Activity

30 days up to

User

Subprojects

Activity

From 08/19/2022 to 09/17/2022

09/17/2022

02:41 PM Feature #11266: Option to list AutoConfigBackup entries in "reverse" order (newest at top): there is no option to reverse the order of restoring points .
2.7.0-DEVELOPMENT (amd64)
built on Fri Sep 16 ... Alhusein Zawi
12:54 PM Bug #13499 (New): Namecheap service type is missing help text for the password field: The help text under the password field doesn't contain instructions for the Namecheap service.
It should be somet... Danilo Zrenjanin
08:04 AM Regression #12816: Namecheap Dynamic DNS responses are not parsed properly: Can confirm the behavior on 2.7.0-DEV (built on Fri Sep 16 06:04:44 UTC 2022)
@Sep 17 12:40:35 php-fpm 360 /... Lev Prokofev
06:49 AM Regression #12816: Namecheap Dynamic DNS responses are not parsed properly: Tested the latest patch on the:... Danilo Zrenjanin
05:51 AM Regression #12816: Namecheap Dynamic DNS responses are not parsed properly: Tested on:... Danilo Zrenjanin
02:32 AM Todo #13398: Information box on ``status_ipsec.php`` says "IPsec not enabled" even when a tunnel is established: Looks better, no more info button if it is enabled
if disabled
!clipboard-202209171030-uppff.png!
if enabled
... Lev Prokofev

09/16/2022

11:02 PM Revision 1983008e: Fix services installation only installing the last service of a pkg. Issue #13446.: The original re-fetched the services list from the config at every iteration
over the package's services list when a... Reid Linnemann
09:40 PM Bug #13498: Newer variant models within the PC Engines APU2 platform are not recognized, causing garbled early serial console output: Submitted pull request:
https://github.com/pfsense/pfsense/pull/4615
Brett Keller
09:02 PM Bug #13498 (Resolved): Newer variant models within the PC Engines APU2 platform are not recognized, causing garbled early serial console output: The PC Engines APU2 hardware platform has a dedicated entry in @system_identify_specific_platform()@ in @system.inc@,... Brett Keller
08:06 PM Revision dd7d7022: Introduce config_init_path for config_* family completeness. For #13446: Christian McDonald
04:53 PM Todo #13398 (Pull Request Review): Information box on ``status_ipsec.php`` says "IPsec not enabled" even when a tunnel is established: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/888 Christopher Cope
04:12 PM Revision a7e50981: Allow user to select PKCS#12 encryption. Fixes #13257: Jim Pingle
01:13 PM Bug #13396 (Pull Request Review): Custom logo or background image is created with two dots (``..``) before the file extension: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/887 Christopher Cope
11:55 AM Bug #13257 (Feedback): Exporting a PKCS#12 file from the certificate manager does not use the intended encryption algorithm: Added an option to change the encryption level to high (AES-256+SHA256), low (3DES+SHA1), and legacy (RC2-40 + SHA1).... Jim Pingle
09:50 AM Bug #13257 (In Progress): Exporting a PKCS#12 file from the certificate manager does not use the intended encryption algorithm: The new files import OK into pfSense (current snapshots, 22.05, and 2.6.0) and a current Windows 10 at least, but app... Jim Pingle
07:57 AM Bug #13257: Exporting a PKCS#12 file from the certificate manager does not use the intended encryption algorithm: The new export code works fine on internal snapshots, though we should probably test how well other systems can read/... Jim Pingle
07:39 AM Bug #13496: Multi WAN 22.05 Dynamic DNS not updating when primary link goes down: tier1 gateway assigned by DHCP:... Danilo Zrenjanin
07:12 AM Bug #13496 (Duplicate): Multi WAN 22.05 Dynamic DNS not updating when primary link goes down: Almost certainly a duplicate of #12920 Jim Pingle
07:00 AM Bug #13496 (Confirmed): Multi WAN 22.05 Dynamic DNS not updating when primary link goes down: Tested on SG-3100 running on:... Danilo Zrenjanin
02:42 AM Bug #13496: Multi WAN 22.05 Dynamic DNS not updating when primary link goes down: Changed the gateway Oi_Fibra from DHCP to static, and it is working now Marcelo Cury
07:19 AM pfSense Plus Bug #13497 (Incomplete): unbound process looks like stuck periodically: There isn't enough information here and this site is not for support or diagnostic discussion.
For assistance in s... Jim Pingle
01:16 AM pfSense Plus Bug #13497 (Incomplete): unbound process looks like stuck periodically: Hello,
I have Netgate 2100.
Unbound service is needed to restart sometimes due to it could not resolve public dom... Yaroslav Semenenko

09/15/2022

08:52 PM Revision 363ea6b0: Temporarily remove lsof and Telegraf from the build until fixed on main: Brad Davis
07:10 PM pfSense Packages Feature #10818: UDP Broadcast Relay: That's a coincidence! Saw the pull request you created this morning. Looking at the code, it seems you took a very si... Djon K
12:52 PM pfSense Packages Feature #10818 (Pull Request Review): UDP Broadcast Relay: Marcos M
11:07 AM pfSense Packages Feature #10818: UDP Broadcast Relay: There's currently pull requests open to add the package on both 2.6 and 2.7 (PHP8). These include added functionality... Marcos M
02:04 AM pfSense Packages Feature #10818: UDP Broadcast Relay: Thanks for the interest in this package. I took some time this weekend to create an initial version of a pfSense pack... Djon K
07:01 PM Bug #13496 (Duplicate): Multi WAN 22.05 Dynamic DNS not updating when primary link goes down: When using gateway group with failover, dynamic DNS is not updating when the primary link goes down.
Gateway status ... Marcelo Cury
06:57 PM Regression #13460: Panic with netgraph interfaces: This is fixed upstream in https://cgit.FreeBSD.org/src/commit/?id=0e6e2c4ef3d1244fa21e7b691e76fdc09f8eacae Mateusz Guzik
04:10 PM Revision 9efec277: Convert P12 export to OpenSSL. Fixes #13257: PHP native method of creating PKCS#12 archives does not support using specific algorithms for encryption, so use the ... Jim Pingle
01:53 PM pfSense Docs Correction #13494 (Feedback): Documentation on decryption of encrypted config.xml files is not correct: I updated the docs with newer syntax. I used the @-a@ bit but kept the other parameters the same as they are in @cryp... Jim Pingle
12:59 PM pfSense Docs Correction #13494 (In Progress): Documentation on decryption of encrypted config.xml files is not correct: Jim Pingle
02:51 AM pfSense Docs Correction #13494: Documentation on decryption of encrypted config.xml files is not correct: Dennis Adler wrote:
> If I may be so bold: you might want to add commends to crypt.inc noting...
"commends" sho... Dennis Adler
02:45 AM pfSense Docs Correction #13494 (Resolved): Documentation on decryption of encrypted config.xml files is not correct: The information listed in the pfSense online manual at https://docs.netgate.com/pfsense/en/latest/backup/restore.html... Dennis Adler
11:16 AM Bug #13257 (Feedback): Exporting a PKCS#12 file from the certificate manager does not use the intended encryption algorithm: I merged changes which move from using the native PHP function to using OpenSSL directly so we can control the algori... Jim Pingle
10:45 AM pfSense Packages Bug #13495 (Resolved): ACME package's "DNS-Sleep" field's help text is incorrect: The help text under the "DNS-Sleep" field says:
"When using a DNS validation method configure how much time to wai... Sean McBride
02:39 AM Bug #13493 (Confirmed): Several advanced DHCP6 client options do not inform the user when rejecting invalid input: Danilo Zrenjanin
02:38 AM Bug #13493: Several advanced DHCP6 client options do not inform the user when rejecting invalid input: Yes, I can replicate this on the:... Danilo Zrenjanin

09/14/2022

06:48 PM Revision 475feb89: Fixes some PHP bugs. For #13446: Christian McDonald
02:59 PM Revision 067f3650: Fix primary console handling for EFI. Fixes #13080: Tested and working for both BIOS and EFI systems. Jim Pingle
10:09 AM Bug #13080 (Feedback): Cannot set EFI console as primary console when using both EFI and Serial: Merged.
commit:067f3650ae64e85b74d6577ac0c511a373600e89 Jim Pingle
08:27 AM Bug #13080 (In Progress): Cannot set EFI console as primary console when using both EFI and Serial: Looks like this keys off the presence of @boot_serial@ in the environment now and not just the order of consoles in t... Jim Pingle

