Activity

30 days up to

User

Subprojects

Activity

From 06/02/2022 to 07/01/2022

07/01/2022

06:12 PM Bug #13327 (Resolved): Valid OpenVPN client connections rejected due to extraneous output to ovpn_auth_verify: OpenVPN was observed rejecting client connections that were previously accepted and had not expired. Research lead to... Brian Martin
02:25 PM Bug #9887 (Pull Request Review): Rule separator positions change when deleting multiple rules: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/830
All tests in the original ticket worked as expecte... Christopher Cope
09:10 AM Bug #12959: dhcplease process wrongly update host file if client-hostname is empty: Also unable to reproduce.
Tested on:
22.05-RELEASE (amd64)
built on Wed Jun 22 18:56:13 UTC 2022
FreeBSD 12.3-STABLE Georgiy Tyutyunnik
04:53 AM Regression #13290: Error ``dummynet: bad switch 21!`` when using Captive Portal with Limiters: I believe the failure to apply policy routing on whitelisted mac addresses is due to rules like `pass in quick all fl... Kristof Provost

06/30/2022

05:04 PM Bug #13282: Alias content is sometimes incomplete if the firewall cannot resolve an FQDN in the alias: There must be something else to this than just the unresolvable host, I've tried several times to replicate this and ... Reid Linnemann
12:52 PM pfSense Packages Bug #13309 (Resolved): Cron validation prevents special strings such as @reboot: Tested against the Cron package version 0.3.8_1
It works as expected.
I am marking this ticket resolved. Danilo Zrenjanin
12:35 PM pfSense Packages Bug #13261 (Resolved): Input validation rejects empty ``sudo`` command list, but GUI text says it can be empty: Tested on 22.05, package version 0.3_7.
It works as expected. I am marking this ticket closed. Danilo Zrenjanin
12:00 PM Bug #13325 (Confirmed): System Information widget breaks with multiple instances: I currently have 2 System Information widget displayed on a 3 Column Dashboard (First and 3rd Column). First System ... Larry Bernardo
11:46 AM Bug #13317: ``array_filter`` PHP Errors in ``interfaces.inc``: I did indeed fix this in CE devel, I need to get the change merged into plus-devel today, if it hasn't already been m... Reid Linnemann
10:21 AM pfSense Docs Todo #13324 (Rejected): Remove Deprecated IPSec Remote Access VPN Guides: L2TP is not insecure (it's protected by IPsec) it's just not well supported by clients.
They are all still valid j... Jim Pingle
10:18 AM pfSense Docs Todo #13324 (Rejected): Remove Deprecated IPSec Remote Access VPN Guides: Several Configuration Recipes are often find by customers that are no longer recommended. While these guides had use... Kris Phillips
09:21 AM Regression #13323 (Resolved): Captive Portal breaks policy based routing for MAC address bypass clients: Relevant information about my network
LAN segment
VLAN for IoT and wifi devices
WAN1 is used as the default gate... Axel Taferner
08:41 AM Todo #10464: Don't change the current update repo when new releases are available: Also worth noting, however this is handled, it should not suppress the list of packages and it *must* still allow the... Jim Pingle
07:42 AM Regression #13290: Error ``dummynet: bad switch 21!`` when using Captive Portal with Limiters: The 'bad switch' message originates in dummynet_send(), and the '21' is decimal, so 0x15. Representing PROTO_IPV6 | P... Kristof Provost
07:06 AM Bug #13321 (Pull Request Review): dhcpleases handles duplicate hostnames incorrectly: Jim Pingle
06:45 AM Feature #13322: Define Packet Capture Protocol: And EtherType Andy Kniveton
06:10 AM Feature #13322 (Closed): Define Packet Capture Protocol: Any chance of adding the ability of allowing a user defined protocol to the Packet Capture.
I was trying to debug ... Andy Kniveton
05:21 AM Bug #12747: Restarting the logging daemon during rotation also restarts ``sshguard``, leading to frequent log messages: same here on 22.05
!clipboard-202206300621-7gjov.png!
Franck Ck
03:18 AM Bug #12811: Services are not restarted when PPP interfaces connect: ec73bb89489d830ec21c4e04ffa3ec401791b55d and c467ca2f35c102aae897424a2fda08e9b2ace673 actually solve the issue that t... Oskar Stroka

06/29/2022

11:57 PM Bug #13321: dhcpleases handles duplicate hostnames incorrectly: Added pull request: https://github.com/pfsense/FreeBSD-ports/pull/1176 Adrian Fonseca
11:10 PM Bug #13321 (Pull Request Review): dhcpleases handles duplicate hostnames incorrectly: --- Problem ---
If the 'dhcpd.leases' file parsed by dhcpleases contains an expired lease and non-expired lease for ... Adrian Fonseca
04:31 PM Bug #13228: Recovering interface gateway may not be added back into gateway groups and rules when expected: I have this issue. Adding the filter_configure(); to the end, (while not removing the else block) does resolve this f... Lee Brown
02:03 PM pfSense Plus Bug #13320: IP aliases with a CARP VIP parent are not available as VIP choices for gateway groups: Looks like it's because the group drop-downs filter based on the VIP interface and it sees the CARP VIP as the interf... Jim Pingle
01:47 PM pfSense Plus Bug #13320 (Resolved): IP aliases with a CARP VIP parent are not available as VIP choices for gateway groups: Configuration is an HA pair of 6100's with a failover gateway group, one ISP per gateway.
The intention is for IPs... Chris W
12:59 PM Revision 8c9ab20e: Don't force DNS to use 4/6 here. Fixes #13318: It's not trying to force communication with a
specific address family DNS server. Jim Pingle
12:16 PM Bug #13318: Neighbor hostnames in the NDP Table on ``diag_ndp.php`` are always empty: Jim - just to let you know, applied this and seems to be working now. Thanks for such a quick response!
JohnPoz _
08:10 AM Bug #13318 (Feedback): Neighbor hostnames in the NDP Table on ``diag_ndp.php`` are always empty: Applied in changeset commit:8c9ab20efe61161e30fe215166d8573c801b947d. Jim Pingle
07:57 AM Bug #13318: Neighbor hostnames in the NDP Table on ``diag_ndp.php`` are always empty: Looking at #11512 and commit:aa1936eefc251b5330e7392f3b1fbc23a006a400 where that was added, it isn't necessary. There... Jim Pingle
07:50 AM Bug #13318: Neighbor hostnames in the NDP Table on ``diag_ndp.php`` are always empty: Looks like for some reason @_getHostName()@ is forcing the DNS lookup to use @-6@ when it shouldn't, as that controls... Jim Pingle
07:32 AM Bug #13318 (Resolved): Neighbor hostnames in the NDP Table on ``diag_ndp.php`` are always empty: The NDP Table in the gui is not listing the hostname, while ndp -a from cmd line does.
See this thread.
https:/... JohnPoz _
10:01 AM Regression #13316 (Feedback): ``vmstat -m`` value for ``temp`` is accounted for incorrectly, resulting in underflows: Looks like this happens as the value for @nvlist@ increases. Apparently already fixed in FreeBSD: https://cgit.freebs... Jim Pingle
08:46 AM Regression #13316: ``vmstat -m`` value for ``temp`` is accounted for incorrectly, resulting in underflows: Looks like the value of that entry is unsigned and trying to go negative, which results in an underflow (hits 0 then ... Jim Pingle
09:20 AM Regression #13319: OpenVPN site2site with SSL/TLS doesn't apply the remote network route: Jim Pingle wrote in #note-1:
> That is most likely a configuration problem. More likely related to how you changed t... Pietro Cesana
09:15 AM Regression #13319 (Not a Bug): OpenVPN site2site with SSL/TLS doesn't apply the remote network route: That is most likely a configuration problem. More likely related to how you changed the settings when moving from sha... Jim Pingle
09:12 AM Regression #13319 (Not a Bug): OpenVPN site2site with SSL/TLS doesn't apply the remote network route: I'm testing 2.7 DEV snapshot and I have two OpenVPN site2site client connections.
One (ovpnc1) uses sharedkey and th... Pietro Cesana
08:06 AM Bug #13317 (Feedback): ``array_filter`` PHP Errors in ``interfaces.inc``: Looks like Reid already fix this one. See commit:c5d786359cc4a15c81e1c4773ab271b3d49ed594
Jim Pingle
06:40 AM Bug #13317: ``array_filter`` PHP Errors in ``interfaces.inc``: Do you have any more information about what was going on when the errors happened? Were you making a change in the GU... Jim Pingle
02:16 AM Bug #13317 (Resolved): ``array_filter`` PHP Errors in ``interfaces.inc``: Crash report begins. Anonymous machine information:
amd64
12.3-STABLE
FreeBSD 12.3-STABLE devel-12-n227385-38ca... Vorname Nachname
07:53 AM Bug #13132 (New): Multiple ``<sshdata>`` or ``<rrddata>`` sections in ``config.xml`` lead to an XML parsing error during restore: There is still some issue here as users are hitting this on 22.05 when restoring backups with two sections. Jim Pingle
07:00 AM pfSense Packages Regression #13156: pfBlockerNG IP block stats do not work: I just tested and your patch also works on the latest 2.7.0-DEVELOPMENT. Glenn Hall

