfaces WIFI WPA configuration fields expose fix. Issue #12998: Viktor Gurov
03:54 PM Revision 89f11609: backup via upload file was fixed: Andrey Kuznetsov
03:52 PM Revision 209ad2e3: OpenVPN shared key warning. Implements #12981.: Adds a warning to the OpenVPN client and server list and edit pages
warning the user about shared key mode being depr... Jim Pingle
03:22 PM Feature #12267 (Feedback): OpenVPN option to limit concurrent connections per user: Merged Viktor Gurov
12:29 PM Feature #12267: OpenVPN option to limit concurrent connections per user: Marcos Mendoza wrote in #note-16:
> New MR including fix to client-specific configuration not applying (static addre... Ryan Coleman
03:22 PM Feature #12407 (Feedback): Use deferred client connections in OpenVPN: Merged Viktor Gurov
12:27 PM Feature #12407: Use deferred client connections in OpenVPN: Marcos Mendoza wrote in #note-10:
> New MR, see: https://redmine.pfsense.org/issues/12267#note-16
Tested this wit... Ryan Coleman
01:51 PM Regression #11570: Gateway monitoring services is not always restarted on interface events, which may prevent a WAN from recovering back to an online state: *Setup:*
2.6.0-RELEASE (amd64), dual WAN with both WANs on DHCP, and failover via Gateway groups. (default gateway =... Wayne Sherman
12:41 PM Revision 6e4620d2: Fix typo: Jim Pingle
11:54 AM Regression #12984 (Resolved): OpenVPN causes Crash Reports in the GUI: Testest against:... Danilo Zrenjanin
11:32 AM Bug #12998 (Feedback): Wireless interface WPA configuration fields are always visible: Merged:
https://github.com/pfsense/pfsense/commit/f9d9d77e0a312483078db13298783d55c995cfcb Viktor Gurov
09:19 AM Bug #12998 (Pull Request Review): Wireless interface WPA configuration fields are always visible: That patch corrects the behaviour for my test case. Steve Wheeler
08:43 AM Bug #12998: Wireless interface WPA configuration fields are always visible: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/695 Viktor Gurov
11:32 AM Regression #12999 (Feedback): Duplicate wireless interfaces are created at boot: Merged:
https://github.com/pfsense/pfsense/commit/ae01778587df124d8ef4c69ae8b6d751cb7272fc Viktor Gurov
09:45 AM Regression #12999 (Pull Request Review): Duplicate wireless interfaces are created at boot: Jim Pingle
09:41 AM Regression #12999: Duplicate wireless interfaces are created at boot: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/696 Viktor Gurov
11:15 AM Bug #13003 (Closed): Malicious Driver Detection event on ``ixl(4)`` driver: There have been a handful of reports of MDD events happening with the Intel X710 NIC. The system logs show the follow... Marcos M
11:13 AM Todo #12981 (Feedback): Warn about OpenVPN shared key deprecation: Warning added to tunnel list and when editing an instance for both clients and servers. Warning is only printed when ... Jim Pingle
10:22 AM Todo #12981 (In Progress): Warn about OpenVPN shared key deprecation: Jim Pingle
10:19 AM pfSense Packages Regression #13002 (Resolved): BIND 9.16_13 could not find existing DNSSEC keys at /cf/named/etc/namedb/keys due to directory change: https://forum.netgate.com/topic/170558/bind-package-9-16_12-reads-from-cf-named-but-changes-in-the-gui-are-written-to... Viktor Gurov
09:33 AM Regression #13001 (Not a Bug): HA sync using shared CARP WAN IP results in Interface not found: '_vip577745067c45c' on backup: If you have XMLRPC sync the VIPs that would work as the IDs would match on both. VIPs have to be tracked by ID, not I... Jim Pingle
09:30 AM Regression #13001 (Not a Bug): HA sync using shared CARP WAN IP results in Interface not found: '_vip577745067c45c' on backup: I set up IPSec on an HA setup recently. Per the docs (https://docs.netgate.com/pfsense/en/latest/highavailability/ip... Steve Y
07:40 AM Bug #13000: IPsec AES-GCM encryption algorithm "Key Length" field should be labeled "ICV Length": Yes, adding ICV Lenght into the drop-down will be helpful. Additionally, a note can be added to the existing help tex... Danilo Zrenjanin
07:31 AM Bug #13000: IPsec AES-GCM encryption algorithm "Key Length" field should be labeled "ICV Length": Also note that the field options *are not* 128/256, they are 128/96/64 (plus Auto on P2).
An alternate solution co... Jim Pingle
07:27 AM Bug #13000: IPsec AES-GCM encryption algorithm "Key Length" field should be labeled "ICV Length": It can't be removed, it's a necessary part of the algorithm selection. For AES-GCM it's the ICV (Integrity Check Valu... Jim Pingle
06:40 AM Bug #13000 (New): IPsec AES-GCM encryption algorithm "Key Length" field should be labeled "ICV Length": When choosing AES256/128-GCM, the key length is 256/128 bits long. The second field in the row labeled *Key length* n... Danilo Zrenjanin

