Project

General

Profile

Activity

From 06/22/2022 to 07/21/2022

07/21/2022

05:57 PM pfSense Packages Feature #13370: Wireguard Dashboard status
Ideally, it would be nice to see which Peers are connected, similar to the status of the OpenVPN widget.
This is a s... Gil Gil
04:24 PM pfSense Plus Regression #13365 (Closed): ZFS widget no longer displays information
Thanks for the feedback. Christian McDonald
03:59 PM pfSense Plus Regression #13365: ZFS widget no longer displays information
The widget is working again for me using @22.09.a.20220721.0600@ Glenn Hall
04:07 PM Regression #13373 (Resolved): IPsec rejects certificates if any SAN is wildcard rather than rejecting when **all** SANs are wildcard
The patch used in https://redmine.pfsense.org/issues/11297 causes any certificate with a wildcard SAN from being used... Andrew Stuart
03:17 PM pfSense Docs Todo #13369 (In Progress): Standardize mentions of macOS
pfSense Platform docs are done: https://gitlab.netgate.com/docs/pfsense-platforms/-/commit/23b92e18e50dc72de4b7479daf... Jim Pingle
11:55 AM Bug #13372 (Not a Bug): Can't upgrade from 2.6 to Plus
That's likely a temporary failure in the authentication process. TAC can help you get around that, but it's not a bug... Jim Pingle
11:50 AM Bug #13372 (Not a Bug): Can't upgrade from 2.6 to Plus
[2.6.0-RELEASE][admin@pfSense.home.arpa]/root: pfSense-upgrade -d -c
>>> Updating repositories metadata...
Updating... Jeff Petovello
07:59 AM Bug #13289 (Resolved): Attempting to restore a 0 byte ``config.xml`` prints an error that the file cannot be read
Tested:... Danilo Zrenjanin
07:20 AM Feature #7688 (Rejected): AutoConfigBackup - Info Icon - username only
ACB doesn't use logins anymore so this is moot. Jim Pingle
07:19 AM Bug #7757 (Not a Bug): Auto Config Backup fails to upload unless Default Gateway is up
This isn't an ACB issue. This can be resolved by configuring the default gateway to be a failover group which matches... Jim Pingle
07:16 AM Feature #13371 (Duplicate): ACB multiple save point removal
Duplicate of #12553 Jim Pingle
07:02 AM Regression #13356 (Resolved): RADIUS authentication attempts no longer send RADIUS NAS IP attribute
Tested:... Danilo Zrenjanin

07/20/2022

09:53 PM Feature #13371 (Duplicate): ACB multiple save point removal
Currently under Services>Auto Configuration Backup>Restore there is no ability to select (remove) more than one hoste... Jordan G
09:09 PM pfSense Packages Feature #13370: Wireguard Dashboard status
What detail specifically? Marcos M
08:31 PM pfSense Packages Feature #13370 (New): Wireguard Dashboard status
It would be nice if the WireGuard widget would give a little more detail on the Dashboard. Gil Gil
01:33 PM Bug #13280 (Confirmed): Entries for ``net.link.ifqmaxlen`` duplicated in ``/boot/loader.conf``
Yes, it should have a target. It definitely needs addressed and should be possible to patch between releases if neede... Jim Pingle
01:18 PM Bug #13280: Entries for ``net.link.ifqmaxlen`` duplicated in ``/boot/loader.conf``
I know this is probably a low priority bug since pfSense does not need to be rebooted frequently, but shouldn't this ... Joe Mott
12:28 PM pfSense Docs Todo #13369 (Resolved): Standardize mentions of macOS
As of 2016 and macOS 10.12 Apple has standardized on macOS instead of the former OS X. We should update mentions of M... Jim Pingle
11:56 AM Bug #13366: Under or over size state tables cause pfctl error ``DIOCSETSYNCOOKIES``
Jim Pingle wrote in #note-1:
> What was the limit before it was lowered?
>
> How much RAM did they have?
>
> I... Christopher Cope
11:20 AM pfSense Packages Bug #13368 (Resolved): IPsec Profile Wizard/Windows: Cannot generate a script for IKEv2 VPN using GCM ciphers when mobile P2 has no hash algorithms selected
The following P1 cipher suite is supported by Windows natively, yet the wizard prevents it:
AES256-GCM | 128 bits ... Marcos M
11:05 AM Bug #7329 (Closed): DHCP Not Updating DNS
Given the affected version here is 2.3.3, I'm going to close this out. If anyone can reproduce this on 2.6/2.7, feel ... Marcos M
09:49 AM Bug #7329: DHCP Not Updating DNS
pfSense version is Community Edition 2.6.0-Release with DNS Resolver enabled. Garry Page
09:45 AM Bug #7329: DHCP Not Updating DNS
Related, may be...
Windows 10 PC has DHCP enabled, IP address: 10.0.0.164 (preferred), Default Gateway: 10.0.0.1, DH... Garry Page
09:50 AM pfSense Docs Todo #12461 (Feedback): Improve macOS Serial Command Instructions
This should take it the rest of the way, given that it appears all recent (~10 year old and newer) Macs running a cur... Jim Pingle

07/19/2022

06:26 PM Feature #13367 (Pull Request Review): Specify CA trust store location when downloading and validating URL alias content
Marcos M
06:12 PM Feature #13367: Specify CA trust store location when downloading and validating URL alias content
Patch:... Marcos M
06:11 PM Feature #13367: Specify CA trust store location when downloading and validating URL alias content
Tested on 22.09 - works for me.
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/835 Marcos M
06:07 PM Feature #13367 (Resolved): Specify CA trust store location when downloading and validating URL alias content
When the option @Check certificate of aliases URLs@ is checked, it does not use the same trust store used when enabli... Marcos M
06:16 PM Bug #12737: CA path is not defined when using ``curl`` in the shell
Djerk Geurts wrote in #note-6:
> Same issue here, curl doesn't use the trust store and it seems neither does pfBlock... Marcos M
11:33 AM Bug #12737: CA path is not defined when using ``curl`` in the shell
Same issue here, curl doesn't use the trust store and it seems neither does pfBlockerNG. Seems a bit laughable that i... Djerk Geurts
05:11 PM Bug #13366: Under or over size state tables cause pfctl error ``DIOCSETSYNCOOKIES``
What was the limit before it was lowered?
How much RAM did they have?
It may be that we are calculating it base... Jim Pingle
04:47 PM Bug #13366 (New): Under or over size state tables cause pfctl error ``DIOCSETSYNCOOKIES``
On systems with excessively large RAM, where the default state table is huge the following error is seen and traffic ... Christopher Cope
12:17 PM pfSense Plus Regression #13365: ZFS widget no longer displays information
Looks good here with that fix applied. Will wait for it to land in a snapshot and re-test before closing.
 Jim Pingle
12:08 PM pfSense Plus Regression #13365 (Feedback): ZFS widget no longer displays information
Christian McDonald
12:08 PM pfSense Plus Regression #13365: ZFS widget no longer displays information
Fixed in https://gitlab.netgate.com/pfSense/factory/-/commit/1c8a0c751e0f5894b53d4cafb2707428005d85b0 Christian McDonald
11:41 AM pfSense Plus Regression #13365: ZFS widget no longer displays information
I can reproduce this here, it broke somewhere between @22.09.a.20220714.0600@ and @22.09.a.20220719.0600@. Jim Pingle
11:30 AM pfSense Plus Regression #13365 (Closed): ZFS widget no longer displays information
Dashboard widget no longer displays ZFS pool information "No ZFS pools are configured." is displayed when ZFS pools e... Keith Townsend
09:30 AM pfSense Docs New Content #12063 (Closed): Document recently added options for Configuring RFC 2136 Dynamic DNS updates
This has been added - I forget when it was done. Marcos M

07/18/2022

05:50 PM Bug #13363 (Rejected): Pfsense 2.6.0 Buggy and Should have Remained in Development Branch (one bug report inside). Usage issues as well
First, most of those are not bugs, but known limitations. Like the gateway thing -- you set it to auto, it's doing au... Jim Pingle
04:42 PM Bug #13363: Pfsense 2.6.0 Buggy and Should have Remained in Development Branch (one bug report inside). Usage issues as well
Based on this post. Should I have split them up?
https://forum.netgate.com/topic/173526/pfsense-2-6-0-buggy-and-s... Dragon Master
04:42 PM Bug #13363 (Rejected): Pfsense 2.6.0 Buggy and Should have Remained in Development Branch (one bug report inside). Usage issues as well
1) Applying changes seems to take significantly longer. (Certain ones, I forgot which ones off the top of my head. ... Dragon Master
05:16 PM Bug #13364 (Resolved): Using the copy (not clone) function on firewall rules unintentionally converts interface ``address`` to interface ``net``
Tested on 22.05 and latest dev.
Steps:
# Start with three interfaces, WAN, LAN, OP1
# Create a rule on OPT1: ipv... Marcos M
04:06 PM pfSense Docs Todo #13236 (Resolved): Document link speed limitations with igc and ix on 6100/4100
Looks good, thanks! Marcos M
03:10 PM pfSense Docs Todo #13236: Document link speed limitations with igc and ix on 6100/4100
This should be better now:
https://gitlab.netgate.com/docs/pfsense-platforms/-/commit/ce3288bce4b70211f1296deddaa2... Jim Pingle
01:50 PM pfSense Docs Todo #13236: Document link speed limitations with igc and ix on 6100/4100
For ix, it's the same on the 4100/5100/6100. I only see testing history on the RJ-45 ix ports, not SFP. Marcos M
08:05 AM pfSense Docs Todo #13236: Document link speed limitations with igc and ix on 6100/4100
Marcos M wrote in #note-8:
> Note looks good, however when we tested this, the issue happened on the @ix@ ports as w... Jim Pingle
01:40 PM Feature #13362 (Feedback): Update dynamic gateway consumers when their interface is renamed
If the gateway selection was empty, that could mean the gateway was disabled/renamed at some point. If this happened ... Marcos M
12:22 PM Feature #13362 (New): Update dynamic gateway consumers when their interface is renamed
I set up a IPSEC tunnel using VTI mode. Created the Static route and pointed it out the correct gateway. Approx 3 day... Fredrick Pettiford
08:02 AM pfSense Packages Feature #13361 (Resolved): Add Zabbix 6.2 (agent and proxy) packages
New release from zabbix. Please add this new version.
https://www.zabbix.com/rn/rn6.2.0
https://www.freshports.or... Pim Janssen
07:53 AM pfSense Packages Feature #12859: Add Zabbix 6.0 LTS (agent and proxy) packages
zabbix proxy 6 is available but i am unable to close the issue. Pim Janssen

