Activity

30 days up to

User

Subprojects

Activity

From 09/07/2022 to 10/06/2022

10/06/2022

02:44 PM Revision 80e41507: Update firewall_nat_out.inc for PHP81: Christian McDonald
02:43 PM Revision c267fb45: Fix firewall_nat_1to1.inc for PHP81: Christian McDonald
02:42 PM Revision dc7efffb: Fix PHP81 error in firewall_nat.inc: Christian McDonald
01:45 PM pfSense Packages Bug #13548: FreeRadius does not pay attention to local groups: Got it thanks so much for clarification. Mikael *
12:11 PM pfSense Packages Bug #13548: FreeRadius does not pay attention to local groups: Then you are configuring it wrong. If you set the Class reply attribute with groups on a user in FreeRADIUS then the ... Jim Pingle
12:08 PM pfSense Packages Bug #13548: FreeRadius does not pay attention to local groups: Sorry, I may been unclear on the actual issue Jim. I'm referring to this piece of code for @getUserGroups@ : https:/... Mikael *
08:09 AM pfSense Packages Bug #13548 (Rejected): FreeRadius does not pay attention to local groups: FreeRADIUS is an add-on package and its usage may not be for authenticating items on the firewall itself. It shouldn'... Jim Pingle
03:29 AM pfSense Packages Bug #13548 (Rejected): FreeRadius does not pay attention to local groups: Freeradius should be aware of which groups a freeradius defined user is assigned to in the local groups to the system... Mikael *
01:14 PM Feature #13547: Limit allowed VPN users based on group association: Looking into this request, basically this request sums up the feature wanted: https://redmine.pfsense.org/issues/10748 Mikael *
11:52 AM Feature #13547: Limit allowed VPN users based on group association: I may have expressed my self-wrong, on the system side I can create a group and assign the appropriate permissions to... Mikael *
03:21 AM Feature #13547 (New): Limit allowed VPN users based on group association: Hi,
Currently I'm using Freeradius as my source of users who have access to VPN and the firewall. On the system side... Mikael *
12:15 PM Regression #13316 (Resolved): ``vmstat -m`` value for ``temp`` is accounted for incorrectly, resulting in underflows: Christopher Cope
12:15 PM Regression #13316: ``vmstat -m`` value for ``temp`` is accounted for incorrectly, resulting in underflows: Working as expected on... Christopher Cope
08:54 AM Regression #13522: Minnowboard Turbot additions are no longer present: I have started the work to add the customizations back Brad Davis
08:08 AM Bug #13546 (Not a Bug): OpenVpn with FreeRadius Framed-Ip-Address does not work if client name differs common name: There is no bug here, it's working exactly as it should. If the username doesn't match the certificate, you can toggl... Jim Pingle
08:05 AM pfSense Docs Correction #13549 (Rejected): Feedback on pfSense® software Configuration Recipes — OpenVPN Site-to-Site Configuration Example with SSL/TLS: No, it should not. The recipe is correct. Using /30 tunnel networks is incorrect for a multi-site setup like the reci... Jim Pingle
05:01 AM pfSense Docs Correction #13549 (Rejected): Feedback on pfSense® software Configuration Recipes — OpenVPN Site-to-Site Configuration Example with SSL/TLS: *Page:* https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-s2s-tls.html
*Feedback:* The tunnel network in ... Paal Andreas Lindsetmo
06:14 AM Bug #13262 (Resolved): File browser on ``diag_edit.php`` does not encode filenames before display: Tested on the:... Danilo Zrenjanin
02:40 AM Bug #13337: After upgrading from 22.01 to 22.05 unbound intermittently stops resolving until manually restarted: This sounds like how I've always had #11316 , services window says its online but all DNS is dead until manually rest... Chris R

10/05/2022

11:57 PM Bug #13546 (Not a Bug): OpenVpn with FreeRadius Framed-Ip-Address does not work if client name differs common name: Hi,
I've been troubleshooting why framed-ip-address assigned by FreeRadius did not work with OpenVpn. First off I wa... Mikael *
09:15 PM Revision 7df0039f: Set the correct ABI/ALTABI for the next release.: Luiz Souza
07:41 PM Revision cef711cf: Add simplepie to composer manifest: Christian McDonald
03:42 PM Revision a46b9274: poudriere: add drm-510-kmod: The i915kms driver is no longer part of the base system, but has to be
installed from ports instead. Build the port.
... Kristof Provost
02:07 PM Bug #9149 (Rejected): Continued issues with /tmp and /var in RAM on 2.4: RAM disk implementation has been worked on quite a bit. This is very likely to be irrelevant at this point. Christian McDonald
02:04 PM Bug #5658 (Not a Bug): Files with the same name cannot be uploaded to multiple captive portal zones: ... Christian McDonald
01:57 PM Bug #13545 (Resolved): Toggling NAT rules using the button method does not enable/disable corresponding firewall rules: Check the checkbox of one or more existing NAT rule(s). Click the toggle button. Click Apply button.
The NAT rule(2)... Jens Kristensen
08:09 AM Bug #13533 (Resolved): pfsense 2.7 (FreeBSD 14) system_authservers.php - syntax error: Tested on the:... Danilo Zrenjanin
02:25 AM Bug #13525: Memory leak in PF when retrieving Ethernet rules: seems to have landed in our tree
https://github.com/pfsense/FreeBSD-src/commit/0044bd90f2397dfad5f4bbd12c64be86e0b... Jim Thompson
01:40 AM pfSense Packages Bug #13544 (New): SquidGuard either denying everything or proxying everything: Hey,
I truly doubt this is a configuration issue as I've tried all the possible combinations.
Relevant images a... Jimmy Michaelson

10/04/2022

04:07 PM pfSense Docs Todo #13543 (Confirmed): Feedback on Packages — pfBlocker-NG Package: *Page:* https://docs.netgate.com/pfsense/en/latest/packages/pfblocker.html
*Feedback:*
The action options on th... Loh Phat
03:52 PM Revision 40997699: Fix carp_status.widget.php for PHP81. Fixes #13535: Christian McDonald
12:44 PM Feature #1831: Captive portal IPv6 support: Updated target versions as this is not in the body of work for 11/2022. Reid Linnemann
12:41 PM Bug #13282 (Feedback): Alias content is sometimes incomplete if the firewall cannot resolve an FQDN in the alias: I'm pretty sure the invalid FQDN is a red herring, I found a lot of thread synchronization issues with filterdns that... Reid Linnemann
12:36 PM Bug #13067 (Feedback): Resolve interval for ``filterdns`` may not match the configured value: The code inexplicably added the interval mod 30 to the interval, I've fixed this as of https://github.com/pfsense/Fre... Reid Linnemann
11:08 AM Bug #13500: Remote groups with special characters ($) / LDAP not supported.: This should only work for Remote scoped groups. Local scoped groups are subject to the local group naming restriction... Christian McDonald
11:00 AM Regression #13535: Pfsense 2.7 (14.0-CURRENT) - Freeradius, Pfblocker not working or showing up in menu: Applied in changeset commit:40997699d4fda1b3f851f2dcc816c346ebce7d91. Christian McDonald
10:52 AM Regression #13535 (Feedback): Pfsense 2.7 (14.0-CURRENT) - Freeradius, Pfblocker not working or showing up in menu: https://gitlab.netgate.com/pfSense/pfSense/-/commit/40997699d4fda1b3f851f2dcc816c346ebce7d91 Christian McDonald
10:03 AM pfSense Packages Bug #13045: Firewall floating rules ignore WireGuard traffic: *edit*: I was able to make it work for now by making sure to kill states and then having this pair of quick/block flo... → luckman212
08:08 AM pfSense Packages Bug #13045: Firewall floating rules ignore WireGuard traffic: @cmcdonald can you comment on whether rules (specifically block rules) are working for assigned Wireguard interfaces,... → luckman212
07:51 AM Bug #13541 (Not a Bug): openvpn doesn't auto connect if there was a power loss: There isn't nearly enough information here to identify anything actionable. OpenVPN reconnects fine on reboot/power o... Jim Pingle
06:01 AM Bug #13541 (Not a Bug): openvpn doesn't auto connect if there was a power loss: i'm using pfsense 2.6 and if there is a power loss or for a test i switch off the power after the new boot the openvp... fabio fabio
07:14 AM Bug #13542 (Closed): Boot delay caused when OpenVPN config uses alias list that relies on DNS: pfSense+ 22.05 in Azure
I use OpenVPN with an alias list that includes 76 (and growing) FQDNs.
When the system ... Adrien Carlyle
03:38 AM pfSense Packages Feature #13540 (New): Check what rule is triggered by a Domain or IP: Test a Domain or IP in pfBlockerNG to see what rule they trigger.
This allows an admin to quickly check what rule ... Jon Brown