03/29/2022

08:25 PM Revision 725763b0: Bring in Zabbix 6.x: Partial cherry-pick
(cherry picked from commit 0590dfaac0ec302b10931d6a239208908053160e) Brad Davis
07:43 PM Regression #12999 (Resolved): Duplicate wireless interfaces are created at boot: When a wifi interface is configured the wlan interface is created at boot and then renamed appropriately.
However in... Steve Wheeler
05:13 PM Bug #12998 (Resolved): Wireless interface WPA configuration fields are always visible: There are some logic errors when configuring a WIFI interface that hides/exposes the fields incorrectly.
When usin... Steve Wheeler
02:39 PM Revision 544be7a5: Don't force a network type on page load for VTI mode P2. Fixes #11226: Also affects mode changes from/to VTI Marcos M
02:31 PM pfSense Packages Feature #12963 (Pull Request Review): Run nmap scans in the background: Jim Pingle
02:28 PM Revision 030fab3e: Check Traffic Shaper Wizard Upstream SIP address family. Fixes #12937: Viktor Gurov
02:25 PM Revision 1ff9c7c3: Restart unbound to update ACL on OpenVPN change. Issue #12991: Viktor Gurov
01:12 PM pfSense Packages Bug #12992 (Pull Request Review): error: nbproc is not supported any more since HAProxy 2.5: Jim Pingle
12:11 PM Bug #12985 (New): DNS Resolver updates trust anchor at boot even with DNSSEC disabled which can lead to a startup delay of ~2 minutes if the firewall does not have Internet access: Jim Pingle
10:56 AM Bug #12985: DNS Resolver updates trust anchor at boot even with DNSSEC disabled which can lead to a startup delay of ~2 minutes if the firewall does not have Internet access: This commit seems to break enabling of DNSSEC on 2.7.0.a.20220328.0600. I previously had it enabled, disabled it, the... Glenn Hall
10:46 AM Bug #12991 (Feedback): DNS Resolver ACLs are not updated when OpenVPN networks change: Merged:
https://github.com/pfsense/pfsense/commit/1ff9c7c3ee0f060c4fd80a9db04c164cd1e92ec7 Viktor Gurov
07:31 AM Bug #12991 (Pull Request Review): DNS Resolver ACLs are not updated when OpenVPN networks change: Jim Pingle
10:46 AM Regression #12937 (Feedback): Traffic Shaper wizard can produce an invalid ruleset when configured with an IPv4 upstream SIP server: Merged:
https://github.com/pfsense/pfsense/commit/030fab3edaee1c2f10ea8695a041864810d94390 Viktor Gurov
07:47 AM Regression #12937 (Pull Request Review): Traffic Shaper wizard can produce an invalid ruleset when configured with an IPv4 upstream SIP server: Jim Pingle
05:25 AM Regression #12937: Traffic Shaper wizard can produce an invalid ruleset when configured with an IPv4 upstream SIP server: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/692 Viktor Gurov
10:45 AM Bug #11226 (Feedback): IPsec VTI phase 2 traffic selectors default to address when defined as a network: Merged:
https://github.com/pfsense/pfsense/commit/544be7a5360324249e8e389ad5a6de60288cf57f Viktor Gurov
10:29 AM Bug #12997 (Not a Bug): Port forward rules only function through the default gateway interface: We specifically test this frequently. I can't reproduce any problems here. It works fine on release and snapshots. Yo... Jim Pingle
10:28 AM Bug #12997 (Not a Bug): Port forward rules only function through the default gateway interface: the nat port forward work only on default gateway.
In another gateway, return closed port.
Multi-Wan
Same ca... Luiz Garcia
10:13 AM pfSense Packages Bug #12995 (Feedback): Installing stunnel only on the primary HA node leads to php crashes and sync issues: Merged:
https://github.com/pfsense/FreeBSD-ports/commit/c1a98faf91dee2303b83b9e1f29500241b2700c5 Viktor Gurov
07:40 AM pfSense Packages Bug #12995 (Pull Request Review): Installing stunnel only on the primary HA node leads to php crashes and sync issues: Jim Pingle
04:57 AM pfSense Packages Bug #12995: Installing stunnel only on the primary HA node leads to php crashes and sync issues: fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/203 Viktor Gurov
09:42 AM pfSense Packages Bug #12996 (Duplicate): DNS Resolver needs to run manually after pfBlockerNG-devel package upgrade: Duplicate of #11398 Viktor Gurov
08:19 AM pfSense Packages Bug #12996 (Duplicate): DNS Resolver needs to run manually after pfBlockerNG-devel package upgrade: Running system - PfSense Plus 22.01 x64
After upgrading pfBlockerNG-devel from 3.1.0.1 to 3.1.0.2 and from 3.1.0.... Alex BJ
08:07 AM Bug #9024: Ping packet loss under load when using limiters: I believe I'm hitting this bug now on 22.05 snaps. Is there any workaround or status update on this one? Tried follow... → luckman212
07:50 AM Revision 02004e7a: Convert IPv6 with IPv4 mapping to hex on prefix merge. Fixes #12440: Viktor Gurov
07:49 AM Revision 2b0f4ab1: Add t4_tom module. Feature #9091: Viktor Gurov
07:36 AM pfSense Docs Correction #12994 (Feedback): Note in 4100 platform page refers to the 7100: Fixed and deployed: https://gitlab.netgate.com/docs/pfsense-platforms/-/commit/68ea1b8647735677b2546e37524f20eb9056bb... Jim Pingle
07:34 AM Regression #12873: Hyper-V RSC support in ``hn(4)`` driver is enabled by default and results in very low throughput: This looks to have been addressed by this: https://reviews.freebsd.org/D34507
Only in FreeBSD/main currently. Steve Wheeler
07:30 AM pfSense Plus Bug #12993 (Not a Bug): DHCP Leases page: 504 timeout: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
07:29 AM Feature #12809: Recover existing SSH keys during installation: Viktor Gurov wrote in #note-6:
> > Additionally, even when fixing that, the @etc@ dir is not present. When importing... Jim Pingle
07:19 AM pfSense Plus Feature #12989 (Rejected): Improve Load Balancing Gateway Groups to Include Bandwith Usage: This is not possible. pf has no way to know how much of a circuit is utilized to make any kind of decision of that na... Jim Pingle
03:30 AM Bug #12440 (Feedback): Zero-value prefix IPv6 addresses are mishandled: Merged:
https://github.com/pfsense/pfsense/commit/02004e7ad1ef9ed56b035b4a821b5951e6a05125 Viktor Gurov
03:29 AM Feature #9091 (Feedback): Chelsio TOE support using the ``t4_tom`` module: Merged:
https://github.com/pfsense/pfsense/commit/2b0f4ab1ff2f66bbf8d8a9ef328aa1a755f9480c Viktor Gurov
03:29 AM Bug #12986 (Feedback): DHCP network boot filename can be incorrectly placed in DHCP Pool Options: Merged:
https://github.com/pfsense/pfsense/commit/568fdc9f7f4d9d6952f6ef51c922dd3603c5aa30 Viktor Gurov

