Activity

30 days up to

User

Subprojects

Activity

From 11/22/2022 to 12/21/2022

12/21/2022

10:47 PM pfSense Packages Bug #12667 (Bogus): Firewall Crashed After Upgrading Wireguard: Christian McDonald
10:46 PM pfSense Packages Bug #12667 (Incomplete): Firewall Crashed After Upgrading Wireguard: Christian McDonald
10:44 PM pfSense Packages Bug #13114 (Resolved): BIND calls rndc in rc_stop when named is not running: Christian McDonald
10:41 PM pfSense Packages Bug #13115 (Resolved): WireGuard panic due to KBI changes in ```udp_tun_func_t()```: Christian McDonald
07:44 PM Revision b7b482b1: xmlparse.inc: tweak the handling of XML listtags that are parsed as leaf strings: Christian McDonald
05:59 PM Revision 1670f4c0: Correct check IP service config path.: Jim Pingle
04:38 PM Revision 5daac457: Revert "Pass reloadall flag to dhcp6c config. Fixes #13253": This reverts commit 8e88bd48a22b55d213ac7613be74c651706cfa0d. Jim Pingle
02:13 PM pfSense Plus Bug #11626 (Resolved): Google LDAP connections fail due to lack of SNI for TLS 1.3: We don't have an account with Google LDAP auth any longer, but I can confirm that the LDAP client is sending the SNI ... Jim Pingle
01:52 PM pfSense Packages Bug #13609 (Feedback): Editing ACLs in BIND Package Produces PHP error in CE 2.7.X: Should be fixed in next snapshot run for CE and Plus
https://github.com/pfsense/pfsense/commit/b7b482b1601272723ac97... Christian McDonald
12:56 PM Regression #13782: DHCP leases are not registered in Unbound: Not a problem in a release, excluding from release notes. Jim Pingle
11:40 AM Feature #13787 (New): Increase Tiers under Gateway Group: Hello, i am using latest pfsense but i have a request about increasing Tiers under Gateway Group, currently the limit... edi t
10:45 AM Bug #13253: ``dhcp6c`` is not restarted when applying settings when multiple WANs are configured for DHCP6: Backing out this change and re-testing on lab systems with multiple DHCP6 WANs, dhcp6 is still restarted now. Some ot... Jim Pingle
10:45 AM Bug #13253 (Feedback): ``dhcp6c`` is not restarted when applying settings when multiple WANs are configured for DHCP6: Applied in changeset commit:5daac45752d00a97a9e01c5ddc7ed4f5ae0501ba. Jim Pingle
10:27 AM Bug #13253 (In Progress): ``dhcp6c`` is not restarted when applying settings when multiple WANs are configured for DHCP6: There is a bit of a regression here in certain cases. For whatever reason the change made here is causing a failure f... Jim Pingle
08:10 AM Regression #13660 (Resolved): PHP8.1 error after applying floating rules changes: I loaded/edited/saved/applied a bunch of floating rules without error on the latest snapshot. Hard to say if it's sol... Jim Pingle
08:04 AM pfSense Packages Regression #13597 (Resolved): haproxy-devel PHP8 regression when saving a backend entry: No errors when editing backends in current version of haproxy package on the latest snapshot.
Jim Pingle
07:56 AM pfSense Packages Bug #13775: Status Traffic Totals PHP error on dev snapshots w/PHP 8.1: Yep, agree - fixed for me on the latest snapshots. Ben Woods
07:53 AM pfSense Packages Bug #13775 (Resolved): Status Traffic Totals PHP error on dev snapshots w/PHP 8.1: Unable to replicate the errors on a current snapshot, so it appears to be fixed.
Jim Pingle
07:54 AM Regression #13553 (Resolved): PHP error when creating a new limiter: Jim Pingle
07:48 AM pfSense Packages Bug #13774 (Resolved): PIMD Interfaces drop-down empty on dev snapshots w/PHP 8.1: Unable to replicate the errors on a current snapshot, so it appears to be fixed.
Jim Pingle
07:44 AM pfSense Packages Bug #13752 (Resolved): Avahi broken on PHP 8.1: Unable to replicate the errors on a current snapshot, so it appears to be fixed.
Jim Pingle
07:36 AM pfSense Packages Bug #13589 (Resolved): PHP Errors during cellular package installation on CE 2.7: Package installs and deinstalls without error. Visting the GUI page and using the widget also do not produce any erro... Jim Pingle
07:28 AM Regression #13781 (Resolved): DNS Forwarder: PHP error in ``services_dnsmasq_edit``: Works without error on current snapshot in cases which failed easily before.
Jim Pingle
07:24 AM Bug #13675 (Resolved): Code that sets IPv6 MTU can unintentionally act on IPv4 addresses: Closing based on the note above saying it was tested successfully. Jim Pingle
06:26 AM Revision 435948ff: Always declare $config global in case a script is included in a non-global scope: $config is expected to always be a global containing the parsed configuration,
however in the sources that it is assi... Reid Linnemann