07/17/2022

01:30 PM Todo #13357 (Pull Request Review): Spelling and typo corrections
I reviewed the spelling fixes and confirmed the changes. I'm highlighting the bugs addressed by the changes here:
... Marcos M
09:34 AM pfSense Packages Bug #13360: Not All AS Prefixes are returned by WHOIS
Kris Phillips wrote in #note-1:
> I can confirm that subnet should be part of that ASN. However, I cannot recreate ... Alex Knop
04:45 AM pfSense Packages Bug #13343: HAproxy cookie protection syntax needs updated
Hello,
the bug is there if the haproxy package installation dependency is set to use
haproxy22-2.2.22 (no more "rs... Johannes Goldynia

07/16/2022

08:35 PM Bug #13317: ``array_filter`` PHP Errors in ``interfaces.inc``
What are the steps to reproduce this issue so that we can test the patch? No information on reproducible steps is pr... Kris Phillips
08:32 PM pfSense Packages Bug #13343: HAproxy cookie protection syntax needs updated
Hello,
Is this present on the stable or devel branch? Or both? Kris Phillips
08:30 PM pfSense Plus Bug #13348: Error when deleting ZFS Boot Environment created from duplicate of non-default entry
I cannot reproduce this either. Hopefully Christian can provide some insight into what might be the reproducible ste... Kris Phillips
11:45 AM pfSense Plus Bug #13348: Error when deleting ZFS Boot Environment created from duplicate of non-default entry
I don't recall the details when discussing it with Christian, but he mentioned something along the lines of the issue... Marcos M
08:28 PM Todo #13357: Spelling and typo corrections
As mentioned by Jim P in the Github pull request, some of these are for functions that may need to be updated in othe... Kris Phillips
08:21 PM pfSense Packages Bug #13360: Not All AS Prefixes are returned by WHOIS
I can confirm that subnet should be part of that ASN. However, I cannot recreate this in pfBlockerNG. Are you runni... Kris Phillips
03:27 PM pfSense Packages Bug #13360 (New): Not All AS Prefixes are returned by WHOIS
If you set up a rule to do WHOIS on AS4917, these are the prefixes returned by pfBlockerNG:
• 12.187.160.0/24
•... Alex Knop
02:26 PM Feature #12521: Add the BBR2, QUIC, RACK Congestion Control (CC) protocols
Good afternoon!
I'm trying to test the BBR and RACK algorithms on FreeBSD v13.1 and I'm having trouble getting tra... Yuran Yastreb
12:05 PM pfSense Packages Todo #13349 (Pull Request Review): Add note in WireGuard GUI regarding routing behavior for Allowed IPs
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/254 Marcos M
11:41 AM Bug #13359 (Not a Bug): bug found: ipsec vpn ipv4 and web management (trusted hosts) do not work together
This is almost certainly a configuration issue, either on pfSense itself or the hosting platform. Please continue the... Marcos M
06:40 AM Bug #13359 (Not a Bug): bug found: ipsec vpn ipv4 and web management (trusted hosts) do not work together
Hi
the bus gas been noticed on on latest pfsense+ 22.05, I have an ipsec tunnel between 2 routers: using ipv4 addr... Alex Zaykov

07/15/2022

04:02 PM Revision 71758a5f: Zabbix 5.4 is EoL so remove it
Brad Davis
03:31 PM pfSense Docs Todo #13236: Document link speed limitations with igc and ix on 6100/4100
Note looks good, however when we tested this, the issue happened on the @ix@ ports as well (see #note-3). Marcos M
09:35 AM pfSense Docs Todo #13236 (Feedback): Document link speed limitations with igc and ix on 6100/4100
Note added: https://gitlab.netgate.com/docs/pfsense-platforms/-/commit/05b5a002a9ecf6915681b90c4f75bf49248dcc1d
ht... Jim Pingle
09:23 AM pfSense Docs Todo #13236 (In Progress): Document link speed limitations with igc and ix on 6100/4100
Jim Pingle
02:00 PM pfSense Packages Bug #13154: pfBlocker causing excessive CPU load
Michael Novotny wrote in #note-11:
> Interesting... I reinstalled pfBlocker (pfBlockerNG-devel 3.1.0_4) as I was not ... Denny Page
01:08 PM pfSense Packages Bug #13154: pfBlocker causing excessive CPU load
Denny Page wrote in #note-10:
> Probably should confirm that the patch applied correctly. Assuming that you are runni... Michael Novotny
12:45 PM pfSense Packages Bug #13154: pfBlocker causing excessive CPU load
Michael Novotny wrote in #note-9:
> The high cpu is still occurring with this patch applied and running on 22.05, re... Denny Page
08:17 AM pfSense Packages Bug #13154: pfBlocker causing excessive CPU load
The high cpu is still occurring with this patch applied and running on 22.05, reboot, reloading package, etc. As sta... Michael Novotny
12:58 PM Revision d7be34a7: Get radius nas ip from correct variable. Fix #13356
Marcos M
12:56 PM Revision 73b5f1f7: Check for empty config.xml restore. Fixes #13289
Christopher Cope
12:42 PM pfSense Docs New Content #12787: Convert "Routing Internet Traffic Through a Site-to-Site IPsec Tunnel" recipe to VTI or add VTI as an alternate strategy
The current info isn't bad or outdated, VTI isn't necessarily better either. For that to work with VTI you'd likely n... Jim Pingle
12:30 PM pfSense Docs Todo #11944 (Closed): Feedback on Packages — FRR Package — Bidirectional Forwarding Detection
No such reference on the page currently. Jim Pingle
12:29 PM pfSense Docs Todo #11648 (Closed): Feedback on Packages — AWS VPC Wizard — pfSense Plus Configuration Details
This was fixed some time ago, it's FRR now. Jim Pingle
12:20 PM pfSense Docs Todo #13020: Improve ``easyrule`` command documentation
This could use some expansion in general. As it is, it's just a copy of the CLI usage output.
There are some other... Jim Pingle
12:15 PM pfSense Docs Todo #12214: Inconsistent usage of GUI/WebGUI/webConfigurator
The root of the issue here is that we're calling it several different names in various places and we should standardi... Jim Pingle
12:08 PM Bug #13310 (Resolved): Each line in the NPt destination IPv6 prefix list also contains the network of the previous line when multiple choices are present
This is working perfectly on snapshots. Jim Pingle
12:04 PM pfSense Docs Correction #10482 (Closed): In AWS, Get System Log may not show output and Get Instance Screenshot may need to be used
Note added: https://gitlab.netgate.com/docs/pfsense-platforms/-/commit/c0e54493ddd97d92bed72c365df8b861658358fc Jim Pingle
11:35 AM pfSense Plus Bug #13358 (Resolved): Traffic to OpenVPN DCO RA clients above the first available tunnel IP address is incorrectly routed
Traffic from hosts in the local subnet, for example a server on LAN, can only reach the first assign RA client when D... Steve Wheeler
11:07 AM pfSense Docs Correction #13187 (Closed): Azure Frequently asked questions
This was updated recently, the outdated references are gone. Jim Pingle
10:58 AM pfSense Docs Correction #12978 (Resolved): Correction to iftop section of Monitoring Bandwidth Usage
I fixed this at some point, the old references are no longer present. Jim Pingle
10:52 AM pfSense Docs Todo #12411 (Resolved): Feedback on High Availability — pfSense XML-RPC Config Sync Overview
This was added a month or so ago: https://docs.netgate.com/pfsense/en/latest/highavailability/settings.html#synchroni... Jim Pingle
10:37 AM pfSense Docs New Content #11172 (Closed): Interfaces order of 10 Gigabit Quad-Port SFP+ Intel® X710BM2 Card
Looks like they were added at some point since this went in. If what is there is still incorrect, then you'll need to... Jim Pingle
10:37 AM pfSense Docs New Content #11608 (Closed): Interfaces order of XG-7100 Quad-Port 10GbE Fiber SFP+ Installation Kit
Looks like they were added at some point since this went in. If what is there is still incorrect, then you'll need to... Jim Pingle
10:35 AM pfSense Docs Correction #9310 (Closed): Appliances with internal switch need the MAC Address section of their Getting Started guides updated
Those docs were redesigned since this was put in, the sections in question aren't anywhere in the current docs for th... Jim Pingle
10:08 AM pfSense Docs Todo #12162 (Feedback): Add "usb reset" as possible solution for non-booting flash drives on the SG-1100
Note added: https://gitlab.netgate.com/docs/pfsense-platforms/-/commit/1f955d02df41f4a57cde5bd560a7c8e21818925b
http... Jim Pingle
10:05 AM pfSense Docs Todo #12162 (In Progress): Add "usb reset" as possible solution for non-booting flash drives on the SG-1100
Jim Pingle
09:20 AM pfSense Docs Correction #11871 (Resolved): SG-2100 must be manually power cycled after installation
Fixed: https://gitlab.netgate.com/docs/pfsense-platforms/-/commit/4c5c52b9b56999cb49c5dd8106538e9cfa005f69
https:/... Jim Pingle
09:01 AM pfSense Docs Correction #11871 (In Progress): SG-2100 must be manually power cycled after installation
Jim Pingle
08:09 AM pfSense Docs Correction #12570 (Closed): Active appliance list missing 6100
This was fixed a while ago, it's there now (and the 4100) Jim Pingle
08:07 AM pfSense Docs New Content #12597 (Resolved): How to reset IPMI settings and password for Netgate appliances
It's in the docs now, has been since that commit was merged in.
https://docs.netgate.com/pfsense/en/latest/solutio... Jim Pingle
08:05 AM Regression #13356 (Feedback): RADIUS authentication attempts no longer send RADIUS NAS IP attribute
Applied in changeset commit:d7be34a7d766b06e13272a5b1904dba9f532e4cc. Marcos M
08:05 AM Bug #13289 (Feedback): Attempting to restore a 0 byte ``config.xml`` prints an error that the file cannot be read
Applied in changeset commit:73b5f1f758dedb6c87dbed89c7b7c70494c3a5cd. Christopher Cope
08:04 AM pfSense Docs Todo #13291 (Duplicate): Notification documentation
Duplicate of #12805 Jim Pingle