03/28/2022

11:17 PM pfSense Packages Bug #12808: Wireguard Gateways disabled when Wireguard Service is Manually Restarted: I found this bug after having WireGuard stop passing traffic after a WAN GW went down and came back up. Upon restorat... Scott Lykens
09:34 PM pfSense Packages Bug #12995: Installing stunnel only on the primary HA node leads to php crashes and sync issues: After the nodes are in sync, xmlrpc syn completes successfully. Marcos M
08:52 PM pfSense Packages Bug #12995 (Resolved): Installing stunnel only on the primary HA node leads to php crashes and sync issues: Tested on @22.05.a.20220328.0600@.
# Install stunnel on primary node
# Force xmlrpc sync
sync fails and the se... Marcos M
08:39 PM Bug #12940 (Resolved): Deleting a user on the primary node does not delete its home directory on secondary node during XMLRPC sync: Tested on @22.05.a.20220328.0600@. Works as expected. Marcos M
07:34 PM Regression #11805: Port forward rules only function through the default gateway interface, ``reply-to`` does not work for Multi-WAN (CE Only): Kristof Provost wrote in #note-4:
> Patrick Clara: I cannot tell from that post if this is the same problem or not. ... Luiz Garcia
02:06 PM Revision 568fdc9f: Unset $filename variable. Fixes #12986: Viktor Gurov
01:29 PM pfSense Docs Correction #12994 (Closed): Note in 4100 platform page refers to the 7100: https://docs.netgate.com/pfsense/en/latest/solutions/netgate-4100/reinstall-pfsense.html
Note
Choosing the ... Chris Linstruth
11:03 AM Feature #12968 (Resolved): Button to clear previous packet capture data: It functions as expected on... Christopher Cope
10:43 AM Bug #12991: DNS Resolver ACLs are not updated when OpenVPN networks change: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/691 Viktor Gurov
01:56 AM Bug #12991 (Resolved): DNS Resolver ACLs are not updated when OpenVPN networks change: The access_lists.conf file doesn't get updated automatically after creating a CSO entry. After the manual unbound res... Viktor Gurov
10:26 AM Bug #12959: dhcplease process wrongly update host file if client-hostname is empty: lease 172.16.8.16 {
starts 1 2022/03/28 15:23:31;
ends 1 2022/03/28 15:25:01;
cltt 1 2022/03/28 15:23:31;
... Max Bal
09:55 AM Bug #12959 (Feedback): dhcplease process wrongly update host file if client-hostname is empty: Unable to reproduce on 2.7.0.a.20220327.0600
Could you show an example of /var/dhcpd/var/db/dhcpd.leases entries? (y... Viktor Gurov
10:13 AM Bug #12947: Old IPv6 addresses may continue to be used after DHCP or RA changes: I neglected to mention that I was using "Disable Gateway Monitoring Action" on my gateways when the above issues occu... David Myers
10:08 AM Bug #12922: Classless static routes received on DHCP WAN can override chosen default gateway: I've discontinued my Starlink service so I may not be able to help the with debugging of a fix for this issue in the ... David Myers
09:49 AM pfSense Plus Bug #12993 (Not a Bug): DHCP Leases page: 504 timeout: I have used pfsense CE for about 5 years. Finally on December 2021, I acquired a pfsense plus machine: Netgate 1541. ... Antonio Charnichart
09:29 AM Regression #12827: High latency and packet loss during a filter reload: Mateusz Guzik wrote in #note-18:
> Hi Kevin,
>
> can tell me what are the hardware spec if the problematic machines?... Kevin Bentlage
07:05 AM Regression #12827: High latency and packet loss during a filter reload: Kevin Bentlage wrote in #note-15:
> Have the same issues on our PFSense 2.6.0 cluster (2 members) after upgrading fr... Mateusz Guzik
07:04 AM Regression #12827: High latency and packet loss during a filter reload: Apologies for late reply, other things got in the way.
Flole Systems wrote in #note-13:
> Why is there any need f... Mateusz Guzik
09:25 AM Regression #12971 (Resolved): Firewall rule usage counters showing 0/0 after latest pf merge: Confirmed - 22.05.a.20220327.0600 and 2.7.0.a.20220327.0600 are Ok Viktor Gurov
09:22 AM Bug #11830: Certificate validation with OCSP always fails in ``openvpn.tls-verify.php``: Konstantin Panchenko wrote in #note-12:
> Konstantin Panchenko wrote in #note-11:
> > This is still an issue in 2.5... Viktor Gurov
09:08 AM Bug #12986: DHCP network boot filename can be incorrectly placed in DHCP Pool Options: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/690 Viktor Gurov
08:16 AM pfSense Packages Bug #12992 (Resolved): error: nbproc is not supported any more since HAProxy 2.5: On latest 22.05 snaps, HAProxy-devel 0.62_8 pkg will not start, gives the following error "config : parsing [/var/etc... → luckman212
05:13 AM pfSense Packages Feature #12963: Run nmap scans in the background: To disable any code injection risks:
- input is matched against a white list allowing only alphanumeric, spaces (excl... Phil Wardt
05:09 AM pfSense Packages Feature #12963: Run nmap scans in the background: After the last nmap changes, I wanted to harmonize the package with "Packet Capture"
https://github.com/pfsense/Free... Phil Wardt
03:23 AM Feature #12809: Recover existing SSH keys during installation: Jim Pingle wrote in #note-5:
> This is giving an error when it tries to process the keys. When run with @sh -x@, it s... Viktor Gurov
01:57 AM Feature #12636 (Resolved): Automatically create DNS Resolver ACLs for OpenVPN CSO entries: Danilo Zrenjanin wrote in #note-5:
> Tested on the:
>
> [...]
>
> The access_lists.conf file doesn't get upda... Viktor Gurov
12:01 AM Feature #12724 (Resolved): Notify user if AutoConfigBackup is unable to successfully upload a backup: Viktor Gurov