12/20/2022

11:01 PM pfSense Plus Feature #13786: ldap intergration for firewall rules: Mike Moore wrote in #note-2:
> This isn’t for OpenVPN. This is for firewall rules controlling movement day from LAN t... Christian McDonald
07:05 PM pfSense Plus Feature #13786: ldap intergration for firewall rules: This isn’t for OpenVPN. This is for firewall rules controlling movement day from LAN to DMZ.
Source is an AD user n... Mike Moore
06:40 PM pfSense Plus Feature #13786: ldap intergration for firewall rules: Normally this type of setup is implemented with something like IPsec/OpenVPN using RADIUS authentication, at which po... Marcos M
03:54 PM pfSense Plus Feature #13786 (New): ldap intergration for firewall rules: Seeing as there are LDAP connectors in the software already for authentication, would it be possible to leverage that... Mike Moore
10:37 PM Bug #13014: Deadlock in Charon VICI interface: Regarding my previous experiment turning off disk logging, we just had IPsec total fail due to just a few p2 of 150+ ... Dan Bailey
06:37 PM Revision 9ac53f56: Fix more config access regressions in filter.inc. Fix #13754: Marcos M
06:25 PM Revision 7e5dbbfc: Fix regression allowing blocked MAC addresses to login. Fix #13747: Marcos M
06:18 PM Regression #13781: DNS Forwarder: PHP error in ``services_dnsmasq_edit``: That fixes it for my test case.
Waiting for new build to confirm. Steve Wheeler
10:05 AM Regression #13781 (Feedback): DNS Forwarder: PHP error in ``services_dnsmasq_edit``: Applied in changeset commit:0fb806adf349a1fbeb2f040b08a917157abbcb40. Jim Pingle
07:05 AM Regression #13781 (In Progress): DNS Forwarder: PHP error in ``services_dnsmasq_edit``: Jim Pingle
03:51 PM Revision 0fb806ad: PHP 8.1 fixes for DNS Forwarder Hosts/Overrides. Fixes #13781: Jim Pingle
03:47 PM Regression #13747 (Resolved): Captive Portal blocked MAC addresses are not blocked: Marcos M
02:41 PM Regression #13747: Captive Portal blocked MAC addresses are not blocked: This works as expected for me with the patch:
Steve Wheeler
12:35 PM Regression #13747 (Feedback): Captive Portal blocked MAC addresses are not blocked: Applied in changeset commit:7e5dbbfca68179fd29a685363625c810d4da6417. Marcos M
10:20 AM Regression #13747: Captive Portal blocked MAC addresses are not blocked: Good feedback - I fixed the regression and kept the old behavior. The new blocking functionality will be a new option... Marcos M
03:33 AM Regression #13747: Captive Portal blocked MAC addresses are not blocked: > Previously, ....
But is that they way to block ?
'Hard MAC blocking' with pf firewall rules, now possible, is a... Gertjan KROEB
02:55 PM Regression #13757 (Resolved): Circular dependency issue in ``auth.inc``/``authgui.inc``: Closing this for now as it appears to be working as expected given the current limitations for the moment.
I can t... Jim Pingle
02:52 PM Regression #13782 (Resolved): DHCP leases are not registered in Unbound: Working on the latest snap or when patched.
Jim Pingle
08:00 AM Regression #13782 (Feedback): DHCP leases are not registered in Unbound: Applied in changeset commit:6ba16cde4f7fe8db5c4ae415a737d5da5fcc84d7. Jim Pingle
07:49 AM Regression #13782 (In Progress): DHCP leases are not registered in Unbound: Jim Pingle
02:49 PM Bug #12811 (Resolved): Services are not restarted when PPP interfaces connect: Ran some tests just now and services are restarted when the interface (re)connects (gets its address) and the rules r... Jim Pingle
01:50 PM Revision 6ba16cde: Correct DHCP lease reg enabled test. Fixes #13782: Jim Pingle
01:14 PM Revision 243afd23: Revert "Fix more config access regressions in filter.inc. Fix #13754": This reverts commit c0d7519df5dc1632ba9f2791ab377bdc19f45105. Jim Pingle
12:42 PM Regression #13767 (Resolved): Refuse Nonlocal action in DNS Resolver access list breaks configuration file: All three affected actions now work properly (allow snoop, deny nonlocal, refuse nonlocal). The config is correct and... Jim Pingle
12:38 PM Bug #13228 (Resolved): Recovering interface gateway may not be added back into gateway groups and rules when expected: Seems to be doing OK here for now, and was previously found to help before committing.
If there is a regression di... Jim Pingle
12:34 PM Feature #13304 (Resolved): ALTQ GUI support for Broadcom Netextreme II (``bxe``) interfaces: Value is present in ALTQ list.
Jim Pingle
12:31 PM Bug #13462 (Resolved): Advanced DHCP6 client settings only work for a single interface: This change had already been validated by multiple other people. Safe to close.
Jim Pingle
12:17 PM Feature #13784 (Pull Request Review): Option to completely block MAC addresses in Captive Portal: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/994
A new "reject" action is now available which retai... Marcos M
11:13 AM Feature #13784 (Rejected): Option to completely block MAC addresses in Captive Portal: Currently, blocked MAC addresses are still able to access services on the firewall itself such as DNS and NTP. Add an... Marcos M
12:09 PM Bug #12920: Gateway behavior differs when the gateway does not exist in the configuration: Lets take our time with this and make sure it gets a thorough and proper analysis and correction for the next release... Jim Pingle
12:07 PM pfSense Plus Bug #13785 (Closed): 23.01.b.20221220.0600 Broke routing, Boot Environments, probably other stuff: Already fixed, there is already a new snapshot with that corrected. Jim Pingle
12:01 PM pfSense Plus Bug #13785 (Closed): 23.01.b.20221220.0600 Broke routing, Boot Environments, probably other stuff: Upgraded to 23.01.b.20221220.0600
After that I couldn't log in to the router, or get any trafic out through the netw... Jonas R
12:04 PM Bug #13776: Some functions fail if the Language does not exactly match an available Locale: Not a release blocker, can be pushed to 23.05 if we can't find a good solution near term.
Jim Pingle
11:44 AM pfSense Packages Bug #13589 (Feedback): PHP Errors during cellular package installation on CE 2.7: Fix committed, it will be in snapshots tomorrow to test. Since the package couldn't even install I tested bits of the... Jim Pingle
10:27 AM pfSense Packages Bug #13589 (In Progress): PHP Errors during cellular package installation on CE 2.7: Jim Pingle
10:36 AM pfSense Packages Bug #13775: Status Traffic Totals PHP error on dev snapshots w/PHP 8.1: Ben Woods wrote in #note-3:
> Out of curiosity, is it the same suite of packages used on both the stable and devel b... Jim Pingle
10:35 AM Regression #13490 (Duplicate): blocking mac addresses in captive portal: Marcos M
10:26 AM pfSense Packages Regression #13597 (Feedback): haproxy-devel PHP8 regression when saving a backend entry: This was merged a week ago Jim Pingle
10:25 AM Bug #13704: Refactor IPsec code using config access functions: Moving this ahead, we'll fix any breakage we find in the meantime but pushing these issues which cover entire files. Jim Pingle
10:25 AM Todo #13702: Replace direct config accesses in ``system_advanced_sysctl``: Moving this ahead, we'll fix any breakage we find in the meantime but pushing these issues which cover entire files. Jim Pingle
10:25 AM Todo #13701: Replace direct config accesses for the rest of the paths in ``system_advanced_admin.inc``: Moving this ahead, we'll fix any breakage we find in the meantime but pushing these issues which cover entire files. Jim Pingle
10:22 AM pfSense Plus Bug #13455: Serial console output fails to render properly in certain cases on 4100, 6100, and 8200.: Looks like there is also an issue with the loader menu on here, option 8 for the boot environment list doesn't clear ... Jim Pingle
10:20 AM pfSense Plus Bug #13783 (Duplicate): Console (USB) doesn't show Boot Environments properly: The BE list is there it's just not drawn properly on your terminal for some reason. You can see see them and select t... Jim Pingle
06:07 AM pfSense Plus Bug #13783 (Duplicate): Console (USB) doesn't show Boot Environments properly: Had an issue with the latest beta for 23.01. That completely broke everything (I'll provide separate bug report on th... Jonas R