09/13/2022

07:06 PM Revision c3a65526: Skip empty ca/cert/crl tags.: Jim Pingle
05:14 PM Revision 8fa5038b: Update external http links: Marcos M
04:26 PM Bug #13493 (Resolved): Several advanced DHCP6 client options do not inform the user when rejecting invalid input: When entering "F" for example ad id-assoc pd ID in the interfaces Tab and saving it magically disappears without any ... Flole Systems
04:24 PM Todo #13492 (Resolved): Start ``rtsold`` immediately after ``dhcp6c`` sends a request: I suggest to remove the 2 second sleep before the rtsold is started after a request in the "don't wait for RA"-codepa... Flole Systems
01:19 PM Todo #13440 (Resolved): Update external HTTPS/HTTP links: Merged. Marcos M
01:16 PM Bug #13393: DNS Resolver responds with unexpected source address when the DNS over TLS server function is enabled: The changelog here indicates it's been fixed:
https://nlnetlabs.nl/projects/unbound/download/
> Fix @#618@: enabling ... Marcos M
10:56 AM pfSense Plus Regression #13491 (Resolved): Crypto devices are not detected on current snapshots because the format of pciconf has changed: The crypto device detection on the dashboard relies on the output of @pciconf@ to determine if a device is active. Th... Jim Pingle
08:14 AM Regression #13488: All Captive Portal users are given the same limiter pipe pair: This actually affects all users with or without bandwidth limiting set. When there is no limit set all user are passe... Steve Wheeler
07:10 AM Regression #13490 (Incomplete): blocking mac addresses in captive portal: There isn't enough information here to say anything for certain, and this site is not for support or diagnostic discu... Jim Pingle
06:59 AM Regression #13490 (Duplicate): blocking mac addresses in captive portal: Hello
Since update 22.05, blocking mac addresses in captive portal no longer works. Is this related to this bug?: ht... DI Brendi
02:01 AM Revision abcdcfa0: Fix formatting in pkg-utils.inc output: Marcos M

09/12/2022

10:42 PM Revision 4b78c041: Fix array/config path functions to handle key 0 correctly. Issue #13446: Reid Linnemann
06:52 PM pfSense Packages Bug #13489 (Resolved): Tailscale Exit node without IPv6 connectivity break connections with Chromium based browser: https://github.com/tailscale/tailscale/issues/5425
Recently all IPV6 enabled websites can't be reached by Tailscal... Maxime Haché
06:41 PM Revision c9f89f03: Fix various PHP issues in vpn.inc: Also rewrite the method used to get DNS servers. It's still not perfect
but the old code had several potential proble... Jim Pingle
06:23 PM Regression #13488 (Resolved): All Captive Portal users are given the same limiter pipe pair: When the captive portal is configured to use a per-user bandwidth limit individual pipes are supposed to be created f... Steve Wheeler
02:46 PM Bug #13257 (In Progress): Exporting a PKCS#12 file from the certificate manager does not use the intended encryption algorithm: Jim Pingle
01:50 PM Revision 8645d4c2: Skip empty DHCP static map entries.: Jim Pingle
01:14 PM Bug #13487 (New): GUI IPV6-WAN-status stays "Offline, Packetloss" after a short communication hick up: After what is probably a short communication hick up, the GUI IPV6-WAN-status stays "Offline, Packetloss"
I notic... Louis B
09:45 AM pfSense Packages Bug #13485: Interfaces are not listed correctly in pfBlockerNG-devel when selecting the cURL interface: To elaborate a bit further: The current version only lists physical interfaces and their "friendly" names. LAGG and V... Charles Hamilton
09:31 AM pfSense Packages Bug #13485: Interfaces are not listed correctly in pfBlockerNG-devel when selecting the cURL interface: PR submitted: https://github.com/pfsense/FreeBSD-ports/pull/1188 Charles Hamilton
09:18 AM pfSense Packages Bug #13485 (Resolved): Interfaces are not listed correctly in pfBlockerNG-devel when selecting the cURL interface: Interfaces are not listed correctly in pfBlockerNG-devel when selecting the cURL interface (see attached screenshots)... Charles Hamilton
09:30 AM Bug #13486 (New): stongswan attributes should be comma-separated instead of whitespace-separated: The strongswan docs mention that attribute lists need to be "specified as a comma-separated list": https://docs.stron... Andreas W
07:56 AM Bug #13177: pppoe Cannot attach to ng_ether message: Invalid argument.: No, you should complete the upgrade. There are several threads on the forum covering the issue already. Jim Pingle
05:09 AM Bug #13177: pppoe Cannot attach to ng_ether message: Invalid argument.: Jim Pingle wrote in #note-4:
> This is not a problem on its own. It's a side effect of mpd not being updated because... Yehuda Y
07:46 AM Bug #13483: dhcp6c shouldn't be killed and restarted on interface reconfigurations: It's something we can consider, but a change like this could have other fallout that might need to be accounted for, ... Jim Pingle
07:44 AM Bug #13482 (Not a Bug): Can't change interface assignments from web GUI, but can from console: Jim Pingle
07:43 AM Bug #13481 (Not a Bug): Traffic Graphs Unit Size changes if tab becomes inactive: Jim Pingle
07:39 AM pfSense Packages Bug #12073 (New): ``netsnmptrapd.conf`` syntax for ``snmpTrapdAddr`` is wrong: Jim Pingle
07:21 AM Bug #13393 (In Progress): DNS Resolver responds with unexpected source address when the DNS over TLS server function is enabled: I thought I reopened this but apparently not. Based on my last comment, this needs some more testing and confirmation... Jim Pingle

09/11/2022

10:52 PM pfSense Packages Feature #13484 (New): IPsec Profile Wizard/Apple: Support on-demand connections in exported profile: Connect on demand is super helpful, and is pretty easy to add by hand to a profile, but would be even better to have ... Rex Hoffman
04:00 PM pfSense Packages Regression #13156: pfBlockerNG IP block stats do not work: Additional fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/276
This resolves the IP block sta... Marcos M

09/10/2022

08:34 PM pfSense Docs New Content #12237: Add information on ``ifqmaxlen`` to Hardware Tuning and Troubleshooting: It looks like "this":https://calomel.org/freebsd_network_tuning.html is the source of the 2048 figure given in #10311... Chris W
06:39 PM Bug #13483 (New): dhcp6c shouldn't be killed and restarted on interface reconfigurations: When changing the configuration of an interface currently dhcp6c is killed and restarted. That comes with all kinds o... Flole Systems
04:38 PM Bug #13482: Can't change interface assignments from web GUI, but can from console: I was not able to reproduce this issue , make sure this port is not assigned to other interface Alhusein Zawi
08:43 AM Bug #13482 (Not a Bug): Can't change interface assignments from web GUI, but can from console: Hi! I have an 4 port intel nic, wan on one port, and lan with four vlans on other port. the other two ports aren't us... Federico Galli
04:32 PM Feature #10345 (Resolved): Improve distinction between online and idle/offline entries in DHCP lease list: the green color has been added
2.7.0-DEVELOPMENT (amd64)
built on Fri Sep 09 06:04:09 UTC 2022
FreeBSD 14.0-C... Alhusein Zawi
12:13 PM pfSense Packages Bug #10393 (Resolved): Syslog-ng TLS support is broken: Tested against Syslog-ng... Danilo Zrenjanin
10:53 AM pfSense Docs Todo #13456: Feedback on pfSense® software Configuration Recipes — Configuring DNS over TLS: For 1) It's true that if any of one's local clients MUST talk to the DNS Resolver using DoT then one MUST enable this... Sean McBride
06:06 AM pfSense Packages Bug #12264 (Resolved): Stray <table> line in squid_monitor.php: That line doesn't exist in the current Squid release squid_monitor.php.
I am marking this ticket resolved. Danilo Zrenjanin
05:56 AM Bug #13481 (Not a Bug): Traffic Graphs Unit Size changes if tab becomes inactive: Setting "Traffic Graphs" to "Unit Size" "Bits" and also setting "Backgroud updates" to "clear graphs when not visible... Oskar Stroka
05:15 AM pfSense Packages Bug #12073: ``netsnmptrapd.conf`` syntax for ``snmpTrapdAddr`` is wrong: tested on version:... Danilo Zrenjanin
05:09 AM Feature #1337: VLANs with different MAC address than parent interface: Using promiscuous mode might be desirable for some users. If Snort is used for example it puts the interfaces in prom... Flole Systems
04:48 AM Bug #13480 (New): GIFs are not automatically started when parent interface doesn't have an address at boot: If there are GIFs which use IPv6 and at boot the IPv6-DHCP fails those are shown as Down/"Pending" on the Dashboard. ... Flole Systems
04:39 AM Bug #13479 (Resolved): Input validation is checking RAM disk sizes when they are inactive: When you disable/don't enable the RAM-Disk feature and then set insane limits it complains:... Flole Systems
03:58 AM Feature #13478 (New): Add Route Table Flags table in the /diag_routes.php: It would be helpful to have a Routeing Table Flags explanation at the bottom of the screen.
https://docs.netgate.co... Danilo Zrenjanin
02:21 AM pfSense Packages Bug #12423 (Resolved): Dashboard shows "SQLite database missing, Force Reload DNSBL to recover!": Yes, it's included in the 3.1.0_4 version. ... Danilo Zrenjanin
01:40 AM Regression #12816: Namecheap Dynamic DNS responses are not parsed properly: Working fine for me with the latest diff
!2022-09-10_09-36-54.png!
!2022-09-10_09-35-54.png!
Lev Prokofev

09/05/2022

02:45 PM Feature #13468 (Duplicate): FW-rule-groups, would be very, very helpfull: Hello,
I have a significant number of vlans which all need small variants of the same ruleset. In the actual situa... Louis B
02:33 PM Regression #13459 (Ready To Test): Automatic ``reply-to`` bypass for traffic in the same subnet is no longer functioning in main builds: While I still think the best fix here would be to teach the PHP code to generate a corresponding pass rule for local ... Kristof Provost