03/27/2022

08:12 PM pfSense Docs Todo #12990 (Closed): Feedback on pfSense® software Configuration Recipes — Configuring CoDel Limiters for Bufferbloat: *Page:* https://docs.netgate.com/pfsense/en/latest/recipes/codel-limiters.html
*Feedback:*
Implementing this as-i... Marcos M
07:48 PM Feature #12973 (Resolved): Playback script to perform a configuration upgrade on an arbitrary ``config.xml`` file: Tested on @22.05.a.20220327.0600@ with a config from pfSense 2.2 (config version 11.6). The file was upgraded correctly. Marcos M
05:49 PM Feature #12982: Add support for RFC7499 in RADIUS library.: There's an MR that changes the way AVPair rules are handled with OpenVPN users (for a different feature request). Wou... Marcos M
12:48 PM Regression #12971: Firewall rule usage counters showing 0/0 after latest pf merge: This seems to be fixed in 22.05.a.20220327.0600 Kristof Provost
11:15 AM pfSense Packages Bug #12956 (Closed): suricata fails to use pcre in SID management (e.g. dropsid.conf): The commit says it resolves issue #10244. The reasoning given there is:
> The chosen solution was to mimic the curre... Marcos M

03/26/2022

09:54 PM Regression #11545: Primary interface address is not always used when VIPs are present: Jeff Quasarano wrote in #note-27:
> I have this exact issue on 22.01. It manifests on reboot with OpenVPN server st... Kris Phillips
09:51 PM pfSense Plus Feature #12989 (Rejected): Improve Load Balancing Gateway Groups to Include Bandwith Usage: Load balancing in pfSense is rather rudimentary and is completely random based on the weighting, with a default weigh... Kris Phillips
09:42 PM Regression #12827: High latency and packet loss during a filter reload: Wanted to add additional observations from situations I've seen this issue crop up:
1. pfBlockerNG causes this wit... Kris Phillips
09:38 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``: Tested the igb driver. Issue is no longer present in 22.01 or 2.6 with the custom driver compiled from kernel source... Kris Phillips
03:09 PM Feature #12879 (Resolved): Toggle button to disable/enable multiple entries on NAT pages: working successfully.
22.05.a.20220326.0600
Alhusein Zawi
02:26 PM Feature #12724: Notify user if AutoConfigBackup is unable to successfully upload a backup: received notification of failed backup attempt after initiating manual save and intentionally inhibiting upstream con... Jordan G
12:33 PM Feature #12636: Automatically create DNS Resolver ACLs for OpenVPN CSO entries: Tested on the: ... Danilo Zrenjanin
11:23 AM Bug #12988 (Not a Bug): packages.netgate.com does not resolve...: https://docs.netgate.com/pfsense/en/latest/troubleshooting/upgrades.html#packages-netgate-com-has-no-a-aaaa-record Jim Pingle
09:39 AM Bug #12988 (Not a Bug): packages.netgate.com does not resolve...: See https://forum.netgate.com/topic/171035/since-about-1400-hours-i-have-been-unable-to-get-updates-in-dashboard
H... Beat Siegenthaler
10:03 AM Feature #12685 (Resolved): Support encrypted ``config.xml`` files when restoring via ECL: Tested against:... Danilo Zrenjanin