06/28/2022

09:01 PM Regression #13316: ``vmstat -m`` value for ``temp`` is accounted for incorrectly, resulting in underflows: Just after a reboot the value is sane and the script works, so there is something else going on there.
I'd say the... Jim Pingle
08:43 PM Regression #13316: ``vmstat -m`` value for ``temp`` is accounted for incorrectly, resulting in underflows: There is a line in @vmstat -m@ for @temp@ that is throwing off the output, it's gigantic... Jim Pingle
08:29 PM Regression #13316 (Resolved): ``vmstat -m`` value for ``temp`` is accounted for incorrectly, resulting in underflows: It works on 22.01, running it on 22.05 produces the following output:... Marcos M
08:32 PM Revision c5d78635: get_interface_addresses: Silence array_filter warnings: Reid Linnemann
06:09 PM Bug #13093: LDAP authentication fails with extended query and RFC2307 group lookups enabled: @(&(DN_RETURNED_BY_INITIAL_SEARCH)(memberOf=cn=nextcloud,cn=groups,cn=accounts,dc=example,dc=com))@
That doesn't w... Chris Linstruth
05:21 PM Bug #13093: LDAP authentication fails with extended query and RFC2307 group lookups enabled: OK. It looks like it is combining the RFC2307 query and the extended query into something that cannot match when both... Chris Linstruth
02:20 PM Revision d9ff4a76: Clean up old repo files that are not needed any longer since we just template the one: Brad Davis
01:14 PM pfSense Packages Bug #13154: pfBlocker causing excessive CPU load: For reference, the patch to fix it is as follows:... Marcos M
12:44 PM Revision 2a9f6b40: Clarify delegated IPv6 prefix source. Fixes #13310: Indicates the tracked interface and prefix ID, which is more important
now that delegation works from multiple upstre... Jim Pingle
12:04 PM pfSense Plus Todo #13189 (Resolved): Input validation should reject the combination of DCO and P2P mode: Jim Pingle
12:04 PM pfSense Plus Regression #13183 (Resolved): ZFS module is loaded on systems without ZFS: Jim Pingle
10:28 AM pfSense Docs New Content #13311 (Resolved): Add troubleshooting tips for multiple disk boot issues: https://docs.netgate.com/pfsense/en/latest/troubleshooting/boot-issues.html
It's possible that pfSense may mount a... Marcos M
08:22 AM pfSense Packages Bug #13309 (Feedback): Cron validation prevents special strings such as @reboot: Fixed: https://github.com/pfsense/FreeBSD-ports/commit/68b6508b0454c6113e03c1fd84e20279310d0bef Jim Pingle
07:55 AM Bug #13310 (Feedback): Each line in the NPt destination IPv6 prefix list also contains the network of the previous line when multiple choices are present: Applied in changeset commit:2a9f6b409bdde67c065a0fa6b13296bbad6c6794. Jim Pingle
07:16 AM Bug #13310: Each line in the NPt destination IPv6 prefix list also contains the network of the previous line when multiple choices are present: This is also mentioned on #13240 but in the interest of only having one problem per issue we can keep this one and ch... Jim Pingle
07:18 AM Bug #13240: User is forced to pick an NPt destination IPv6 prefix length even when choosing a drop-down entry which contains a defined prefix length: Moving first point to #13310 - keeping this one for point 2.
Jim Pingle

06/27/2022

10:19 PM Regression #13290: Error ``dummynet: bad switch 21!`` when using Captive Portal with Limiters: I've posted some additional info on the forums here: https://forum.netgate.com/topic/173061/captive-portal-broken-aft... Axel Taferner
07:26 PM Regression #13290: Error ``dummynet: bad switch 21!`` when using Captive Portal with Limiters: I've updated to pfSense+ 22.05 today and I'm seeing the same thing on the console when activating a captive portal. Axel Taferner
06:32 PM Revision 60a2fa6b: Remove incorrectly restored code. Fixes #13308: Jim Pingle
06:28 PM Revision 2bf4167c: Set PKG_REPO_BRANCH_DEVEL to match the branch name: Brad Davis
04:08 PM Bug #13310: Each line in the NPt destination IPv6 prefix list also contains the network of the previous line when multiple choices are present: PR here: https://github.com/pfsense/pfsense/pull/4608 Seyfidin Hamraoui
04:07 PM Bug #13310 (Resolved): Each line in the NPt destination IPv6 prefix list also contains the network of the previous line when multiple choices are present: Destination IPv6 prefix list is not built properly due to wrongly placed string operator Seyfidin Hamraoui
03:52 PM pfSense Packages Bug #13309 (Resolved): Cron validation prevents special strings such as @reboot: A recent change to the Cron package introduced field validation. Although the UI specifies time examples, some users ... Grant Henderson
03:09 PM Bug #13308 (Resolved): The ``negate_networks`` table is duplicated in ``rules.debug``: Tested patch on 22.05. The table is no longer duplicated. Marcos M
01:50 PM Bug #13308 (Feedback): The ``negate_networks`` table is duplicated in ``rules.debug``: Applied in changeset commit:60a2fa6b6f1a59f3f86933265fbb48e25f652bfc. Jim Pingle
01:30 PM Bug #13308 (Resolved): The ``negate_networks`` table is duplicated in ``rules.debug``: In #13049 the logic to generate the @negate_networks@ table changed ( commit:415a1b2083228030f200c8ea0eac3a8fc91f7142... Jim Pingle
11:20 AM Bug #13307 (Resolved): PPP interface custom reset date/time Hour and Minute fields do not properly handle ``0`` value: When configuring a custom PPP interface reset time on @/interfaces_ppps_edit.php@ *or* @interfaces.php@ the page mish... Jim Pingle
10:56 AM Regression #13303 (Pull Request Review): DNSExit Dynamic DNS updates no longer work: Jim Pingle
10:45 AM pfSense Packages Todo #13306 (Resolved): Update NUT to version 2.8.0 to match FreeBSD Packages: NUT in the FreeBSD repo has been updated to 2.8.0. Make a corresponding update in the pfSense Packages repo. Denny Page
10:26 AM Feature #13305: Certificate Revocation page should show expiration date: This would only be valid for imported CRLs, as internal CRLs are regenerated every time they are refreshed (e.g. Open... Jim Pingle
10:07 AM Feature #13305 (New): Certificate Revocation page should show expiration date: For external CAs, it would be helpful if the Certificate Revovation page showed the valid dates for the CRLs as is do... Orion Poplawski
09:50 AM Bug #11629: PPPoE WAN IP address different than expected when set static by ISP: Dan Rice wrote in #note-23:
> We've installed 22.05 on our Netgate 2100 appliance and it's still assigning the wrong... Marcos M
07:42 AM pfSense Docs Todo #12770 (Pull Request Review): Feedback on Firewall — Configuring firewall rules: Jim Pingle
07:31 AM Bug #12947 (Pull Request Review): Old IPv6 addresses may continue to be used after DHCP or RA changes: Jim Pingle
07:27 AM pfSense Docs Correction #11223: Azure Marketplace links are invalid: Looks like they were fixed in #13130 (2 months ago) and https://gitlab.netgate.com/docs/pfsense-platforms/-/commit/c3... Jim Pingle
07:23 AM pfSense Plus Bug #11626: Google LDAP connections fail due to lack of SNI for TLS 1.3: Not up to me, it'll need to be handled by Luiz or Brad once things start moving for 22.09 but it's already on the radar. Jim Pingle
07:22 AM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server: Kris Phillips wrote in #note-10:
> The problem is that renegotiating the data channel key, in the default operation ... Jim Pingle
07:20 AM Bug #13301 (Duplicate): Bug #13239 = (?) = #12645 appease not fixed - ipv6 based ipsec vpn tunnel bug found with fqdn remote host: I reopened the previous issue, no need for a new one. Jim Pingle
07:20 AM Bug #12645 (New): ``filterdns`` does not monitor remote IPsec gateways for IPv6 address changes: Jim Pingle
07:19 AM pfSense Packages Bug #13261: Input validation rejects empty ``sudo`` command list, but GUI text says it can be empty: Picked back to release branches. Jim Pingle
12:09 AM Revision 17f81cb6: Fixing broken DNSExit implementation: Koen Zomers

06/26/2022

11:31 PM Feature #13304 (Resolved): ALTQ GUI support for Broadcom Netextreme II (``bxe``) interfaces: Original support commit "freebsd-src: 4e40076":https://github.com/freebsd/freebsd-src/commit/4e4007688cf99b61408f5b60... Robert Contreras
07:44 PM Bug #12947: Old IPv6 addresses may continue to be used after DHCP or RA changes: I posted on the PR that since @rlinnemann has just deprecated pfSense_getall_interface_addresses(), this should proba... → luckman212
07:18 PM Regression #13303 (Resolved): DNSExit Dynamic DNS updates no longer work: The current implementation of DNSExit under DynDNS doesn't work anymore. In the logs it will show:
!clipboard-2022... Koen Zomers
02:47 PM Bug #7996 (Pull Request Review): Unnecessary link tag in login page: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/825 Marcos M
02:35 PM Bug #12544 (Closed): OpenSSH vulnerabilities: Marcos M
02:14 PM Regression #11870 (Not a Bug): Setting MTU on VLAN does not set MTU on parent interface in 2.5.1: VLAN MTU _should_ be allowed to be set at the same or lower MTU as the parent. This issue can be re-opened if a case ... Marcos M
12:54 PM pfSense Docs New Content #13270 (Pull Request Review): OpenVPN client gateway is incorrect when the server does not push routes: https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/41 Marcos M