09/04/2022

05:24 PM pfSense Packages Bug #13432: ups driver will not start: I also had the same issue after doing a fresh install (and restored config) Travis Erdmann
03:40 PM pfSense Packages Bug #13467 (Resolved): ACME: "Unable to find domain name" error when updating Namesilo: Issue is documented here:
https://github.com/acmesh-official/acme.sh/issues/4268
Issue text, copied here:
> Gett... Bryan Guscott
11:16 AM Bug #13465 (Not a Bug): Apple iOS Logins prevent when WAN is offline: The login may be delayed due to widgets which require internet connectivity such as the update check. If OCSP needs t... Marcos M
10:06 AM Bug #13465 (Not a Bug): Apple iOS Logins prevent when WAN is offline: When the pFSense router does not have a WAN connection, logins from Apple iOS WIFI devices do not complete and hang o... Juan Abonia
10:50 AM Bug #13466 (Not a Bug): dhcp server with static mapping and aditional pools with "mac allow" list , dont work as expected.: Hello !
Let me explain what occours.
When i set a static mapping, and set 2 or more pools and put a macaddr in ... Alex Werle Baule

09/03/2022

07:02 PM pfSense Packages Bug #13128: Zabbix Agent 6: HA Server Setup: Attaching screenshot Kris Phillips
07:01 PM pfSense Packages Bug #13128 (Confirmed): Zabbix Agent 6: HA Server Setup: I see the issue here. It appears that this feature for HA uses semi-colons for HA and uses Commas for multiple serve... Kris Phillips
06:55 PM pfSense Packages Bug #11343: Invalid link to pfSense-pkg-bind changelog: changelog link now points to - https://github.com/pfsense/FreeBSD-ports/commits/devel/dns/pfSense-pkg-bind
the page ... Jordan G
06:54 PM Bug #13014: Deadlock in Charon VICI interface: I've been having the same issue as everyone above so I wrote a script to restart the necessary services when the prob... David Vazquez
06:51 PM pfSense Packages Feature #12859 (Resolved): Add Zabbix 6.0 LTS (agent and proxy) packages: Closing as resolved. Kris Phillips
06:49 PM pfSense Packages Bug #13343 (Confirmed): HAproxy cookie protection syntax needs updated: Here is the error message in 2.0 of HAProxy:
_
The 'rspirep' directive is deprecated in favor of 'http-response repla... Kris Phillips
06:49 PM pfSense Docs Correction #12861: pfSense hardware tuning guide references obsolete interface loader variable & buffer limits: looks good Jordan G
06:29 PM pfSense Plus Bug #13206: SG-3100 LED GPIO hangs: Hello Daniel,
Is this issue still present for you on 22.05? Kris Phillips
06:26 PM pfSense Packages Bug #11530 (Incomplete): ntopng 4.2 needs to be updated to 4.3, Bug when accessing a host for details: Hello,
Due to lack of response here and the fact that the package was updated to 5.2 in the 22.05 pfSense Plus rep... Kris Phillips
05:23 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``: Hayden Hill wrote in #note-19:
> Hey! Any chance there is an update on this? Would love to stop using the custom dri... Kris Phillips
05:18 PM pfSense Packages Bug #13444 (Incomplete): zabbix_proxy : cannot open "/var/log/zabbix-proxy/zabbix_proxy.log": [13] Permission denied: Marking as Incomplete until additional details, per previous request, is provided. Kris Phillips
05:17 PM Bug #13447: Double Nmap and NMap entries in Diagnostics menu: Danilo Zrenjanin wrote in #note-3:
> >You mean just cut out the uppercase variant above?
>
> That's right. Delete... Kris Phillips
05:14 PM pfSense Packages Bug #13461: Prefix lists help text is not placed correctly: If we're going to change this, it'll have to be changed globally across the board, because this is how the layout is ... Kris Phillips
03:31 PM pfSense Docs Todo #13464: Reorder bullet list for ESX/ESXi settings for HA clusters: https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/51/ Chris W
02:58 PM pfSense Docs Todo #13464 (Rejected): Reorder bullet list for ESX/ESXi settings for HA clusters: The bulleted list ends with enabling _Net.ReversePathFwdCheckPromisc_ , however enabling that after turning on Promis... Chris W
02:07 PM pfSense Packages Bug #13380 (Not a Bug): OpenVPN client options cause "Options error: --proto tcp is ambiguous in this context. Please specify --proto tcp-server or --proto tcp-client": pfSense has no impact on the entries defined in the custom options. Custom options must be updated manually. Not a bug. Danilo Zrenjanin
02:03 PM pfSense Docs New Content #13463 (Closed): Define route map sequence number range: https://docs.netgate.com/pfsense/en/latest/packages/frr/global/routemaps.html#route-map-configuration
Having a not... Danilo Zrenjanin
07:49 AM Revision 1be1ced9: Rename DHCP status from online/offline to active / idle/offline: Thomas Arthofer
03:16 AM pfSense Packages Bug #13441 (Confirmed): FRR fails to start with route map on "sequence 0" in configuration: Tested on the:... Danilo Zrenjanin

09/02/2022

07:52 PM Bug #13462: Advanced DHCP6 client settings only work for a single interface: This is basically the same as #13353, however you provided the solution aswell which I didn't want to.
Those changes... Flole Systems
01:41 PM Bug #13462 (Resolved): Advanced DHCP6 client settings only work for a single interface: In /etc/inc/interfaces.inc function interface_dhcpv6_configure... Tim Dunn
04:48 PM Revision 0d24e58a: Fix checking openvpn client or server config exists. Issue #13446: Reid Linnemann
04:03 PM Revision c6bea26c: Fix state limit: Jim Pingle
02:40 PM Revision 027f2536: Captive portal PHP 8.1 fixes Issue #13446: Jim Pingle
01:50 PM pfSense Plus Feature #12832: 6100 configurable Blinking Blue LED: shawn butts wrote:
> The blinking blue like for "normal operation status" feels like an "everything is ok ALARM!!!!"... Jeffrey Altman
11:09 AM Bug #13366: Under or over size state tables cause pfctl error ``DIOCSETSYNCOOKIES``: Updating the subject, I also saw this error when the states limit is set far too low (e.g. @1@), so it isn't only tri... Jim Pingle
07:58 AM Bug #13448: Table row selection has poor contrast in Dark theme: Lev Prokofev wrote in #note-4:
> The color changed to #009688
Indeed - thank you! (Also for the 855.diff ) odo maitre
07:32 AM Bug #13448: Table row selection has poor contrast in Dark theme: The color changed to #009688
Looks much better.
!clipboard-202209021532-v63um.png!
Lev Prokofev
07:06 AM Bug #13448: Table row selection has poor contrast in Dark theme: Christopher Cope wrote in #note-1:
> https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/855
What was mer... odo maitre
07:40 AM pfSense Packages Bug #13461 (New): Prefix lists help text is not placed correctly: !clipboard-202209021438-1vffe.png!
Under 'Services/FRR/Global Settings/Edit/Prefix Lists,' the help text should ... Danilo Zrenjanin
02:51 AM Bug #13447: Double Nmap and NMap entries in Diagnostics menu: >You mean just cut out the uppercase variant above?
That's right. Delete everything between <menu>...</menu> tags ... Danilo Zrenjanin

09/01/2022

07:27 PM Revision 1880e201: Correctly count pf eth rule counters. Fix #13418: Marcos M
04:21 PM Regression #13460 (Closed): Panic with netgraph interfaces: Seeing this panic on a main snapshot that has PPP WANs:... Jim Pingle
02:58 PM Bug #13448 (Feedback): Table row selection has poor contrast in Dark theme: Merged. Christopher Cope
02:58 PM Feature #11266 (Feedback): Option to list AutoConfigBackup entries in "reverse" order (newest at top): Merged. Christopher Cope
02:24 PM Regression #13459 (Resolved): Automatic ``reply-to`` bypass for traffic in the same subnet is no longer functioning in main builds: The patch we had to by-pass reply-to tagging for traffic sourced from the same subnet is not in main builds.
That ... Steve Wheeler
01:33 PM pfSense Packages Bug #13432: ups driver will not start: I cannot reproduce this after it started working. Even uninstalling and reinstalling the nut package does not seem t... Scott Lampert
11:59 AM Feature #4154 (Feedback): Support for RADIUS authentication over IPv6: https://gitlab.netgate.com/pfSense/pfSense/-/commit/5f9666a1b3a81f289c7c02954f9f92d3b989a346
RADIUS authentication... Christian McDonald
11:56 AM Bug #8711: igmpproxy with PPPoE Interfaces: Can you force this, please? Pascal Köhl
09:56 AM Bug #13458 (Duplicate): IGMP Proxy not working with PPPoE Upstream-Interface: Duplicate of #8711
Jim Pingle
04:40 AM Bug #13458 (Duplicate): IGMP Proxy not working with PPPoE Upstream-Interface: Zugehörige Forums-Diskussion:
https://forum.netgate.com/topic/174329/pfsense-2-6-0-igmp-proxy-startet-nicht-bei-pppo... Pascal Köhl