03/25/2022

11:45 PM Bug #12747: Restarting the logging daemon during rotation also restarts ``sshguard``, leading to frequent log messages: Having the same issue since 2.6.0. Car F
07:07 PM Revision 37f3e8f0: Do not sync root.key file if DNSSEC is not enabled. Issue #12985: Viktor Gurov
04:25 PM Feature #1826: PPPoE server IPv6 support: DS-Lite is coming more and more to the market and therefore working IPv6 is required.
Do you see any chance to imple... Thomas Levi
03:05 PM Bug #12987 (Not a Bug): Traffic going through wrong interface: There is not enough information here to rule out a configuration or local network environment problem and this site i... Jim Pingle
03:00 PM Bug #12987 (Not a Bug): Traffic going through wrong interface: Hi, I noticed that since 2.6, some traffic that should be managed by interface A, is actually going through B. If I d... Carlos Paixão
02:14 PM Bug #12985 (Pull Request Review): DNS Resolver updates trust anchor at boot even with DNSSEC disabled which can lead to a startup delay of ~2 minutes if the firewall does not have Internet access: Jim Pingle
02:08 PM Bug #12985: DNS Resolver updates trust anchor at boot even with DNSSEC disabled which can lead to a startup delay of ~2 minutes if the firewall does not have Internet access: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/688 Viktor Gurov
10:09 AM Bug #12985: DNS Resolver updates trust anchor at boot even with DNSSEC disabled which can lead to a startup delay of ~2 minutes if the firewall does not have Internet access: forum topic & solution:
https://forum.netgate.com/topic/162435/unbound-service-very-slow-to-start-in-offline-setup Viktor Gurov
09:07 AM Bug #12985 (Resolved): DNS Resolver updates trust anchor at boot even with DNSSEC disabled which can lead to a startup delay of ~2 minutes if the firewall does not have Internet access: The unbound-anchor starts after every unbound service (re)start, which causes delays if there is no active Internet c... Danilo Zrenjanin
01:29 PM Bug #12986 (Resolved): DHCP network boot filename can be incorrectly placed in DHCP Pool Options: After an upgrade from 2.5.2 to 2.6.0 we have been encountering an issue with network booting. Under inside the DHCP n... John Ward
01:01 PM Revision e1e388e4: Disable buttons on NAT pages if no rules selected. Fixes #12957: Viktor Gurov
11:53 AM Feature #7783: Support for hosting VMs on pfSense using bhyve: Corey Boyle wrote:
> Seems like pfSense would make a great host platform for VMs using bhyve.
I agree. pfsense c... Wayne Sherman
09:00 AM pfSense Docs Todo #12983 (Closed): Fix instances of double words: Fixed numerous double/repeated words and deployed the result.
> 33 files changed, 63 insertions(+), 64 deletions(-... Jim Pingle
07:37 AM pfSense Docs Todo #12983 (In Progress): Fix instances of double words: That one bit is an easy typo fix but I'll use this as an excuse to check for and fix double words like this ("it it")... Jim Pingle
08:49 AM pfSense Packages Bug #12818 (Feedback): IP block logging not working: Should be fixed in pfBlockerNG-devel_3.1.0_3 Viktor Gurov
08:45 AM Bug #12957 (Feedback): Delete button is always active for NAT rules, even if no rules are selected: Merged:
https://github.com/pfsense/pfsense/commit/e1e388e41849d14e514ba428e95a59e33111ff10 Viktor Gurov
07:20 AM Bug #12957 (Pull Request Review): Delete button is always active for NAT rules, even if no rules are selected: Jim Pingle
02:31 AM Bug #12957: Delete button is always active for NAT rules, even if no rules are selected: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/686 Viktor Gurov
08:45 AM Regression #12984 (Feedback): OpenVPN causes Crash Reports in the GUI: Merged:
https://github.com/pfsense/pfsense/commit/4533e50b84a6cfbeaa31d0a5529ab377029659b0 Viktor Gurov
07:22 AM Regression #12984 (Pull Request Review): OpenVPN causes Crash Reports in the GUI: Jim Pingle
03:40 AM Regression #12984: OpenVPN causes Crash Reports in the GUI: fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/687 Viktor Gurov
03:08 AM Regression #12984 (Resolved): OpenVPN causes Crash Reports in the GUI: After defining an Alias Network(s) Type with FQDN/32 in the IPv4 Local network(s) under OpenVPN IPv4 Local network(s)... Danilo Zrenjanin
08:38 AM Revision 4533e50b: Skip unresolved OpenVPN alias DNS entries. Fixes #12984: Viktor Gurov
08:22 AM Feature #12809 (New): Recover existing SSH keys during installation: This is giving an error when it tries to process the keys. When run with @sh -x@, it shows:... Jim Pingle
02:43 AM Bug #12925 (Resolved): FQDN in network alias is omitted from OpenVPN networks list: Tested against:... Danilo Zrenjanin