06/25/2022

07:01 PM pfSense Docs Correction #11223 (Resolved): Azure Marketplace links are invalid: Chris W
07:01 PM pfSense Docs Correction #11223: Azure Marketplace links are invalid: Looks like this was fixed. The corrected links point to https://azuremarketplace.microsoft.com/en-us/marketplace/apps... Chris W
05:47 PM Bug #12544: OpenSSH vulnerabilities: This bug report can be closed. pfSense Plus 22.05 comes with OpenSSH 8.8p1, which is not vulnerable to any of these ... Kris Phillips
05:42 PM Bug #8207: 2.4 cannot boot as a Xen VM with more than 7 NICs: Due to lack of confirmation, this bug report should be rejected unless it can be verified that there is a problem on ... Kris Phillips
05:41 PM Bug #9626: When deny write permission is assigned to a user, there is no error feedback if the user tries to write something: Can confirm this is still an issue in 22.05 of pfSense Plus. There is no visual feedback or an error notification du... Kris Phillips
05:39 PM Bug #7996: Unnecessary link tag in login page: This is still present in pfSense Plus 22.05. Kris Phillips
05:38 PM pfSense Packages Bug #10602 (Resolved): Dashboard->Traffic Graphs bandwidth designations on hover pop-ups: Tested this on pfSense Plus 22.05. Not sure when this was fixed, but this looks to be resolved. Closing out this bu... Kris Phillips
05:34 PM pfSense Plus Bug #11626: Google LDAP connections fail due to lack of SNI for TLS 1.3: Jim Pingle wrote in #note-15:
> Nudge this ahead so we have more time to ensure there aren't any regressions from th... Kris Phillips
05:30 PM pfSense Plus Feature #12546: Add 2FA Support to pfSense Plus Local Database Authentication: Further expounding on this, it appears that Viscosity has native capability to add prompts in the client config.
... Kris Phillips
05:03 PM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server: Jim Pingle wrote in #note-9:
> Marcos Mendoza wrote in #note-7:
> > I created https://redmine.pfsense.org/issues/13... Kris Phillips
05:00 PM Bug #13003: Malicious Driver Detection event on ``ixl(4)`` driver: Christoph Vieten wrote in #note-5:
> Kris Phillips wrote in #note-3:
> > Christoph Vieten wrote in #note-2:
> > > ... Kris Phillips
03:25 PM pfSense Docs Todo #12770: Feedback on Firewall — Configuring firewall rules: Merge request:
https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/42 Chris W
10:59 AM pfSense Packages Bug #11572: Auto created firewall rules have IPv4 as protocol only - even for IPv6 lists.: Still an issue in 2.6.0
Why not remove pfblockerNG from Repo if it's no more fixed and maintained anyway? Saves ti... Beat Siegenthaler
05:41 AM Bug #13301 (Duplicate): Bug #13239 = (?) = #12645 appease not fixed - ipv6 based ipsec vpn tunnel bug found with fqdn remote host: Hi,
I reported the bug earlier : https://redmine.pfsense.org/issues/13239#change-61632
ipv6 based ipsec vpn tun... Alex Zaykov
05:33 AM Bug #12645: ``filterdns`` does not monitor remote IPsec gateways for IPv6 address changes: tested on the latest built 22.05-RC (amd64) built on Fri Jun 17 06:34:36 UTC 2022
the bug is not fixed, Ipsec tunnel... Alex Zaykov

06/24/2022

10:10 PM Feature #13296: Add support for DHCP6 OPTION_PD_EXCLUDE (RFC 6603): It's where the bug entries are for FreeBSD ports are, and where a feature request can be submitted. Marcos M
04:16 PM Bug #9471 (Resolved): GIF tunnel not added to interface group after reboot: added GIF,LAN,PPPoE and GRE to the group of interfaces, GIF is added to the interface group after reboot
ifconfi... Alhusein Zawi
03:09 PM Revision 3222c70a: Omit VIPs from interface address selection. Fixes #11545: Add function get_interface_addresses() which wraps around pfSense_get_ifaddrs() and
filters VIPs before selecting an ... Reid Linnemann
02:50 PM pfSense Packages Bug #13261 (Feedback): Input validation rejects empty ``sudo`` command list, but GUI text says it can be empty: Merged: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/commit/a056c1984a174248da0a0f8c541d9441678a2339 Christopher Cope
01:23 PM pfSense Packages Bug #13261 (Pull Request Review): Input validation rejects empty ``sudo`` command list, but GUI text says it can be empty: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/251 Christopher Cope
11:31 AM pfSense Docs Correction #13300 (Resolved): Corrected Silabs driver URL: Jim Pingle
11:20 AM pfSense Docs Correction #13300 (Resolved): Corrected Silabs driver URL: Current link in the Windows tab of the Connecting to the Console Port pages for Netgate firewalls (excluding 1100 and... Chris W
11:21 AM pfSense Packages Bug #13299 (Resolved): Cron package needs basic input validation and output encoding: Tested and working as expected on... Christopher Cope
10:18 AM pfSense Packages Bug #13299 (Feedback): Cron package needs basic input validation and output encoding: Fixed: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/commit/1a8a2f338592428dd46e543a884b1758b68198c9 Jim Pingle
10:09 AM pfSense Packages Bug #13299 (Resolved): Cron package needs basic input validation and output encoding: The cron package does not validate its inputs nor does it encode its output. This can lead to a potential stored XSS.... Jim Pingle
10:25 AM Regression #11545: Primary interface address is not always used when VIPs are present: I believe I have a fix for this issue. I created a variation on pfSense_get_interface_addresses() named pfSense_get_i... Reid Linnemann
10:15 AM Regression #11545 (Feedback): Primary interface address is not always used when VIPs are present: Applied in changeset commit:3222c70aaf783336901f7b1225727b5973ba865a. Reid Linnemann
07:47 AM Bug #13298: Dynv6 Dynamic DNS client does not check the response code when updating: PR: https://github.com/pfsense/pfsense/pull/4605 Jim Pingle
07:16 AM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server: Marcos Mendoza wrote in #note-7:
> I created https://redmine.pfsense.org/issues/13293 for that. Given that @auth-gen... Jim Pingle

06/23/2022

08:49 PM Revision adfb1d2b: fix: Dynv6 checkIP: Check return of update to release check IP Tiago d'Avila
07:49 PM pfSense Packages Bug #8454: Arpwatch package break email notifications from other sources: Is this still current as of 22.05? I just started playing with Arpwatch. What exactly does the "Disable Cron emails" ... → luckman212
04:01 PM Bug #13298: Dynv6 Dynamic DNS client does not check the response code when updating: *Testing*
Tested with https://dynv6.com Tiago Beling d'Avila
03:58 PM Bug #13298 (Resolved): Dynv6 Dynamic DNS client does not check the response code when updating: Check return of update to release check IP Tiago Beling d'Avila
12:04 PM Feature #13297 (New): Support for Gateway Groups as Static Route destinations: It could be interesting to have the possibility to use a group of gateways with static routes in a failover scenario.... Vincent D.
07:06 AM Regression #11316: Unbound crashes with signal 11 when reloading: Why is this closed ??
All was ok for my pfsense until a power outage.
I have pfsense 2.6 up to date and it has been... mururoa mururoa
01:31 AM Bug #13003: Malicious Driver Detection event on ``ixl(4)`` driver: Kris Phillips wrote in #note-3:
> Christoph Vieten wrote in #note-2:
> > Same happened on 2.6.0 with Intel x710-T4 ... Christoph Vieten

06/22/2022

09:31 PM Feature #13296: Add support for DHCP6 OPTION_PD_EXCLUDE (RFC 6603): @mmendoza was that last link you posted supposed to show something related? for me it just appears to be a list of ev... → luckman212
05:54 PM Feature #13296: Add support for DHCP6 OPTION_PD_EXCLUDE (RFC 6603): It's http://wide-dhcpv6.sourceforge.net/
See:
https://github.com/pfsense/FreeBSD-ports/tree/devel/net/dhcp6
http... Marcos M
04:47 PM Feature #13296: Add support for DHCP6 OPTION_PD_EXCLUDE (RFC 6603): I'm still hazy on exactly which dhcp6c implementation is currently shipping. I _thought_ it was the "hrs-allbsd/wide-... → luckman212
04:01 PM Feature #13296 (New): Add support for DHCP6 OPTION_PD_EXCLUDE (RFC 6603): Some ISPs are rolling out IPv6 and not directly providing a globally routable WAN address via DHCPv6. Instead, they a... Anonymous
09:04 PM Regression #11570: Gateway monitoring services is not always restarted on interface events, which may prevent a WAN from recovering back to an online state: hello guys
Configurator (Scope):
Interfaces: WAN-DHCP4|WAN2-DHCP4
Gateway Group: Failover (WAN_DHCP Gateway: 192... Alefe Ortiz
06:06 PM Feature #13294: Change gateway name: There's no functionality to rename the gateway/group and update all of the places where it could be used. That could ... Marcos M
10:27 AM Feature #13294 (New): Change gateway name: After clicking on a gateway on system_gateways_edit.php, which takes the user to e.g., system_gateways_edit.php?id=0,... Kay Avila
05:19 PM Revision d55e0d4b: fix func params for get_dpinger_status() call in gwlb.inc: → luckman212
04:15 PM Revision 7e9a12e9: Centralize the branches into builder_defaults.sh to simplify and eliminate overwriting the variables: Brad Davis
12:26 PM Bug #13295 (Resolved): Incorrect function parameters for ``get_dpinger_status()`` call in ``gwlb.inc``: There seems to be an error in @gwlb.inc@ around line 479. The call to @get_dpinger_status()@ has the @$action_disable... → luckman212
02:12 AM Revision 5ecee3d7: scrubing -> scrubbing: → luckman212

06/21/2022

03:47 PM Revision 098cdb61: Add version config for use by pfSense-repo: Brad Davis
02:37 PM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server: I created https://redmine.pfsense.org/issues/13293 for that. Given that @auth-gen-token@ handles the issue with frequ... Marcos M
02:35 PM Feature #13293 (New): Option to set auth-gen-token in OpenVPN GUI: This option is useful to avoid having to frequently manually re-authenticate when using MFA.
> --auth-gen-token [lif... Marcos M
12:06 PM pfSense Packages Feature #13292 (New): Separator: It'd be really nice if there was a way to add a separator to the certificates list in the ACME package. Nothing fanc... Marc Mapplebeck
10:22 AM pfSense Docs Todo #13291 (Duplicate): Notification documentation: I know there is documentation here on how to setup notification
https://docs.netgate.com/pfsense/en/latest/config/... Meme meme
01:00 AM Bug #13210: PPPoE server panics with multiple client connections: Sorry, wanted to add it here for documentation purpose but forgot to make it yesterday:... Jens Groh