10/03/2022

07:08 PM Revision a5c00e98: Update composer.lock for PHP81: Christian McDonald
05:34 PM Bug #13539 (Resolved): Missing descriptions for referrers to firewall aliases cause empty strings for references to be returned when deleting an in-use alias: If an alias is in use by another alias, filter rule, nat rule, route, or OVPN configuration, attempting to delete it ... Reid Linnemann
04:47 PM Revision fbade897: Add a new core package, pfSense-boot to hold the OS boot files.: This package will be used to allow the update of the OS loader,
which needs to happen on the first phase of the updat... Luiz Souza
01:03 PM Bug #13538 (Resolved): Deleting an alias marks the subsystem as unclean but also unconditionally reloads the filter configuration: The parameter $apply to deleteAlias() appears to be intended to control whether the change is applied with a filter r... Reid Linnemann
07:07 AM Regression #13506 (Resolved): Services Status Widget always shows hiddebn: Jim Pingle
07:05 AM Bug #12901 (New): DNS Forwarder refuses valid retries from clients in certain cases: We'll pick it up the next time we sync our ports tree with main on the dev snapshot branches. It's a manually process... Jim Pingle
07:02 AM Bug #13534 (Not a Bug): IPsec Status contains doubled entries per tunnel: Jim Pingle

10/02/2022

06:31 PM pfSense Packages Bug #13485 (Resolved): Interfaces are not listed correctly in pfBlockerNG-devel when selecting the cURL interface: Merged. Marcos M
05:24 PM pfSense Packages Regression #13156: pfBlockerNG IP block stats do not work: Thx Marcos tested V1 patch an V2 and they do their jobs thanks a lot ==> version tested pfBlockerNG-devel, version 3.... collin Collen
06:54 AM Todo #13537 (Resolved): Update vendor files: Update jquery and jquery_ui
https://github.com/pfsense/pfsense/pull/4618
Reasons for update:
jquery_ui v1.13... GChuf 6
06:49 AM Todo #13536 (Rejected): Compress website images: Compress 35 _.png_ files used for web interface in order to reduce size and processing/loading times.
https://gith... GChuf 6
02:02 AM Bug #13329: Traffic shaping Wizard sets invalid values for qVoip queue: I've tested on 22.05 and can confirm that behavior. When I use HFSC and finish the wizard the qVoip is set to 32Kb
!c... aleksei prokofiev

10/01/2022

10:14 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``: Did some additional testing today. Ran a pcap in promisc mode. The Netgraph interface and physical interface attach... Kris Phillips
09:18 PM pfSense Packages Bug #13045: Firewall floating rules ignore WireGuard traffic: Any further updates here? → luckman212
07:42 PM Regression #13535 (Resolved): Pfsense 2.7 (14.0-CURRENT) - Freeradius, Pfblocker not working or showing up in menu: Crash report begins. Anonymous machine information:
amd64
14.0-CURRENT
FreeBSD 14.0-CURRENT #0 devel-main-n2557... RED SKULL
07:12 PM pfSense Packages Bug #13531: Suricata GUI broken with PHP 8.1: And one further note -- I am the volunteer package maintainer for Suricata and Snort in case any of the newer Netgate... Bill Meeks
01:59 PM pfSense Packages Bug #13531: Suricata GUI broken with PHP 8.1: I believe all of the PHP8 issues are fixed in the pull request I offered, but it has not been merged pending review b... Bill Meeks
01:57 PM pfSense Packages Bug #13531: Suricata GUI broken with PHP 8.1: I am getting the same error as Kris. But it seems that PHP8 compatibility issues fixes are included in the 6.0.6_1, w... Danilo Zrenjanin
12:16 PM pfSense Packages Bug #13531: Suricata GUI broken with PHP 8.1: Testing all other menus and buttons seems to produce no errors. However, there are some menus that cannot be accesse... Kris Phillips
12:11 PM pfSense Packages Bug #13531 (Confirmed): Suricata GUI broken with PHP 8.1: Installation of Suricata is fixed in September 30th builds and all main menu items are loading now.
However, att... Kris Phillips
06:27 PM Regression #13506: Services Status Widget always shows hiddebn: working as expected now on Plus also, tested on 22.11-DEVELOPMENT-20221001-0252 Jordan G
06:22 PM Revision 9ebd6ff3: PHP81 fix in gwlb.inc. For #13514: Christian McDonald
05:59 PM Regression #13514: PHP 8.1 - Syntax error when disabling a gateway under SYSTEM > GATEWAYS > EDIT: this is also present on Plus 20221001-0252 build of 22.11 fyi Jordan G
01:24 PM Regression #13514 (Feedback): PHP 8.1 - Syntax error when disabling a gateway under SYSTEM > GATEWAYS > EDIT: Fixed Christian McDonald
01:05 PM Regression #13514 (Confirmed): PHP 8.1 - Syntax error when disabling a gateway under SYSTEM > GATEWAYS > EDIT: Chris W
01:01 PM Regression #13514: PHP 8.1 - Syntax error when disabling a gateway under SYSTEM > GATEWAYS > EDIT: Confirmed on latest build (running on KVM, and IPv6 was switched off upstream):
2.7.0-DEVELOPMENT (amd64)
built on Fr... Chris W
05:38 PM Bug #12901: DNS Forwarder refuses valid retries from clients in certain cases: The upstream patch has landed in the latest release 2.87 from a few days ago. Does pfsense need to manually pull in t... Flole Systems
04:37 PM pfSense Packages Bug #13526: Invalid message from WireGuard about a wrong public key for peer: To transfert the key from the Wireguard Android device to my PC, I made a copy using the builtin touch-to-copy to cli... Yann Papouin
02:42 PM pfSense Packages Bug #13526: Invalid message from WireGuard about a wrong public key for peer: Can you please detail the steps you took which resulted in the key not being accepted?
I'm unable to reproduce thi... Chris W
02:38 PM pfSense Packages Bug #13526 (Feedback): Invalid message from WireGuard about a wrong public key for peer: Chris W
02:50 PM Bug #13534 (Closed): IPsec Status contains doubled entries per tunnel: OK, Steve helped to find the issue. I restored a config made earlier while this bug was present. After creating a new... Danilo Zrenjanin
02:35 PM Bug #13534: IPsec Status contains doubled entries per tunnel: Tested on the:... Danilo Zrenjanin
02:12 PM Bug #13534 (Not a Bug): IPsec Status contains doubled entries per tunnel: After establishing an IPsec tunnel, I can see the same tunnel twice under status_ipsec.php
pfSense side IPsec sett... Danilo Zrenjanin
02:02 PM pfSense Packages Bug #13515: Snort with PHP 8.1 - TypeError when saving edits to an interface: The request is being reviewed by Jim Pingle and is not yet merged. Bill Meeks
12:51 PM pfSense Packages Bug #13515 (Confirmed): Snort with PHP 8.1 - TypeError when saving edits to an interface: Tested on September 30th builds of CE. Doesn't appear this has been merged as the error is still present. Kris Phillips
02:01 PM Todo #13505 (Resolved): Correct DHCP client rule descriptions in the generated firewall ruleset: added
pass in quick on $WAN proto udp from any port = 67 to any port = 68 ridentifier 1000000461 label "allow ... Alhusein Zawi
01:41 PM Bug #13533: pfsense 2.7 (FreeBSD 14) system_authservers.php - syntax error: Tested with the above commit
Kris Phillips wrote in #note-4:
> Christian McDonald wrote in #note-2:
> > Fixed.
... Kris Phillips
12:42 PM Bug #13533: pfsense 2.7 (FreeBSD 14) system_authservers.php - syntax error: Christian McDonald wrote in #note-2:
> Fixed.
For testing commit ID is 216cca9cbbde63584244e817a5ce288d12113d97 Kris Phillips
12:04 PM Bug #13533: pfsense 2.7 (FreeBSD 14) system_authservers.php - syntax error: Still seeing this on the September 30th builds:
Parse error: syntax error, unexpected token "as", expecting ")" in... Kris Phillips
07:22 AM Bug #13533: pfsense 2.7 (FreeBSD 14) system_authservers.php - syntax error: Fixed. Christian McDonald
07:22 AM Bug #13533 (Feedback): pfsense 2.7 (FreeBSD 14) system_authservers.php - syntax error: Christian McDonald
03:33 AM Bug #13533 (Resolved): pfsense 2.7 (FreeBSD 14) system_authservers.php - syntax error: Crash report begins. Anonymous machine information:
amd64
14.0-CURRENT
FreeBSD 14.0-CURRENT #0 devel-main-*****... RED SKULL
12:49 PM pfSense Packages Bug #13516 (Resolved): Snort with PHP 8.1 - TypeError when attempting to view a Suppression List on a Snort interface: Tested on September 30th builds. No PHP errors present when viewing the Alert Suppression and Filtering under the in... Kris Phillips
12:20 PM Revision 216cca9c: Fix syntax error in system_authservers.php. For #13533: Christian McDonald
12:02 PM pfSense Packages Bug #13513 (Confirmed): Cannot install Squid: Marking as confirmed Kris Phillips
12:02 PM pfSense Packages Bug #13513: Cannot install Squid: Tested on September 30th build and problem is still present.
Fatal error: Uncaught TypeError: Cannot access offs... Kris Phillips
11:40 AM pfSense Packages Bug #11345 (Resolved): FRR-OSPF - No "prefix-list" possible: Danilo Zrenjanin
11:40 AM pfSense Packages Bug #11345: FRR-OSPF - No "prefix-list" possible: Tested on:... Danilo Zrenjanin
01:01 AM Feature #12982: Add support for RFC7499 in RADIUS library.: Hello Christian. Ok, I finally understand what you are saying. I've install a stand along FreeRadius (as one of you... Frank Lee
12:41 AM Bug #13396: Custom logo or background image is created with two dots (``..``) before the file extension: Looks good, no more additional dots, after the patch. Lev Prokofev
12:27 AM Bug #13499: Namecheap service type is missing help text for the password field: I'd say enter a dynamic DNS password generated under the Namecheap DNS configuration tab, but totally agree that it... Lev Prokofev