03/24/2022

10:46 PM pfSense Docs Todo #12983 (Closed): Fix instances of double words: I found some unimportant typos in https://docs.netgate.com/pfsense/en/latest/services/dns/resolution-process.html#d... Tony Chi
10:34 PM Feature #12982 (Rejected): Add support for RFC7499 in RADIUS library.: It seems when there are too many entries (per user) in the Radreply table (using MySQL) of FreeRadius package, pfsens... Frank Lee
07:20 PM Revision 65adb193: Packet Capture: edit delete capure icon: Phil Wardt
02:51 PM Todo #12981 (Resolved): Warn about OpenVPN shared key deprecation: See #12980 for more info. OpenVPN shared key is being deprecated. It isn't being removed yet, but will be in the near... Jim Pingle
02:34 PM Feature #12968: Button to clear previous packet capture data: PR merged
Jim Pingle
01:58 PM Feature #12968: Button to clear previous packet capture data: I just noticed you have a delete icon
I pushed another enhancement with a proper delete icon:
https://github.com/pf... Phil Wardt
02:21 PM pfSense Packages Feature #12963: Run nmap scans in the background: Again, noticed the delete icon resource
https://github.com/pfsense/FreeBSD-ports/pull/1152
Phil Wardt
10:20 AM pfSense Packages Feature #12963: Run nmap scans in the background: The Makefile needed an additional fix or it wouldn't compile: https://github.com/pfsense/FreeBSD-ports/commit/d34af18... Jim Pingle
10:05 AM pfSense Packages Feature #12963 (Feedback): Run nmap scans in the background: PR merged, thanks! Jim Pingle
02:11 PM pfSense Docs Todo #12980 (Feedback): Add warnings against OpenVPN Shared Key mode: Warning added and some related refs cleaned up. All committed and deployed:
https://gitlab.netgate.com/docs/pfSens... Jim Pingle
12:47 PM pfSense Docs Todo #12980 (Resolved): Add warnings against OpenVPN Shared Key mode: OpenVPN is deprecating Shared Key mode in OpenVPN 2.6.0 and removing it in a future version (presumably 3.0 or 2.7, w... Jim Pingle
02:05 PM Regression #12977: Rule descriptions in firewall logs show wrong rule label: The rule description for the logs (and perhaps states if that pans out) should always be the last label on the rule. ... Jim Pingle
02:02 PM Regression #12977: Rule descriptions in firewall logs show wrong rule label: I did run into this, and I'm spending some time plumbing things through libpfctl to the pfSense php module. This will... Reid Linnemann
11:16 AM pfSense Packages Feature #12882: Add the option to specify CURLOPT_INTERFACE in pfBlockerNG IPv4/IPv6 lists: Sure thing, happy to contribute! Charles Hamilton
10:53 AM pfSense Packages Feature #12882 (Feedback): Add the option to specify CURLOPT_INTERFACE in pfBlockerNG IPv4/IPv6 lists: PR merged, thanks!
https://github.com/pfsense/commit/9e7c6e33857e42fa97ae04e57285ee180643440d
https://github.com... Viktor Gurov
10:48 AM pfSense Packages Feature #12795 (Feedback): Add *.pfsense.org and *.netgate.com to the default DNSBL whitelist: Merged:
https://github.com/pfsense/FreeBSD-ports/commit/b7a4f7d12cc68460d75ae7204d0e4f8381d6d162
Viktor Gurov
10:47 AM pfSense Packages Bug #12706 (Feedback): pfBlockerNG and unbound does not work after switching /var to RAM disk: Merged:
https://github.com/pfsense/commit/dc4f288b66af9b0ffc6dded8fe128aaeca0a9ac6 Viktor Gurov
10:16 AM pfSense Packages Bug #12772 (Resolved): Syslog-ng writes config.xml on each start: Tested against:... Danilo Zrenjanin
10:09 AM Todo #12934 (Feedback): Update strongSwan: The update is done in the ports tree. It's in CE snapshots now, will be in the next Plus snapshots shortly.... Jim Pingle
09:49 AM Feature #12702 (Resolved): Use consistent pf host ID and add GUI option to set a custom host ID in state synchronization settings: Christopher Cope
09:49 AM Feature #12702: Use consistent pf host ID and add GUI option to set a custom host ID in state synchronization settings: Marking resolved. As noted above, everything was good from version... Christopher Cope
09:02 AM pfSense Packages Bug #12979: Snort Rules Update Process Using Deprecated FreeBSD Subdirectory Name: *Updated Info:* a decision was made to simply cherry-pick the DEVEL change into the RELENG_2_6_0 branch because the S... Bill Meeks
07:22 AM pfSense Packages Bug #12979 (Pull Request Review): Snort Rules Update Process Using Deprecated FreeBSD Subdirectory Name: devel PR merged, left a note on the RELENG_2_6_0 PR as there is an issue there that needs resolved first. Jim Pingle
06:46 AM Bug #12925: FQDN in network alias is omitted from OpenVPN networks list: Thank you, I've just applied both and have confirmed that it is working as expected now. Adrien Carlyle

03/23/2022

10:10 PM Regression #12827: High latency and packet loss during a filter reload: Have the same issues on our PFSense 2.6.0 cluster (2 members) after upgrading from 2.5.2.
Firewalls have 75 interfac... Kevin Bentlage
07:59 PM Revision b77f85b0: Add upgradeconfig script. Implements #12973: Jim Pingle
07:58 PM Revision f4b777f0: Fix syntax errors. Issue #12940: Jim Pingle