08/31/2022

08:40 PM Revision 02a3d242: CP stats fclose fix.: Don't attempt to close unless the open succeeded. Jim Pingle
08:37 PM Revision d2e806c4: service-utils PHP8.1 fixes. Issue #13446: Jim Pingle
07:22 PM Revision 95d50585: Fix PHP error building if list. Issue #13446: Jim Pingle
06:35 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``: Hey! Any chance there is an update on this? Would love to stop using the custom driver on the next release. Hayden Hill
06:19 PM Bug #13243 (Resolved): OpenVPN status for multi-user VPN shows info icon to display RADIUS rules when there are none to display: Merged. Marcos M
06:17 PM Bug #7996 (Resolved): Unnecessary link tag in login page: Merged. Marcos M
06:17 PM Feature #13367 (Resolved): Specify CA trust store location when downloading and validating URL alias content: Merged. Marcos M
06:16 PM Bug #13390 (Resolved): "Dark" theme uses the same colors for disabled and enabled input fields: Merged. Marcos M
06:16 PM pfSense Packages Todo #13349 (Resolved): Add note in WireGuard GUI regarding routing behavior for Allowed IPs: Merged. Should be available on the next version. Marcos M
05:50 PM Revision e2f5ef16: dhclient pid path fix. Issue #13217: Viktor Gurov
05:48 PM Revision 3fde29a4: Reconfigure bridges with OpenVPN QinQ interfaces on boot. Fixes #13225: Viktor Gurov
05:36 PM Revision 6243a35d: Update pfSense-dark.css: Christopher Cope
05:36 PM Revision 9cc78f9c: Darken disabled input fields in dark theme. Fix #13390: Marcos M
05:34 PM Revision 3f8e09a5: Add option to list ACB restores in reverse order. Feature #11266: Christopher Cope
05:29 PM Revision f03f7989: Use certificate trust store when verifying alias URLs. Fix #13367: Marcos M
05:28 PM Revision 6f9765f2: Remove unnecessary link tag. Fixes #7996: Marcos M
05:25 PM Revision 55f0061a: Avoid creating empty ciscoavpair rules files. Fix #13243: Marcos M
05:22 PM Revision 497ea0a6: Restart gateway monitor on interface re-assign. Issue #12920: Viktor Gurov
04:31 PM Regression #13418 (Pull Request Review): Captive Portal does not keep track of client data usage: Additional fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/863
https://gitlab.netgate.com/pfSense/Fr... Marcos M
10:56 AM Regression #13418 (Feedback): Captive Portal does not keep track of client data usage: Merged Jim Pingle
10:11 AM Regression #13418 (Pull Request Review): Captive Portal does not keep track of client data usage: Additional fix https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/262 Marcos M
02:28 PM Bug #13457 (Rejected): statis routes disappears: There isn't nearly enough information here to classify this as a bug. This site is not for support or diagnostic disc... Jim Pingle
02:22 PM Bug #13457 (Rejected): statis routes disappears: intermittently the static routes disappear from PFsense, I can see them in the GUI, but when I use the command netsta... Caio Chagas
12:57 PM Revision e97e9478: Fix syslog remote enable check. Issue #13446: Jim Pingle

08/30/2022

10:33 PM pfSense Packages Feature #8547: fwknop Port Knocking Package: I'm adding my vote here as well, I'd like port knocking to be possible within pfSense either natively or as a separat... Geoff Hilton
07:20 PM Revision b767ea71: Skip empty gateways on interfaces.php Issue #13446: Jim Pingle
07:02 PM Revision d4bc706b: PHP 8.1 fixups in syslog.inc. Issue #13446: Jim Pingle
06:58 PM pfSense Packages Bug #13154 (Pull Request Review): pfBlocker causing excessive CPU load: See fix here https://redmine.pfsense.org/issues/13156#note-18 Marcos M
06:57 PM pfSense Packages Regression #13156: pfBlockerNG IP block stats do not work: Here's the patch to test - use the System Patches package and copy/paste the contents of the attached file. Apply the... Marcos M
06:55 PM pfSense Packages Regression #13156 (Pull Request Review): pfBlockerNG IP block stats do not work: Fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/261
This also handles cases where a rule u... Marcos M
05:42 PM Revision fca0f301: Fix PHP errors. Issue #13446: * Fix error from empty syslog tag in config
* Fix error from empty menu tag in config Jim Pingle
04:56 PM pfSense Packages Bug #10436: softflowd no longer sends flow data after upgrade (v0.9.9_1 -> v1.0.0): If you set the Netflow version to PSAMP, it seems to work but I don't have a collector to analyze the data.
All other... Marcelo Cury
04:01 PM Regression #13381 (Waiting on Merge): Software VLAN tagging does not work on ``ixgbe(4)`` interfaces: This has now been committed upstream: https://github.com/freebsd/freebsd-src/commit/e7abb897018be34f039ad957562fdc2f3... Steve Wheeler
12:44 PM Bug #13448 (Pull Request Review): Table row selection has poor contrast in Dark theme: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/855 Christopher Cope
12:05 PM Bug #13454: Enabling DoT (DNS over TLS) breaks IPSec VPN DNS: Thanks Jim. We have it working now.
I created https://redmine.pfsense.org/issues/13456 with suggestions to improv... Sean McBride
12:04 PM pfSense Docs Todo #13456 (Closed): Feedback on pfSense® software Configuration Recipes — Configuring DNS over TLS: *Page:* https://docs.netgate.com/pfsense/en/latest/recipes/dns-over-tls.html
*Feedback:*
For the "Enable DNS ov... Sean McBride

08/29/2022

11:10 PM pfSense Plus Bug #13455: Serial console output fails to render properly in certain cases on 4100, 6100, and 8200.: OK I didn't think about this before, but I'm pretty sure the USB console had the username and password prompts on the... Chris Mirchandani
05:30 PM pfSense Plus Bug #13455: Serial console output fails to render properly in certain cases on 4100, 6100, and 8200.: The USB console is also not displayed correctly on the 6100/4100 though to a far lesser extent:... Steve Wheeler
05:12 PM pfSense Plus Bug #13455: Serial console output fails to render properly in certain cases on 4100, 6100, and 8200.: CE devices with RJ-45 serial consoles seem unaffected. Tested 2.7 snaps. Steve Wheeler
04:59 PM pfSense Plus Bug #13455 (Confirmed): Serial console output fails to render properly in certain cases on 4100, 6100, and 8200.: Ok, I replicated that using the RJ-45 console. And only with 'Password protect the console menu' enabled.
Tested 6... Steve Wheeler
04:02 PM pfSense Plus Bug #13455: Serial console output fails to render properly in certain cases on 4100, 6100, and 8200.: I didn't notice an issue when I was connected to the Serial Console via the USB connection on the 6100, just when con... Chris Mirchandani
03:44 PM pfSense Plus Bug #13455: Serial console output fails to render properly in certain cases on 4100, 6100, and 8200.: Unable to replicate that in 22.05 or 22.09 on a 6100 using pfSense as a console server in a similar way.
Do you se... Steve Wheeler
02:51 PM pfSense Plus Bug #13455 (Resolved): Serial console output fails to render properly in certain cases on 4100, 6100, and 8200.: Greetings,
I don't know if this issue is related to pfSense Plus 22.05 or the Netgate 6100. I have been running pf... Chris Mirchandani
08:01 PM Revision 48908d3c: Fix missing sprintf format type. Issue #13446: Jim Pingle
07:16 PM Regression #13150: Captive Portal not applying per user bandwidths: There still seems to be an issue here when the bandwidth limit values come from RADIUS attributes e.g. @WISPr-Bandwid... Marcos M
05:54 PM Revision af044b67: Correct anchors passed to pfSense_pf_cp functions. Fix #13418: Anchors for each client IP address include the CIDR size Marcos M
04:13 PM Revision fe7bd855: Fix PHP error on services_dnsmasq.php. Issue #13446: Jim Pingle
04:03 PM Revision e19ef9c9: Fix PHP error on services_unbound.php. Issue #13446: Jim Pingle
03:15 PM Revision 380e3c85: Fix gateway group error from PHP 8.1. Issue #13446: Jim Pingle
02:18 PM pfSense Docs Todo #13452: Add a one line command for Windows Command Prompt to return an installer's SHA256 checksum: PowerShell is definitely the way to go for this. Any supported version of Windows is going to have that available. No... Jim Pingle
02:18 PM Revision c239afac: Clean up warnings and errors in pfsense-utils.inc. #13446: * Remove a number of unreferenced variables
* Fix type of output capture variables for exec() calls from string to a... Reid Linnemann
02:18 PM Revision 0ba30e57: Replace all direct $config accesses in rc.start_packages. #13446: Reid Linnemann
02:18 PM Revision 33766cbc: Replace all direct $config accesses in util.inc. #13446: Reid Linnemann
02:18 PM Revision 364c9484: Replace direct $config accesses in pfsense-utils.inc. #13446: Some direct accesses remain due their tight coupling to the management of the
configuration as a whole or are deferre... Reid Linnemann
02:18 PM Revision d16f73ce: Replace direct accesses to $config in rc.update_urltables. #13446: Reid Linnemann
02:18 PM Revision e2ece8c7: Correct warnings in authgui.inc. #13446: * Unused variables $user_settings, $g in display_error_form()
* Unused variable $nifty_background in display_login_fo... Reid Linnemann
02:18 PM Revision ecbaa35f: Replace all direct accesses to $config in authgui.inc. #13446: Reid Linnemann
02:18 PM Revision a5906662: Correct typo on include of config.lib. #13446: Reid Linnemann
02:18 PM Revision aea387d3: Replace remaining direct accesses to $config in filter.inc. #13446: Reid Linnemann
01:41 PM Bug #13447: Double Nmap and NMap entries in Diagnostics menu: >...Likely your config has two menu items...
I have backups for exported configs...
The one from 2022-05-04 has... Sean McBride
12:55 PM Regression #13418 (Feedback): Captive Portal does not keep track of client data usage: Merged Jim Pingle
12:53 PM pfSense Packages Feature #9852 (Resolved): show File-Store directory listing: Jim Pingle
10:48 AM Bug #13454 (Not a Bug): Enabling DoT (DNS over TLS) breaks IPSec VPN DNS: That is a problem with your configuration or combination of options chosen. It's not a bug, but there is a change in ... Jim Pingle
10:37 AM Bug #13454 (Not a Bug): Enabling DoT (DNS over TLS) breaks IPSec VPN DNS: Using pfsense plus 22.05 (current newest). Among other services, we run DNS and 'road warrior' IPSec VPN. Setup has w... Sean McBride
10:43 AM Bug #13453: Incorrect word in "Network Interfaces" help text on ``services_unbound.php``: Yes, that should say "above" there, or it could more generally say "not selected in this list" so it doesn't rely on ... Jim Pingle
10:16 AM Bug #13453 (Resolved): Incorrect word in "Network Interfaces" help text on ``services_unbound.php``: I hate to seem petty, but I was genuinely confused by instructions provided in the DNS Resolver's general settings.
... Lonnie Best
04:41 AM Bug #13449: Wrong logging if ICMP "Port unreachable": Kris Phillips wrote in #note-1:
> Hello Johannes,
>
> Are you viewing the filter.log file, viewing syslog data, o... Johannes Wanink