07/14/2022

09:12 PM Revision 970a364f: Build security/pfSense-pkg-Tailscale
(cherry picked from commit 54ab28a2f7d051c0fc251ab76900ffeddd5a2d68) Christian McDonald
09:12 PM Revision 54ab28a2: Build security/pfSense-pkg-Tailscale
Christian McDonald
06:27 PM Regression #13356 (Pull Request Review): RADIUS authentication attempts no longer send RADIUS NAS IP attribute
Thank you for your looking into it!
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/834 Marcos M
11:55 AM Regression #13356: RADIUS authentication attempts no longer send RADIUS NAS IP attribute
As requested, I added in the following (to ensure I could see the separation):... Alastair Burr
11:34 AM Regression #13356: RADIUS authentication attempts no longer send RADIUS NAS IP attribute
I'm curious what those contain - you can dump them to the system log by adding:... Marcos M
03:49 PM Bug #13289: Attempting to restore a 0 byte ``config.xml`` prints an error that the file cannot be read
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/833 Christopher Cope
03:42 PM pfSense Docs Todo #12461 (In Progress): Improve macOS Serial Command Instructions
I added some general info on finding the serial device.
Waiting on info from someone with both a Mac and a 2100 to... Jim Pingle
11:36 AM pfSense Plus Regression #13355 (Feedback): OpenVPN crashes after reaching the configured concurrent connection limit
Marcos M
08:42 AM pfSense Packages Feature #12748: Suricata blocked page timestamp breakout to it's own sortable column
Thanks so much, Bill! Appreciate your efforts. tasty ratz
08:30 AM pfSense Packages Feature #12748: Suricata blocked page timestamp breakout to it's own sortable column
The pull request has been merged to correct this issue and it can be marked "Resolved". Bill Meeks
08:31 AM pfSense Packages Bug #12956: suricata fails to use pcre in SID management (e.g. dropsid.conf)
The pull request has been merged to correct this issue and it can be marked "Resolved". Bill Meeks
08:30 AM pfSense Packages Bug #13333: PHP error when saving Suricata rulesets
The pull request has been merged to correct this issue and it can be marked "Resolved". Bill Meeks
01:34 AM Bug #8435: DHCPv6 unusable in certain circumstances (US AT&T Fiber, etc.)
Can confirm; there is a workaround that was documented in the forums.... Nathan Ollerenshaw

07/13/2022

06:24 PM pfSense Packages Bug #12956: suricata fails to use pcre in SID management (e.g. dropsid.conf)
The logic has been changed back to the original behavior by removing the _preg_quote()_ wrapping of the PCRE keyword ... Bill Meeks
06:22 PM pfSense Packages Feature #12748: Suricata blocked page timestamp breakout to it's own sortable column
Sortable columns have been added to the BLOCKS tab in the latest _pfSense-pkg-suricata-6.0.6_ version of the GUI pack... Bill Meeks
06:20 PM pfSense Packages Bug #13333: PHP error when saving Suricata rulesets
This issue has been addressed in the new _pfSense-pkg-suricata-6.0.6_ update. Pull request posted here: https://githu... Bill Meeks
11:41 AM Regression #11545: Primary interface address is not always used when VIPs are present
I'll have a look, thanks! Reid Linnemann
07:44 AM Regression #11545 (In Progress): Primary interface address is not always used when VIPs are present
Since this went in my GIF interface doesn't seem to be working properly, and it might affect others. It was working p... Jim Pingle
06:03 AM pfSense Plus Regression #13355 (Pull Request Review): OpenVPN crashes after reaching the configured concurrent connection limit
MR: https://gitlab.netgate.com/pfSense/factory-ports/-/merge_requests/63 Kristof Provost

07/12/2022

06:23 PM Todo #13357 (Resolved): Spelling and typo corrections
Filing as a place to hang a PR.
The misspellings have been reported at https://github.com/jsoref/pfsense/commit/0b... Josh Soref
06:15 PM Regression #13356 (Resolved): RADIUS authentication attempts no longer send RADIUS NAS IP attribute
After upgrading to pfSense Plus 22.05, the RADIUS NAS IP Attribute setting is no longer sent to the RADIUS server.
... Alastair Burr
05:57 PM Bug #13282: Alias content is sometimes incomplete if the firewall cannot resolve an FQDN in the alias
I trust that it is definitely real and not a false or misinterpreted report. There's a reason for it and with enough ... Reid Linnemann
05:55 PM Bug #13282: Alias content is sometimes incomplete if the firewall cannot resolve an FQDN in the alias
This has been squirreley for a long time and has been very difficult to reliably duplicate but it is very real. #9296... Chris Linstruth
05:26 PM Bug #13282: Alias content is sometimes incomplete if the firewall cannot resolve an FQDN in the alias
No, none that I am aware of. I know that filterdns has been untouched for a few months now. I'll look for changes els... Reid Linnemann
01:33 PM pfSense Plus Regression #13355 (Resolved): OpenVPN crashes after reaching the configured concurrent connection limit
Tested on 22.05.
If @Concurrent connections@ is set and that limit is reached, the OpenVPN service will crash with... Marcos M
01:12 PM Revision 9490042f: Build security/tailscale
Christian McDonald
07:30 AM pfSense Docs Todo #13352 (Resolved): Feedback on DNS — DNS Rebinding Protections
Fixed, thanks! Jim Pingle

07/11/2022

09:10 PM Bug #13353: DHCPv6 (still) doesn't work properly with multiple interfaces
We do test a variety of configurations but testing every possible iteration is not possible. Even with unit testing t... Jim Pingle
09:00 PM Bug #13353: DHCPv6 (still) doesn't work properly with multiple interfaces
If you would do proper testing (which means that at least multiple options that the GUI offers are tested, not just t... Flole Systems
07:47 PM Bug #13353: DHCPv6 (still) doesn't work properly with multiple interfaces
Unit tests are a concept that is easy to suggest but not at all easy to implement. It's something we are working towa... Jim Pingle
07:33 PM Bug #13353: DHCPv6 (still) doesn't work properly with multiple interfaces
I know exactly why it's working for you (and for some others aswell, not for all though), but it's not my job to fix ... Flole Systems
07:16 PM Bug #13353: DHCPv6 (still) doesn't work properly with multiple interfaces
I am actively using it on 22.05. It works, and does not behave as you describe.... Jim Pingle
07:10 PM Bug #13353: DHCPv6 (still) doesn't work properly with multiple interfaces
No it's not! I clearly wrote:
h3. That is on the latest pfSense plus version.
above which shouldn't leave any r... Flole Systems
06:34 PM Bug #13353 (Duplicate): DHCPv6 (still) doesn't work properly with multiple interfaces
Duplicate of #6880 -- it does work on Plus 22.05 and 2.7.0 snapshots.
 Jim Pingle
06:31 PM Bug #13353 (Duplicate): DHCPv6 (still) doesn't work properly with multiple interfaces
Another release, another stupid IPv6 bug that could have been detected with basic testing. I'm sure the users of the ... Flole Systems
07:18 PM Regression #12827: High latency and packet loss during a filter reload
There is still packet loss by the way and latency spikes up to 300ms on 22.05.... It becomes super obvious when the t... Flole Systems
06:49 PM pfSense Packages Bug #13354 (New): Tinc VPN causes constant gateway up/down events, packages restarts and filter reloads
The latest pfSense Plus version broke the tinc VPN: When tinc connects it generates an event:... Flole Systems
06:31 PM pfSense Packages Regression #13156: pfBlockerNG IP block stats do not work
luc Willems wrote in #note-15:
> found the issue why it was not working for me. the patch above, it was not "clear" ... Adrian Hansraj
03:58 PM pfSense Docs Todo #13352 (Resolved): Feedback on DNS — DNS Rebinding Protections
*Page:* https://docs.netgate.com/pfsense/en/latest/services/dns/rebinding.html
*Feedback:*
Small suggestion: Th... Jesse Sheidlower
02:13 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
There are several things I've noted about how aliases and filterdns work that - if they aren't directly related to th... Reid Linnemann
12:42 PM Revision 70dacbf3: Trim leading space from CSV vouchers. Fixes #13272
Jim Pingle
09:40 AM Feature #13351 (New): Improve Indicated Memory Usage in the Dashboard
Currently the value shown in the System Information widget is simply the system reported Free RAM value but that does... Steve Wheeler
08:18 AM Regression #13350: SSL/TLS OpenVPN Client fails with ``ifconfig`` error when the IPv4 Tunnel Network is defined
No, because there are valid cases where it should be set (e.g. to /30) at least for the time being. Since the client ... Jim Pingle
08:10 AM Regression #13350: SSL/TLS OpenVPN Client fails with ``ifconfig`` error when the IPv4 Tunnel Network is defined
Does it make sense to remove this GUI element from the options then? Erik Osterholm
07:59 AM Regression #13350: SSL/TLS OpenVPN Client fails with ``ifconfig`` error when the IPv4 Tunnel Network is defined
Normally in SSL/TLS with a client/server setup that has multiple clients the clients would never populate the tunnel ... Jim Pingle
08:08 AM Bug #9887 (Resolved): Rule separator positions change when deleting multiple rules
Looks good on the latest snapshot. Jim Pingle
07:54 AM Bug #13272 (Feedback): Voucher CSV output has leading space before voucher code
Merged. Jim Pingle
07:48 AM Bug #13014: Deadlock in Charon VICI interface
Hello, I have been working with technical support on this issue and was told to upgrade to version Pfsense Plus 22.05... Jesse Ortiz
07:47 AM pfSense Plus Bug #13348: Error when deleting ZFS Boot Environment created from duplicate of non-default entry
I can't reproduce this here so far. I can create a quick BE and then delete it without error. Though I haven't tried ... Jim Pingle
07:43 AM Bug #12875 (Resolved): Import zabbix-agent6 and zabbix-proxy6 from FreeBSD Ports
Jim Pingle
07:43 AM pfSense Packages Bug #10608 (Closed): Update squid port to 4.11-p2
Jim Pingle
03:59 AM pfSense Packages Bug #13209: Parsing Filter log by pfBlockerNG creates IP Block log with Source/Destination mixed up or wrong Direcion
Any news on a solution for this issue? Djerk Geurts