12/19/2022

07:21 PM pfSense Docs New Content #10311: Default net.link.ifqmaxlen value leads to packet loss under load in OpenVPN: Generally there's a decent chance that an issue has already been reported and/or resolved, hence it's good to search ... Marcos M
07:17 PM pfSense Docs New Content #10311: Default net.link.ifqmaxlen value leads to packet loss under load in OpenVPN: I have verified myself now on github master branch.
Looks like the code has been changed to no longer filter in lo... Chris Collins
07:06 PM pfSense Docs New Content #10311: Default net.link.ifqmaxlen value leads to packet loss under load in OpenVPN: Might be quicker if I show you the code, then you check if the code that restricts it is there, I m guessing you unab... Chris Collins
07:00 PM Revision c0d7519d: Fix more config access regressions in filter.inc. Fix #13754: Marcos M
05:28 PM Regression #13782 (Resolved): DHCP leases are not registered in Unbound: Enabling 'Register DHCP leases in the DNS Resolver' in the Unbound config no longer functions as expected.
The /va... Steve Wheeler
05:10 PM Regression #13781 (Resolved): DNS Forwarder: PHP error in ``services_dnsmasq_edit``: Trying to add a host override in a clean DNSmasq config throws a PHP error.
Using:... Steve Wheeler
04:58 PM pfSense Packages Bug #13780 (Rejected): pfBlockerNG v2.1.4_28 on 23.01b Alerts-page results in error: When looking at the Alerts page for pfblockerng. It results in a white page with the error pasted below.
Pfsense Plu... Jonas R
03:39 PM Regression #13747 (Pull Request Review): Captive Portal blocked MAC addresses are not blocked: This regression was introduced in 22.05. Fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/990
Previo... Marcos M
03:06 PM Regression #13747 (In Progress): Captive Portal blocked MAC addresses are not blocked: Marcos M
01:16 PM Regression #13747 (Confirmed): Captive Portal blocked MAC addresses are not blocked: This isn't a duplicate of #13742.
MAC addresses added as block entries are not blocked. Hosts are still redirected t... Steve Wheeler
03:31 PM pfSense Packages Bug #13775: Status Traffic Totals PHP error on dev snapshots w/PHP 8.1: Thanks for the quick fix - I’ll test it once it’s released tomorrow.
Out of curiosity, is it the same suite of pac... Ben Woods
02:37 PM pfSense Packages Bug #13775 (Feedback): Status Traffic Totals PHP error on dev snapshots w/PHP 8.1: Fix committed, will be tomorrow's snapshots.
https://github.com/pfsense/FreeBSD-ports/commit/3aaece2348795bfd36b81... Jim Pingle
10:38 AM pfSense Packages Bug #13775 (Resolved): Status Traffic Totals PHP error on dev snapshots w/PHP 8.1: Status Traffic Totals has a problem generating its interface list, and it appears to be from needing to be updated fo... Jim Pingle
03:01 PM Revision ce2fe058: Redo Unbound ACL action handling. Fixes #13767: Jim Pingle
03:00 PM pfSense Packages Bug #13774 (Feedback): PIMD Interfaces drop-down empty on dev snapshots w/PHP 8.1: Fix committed, will be in tomorrow's snapshot:
https://github.com/pfsense/FreeBSD-ports/commit/43ec955af978b16adbb... Jim Pingle
09:15 AM pfSense Packages Bug #13774: PIMD Interfaces drop-down empty on dev snapshots w/PHP 8.1: Marcos M wrote in #note-1:
> I'm able to add configuration for interfaces as normal.
If your config has OpenVPN c... Jim Pingle
09:11 AM pfSense Packages Bug #13774: PIMD Interfaces drop-down empty on dev snapshots w/PHP 8.1: I'm able to add configuration for interfaces as normal. Marcos M
08:37 AM pfSense Packages Bug #13774 (Resolved): PIMD Interfaces drop-down empty on dev snapshots w/PHP 8.1: The interfaces drop-down in PIMD has no content, and it appears to be from needing to be updated for PHP 8.1.
@pim... Jim Pingle
02:11 PM pfSense Packages Bug #13752 (Feedback): Avahi broken on PHP 8.1: Fix committed, will be in snapshots tomorrow.
https://github.com/pfsense/FreeBSD-ports/commit/1c8ad5a506aa5204833a... Jim Pingle
10:42 AM pfSense Packages Bug #13752: Avahi broken on PHP 8.1: There is a similar error when trying to run it as well, looking at the code it's the same use of old/deprecated array... Jim Pingle
02:05 PM Feature #13778: Changing a network port may not fully move all settings to the new interface: Yes, from the assignments page is where I was speaking of as well, but I meant you may have to save/apply on the rele... Jim Pingle
01:43 PM Feature #13778: Changing a network port may not fully move all settings to the new interface: I should of mentioned that I was doing this from (Interfaces --> assignments) page, is there another page I should be... Jon Brown
01:07 PM Feature #13778: Changing a network port may not fully move all settings to the new interface: It does work but you likely need to visit the interface page and save/apply to fully apply the settings, or (worst ca... Jim Pingle
12:41 PM Feature #13778 (New): Changing a network port may not fully move all settings to the new interface: I spent a bit of time trying to change the network port on the LAN interface and I found out that you cannot change t... Jon Brown
01:25 PM Regression #13754 (Feedback): DHCPv4 rules are not automatically created: Applied in changeset commit:c0d7519df5dc1632ba9f2791ab377bdc19f45105. Marcos M
01:01 PM Regression #13754 (Pull Request Review): DHCPv4 rules are not automatically created: When @filter_rules_generate()@ is called in this case, only enabled interfaces are parsed hence there's no need for a... Marcos M
10:22 AM Regression #13754 (New): DHCPv4 rules are not automatically created: Looks like these changes can cause a pf error if DHCP is enabled on an interface that is disabled. It's worth adding ... Jim Pingle
12:46 PM Feature #628: Ability to specify listen IP address of management services (SSH, web interface): I just initiated an ticked asking for better GUI/SSH security. GUI/SSH should IMHO only listen to defined IP's and no... Louis B
12:42 PM pfSense Plus Regression #13779 (Resolved): SafeXcel support is built into the aarch64 kernel on snapshots instead of being a module: SafeXcel is selected in *System > Advanced* , *Miscellaneous* tab but dashboard system status shows SafeXcel present ... Jim Pingle
11:59 AM Feature #13777 (Rejected): Better security for FW-management: Most of these things are already possible with proper configuration, others there are already open feature requests f... Jim Pingle
11:57 AM Feature #13777 (Rejected): Better security for FW-management: IMHO pfSense should only be manageable via defined IP-addresses, and not via all GW-ddresses, like it is now.