08/28/2022

06:12 PM Regression #13418 (Pull Request Review): Captive Portal does not keep track of client data usage: Tested patch on 22.05 and reported issues are resolved.
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/850 Marcos M
06:02 PM Regression #13418 (Confirmed): Captive Portal does not keep track of client data usage: Updating issue for clarification. Marcos M
04:21 PM Regression #13418: Captive Portal does not keep track of client data usage: Please test the attached patch with the System Patches package on pfSense+ 22.05. Marcos M
12:58 PM Regression #13418: Captive Portal does not keep track of client data usage: I would also like to point out that this issue is not solely related to FreeRadius Accounting Packets but also affect... Dale Harron
05:19 PM pfSense Docs Todo #13452: Add a one line command for Windows Command Prompt to return an installer's SHA256 checksum: It'd be nice to have the PowerShell way listed as well, now that this shell is becoming essential in managing Windows... e 1/1
09:20 AM Regression #13167 (Closed): DigitalOcean Dynamic DNS update fails with a "bad request" error: Marcos M
05:16 AM Bug #13408 (Ready To Test): PF can fail to load a new ruleset: This will be fixed by https://cgit.freebsd.org/src/commit/?id=6ab80e7275091c900da8d2e84a7b0bb4c34a1e41
I've also mer... Kristof Provost
04:22 AM pfSense Packages Bug #12338: RRD Summary does not report data on 3100: Tested on 3100 with RRD Summary package version 2.0_2 on 22.05 pfSense release and I see the same issue aleksei prokofiev

08/27/2022

09:15 PM pfSense Packages Bug #13404 (Not a Bug): LDAP authentication does not working: Ettore Caprella wrote in #note-3:
> Hello,
> yes, I can't find the right options that allow me to configure ldap auth... Kris Phillips
08:54 PM pfSense Packages Bug #13432: ups driver will not start: Scott Lampert wrote in #note-3:
> It seems to be the same as this issue: https://redmine.pfsense.org/issues/9849
> ... Kris Phillips
08:53 PM pfSense Packages Bug #13444: zabbix_proxy : cannot open "/var/log/zabbix-proxy/zabbix_proxy.log": [13] Permission denied: Hello Steve,
Which version of the Zabbix package are you seeing this behavior? There are several. Kris Phillips
08:52 PM Bug #13447: Double Nmap and NMap entries in Diagnostics menu: Hello Sean,
I installed the NMap package and am unable to reproduce this issue. Likely your config has two menu i... Kris Phillips
08:49 PM Bug #13449: Wrong logging if ICMP "Port unreachable": Hello Johannes,
Are you viewing the filter.log file, viewing syslog data, or something else here? I'm looking at ... Kris Phillips
08:43 PM Bug #13267: dpinger continues to run on OpenVPN gateway after OpenVPN service is stopped.: I can confirm this behavior. Running a pcap on the current default gateway will show traffic from the OpenVPN client... Kris Phillips
02:30 PM Bug #13267: dpinger continues to run on OpenVPN gateway after OpenVPN service is stopped.: Does it mean to stop openvpn service or disabling the openvpn client?
> # Stop the OpenVPN client
If I try ... Alhusein Zawi
08:39 PM Revision 5f9666a1: Remove IPv6 validation for RADIUS auth. Fixes #4154: R. Christian McDonald
06:31 PM pfSense Docs Todo #13452: Add a one line command for Windows Command Prompt to return an installer's SHA256 checksum: Merge request:
https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/50 Chris W
06:30 PM pfSense Docs Todo #13452 (Closed): Add a one line command for Windows Command Prompt to return an installer's SHA256 checksum: Currently we link to the Github page of OpenHashTab, which of course is an .exe which must be downloaded and installe... Chris W
06:30 PM pfSense Packages Feature #9852: show File-Store directory listing: new 'Files' submenu available on Suricata 6.0.6 - looks good Jordan G
06:13 PM pfSense Packages Bug #12423: Dashboard shows "SQLite database missing, Force Reload DNSBL to recover!": current version is 3.1.0_4 so it should be included - I have not hit this on that release, please update if you're st... Jordan G
05:56 PM pfSense Packages Bug #10692: PIMD starts twice at boot: still seeing this start 2x on 22.05 following reboot Jordan G
04:07 PM pfSense Packages Bug #12475: OpenVPN Client Export does not show certificate without private key: Denis Grilli wrote in #note-13:
> Could you tell in more detail what is your use scenario? From the error you are ge... Charles Sprickman
09:56 AM Bug #13308: The ``negate_networks`` table is duplicated in ``rules.debug``: Patch is working
Before
!clipboard-202208271755-qch1c.png!
After
!clipboard-202208271756-tznw4.png!
Lev Prokofev
08:10 AM Regression #13167 (Resolved): DigitalOcean Dynamic DNS update fails with a "bad request" error: I can confirm it works as expected.
Tested against:... Danilo Zrenjanin
04:42 AM pfSense Packages Bug #13451 (New): Update the Default Router ID help text link under FRR Global Setting: The Wikipedia link directs to the OSPF Wiki page. Since this is the Global FRR settings page it has more sense to cha... Danilo Zrenjanin

08/26/2022

06:02 PM Revision 0c93b91a: Upgrade to php81: Brad Davis
05:09 PM Revision 451134f3: Rework formatting: Add icons
remove red text for offline
remove bold/italic for both Thomas Arthofer
03:05 PM Bug #13424 (Resolved): CRL expiration date with default lifetime is too long, goes past UTCTime limit: Tested on... Christopher Cope
02:37 PM pfSense Docs New Content #11739 (Resolved): Manual Outbound NAT rules in HA setup: The updated content looks good.
Marking resolved. Christopher Cope
02:34 PM pfSense Packages Feature #12963: Run nmap scans in the background: Marcos M wrote in #note-26:
> I can't think of a privacy issue for either - both locations are readable by everyone.... Phil Wardt
11:22 AM Revision 4aa6a102: Add formatting to online status in status_dhcp[v6]_leases.php for better readability. Implements #10345: Adds color & formatting to host online status
online = bold + green
offline = italic + red Thomas Arthofer
08:50 AM Bug #13450: L2TP Clients system alias is not populated: Tested using l2tp config:... Steve Wheeler
08:48 AM Bug #13450 (New): L2TP Clients system alias is not populated: After creating an L2TP server and defining a 'Remote address range' for clients it should be possible to use that in ... Steve Wheeler
07:31 AM Feature #10345 (Pull Request Review): Improve distinction between online and idle/offline entries in DHCP lease list: Jim Pingle
06:28 AM Feature #10345: Improve distinction between online and idle/offline entries in DHCP lease list: PR opened on GitHub: https://github.com/pfsense/pfsense/pull/4612 Thomas Arthofer
05:46 AM Bug #13449 (New): Wrong logging if ICMP "Port unreachable": It seems to me that there is a comma missing from these type of logs:
filterlog[82349]: 143,,,1611338923,vtnet2,ma... Johannes Wanink