07/10/2022

12:31 PM Regression #13350 (Resolved): SSL/TLS OpenVPN Client fails with ``ifconfig`` error when the IPv4 Tunnel Network is defined
Filing this on behalf of a client.
When an IPv4 Tunnel Network is defined on an OpenVPN *Client* in pfSense, we ge... Erik Osterholm
12:16 PM Bug #13325: System Information widget breaks with multiple instances
Kris Phillips wrote in #note-1:
> Larry,
>
> Have you tried a fresh install of pfSense Plus to verify this issue ... Larry Bernardo
11:18 AM pfSense Packages Todo #13349 (Resolved): Add note in WireGuard GUI regarding routing behavior for Allowed IPs
As specified here:
https://docs.netgate.com/pfsense/en/latest/vpn/wireguard/settings.html#wireguard-settings-peer
... Marcos M
11:13 AM pfSense Plus Bug #13348 (Resolved): Error when deleting ZFS Boot Environment created from duplicate of non-default entry
After attempting to delete a "quick" boot environment, the GUI displayed the following error:... Marcos M
04:05 AM pfSense Packages Regression #13156: pfBlockerNG IP block stats do not work
found the issue why it was not working for me. the patch above, it was not "clear" for me it had to be ' _<space>_ '... luc Willems

07/09/2022

09:06 PM Bug #12875: Import zabbix-agent6 and zabbix-proxy6 from FreeBSD Ports
This is present in the 22.05 RELEASE repos, so this redmine should be closed as Resolved. Kris Phillips
09:05 PM Bug #13276: IGMP Proxy Error Message for Logging Links to System Log Instead of Routing Log
This is present on 2.6 and 22.05. Kris Phillips
09:04 PM Bug #13277: IGMP Proxy webConfigurator Page Always Produces Error
This is present in the 22.05-RELEASE build as well (just tested). However, it does not appear to affect functionality. Kris Phillips
09:01 PM Bug #13325: System Information widget breaks with multiple instances
Larry,
Have you tried a fresh install of pfSense Plus to verify this issue is still present? That looks like someth... Kris Phillips
08:57 PM Todo #10464: Don't change the current update repo when new releases are available
Internal Redmine 7479 I feel would be a better solution to this problem, rather than making PHP changes. If we split... Kris Phillips
08:55 PM pfSense Docs Todo #12461: Improve macOS Serial Command Instructions
This should be corrected as customers run into this all the time now, since the driver was updated for all platforms ... Kris Phillips
08:48 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
Reid Linnemann wrote in #note-101:
> I'm having a crack at this issue now. Is everyone experiencing this issue using... Kris Phillips
06:50 PM pfSense Packages Bug #10900: /packages/backup/backup.php?a=download&t=backup HTTP 504, or Sends PHP Error Message as ASCII/Text file Named pfsense.bak.tgz
This is very similar to https://redmine.pfsense.org/issues/11098 - testing covered using both "/root" and "/" as back... Jordan G
02:11 PM pfSense Packages Bug #10608: Update squid port to 4.11-p2
[22.05-RELEASE][admin@pfSense.home.arpa]/root: pkg info squid
squid-5.4.1
Name : squid
Version ... Alhusein Zawi
10:43 AM pfSense Packages Bug #13347: Setting BGP default-originate route map does not prepend the AS path
Side note I quickly tested setting a community using a route map on the default-originate statement and it worked. Se... Chris Linstruth
10:32 AM pfSense Packages Bug #13347 (New): Setting BGP default-originate route map does not prepend the AS path
Setting a route-map on the default-originate statement or outbound routes to a BGP peer does not properly prepend the... Chris Linstruth
01:43 AM Bug #13272: Voucher CSV output has leading space before voucher code
Tested, no more space before the code.
!clipboard-202207090942-zzonz.png!
 Lev Prokofev
01:23 AM Bug #9887: Rule separator positions change when deleting multiple rules
Tested, and it works for me. Lev Prokofev

07/08/2022

06:15 PM Regression #13026: Limiters do not work
Not sure if fully related but having limiter issues on final 22.05 release with a netgate 6100.
2 limiters, each wit... Jose Duarte
02:33 PM pfSense Plus Bug #13338: OpenVPN DCO panics with short UDP packets
Tested on 22.05, was able to reproduce
tested on
Version 22.09-DEVELOPMENT (amd64)
built on Fri Jul 08 06:14:3... Georgiy Tyutyunnik
02:08 PM pfSense Plus Bug #13338 (Feedback): OpenVPN DCO panics with short UDP packets
This is now merged. Steve Wheeler
02:21 PM Revision 2dc23896: Fixed handling of single rule selected with multi-delete Issue #9887
Christopher Cope
02:15 PM pfSense Docs New Content #12791 (Feedback): Diagnostic Information for Support (pfSense)
I took a different approach than the MR did. It's up and live now:
https://gitlab.netgate.com/docs/pfSense-docs/-/... Jim Pingle
10:16 AM Bug #9887 (Feedback): Rule separator positions change when deleting multiple rules
Fix merged Christopher Cope
09:22 AM Bug #9887: Rule separator positions change when deleting multiple rules
Latest patch tests OK for me. Jim Pingle
07:16 AM pfSense Plus Regression #13345 (Not a Bug): IPSEC tunnel loosing packets after upgrade to 22.05 between NG 1100 and NG 7100
There isn't enough information here to classify this as a bug, and we can't reproduce that in lab conditions. It's en... Jim Pingle
02:52 AM pfSense Plus Regression #13345 (Not a Bug): IPSEC tunnel loosing packets after upgrade to 22.05 between NG 1100 and NG 7100
After upgrading i noticed horrible performance over the tunnel to work.
ping gives loss and hundreds and thousands ... Lars Lindley
05:59 AM pfSense Packages Regression #13156: pfBlockerNG IP block stats do not work
same for me
using
pfsense+ V22.05
pfblockerNG-devel V3.1.0_4
basic setup using wizard.
manually edit the pf... luc Willems

07/07/2022

01:44 PM Bug #13014: Deadlock in Charon VICI interface
We suggested this bug may be the cause of what the customer is seeing in 945855019. His experience is that the tunnel... Chris W
12:19 PM Bug #9887: Rule separator positions change when deleting multiple rules
Here's a new patch with missing fixes. Seems to pass all tests this time. Christopher Cope
09:01 AM Bug #13344 (Duplicate): Vlan loses parent interface when changing LAGG mtu to jumbo frames
Hi,
Psense+ version: 22.01
When I try to add jumbo frames to lagg interface ( 9000 ) - main
When I change the... Matthew Whittaker-Williams

07/06/2022

02:26 PM Regression #11512: DHCP Leases page and ARP table page fail to load if DNS is not available
I recently upgraded to 22.05 and am seeing this same issue. Possible regression again? The page used to load within a... Aaron Shaffer
02:01 PM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound
Netgate 3100 user here, running 22.05, upgraded from 22.01 - Same problem: DNS interruptions. Can this issue get some... Per-Arne Hellarvik
01:01 PM Bug #13327: Valid OpenVPN client connections rejected due to extraneous output to ovpn_auth_verify
I'm experiencing the exact same problem reported by Brian Martin.
Unfortunately I don't have enough knowledge of PHP... Massimo Vannucci
11:03 AM pfSense Packages Bug #13343 (Resolved): HAproxy cookie protection syntax needs updated
A bug has been found after UPdate to pfSense plus 22.05: the generated code by HaProxy-GUI... Johannes Goldynia
08:05 AM pfSense Docs Todo #13342 (Feedback): Correct BGP last-as description
Merged. Jim Pingle
03:45 AM Regression #13323 (Feedback): Captive Portal breaks policy based routing for MAC address bypass clients
And that fix has landed: https://github.com/pfsense/pfsense/commit/add6447b9dc801144141bb24f8c264e03a0e7cae Kristof Provost