You... Louis B
11:26 AM Bug #13776 (Resolved): Some functions fail if the Language does not exactly match an available Locale: Some languages are defined in the pfSense translations system without a location, such as French which is defined as ... Jim Pingle
11:20 AM Bug #12920 (Confirmed): Gateway behavior differs when the gateway does not exist in the configuration: Marcos M wrote:
> The gateway status and @dpinger@ behave differently when the respective gateway entry does not exi... Ryan Coleman
09:25 AM Regression #13767 (Feedback): Refuse Nonlocal action in DNS Resolver access list breaks configuration file: Applied in changeset commit:ce2fe0583fda6b38f70c78892d63945b40145867. Jim Pingle
09:03 AM Regression #13767: Refuse Nonlocal action in DNS Resolver access list breaks configuration file: Looks like when this code was changed for PHP 8.1 it was changed in a way that didn't match the original intent of wh... Jim Pingle
09:06 AM Bug #13573 (Feedback): DHCP Server generates an invalid configuration for static mappings when defining network booting and UEFI HTTPBoot URL: Jim Pingle
08:37 AM pfSense Packages Bug #12907: PIMD: Nonexistent interfaces should be hidden/disabled in pimd.conf before bringing up the service: Jordan Greene wrote in #note-5:
> pimd 0.0.3_5 on 23.01.b.20221217.1429 has bind to all/none and interface binding a... Jim Pingle
08:24 AM pfSense Packages Bug #13773 (Feedback): Include file of mail reports package changed path and filename but one file requiring it did not follow: Fix merged, will be in the package with the next new snapshot (likely tomorrow AM)
https://github.com/pfsense/Free... Jim Pingle
08:02 AM pfSense Packages Bug #13773 (Resolved): Include file of mail reports package changed path and filename but one file requiring it did not follow: In a recent change to update the mail reports package for PHP 8.1 the main include file for the package was moved and... Jim Pingle
07:55 AM pfSense Packages Bug #13763 (Not a Bug): Error starting TFTP with PHP 8.1: From a completely fresh install that never had TFTP before, after enabling the service I can start/stop it from the d... Jim Pingle
03:42 AM pfSense Packages Bug #13763: Error starting TFTP with PHP 8.1: See attached screenshot Mathew Hepple
03:23 AM pfSense Packages Bug #13763: Error starting TFTP with PHP 8.1: Hi All,
I have upgraded to the latest PFSense 23.01.b.20221217.1429 and found the same error. Unable to start the ... Mathew Hepple
12:24 AM pfSense Packages Bug #13763: Error starting TFTP with PHP 8.1: Tested on latest
23.01-BETA (amd64)
built on Sat Dec 17 14:33:51 UTC 2022
FreeBSD 14.0-CURRENT
I did update fr... aleksei prokofiev
07:29 AM Bug #13092: PPPoE WANs fail to reconnect after parameter negotiation failure: David G wrote in #note-15:
> According to the developers the issue has been fixed in mpd5-5.9_11 and later versions,... Jim Pingle
02:45 AM Bug #13092: PPPoE WANs fail to reconnect after parameter negotiation failure: According to the developers the issue has been fixed in mpd5-5.9_11 and later versions, therefore the above workaroun... David G
07:08 AM pfSense Plus Bug #13766 (Not a Bug): Various PHP warnings during first reboot after upgrading to 23.01 from 22.01 or 22.05: One-off PHP warnings during upgrade will always happen when we change PHP versions or have other major differences be... Jim Pingle

12/18/2022

01:25 PM pfSense Packages Feature #13575: Update to frr 9.0.1: Marcos M wrote:
> The current frr package version is 7.5.1_3 - frr 7.5.1 was released on 2021-03-07 https://github.c... Carlos Daniel Silva
11:58 AM Bug #9296 (Confirmed): Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: Another potentially related issue:
Editing an entry within an alias when that alias has been included within another ... Marcos M
08:48 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: I am testing https://snapshots.netgate.com/amd64/pfSense_master/installer/pfSense-CE-2.7.0-DEVELOPMENT-amd64-20221216... Alexey Ab
11:52 AM Bug #13772 (Confirmed): Changing the alias resolve interval to the default value does not take effect after saving.: Under @System / Advanced / Firewall & NAT@, if the @Aliases Hostnames Resolve Interval@ option is changed from a cust... Marcos M
11:10 AM pfSense Packages Bug #13771 (Resolved): Suricata tries to load invalid SID file: Tested on @6.0.8_2@, @pfSense-23.01.b.20221217.1429@.
After trying to start Suricata using inline mode, the follow... Marcos M
08:20 AM pfSense Packages Feature #13770 (New): Shellcmd package - Add Enable/Disable option: NB: there is no Shellcmd package option to choose from in Redmine
I think it is better to have an Enable/Disable o... Jon Brown
08:18 AM pfSense Packages Feature #13769 (New): Shellcmd Package - Add Copy Command: NB: there is no *Shellcmd* package option to choose from in Redmine
It would make things a little easier for me t... Jon Brown
08:12 AM Feature #13768 (New): Add Gatway Descriptions to the Gateways Widget: When you use this widget you can see the interface name and the IP address of the interface.
I would also like to ... Jon Brown
06:41 AM pfSense Packages Bug #10692: PIMD starts twice at boot: Running a pimd beta build on top of latest 2.7 pfSense build, Í just checked the general system log. Which does look ... Louis B
12:23 AM pfSense Packages Bug #10692: PIMD starts twice at boot: not seeing the previously noted behavior on 23.01.b.20221217.1429 w/ pimd 0.0.3_5
good so far! Jordan G
01:06 AM pfSense Packages Bug #12330: pfBlockerNG devel creating invalid NAT rules on boot: -similar behavior when restoring a backupconfig.xml that had pfBlockerNG-devel settings but the pfBlockerNG pkg doesn... Jordan G
12:56 AM pfSense Packages Bug #12907: PIMD: Nonexistent interfaces should be hidden/disabled in pimd.conf before bringing up the service: pimd 0.0.3_5 on 23.01.b.20221217.1429 has bind to all/none and interface binding always/never settings available but ... Jordan G

12/17/2022

07:52 PM pfSense Packages Bug #13738: Typo under Services/Snort/Interface Settings/WAN - Rules: Is the affected version correct for 21.05 or was this intended to be 22.05? Kris Phillips
07:48 PM pfSense Packages Bug #13763: Error starting TFTP with PHP 8.1: Tested on CE abc516d86cf14a85029e and was unable to reproduce this issue there. Seems to be a 23.01 only issue. Kris Phillips
06:27 PM Bug #13573: DHCP Server generates an invalid configuration for static mappings when defining network booting and UEFI HTTPBoot URL: I'm unable to reproduce this in pfSense Plus 23.01. Can you please test this on the latest development version to ve... Kris Phillips
06:02 PM pfSense Plus Regression #13743: Latest snapshot defaults to 22.05 branch selected which can pull that version's package information: Tested on Dec 17th builds and now the repo list is completely blank. Running "pkg update -f" shows normal results:
... Kris Phillips
05:48 PM Regression #13767: Refuse Nonlocal action in DNS Resolver access list breaks configuration file: I can confirm this behavior on pfSense Plus 23.01 as well. Service fails to start when "Refuse Nonlocal" is chosen i... Kris Phillips
02:56 PM Regression #13767: Refuse Nonlocal action in DNS Resolver access list breaks configuration file: In `/var/unbound/access_lists.conf`, the access list entry that is generated reads as follows:... Gerke Max Preussner
02:54 PM Regression #13767: Refuse Nonlocal action in DNS Resolver access list breaks configuration file: Full error message:... Gerke Max Preussner
02:53 PM Regression #13767 (Resolved): Refuse Nonlocal action in DNS Resolver access list breaks configuration file: 2.7.0-DEVELOPMENT (amd64)
built on Fri Dec 16 06:05:53 UTC 2022
FreeBSD 14.0-CURRENT
After upgrading to the late... Gerke Max Preussner
09:12 AM Feature #12091: RFE: Add support for sssd authentication: Orion Poplawski wrote in #note-1:
> I was very disappointed to see that sssd disappeared from the pfSense repository.... Gabriel Zellmer