08/25/2022

04:46 PM Bug #13448 (Resolved): Table row selection has poor contrast in Dark theme: In UI that uses a table, and requires selecting a row (like with pfBlockerNG under IP > IP Interface/Rules Configurat... Sean McBride
01:01 PM Feature #8867 (Confirmed): interfaces_vlan_edit.php does not display proper interface aliases: Re-opened this as a feature. It's not a bug, that's the expected behaviour, but there is no point displaying the inte... Steve Wheeler
12:59 PM Bug #13447 (Not a Bug): Double Nmap and NMap entries in Diagnostics menu: I'm not sure when it happened, possibly after updating from pfsense+ 22.01 to 22.05, but I now have two nmap items in... Sean McBride
12:27 PM Feature #13446: Upgrade PHP from 7.4 to 8.1: Commits already made that do not reference this issue:... Reid Linnemann
12:21 PM Feature #13446 (Closed): Upgrade PHP from 7.4 to 8.1: php 7.4 is EOL Nov. 28, 2022. We are migrating to php 8.1 as a result. Several changes will need to be made to accomp... Reid Linnemann
12:09 PM Bug #12902: DNS Forwarder creates a loop when "Use local DNS, ignore remote DNS servers" is selected: I'm afraid that this broke my use-case. I set the following custom options:
no-resolv
server=208.67.222.222
ser... Orion Poplawski
10:19 AM Bug #13445 (Resolved): ``easyrule`` CLI script has multiple bugs and undesirable behaviors: While updating docs I noticed a few minor issues in the ``easyrule`` CLI script/backend code that need addressing:
... Jim Pingle
08:05 AM pfSense Packages Bug #13444 (Incomplete): zabbix_proxy : cannot open "/var/log/zabbix-proxy/zabbix_proxy.log": [13] Permission denied: Hi
I frequently come across this issue when trying to investigate why a Zabbix agent isn't communicating successfu... Steve Scotter
07:33 AM Bug #13437 (Resolved): ECDSA certificate renewal causes digest algorithm to be reset to SHA1: Jim Pingle
01:00 AM Bug #13437: ECDSA certificate renewal causes digest algorithm to be reset to SHA1: Tested on
@22.05-RELEASE (amd64)
built on Wed Jun 22 18:56:13 UTC 2022
FreeBSD 12.3-STABLE@
After implementing... Lev Prokofev
07:27 AM pfSense Docs Correction #12861 (Feedback): pfSense hardware tuning guide references obsolete interface loader variable & buffer limits: Merged and deployed Jim Pingle
07:02 AM Revision c064bf32: Replace another config access in authgui.inc: I ran into this one on a fresh install (amd64/bhyve), CE, on main. Kristof Provost

08/24/2022

08:20 PM Revision c4117e83: Make array/config_set_path() create intermediary paths: Reid Linnemann
03:10 PM pfSense Docs Todo #13020 (Feedback): Improve ``easyrule`` command documentation: Done:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/0d6712ef2372a761a7a000507e355f46b72b3940
https://gi... Jim Pingle
11:08 AM pfSense Docs Todo #13020 (In Progress): Improve ``easyrule`` command documentation: Jim Pingle
09:52 AM pfSense Docs Todo #12162 (Resolved): Add "usb reset" as possible solution for non-booting flash drives on the SG-1100: Jim Pingle
09:52 AM pfSense Docs Todo #13342 (Resolved): Correct BGP last-as description: Jim Pingle
09:51 AM pfSense Docs New Content #13211 (Resolved): OpenVPN DCO Documentation: Jim Pingle
09:51 AM pfSense Docs New Content #13205 (Resolved): ZFS Boot Environment documentation: Jim Pingle
09:50 AM pfSense Docs Todo #13229 (Resolved): Update documentation for IPFW to PF transition for Limiters and Captive Portal: Jim Pingle
09:49 AM pfSense Docs New Content #13223 (Resolved): Document new gateway state killing behavior: Jim Pingle
09:49 AM pfSense Docs Todo #12980 (Resolved): Add warnings against OpenVPN Shared Key mode: Jim Pingle
07:24 AM pfSense Docs Todo #13369 (Resolved): Standardize mentions of macOS: All the documentation is updated accordingly. It looks OK now.
I am marking this ticket resolved. Danilo Zrenjanin
04:44 AM pfSense Docs Correction #13428 (Resolved): Firewall rules clarification: It looks good.
I am marking this ticket resovled. Danilo Zrenjanin
04:17 AM pfSense Docs Todo #13442 (Resolved): Feedback on Virtual Private Networks — IPsec — Using IPsec with Multiple Subnets: It looks good now.
I am marking this ticket resolved. Danilo Zrenjanin
02:41 AM Regression #13418: Captive Portal does not keep track of client data usage: I've posted the same (?) conclusion in the forum : "FreeRadius and quotas, doesn't work since 22.05":https://forum.ne... Gertjan KROEB