06:26 PM Bug #12976: Captive Portal not working with CARP-VIP configured on Captive-Portal-Interface: Yeah this doesn't appear to be CP related. The generated ipfw rules allow access to the CARP VIP on the interface:
<... Steve Wheeler
03:05 PM Bug #12976 (Not a Bug): Captive Portal not working with CARP-VIP configured on Captive-Portal-Interface: Usually if you select any specific interface it doesn't necessarily include the VIPs, so it's somewhat surprising tha... Jim Pingle
02:49 PM Bug #12976: Captive Portal not working with CARP-VIP configured on Captive-Portal-Interface: It looks like I found the issue. I had to explicitly check the CARP-address on the guest-portal interface for unbound... Alex Boettrich
11:21 AM Bug #12976: Captive Portal not working with CARP-VIP configured on Captive-Portal-Interface: Thanks for pointing out #12834 - I missed that.
#12834 is installed now and I rebooted the box - same problem - capt... Alex Boettrich
07:58 AM Bug #12976: Captive Portal not working with CARP-VIP configured on Captive-Portal-Interface: Have you applied the workaround from #12834? It's possible this is the same root cause. Jim Pingle
03:53 PM pfSense Packages Bug #12979: Snort Rules Update Process Using Deprecated FreeBSD Subdirectory Name: A fix for this issue has been posted in Pull Requests https://github.com/pfsense/FreeBSD-ports/pull/1149 for RELEASE ... Bill Meeks
02:23 PM pfSense Packages Bug #12979 (Pull Request Review): Snort Rules Update Process Using Deprecated FreeBSD Subdirectory Name: Beginning around the first of March 2022, the Snort rules update package from the Snort VRT changed the subdirectory ... Bill Meeks
03:02 PM Bug #12940 (Feedback): Deleting a user on the primary node does not delete its home directory on secondary node during XMLRPC sync: Fix was merged + needed a syntax fix. Jim Pingle
08:01 AM Bug #12940 (Pull Request Review): Deleting a user on the primary node does not delete its home directory on secondary node during XMLRPC sync: Jim Pingle
07:03 AM Bug #12940 (New): Deleting a user on the primary node does not delete its home directory on secondary node during XMLRPC sync: Viktor Gurov wrote in #note-6:
> Marcos Mendoza wrote in #note-5:
> > This works if the bug was never hit before. If ... Viktor Gurov
06:20 AM Bug #12940 (Feedback): Deleting a user on the primary node does not delete its home directory on secondary node during XMLRPC sync: Viktor Gurov wrote in #note-2:
> fix:
> https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/680
Merged:
... Viktor Gurov
04:36 AM Bug #12940: Deleting a user on the primary node does not delete its home directory on secondary node during XMLRPC sync: Marcos Mendoza wrote in #note-5:
> This works if the bug was never hit before. If the orphaned directory still exist... Viktor Gurov
03:01 PM Feature #12973 (Feedback): Playback script to perform a configuration upgrade on an arbitrary ``config.xml`` file: Added script: https://gitlab.netgate.com/pfSense/pfSense/-/commit/b77f85b09f21c84eac8355ca805643eae8547221
Jim Pingle
02:35 PM Revision 97b49080: Always change .ssh directory permission. Issue #12940: Viktor Gurov
12:44 PM Revision 4d99cf21: Merge pull request #4562 from NobleKangaroo/increase-max-firewall-log-entries: Jim Pingle
12:34 PM Revision 5042d9e0: Merge pull request #4564 from PhilZ-cwm6/PhilZ-cwm6-patch-pckcapture: Jim Pingle
11:18 AM pfSense Docs Correction #12978: Correction to iftop section of Monitoring Bandwidth Usage: That whole section needs to be rewritten, iftop is a part of base now, and there is a way to use it in the GUI as well. Jim Pingle
11:01 AM pfSense Docs Correction #12978 (Resolved): Correction to iftop section of Monitoring Bandwidth Usage: https://docs.netgate.com/pfsense/en/latest/monitoring/graphs/bandwidth-usage.html#iftop
The instructions on this p... Max Leighton
09:37 AM Regression #12971: Firewall rule usage counters showing 0/0 after latest pf merge: I see the same issue, but believe the root cause is that we've not re-built the php-pfSense-module after the recent m... Kristof Provost
09:29 AM pfSense Packages Feature #12963: Run nmap scans in the background: Standardize nmap text in description: NMap -> Nmap
https://github.com/pfsense/FreeBSD-ports/pull/1148 Phil Wardt
07:28 AM pfSense Packages Feature #12963 (Pull Request Review): Run nmap scans in the background: Jim Pingle
07:41 AM pfSense Packages Bug #12917 (Resolved): LoopiaAPI changed: Loopia is working again, based on a comment left on the Github commit: https://github.com/pfsense/FreeBSD-ports/commi... Jim Pingle
07:39 AM Regression #12977: Rule descriptions in firewall logs show wrong rule label: This is a known issue at the moment. It's a side effect of #12092 and the fact that the methods we use to get the rul... Jim Pingle
07:35 AM Feature #12968 (Feedback): Button to clear previous packet capture data: PR Merged Jim Pingle
06:22 AM Regression #12949 (Feedback): The ruleset is not regenerated after assigning an interface: Merged:
https://github.com/pfsense/pfsense/commit/d1d1084eb4ebedbcc86cfe13c6d25cf9570646b0 Viktor Gurov