06/20/2022

06:01 PM Regression #13290 (Feedback): Error ``dummynet: bad switch 21!`` when using Captive Portal with Limiters: There's not enough info here to troubleshoot this. Discussion of the issue may be continued on the forums: https://fo... Marcos M
02:25 PM Regression #13290 (Resolved): Error ``dummynet: bad switch 21!`` when using Captive Portal with Limiters: After upgrading from 2.6.0 to 2.7.0, my Captives Portal users are dropped randomly, having to re-authenticate... Ther... Rafael Ferreira
04:20 PM Bug #13210 (Resolved): PPPoE server panics with multiple client connections: Customer which was previously frequently hitting this issue reports it's been resolved after updating to the RC. Marcos M
04:04 PM Bug #10352: RADIUS authentication fails with MSCHAPv1 or MSCHAPv2 when passwords contain international characters: The issue is still present on 22.01-RELEASE
Any foreseen planning to fix this issue ?
Is someone working on it ? ma... Patrick Vander Linden
01:03 PM Feature #13286: webConfigurator does not redirect to requested page after login: I understand.
To be honest, one of my main reasons for wanting this merged was because my dashboard takes so darn l... → luckman212
12:52 PM Feature #13286: webConfigurator does not redirect to requested page after login: Some pages require parameters to load the right view, so stripping the parameters isn't helpful.
It is not going t... Jim Pingle
10:18 AM Feature #13286: webConfigurator does not redirect to requested page after login: But, again- nothing prevents a logged in user from bookmarking a page or recalling one from history that actions some... → luckman212
10:15 AM Feature #13286: webConfigurator does not redirect to requested page after login: Doesn't have to be an attack, they could also do it unintentionally by bookmarking or hitting a page from their histo... Jim Pingle
10:07 AM Feature #13286: webConfigurator does not redirect to requested page after login: Not sure I follow how this makes it any less secure than it already is. If a user is logged in already, they can stil... → luckman212
08:49 AM Feature #13286 (Rejected): webConfigurator does not redirect to requested page after login: This is done on purpose for security reasons. Until the entire GUI is purged of any page that takes action on GET, th... Jim Pingle
08:34 AM Feature #13286: webConfigurator does not redirect to requested page after login: PR: https://github.com/pfsense/pfsense/pull/4599 → luckman212
08:33 AM Feature #13286 (Rejected): webConfigurator does not redirect to requested page after login: Something that has bugged me for a while now is that if you are logged out of pfSense, and request a "deep" page e.g.... → luckman212
10:46 AM Bug #13289 (Resolved): Attempting to restore a 0 byte ``config.xml`` prints an error that the file cannot be read: When attempting to restore an empty config.xml file (0 bytes) the GUI prints an error saying the file cannot be read ... Jim Pingle
10:36 AM Bug #13288 (New): Encode FreeRADIUS Custom Options: Currently, fields in the FreeRADIUS package such as @varusersreplyitemsadditionaloptions@ are not encoded in config.x... Marcos M
10:33 AM Feature #13287 (New): Encode OpenVPN Custom Options: The @custom_options@ field for OpenVPN configurations is currently not encoded. This should be encoded in base64. Marcos M
07:46 AM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server: Both @auth-gen-token@ and @reneg-sec@ are useful in different ways, we should expose and (optionally) use both. Thoug... Jim Pingle
07:21 AM Bug #13285: Uncaught ArgumentCountError to function openvpn_kill_client(): Okay, thank you Jim for test and quick feedback. DRago_Angel [InV@DER]
07:20 AM Bug #13285 (Duplicate): Uncaught ArgumentCountError to function openvpn_kill_client(): There are no errors when terminating clients on the status page or widget on 22.05/2.7.0 snapshots. Jim Pingle
07:11 AM Bug #13285: Uncaught ArgumentCountError to function openvpn_kill_client(): Sorry, found https://redmine.pfsense.org/issues/12817 but it not mention status page, not sure 12817 also resolve Ope... DRago_Angel [InV@DER]
07:09 AM Bug #13285 (Duplicate): Uncaught ArgumentCountError to function openvpn_kill_client(): Killing session for user using OpenVPN Dashboard Widget or using OpenVPN Status page do not works.
On Widget next er... DRago_Angel [InV@DER]

06/19/2022

11:11 PM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound: Hey Netgate - I get the feeling this affects far more customers than you think.
Can this be assigned to someone to a... O E
09:34 PM Bug #12947: Old IPv6 addresses may continue to be used after DHCP or RA changes: Just updated "PR #4595":https://github.com/pfsense/pfsense/pull/4595 with the new mitigation changes. Testers & feedb... → luckman212
12:20 PM Bug #12947: Old IPv6 addresses may continue to be used after DHCP or RA changes: It appears we are out of luck on having @devd@ fire events for IP address changes. There is a commit: https://reviews... → luckman212
06:42 PM pfSense Plus Bug #13283 (Not a Bug): PBR forcing traffic out one WAN and back into another WAN with NAT Reflection Fails: Tested this.
With that PBR in place, even traffic that is being NAT'ed from the NAT Reflection rule will be caught... Marcos M
05:53 PM Bug #13243 (Pull Request Review): OpenVPN status for multi-user VPN shows info icon to display RADIUS rules when there are none to display: Marcos M
02:18 PM Bug #13243: OpenVPN status for multi-user VPN shows info icon to display RADIUS rules when there are none to display: This fixes the original issue:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/821
Reiner Keller wr... Marcos M
05:52 PM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server: It's better to implement @--auth-gen-token [lifetime]@
> --auth-gen-token [lifetime]
> After successful user/passwo... Marcos M
05:38 PM Feature #12982: Add support for RFC7499 in RADIUS library.: So are you saying that pfsense/freeRadius will not be able to go more then 68 rules? any software you know would be ... Frank Lee
03:58 PM Feature #12982: Add support for RFC7499 in RADIUS library.: I was able to replicate this with a simpler setup by adding a custom option to the @Additional RADIUS Attributes (REP... Marcos M
12:10 PM pfSense Packages Feature #13284 (New): Option to define "Issuer" in OPT configuration.: All QR codes are presently identifying as "FreeRADIUS(username).
Please add an optional variable in user->One-Time... Jakob Nordgarden
11:11 AM Bug #13280: Entries for ``net.link.ifqmaxlen`` duplicated in ``/boot/loader.conf``: I'm seeing this as well on a VM with @22.05.r.20220609.1919@.... Marcos M

06/18/2022

05:48 PM pfSense Plus Bug #13283 (Not a Bug): PBR forcing traffic out one WAN and back into another WAN with NAT Reflection Fails: Assuming the following configuration:
2 WAN interfaces WAN1 and WAN2
One LAN interface with Host A and Host B.
H... Kris Phillips
02:34 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: It seems this issue has gotten worse somewhere along the line similar to how others are describing it. Tables now lo... Kris Phillips
02:25 PM Bug #13282 (Resolved): Alias content is sometimes incomplete if the firewall cannot resolve an FQDN in the alias: If an invalid FQDN is present in an alias before a valid one, the entire table will be empty.
For an example, if... Kris Phillips

06/17/2022

07:24 PM Bug #13281 (Duplicate): Crash Reporter: Duplicate, and already fixed: #12817 Jim Pingle
06:49 PM Bug #13281 (Duplicate): Crash Reporter: Crash report begins. Anonymous machine information:
amd64
12.3-STABLE
FreeBSD 12.3-STABLE plus-RELENG_22_01-n20... Ilan Birman
04:10 PM Revision 3f4ee315: Template the versions as well: Brad Davis
03:31 PM Bug #13280 (Resolved): Entries for ``net.link.ifqmaxlen`` duplicated in ``/boot/loader.conf``: Using 22.05-RC 22.05.r.20220617.0613 Duplicate entries appear in /boot/loader.conf
Here are the contents of my loa... Keith Townsend
08:36 AM Bug #13243: OpenVPN status for multi-user VPN shows info icon to display RADIUS rules when there are none to display: Additional to this "informal" bug the ruleset given by Radius parameter isn't stored and when the renegiotion is done... Reiner Keller
07:34 AM Bug #13278 (Needs Patch): OpenVPN dynamic gateway created incorrectly when not pulling routes or server pushes no routes: We're aware of this, but it's an OpenVPN bug, not a bug in our code. As you see, the variables are unpopulated even w... Jim Pingle
01:10 AM Bug #13278: OpenVPN dynamic gateway created incorrectly when not pulling routes or server pushes no routes: This appears to be happening because OpenVPN doesn't populate these environment variables when either option is selec... Adrien Carlyle
07:09 AM Bug #13279 (New): DHCP config override affects Gateway installation.: If you check Configuration Override on the interface in the DHCP Client Configuration section, then open Status => In... Lev Prokofev
07:02 AM Regression #13274 (Resolved): OpenVPN override IPv4 tunnel network field changing value improperly: Working as expected on the latest build. The exact tunnel network address and mask remain, and the resulting @ifconfi... Jim Pingle

06/16/2022

11:54 PM Bug #12947: Old IPv6 addresses may continue to be used after DHCP or RA changes: @dem I believe I'm facing this exact issue, take a look at https://forum.netgate.com/topic/172849/rtsold-not-running-... → luckman212
10:31 PM Bug #13278 (Needs Patch): OpenVPN dynamic gateway created incorrectly when not pulling routes or server pushes no routes: IF: I configure OpenVPN client and set the "Don't pull routes" check box
OR
IF: I include the advanced option: pull... Adrien Carlyle
09:30 PM Regression #13167: DigitalOcean Dynamic DNS update fails with a "bad request" error: +1 Also having this problem : 2.6.0-RELEASE (amd64) Emmanuel Rosado
07:50 PM Bug #13277 (Duplicate): IGMP Proxy webConfigurator Page Always Produces Error: Whether your IGMP Proxy settings are correct or not, there is always an error stating "There was a problem applying t... Kris Phillips
07:48 PM Bug #13276 (New): IGMP Proxy Error Message for Logging Links to System Log Instead of Routing Log: If you try to apply a setting that won't apply in IGMP Proxy, it will state "There was a problem applying the changes... Kris Phillips