12/16/2022

06:22 PM pfSense Plus Bug #13766 (Closed): Various PHP warnings during first reboot after upgrading to 23.01 from 22.01 or 22.05: Some examples, but they're all easy to spot in the screen logs files despite their length.... Chris W
05:07 PM pfSense Packages Bug #13679 (Resolved): Error in pfBlockerNG Post Install Script: Tested version 3.1.0_15 on... Christopher Cope
05:05 PM Revision db6dd2d2: Don't load CSRF timeout from config. Fixes #13757: This allows us to reorder includes so that authgui.inc can load auth.inc first, which fixes several auth mechanisms t... Jim Pingle
03:12 PM Regression #13420: TCP traffic sourced from the firewall can only use the default gateway: The same test works as expected in 23.01:... Steve Wheeler
11:56 AM Bug #13525: Memory leak in PF when retrieving Ethernet rules: Updating subject for release notes. Jim Pingle
03:04 AM Bug #13525 (Feedback): Memory leak in PF when retrieving Ethernet rules: This is now in 23.01 and 2.7.
It needs feedback from someone who was hitting it previously. Steve Wheeler
11:55 AM Regression #13748: DHCP server "Disable Ping Check" option does not store value on save: Updating subject for release notes. Jim Pingle
11:55 AM Regression #13290: Error ``dummynet: bad switch 21!`` when using Captive Portal with Limiters: Updating subject for release notes. Jim Pingle
11:53 AM Bug #13148: Traffic passed by Captive Portal cannot use limiter queues on other rules: Updating subject for release notes. Jim Pingle
11:52 AM pfSense Plus Bug #11626: Google LDAP connections fail due to lack of SNI for TLS 1.3: Updating subject for release notes. Jim Pingle
11:15 AM Regression #13757 (Feedback): Circular dependency issue in ``auth.inc``/``authgui.inc``: Applied in changeset commit:db6dd2d2d288fdd64b9e741db0900c5eb15ba9fb. Jim Pingle
11:06 AM Bug #12920 (Resolved): Gateway behavior differs when the gateway does not exist in the configuration: Closing for lack of feedback either way here. I haven't noticed any gateway issues like this in a while and I've done... Jim Pingle
11:05 AM Regression #13459 (Resolved): Automatic ``reply-to`` bypass for traffic in the same subnet is no longer functioning in main builds: I haven't needed the manual rule to disable reply-to on WAN since this went in months ago. Seems OK to close to me.
Jim Pingle
11:04 AM Bug #13317 (Resolved): ``array_filter`` PHP Errors in ``interfaces.inc``: Closing for lack of feedback either way here. Given the code involved if it was still a problem we'd have encountered... Jim Pingle
08:05 AM Bug #13445 (Resolved): ``easyrule`` CLI script has multiple bugs and undesirable behaviors: This all appears to be OK now. Can always make new issues if more problems pop up.
Jim Pingle
08:04 AM Bug #13755 (Resolved): Multiple incorrect configuration paths in recent UPnP code changes: All working well on current snapshots:
* No trace of UPnP anchors/rules in ruleset when UPnP is disabled
* Enabli... Jim Pingle
07:57 AM Regression #13581 (Resolved): Empty Dynamic DNS entry causes PHP errors in various contexts: I can't reproduce any of the original errors on a current snapshot now. This appears to be resolved. Jim Pingle
07:55 AM Regression #11545 (Resolved): Primary interface address is not always used when VIPs are present: No feedback (positive or negative) and it's been in snapshots for quite some time now. Closing this now, but if anyon... Jim Pingle
07:54 AM Regression #13761 (Resolved): Gateway list is empty when editing static route entries: Gateway list has content again on current snapshots. Jim Pingle
07:32 AM pfSense Packages Regression #13697 (Resolved): pfBlockerNG alerts error on 2.7.0 devel and PHP 8.1: Those other errors were unrelated and were corrected a few snaps ago. Jim Pingle
07:29 AM Bug #13762 (Duplicate): Available Packages for 23.01 Not Displaying: This is likely either a duplicate of #13743 (fixed by picking the right update branch) or another known issue where i... Jim Pingle
03:47 AM Bug #13762 (Duplicate): Available Packages for 23.01 Not Displaying: Hi all,
I have upgrade to 23.01.b.20221216.0600 however when you go to
System > Packet Manager > Available Pac... Mathew Hepple
07:20 AM pfSense Packages Bug #13763: Error starting TFTP with PHP 8.1: Copying the error out of the attachment so it's easier to see:... Jim Pingle
03:50 AM pfSense Packages Bug #13763 (Not a Bug): Error starting TFTP with PHP 8.1: Hi all,
I have upgraded to 23.01.b.20221216.0600 and found that the package TFTP pfSense-pkg-tftpd upgraded: 0.1.3... Mathew Hepple
07:18 AM Bug #13764 (Not a Bug): DHCP Server config restore: There is likely a difference in interface layout between the two systems. The backup/restore function is intended for... Jim Pingle
06:09 AM Bug #13764 (Not a Bug): DHCP Server config restore: Need to transfer DHCP server config from one system to another
Done backup on original system.
After restore, confi... Ivaylo Velikov