09/30/2022

06:41 PM pfSense Packages Bug #13531: Suricata GUI broken with PHP 8.1: The PHP8 errors have been fixed in Pull Request 1192 posted to the pfSense Package DEVEL branch on GitHub here: [http... Bill Meeks
08:12 AM pfSense Packages Bug #13531 (Resolved): Suricata GUI broken with PHP 8.1: Opening this ticket as a generic placeholder for documenting PHP 8.1 issues in the Suricata GUI package.
Installat... Bill Meeks
06:11 PM Bug #13528 (Duplicate): pfSense sends wrong NAS-IP-Address to RADIUS server: Marcos M
04:39 PM Bug #13436: Input validation on ``system_advanced_firewall.inc`` uses incorrect variable references for some fields: Tested on... Christopher Cope
04:24 PM Regression #13512 (Resolved): PHP 8.1 Syntax Error in DNS Resolver Configuration Screen: Working as expected on... Christopher Cope
03:36 PM Bug #13448 (Resolved): Table row selection has poor contrast in Dark theme: Christopher Cope
01:46 PM pfSense Plus Bug #13530 (Incomplete): Remote Logging strange behavior: Unless this can be replicated and reliably reproduced there doesn't seem to be anything actionable here. Without some... Jim Pingle
01:36 PM Bug #12708 (Feedback): Alias with non-resolving FQDN entry breaks underlying PF table: I've found numerous thread synchronization problems in the filterdns sources, I believe they are responsible for this... Reid Linnemann
01:35 PM Bug #9296 (Feedback): Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: Fixed as of https://github.com/pfsense/FreeBSD-ports/commit/eebf583cb47ad8255f3890b66349f8eb7d66bc95 Reid Linnemann
12:07 PM Feature #12982: Add support for RFC7499 in RADIUS library.: Any update? thank you! Frank Lee
10:34 AM pfSense Packages Todo #13532 (Closed): Sync ACME package with upstream v3.0.5: Sync pfSense-pkg-acme with latest upstream acme.sh Christian McDonald
09:21 AM Regression #13522: Minnowboard Turbot additions are no longer present: https://gitlab.netgate.com/pfSense/Crossbuild/-/merge_requests/102
https://gitlab.netgate.com/pfSense/pfSense/-/merg... Kristof Provost
08:15 AM Regression #13522: Minnowboard Turbot additions are no longer present: It looks like the i915kms driver has been removed from the kernel in main (14) so that's why we don't have the module... Kristof Provost

09/29/2022

08:22 PM Revision 79eec8e2: Fix a PHP81 bug in system_authservers.php: Christian McDonald
07:03 PM pfSense Plus Bug #13530: Remote Logging strange behavior: Kindly change the Priority from this bug from normal to low or very low.
Thanks. Marcelo Cury
06:43 PM pfSense Plus Bug #13530 (Incomplete): Remote Logging strange behavior: My SG-3100 (22.05) is configured to send logs to a remote syslog server in my LAN on port 1514.
pfsense remote log... Marcelo Cury
05:15 PM Revision 73ca6743: Encode path+fn in browser.php. Fixes #13262: Jim Pingle
04:43 PM Revision 9bada3e0: Update dhcp rule description: Steve Wheeler
04:11 PM Bug #13529 (Resolved): Intel i226 network interfaces do not honor a manually selected link speed: When you set anything other than autoselect in igc it can't actually set a fixed speed so instead it simply removes a... Steve Wheeler
01:19 PM Bug #13528: pfSense sends wrong NAS-IP-Address to RADIUS server: Just in case it matters, the hardware is a Netgate 6100. Michael Mercier
01:18 PM Bug #13528 (Duplicate): pfSense sends wrong NAS-IP-Address to RADIUS server: 22.05-RELEASE (amd64)
built on Wed Jun 22 18:56:13 UTC 2022
FreeBSD 12.3-STABLE
OpenVPN is setup to auth against... Michael Mercier
01:00 PM Feature #13527 (New): Password policy for local users: I know the recommended action if you want password controls/password policy is to use an external authentication serv... Robert Jerina
12:25 PM Bug #13262 (Feedback): File browser on ``diag_edit.php`` does not encode filenames before display: Applied in changeset commit:73ca6743954ac9f35ca293e3f2af63eac20cf32e. Jim Pingle
12:12 PM Bug #13262 (In Progress): File browser on ``diag_edit.php`` does not encode filenames before display: Someone else reported this isn't completely solved. There is one place where @$fqpn@ is used without encoding, but th... Jim Pingle
11:50 AM Todo #13524: Update reserved alias names: Applied in changeset commit:286e685d14b8148182a5c9f28d3eeddd215a9a08. Marcos M
11:41 AM Todo #13524 (Feedback): Update reserved alias names: Christian McDonald
11:44 AM Todo #13505 (Feedback): Correct DHCP client rule descriptions in the generated firewall ruleset: Christian McDonald
09:59 AM Bug #8179: Incorrect reverse DNS zone in DHCP server config for non-octet-aligned subnet mask: It is working. @Yousif Hassan you have to set two zones:
208.24.172.in-addr.arpa and 209.24.172.in-addr.arpa
not 24... Andrzej Milewski
09:54 AM pfSense Packages Bug #13526 (Not a Bug): Invalid message from WireGuard about a wrong public key for peer: Making an experimentation with Wireguard Package on pfSense 2.6
After using Wireguard android apps to generate a pee... Yann Papouin
09:39 AM Bug #13525 (Resolved): Memory leak in PF when retrieving Ethernet rules: In 2.7 and 22.05 the wired memory increases over time due to an apparent leak.
This appears to be in pf when it us... Steve Wheeler
08:19 AM pfSense Docs Correction #13494 (Resolved): Documentation on decryption of encrypted config.xml files is not correct: Jim Pingle
02:39 AM pfSense Plus Feature #13227: Group-based Mobile IPsec Virtual Address Pool assignment via RADIUS: I posted in the netgate forum about this functionality and got redirected to this record.
https://forum.netgate.co... Tom Huerlimann