06/15/2022

03:16 PM Revision 230b2303: Fix OpenVPN override TN handling. Fixes #13274: Jim Pingle
10:42 AM pfSense Docs New Content #13211: OpenVPN DCO Documentation: Updates: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/989cfa8946010d913fddeebc8d8fe740ba409390 Jim Pingle
10:25 AM Regression #13274 (Feedback): OpenVPN override IPv4 tunnel network field changing value improperly: Applied in changeset commit:230b23033a898633681ef0dde4df8f63a2b7258c. Jim Pingle
10:13 AM Regression #13274 (Resolved): OpenVPN override IPv4 tunnel network field changing value improperly: For an override on a subnet topology VPN, the mask on the tunnel network in the override has to reflect the subnet ma... Jim Pingle
03:44 AM Bug #11629: PPPoE WAN IP address different than expected when set static by ISP: We've installed 22.05 on our Netgate 2100 appliance and it's still assigning the wrong IP address to the WAN interfac... Dan Rice

06/14/2022

01:14 PM pfSense Packages Bug #13154: pfBlocker causing excessive CPU load: That one change looks to have solved the issue for me.
Testing in:... Steve Wheeler
01:04 PM pfSense Packages Bug #13154: pfBlocker causing excessive CPU load: Well... seeing that would have saved me a bunch of debugging... Denny Page
12:41 PM pfSense Packages Bug #13154: pfBlocker causing excessive CPU load: For reference, the redmine for that issue is here:
https://redmine.pfsense.org/issues/13156 Marcos M
12:19 PM pfSense Packages Bug #13154: pfBlocker causing excessive CPU load: The issue apparently stems from the output of "pfctl -vvsr" changing in 22.05. Due to the change in output, pfBlockNG... Denny Page
11:07 AM Bug #13273 (New): dhclient can use conflicting recorded leases: dhclient will attempt to use a previously successful recorded lease if it cannot contact a dhcp server.
However it w... Steve Wheeler
08:00 AM pfSense Packages Bug #13180: High CPU Utilization with pfb_filter since pfBlockerNG update to devel 3.1.0_4: Looks like a duplicate or related to #13154 Michael Novotny
06:53 AM Regression #13265 (Resolved): Authentication using Voucher cause SQLite3 syntax error: No errors on the latest snapshot. Voucher is accepted, no PHP error, voucher shows in active users and active voucher... Jim Pingle

06/13/2022

08:16 PM pfSense Packages Regression #13156: pfBlockerNG IP block stats do not work: Even with changing the rule to use the pfBlockerNG aliases directly, the issue persists - that is I'm not seeing any ... Marcos M
06:16 PM pfSense Packages Bug #13154 (Confirmed): pfBlocker causing excessive CPU load: Still seeing this in 2.7/22.05 so it seems unlikely to be a symptom of #12827 which is mostly fixed there.
The CPU... Steve Wheeler
02:04 PM Revision 8ba70cfc: Set CP pipeno consistently when null. Fixes #13265: Jim Pingle
11:29 AM Feature #12982: Add support for RFC7499 in RADIUS library.: Ok, so do you know roughly when "someone" can look at this issue further? Frank Lee
10:37 AM Feature #12982: Add support for RFC7499 in RADIUS library.: I can't find where @[ciscoavpair]@ is being set in the code - the only reference I could find was in @pear-Auth_RADIU... Marcos M
11:11 AM Bug #13262 (Resolved): File browser on ``diag_edit.php`` does not encode filenames before display: Tested on... Christopher Cope
10:27 AM Bug #13272 (Pull Request Review): Voucher CSV output has leading space before voucher code: MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/818
Diff attached for wider testing.
Jim Pingle
10:14 AM Bug #13272 (Resolved): Voucher CSV output has leading space before voucher code: When downloading a CSV file for a voucher roll, each voucher has a leading space, so when copying and pasting it gets... Jim Pingle
09:33 AM Regression #13265: Authentication using Voucher cause SQLite3 syntax error: Merged into Plus and CE master branches and picked back into 22.05. Jim Pingle
09:10 AM Regression #13265 (Feedback): Authentication using Voucher cause SQLite3 syntax error: Applied in changeset commit:8ba70cfcf6c86db2c52577bf543a6b72fc2da9e7. Jim Pingle
08:11 AM Regression #13265 (In Progress): Authentication using Voucher cause SQLite3 syntax error: It should be noted that the authentication succeeds and the user can get out, is listed on the active vouchers tab, b... Jim Pingle
08:23 AM pfSense Packages Bug #12992 (Resolved): error: nbproc is not supported any more since HAProxy 2.5: Jim Pingle
08:17 AM pfSense Docs New Content #13270: OpenVPN client gateway is incorrect when the server does not push routes: This has always been the case with OpenVPN. It doesn't populate the environment variables because it doesn't think it... Jim Pingle
05:06 AM pfSense Packages Bug #13271 (Bogus): I got 'The WireGuard service is not running.' after I upgraded my pfSense VM from 22.05.r.20220604.1403 -> 22.05.r.20220609.1919: I've got this issue on one of my pfSense VM after upgrade from 22.05.r.20220604.1403 -> 22.05.r.20220609.1919 ('upgra... Azamat Khakimyanov

06/12/2022

10:32 PM Todo #13268: Dynamically adjust the interface name maximum width in the login banner: I wanted to auto size the columns based on the terminal width, but the shell doesn't seem to export the @$COLUMNS@ va... → luckman212
05:09 PM Todo #13268 (Resolved): Dynamically adjust the interface name maximum width in the login banner: small change to add some width and better align things if interface names are longer than just "WAN", "WAN2" etc.
... → luckman212
07:14 PM pfSense Docs New Content #13270 (Resolved): OpenVPN client gateway is incorrect when the server does not push routes: If @IPv4 Local network(s)@ is empty on the server (and no custom options exist to push routes), the client @ovpn-link... Marcos M
02:48 PM Bug #13267 (New): dpinger continues to run on OpenVPN gateway after OpenVPN service is stopped.: Tested on @22.05.r.20220609.1919@.
# Configure OpenVPN client on pfSense
# Assign an interface to the OpenVPN cli... Marcos M
01:44 PM Bug #13258: Hidden menu option ``100`` incorrectly handles HTTPS detection: * removed @case 111)@
* consistency of single/double quotes
* removed a couple of stray @;@ s → luckman212
01:21 PM Bug #12920: Gateway behavior differs when the gateway does not exist in the configuration: Updating OP with new symptoms. Marcos M
01:00 PM Revision f185e661: a few updates for the console menu: add full pathnames to all binaries (before some were and some weren't)
less forking for process checking, instead of ... → luckman212
11:22 AM Feature #12973: Playback script to perform a configuration upgrade on an arbitrary ``config.xml`` file: Just noting for anyone looking, the script is named @upgradeconfig@ not @updateconfig@ as in Chris' OP. → luckman212
11:14 AM pfSense Plus Bug #13074: AES-GCM with SafeXcel on Netgate 2100 causes MBUF overload: I believe I have hit this as well, 2100 to 7100 GCM tunnel. Is there an upstream FreeBSD bugreport? I believe the fac... → luckman212
11:11 AM Bug #13252: reduce frequency of php-fpm socket connection attempts from check_reload_status: I may have also experienced this on an SG-2100 yesterday. Upgraded from 21.05.1 to 22.05-RC.
After the upgrade, CP... → luckman212
08:45 AM pfSense Packages Bug #12992: error: nbproc is not supported any more since HAProxy 2.5: This should be closed since it's been merged → luckman212
12:04 AM Regression #11570: Gateway monitoring services is not always restarted on interface events, which may prevent a WAN from recovering back to an online state: Pushed more updates to my "PR #4595":https://github.com/pfsense/pfsense/pull/4595 (see over there for details).
I... → luckman212

06/11/2022

07:01 PM pfSense Plus Bug #13206: SG-3100 LED GPIO hangs: Daniel Subert wrote in #note-2:
> Hi Jim,
>
> Thanks for the update.
>
> As this issue is already being tracked int... Kris Phillips
06:45 PM Revision 08e9bcfd: add waning infobox if duplicate IP is entered in DHCP staticmaps: → luckman212
05:43 PM Regression #13265: Authentication using Voucher cause SQLite3 syntax error: Here is the crash report from my firewall:
Crash report begins. Anonymous machine information:
amd64
12.3-STA... Kris Phillips
05:41 PM Regression #13265: Authentication using Voucher cause SQLite3 syntax error: I can confirm this issue is present in the RC3 build of 22.05. Kris Phillips
05:08 AM Regression #13265 (Resolved): Authentication using Voucher cause SQLite3 syntax error: Errors:
Crash report begins. Anonymous machine information:
amd64
12.3-STABLE
FreeBSD 12.3-STABLE plus-RELEN... Lev Prokofev
05:43 PM Revision b707f4d8: fix log spew when deleting static DHCP maps not in arp table, redmine #13263: → luckman212
04:51 PM Feature #13256: Better handling of duplicate IP addresses in static DHCP assignments: Looks good to me. Marcos M
01:50 PM Feature #13256: Better handling of duplicate IP addresses in static DHCP assignments: I pushed a revised version, looks like this now
!clipboard-202206111450-srubn.png!
→ luckman212
02:17 PM pfSense Packages Regression #13156: pfBlockerNG IP block stats do not work: BBcan177 . wrote in #note-3:
> There seems to have been a change in the pfctl -vvsr output.
>
> The patch below seem... B. B.
09:11 AM pfSense Packages Regression #13156: pfBlockerNG IP block stats do not work: Is there a particular reason for that? I'm using a custom alias to keep rule management easier, and to avoid filter l... Marcos M
09:02 AM pfSense Packages Regression #13156: pfBlockerNG IP block stats do not work: Marcos Mendoza wrote in #note-7:
> > @256 block drop in log quick on ixv5 inet from any to <h_blocklist:19320> label... BBcan177 .