07/05/2022

06:17 PM pfSense Docs Todo #13342 (Pull Request Review): Correct BGP last-as description
https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/44 Marcos M
05:49 PM pfSense Docs Todo #13342 (Resolved): Correct BGP last-as description
The following is incorrect:
https://docs.netgate.com/pfsense/en/latest/packages/frr/global/routemaps.html#bgp-as-p... Marcos M
04:45 PM Revision add6447b: Ensure we apply policy routing on whitelisted captive portal MAC addresses
We cannot simply 'pass in quick' for the _patthru tagged packets,
because that means we don't process any subsequent ... Kristof Provost
02:56 PM Revision ad20a68b: Filter reload at end of rc.newwanip. Fixes #13228
Jim Pingle
01:51 PM pfSense Plus Bug #13338 (Pull Request Review): OpenVPN DCO panics with short UDP packets
Marcos M
12:59 PM pfSense Plus Bug #13338: OpenVPN DCO panics with short UDP packets
That looks to be the result of a short UDP packet. Short enough that it doesn't contain an openvpn header.
https:/... Kristof Provost
10:31 AM pfSense Plus Bug #13338 (Resolved): OpenVPN DCO panics with short UDP packets
If a UDP packet directed towards an active OpenVPN socket is received which is too short to contain an OpenVPN header... Marcos M
01:46 PM pfSense Packages Bug #13332: HAProxy Broken after v22.05 and HAProxy v0.61_3
Johannes Goldynia
Please open a new bug report for the HSTS / Cookie protection issue. Marcos M
07:59 AM pfSense Packages Bug #13332 (Rejected): HAProxy Broken after v22.05 and HAProxy v0.61_3
There is no way the package can possibly track and warn about custom configuration directives. By definition it does ... Jim Pingle
12:53 PM Bug #13341 (Not a Bug): IPSEC VTI Gateway Monitoring
That is most likely a problem in your configuration or environment, VTI gateway monitoring is working fine in general... Jim Pingle
12:14 PM Bug #13341 (Not a Bug): IPSEC VTI Gateway Monitoring
Hello,
Gateway monitoring does not work on VTI gateways altough the tunnel is UP and traffic is passing succesfull... Marcus Oliveira
12:24 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
I'm having a crack at this issue now. Is everyone experiencing this issue using unbound as a resolver by chance? Reid Linnemann
11:25 AM Feature #13340 (New): Option to change QinQ ethertype to Service VLAN Tag
Currently, pfSense uses C-Tags (ethertype 0x8100) for QinQ interfaces. Ideally, it should keep C-Tags on existing con... Marcos M
10:46 AM Bug #13339 (Not a Bug): Randomly DHCP interface detaches and attach automatically in pfsense 2.6.0
This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
10:44 AM Bug #13339 (Not a Bug): Randomly DHCP interface detaches and attach automatically in pfsense 2.6.0
I am facing issue on pfsense firewall CE 2.6.0 after upgrade on 2.5.0 to 2.6.0.., Honnesh Gowda
10:05 AM Bug #13228 (Feedback): Recovering interface gateway may not be added back into gateway groups and rules when expected
Applied in changeset commit:ad20a68bae86fff5660b02789a49618a6e71ae22. Jim Pingle
09:42 AM Bug #9887: Rule separator positions change when deleting multiple rules
This fails in a new/different way when applied. When attempting "test 2" from my original attachments, it puts the se... Jim Pingle
09:36 AM Bug #13327: Valid OpenVPN client connections rejected due to extraneous output to ovpn_auth_verify
I neglected to mention in the bug report and the forum thread that I'm on release 2.6.0, the current stable release. ... Brian Martin
07:35 AM Bug #13327 (Rejected): Valid OpenVPN client connections rejected due to extraneous output to ovpn_auth_verify
There isn't enough information to go on here. This is working for us in the lab and for most if not all users of the ... Jim Pingle
08:47 AM Regression #13323: Captive Portal breaks policy based routing for MAC address bypass clients
I've applied the patch and it fixed the problem for me. Thanks a bunch! Axel Taferner
08:11 AM Bug #13337 (Rejected): After upgrading from 22.01 to 22.05 unbound intermittently stops resolving until manually restarted
There isn't enough information to go on here and it's working fine for thousands of others. It's possible it's relate... Jim Pingle
03:37 AM Bug #13337 (Rejected): After upgrading from 22.01 to 22.05 unbound intermittently stops resolving until manually restarted
Config haven't changed from 22.01 but after upgrade started having problems with dns resolver just timing out on reso... Vaidotas Butkus
08:09 AM pfSense Packages Bug #13336 (Rejected): BGP packets not being sent to OpenVPN cloud connections
This is almost certainly a configuration problem with your OpenVPN setup and/or FRR settings. This site is not for su... Jim Pingle
08:07 AM pfSense Packages Bug #13328 (Not a Bug): Wireguard Site-to-Site broken after upgrade to 22.05
This is unlikely to be a bug, but something in your configuration or environment. It's working for many others in sim... Jim Pingle
08:05 AM pfSense Docs Todo #12770 (Resolved): Feedback on Firewall — Configuring firewall rules
Merged. Also fixed a couple small things I noticed after merging: https://gitlab.netgate.com/docs/pfSense-docs/-/comm... Jim Pingle
07:56 AM pfSense Docs New Content #13270 (Resolved): OpenVPN client gateway is incorrect when the server does not push routes
Merged.
I fixed a couple extra things I noticed after merging: https://gitlab.netgate.com/docs/pfSense-docs/-/comm... Jim Pingle
07:43 AM pfSense Plus Bug #12607 (Closed): Instability with Snort Inline with AWS Instances
Jim Pingle
07:41 AM Bug #13330 (Rejected): Traffic Shaper Wizard is broken
Please open separate issues for each item, like you did for the second bullet point there ( #13329 )
The first bul... Jim Pingle
07:41 AM Bug #12747: Restarting the logging daemon during rotation also restarts ``sshguard``, leading to frequent log messages
I'm having the same issue on 2.6.0 at every 1 minute:
Jul 5 09:33:00 sshguard 77002 Exiting on signal.
Jul 5 09:3... Geovane Gonçalves
07:36 AM Bug #13318 (Resolved): Neighbor hostnames in the NDP Table on ``diag_ndp.php`` are always empty
Jim Pingle
03:26 AM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound
Any progress on this as it causes lots of other DNS resolver issues not just short interruptions.
22.01 dns resolver... Vaidotas Butkus

07/04/2022

08:14 PM pfSense Packages Bug #13336 (Rejected): BGP packets not being sent to OpenVPN cloud connections
Scenario:
OpenVPN cloud is utilized to connect two pfsense routers behind CGNAT to allow for site to site connectivi... Devan Bhagat
03:23 PM Feature #13293: Option to set auth-gen-token in OpenVPN GUI
It's unclear if the concerns mentioned on the following link have been addressed - best to keep this as a custom opti... Marcos M
02:07 PM Regression #13323: Captive Portal breaks policy based routing for MAC address bypass clients
If you'd like to test it and provide feedback, here's the patch - apply it with the System Patches package. Marcos M
01:30 PM Regression #13323: Captive Portal breaks policy based routing for MAC address bypass clients
Yes, that's internal. It'll turn up in the public tree once I find a victim to review it. That's going to take a day ... Kristof Provost
01:00 PM Regression #13323: Captive Portal breaks policy based routing for MAC address bypass clients
Kristof, the link you posted doesn't work. DNS_PROBE_FINISHED_NXDOMAIN
You probably linked to something internal tha... Axel Taferner
11:07 AM Regression #13323: Captive Portal breaks policy based routing for MAC address bypass clients
The draft patch wouldn't work, but a similar fix does:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests... Kristof Provost
11:15 AM pfSense Plus Bug #13334 (Not a Bug): Configuration Auto Backup broken after v22.05 fresh install
I was able to upload backups successfully. Likely a temporary service outage. If it continues to happen, I'd suggest ... Marcos M
11:04 AM pfSense Packages Bug #11098 (Resolved): Backup Files and Directories plugin crashes firewall if /root specified as backup location
I'll close this given that the original issue (crash) no longer happens. There's still the issue of the package locki... Marcos M
10:48 AM Feature #13335: Allow NAT reflection to be limited to specific interfaces
The NAT reflection mode default can be kept as @disabled@, while enabling it per NAT rule. I suppose having the featu... Marcos M
02:08 AM Feature #13335 (New): Allow NAT reflection to be limited to specific interfaces
I have a setup at home with a VLAN for guests, which doesn't have access to any internal resources. Because of this,... Chris Gelatt
10:32 AM pfSense Packages Bug #13333: PHP error when saving Suricata rulesets
Marcos Mendoza wrote in #note-2:
> It happened a while ago as you can tell from the timestamp, unfortunately I don't... Bill Meeks

07/03/2022

11:35 PM pfSense Packages Bug #11098: Backup Files and Directories plugin crashes firewall if /root specified as backup location
my apologies, I did misunderstand the initial report
in case of specifying "/root/" as path, the backup button produ... Jordan G
07:25 PM Regression #13290: Error ``dummynet: bad switch 21!`` when using Captive Portal with Limiters
For reference:
There's a redmine report for the policy routing issue here https://redmine.pfsense.org/issues/13323... Marcos M
07:23 PM Regression #13323: Captive Portal breaks policy based routing for MAC address bypass clients
Potential fix here: https://redmine.pfsense.org/issues/13290#note-6 Marcos M
06:42 PM pfSense Packages Bug #13333: PHP error when saving Suricata rulesets
It happened a while ago as you can tell from the timestamp, unfortunately I don't remember the exact details to repro... Marcos M
04:14 PM pfSense Packages Bug #13333: PHP error when saving Suricata rulesets
Can you add a little more detail for this statement: " _This was triggered when existing rules were auto-enabled by ... Bill Meeks
12:59 PM pfSense Packages Bug #13333 (Resolved): PHP error when saving Suricata rulesets
In some cases, @$enabled_rulesets_array@ in @suricata_rulesets.php@ may not be an array which results in the followin... Marcos M
06:06 PM pfSense Plus Bug #13334 (Not a Bug): Configuration Auto Backup broken after v22.05 fresh install
Multiple errors (30) generated with the same message:
3:33:24 An error occurred while uploading the encrypted confi... Rick Strangman
12:20 PM pfSense Packages Bug #13332: HAProxy Broken after v22.05 and HAProxy v0.61_3
Hello,
updating the pass-trough rules to... Johannes Goldynia
02:58 AM pfSense Packages Bug #13328: Wireguard Site-to-Site broken after upgrade to 22.05
After reading through here, I think this might be related to this
https://redmine.pfsense.org/issues/12808
I never h... Sebastian Schmid

07/02/2022

11:34 PM pfSense Packages Bug #13332 (Rejected): HAProxy Broken after v22.05 and HAProxy v0.61_3
If you are using HAProxy deprecated rspidel directive on your frontends or the option option httpchk on backends, HAP... Rick Strangman
09:05 PM pfSense Plus Bug #12607: Instability with Snort Inline with AWS Instances
This can likely be closed as I've seen zero complaints on newer Plus releases for Snort Inline in AWS. Likely these ... Kris Phillips
09:01 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``
FYI using the manually compiled, out-of-band driver still works fine on 22.05-RELEASE (as expected since the FreeBSD ... Kris Phillips
08:50 PM Bug #13282: Alias content is sometimes incomplete if the firewall cannot resolve an FQDN in the alias
Reid Linnemann wrote in #note-2:
> There must be something else to this than just the unresolvable host, I've tried ... Kris Phillips
08:41 PM pfSense Packages Bug #11098: Backup Files and Directories plugin crashes firewall if /root specified as backup location
Jordan Greene wrote in #note-11:
> attempted creation of backup for "/" - after creating the entry and using the back... Kris Phillips
05:14 PM pfSense Packages Bug #11098: Backup Files and Directories plugin crashes firewall if /root specified as backup location
attempted creation of backup for "/" - after creating the entry and using the backup button, I'm eventually given 504... Jordan G
02:28 PM pfSense Docs New Content #13331 (New): FRR: Add documentation for RIP

RIP documents(configuration/example) need to be added under FRR package Docs. Alhusein Zawi
02:10 PM Feature #11927 (Resolved): Allow DHCP not to serve a gateway - small fix

resolved
22.05-RELEASE (amd64)
built on Wed Jun 22 18:56:13 UTC 2022
FreeBSD 12.3-STABLE Alhusein Zawi
11:33 AM Bug #13330 (Rejected): Traffic Shaper Wizard is broken
I noticed multiple issues with the Traffic Shaper wizard using ALTQ Scheduler - HFSC type.
* Values defined in wiz... Danilo Zrenjanin
10:58 AM pfSense Packages Regression #13156: pfBlockerNG IP block stats do not work
This fix doesn't work for me, I still can't get any logging of IP blocks, even though the dashboard counter shows it ... Adrian Hansraj
09:11 AM Bug #13329 (New): Traffic shaping Wizard sets invalid values for qVoip queue
No matter what I set in the Voice Over IP wizard step, when I finish the wizard the qVoip is set to 32Kb.