09/28/2022

11:05 PM Revision 286e685d: Update reserved alias names. Fix #13524: Marcos M
07:33 PM Revision 0d121100: DHCP/v6 PHP8 error fixes for some cases.: If a config starts with only WAN, no LAN assigned, there are a number of
tags that were not handled properly on DHCP,... Jim Pingle
06:51 PM Revision 5dbc7118: Initialize $groups in local_user_get_groups to non-null. Issue #13446: Reid Linnemann
06:08 PM Todo #13524 (Pull Request Review): Update reserved alias names: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/902 Marcos M
05:38 PM Todo #13524: Update reserved alias names: Original (from parse.y):... Marcos M
05:22 PM Todo #13524 (Resolved): Update reserved alias names: From @/sbin/pfctl/parse.y@ Marcos M
03:27 PM Revision 2b5c0a18: Merge branch 'master' of gitlab.netgate.com:pfSense/pfSense: Glen Barber
03:25 PM Revision 25be740e: Add net/intel-em-kmod to the poudriere_bulk list of packages.: Requested by: stevew Glen Barber
02:01 PM Revision ade64ca6: Fix service status widget listing of non-disabled services: Jim Pingle
01:24 PM Revision 941eca9a: Fix handling of empty entries in NTP interfaces.: Jim Pingle
11:26 AM pfSense Packages Bug #13509: NRPE: Checks requiring net-snmp fail: Something more that that is required here. Attempting to actually use it produced the following error:... Steve Wheeler
07:33 AM Bug #13523 (New): Cloudflare DynDNS Updates are slow and cause multiple notification E-Mails: I have about 30 DynDNS Domains configured. When those are updated I get 30 E-Mails for those updates with about 10 se... Flole Systems

09/27/2022

10:55 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: I think I have this pretty well nailed down to a race on initial thread creation for added aliases where the created ... Reid Linnemann
07:27 PM Revision 5538e593: Prevent array/config_get_path() from overriding 0 values: Change the semantics of array_get_path() and config_get_path() so that only
empty strings at a path are overridden by... Reid Linnemann
07:27 PM Revision b542396e: Replace direct config accesses in auth.inc. Issue #13446: Additionally, change local_group_del_user() to include the index of the group in
the path to the group's member list ... Reid Linnemann
06:12 PM Regression #13522 (Resolved): Minnowboard Turbot additions are no longer present: The installer no longer detects an MBT device and adds the expected loader.conf.local file and values.
The require... Steve Wheeler
02:43 PM Revision 44dc33f9: Build Realtek kmod pkg for testing.: Steve Wheeler
02:40 PM Revision e083ae9f: Revert "Temporarily remove lsof and Telegraf from the build until fixed on main": This reverts commit 363ea6b079308123e8286bbf10fef3625b523fab.
Patches needed for building on main have landed, so br... Brad Davis
02:14 PM pfSense Packages Bug #13380: OpenVPN client options cause "Options error: --proto tcp is ambiguous in this context. Please specify --proto tcp-server or --proto tcp-client": For reference, the option needs to be changes as follows:
22.01
> remote <ip> <port> tcp
22.05 acting as client
... Marcos M
07:05 AM Regression #12215: OpenVPN does not resync when running on a gateway group: I'm also affected by this.
OpenVPN Client on DSL (PPPoE) and another OpenVPN Client on LTE (DHCP), both on Tier 1 in... Oskar Stroka
05:05 AM Revision 270badaf: Add pkg rootdir support to core packages: Brad Davis

09/26/2022

10:38 PM pfSense Packages Bug #13516: Snort with PHP 8.1 - TypeError when attempting to view a Suppression List on a Snort interface: This issue has been resolved in the latest Snort GUI package pull request posted here for review and merge: [https://... Bill Meeks
10:38 PM pfSense Packages Bug #13515: Snort with PHP 8.1 - TypeError when saving edits to an interface: This issue has been resolved in the latest Snort GUI package pull request posted here for review and merge: [https://... Bill Meeks
03:26 PM Revision 829083b9: Add quotes around variable usage to prevent word splitting: Brad Davis
03:25 PM Revision 13691f23: Avoid using -o in test(1): Brad Davis
03:20 PM Revision c4c2ecd8: -1 is not allowed, exit only uses 0-255: Brad Davis
03:07 PM Revision 5d800e8b: Avoid using -a in test(1): Brad Davis
03:07 PM Revision d0732158: -1 is not allowed, exit only uses 0-255: Brad Davis
02:36 PM pfSense Packages Bug #13521 (Rejected): userland calling deprecated sysctl, please rebuild world: There is not enough information here to classify this as a bug or to rule out something improper on that setup/enviro... Jim Pingle
02:34 PM pfSense Packages Bug #13521: userland calling deprecated sysctl, please rebuild world: hello!
i have fresh install pfsense 2.6.0
i have install zabbix5-agent-5.0.17 package
in zabbix agent settings in ... itfabrica Tech
02:32 PM pfSense Packages Bug #13521 (Rejected): userland calling deprecated sysctl, please rebuild world: hello!
i have fresh install pfsense 2.6.0
i have install zabbix5-agent-5.0.17 package
in zabbix agent segging in g... itfabrica Tech
02:31 PM Revision abedf73d: Add quotes around variable usage to prevent word splitting: Brad Davis
01:34 PM Feature #7085: Edit Firewall Rules Seperator: +1 Marcel Kallinger
07:45 AM Bug #13393 (Feedback): DNS Resolver responds with unexpected source address when the DNS over TLS server function is enabled: Applied in changeset commit:910a468672a6dcfe9f3567ffcb25e0fd94e74073. Marcos M
03:29 AM Feature #13520 (Closed): Improve Thermal Sensors Dashboard widget readability: https://github.com/pfsense/pfsense/pull/4616
The PR features a couple of changes.
1. improved upon the graph la... GChuf 6

09/25/2022

09:06 PM Bug #13510: HA Proxy, HAProxy-devel Installation Failure: cant apply update until debugging is removed (performance hit) and it supports ZFS + UEFI upgrade path. I can always ... RED SKULL
01:02 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``: Steve Wheeler wrote in #note-24:
> As Kris wrote, there's no GUI switch for that. Yet. So you have to disable it at ... Hayden Hill
07:49 AM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``: As Kris wrote, there's no GUI switch for that. Yet. So you have to disable it at the command line. For example:
<pre... Steve Wheeler
09:23 AM Bug #13518 (Duplicate): Firewall Rules get duplicated <rule> <id></id><tracker>1664099550</tracker> after Copy Tracking ID: Marcos M
07:05 AM Bug #13518 (Duplicate): Firewall Rules get duplicated <rule> <id></id><tracker>1664099550</tracker> after Copy Tracking ID: Hi After Copy rules in firewall from one interface to another using the botton of Copy rules Set to a diferent interf... Marcelo Nogueira
08:21 AM Feature #12070 (Feedback): Support for VLAN ``0``: This works in 2.7 and 22.11 with the exception of Intel e1000 NICs where vlan hardware filtering must currently be di... Steve Wheeler

09/24/2022

09:10 PM pfSense Packages Bug #13513: Cannot install Squid: Likely related to:
https://redmine.pfsense.org/issues/13515
https://redmine.pfsense.org/issues/13516 Kris Phillips
12:48 AM pfSense Packages Bug #13513 (Resolved): Cannot install Squid: I start testing the new version 2.7-devel with the new kernel 14 from freebsd.
I try to install squid, but I got thi... Peter Moreno
09:06 PM Regression #13517 (Resolved): Erroneous dhcp6 Messages in Boot log on 22.11: When booting the Sept 19th build of 22.11, the following messages are present in the boot log:
Removed leftover dh... Kris Phillips
08:58 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``: Steve Wheeler wrote in #note-21:
> This appears to be specifically the VLAN Hardware Offloading in e1000 NICs which ... Kris Phillips
08:34 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``: Steve Wheeler wrote in #note-21:
> This appears to be specifically the VLAN Hardware Offloading in e1000 NICs which ... Hayden Hill
07:24 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``: This appears to be specifically the VLAN Hardware Offloading in e1000 NICs which drops VLAN0 tagged packets.
Disab... Steve Wheeler
05:45 PM Bug #13504: Router Advertisements sent from wrong source address: I was able to solve this by manually editing radvd.conf to add this block to the interface config:... Kev Kitchens
05:15 PM pfSense Docs Correction #13494: Documentation on decryption of encrypted config.xml files is not correct: Using the commands in the commit, I successfully decrypted the encrypted configuration files (PowerShell in Windows 1... Chris W
11:12 AM pfSense Packages Bug #13516 (Resolved): Snort with PHP 8.1 - TypeError when attempting to view a Suppression List on a Snort interface: Testing Snort against September 22, 2022 "PHP 8.1 and FreeBSD Main" snapshot the following PHP error is received when... Bill Meeks
09:10 AM pfSense Packages Bug #13515 (Resolved): Snort with PHP 8.1 - TypeError when saving edits to an interface: Testing the Snort package with the September 22, 2022 snapshot of "PHP 8.1 and FreeBSD Main" in a VMware virtual mach... Bill Meeks
09:02 AM Regression #13514 (Resolved): PHP 8.1 - Syntax error when disabling a gateway under SYSTEM > GATEWAYS > EDIT: Running the September 22, 2022 "PHP 8.1 and FreeBSD Main" snapshot in a VMware virtual machine.
When attempting to... Bill Meeks
07:39 AM pfSense Docs New Content #13463 (Closed): Define route map sequence number range: Danilo Zrenjanin
07:39 AM pfSense Docs New Content #13463 (Resolved): Define route map sequence number range: Looks fine. Thanks! Danilo Zrenjanin