08/23/2022

11:24 PM Revision 84ba2e6e: Restore scope to address sent to Net_IPv6::compress now that it is fixed: Reid Linnemann
11:24 PM Revision 2cd097e5: Replace direct config accessin openvpn.inc: Reid Linnemann
11:24 PM Revision e0012fc3: Fix missing format specifier in input field help: Reid Linnemann
11:24 PM Revision d0ca7530: Replace direct config accesses in status_graph.php, status_ntpd.php: Reid Linnemann
11:24 PM Revision 466d0e96: Correct format specifier in input help: Reid Linnemann
11:24 PM Revision 910a1f74: Fix warnings in firewall_virtual_ip.inc: * unused variable $natdescr removed
* double quoted gettext string swallows and expands $s, single quote instead
* ... Reid Linnemann
11:24 PM Revision 66ab66c3: Replace direct config array access in diag_packet_capture.php: Reid Linnemann
11:24 PM Revision 746f30e3: Add config and config lib requires to guionfig.inc: Reid Linnemann
11:24 PM Revision 1073f4c6: Remove direct config array accesses from firewall_virtual_ip.inc: Reid Linnemann
11:24 PM Revision eec3ca7f: Add config/array_del_path helper function and associated test: Reid Linnemann
11:24 PM Revision 3bea27fd: Rename run_dhcp6client_process param to debugOption: Reid Linnemann
11:24 PM Revision 18ad7933: Correct a stray single quote in a config path: Reid Linnemann
11:24 PM Revision 27cb0c5a: In get_ll_scope(), remove intermediate $scope variable: Reid Linnemann
11:24 PM Revision 63de060f: Remove '/enable' from a path given to config_path_enabled(): Reid Linnemann
11:24 PM Revision 1ae906ba: Clean up declared and unused variables in config.console.inc: Reid Linnemann
11:24 PM Revision 123efede: Fix some missing '/'es in config paths: Reid Linnemann
11:24 PM Revision 2ca58ffd: Replace several direct config accesses in filter.inc: Major overhauls done in:
* filter_generate_gateways(0
* filter_get_vpns_list()
* filter_generate_optcfg_arry()
* ... Reid Linnemann
11:24 PM Revision dc337505: Fix unused and undefined variable warnings in util.inc: Reid Linnemann
11:24 PM Revision 24b3f37e: Fix unexpected type string for exec output: Reid Linnemann
11:24 PM Revision 5daccf2d: Fix undefined and unused variable warnings in interfaces.inc: Notes:
* interfaces_tunnel_configure()
* loop continue on address type "track6" never hit, defined variable is
... Reid Linnemann
11:24 PM Revision 207482a5: Replace direct config array accesses in interfaces.inc: Reid Linnemann
11:24 PM Revision 345d9f0e: Replace some direct config array accesses in wizard.php: Reid Linnemann
11:24 PM Revision a949b7ae: Correct deprecated implode() syntax: Reid Linnemann
11:24 PM Revision 2f971e22: Fix warnings in guiconfig.inc, unexpanded string in get_config_path call: Reid Linnemann
11:24 PM Revision a329c99b: Replace config array accesses in guiconfig.inc: Reid Linnemann
11:24 PM Revision 2d5c75fa: Change some config array accesses in interfaces.php: Reid Linnemann
11:24 PM Revision 49647709: Replace some config array access in services_dnsmasq.inc: Reid Linnemann
11:24 PM Revision 5922dddf: Replace config array accesses in create_interface_list(): Reid Linnemann
11:24 PM Revision fab98cb6: Fix multilevel array access outside config in util.inc: * Add generic array get/set path and path_exists functions to util.inc
* Wrap these more generic versions with the c... Reid Linnemann
11:24 PM Revision 077588c3: Make list assign from explode output safer: * Make the explode limit to the number of expected items
* Assign values by array_shift() to prevent undefined key ... Reid Linnemann
11:24 PM Revision 5833da65: Fix some undefined variable warnings: Reid Linnemann
11:24 PM Revision 988a687c: Fix several unsafe multilevel config array accesses in setup wizard: Reid Linnemann
11:24 PM Revision b4d8cf58: Correct single quoted string with parameter expansion: Reid Linnemann
11:24 PM Revision c6188970: Silence unused/undef'd variable warnings in filter.inc: Reid Linnemann
11:24 PM Revision 4c16247e: Replace multilevel config array access around the web gui port: Reid Linnemann
11:24 PM Revision f5b91462: Replace multilevel config array accesses regarding openvpn: Reid Linnemann
11:24 PM Revision a25e9691: Replace multilevel array accesses regarding v4 and v6 gateways: Reid Linnemann
11:24 PM Revision 9fb6cc18: Replace more problematic multilevel config array access: Reid Linnemann
11:24 PM Revision 51e30f11: Fix text_to_compressed_ipv6() to omit %ifname from v6 addresses: Prior to this, v6 addresses would be considered by Net_IPv6::compress() to have
an ipv4 part consisting of all text f... Reid Linnemann
11:24 PM Revision 41025e0a: Use config_path_enabled() and config_get_path() for troublesome paths: Reid Linnemann
11:24 PM Revision 03215791: Add config_path_enabled() function and associated tests: Reid Linnemann
11:24 PM Revision 10ad2540: Replace more direct config array access with config_get_path(): Reid Linnemann
11:24 PM Revision 1376d109: Change numerous direct references into config to config_get_path(): Reid Linnemann
11:24 PM Revision 05952582: Correct dhcpv6 enable check to use config_get_path(): Reid Linnemann
11:24 PM Revision fb2be38a: Use config_get_path for openvpn interfaces and ifgroups: Reid Linnemann
11:24 PM Revision 09d0ff02: Use config_get_path for looking up static ARP entries: Reid Linnemann
11:24 PM Revision 29bed760: Use config_get_path() for friendly ifnames and vlan configs: These elements may not exist in the config depending on the user config and
available ifaces, causing errors in php 8... Reid Linnemann
11:24 PM Revision 926479e8: Make php stdout and stderr less verbose for nonfatal messages: Reid Linnemann
11:24 PM Revision 6d0aa23d: Add missing require of interfaces.inc to util.inc: Reid Linnemann
11:24 PM Revision de3f6463: Correct required param after optional param syntax errors: Reid Linnemann
11:24 PM Revision ddf7b2db: Silence warnings about missing global key 'booting': Reid Linnemann
11:24 PM Revision 92abdaf0: Add config_get_path and config_set_path for config element access: config_get_path and config_set_path allow the user to specify a configuration
element by path rather than by direct a... Reid Linnemann
11:24 PM Revision 47fb5604: Inhibit startup error printing to stdout in read_global_var: Reid Linnemann
11:24 PM Revision dfd11d44: Add php81 extensions dir path: Reid Linnemann
11:24 PM Revision 22c89db3: Use array_values() to expand $cert_curve_compatible: In php8, call_user_func_array expands the $cert_curve_compatible array into
named parameters for nominated func array... Reid Linnemann
11:24 PM Revision b880c1a3: Select default php version 8.1: Reid Linnemann
07:45 PM Bug #8151: Changing name on a gateway is not allowed: Excuse provided by Jim Pingle is unacceptable. If you can't figure it out, don't say it can't be done. Your failures ... C Tong
02:36 PM pfSense Docs New Content #11739 (Feedback): Manual Outbound NAT rules in HA setup: Added and deployed:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/4d938fbf916b32518177adcdd97d6eaee641a250... Jim Pingle
01:25 PM pfSense Docs Correction #11145 (Duplicate): Screenshots in "Virtualizing pfSense with Hyper-V" recipe are incorrect and outdated: I updated all the screenshots when updating the recipe for #9374, they are already live. Jim Pingle
01:24 PM pfSense Docs Correction #12400 (Feedback): NAT 1:1 documentation - multi-wan information: Updated to account for the items above, plus other recent changes to the page, including new screenshots.
https://... Jim Pingle
12:53 PM pfSense Docs New Content #9608 (Duplicate): Add note about disabling secure boot when configuring a Hyper-V Gen 2 VM: Addressed when I updated the doc for #9374, it's already live. Jim Pingle
10:55 AM pfSense Docs New Content #13311 (Resolved): Add troubleshooting tips for multiple disk boot issues: Looks good; good info! Marcos M
10:42 AM pfSense Docs New Content #13311 (Feedback): Add troubleshooting tips for multiple disk boot issues: Added:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/190b7a62950635bf62ab6975c902567fea2bd232
https://d... Jim Pingle
10:32 AM pfSense Docs New Content #13311: Add troubleshooting tips for multiple disk boot issues: We see these issues mostly on ZFS but they aren't necessarily exclusive to ZFS.
Jim Pingle
10:09 AM Regression #13420: TCP traffic sourced from the firewall can only use the default gateway: I can reproduce the problem on a 22.09 snapshot, but not on a main-based image:... Kristof Provost
09:35 AM pfSense Docs Correction #13400 (Feedback): Feedback on Cellular Wireless — Known Working 3G-4G Modems: I added that as an alternative command. I see references to both for that same model around, so it may depend on the ... Jim Pingle
09:17 AM Regression #13443 (Not a Bug): OpenVPN Peer-to-peer w. PSK broken after upgrade to 2.6.0: There isn't enough information here or in the thread to support it being a bug. It works fine in general for others, ... Jim Pingle
09:16 AM Regression #13443 (Rejected): OpenVPN Peer-to-peer w. PSK broken after upgrade to 2.6.0: There's not enough information here to indicate there's a bug. Please continue to discuss this on the forum - increas... Marcos M
08:05 AM Regression #13443 (Not a Bug): OpenVPN Peer-to-peer w. PSK broken after upgrade to 2.6.0: After I upgraded both my PFsense boxes to 2.6.2 from 2.5.x my site-to-site OpenVPN connection does not work. Nothing ... Morten Pedersen
07:09 AM pfSense Docs Todo #13442 (Feedback): Feedback on Virtual Private Networks — IPsec — Using IPsec with Multiple Subnets: Fixed and deployed, will be live once the docs build in a few minutes.
Thanks!
https://gitlab.netgate.com/docs/... Jim Pingle
07:08 AM pfSense Docs Todo #13442 (In Progress): Feedback on Virtual Private Networks — IPsec — Using IPsec with Multiple Subnets: Jim Pingle
05:08 AM pfSense Docs Todo #13442 (Resolved): Feedback on Virtual Private Networks — IPsec — Using IPsec with Multiple Subnets: *Page:* https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/multiple-subnets.html
*Feedback:*
Ciao,
the 3 netwo... Andrea Marcato
06:18 AM pfSense Packages Bug #12475: OpenVPN Client Export does not show certificate without private key: Charles Sprickman wrote in #note-12:
> Marcos M wrote in #note-11:
> > I'm reopening this. The comments above about... Denis Grilli

08/22/2022

09:00 PM pfSense Packages Bug #13441 (Confirmed): FRR fails to start with route map on "sequence 0" in configuration: Creating a route map in FRR global configuration and assigning a network to sequence 0 prevents FRR/BGP from loading
... Paighton Bisconer
08:13 PM pfSense Packages Bug #12475: OpenVPN Client Export does not show certificate without private key: Marcos M wrote in #note-11:
> I'm reopening this. The comments above about the $settings and $cert variable are corr... Charles Sprickman
04:31 PM pfSense Docs Todo #13419 (Resolved): Note FreeRADIUS request/response limitation: Marcos M
03:19 PM pfSense Docs Todo #13419: Note FreeRADIUS request/response limitation: Fixed: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/37b9bed9905acebb16d340fae613fdb70a3a3987 Jim Pingle
12:57 PM pfSense Docs Todo #13419: Note FreeRADIUS request/response limitation: This:
> response payloads to upper limit of 4096 bytes
should be this:
> response payloads to the upper limit of... Marcos M
12:24 PM pfSense Docs Todo #13419 (Feedback): Note FreeRADIUS request/response limitation: I added the note to the authentication troubleshooting page and not the FreeRADIUS page. The limit is in pfSense soft... Jim Pingle
03:17 PM pfSense Docs Todo #9374 (Feedback): Update Virtualizing pfSense with Hyper-V recipe with more recent information: Updated: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/8d7a2654b2d040da94dffc9a3520157406314a88
Should be ... Jim Pingle
12:50 PM pfSense Docs Todo #9374 (In Progress): Update Virtualizing pfSense with Hyper-V recipe with more recent information: Jim Pingle
03:12 PM Revision 9484a1cb: Consider EC digest prefix when renewing CA/Cert. Fixes #13437: Jim Pingle
01:27 PM Revision f82edca2: Merge pull request #4611 from jaredhendrickson13/fix_system_advanced_firewall_validation: Jim Pingle
12:35 PM Bug #12747: Restarting the logging daemon during rotation also restarts ``sshguard``, leading to frequent log messages: I am having the same issue in 22.05. Hayden Hill
12:01 PM pfSense Docs New Content #12402: Add recipe for configuring Telegram to receive notifications from pfSense software: The GUI fields for Telegram on pfSense software are already documented. All the stuff mentioned here is about configu... Jim Pingle
11:44 AM Todo #13440 (Pull Request Review): Update external HTTPS/HTTP links: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/846 Marcos M
11:39 AM Todo #13440 (Resolved): Update external HTTPS/HTTP links: There are links referenced in comments that no longer exist, have changed, or should be updated to point to https ins... Marcos M
10:20 AM Bug #13437 (Feedback): ECDSA certificate renewal causes digest algorithm to be reset to SHA1: Applied in changeset commit:9484a1cbdc2fa73cfe24681c342327729ffb6d61. Jim Pingle
09:05 AM Bug #13437 (Confirmed): ECDSA certificate renewal causes digest algorithm to be reset to SHA1: I can reproduce this here. I'll look into it. Jim Pingle
12:29 AM Bug #13437 (Resolved): ECDSA certificate renewal causes digest algorithm to be reset to SHA1: I have pfSense 2.6.0-RELEASE (amd64) Community Edition.
h3. Description:
When renewing a ECDSA certificate, the... Kevin St-Sauveur
09:27 AM Bug #13439 (Not a Bug): no emails when primary wan goes down: They work fine so long as there is a route to your mail server. If your default route is down of course the firewall ... Jim Pingle
09:21 AM Bug #13439 (Not a Bug): no emails when primary wan goes down: Dual wan setup. Failover works fine.
Email alerts work for:
primary wan up
secondary wan down
secondary wan up... jeff knight
08:31 AM Bug #13436 (Feedback): Input validation on ``system_advanced_firewall.inc`` uses incorrect variable references for some fields: PR merged Jim Pingle
08:26 AM Bug #13436: Input validation on ``system_advanced_firewall.inc`` uses incorrect variable references for some fields: Looks like a remnant of the Bootstrap GUI work many years ago, most fields were fixed in #5025 but those were apparen... Jim Pingle
07:58 AM pfSense Docs Correction #12861 (Pull Request Review): pfSense hardware tuning guide references obsolete interface loader variable & buffer limits: Jim Pingle
07:50 AM pfSense Docs Correction #13431 (Resolved): Incorrect count of /24 networks in a /5 CIDR block: Jim Pingle
04:10 AM pfSense Docs Correction #13431: Incorrect count of /24 networks in a /5 CIDR block: Thank you Abraham Samuel B. SANFO
07:49 AM pfSense Docs Correction #13433 (Resolved): Change the link for the help button on /diag_backup.php: Changed and deployed, it's live now.
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/b3ba9146053a2b8876c9ca1... Jim Pingle
07:18 AM Regression #13167: DigitalOcean Dynamic DNS update fails with a "bad request" error: the issue seems to be resolved. I'm no longer getting this error. Antes Despues
02:38 AM Bug #13438 (New): No IPv6 tracked interface addresses after reboot: I have a 6rd connection over PPPoE to CenturyLink. I have IPv6 configured on LAN interface to track the WAN, plus 4 ... Daniel Engel