12/15/2022

11:27 PM Revision 1e706214: Protect mem_usage() from doing arithmetic with empty sysctl values.: get_single_sysctl() may return an empty string in some conditions, there is no
guarantee that it returns an expected ... Reid Linnemann
04:20 PM Revision 616579c0: Remove trailing whitespace: Steve Wheeler
04:20 PM Revision 4049406a: Remove cxl from altq capable interfaces list: Steve Wheeler
02:27 PM Revision 8a9e2bfb: Some cleanups in system_routes.php: Christian McDonald
01:45 PM Revision e44e4bb8: Clean up some global access in system_routes_edit.php: Christian McDonald
01:33 PM Revision de0e9927: Fix gateway list for static routes. Fixes #13761: Jim Pingle
01:24 PM pfSense Packages Bug #13753: Gateway groups stop sending traffic if they contain wireguard tunnels: Today, Cox went down. In theory, the gateway group should have automatically switched over to starlink, and the wg_s2... Dan Tentler
12:51 PM Bug #12887: GUI does not reject an invalid OpenVPN tap mode configuration with an empty tunnel network "Bridge DHCP" disabled: Marcos M wrote in #note-7:
> > I shouldn't be required to send DHCP over the bridge
> From what I understand, if no... Yousif Hassan
08:45 AM Regression #13761: Gateway list is empty when editing static route entries: Jim Pingle wrote in #note-2:
> Applied in changeset commit:de0e99275b5275d1f5b2e477fcd0322aef5284c4.
Confirmed co... Ronald Schellberg
07:40 AM Regression #13761 (Feedback): Gateway list is empty when editing static route entries: Applied in changeset commit:de0e99275b5275d1f5b2e477fcd0322aef5284c4. Jim Pingle
07:12 AM Regression #13761 (Confirmed): Gateway list is empty when editing static route entries: I saw this last night but hadn't had a chance to make an issue for it yet. Since I can reproduce it here, I'll take a... Jim Pingle
12:27 AM Regression #13761 (Resolved): Gateway list is empty when editing static route entries: Completely blank drop-down for Gateway in ' System/Routing/Static Routes' page despite multiple gateways configured. ... RED SKULL
07:42 AM Bug #13756: Rules for authenticated Captive Portal users are not removed when a zone is disabled: Updating subject for release notes. Jim Pingle
07:11 AM Regression #13748 (Resolved): DHCP server "Disable Ping Check" option does not store value on save: Jim Pingle
02:55 AM Regression #13748: DHCP server "Disable Ping Check" option does not store value on save: Tested on
@23.01-DEVELOPMENT (amd64)
built on Wed Dec 14 06:05:14 UTC 2022
FreeBSD 14.0-CURRENT@
The "<disab... Lev Prokofev
04:08 AM Regression #13522: Minnowboard Turbot additions are no longer present: Tested on MBT-2220
2.7.0-DEVELOPMENT (amd64)
built on Tue Dec 15 06:07:19 UTC 2022
FreeBSD 14.0-CURRENT
No vi... Lev Prokofev
03:28 AM Bug #12926: Changing LAGG type on CARP interfaces makes VIPs go to an "init" State: Tested on 22.05.
I restored the same HA cluster on current 22.05 and got the same result - after changing LAGG typ... Azamat Khakimyanov
02:37 AM Bug #12926 (Confirmed): Changing LAGG type on CARP interfaces makes VIPs go to an "init" State: Tested on 22.01
I was able to reproduce this bug.
I've created HA cluster with LAGG interface on each node and 30... Azamat Khakimyanov
02:21 AM Bug #12747: Restarting the logging daemon during rotation also restarts ``sshguard``, leading to frequent log messages: I am having the same issue in 22.05. Netgate XG1541 van trung tran

12/14/2022

06:38 PM Revision 7cae10a3: Revert "Correct includes/load order in guiconfig.inc. Fixes #13757": This reverts commit 2a24c162e0a8e69d176c54b5a7be09b23cb233f8. Jim Pingle
06:23 PM Revision 2a24c162: Correct includes/load order in guiconfig.inc. Fixes #13757: The recent change here ended up loading some things out of order. Jim Pingle
04:49 PM Revision e3d247ec: Another DDNS empty entry fix. Fixes #13581: Jim Pingle
04:45 PM Revision 00d3003d: Improve handling of empty DDNS entries. Fixes #13581: Jim Pingle
04:35 PM Revision 2067a034: Revert "Add shells/zsh to poudriere_bulk": This reverts commit a360b261b33663b062b20ec15f3f7b5082e6e2bd.
This requires man(1) which we do not have so revert th... Brad Davis
03:33 PM pfSense Docs Todo #13760 (Rejected): Feedback on Development — Executing Commands at Boot: *Page:* https://docs.netgate.com/pfsense/en/latest/development/boot-commands.html
*Feedback:*
This page does no... Jon Brown
03:29 PM Regression #13757: Circular dependency issue in ``auth.inc``/``authgui.inc``: Draft MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/984
At the moment the least disruptive way t... Jim Pingle
01:58 PM Regression #13757 (In Progress): Circular dependency issue in ``auth.inc``/``authgui.inc``: That fix attempt ended up not incomplete, it could break CSRF in certain cases.
Still experimenting and checking i... Jim Pingle
12:30 PM Regression #13757 (Feedback): Circular dependency issue in ``auth.inc``/``authgui.inc``: Applied in changeset commit:2a24c162e0a8e69d176c54b5a7be09b23cb233f8. Jim Pingle
12:26 PM Regression #13757: Circular dependency issue in ``auth.inc``/``authgui.inc``: Looks like this may have broken in commit:746f30e3ce1ff39c226a73bf87c86dd370ef239c with the added includes changing t... Jim Pingle
11:49 AM Regression #13757 (Resolved): Circular dependency issue in ``auth.inc``/``authgui.inc``: Some parts of @auth.inc@ use a check for a function before doing some GUI-specific checks:... Jim Pingle
02:58 PM Feature #13758: OpenVPN service names inconsistent - Hard to get OpenVPN ID for CLi: While there is definitely room for improvement here, you can get the OpenVPN ID by editing an instance directly. It's... Jim Pingle
02:24 PM Feature #13758 (New): OpenVPN service names inconsistent - Hard to get OpenVPN ID for CLi: h1. Background
This came about because I am creating a command to be run by Shellcmd to disable an OpenVPN service... Jon Brown
02:48 PM Revision a360b261: Add shells/zsh to poudriere_bulk: Christian McDonald
02:44 PM Feature #13759 (New): Ability to disable services on boot up: h1. The feature
I would like the ability to prevent selected services from being enabled during bootup.
h1. Why... Jon Brown
02:05 PM Revision 374dd9fe: UPnP rule/service cleanup. Fixes #13755: * Fix several incorrect config paths/tests
* Fix UPnP local interface automatic rule to pass traffic into UPnP
itse... Jim Pingle
11:36 AM Regression #13754 (Resolved): DHCPv4 rules are not automatically created: Chris W
11:36 AM Regression #13754: DHCPv4 rules are not automatically created: Looks good. This is present in Firewall-Generated Ruleset.txt:... Chris W
07:25 AM Regression #13754 (Feedback): DHCPv4 rules are not automatically created: Applied in changeset commit:46c9508efb21a8c809dda5b1cc47a4218399a04f. Marcos M
11:24 AM Regression #13581: Empty Dynamic DNS entry causes PHP errors in various contexts: Jim Pingle wrote in #note-16:
> There is a second commit for the widget, commit:e3d247ec
Fixes my issues with #13... Ronald Schellberg
11:17 AM Regression #13581: Empty Dynamic DNS entry causes PHP errors in various contexts: There is a second commit for the widget, commit:e3d247ec Jim Pingle
11:08 AM Regression #13581: Empty Dynamic DNS entry causes PHP errors in various contexts: Jim Pingle wrote in #note-13:
> I found several places that can trigger errors the same way between traditional DynD... Ronald Schellberg
10:55 AM Regression #13581 (Feedback): Empty Dynamic DNS entry causes PHP errors in various contexts: Applied in changeset commit:00d3003d9aad824e4d51dd908c234ffebd5a3516. Jim Pingle
10:24 AM Regression #13581 (In Progress): Empty Dynamic DNS entry causes PHP errors in various contexts: OK I can reproduce these errors but only with an empty entry in the configuration, such as:... Jim Pingle
11:23 AM Bug #13756: Rules for authenticated Captive Portal users are not removed when a zone is disabled: Tested:... Steve Wheeler
11:22 AM Bug #13756 (Resolved): Rules for authenticated Captive Portal users are not removed when a zone is disabled: Users that have been authenticated by the captive portal are added as ether pass rules to the 'cpzoneid_X_auth' ancho... Steve Wheeler
08:25 AM Bug #13755 (Feedback): Multiple incorrect configuration paths in recent UPnP code changes: Applied in changeset commit:374dd9fe6a456d09cb41515b913396ac0992467d. Jim Pingle
08:05 AM Bug #13755: Multiple incorrect configuration paths in recent UPnP code changes: I spotted another incorrect configuration path usage in there as well as I was testing. Commit coming shortly.
Jim Pingle
07:26 AM Bug #13755: Multiple incorrect configuration paths in recent UPnP code changes: There is at least one other place using the same incorrect test for upnp being enabled, and I'd prefer a slightly dif... Jim Pingle
03:53 AM Bug #13014: Deadlock in Charon VICI interface: Jim Pingle wrote in #note-21:
> It didn't get pushed back to the next version, there won't be a 22.11 as there is sti... james greenhill
03:42 AM Revision 46c9508e: Fix config access regressions in filter.inc. Fix #13754: Marcos M
12:55 AM pfSense Packages Feature #10818: UDP Broadcast Relay: The underlying package (https://github.com/marjohn56/udpbroadcastrelay) does not support IPv6 (https://github.com/mar... Djon K