06/10/2022

10:47 PM pfSense Packages Regression #13156: pfBlockerNG IP block stats do not work: > @256 block drop in log quick on ixv5 inet from any to <h_blocklist:19320> label "USER_RULE: pfb_blocklist" label "i... Marcos M
07:49 PM pfSense Packages Regression #13156: pfBlockerNG IP block stats do not work: Marcos Mendoza wrote in #note-4:
> Tested change on @22.05@ RC with pfBlockerNG-devel @3.1.0_4@; floating block rule... BBcan177 .
04:29 PM Feature #13264 (New): IPSec Phase2 select multiple PFS key groups: A user can currently select multiple IPSec encryption and hash algorithms, so it would make sense to add the ability ... Lars Pedersen
12:56 PM Revision 1b5919c7: Encode filename browser.php. Fixes #13262: Jim Pingle
11:36 AM Regression #11570: Gateway monitoring services is not always restarted on interface events, which may prevent a WAN from recovering back to an online state: I've been running with the PR above for 2 days now, it's survived multiple reboots, and unplug/replug of the secondar... → luckman212
11:18 AM Todo #13263: Reduce log spam when deleting a static DHCP entry: I made and tested this small patch: https://github.com/pfsense/pfsense/pull/4597 → luckman212
10:55 AM Todo #13263 (Resolved): Reduce log spam when deleting a static DHCP entry: This is not a huge priority, but when deleting static DHCP mappings for devices that are offline / not on network and... → luckman212
10:18 AM Bug #13258 (Pull Request Review): Hidden menu option ``100`` incorrectly handles HTTPS detection: Jim Pingle
08:05 AM Bug #13262 (Feedback): File browser on ``diag_edit.php`` does not encode filenames before display: Applied in changeset commit:1b5919c769ba736b44819f71ee1ddce06e2a50c5. Jim Pingle
07:56 AM Bug #13262 (Resolved): File browser on ``diag_edit.php`` does not encode filenames before display: The file browser on @diag_edit.php@ does not encode filenames before display.
A user who can create files with arb... Jim Pingle
03:39 AM pfSense Packages Bug #13261 (Resolved): Input validation rejects empty ``sudo`` command list, but GUI text says it can be empty: The help text says, " By default the command is "ALL" meaning the user can run any commands. Leaving the commands fi... Danilo Zrenjanin

06/09/2022

11:20 PM pfSense Packages Regression #13156: pfBlockerNG IP block stats do not work: The patch works for me on LAN and WAN rules on 22.05 RC using pfBlockerNG-devel 3.1.0_4. I don't have floating rules ... Glenn Hall
11:08 PM pfSense Packages Regression #13156: pfBlockerNG IP block stats do not work: Tested change on @22.05@ RC with pfBlockerNG-devel @3.1.0_4@; floating block rule on tagged traffic with description ... Marcos M
09:58 PM pfSense Packages Regression #13156: pfBlockerNG IP block stats do not work: There seems to have been a change in the pfctl -vvsr output.
The patch below seems to fix the issue, but would be ... BBcan177 .
02:51 PM Bug #13258: Hidden menu option ``100`` incorrectly handles HTTPS detection: Ok I updated the PR to bring back the hidden option 100 / links browser. I think this is good. Unfortunately when I t... → luckman212
01:31 PM Bug #13258: Hidden menu option ``100`` incorrectly handles HTTPS detection: I haven't used @links@ against in the GUI in quite some time so I'm not sure if it still works. If it does we may as ... Jim Pingle
01:28 PM Bug #13258: Hidden menu option ``100`` incorrectly handles HTTPS detection: PR: https://github.com/pfsense/pfsense/pull/4596 → luckman212
11:44 AM Bug #13258: Hidden menu option ``100`` incorrectly handles HTTPS detection: I can't think of any benefit from fixing it; better to remove it. Marcos M
02:07 PM Feature #10446: VIP address is not shown in firewall rules: Marcos Mendoza wrote in #note-5:
> Better to stick with using aliases. VIPs are more for service bindings.
This wil... Silmor Senedlen
11:38 AM Feature #10446: VIP address is not shown in firewall rules: Silmor Senedlen wrote in #note-4:
> Silmor Senedlen wrote in #note-2:
> > I think it would be nice to be able to ... Marcos M
02:04 PM Feature #13260 (New): Add support for OpenVPN static-challenge: When using Multi Factor authentication most OpenVPN clients offer a static-challenge option to make the client ask fo... Diego Cortassa
01:32 PM Feature #13256: Better handling of duplicate IP addresses in static DHCP assignments: I wanted to make the warning display in a "Yellow Box" too but I looked through the code and couldn't see an easy way... → luckman212
12:41 PM Feature #13256: Better handling of duplicate IP addresses in static DHCP assignments: I don't think we should change the default behavior/add extra steps to reach the current behavior.
Something that ... Jim Pingle
12:36 PM Feature #13256: Better handling of duplicate IP addresses in static DHCP assignments: Thank you for the contributions!
In general, it's best to avoid first/second person perspective. A yellowish warni... Marcos M
07:07 AM Regression #11570 (Pull Request Review): Gateway monitoring services is not always restarted on interface events, which may prevent a WAN from recovering back to an online state: Jim Pingle
01:42 AM pfSense Packages Bug #12765 (Resolved): AutoConfigBackup should ignore Lightsquid/lightparser cron changes: I tested with Lightsquid version 3.0.6_9.
It works fine.
I am marking this ticket resolved. Danilo Zrenjanin

06/08/2022

11:17 PM Regression #11570: Gateway monitoring services is not always restarted on interface events, which may prevent a WAN from recovering back to an online state: I submitted a PR: https://github.com/pfsense/pfsense/pull/4595 that may help some of the cases being hit here. → luckman212
05:02 PM pfSense Packages Bug #13259 (Not a Bug): Reply-to rules are not created with wireguard 0.1.6_1: Jim Pingle
04:57 PM pfSense Packages Bug #13259: Reply-to rules are not created with wireguard 0.1.6_1: Sorry, stupid mistake on my side, it is required to set an upstream gateway on the interface config in order for the ... JB Fuzier
04:53 PM pfSense Packages Bug #13259 (Not a Bug): Reply-to rules are not created with wireguard 0.1.6_1: Hello,
I have noticed that reply-to rules are not created for rules in a wireguard interface even if it is assigne... JB Fuzier
03:33 PM Feature #10446: VIP address is not shown in firewall rules: Silmor Senedlen wrote in #note-2:
> I think it would be nice to be able to select VIP address from list(which autom... Silmor Senedlen
01:35 PM pfSense Packages Bug #12808 (Resolved): Wireguard Gateways disabled when Wireguard Service is Manually Restarted: Christian McDonald
10:02 AM pfSense Packages Bug #12808: Wireguard Gateways disabled when Wireguard Service is Manually Restarted: Cherry picked this commit to RELENG_2_6_0 ports tree. Look for a package update.
Edit: v0.1.6_2 is available in CE 2... Christian McDonald
09:31 AM pfSense Packages Bug #12808: Wireguard Gateways disabled when Wireguard Service is Manually Restarted: → luckman212 wrote in #note-13:
> @Valmor if you add the System Patches package and then add a patch using this url:... Val Mor
07:54 AM pfSense Packages Bug #12808: Wireguard Gateways disabled when Wireguard Service is Manually Restarted: @Valmor if you add the System Patches package and then add a patch using this url:
https://github.com/theonemcdona... → luckman212
07:46 AM pfSense Packages Bug #12808: Wireguard Gateways disabled when Wireguard Service is Manually Restarted: I have similar issue on pfSense 2.6.0-RELEASE.
Configured WireGuard tunnel and set a static route.
After reboot of ... Val Mor
12:40 PM pfSense Packages Bug #13050 (Resolved): ACME update EasyDNS inline api sign-up link: It looks fine on Acme package version 0.7.1_1.
I am marking this ticket resolved. Danilo Zrenjanin
12:04 PM Bug #13258 (Resolved): Hidden menu option ``100`` incorrectly handles HTTPS detection: I was poking around in @/etc/rc.initial@ to try to fix something else and I noticed a hidden menu item 100
This op... → luckman212
10:38 AM Bug #13257: Exporting a PKCS#12 file from the certificate manager does not use the intended encryption algorithm: See also: #13255 Jim Pingle
10:35 AM Bug #13257 (Resolved): Exporting a PKCS#12 file from the certificate manager does not use the intended encryption algorithm: In source:src/usr/local/www/system_certmanager.php#L198 or thereabouts it sets a parameter @encrypt_key_cipher@ inten... Jim Pingle
09:54 AM Feature #13256 (Resolved): Better handling of duplicate IP addresses in static DHCP assignments: summary:
In 2018 code that prevented duplicate IPs from being used as static DHCP mappings was removed. There are ... → luckman212
09:15 AM Bug #13088: Rapidly clicking certain options on OpenVPN Client Overrides can cause hide/show field behavior to invert: I replicated the issue with inverted results when repeating clicks too quickly on 22.05.r.20220604.1403.
After app... Danilo Zrenjanin
08:52 AM Regression #13167: DigitalOcean Dynamic DNS update fails with a "bad request" error: I reproduced the issue on 22.01 and 22.05.r.20220604.1403 with the same logs. Danilo Zrenjanin
08:36 AM pfSense Packages Todo #13255 (Resolved): Set PKCS#12 algorithm when exporting OpenVPN ZIP or Windows bundles: Currently when crafting a PKCS#12 archive the OpenVPN Client Export package does not set a specific encryption algori... Jim Pingle
07:48 AM Bug #13254 (Resolved): DNS resolver does not update its configuration or reload during link down events: How to reproduce:
1) Configure the interface with Static IPv4
2) Select this interface in the "Network Interfaces... Danilo Zrenjanin

06/07/2022

08:55 PM Regression #11570: Gateway monitoring services is not always restarted on interface events, which may prevent a WAN from recovering back to an online state: Tested on 22.05 RC.
I was not able to replicate this initially with WAN1 as DHCP and WAN2 as static. After testing a... Marcos M
10:00 AM Regression #11570: Gateway monitoring services is not always restarted on interface events, which may prevent a WAN from recovering back to an online state: I experienced this this morning, on 22.05.b.20220531.0600
- dpinger showed my DHCP6 gateway as "down"
- I ran @pgre... → luckman212
01:04 PM Regression #13167: DigitalOcean Dynamic DNS update fails with a "bad request" error: +1 Having this issue since 16th May on two separate boxes CE. Upgraded to 2.6 and still the same. switch to DynDns an... r a
08:50 AM Regression #13167: DigitalOcean Dynamic DNS update fails with a "bad request" error: +1 Also having this problem David Grenier
12:25 AM pfSense Packages Bug #10436: softflowd no longer sends flow data after upgrade (v0.9.9_1 -> v1.0.0): I'm starting down a path that involves softflowd. Does anyone know if this issue persists with the latest snaps? → luckman212