08/21/2022

08:01 PM Feature #701: Interface groups with NAT: Interface groups may be selected in port forwards, though there isn't a destination selection for "Interface Address"... Marcos M
04:51 PM Revision b8890aad: fix: corrects validations for various fields in system_advanced_firewall.inc: Jared Hendrickson
12:34 PM Bug #13436 (Resolved): Input validation on ``system_advanced_firewall.inc`` uses incorrect variable references for some fields: A few fields in /usr/local/pfSense/include/www/system_advanced_firewall.inc are being incorrectly validated.
- `a... Jared Hendrickson
07:25 AM pfSense Packages Bug #13432: ups driver will not start: It seems to be the same as this issue: https://redmine.pfsense.org/issues/9849
This was on a completely new instal... Scott Lampert

08/20/2022

10:10 PM Bug #13375: Mixing VTI and disabled Tunnel Mode phase 2 entries on the same phase 1 breaks VTI gateway monitoring: This seems to affect 22.11 builds as well. Kris Phillips
10:08 PM Bug #4500: UPnP/NAT-PMP status page does not display all port mappings: Tested and seems to apply and work fine here. Kris Phillips
09:58 PM pfSense Packages Bug #13432: ups driver will not start: Actually, I tested this with an APC unit just now and the nut package and was able to connect with the generic usbhid... Kris Phillips
09:42 PM pfSense Packages Bug #13432: ups driver will not start: Hello,
I tested and was unable to reproduce this, but I don't have a Cyberpower UPS. It seems this shouldn't be l... Kris Phillips
07:57 PM pfSense Docs Correction #12861 (Feedback): pfSense hardware tuning guide references obsolete interface loader variable & buffer limits: Merge request:
https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/49 Chris W
02:43 PM Bug #13424: CRL expiration date with default lifetime is too long, goes past UTCTime limit: I can't reproduce that here. Start a thread on the forum to discuss your problem further. Jim Pingle
02:31 PM Bug #13424: CRL expiration date with default lifetime is too long, goes past UTCTime limit: The fix doesn't work after turning off pfsense. After switching on, the error repeats. Restarting the vpn service or ... Oleg Utkin
02:42 PM Bug #13435 (Duplicate): Certification Revocation: Duplicate of #13424 Jim Pingle
02:41 PM Bug #13435 (Duplicate): Certification Revocation: When creating a new CRL (Certification Revocation) and you use the default value 9999
The Next Update date is set th... Saso Kocev
10:50 AM Feature #13411 (Pull Request Review): Packet capture does not support 6rd tunnels: Thanks for the feedback! I've addressed the issue. Marcos M
10:36 AM pfSense Plus Bug #13434 (Closed): Upgrade from 2.4.4. to 22.0x results in LAN traffic intermittently dropped for OpenVPN clients: Scenario:
- pfSense 2.4.4 AWS image with around 100 - 150 OpenVPN clients functions normally.
- After moving to... Chris W
06:57 AM pfSense Plus Bug #13430 (Not a Bug): Redundate Breadcumb Path in Diagnostics > Backup & Restore: Actually, that's the right path. If you follow each link, you'll get exactly that.
From the Status/Dashboard, yo... Danilo Zrenjanin
06:53 AM pfSense Docs Correction #13433 (Resolved): Change the link for the help button on /diag_backup.php: It would have more sense to change that link to the https://docs.netgate.com/pfsense/en/latest/backup/index.html#back... Danilo Zrenjanin
04:19 AM pfSense Packages Bug #13409: Copy button for Optional pre-shared key for this tunnel works in HTTPS mode only: The same behavior on 22.09-DEVELOPMENT (amd64)built on Fri Jul 29 06:14:54 UTC 2022
Lev Prokofev

08/19/2022

03:51 PM pfSense Docs New Content #12791 (Resolved): Diagnostic Information for Support (pfSense): Documentation looks good. Been using it on tickets for awhile and customers seem to understand it well.
Marking re... Christopher Cope
03:18 PM pfSense Docs Correction #13429 (Resolved): Update CRL Lifetime default value: Looks good. Marking as resolved. Christopher Cope
12:53 PM pfSense Docs Correction #13429 (Feedback): Update CRL Lifetime default value: Fixed and deployed
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/9a5b5341097dccc08f99f428ed9f67cf66bacc1d Jim Pingle
04:08 AM pfSense Docs Correction #13429 (Resolved): Update CRL Lifetime default value: https://docs.netgate.com/pfsense/en/latest/certificates/crl.html#create-a-new-certificate-revocation-list... Danilo Zrenjanin
02:43 PM pfSense Packages Bug #13432 (Incomplete): ups driver will not start: I cannot get a USB-connected UPS to be recognized unless the nut usb driver is started with the "-u root" option.
... Scott Lampert
01:05 PM pfSense Docs Correction #13428 (Feedback): Firewall rules clarification: Fixed and deployed:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/07564b51b361a9351ab0ac65d2d553261de48dc8
Jim Pingle
07:27 AM pfSense Docs Correction #13428: Firewall rules clarification: It is correct but could maybe be more clear.
It says "traffic initiated from the LAN". It does *NOT* say "traffic ... Jim Pingle
01:02 PM pfSense Docs Correction #13431 (Feedback): Incorrect count of /24 networks in a /5 CIDR block: Actually the remaining values in that whole column were off from that point down. Should be fixed shortly once the bu... Jim Pingle
11:27 AM pfSense Docs Correction #13431 (Resolved): Incorrect count of /24 networks in a /5 CIDR block: *Page:* https://docs.netgate.com/pfsense/en/latest/index.html
*Feedback:*
Good morning.
Reading "The pfSense d... Abraham Samuel B. SANFO
10:51 AM pfSense Plus Bug #13430 (Not a Bug): Redundate Breadcumb Path in Diagnostics > Backup & Restore: Version: 22.05-RELEASE
This is very minor, but I noticed a redundancy in the breadcrumb path of *Backup & Restore*... Lonnie Best
07:12 AM Bug #13424: CRL expiration date with default lifetime is too long, goes past UTCTime limit: The patch does not alter the configuration or lifetimes of existing entries, it (a) reduces the default for new CRL e... Jim Pingle
04:03 AM Bug #13424: CRL expiration date with default lifetime is too long, goes past UTCTime limit: Tested the patch:... Danilo Zrenjanin

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

09/17/2022

09/16/2022

09/15/2022

09/14/2022

09/13/2022

09/12/2022

09/11/2022

09/10/2022

09/09/2022

09/08/2022

09/07/2022

09/06/2022

09/05/2022

09/04/2022

09/03/2022

09/02/2022

09/01/2022

08/31/2022

08/30/2022

08/29/2022

08/28/2022

08/27/2022

08/26/2022

08/25/2022

08/24/2022

08/23/2022

08/22/2022

08/21/2022

08/20/2022

08/19/2022