!clip... Danilo Zrenjanin
04:02 AM pfSense Packages Bug #13328 (Not a Bug): Wireguard Site-to-Site broken after upgrade to 22.05
Hi,
I upgraded from 22.01 to 22.05. Everything went fine.
Plus home license on virtualized system
On Upgrade the... Sebastian Schmid
02:57 AM Bug #13318: Neighbor hostnames in the NDP Table on ``diag_ndp.php`` are always empty
Seems it works.
!clipboard-202207021056-wabip.png!
 Lev Prokofev

07/01/2022

06:12 PM Bug #13327 (Resolved): Valid OpenVPN client connections rejected due to extraneous output to ovpn_auth_verify
OpenVPN was observed rejecting client connections that were previously accepted and had not expired. Research lead to... Brian Martin
02:25 PM Bug #9887 (Pull Request Review): Rule separator positions change when deleting multiple rules
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/830
All tests in the original ticket worked as expecte... Christopher Cope
09:10 AM Bug #12959: dhcplease process wrongly update host file if client-hostname is empty
Also unable to reproduce.
Tested on:
22.05-RELEASE (amd64)
built on Wed Jun 22 18:56:13 UTC 2022
FreeBSD 12.3-STABLE Georgiy Tyutyunnik
04:53 AM Regression #13290: Error ``dummynet: bad switch 21!`` when using Captive Portal with Limiters
I believe the failure to apply policy routing on whitelisted mac addresses is due to rules like `pass in quick all fl... Kristof Provost

06/30/2022

05:04 PM Bug #13282: Alias content is sometimes incomplete if the firewall cannot resolve an FQDN in the alias
There must be something else to this than just the unresolvable host, I've tried several times to replicate this and ... Reid Linnemann
12:52 PM pfSense Packages Bug #13309 (Resolved): Cron validation prevents special strings such as @reboot
Tested against the Cron package version 0.3.8_1
It works as expected.
I am marking this ticket resolved. Danilo Zrenjanin
12:35 PM pfSense Packages Bug #13261 (Resolved): Input validation rejects empty ``sudo`` command list, but GUI text says it can be empty
Tested on 22.05, package version 0.3_7.
It works as expected. I am marking this ticket closed. Danilo Zrenjanin
12:00 PM Bug #13325 (Confirmed): System Information widget breaks with multiple instances
I currently have 2 System Information widget displayed on a 3 Column Dashboard (First and 3rd Column). First System ... Larry Bernardo
11:46 AM Bug #13317: ``array_filter`` PHP Errors in ``interfaces.inc``
I did indeed fix this in CE devel, I need to get the change merged into plus-devel today, if it hasn't already been m... Reid Linnemann
10:21 AM pfSense Docs Todo #13324 (Rejected): Remove Deprecated IPSec Remote Access VPN Guides
L2TP is not insecure (it's protected by IPsec) it's just not well supported by clients.
They are all still valid j... Jim Pingle
10:18 AM pfSense Docs Todo #13324 (Rejected): Remove Deprecated IPSec Remote Access VPN Guides
Several Configuration Recipes are often find by customers that are no longer recommended. While these guides had use... Kris Phillips
09:21 AM Regression #13323 (Resolved): Captive Portal breaks policy based routing for MAC address bypass clients
Relevant information about my network
LAN segment
VLAN for IoT and wifi devices
WAN1 is used as the default gate... Axel Taferner
08:41 AM Todo #10464: Don't change the current update repo when new releases are available
Also worth noting, however this is handled, it should not suppress the list of packages and it *must* still allow the... Jim Pingle
07:42 AM Regression #13290: Error ``dummynet: bad switch 21!`` when using Captive Portal with Limiters
The 'bad switch' message originates in dummynet_send(), and the '21' is decimal, so 0x15. Representing PROTO_IPV6 | P... Kristof Provost
07:06 AM Bug #13321 (Pull Request Review): dhcpleases handles duplicate hostnames incorrectly
Jim Pingle
06:45 AM Feature #13322: Define Packet Capture Protocol
And EtherType Andy Kniveton
06:10 AM Feature #13322 (Closed): Define Packet Capture Protocol
Any chance of adding the ability of allowing a user defined protocol to the Packet Capture.
I was trying to debug ... Andy Kniveton
05:21 AM Bug #12747: Restarting the logging daemon during rotation also restarts ``sshguard``, leading to frequent log messages
same here on 22.05
!clipboard-202206300621-7gjov.png!
 Franck Ck
03:18 AM Bug #12811: Services are not restarted when PPP interfaces connect
ec73bb89489d830ec21c4e04ffa3ec401791b55d and c467ca2f35c102aae897424a2fda08e9b2ace673 actually solve the issue that t... Oskar Stroka

06/29/2022

11:57 PM Bug #13321: dhcpleases handles duplicate hostnames incorrectly
Added pull request: https://github.com/pfsense/FreeBSD-ports/pull/1176 Adrian Fonseca
11:10 PM Bug #13321 (Pull Request Review): dhcpleases handles duplicate hostnames incorrectly
--- Problem ---
If the 'dhcpd.leases' file parsed by dhcpleases contains an expired lease and non-expired lease for ... Adrian Fonseca
04:31 PM Bug #13228: Recovering interface gateway may not be added back into gateway groups and rules when expected
I have this issue. Adding the filter_configure(); to the end, (while not removing the else block) does resolve this f... Lee Brown
02:03 PM pfSense Plus Bug #13320: IP aliases with a CARP VIP parent are not available as VIP choices for gateway groups
Looks like it's because the group drop-downs filter based on the VIP interface and it sees the CARP VIP as the interf... Jim Pingle
01:47 PM pfSense Plus Bug #13320 (Resolved): IP aliases with a CARP VIP parent are not available as VIP choices for gateway groups
Configuration is an HA pair of 6100's with a failover gateway group, one ISP per gateway.
The intention is for IPs... Chris W
12:59 PM Revision 8c9ab20e: Don't force DNS to use 4/6 here. Fixes #13318
It's not trying to force communication with a
specific address family DNS server. Jim Pingle
12:16 PM Bug #13318: Neighbor hostnames in the NDP Table on ``diag_ndp.php`` are always empty
Jim - just to let you know, applied this and seems to be working now. Thanks for such a quick response!
 JohnPoz _
08:10 AM Bug #13318 (Feedback): Neighbor hostnames in the NDP Table on ``diag_ndp.php`` are always empty
Applied in changeset commit:8c9ab20efe61161e30fe215166d8573c801b947d. Jim Pingle
07:57 AM Bug #13318: Neighbor hostnames in the NDP Table on ``diag_ndp.php`` are always empty
Looking at #11512 and commit:aa1936eefc251b5330e7392f3b1fbc23a006a400 where that was added, it isn't necessary. There... Jim Pingle
07:50 AM Bug #13318: Neighbor hostnames in the NDP Table on ``diag_ndp.php`` are always empty
Looks like for some reason @_getHostName()@ is forcing the DNS lookup to use @-6@ when it shouldn't, as that controls... Jim Pingle
07:32 AM Bug #13318 (Resolved): Neighbor hostnames in the NDP Table on ``diag_ndp.php`` are always empty
The NDP Table in the gui is not listing the hostname, while ndp -a from cmd line does.
See this thread.
https:/... JohnPoz _
10:01 AM Regression #13316 (Feedback): ``vmstat -m`` value for ``temp`` is accounted for incorrectly, resulting in underflows
Looks like this happens as the value for @nvlist@ increases. Apparently already fixed in FreeBSD: https://cgit.freebs... Jim Pingle
08:46 AM Regression #13316: ``vmstat -m`` value for ``temp`` is accounted for incorrectly, resulting in underflows
Looks like the value of that entry is unsigned and trying to go negative, which results in an underflow (hits 0 then ... Jim Pingle
09:20 AM Regression #13319: OpenVPN site2site with SSL/TLS doesn't apply the remote network route
Jim Pingle wrote in #note-1:
> That is most likely a configuration problem. More likely related to how you changed t... Pietro Cesana
09:15 AM Regression #13319 (Not a Bug): OpenVPN site2site with SSL/TLS doesn't apply the remote network route
That is most likely a configuration problem. More likely related to how you changed the settings when moving from sha... Jim Pingle
09:12 AM Regression #13319 (Not a Bug): OpenVPN site2site with SSL/TLS doesn't apply the remote network route
I'm testing 2.7 DEV snapshot and I have two OpenVPN site2site client connections.
One (ovpnc1) uses sharedkey and th... Pietro Cesana
08:06 AM Bug #13317 (Feedback): ``array_filter`` PHP Errors in ``interfaces.inc``
Looks like Reid already fix this one. See commit:c5d786359cc4a15c81e1c4773ab271b3d49ed594
 Jim Pingle
06:40 AM Bug #13317: ``array_filter`` PHP Errors in ``interfaces.inc``
Do you have any more information about what was going on when the errors happened? Were you making a change in the GU... Jim Pingle
02:16 AM Bug #13317 (Resolved): ``array_filter`` PHP Errors in ``interfaces.inc``
Crash report begins. Anonymous machine information:
amd64
12.3-STABLE
FreeBSD 12.3-STABLE devel-12-n227385-38ca... Vorname Nachname
07:53 AM Bug #13132 (New): Multiple ``<sshdata>`` or ``<rrddata>`` sections in ``config.xml`` lead to an XML parsing error during restore
There is still some issue here as users are hitting this on 22.05 when restoring backups with two sections. Jim Pingle
07:00 AM pfSense Packages Regression #13156: pfBlockerNG IP block stats do not work
I just tested and your patch also works on the latest 2.7.0-DEVELOPMENT. Glenn Hall