03/22/2022

09:32 PM Regression #12977 (Resolved): Rule descriptions in firewall logs show wrong rule label: This was previously working on March 11th snapshot - now broken on 22.05.a.20220322.0600.
Only the default deny ru... Marcos M
09:24 PM pfSense Packages Bug #12951 (Feedback): FRR cannot remove IPv6 routes: There really isn't enough info to determine what may be happening. The error itself can be normal in some cases.
S... Marcos M
07:07 PM Revision a23b8930: Edit Clear Capture button text: Phil Wardt
07:05 PM Revision e01ea791: Unset the other PCRE options: Brad Davis
06:59 PM Revision 39fb897e: Use unlink_if_exists(): Phil Wardt
06:03 PM Revision 7691f0c7: Delete user home directory on user delete XMLRPC sync. Fixes #12940: Viktor Gurov
04:40 PM Revision 0590dfaa: Deprecate Zabbix 3.x and bring in Zabbix 6.x: Brad Davis
04:09 PM Bug #12976 (Not a Bug): Captive Portal not working with CARP-VIP configured on Captive-Portal-Interface: When Captive Portal is configured with a CARP VIP on the interface the captive portal does not work. DNS traffic to C... Alex Boettrich
03:37 PM Revision d1d1084e: Reload filter rules after reassigning an interface. Fixes #12949: Viktor Gurov
03:27 PM pfSense Packages Feature #12963: Run nmap scans in the background: Updated TAB and Button names from ...log to "View Results"
Patch attached above
https://github.com/pfsense/FreeBSD-p... Phil Wardt
01:29 AM pfSense Packages Feature #12963: Run nmap scans in the background: Github link again
https://github.com/pfsense/FreeBSD-ports/pull/1148 Phil Wardt
02:55 PM Bug #12975 (Resolved): IKEv2 Mobile IPsec clients do not receive ``INTERNAL_DNS_DOMAIN`` (value ``25``) attribute: DNS IP addresses must be supplied to the remote client when a mobile tunnel is created in order to resolve remote (pr... Serge Caron
02:13 PM Feature #12968: Button to clear previous packet capture data: With last changes
https://github.com/pfsense/pfsense/pull/4564 Phil Wardt
08:29 AM Feature #12968 (Pull Request Review): Button to clear previous packet capture data: Jim Pingle
01:27 AM Feature #12968: Button to clear previous packet capture data: Viktor Gurov wrote in #note-1:
> Please create a pull request with your changes:
> https://docs.netgate.com/pfsense... Phil Wardt
12:05 AM Feature #12968: Button to clear previous packet capture data: Please create a pull request with your changes:
https://docs.netgate.com/pfsense/en/latest/development/pull-request.... Viktor Gurov
01:47 PM pfSense Plus Bug #12974 (Closed): Typing anything into 1100/2100 recovery installer causes process to stop: During the installation process the user is prompted to select a filesystem or type enter to install with ZFS.
How... Ryan Coleman
01:36 PM Revision abddfcd2: Toggle Button for NAT Pages. Implements #12879: Viktor Gurov
01:34 PM Revision 065e0508: OpenVPN FQDN in alias netmask fix. Issue #12925: Viktor Gurov
01:25 PM Bug #12942 (New): Code to kill states for old gateway when reconnecting an interface is incorrect: Back burner this for now, can revisit soon. The current gateway behavior appears to be sufficient, this might be nice... Jim Pingle
01:10 PM Bug #12940: Deleting a user on the primary node does not delete its home directory on secondary node during XMLRPC sync: This works if the bug was never hit before. If the orphaned directory still exists, creating or deleting a user with ... Marcos M
08:09 AM Bug #12940 (Pull Request Review): Deleting a user on the primary node does not delete its home directory on secondary node during XMLRPC sync: Jim Pingle
01:09 PM pfSense Packages Bug #12917 (Feedback): LoopiaAPI changed: The acme.sh project made a new release with the fix, I've updated the ACME package with the new files, should be buil... Jim Pingle
12:33 PM pfSense Docs Correction #12970 (Closed): SG-2220 incorrectly referred to as SG-2200: There were a few bad refs in that doc, though most were in internal labels and not directly visible. All fixed now, w... Jim Pingle
09:29 AM pfSense Docs Correction #12970 (Closed): SG-2220 incorrectly referred to as SG-2200: On https://docs.netgate.com/pfsense/en/latest/solutions/sg-2220/m-2-sata-installation.html
The first note says
<p... Christopher Cope
12:22 PM Feature #12973 (Resolved): Playback script to perform a configuration upgrade on an arbitrary ``config.xml`` file: In the spirit of this feature:
pfSsh.php playback cryptconfig decrypt /root/enctest/test.xml /root/enctest/out... Chris Linstruth
12:16 PM Revision 3625ad41: Typo in log widget object name.: Jim Pingle
11:04 AM Bug #12972 (Rejected): After firmware update IPSEC connections to a FortiGate firewall fail.: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
11:03 AM Bug #12972 (Rejected): After firmware update IPSEC connections to a FortiGate firewall fail.: Even the FortiClient VPN client software on our PC's will not connect after update to 22.01.
If we connect our PC to... Henrik Villadsen
10:56 AM Regression #12971 (Resolved): Firewall rule usage counters showing 0/0 after latest pf merge: On the latest Plus (22.05) and CE (2.7.0) snapshots the counters on the firewall rule tabs are showing 0/0 even when ... Jim Pingle
10:04 AM Bug #12920: Gateway behavior differs when the gateway does not exist in the configuration: Seeing what looks top be related whilst testing: https://redmine.pfsense.org/issues/12949
After the WAN interface ... Steve Wheeler
09:40 AM Bug #12925: FQDN in network alias is omitted from OpenVPN networks list: Adrien Carlyle wrote in #note-13:
> Does the original patch get updated or would I need to apply a second or differe... Viktor Gurov
09:16 AM Bug #12925 (Feedback): FQDN in network alias is omitted from OpenVPN networks list: Merged:
https://github.com/pfsense/pfsense/commit/065e050890508ff0c97455a6352cdb914d34ddbd Viktor Gurov
09:13 AM Bug #12925: FQDN in network alias is omitted from OpenVPN networks list: Does the original patch get updated or would I need to apply a second or different one to test for you all? Adrien Carlyle
07:46 AM Bug #12925 (Pull Request Review): FQDN in network alias is omitted from OpenVPN networks list: Jim Pingle
09:27 AM Feature #12879 (Feedback): Toggle button to disable/enable multiple entries on NAT pages: Merged:
https://github.com/pfsense/pfsense/commit/abddfcd2d2ff236716002c88c0d045711cb17d7b Viktor Gurov
08:14 AM pfSense Packages Bug #12969 (Duplicate): Status_Traffic_Totals GUI showing graphical data for the wrong month: Duplicate of #9537 -- This is due to Daylight Saving Time and is a known issue in graphs made from vnstat data. Jim Pingle
08:04 AM pfSense Packages Bug #12965 (Pull Request Review): FRR BFD peer configuration is handled incorrectly in some cases: Jim Pingle
08:04 AM Regression #12949 (Pull Request Review): The ruleset is not regenerated after assigning an interface: Jim Pingle
07:45 AM Feature #12964 (Closed): Add toggle for vtnet ALTQ/multiqueue on Advanced - > Networking page below "hn ALTQ Support": This is not possible as the options which allow ALTQ to work on vtnet are compile-time options and not runtime option... Jim Pingle
06:22 AM pfSense Packages Bug #12808: Wireguard Gateways disabled when Wireguard Service is Manually Restarted: Here are some screenshots for reference.
Note: Disabling Gateway Monitoring and Using Non-local Gateway or using a /... Waqas Khan
06:07 AM pfSense Packages Bug #12808: Wireguard Gateways disabled when Wireguard Service is Manually Restarted: I am the original author of this post https://old.reddit.com/r/PFSENSE/comments/tc8zsx/wireguard_service_not_starting... Waqas Khan

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

04/20/2022

04/19/2022

04/18/2022

04/17/2022

04/16/2022

04/15/2022

04/14/2022

04/13/2022

04/12/2022

04/11/2022

04/10/2022

04/09/2022

04/08/2022

04/07/2022

04/06/2022

04/05/2022

04/04/2022

04/03/2022

04/02/2022

04/01/2022

03/31/2022

03/30/2022

03/29/2022

03/28/2022

03/27/2022

03/26/2022

03/25/2022

03/24/2022

03/23/2022

03/22/2022