12/13/2022

10:38 PM Regression #13635 (Resolved): Interface speed and duplex selection defaults to non-default option: Marcos M
10:13 PM Feature #385 (In Progress): Allow the use of Captive Portal to restrict services on the firewall itself.: Marcos M
10:11 PM Bug #13215 (Incomplete): Allowed MAC/IP/Hostname traffic counts for authorized users: Marcos M
10:01 PM Regression #13754 (Pull Request Review): DHCPv4 rules are not automatically created: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/980 Marcos M
08:36 PM Regression #13754 (Resolved): DHCPv4 rules are not automatically created: Tested on @23.01.a.20221213.1812@.
With DHCPv4 Server enabled, rules allowing DHCP traffic are not automatically c... Marcos M
09:59 PM Bug #13755 (Pull Request Review): Multiple incorrect configuration paths in recent UPnP code changes: Marcos M
09:58 PM Bug #13755: Multiple incorrect configuration paths in recent UPnP code changes: The miniupnp auto rule has been broken since the code was committed due to the invalid config path access, and due to... Marcos M
09:55 PM Bug #13755 (Resolved): Multiple incorrect configuration paths in recent UPnP code changes: The automatic rule @pass multicast traffic to miniupnpd@ is never created. Marcos M
09:39 PM Revision 30196510: Fix direct config accesses in unbound for php81: Christian McDonald
09:02 PM Regression #13581: Empty Dynamic DNS entry causes PHP errors in various contexts: Jim Pingle wrote in #note-11:
> Do you maybe have a blank entry under the RFC2136 tab for dynamic DNS? If so, delete ... Ronald Schellberg
12:33 PM Regression #13581: Empty Dynamic DNS entry causes PHP errors in various contexts: Do you maybe have a blank entry under the RFC2136 tab for dynamic DNS? If so, delete it.
That's about the only way I... Jim Pingle
06:48 PM Revision 503e7e8c: Fix DHCP server ping check option. Fixes #13748: Jim Pingle
03:08 PM pfSense Packages Bug #13753 (New): Gateway groups stop sending traffic if they contain wireguard tunnels: I have a dual-isp setup running on an xg7100. Cox and Starlink. I have been able to configure two wireguard tunnels, ... Dan Tentler
12:55 PM Regression #13748 (Feedback): DHCP server "Disable Ping Check" option does not store value on save: Applied in changeset commit:503e7e8cfde3127068b2c5aaef6ccc01e80036d4. Jim Pingle
12:45 PM pfSense Packages Bug #13752 (Resolved): Avahi broken on PHP 8.1: Clea install of 23.01.a.20221213.0600.
Installed avahi from packages.
Click on Services > Avahi... Erik Osterholm
10:53 AM Feature #13751 (New): Add language to IPsec configuration for disabled ciphers: Apparently it is confusing to users to have inapplicable hash methods disabled in the IPsec configuration pages.
A... Chris Linstruth
07:31 AM Bug #13436 (Resolved): Input validation on ``system_advanced_firewall.inc`` uses incorrect variable references for some fields: This issue was specifically about the variable names being incorrect which was causing the validation to be non-funct... Jim Pingle
07:27 AM Bug #13436 (In Progress): Input validation on ``system_advanced_firewall.inc`` uses incorrect variable references for some fields: Should this be in Feedback, Resolved, or is there more work to be done based on the last feedback? Chris Linstruth
07:18 AM Regression #13614 (Resolved): Cannot Edit Firewall Rules - 2.7.0-DEVELOPMENT (amd64) built on Mon Oct 31 06:05:27 UTC 2022: Jim Pingle
05:34 AM Regression #13614: Cannot Edit Firewall Rules - 2.7.0-DEVELOPMENT (amd64) built on Mon Oct 31 06:05:27 UTC 2022: no more errors. Good to close out RED SKULL
06:44 AM Regression #13739 (Resolved): Interfaces without a configured name appear as lowercase: This looks good in todays snap.
Tested:... Steve Wheeler
05:29 AM pfSense Docs Correction #13750 (Resolved): "Using Software from FreeBSD": The topic "Using Software from FreeBSD" is missing information.
The text says to modify the file */usr/local/etc/p... Michel Pereira