06/06/2022

11:17 PM Regression #13167: DigitalOcean Dynamic DNS update fails with a "bad request" error: any updates on this? I am getting the same error too Pan Teparak
06:55 PM pfSense Packages Feature #12963: Run nmap scans in the background: I can't think of a privacy issue for either - both locations are readable by everyone. The Packet Capture page is in ... Marcos M
02:55 PM pfSense Packages Feature #12963: Run nmap scans in the background: Marcos Mendoza wrote in #note-24:
> Looks good from the testing I've done. Only suggestion I have is that the result... Phil Wardt
02:58 PM Bug #13253 (Resolved): ``dhcp6c`` is not restarted when applying settings when multiple WANs are configured for DHCP6: After #6880 it seems that when applying settings on multiple WANs, @dhcp6c@ is not restarted so the new configuration... Jim Pingle
02:55 PM Bug #13061 (Resolved): Gateway events for IPv6 affect IPv4 OpenVPN instances and vice versa: Seems to be doing the right thing. IPv6 OpenVPN tunnel kept going when the IPv4 gateway went down and back up. We can... Jim Pingle
02:35 PM Bug #12733 (Resolved): Value of ``net.inet.ip.dummynet.*`` OIDs in ``sysctl`` are ignored: The code for @dummynet_load_module()@ in source:src/etc/inc/util.inc#L3937 ensures the module is loaded before popula... Jim Pingle
01:06 PM Bug #13252 (New): reduce frequency of php-fpm socket connection attempts from check_reload_status: When troubleshooting an issue, I discovered that my system logs were rotating every couple of minutes, due to many of... Royce Williams
12:45 PM Bug #13251: pfTop bugs - backspace key vs CTRL_H, states column, rnr not functional: Ok, fair enough but I do wonder - does backspace work for _anyone_ in this case? Because it appears undefined or at l... → luckman212
12:37 PM Bug #13251 (Not a Bug): pfTop bugs - backspace key vs CTRL_H, states column, rnr not functional: backspace vs ^H is almost always a terminal issue with your client and what it sends. Some things send ^H for backspa... Jim Pingle
12:32 PM Bug #13251 (Not a Bug): pfTop bugs - backspace key vs CTRL_H, states column, rnr not functional: I am not 100% sure but I believe there are bugs in the currently bundled version of pfTop. I opened a thread about th... → luckman212
07:32 AM Todo #13250 (Resolved): Clean up DHCP Server option language: Several options on the page have awkward or inconsistent wording
* "Denied clients will be ignored rather than rej... Jim Pingle
07:03 AM Bug #12878 (Incomplete): Traffic shaping by interface, route queue bandwidth inbound, out by a large factor.: Jim Pingle
07:02 AM Bug #13249: Running playback comands multiple times results in PHP error: That is known and expected, they aren't designed to run more than once in the same session the way you are doing it. ... Jim Pingle
05:41 AM Bug #12645: ``filterdns`` does not monitor remote IPsec gateways for IPv6 address changes: It's under IKE Endpoint Configuration ----> Remote Gateway (IPV6), to check if FQDN for AAAA record can be used to es... Alex Zaykov
04:17 AM Bug #12645 (Resolved): ``filterdns`` does not monitor remote IPsec gateways for IPv6 address changes: Tested on 22.05-RC (built on Sat Jun 04 14:22:59 UTC 2022)
I'm not sure what to test here but there is no *add_hos... Azamat Khakimyanov

06/05/2022

08:10 PM Bug #13249 (New): Running playback comands multiple times results in PHP error: Using the console, enter option 12 then run @playback svc restart unbound@ twice. On the second run, the following is... Marcos M
07:38 PM Regression #13248 (New): IPv6 Router Advertisements runs when config.xml does not contain an entry for the interface: After installing @22.05.b.20220531.0600@, I noticed that the @System / Routing@ logs showed the following:
* @2001... Marcos M
07:09 PM pfSense Packages Bug #13247 (Confirmed): Open-VM-Tools service actions do not work: Installing the package @Open-VM-Tools@ creates two entries under @Status / Services@: @vmware-guestid@ and @vmware-km... Marcos M
06:51 PM pfSense Packages Feature #13246 (New): iperf3 service controls do not work: After installing the @iperf3@ package, an entry is created under @Status / Services@ which includes @Start@, @Stop@, ... Marcos M
06:17 PM pfSense Packages Feature #12963: Run nmap scans in the background: Looks good from the testing I've done. Only suggestion I have is that the results file may be best placed in @/tmp@. Marcos M
04:10 PM pfSense Plus Bug #12974: Typing anything into 1100/2100 recovery installer causes process to stop: Marcos Mendoza wrote in #note-6:
> The wording has been addressed with NG 7431. This issue can be left open to track... Ryan Coleman
08:23 AM Regression #12821 (Confirmed): Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``: Steve Wheeler

06/04/2022

08:15 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``: Tested ix interfaces as well. They are not subject to this bug. Based on the fact that Broadcom NICs and Intel ix/i... Kris Phillips
07:54 PM Regression #11545: Primary interface address is not always used when VIPs are present: This bug definitely doesn't just happen with PPPoE interfaces. It is also not consistent and seems to be an "orderin... Kris Phillips
07:50 PM Bug #12878: Traffic shaping by interface, route queue bandwidth inbound, out by a large factor.: Unless further feedback is provided on this redmine, it can likely be closed due to lack of information in Rejected s... Kris Phillips
09:21 AM Feature #13245 (Resolved): Type column on Alias lists: Small QoL addition that adds a Type column to the Alias list views. I was recently cleaning up my aliases and being a... → luckman212

06/03/2022

01:50 PM Bug #12847: On startup "No routing address with matching address" might appear: Replicated the issue on:... Danilo Zrenjanin
01:08 PM Bug #12847 (Resolved): On startup "No routing address with matching address" might appear: No sign of these errors on anything I'm seeing here, static or dynamic, with or without working IPv6 when configured ... Jim Pingle
01:28 PM Bug #11692 (Resolved): ``fixup_default_gateway()`` should not remove a default gateway managed by a dynamic routing daemon: Jim Pingle
01:23 PM Bug #12606 (Resolved): ``devd`` is not configured to act on USB interface attach/detach events: devd hooks are in place and fire as expected when plugging/unplugging a USB Ethernet dongle Jim Pingle
01:09 PM Feature #13070 (Resolved): Allow auto prefix with manual prefix-length in NPt: Jim Pingle
01:01 PM Bug #13241: syslogd doesn't honor the Timezone set in the System/General Setup: Here is the feature request:
https://redmine.pfsense.org/issues/13244 Danilo Zrenjanin
12:54 PM Bug #13241: syslogd doesn't honor the Timezone set in the System/General Setup: Yeah right. It works fine after a reboot. I somehow omitted that part in the docs. Thanks!
However, adding the no... Danilo Zrenjanin
07:10 AM Bug #13241 (Not a Bug): syslogd doesn't honor the Timezone set in the System/General Setup: That isn't a bug. Each daemon picks up the time zone change when it starts, that isn't up to @syslogd@. To fully acti... Jim Pingle
03:43 AM Bug #13241: syslogd doesn't honor the Timezone set in the System/General Setup: I am getting the same results on:... Danilo Zrenjanin
03:08 AM Bug #13241 (Not a Bug): syslogd doesn't honor the Timezone set in the System/General Setup: It shows the wrong time only in the Status/System Logs/System/General section.
I chose Europe/Belgrade Timezone. ... Danilo Zrenjanin
01:00 PM Bug #13133 (Resolved): OpenVPN ``client-connect`` file contains ``topology``: Seems to be OK. No error in the client log now, client still gets a proper address using the correct topology Jim Pingle
01:00 PM Feature #13244 (New): Add help text under Timezone settings in the GUI: Adding the note from the docs in the GUI below the Timezone dropdown menu will be helpful.... Danilo Zrenjanin
12:57 PM Bug #12628 (Resolved): OpenVPN re-synchronization also synchronizes override entries unnecessarily in some cases: It's not clear from the original description which specific cases were not necessary, but I'm seeing the CSC files up... Jim Pingle
12:46 PM Bug #13145 (Resolved): Per-user ``route`` files are not removed from ``/tmp`` when they are no longer needed: Routes file is no longer left behind. Jim Pingle
12:42 PM Feature #12407 (Resolved): Use deferred client connections in OpenVPN: This has been back in place for a while. No problems with auth that I've seen, local or RADIUS.
Jim Pingle
12:33 PM Bug #4287: Wrong display for ppp in Interfaces page: Hi Marco,
I have the same problem like you, did you find a solution for it?
Karlo Karlo Tomka
12:28 PM Bug #13243 (Resolved): OpenVPN status for multi-user VPN shows info icon to display RADIUS rules when there are none to display: When a user authenticates to an OpenVPN instance the OpenVPN status shows an info "i" icon in the actions to display ... Jim Pingle
12:08 PM Bug #13099 (Resolved): Static routes to destinations at L2TP clients are not re-added after a client reconnects: Looks good. Following the procedure above, the route goes away when the client disconnects and comes back when the cl... Jim Pingle
11:22 AM Feature #12687: Option to disable auto-addition of static routes for ``dpinger``: follow-up issue: https://redmine.pfsense.org/issues/13242 → luckman212
09:32 AM Feature #12687 (Resolved): Option to disable auto-addition of static routes for ``dpinger``: This works OK as-is. As stated in the comments above it doesn't remove the routes, but the user can reboot or remove ... Jim Pingle
07:51 AM Feature #12687: Option to disable auto-addition of static routes for ``dpinger``: What's in now will have to be considered on its own -- any refinements should be done on a separate Redmine issue. Jim Pingle
11:20 AM Feature #13242 (Pull Request Review): Enhancements to static route creation/deletion for dpinger monitor IPs: related redmine: #12687 — (breaking out as requested by @jimp to a separate issue)
Th PR below adds some improveme... → luckman212
11:11 AM Todo #12619 (Resolved): Restart services on interface changes: In general this seems to be working as expected from what I can see.
If there are issues with individual services ... Jim Pingle
10:51 AM Regression #12582 (Resolved): RADVD can be started on both HA nodes when configured with an IPv6 link-local address: Seems to be OK. With radvd set to use an LL VIP I still only see radvd running on the node with master status on its ... Jim Pingle
10:43 AM Regression #12961 (Resolved): CARP event storm when leaving persistent CARP maintenance mode: I'm only seeing one event per VIP now as expected. Jim Pingle
10:32 AM Bug #13076 (New): Marking a gateway as down does not affect IPsec entries using gateway groups: This still isn't working properly. I marked a gateway as down and it has no effect on IPsec. The dynamic DNS entry ch... Jim Pingle
07:41 AM Bug #12590 (Resolved): Dynamic DNS custom IPv6 service fails on 6rd tunnels: Jim Pingle
07:40 AM Bug #13097 (Resolved): PHP error when upgrading from before configuration revision 21.6, ``ipsec_create_vtimap()`` is undefined: No PHP error on upgrade when coming from <21.6 now. Closing. Jim Pingle
07:13 AM Bug #12612 (New): DNS Resolver is restarted during every ``rc.newwanip`` event even for interfaces not used in the resolver: The code looks like it should be right but we can debug it for the next release, it's not a blocker for 22.05. Jim Pingle
01:55 AM Bug #12612: DNS Resolver is restarted during every ``rc.newwanip`` event even for interfaces not used in the resolver: Tested... Danilo Zrenjanin
02:41 AM Bug #12609 (Resolved): IGMP Proxy server is restarted during every ``rc.newwanip`` event: Tested... Danilo Zrenjanin