09/23/2022

08:06 PM Revision 910a4686: Always set interface-automatic in unbound config. Fix #13393: Marcos M
06:44 PM Regression #13506: Services Status Widget always shows hiddebn: Services widget shows normally on:
2.7.0-DEVELOPMENT (amd64)
built on Thu Sep 22 18:30:19 UTC 2022
FreeBSD 14.0-... Chris W
03:44 PM Revision bbd94c2c: PHP8 updates for resolver host editing: Jim Pingle
12:49 PM Regression #13512: PHP 8.1 Syntax Error in DNS Resolver Configuration Screen: Ha! Easy fix. Thanks! Bill Meeks
12:46 PM Regression #13512 (Feedback): PHP 8.1 Syntax Error in DNS Resolver Configuration Screen: As luck would have it I just fixed that earlier today. See commit:bbd94c2c97a2b3c024d093fb7838c2e27a3a01c1
Jim Pingle
12:41 PM Regression #13512 (Resolved): PHP 8.1 Syntax Error in DNS Resolver Configuration Screen: Downloaded and installed a fresh snapshot image of 2.7 CE to a VMware virtual machine to test the new PHP 8.1 code wi... Bill Meeks
10:51 AM Bug #13225 (Resolved): Bridges with QinQ interfaces not properly set up at boot: I was able to replicate the issue on:... Danilo Zrenjanin
10:45 AM pfSense Plus Feature #13511 (Resolved): Priority Code Point (PCP) option on interface configuration: In FreeBSD 13 and newer ifconfig includes the ability to set a PCP value on an interface directly. That allows sendin... Steve Wheeler

09/22/2022

11:06 PM Revision 25813332: Fix PHP syntax in prefixes.php: Jim Pingle
10:50 PM Bug #13510 (Not a Bug): HA Proxy, HAProxy-devel Installation Failure: You need to update to a current snapshot which is based on FreeBSD main, which takes some special steps from older sn... Jim Pingle
09:39 PM Bug #13510: HA Proxy, HAProxy-devel Installation Failure: beta build:
2.7.0-DEVELOPMENT (amd64)
built on Fri Aug 12 00:02:48 UTC 2022
FreeBSD 12.3-STABLE RED SKULL
09:37 PM Bug #13510 (Not a Bug): HA Proxy, HAProxy-devel Installation Failure: Package manager fails to install haproxy package with the following error:
>>> Installing pfSense-pkg-haproxy.... RED SKULL
09:48 PM Revision ab3b2273: Fix array_get_path() not returning $default for null-like values. #13446: In array_get_path(), a $default provided that is not null is intended to invoke
alternate behavior where if the path ... Reid Linnemann
09:12 PM pfSense Packages Feature #13370: Wireguard Dashboard status: I believe the items mentioned are actually in the status page, but not currently available in the WireGuard dashboard... Adam Storm
04:49 PM Bug #13471 (Resolved): APU1 hardware is not properly identified with current BIOS versions: Also good in Plus:
Steve Wheeler
04:18 PM Bug #13471: APU1 hardware is not properly identified with current BIOS versions: Looks good on current snapshots with a current APU1 BIOS.
!2022-09-22_17-16-15.png! Jim Pingle
02:47 PM Revision 17ad89f4: Fix DDNS GW check PHP error: We need to get the status value from the returned array, not use the
array itself. Jim Pingle
02:01 PM Todo #13508: Uncouple RAM Disk size from available kernel memory: Kinda the same as #13479, or at least both would be solved if the check is removed completely. Flole Systems
09:28 AM Todo #13508 (In Progress): Uncouple RAM Disk size from available kernel memory: Now that we are building RAM disks with tmpfs the size is no longer restricted by the available kernel memory but we ... Steve Wheeler
11:32 AM pfSense Packages Bug #13509: NRPE: Checks requiring net-snmp fail: https://forum.netgate.com/topic/174846/nagios-monitoring-of-pfsense-interfaces Steve Wheeler
11:31 AM pfSense Packages Bug #13509 (New): NRPE: Checks requiring net-snmp fail: Some NRPE checks require the Net SNMP perl module to be installed and it is not a dependency of the package.
You c... Steve Wheeler
11:20 AM Regression #13394 (Resolved): ``ASN1_NULL.php`` missing from package build of ``security/php-openssl_x509_crl`` on snapshots: Looks good on latest snapshot Christian McDonald
05:12 AM Bug #13423: IPv6 neighbor discovery protocol (NDP) fails in some cases: Might be this issue: https://www.mail-archive.com/freebsd-net@freebsd.org/msg63838.html
There's also some info on ... Flole Systems

09/21/2022

10:39 PM Bug #13507: Copying multiple rules at the same time results in new rules with duplicate tracker IDs: Note: This can lead to the firewall logs showing logs for a different match, e.g. logging a block rule with the descr... Marcos M
10:36 PM Bug #13507 (Resolved): Copying multiple rules at the same time results in new rules with duplicate tracker IDs: Tested on 22.05 and 22.11.
# Select two rules on the LAN
# Click the @Copy@ button on the bottom of the page
# S... Marcos M
04:46 PM Revision 4ac57979: Revert "Workaround new pkg(8) behavior causing files with "NULL" in the path to be...": This reverts commit 8b7ab58088f15bec9f9d5cede5fdcd8e3b9fe10e Christian McDonald
03:48 PM Revision 7428c478: PHP8 fixes for service status widget. Fixes #13506: Jim Pingle
03:38 PM Bug #13423: IPv6 neighbor discovery protocol (NDP) fails in some cases: I confirm that I experience and can reproduce this bug reliably on my local setup (pfsense 22.05-RELEASE on Netgate 1... David Durrleman
02:00 PM Revision 8b7ab580: Workaround new pkg(8) behavior causing files with "NULL" in the path to be skipped on install. Fixes #13394.: Christian McDonald
11:42 AM Regression #13394: ``ASN1_NULL.php`` missing from package build of ``security/php-openssl_x509_crl`` on snapshots: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/commit/4f7ff94ceebe0f1e326e57a3fd51df60624cd963 Christian McDonald
09:10 AM Regression #13394: ``ASN1_NULL.php`` missing from package build of ``security/php-openssl_x509_crl`` on snapshots: Applied in changeset commit:8b7ab58088f15bec9f9d5cede5fdcd8e3b9fe10e. Christian McDonald
09:02 AM Regression #13394 (Feedback): ``ASN1_NULL.php`` missing from package build of ``security/php-openssl_x509_crl`` on snapshots: https://gitlab.netgate.com/pfSense/pfSense/-/commit/8b7ab58088f15bec9f9d5cede5fdcd8e3b9fe10e Christian McDonald
10:55 AM Regression #13506 (Feedback): Services Status Widget always shows hiddebn: Applied in changeset commit:7428c478c3e9fa6227f87c97e168c9b7d5703fb4. Jim Pingle
06:45 AM Regression #13506 (Resolved): Services Status Widget always shows hiddebn: In 2.7 and 22.11 the Services Status dashboard widget always shows all services as hidden whatever is actually set.
... Steve Wheeler
08:00 AM Revision 420dacfe: qinq: use if_vlan rather than netgraph: if_vlan now supports QinQ, so use that rather than netgraph. This is
expected to perform better, removes a subsystem ... Kristof Provost
08:00 AM Revision ee69eee6: Remove unused argument from interface_qinq_configure(): $fd is always NULL, so there's no point in having branches for it. Kristof Provost
07:49 AM Todo #13505: Correct DHCP client rule descriptions in the generated firewall ruleset: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/892 Steve Wheeler
07:23 AM Todo #13505: Correct DHCP client rule descriptions in the generated firewall ruleset: See: https://forum.netgate.com/topic/174781 Steve Wheeler
05:55 AM Revision 239e805e: Correct config_path_enabled path in system_generate_nginx_config. #13446: Reid Linnemann
04:34 AM Revision 621b8ae0: Path corrections to system.inc. Issue #13446: * Corrected single quote strings wwith variable expansion
* Corrected 2-deep paths that were incorrectly pattern rep... Reid Linnemann
04:08 AM Revision 7eef3784: Correct edns config path in system_resolvconf_generate. Issue #13446: Reid Linnemann
01:10 AM pfSense Packages Bug #13405: Wireguard: The webgui becomes excessively slow to respond with a large number of peers: I can confirm high delay in webgui response when loading wireguard UI.
I can also confirm very high CPU usage whe... RED SKULL