06/28/2022

09:01 PM Regression #13316: ``vmstat -m`` value for ``temp`` is accounted for incorrectly, resulting in underflows
Just after a reboot the value is sane and the script works, so there is something else going on there.
I'd say the... Jim Pingle
08:43 PM Regression #13316: ``vmstat -m`` value for ``temp`` is accounted for incorrectly, resulting in underflows
There is a line in @vmstat -m@ for @temp@ that is throwing off the output, it's gigantic... Jim Pingle
08:29 PM Regression #13316 (Resolved): ``vmstat -m`` value for ``temp`` is accounted for incorrectly, resulting in underflows
It works on 22.01, running it on 22.05 produces the following output:... Marcos M
08:32 PM Revision c5d78635: get_interface_addresses: Silence array_filter warnings
Reid Linnemann
06:09 PM Bug #13093: LDAP authentication fails with extended query and RFC2307 group lookups enabled
@(&(DN_RETURNED_BY_INITIAL_SEARCH)(memberOf=cn=nextcloud,cn=groups,cn=accounts,dc=example,dc=com))@
That doesn't w... Chris Linstruth
05:21 PM Bug #13093: LDAP authentication fails with extended query and RFC2307 group lookups enabled
OK. It looks like it is combining the RFC2307 query and the extended query into something that cannot match when both... Chris Linstruth
02:20 PM Revision d9ff4a76: Clean up old repo files that are not needed any longer since we just template the one
Brad Davis
01:14 PM pfSense Packages Bug #13154: pfBlocker causing excessive CPU load
For reference, the patch to fix it is as follows:... Marcos M
12:44 PM Revision 2a9f6b40: Clarify delegated IPv6 prefix source. Fixes #13310
Indicates the tracked interface and prefix ID, which is more important
now that delegation works from multiple upstre... Jim Pingle
12:04 PM pfSense Plus Todo #13189 (Resolved): Input validation should reject the combination of DCO and P2P mode
Jim Pingle
12:04 PM pfSense Plus Regression #13183 (Resolved): ZFS module is loaded on systems without ZFS
Jim Pingle
10:28 AM pfSense Docs New Content #13311 (Resolved): Add troubleshooting tips for multiple disk boot issues
https://docs.netgate.com/pfsense/en/latest/troubleshooting/boot-issues.html
It's possible that pfSense may mount a... Marcos M
08:22 AM pfSense Packages Bug #13309 (Feedback): Cron validation prevents special strings such as @reboot
Fixed: https://github.com/pfsense/FreeBSD-ports/commit/68b6508b0454c6113e03c1fd84e20279310d0bef Jim Pingle
07:55 AM Bug #13310 (Feedback): Each line in the NPt destination IPv6 prefix list also contains the network of the previous line when multiple choices are present
Applied in changeset commit:2a9f6b409bdde67c065a0fa6b13296bbad6c6794. Jim Pingle
07:16 AM Bug #13310: Each line in the NPt destination IPv6 prefix list also contains the network of the previous line when multiple choices are present
This is also mentioned on #13240 but in the interest of only having one problem per issue we can keep this one and ch... Jim Pingle
07:18 AM Bug #13240: User is forced to pick an NPt destination IPv6 prefix length even when choosing a drop-down entry which contains a defined prefix length
Moving first point to #13310 - keeping this one for point 2.
 Jim Pingle

06/27/2022

10:19 PM Regression #13290: Error ``dummynet: bad switch 21!`` when using Captive Portal with Limiters
I've posted some additional info on the forums here: https://forum.netgate.com/topic/173061/captive-portal-broken-aft... Axel Taferner
07:26 PM Regression #13290: Error ``dummynet: bad switch 21!`` when using Captive Portal with Limiters
I've updated to pfSense+ 22.05 today and I'm seeing the same thing on the console when activating a captive portal. Axel Taferner
06:32 PM Revision 60a2fa6b: Remove incorrectly restored code. Fixes #13308
Jim Pingle
06:28 PM Revision 2bf4167c: Set PKG_REPO_BRANCH_DEVEL to match the branch name
Brad Davis
04:08 PM Bug #13310: Each line in the NPt destination IPv6 prefix list also contains the network of the previous line when multiple choices are present
PR here: https://github.com/pfsense/pfsense/pull/4608 Seyfidin Hamraoui
04:07 PM Bug #13310 (Resolved): Each line in the NPt destination IPv6 prefix list also contains the network of the previous line when multiple choices are present
Destination IPv6 prefix list is not built properly due to wrongly placed string operator Seyfidin Hamraoui
03:52 PM pfSense Packages Bug #13309 (Resolved): Cron validation prevents special strings such as @reboot
A recent change to the Cron package introduced field validation. Although the UI specifies time examples, some users ... Grant Henderson
03:09 PM Bug #13308 (Resolved): The ``negate_networks`` table is duplicated in ``rules.debug``
Tested patch on 22.05. The table is no longer duplicated. Marcos M
01:50 PM Bug #13308 (Feedback): The ``negate_networks`` table is duplicated in ``rules.debug``
Applied in changeset commit:60a2fa6b6f1a59f3f86933265fbb48e25f652bfc. Jim Pingle
01:30 PM Bug #13308 (Resolved): The ``negate_networks`` table is duplicated in ``rules.debug``
In #13049 the logic to generate the @negate_networks@ table changed ( commit:415a1b2083228030f200c8ea0eac3a8fc91f7142... Jim Pingle
11:20 AM Bug #13307 (Resolved): PPP interface custom reset date/time Hour and Minute fields do not properly handle ``0`` value
When configuring a custom PPP interface reset time on @/interfaces_ppps_edit.php@ *or* @interfaces.php@ the page mish... Jim Pingle
10:56 AM Regression #13303 (Pull Request Review): DNSExit Dynamic DNS updates no longer work
Jim Pingle
10:45 AM pfSense Packages Todo #13306 (Resolved): Update NUT to version 2.8.0 to match FreeBSD Packages
NUT in the FreeBSD repo has been updated to 2.8.0. Make a corresponding update in the pfSense Packages repo. Denny Page
10:26 AM Feature #13305: Certificate Revocation page should show expiration date
This would only be valid for imported CRLs, as internal CRLs are regenerated every time they are refreshed (e.g. Open... Jim Pingle
10:07 AM Feature #13305 (New): Certificate Revocation page should show expiration date
For external CAs, it would be helpful if the Certificate Revovation page showed the valid dates for the CRLs as is do... Orion Poplawski
09:50 AM Bug #11629: PPPoE WAN IP address different than expected when set static by ISP
Dan Rice wrote in #note-23:
> We've installed 22.05 on our Netgate 2100 appliance and it's still assigning the wrong... Marcos M
07:42 AM pfSense Docs Todo #12770 (Pull Request Review): Feedback on Firewall — Configuring firewall rules
Jim Pingle
07:31 AM Bug #12947 (Pull Request Review): Old IPv6 addresses may continue to be used after DHCP or RA changes
Jim Pingle
07:27 AM pfSense Docs Correction #11223: Azure Marketplace links are invalid
Looks like they were fixed in #13130 (2 months ago) and https://gitlab.netgate.com/docs/pfsense-platforms/-/commit/c3... Jim Pingle
07:23 AM pfSense Plus Bug #11626: Google LDAP connections fail due to lack of SNI for TLS 1.3
Not up to me, it'll need to be handled by Luiz or Brad once things start moving for 22.09 but it's already on the radar. Jim Pingle
07:22 AM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server
Kris Phillips wrote in #note-10:
> The problem is that renegotiating the data channel key, in the default operation ... Jim Pingle
07:20 AM Bug #13301 (Duplicate): Bug #13239 = (?) = #12645 appease not fixed - ipv6 based ipsec vpn tunnel bug found with fqdn remote host
I reopened the previous issue, no need for a new one. Jim Pingle
07:20 AM Bug #12645 (New): ``filterdns`` does not monitor remote IPsec gateways for IPv6 address changes
Jim Pingle
07:19 AM pfSense Packages Bug #13261: Input validation rejects empty ``sudo`` command list, but GUI text says it can be empty
Picked back to release branches. Jim Pingle
12:09 AM Revision 17f81cb6: Fixing broken DNSExit implementation
Koen Zomers

06/26/2022

11:31 PM Feature #13304 (Resolved): ALTQ GUI support for Broadcom Netextreme II (``bxe``) interfaces
Original support commit "freebsd-src: 4e40076":https://github.com/freebsd/freebsd-src/commit/4e4007688cf99b61408f5b60... Robert Contreras
07:44 PM Bug #12947: Old IPv6 addresses may continue to be used after DHCP or RA changes
I posted on the PR that since @rlinnemann has just deprecated pfSense_getall_interface_addresses(), this should proba... → luckman212
07:18 PM Regression #13303 (Resolved): DNSExit Dynamic DNS updates no longer work
The current implementation of DNSExit under DynDNS doesn't work anymore. In the logs it will show:
!clipboard-2022... Koen Zomers
02:47 PM Bug #7996 (Pull Request Review): Unnecessary link tag in login page
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/825 Marcos M
02:35 PM Bug #12544 (Closed): OpenSSH vulnerabilities
Marcos M
02:14 PM Regression #11870 (Not a Bug): Setting MTU on VLAN does not set MTU on parent interface in 2.5.1
VLAN MTU _should_ be allowed to be set at the same or lower MTU as the parent. This issue can be re-opened if a case ... Marcos M
12:54 PM pfSense Docs New Content #13270 (Pull Request Review): OpenVPN client gateway is incorrect when the server does not push routes
https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/41 Marcos M