06/02/2022

10:38 PM Bug #13127 (Resolved): DHCP lease list displays wrong interface name in the "Leases in Use" summary if DHCP settings for a disabled interface remain in the configuration: I've tested again on a fresh image and I cannot get it to repeat the blank interface name, the interface name changes... Reid Linnemann
03:30 PM Bug #13127: DHCP lease list displays wrong interface name in the "Leases in Use" summary if DHCP settings for a disabled interface remain in the configuration: It's just blank, the table data for the cell is empty. I'll get a chance to have a further look at it in the next few... Reid Linnemann
03:24 PM Bug #13127: DHCP lease list displays wrong interface name in the "Leases in Use" summary if DHCP settings for a disabled interface remain in the configuration: @rlinnemann : Can you send a screenshot of that rendered page with the blank ifname? I looked again at the code and i... → luckman212
10:33 PM Bug #13048 (Resolved): Explicit PPPoE disconnect of a WAN Gateway Group member may not restore a default route: Default gateway switches away and back as expected when disconnecting and reconnecting. Jim Pingle
10:06 PM Bug #11629 (Resolved): PPPoE WAN IP address different than expected when set static by ISP: Following the stated procedure I can't reproduce the problem on 22.05 now. I see the interface go down, and when it c... Jim Pingle
09:52 PM Bug #12975 (Resolved): IKEv2 Mobile IPsec clients do not receive ``INTERNAL_DNS_DOMAIN`` (value ``25``) attribute: The new attribute is present in the configuration, the rest is up to clients at this point. Jim Pingle
09:42 PM Bug #11984 (Resolved): Automatic Outbound NAT mode can create incorrect rules in some cases: I can't find any way to reproduce the original issue here, but the code in the change is solid, the scope is removed ... Jim Pingle
09:41 PM Bug #13230: Floating rules on VPN interfaces: That’ll be my issue then, thanks. I did wonder if that was the case. James Chambers
09:31 PM Bug #13240 (Resolved): User is forced to pick an NPt destination IPv6 prefix length even when choosing a drop-down entry which contains a defined prefix length: Following on from #4881
There are two minor issues in the NPt GUI when dealing with dynamic choices:
1. When t... Jim Pingle
09:27 PM Feature #4881 (Resolved): Allow NPt to use dynamic IPv6 networks: Jim Pingle
09:27 PM Feature #4881: Allow NPt to use dynamic IPv6 networks: Two minor issues:
1. When there are multiple available entries the list isn't cleared and each line also contains ... Jim Pingle
09:10 PM pfSense Packages Regression #13156: pfBlockerNG IP block stats do not work: I saw this bug on 22.05-Devel and now on 22.05-Beta. The rules are working, but are not logged. Glenn Hall
08:55 PM Regression #12862 (Resolved): Some ``sysctl`` OIDs in ``loader.conf.local`` are silently removed: The value of @net.link.ifqmaxlen@ in @loader.conf.local@ is retained across multiple reboots on 22.05 Jim Pingle
08:16 PM Regression #13162 (Resolved): Upgrade does not work when using only IPv6 DNS servers: Seems to be fixed. On 22.01 if I set only IPv6 DNS and tell the GUI to only use remote DNS, the update check does fai... Jim Pingle
08:10 PM Bug #12721 (Resolved): IPv6 gateway group using link local addresses incorrectly logs a gateway change because it not including interface scope properly: Seems to be OK on the latest snapshot. I can't reproduce the problem there. Failover group with two IPv6 tiers, both ... Jim Pingle
08:02 PM Bug #6880 (Resolved): Multiple DHCP6 WAN connections leads to multiple dhcp6c clients: This looks excellent on the latest snapshot.
On 22.01 each interface has a separate configuration and only one of ... Jim Pingle
06:17 PM Bug #12611 (Resolved): SNMP daemon is restarted during every ``rc.newwanip`` event: Reid Linnemann
03:24 PM Bug #12527 (Resolved): DHCPv6 server does not skip interfaces configured with invalid ranges: Works on latest internal test snapshot. Jim Pingle
09:13 AM Bug #12527: DHCPv6 server does not skip interfaces configured with invalid ranges: The patch did the job.
Tested:... Danilo Zrenjanin
08:51 AM Bug #12527: DHCPv6 server does not skip interfaces configured with invalid ranges: If nobody else offers feedback before 22.05 releases, this is OK to close. The change appears to be solid but I'd lik... Jim Pingle
08:38 AM Bug #12527: DHCPv6 server does not skip interfaces configured with invalid ranges: Patch was tested successfully by multiple people internally, including several dynamic and static systems in my lab. ... Jim Pingle
08:35 AM Bug #12527 (Feedback): DHCPv6 server does not skip interfaces configured with invalid ranges: Applied in changeset commit:3dc73d391eff61f490798696af78a4cdbeeeaf18. Jim Pingle
08:29 AM Bug #12527: DHCPv6 server does not skip interfaces configured with invalid ranges: MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/814
Patch is attached and fixes it for me here in ... Jim Pingle
07:56 AM Bug #12527 (Assigned): DHCPv6 server does not skip interfaces configured with invalid ranges: This caused a regression where it's skipping dhcp6 for delegated prefixes. Jim Pingle
03:23 PM Regression #13238 (Resolved): WAN_DHCP6 gateway stuck pending with "Do not wait for RA" set: Works on latest internal test snapshot. Jim Pingle
08:58 AM Regression #13238: WAN_DHCP6 gateway stuck pending with "Do not wait for RA" set: I have picked this back into the 22.05 branch and it will be included in the release. Jim Pingle
07:56 AM Regression #13238: WAN_DHCP6 gateway stuck pending with "Do not wait for RA" set: The dhcpd problem appears to be a regression from #12527 and is unrelated to this. Jim Pingle
03:07 PM Bug #13139 (Resolved): Stale ``sshdkeys.dirty`` lock file prevents generating SSH server keys: Reid Linnemann
02:07 PM Revision b79dff5b: Disable distclean to prevent removing distfiles that are still in use: Brad Davis
02:02 PM Bug #12613 (Resolved): DNS Resolver does not restart during link up/down events on a static IP address interface: Based on the original problem description and steps to reproduce it sounds like this specific request is fixed. For t... Jim Pingle
01:56 PM Bug #12613: DNS Resolver does not restart during link up/down events on a static IP address interface: Tested... Danilo Zrenjanin
01:08 PM Revision 3dc73d39: dhcp6 range check/tracked prefix. Fixes #12527: Jim Pingle
11:22 AM Regression #12949 (Resolved): The ruleset is not regenerated after assigning an interface: Confirmed this no longer happens in current 2.7 snapshots. The running ruleset is updated immediately when re-assigni... Steve Wheeler
09:34 AM Feature #12687: Option to disable auto-addition of static routes for ``dpinger``: @Flole please test with the updated version of this patch if you have the time: https://github.com/pfsense/pfsense/pu... → luckman212
07:13 AM Bug #13239 (Duplicate): ipv6 based ipsec vpn tunnel bug found with fqdn remote host: Appears to be the same as #12645 which is already fixed in 22.05/2.7.0 snapshots. Jim Pingle
03:14 AM Bug #13239: ipv6 based ipsec vpn tunnel bug found with fqdn remote host: https://forum.netgate.com/topic/171869/ipsec-vpn-bug-found?_=1654156661373 Alex Zaykov
03:13 AM Bug #13239 (Duplicate): ipv6 based ipsec vpn tunnel bug found with fqdn remote host: Hi I would to report the bug, related to ipsec vpn
In the settings of Phase 1 (ike v2)
under:
IKE Endpoint... Alex Zaykov

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

07/01/2022

06/30/2022

06/29/2022

06/28/2022

06/27/2022

06/26/2022

06/25/2022

06/24/2022

06/23/2022

06/22/2022

06/21/2022

06/20/2022

06/19/2022

06/18/2022

06/17/2022

06/16/2022

06/15/2022

06/14/2022

06/13/2022

06/12/2022

06/11/2022

06/10/2022

06/09/2022

06/08/2022

06/07/2022

06/06/2022

06/05/2022

06/04/2022

06/03/2022

06/02/2022