09/20/2022

10:07 PM Revision 1333725e: Make *_get_path() return $default for empty values. Issue #13446.: When $default is non-null and the path resolves to an empty element, return
$default instead of the value. This allow... Reid Linnemann
08:41 PM Regression #13394: ``ASN1_NULL.php`` missing from package build of ``security/php-openssl_x509_crl`` on snapshots: Issue caused by some new (undocumented) behavior in upstream pkg.
https://github.com/freebsd/pkg/commit/913c637d65bd... Christian McDonald
07:02 PM Todo #13505 (Resolved): Correct DHCP client rule descriptions in the generated firewall ruleset: Rules automatically added for interfaces running as dhcp clients allow traffic out and replies back in.
However both... Steve Wheeler
06:17 PM Bug #13132: Multiple ``<sshdata>`` or ``<rrddata>`` sections in ``config.xml`` lead to an XML parsing error during restore: If the backup file has two @<sshdata>@ sections, it will result in this error. The section should be automatically re... Marcos M
04:39 PM Bug #13502: dhclient sends RENEW-Request through wrong interface: Upstream bug: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=266508 Flole Systems
04:06 PM Revision 8a0d0525: Fix for system.inc. For #13446: Christian McDonald
02:36 PM Revision 09eeac7b: Properly quote variables: No functional change intended Brad Davis
01:59 PM Regression #13460: Panic with netgraph interfaces: Upgraded two affected systems and confirmed they do not panic on current snapshots. Jim Pingle
12:27 PM Regression #13460 (Closed): Panic with netgraph interfaces: ... Glen Barber
12:30 PM pfSense Plus Bug #13334: Configuration Auto Backup broken after v22.05 fresh install: I'm seeing this periodically aswell, sometimes it works, sometimes it doesn't. Flole Systems
12:06 PM Feature #13446 (Feedback): Upgrade PHP from 7.4 to 8.1: Applied in changeset commit:44b9361678c1fea45a0eb83501e5a1dcd0f877cb. Christian McDonald
12:06 PM Bug #13225 (Feedback): Bridges with QinQ interfaces not properly set up at boot: Applied in changeset commit:3fde29a4a03bb76ade9087e89bd55040aa5ad3b9. Viktor Gurov
12:06 PM Regression #13418: Captive Portal does not keep track of client data usage: Applied in changeset commit:af044b67492c936eda0ef009fe713a29ec4deefb. Marcos M
10:17 AM Bug #13504: Router Advertisements sent from wrong source address: Actually, have to correct myself, it is answering neighbor solicitations for the EUI-64 address, but the responses ar... Kev Kitchens
10:13 AM Bug #13504 (New): Router Advertisements sent from wrong source address: While most services using the LAN interface's link local address are binding to fe80::1:1 as expected, radvd seems to... Kev Kitchens
05:52 AM Revision 70654d6d: Fix missing ikeid in created ipsec p1. Issue #13446.: When a new or duped p1 is submitted, $p1ent['ikeid'] is an empty string. Prior
to php 8.0, comparing ($p1ent['ikeid']... Reid Linnemann

09/19/2022

11:38 PM Revision 5b17e64c: Replace direct config accesses in system.inc. Issue #13446.: Reid Linnemann
05:06 PM Revision 7d7315fb: Correct service enabled detection: Jim Pingle
04:03 PM Revision 3e798da2: Fix PHP8 issues in rc.openvpn and rc.carp*: Jim Pingle
03:38 PM Bug #13502: dhclient sends RENEW-Request through wrong interface: Can we do some pf magic and redirect the traffic through the correct interface? It could be matched on source address... Flole Systems
09:15 AM Bug #13502 (Needs Patch): dhclient sends RENEW-Request through wrong interface: Looks like an upstream bug, unlikely there is anything we'll be able to do about that. If you can replicate that on a... Jim Pingle
11:44 AM Regression #13418 (Feedback): Captive Portal does not keep track of client data usage: Marcos M
11:11 AM Bug #13393 (Pull Request Review): DNS Resolver responds with unexpected source address when the DNS over TLS server function is enabled: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/889 Marcos M
08:00 AM Feature #11266 (Resolved): Option to list AutoConfigBackup entries in "reverse" order (newest at top): The option is there and working, it's "Descending Order by Date" at the bottom of the ACB settings on that 2.7.0 snap... Jim Pingle
07:53 AM Regression #12816 (Resolved): Namecheap Dynamic DNS responses are not parsed properly: The GUI timeout thing is unrelated to Namecheap, might be a regression of #12870 but it's not relevant here.
As lo... Jim Pingle
07:49 AM Bug #13503 (Not a Bug): Default LAN IP on Setup within WAN Range.: This is a well known and documented problem and there isn't any viable automated way around it. If there is a conflic... Jim Pingle
06:36 AM Bug #13503 (Not a Bug): Default LAN IP on Setup within WAN Range.: On Install of pfSense, if you have an WAN-IP-Range that closes in 192.168.1.1, The routing is impossible until either... Andy Paul

09/18/2022

06:44 PM Bug #13502 (Needs Patch): dhclient sends RENEW-Request through wrong interface: There are 2 interfaces, WAN and WAN2. Both get an IP from the same DHCP server (1.2.3.4) but each on a different subn... Flole Systems
05:45 PM Todo #13501 (Resolved): Clean up obsolete code in ``pfSense-dhclient-script``: In pfsense/src/usr/local/sbin/pfSense-dhclient-script there's this old code that can probably be removed now:
<pre... Flole Systems
02:52 PM Bug #13500 (New): Remote groups with special characters ($) / LDAP not supported.: A bunch of our groups in our campus Active Directory / LDAP by policy are prefixed with a dollar sign ($ and pfSense... David Duchscher
11:06 AM Bug #13076: Marking a gateway as down does not affect IPsec entries using gateway groups: I've tested and looks like have the same issue. SG-3100 (22.05-RELEASE). When WAN1 goes down, IPsec keeps try to use ... aleksei prokofiev
12:54 AM Bug #13477: Captive Portal disconnecting a single user stops all traffic.: Tested on 22.05 and I can confirm this behavior. aleksei prokofiev

09/17/2022

02:41 PM Feature #11266: Option to list AutoConfigBackup entries in "reverse" order (newest at top): there is no option to reverse the order of restoring points .
2.7.0-DEVELOPMENT (amd64)
built on Fri Sep 16 ... Alhusein Zawi
12:54 PM Bug #13499 (New): Namecheap service type is missing help text for the password field: The help text under the password field doesn't contain instructions for the Namecheap service.
It should be somet... Danilo Zrenjanin
08:04 AM Regression #12816: Namecheap Dynamic DNS responses are not parsed properly: Can confirm the behavior on 2.7.0-DEV (built on Fri Sep 16 06:04:44 UTC 2022)
@Sep 17 12:40:35 php-fpm 360 /... Lev Prokofev
06:49 AM Regression #12816: Namecheap Dynamic DNS responses are not parsed properly: Tested the latest patch on the:... Danilo Zrenjanin
05:51 AM Regression #12816: Namecheap Dynamic DNS responses are not parsed properly: Tested on:... Danilo Zrenjanin
02:32 AM Todo #13398: Information box on ``status_ipsec.php`` says "IPsec not enabled" even when a tunnel is established: Looks better, no more info button if it is enabled
if disabled
!clipboard-202209171030-uppff.png!
if enabled
... Lev Prokofev