06/25/2022

07:01 PM pfSense Docs Correction #11223 (Resolved): Azure Marketplace links are invalid
Chris W
07:01 PM pfSense Docs Correction #11223: Azure Marketplace links are invalid
Looks like this was fixed. The corrected links point to https://azuremarketplace.microsoft.com/en-us/marketplace/apps... Chris W
05:47 PM Bug #12544: OpenSSH vulnerabilities
This bug report can be closed. pfSense Plus 22.05 comes with OpenSSH 8.8p1, which is not vulnerable to any of these ... Kris Phillips
05:42 PM Bug #8207: 2.4 cannot boot as a Xen VM with more than 7 NICs
Due to lack of confirmation, this bug report should be rejected unless it can be verified that there is a problem on ... Kris Phillips
05:41 PM Bug #9626: When deny write permission is assigned to a user, there is no error feedback if the user tries to write something
Can confirm this is still an issue in 22.05 of pfSense Plus. There is no visual feedback or an error notification du... Kris Phillips
05:39 PM Bug #7996: Unnecessary link tag in login page
This is still present in pfSense Plus 22.05. Kris Phillips
05:38 PM pfSense Packages Bug #10602 (Resolved): Dashboard->Traffic Graphs bandwidth designations on hover pop-ups
Tested this on pfSense Plus 22.05. Not sure when this was fixed, but this looks to be resolved. Closing out this bu... Kris Phillips
05:34 PM pfSense Plus Bug #11626: Google LDAP connections fail due to lack of SNI for TLS 1.3
Jim Pingle wrote in #note-15:
> Nudge this ahead so we have more time to ensure there aren't any regressions from th... Kris Phillips
05:30 PM pfSense Plus Feature #12546: Add 2FA Support to pfSense Plus Local Database Authentication
Further expounding on this, it appears that Viscosity has native capability to add prompts in the client config.
... Kris Phillips
05:03 PM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server
Jim Pingle wrote in #note-9:
> Marcos Mendoza wrote in #note-7:
> > I created https://redmine.pfsense.org/issues/13... Kris Phillips
05:00 PM Bug #13003: Malicious Driver Detection event on ``ixl(4)`` driver
Christoph Vieten wrote in #note-5:
> Kris Phillips wrote in #note-3:
> > Christoph Vieten wrote in #note-2:
> > > ... Kris Phillips
03:25 PM pfSense Docs Todo #12770: Feedback on Firewall — Configuring firewall rules
Merge request:
https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/42 Chris W
10:59 AM pfSense Packages Bug #11572: Auto created firewall rules have IPv4 as protocol only - even for IPv6 lists.
Still an issue in 2.6.0
Why not remove pfblockerNG from Repo if it's no more fixed and maintained anyway? Saves ti... Beat Siegenthaler
05:41 AM Bug #13301 (Duplicate): Bug #13239 = (?) = #12645 appease not fixed - ipv6 based ipsec vpn tunnel bug found with fqdn remote host
Hi,
I reported the bug earlier : https://redmine.pfsense.org/issues/13239#change-61632
ipv6 based ipsec vpn tun... Alex Zaykov
05:33 AM Bug #12645: ``filterdns`` does not monitor remote IPsec gateways for IPv6 address changes
tested on the latest built 22.05-RC (amd64) built on Fri Jun 17 06:34:36 UTC 2022
the bug is not fixed, Ipsec tunnel... Alex Zaykov

06/24/2022

10:10 PM Feature #13296: Add support for DHCP6 OPTION_PD_EXCLUDE (RFC 6603)
It's where the bug entries are for FreeBSD ports are, and where a feature request can be submitted. Marcos M
04:16 PM Bug #9471 (Resolved): GIF tunnel not added to interface group after reboot

added GIF,LAN,PPPoE and GRE to the group of interfaces, GIF is added to the interface group after reboot
ifconfi... Alhusein Zawi
03:09 PM Revision 3222c70a: Omit VIPs from interface address selection. Fixes #11545
Add function get_interface_addresses() which wraps around pfSense_get_ifaddrs() and
filters VIPs before selecting an ... Reid Linnemann
02:50 PM pfSense Packages Bug #13261 (Feedback): Input validation rejects empty ``sudo`` command list, but GUI text says it can be empty
Merged: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/commit/a056c1984a174248da0a0f8c541d9441678a2339 Christopher Cope
01:23 PM pfSense Packages Bug #13261 (Pull Request Review): Input validation rejects empty ``sudo`` command list, but GUI text says it can be empty
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/251 Christopher Cope
11:31 AM pfSense Docs Correction #13300 (Resolved): Corrected Silabs driver URL
Jim Pingle
11:20 AM pfSense Docs Correction #13300 (Resolved): Corrected Silabs driver URL
Current link in the Windows tab of the Connecting to the Console Port pages for Netgate firewalls (excluding 1100 and... Chris W
11:21 AM pfSense Packages Bug #13299 (Resolved): Cron package needs basic input validation and output encoding
Tested and working as expected on... Christopher Cope
10:18 AM pfSense Packages Bug #13299 (Feedback): Cron package needs basic input validation and output encoding
Fixed: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/commit/1a8a2f338592428dd46e543a884b1758b68198c9 Jim Pingle
10:09 AM pfSense Packages Bug #13299 (Resolved): Cron package needs basic input validation and output encoding
The cron package does not validate its inputs nor does it encode its output. This can lead to a potential stored XSS.... Jim Pingle
10:25 AM Regression #11545: Primary interface address is not always used when VIPs are present
I believe I have a fix for this issue. I created a variation on pfSense_get_interface_addresses() named pfSense_get_i... Reid Linnemann
10:15 AM Regression #11545 (Feedback): Primary interface address is not always used when VIPs are present
Applied in changeset commit:3222c70aaf783336901f7b1225727b5973ba865a. Reid Linnemann
07:47 AM Bug #13298: Dynv6 Dynamic DNS client does not check the response code when updating
PR: https://github.com/pfsense/pfsense/pull/4605 Jim Pingle
07:16 AM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server
Marcos Mendoza wrote in #note-7:
> I created https://redmine.pfsense.org/issues/13293 for that. Given that @auth-gen... Jim Pingle

06/23/2022

08:49 PM Revision adfb1d2b: fix: Dynv6 checkIP
Check return of update to release check IP Tiago d'Avila
07:49 PM pfSense Packages Bug #8454: Arpwatch package break email notifications from other sources
Is this still current as of 22.05? I just started playing with Arpwatch. What exactly does the "Disable Cron emails" ... → luckman212
04:01 PM Bug #13298: Dynv6 Dynamic DNS client does not check the response code when updating
*Testing*
Tested with https://dynv6.com Tiago Beling d'Avila
03:58 PM Bug #13298 (Resolved): Dynv6 Dynamic DNS client does not check the response code when updating
Check return of update to release check IP Tiago Beling d'Avila
12:04 PM Feature #13297 (New): Support for Gateway Groups as Static Route destinations
It could be interesting to have the possibility to use a group of gateways with static routes in a failover scenario.... Vincent D.
07:06 AM Regression #11316: Unbound crashes with signal 11 when reloading
Why is this closed ??
All was ok for my pfsense until a power outage.
I have pfsense 2.6 up to date and it has been... mururoa mururoa
01:31 AM Bug #13003: Malicious Driver Detection event on ``ixl(4)`` driver
Kris Phillips wrote in #note-3:
> Christoph Vieten wrote in #note-2:
> > Same happened on 2.6.0 with Intel x710-T4 ... Christoph Vieten

06/22/2022

09:31 PM Feature #13296: Add support for DHCP6 OPTION_PD_EXCLUDE (RFC 6603)
@mmendoza was that last link you posted supposed to show something related? for me it just appears to be a list of ev... → luckman212
05:54 PM Feature #13296: Add support for DHCP6 OPTION_PD_EXCLUDE (RFC 6603)
It's http://wide-dhcpv6.sourceforge.net/
See:
https://github.com/pfsense/FreeBSD-ports/tree/devel/net/dhcp6
http... Marcos M
04:47 PM Feature #13296: Add support for DHCP6 OPTION_PD_EXCLUDE (RFC 6603)
I'm still hazy on exactly which dhcp6c implementation is currently shipping. I _thought_ it was the "hrs-allbsd/wide-... → luckman212
04:01 PM Feature #13296 (New): Add support for DHCP6 OPTION_PD_EXCLUDE (RFC 6603)
Some ISPs are rolling out IPv6 and not directly providing a globally routable WAN address via DHCPv6. Instead, they a... Anonymous
09:04 PM Regression #11570: Gateway monitoring services is not always restarted on interface events, which may prevent a WAN from recovering back to an online state
hello guys
Configurator (Scope):
Interfaces: WAN-DHCP4|WAN2-DHCP4
Gateway Group: Failover (WAN_DHCP Gateway: 192... Alefe Ortiz
06:06 PM Feature #13294: Change gateway name
There's no functionality to rename the gateway/group and update all of the places where it could be used. That could ... Marcos M
10:27 AM Feature #13294 (New): Change gateway name
After clicking on a gateway on system_gateways_edit.php, which takes the user to e.g., system_gateways_edit.php?id=0,... Kay Avila
05:19 PM Revision d55e0d4b: fix func params for get_dpinger_status() call in gwlb.inc
→ luckman212
04:15 PM Revision 7e9a12e9: Centralize the branches into builder_defaults.sh to simplify and eliminate overwriting the variables
Brad Davis
12:26 PM Bug #13295 (Resolved): Incorrect function parameters for ``get_dpinger_status()`` call in ``gwlb.inc``
There seems to be an error in @gwlb.inc@ around line 479. The call to @get_dpinger_status()@ has the @$action_disable... → luckman212
02:12 AM Revision 5ecee3d7: scrubing -> scrubbing
→ luckman212
 

Also available in: Atom