09/16/2022

11:02 PM Revision 1983008e: Fix services installation only installing the last service of a pkg. Issue #13446.: The original re-fetched the services list from the config at every iteration
over the package's services list when a... Reid Linnemann
09:40 PM Bug #13498: Newer variant models within the PC Engines APU2 platform are not recognized, causing garbled early serial console output: Submitted pull request:
https://github.com/pfsense/pfsense/pull/4615
Brett Keller
09:02 PM Bug #13498 (Resolved): Newer variant models within the PC Engines APU2 platform are not recognized, causing garbled early serial console output: The PC Engines APU2 hardware platform has a dedicated entry in @system_identify_specific_platform()@ in @system.inc@,... Brett Keller
08:06 PM Revision dd7d7022: Introduce config_init_path for config_* family completeness. For #13446: Christian McDonald
04:53 PM Todo #13398 (Pull Request Review): Information box on ``status_ipsec.php`` says "IPsec not enabled" even when a tunnel is established: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/888 Christopher Cope
04:12 PM Revision a7e50981: Allow user to select PKCS#12 encryption. Fixes #13257: Jim Pingle
01:13 PM Bug #13396 (Pull Request Review): Custom logo or background image is created with two dots (``..``) before the file extension: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/887 Christopher Cope
11:55 AM Bug #13257 (Feedback): Exporting a PKCS#12 file from the certificate manager does not use the intended encryption algorithm: Added an option to change the encryption level to high (AES-256+SHA256), low (3DES+SHA1), and legacy (RC2-40 + SHA1).... Jim Pingle
09:50 AM Bug #13257 (In Progress): Exporting a PKCS#12 file from the certificate manager does not use the intended encryption algorithm: The new files import OK into pfSense (current snapshots, 22.05, and 2.6.0) and a current Windows 10 at least, but app... Jim Pingle
07:57 AM Bug #13257: Exporting a PKCS#12 file from the certificate manager does not use the intended encryption algorithm: The new export code works fine on internal snapshots, though we should probably test how well other systems can read/... Jim Pingle
07:39 AM Bug #13496: Multi WAN 22.05 Dynamic DNS not updating when primary link goes down: tier1 gateway assigned by DHCP:... Danilo Zrenjanin
07:12 AM Bug #13496 (Duplicate): Multi WAN 22.05 Dynamic DNS not updating when primary link goes down: Almost certainly a duplicate of #12920 Jim Pingle
07:00 AM Bug #13496 (Confirmed): Multi WAN 22.05 Dynamic DNS not updating when primary link goes down: Tested on SG-3100 running on:... Danilo Zrenjanin
02:42 AM Bug #13496: Multi WAN 22.05 Dynamic DNS not updating when primary link goes down: Changed the gateway Oi_Fibra from DHCP to static, and it is working now Marcelo Cury
07:19 AM pfSense Plus Bug #13497 (Incomplete): unbound process looks like stuck periodically: There isn't enough information here and this site is not for support or diagnostic discussion.
For assistance in s... Jim Pingle
01:16 AM pfSense Plus Bug #13497 (Incomplete): unbound process looks like stuck periodically: Hello,
I have Netgate 2100.
Unbound service is needed to restart sometimes due to it could not resolve public dom... Yaroslav Semenenko

09/15/2022

08:52 PM Revision 363ea6b0: Temporarily remove lsof and Telegraf from the build until fixed on main: Brad Davis
07:10 PM pfSense Packages Feature #10818: UDP Broadcast Relay: That's a coincidence! Saw the pull request you created this morning. Looking at the code, it seems you took a very si... Djon K
12:52 PM pfSense Packages Feature #10818 (Pull Request Review): UDP Broadcast Relay: Marcos M
11:07 AM pfSense Packages Feature #10818: UDP Broadcast Relay: There's currently pull requests open to add the package on both 2.6 and 2.7 (PHP8). These include added functionality... Marcos M
02:04 AM pfSense Packages Feature #10818: UDP Broadcast Relay: Thanks for the interest in this package. I took some time this weekend to create an initial version of a pfSense pack... Djon K
07:01 PM Bug #13496 (Duplicate): Multi WAN 22.05 Dynamic DNS not updating when primary link goes down: When using gateway group with failover, dynamic DNS is not updating when the primary link goes down.
Gateway status ... Marcelo Cury
06:57 PM Regression #13460: Panic with netgraph interfaces: This is fixed upstream in https://cgit.FreeBSD.org/src/commit/?id=0e6e2c4ef3d1244fa21e7b691e76fdc09f8eacae Mateusz Guzik
04:10 PM Revision 9efec277: Convert P12 export to OpenSSL. Fixes #13257: PHP native method of creating PKCS#12 archives does not support using specific algorithms for encryption, so use the ... Jim Pingle
01:53 PM pfSense Docs Correction #13494 (Feedback): Documentation on decryption of encrypted config.xml files is not correct: I updated the docs with newer syntax. I used the @-a@ bit but kept the other parameters the same as they are in @cryp... Jim Pingle
12:59 PM pfSense Docs Correction #13494 (In Progress): Documentation on decryption of encrypted config.xml files is not correct: Jim Pingle
02:51 AM pfSense Docs Correction #13494: Documentation on decryption of encrypted config.xml files is not correct: Dennis Adler wrote:
> If I may be so bold: you might want to add commends to crypt.inc noting...
"commends" sho... Dennis Adler
02:45 AM pfSense Docs Correction #13494 (Resolved): Documentation on decryption of encrypted config.xml files is not correct: The information listed in the pfSense online manual at https://docs.netgate.com/pfsense/en/latest/backup/restore.html... Dennis Adler
11:16 AM Bug #13257 (Feedback): Exporting a PKCS#12 file from the certificate manager does not use the intended encryption algorithm: I merged changes which move from using the native PHP function to using OpenSSL directly so we can control the algori... Jim Pingle
10:45 AM pfSense Packages Bug #13495 (Resolved): ACME package's "DNS-Sleep" field's help text is incorrect: The help text under the "DNS-Sleep" field says:
"When using a DNS validation method configure how much time to wai... Sean McBride
02:39 AM Bug #13493 (Confirmed): Several advanced DHCP6 client options do not inform the user when rejecting invalid input: Danilo Zrenjanin
02:38 AM Bug #13493: Several advanced DHCP6 client options do not inform the user when rejecting invalid input: Yes, I can replicate this on the:... Danilo Zrenjanin

09/14/2022

06:48 PM Revision 475feb89: Fixes some PHP bugs. For #13446: Christian McDonald
02:59 PM Revision 067f3650: Fix primary console handling for EFI. Fixes #13080: Tested and working for both BIOS and EFI systems. Jim Pingle
10:09 AM Bug #13080 (Feedback): Cannot set EFI console as primary console when using both EFI and Serial: Merged.
commit:067f3650ae64e85b74d6577ac0c511a373600e89 Jim Pingle
08:27 AM Bug #13080 (In Progress): Cannot set EFI console as primary console when using both EFI and Serial: Looks like this keys off the presence of @boot_serial@ in the environment now and not just the order of consoles in t... Jim Pingle

09/13/2022

07:06 PM Revision c3a65526: Skip empty ca/cert/crl tags.: Jim Pingle
05:14 PM Revision 8fa5038b: Update external http links: Marcos M
04:26 PM Bug #13493 (Resolved): Several advanced DHCP6 client options do not inform the user when rejecting invalid input: When entering "F" for example ad id-assoc pd ID in the interfaces Tab and saving it magically disappears without any ... Flole Systems
04:24 PM Todo #13492 (Resolved): Start ``rtsold`` immediately after ``dhcp6c`` sends a request: I suggest to remove the 2 second sleep before the rtsold is started after a request in the "don't wait for RA"-codepa... Flole Systems
01:19 PM Todo #13440 (Resolved): Update external HTTPS/HTTP links: Merged. Marcos M
01:16 PM Bug #13393: DNS Resolver responds with unexpected source address when the DNS over TLS server function is enabled: The changelog here indicates it's been fixed:
https://nlnetlabs.nl/projects/unbound/download/
> Fix @#618@: enabling ... Marcos M
10:56 AM pfSense Plus Regression #13491 (Resolved): Crypto devices are not detected on current snapshots because the format of pciconf has changed: The crypto device detection on the dashboard relies on the output of @pciconf@ to determine if a device is active. Th... Jim Pingle
08:14 AM Regression #13488: All Captive Portal users are given the same limiter pipe pair: This actually affects all users with or without bandwidth limiting set. When there is no limit set all user are passe... Steve Wheeler
07:10 AM Regression #13490 (Incomplete): blocking mac addresses in captive portal: There isn't enough information here to say anything for certain, and this site is not for support or diagnostic discu... Jim Pingle
06:59 AM Regression #13490 (Duplicate): blocking mac addresses in captive portal: Hello
Since update 22.05, blocking mac addresses in captive portal no longer works. Is this related to this bug?: ht... DI Brendi
02:01 AM Revision abcdcfa0: Fix formatting in pkg-utils.inc output: Marcos M

09/12/2022

10:42 PM Revision 4b78c041: Fix array/config path functions to handle key 0 correctly. Issue #13446: Reid Linnemann
06:52 PM pfSense Packages Bug #13489 (Resolved): Tailscale Exit node without IPv6 connectivity break connections with Chromium based browser: https://github.com/tailscale/tailscale/issues/5425
Recently all IPV6 enabled websites can't be reached by Tailscal... Maxime Haché
06:41 PM Revision c9f89f03: Fix various PHP issues in vpn.inc: Also rewrite the method used to get DNS servers. It's still not perfect
but the old code had several potential proble... Jim Pingle
06:23 PM Regression #13488 (Resolved): All Captive Portal users are given the same limiter pipe pair: When the captive portal is configured to use a per-user bandwidth limit individual pipes are supposed to be created f... Steve Wheeler
02:46 PM Bug #13257 (In Progress): Exporting a PKCS#12 file from the certificate manager does not use the intended encryption algorithm: Jim Pingle
01:50 PM Revision 8645d4c2: Skip empty DHCP static map entries.: Jim Pingle
01:14 PM Bug #13487 (New): GUI IPV6-WAN-status stays "Offline, Packetloss" after a short communication hick up: After what is probably a short communication hick up, the GUI IPV6-WAN-status stays "Offline, Packetloss"
I notic... Louis B
09:45 AM pfSense Packages Bug #13485: Interfaces are not listed correctly in pfBlockerNG-devel when selecting the cURL interface: To elaborate a bit further: The current version only lists physical interfaces and their "friendly" names. LAGG and V... Charles Hamilton
09:31 AM pfSense Packages Bug #13485: Interfaces are not listed correctly in pfBlockerNG-devel when selecting the cURL interface: PR submitted: https://github.com/pfsense/FreeBSD-ports/pull/1188 Charles Hamilton
09:18 AM pfSense Packages Bug #13485 (Resolved): Interfaces are not listed correctly in pfBlockerNG-devel when selecting the cURL interface: Interfaces are not listed correctly in pfBlockerNG-devel when selecting the cURL interface (see attached screenshots)... Charles Hamilton
09:30 AM Bug #13486 (New): stongswan attributes should be comma-separated instead of whitespace-separated: The strongswan docs mention that attribute lists need to be "specified as a comma-separated list": https://docs.stron... Andreas W
07:56 AM Bug #13177: pppoe Cannot attach to ng_ether message: Invalid argument.: No, you should complete the upgrade. There are several threads on the forum covering the issue already. Jim Pingle
05:09 AM Bug #13177: pppoe Cannot attach to ng_ether message: Invalid argument.: Jim Pingle wrote in #note-4:
> This is not a problem on its own. It's a side effect of mpd not being updated because... Yehuda Y
07:46 AM Bug #13483: dhcp6c shouldn't be killed and restarted on interface reconfigurations: It's something we can consider, but a change like this could have other fallout that might need to be accounted for, ... Jim Pingle
07:44 AM Bug #13482 (Not a Bug): Can't change interface assignments from web GUI, but can from console: Jim Pingle
07:43 AM Bug #13481 (Not a Bug): Traffic Graphs Unit Size changes if tab becomes inactive: Jim Pingle
07:39 AM pfSense Packages Bug #12073 (New): ``netsnmptrapd.conf`` syntax for ``snmpTrapdAddr`` is wrong: Jim Pingle
07:21 AM Bug #13393 (In Progress): DNS Resolver responds with unexpected source address when the DNS over TLS server function is enabled: I thought I reopened this but apparently not. Based on my last comment, this needs some more testing and confirmation... Jim Pingle

09/11/2022

10:52 PM pfSense Packages Feature #13484 (New): IPsec Profile Wizard/Apple: Support on-demand connections in exported profile: Connect on demand is super helpful, and is pretty easy to add by hand to a profile, but would be even better to have ... Rex Hoffman
04:00 PM pfSense Packages Regression #13156: pfBlockerNG IP block stats do not work: Additional fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/276
This resolves the IP block sta... Marcos M

09/10/2022

08:34 PM pfSense Docs New Content #12237: Add information on ``ifqmaxlen`` to Hardware Tuning and Troubleshooting: It looks like "this":https://calomel.org/freebsd_network_tuning.html is the source of the 2048 figure given in #10311... Chris W
06:39 PM Bug #13483 (New): dhcp6c shouldn't be killed and restarted on interface reconfigurations: When changing the configuration of an interface currently dhcp6c is killed and restarted. That comes with all kinds o... Flole Systems
04:38 PM Bug #13482: Can't change interface assignments from web GUI, but can from console: I was not able to reproduce this issue , make sure this port is not assigned to other interface Alhusein Zawi
08:43 AM Bug #13482 (Not a Bug): Can't change interface assignments from web GUI, but can from console: Hi! I have an 4 port intel nic, wan on one port, and lan with four vlans on other port. the other two ports aren't us... Federico Galli
04:32 PM Feature #10345 (Resolved): Improve distinction between online and idle/offline entries in DHCP lease list: the green color has been added
2.7.0-DEVELOPMENT (amd64)
built on Fri Sep 09 06:04:09 UTC 2022
FreeBSD 14.0-C... Alhusein Zawi
12:13 PM pfSense Packages Bug #10393 (Resolved): Syslog-ng TLS support is broken: Tested against Syslog-ng... Danilo Zrenjanin
10:53 AM pfSense Docs Todo #13456: Feedback on pfSense® software Configuration Recipes — Configuring DNS over TLS: For 1) It's true that if any of one's local clients MUST talk to the DNS Resolver using DoT then one MUST enable this... Sean McBride
06:06 AM pfSense Packages Bug #12264 (Resolved): Stray <table> line in squid_monitor.php: That line doesn't exist in the current Squid release squid_monitor.php.
I am marking this ticket resolved. Danilo Zrenjanin
05:56 AM Bug #13481 (Not a Bug): Traffic Graphs Unit Size changes if tab becomes inactive: Setting "Traffic Graphs" to "Unit Size" "Bits" and also setting "Backgroud updates" to "clear graphs when not visible... Oskar Stroka
05:15 AM pfSense Packages Bug #12073: ``netsnmptrapd.conf`` syntax for ``snmpTrapdAddr`` is wrong: tested on version:... Danilo Zrenjanin
05:09 AM Feature #1337: VLANs with different MAC address than parent interface: Using promiscuous mode might be desirable for some users. If Snort is used for example it puts the interfaces in prom... Flole Systems
04:48 AM Bug #13480 (New): GIFs are not automatically started when parent interface doesn't have an address at boot: If there are GIFs which use IPv6 and at boot the IPv6-DHCP fails those are shown as Down/"Pending" on the Dashboard. ... Flole Systems
04:39 AM Bug #13479 (Resolved): Input validation is checking RAM disk sizes when they are inactive: When you disable/don't enable the RAM-Disk feature and then set insane limits it complains:... Flole Systems
03:58 AM Feature #13478 (New): Add Route Table Flags table in the /diag_routes.php: It would be helpful to have a Routeing Table Flags explanation at the bottom of the screen.
https://docs.netgate.co... Danilo Zrenjanin
02:21 AM pfSense Packages Bug #12423 (Resolved): Dashboard shows "SQLite database missing, Force Reload DNSBL to recover!": Yes, it's included in the 3.1.0_4 version. ... Danilo Zrenjanin
01:40 AM Regression #12816: Namecheap Dynamic DNS responses are not parsed properly: Working fine for me with the latest diff
!2022-09-10_09-36-54.png!
!2022-09-10_09-35-54.png!
Lev Prokofev

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

10/06/2022

10/05/2022

10/04/2022

10/03/2022

10/02/2022

10/01/2022

09/30/2022

09/29/2022

09/28/2022

09/27/2022

09/26/2022

09/25/2022

09/24/2022

09/23/2022

09/22/2022

09/21/2022

09/20/2022

09/19/2022

09/18/2022

09/17/2022

09/16/2022

09/15/2022

09/14/2022

09/13/2022

09/12/2022

09/11/2022

09/10/2022

09/09/2022

09/08/2022

09/07/2022