12/12/2022

09:46 PM Bug #7553 (Resolved): Captive portal on a parent interface blocks traffic on VLAN interfaces too: Tested on latest 23.01 snap - this is no longer an issue. Marcos M
09:42 PM Bug #12467 (Resolved): CP error on client disconnect after reboot: Tested on latest snap - I'm not seeing this error in any logs, nor the extra files. Marcos M
09:35 PM Bug #12730 (Resolved): RADIUS accounting does not work if WAN is down: Marcos M
09:28 PM Bug #13148 (Resolved): Traffic passed by Captive Portal cannot use limiter queues on other rules: Tested on latest snap - this is indeed fixed. Marcos M
09:11 PM Bug #13215 (New): Allowed MAC/IP/Hostname traffic counts for authorized users: These needs further testing/explanation.
If the issue is that rules under @cpzoneid_2_allowedhosts@ will have thei... Marcos M
09:09 PM Bug #13014: Deadlock in Charon VICI interface: I have some 40+ spoke firewalls with new ones deploying weekly. Each FW is initiating 3 IPSec VPNs.
While the VPN is... Roman Kazmierczak
08:26 PM Bug #13226: Disconnecting a user from Captive Portal may allow previously established connections to continue: The root issue here is actually #11556. When @pfSense_kill_states()@ is called, the state on WAN using NAT will remai... Marcos M
06:50 PM Regression #13290 (Resolved): Error ``dummynet: bad switch 21!`` when using Captive Portal with Limiters: Marcos M
06:41 PM Bug #13475 (Duplicate): Captive Portal per-user limiters malfunction: Marcos M
06:36 PM Bug #13477 (Resolved): Captive Portal disconnecting a single user stops all traffic.: Tested latest snap. This is no longer a problem after the fix in the related issue #13488. Marcos M
06:13 PM Regression #13490 (Not a Bug): blocking mac addresses in captive portal: As mentioned, more info would be needed for 22.05 to be considered a bug. Note that even after the MAC rule has been ... Marcos M
06:09 PM Bug #13736 (Not a Bug): Captive Portal service restart needed after MAC bypass: Marcos M
06:08 PM Bug #13742 (Not a Bug): Captive Portal MAC bypass - pf rules are not enforced: I was unable to reproduce the reported issue on the latest snap - the client with the bypass MAC correctly bypasses R... Marcos M
05:14 PM Regression #13418 (Pull Request Review): Captive Portal does not keep track of client data usage: Marcos M
01:41 PM Regression #13418 (In Progress): Captive Portal does not keep track of client data usage: Thank you for testing - there looks to be a type casting issue in php-pfSense-module.
https://gitlab.netgate.com/pfSe... Marcos M
01:32 PM Regression #13418: Captive Portal does not keep track of client data usage: Counters still zero... Chris Linstruth
03:37 PM Regression #13749 (Resolved): RADIUS auth using CHAP does not work: Tested the patch - I am now able to authenticate using MSCHAPv2! Marcos M
02:38 PM Regression #13749 (Feedback): RADIUS auth using CHAP does not work: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/commit/5601fb0b0bb0c733aece989bd8a71882c1fd9118
Should be fixed... Christian McDonald
12:58 PM Regression #13749 (Resolved): RADIUS auth using CHAP does not work: In 23.01, PAP works but CHAP protocols (e.g. MSCHAPv2) do not when authenticating with a RADIUS backend.
The error... Marcos M
02:51 PM Bug #13716: CVE-2022-23093 / FreeBSD-SA-22:15.ping: Further "clarification from FreeBSD":http://docs.freebsd.org/cgi/mid.cgi?CAPyFy2AMKEorH6v2VLG_g0UOyZdcpXb0YjZbc+-0=-d... Jim Pingle
02:09 PM Revision 8fec79ad: Restore default interface media selection. Fix #13635: Marcos M
02:08 PM Revision 5c7cda13: Restore default description behavior. Fix #13739: Marcos M
02:00 PM Feature #2676: Reply-to option in firewall rule: Upvote for this request.
We have a rare scenario that requires this reply-to been added to some of the firewall rule... Billy Yao
01:12 PM pfSense Plus Regression #13741: Update message interpreted as the available version: Yes, the message error affects any device that receives it. Not limited to aarch64.... Steve Wheeler
08:20 AM Regression #13635 (Feedback): Interface speed and duplex selection defaults to non-default option: Applied in changeset commit:8fec79ad597ff0d25674c249594fe2043817fb56. Marcos M
08:15 AM Regression #13739 (Feedback): Interfaces without a configured name appear as lowercase: Applied in changeset commit:5c7cda134dbcffe3ff4a2387b6d8a83fc9d03aa3. Marcos M
08:14 AM Regression #13747 (Duplicate): Captive Portal blocked MAC addresses are not blocked: Appears to be a duplicate of #13742 Jim Pingle
01:21 AM Regression #13747 (Resolved): Captive Portal blocked MAC addresses are not blocked: See here https://forum.netgate.com/topic/176356/captive-portal-bypass-issue/13
This test : https://github.com/pfse... Gertjan KROEB
08:04 AM Regression #13744 (Resolved): Debug output shown on dashboard: Jim Pingle
07:51 AM Regression #13744: Debug output shown on dashboard: I can confirm that this is fixed with:
2.7.0-DEVELOPMENT (amd64)
built on Mon Dec 12 06:07:23 UTC 2022
FreeBSD 1... RED SKULL
08:03 AM pfSense Plus Regression #13726 (Resolved): pkg-utils.inc error at first boot: Jim Pingle
07:49 AM Regression #13581: Empty Dynamic DNS entry causes PHP errors in various contexts: Traffic graphs are still working but saw this error after updating this AM:
PHP ERROR: Type: 1, File: /etc/inc/auth.... TyphooN .
07:36 AM pfSense Plus Bug #11626 (Feedback): Google LDAP connections fail due to lack of SNI for TLS 1.3: Jim Pingle
07:35 AM pfSense Packages Bug #13730 (Resolved): Suricata fails to download Emerging Threats rule archive due to a behavior change in a native PHP function in PHP 8.1: Jim Pingle
07:35 AM pfSense Plus Regression #13724 (Resolved): pfSense-upgrade breaks the pkg repo conf: Jim Pingle
07:32 AM pfSense Plus Feature #13649 (Resolved): Support for ChaCha20-Poly1305 and AES-128-GCM encryption with OpenVPN DCO: Jim Pingle
07:32 AM Bug #12645 (Resolved): ``filterdns`` does not monitor remote IPsec gateways for IPv6 address changes: The filterdns part is likely OK then. IIRC there may be an open issue for that other quirk already, it seems familiar... Jim Pingle
06:33 AM Regression #13748 (Resolved): DHCP server "Disable Ping Check" option does not store value on save: Tested on 22.05 and latest 23.01-DEV
When 'Disable Ping Check' option checked and "Save' button pressed, system sh... Azamat Khakimyanov

12/11/2022

11:50 PM Regression #13660 (Feedback): PHP8.1 error after applying floating rules changes: Applied in changeset commit:483512b3a3226132b7b249f7ea3e2146d3829c23. Reid Linnemann
07:10 PM Bug #13736: Captive Portal service restart needed after MAC bypass: I was not able to reproduce this issue on 23.01. After the MAC was added in Captive Portal, the client was able to ac... Marcos M
06:25 PM pfSense Packages Bug #13746: Removing Watchdog Show me other applications installed: Christian McDonald wrote in #note-1:
> This isn't unique to service watchdog, there was some debug bits in the XML p... Peter Moreno
06:15 PM pfSense Packages Bug #13746 (Duplicate): Removing Watchdog Show me other applications installed: This isn't unique to service watchdog, there was some debug bits in the XML parser that accidentally made it into a p... Christian McDonald
06:03 PM pfSense Packages Bug #13746 (Duplicate): Removing Watchdog Show me other applications installed: Hello guys.
I'm working with PFsense 2.7.x Watchdog-1.8.7_1.
Pfsense:
2.7.0-DEVELOPMENT (amd64)
built on F... Peter Moreno
01:47 PM pfSense Packages Bug #13745 (New): pfBlockerNG doesn't resolve aliases in supression alias list: When adding another alias to the pfBlockerNGSuppresion alias it is not resolved. I would expect that at least all oth... Flole Systems
12:31 PM Regression #13635 (Pull Request Review): Interface speed and duplex selection defaults to non-default option: Fix https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/975 Marcos M
12:09 PM Regression #13739 (Pull Request Review): Interfaces without a configured name appear as lowercase: Marcos M
12:09 PM Regression #13739: Interfaces without a configured name appear as lowercase: Fix https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/974 Marcos M
11:43 AM Bug #13014: Deadlock in Charon VICI interface: I am running 2.7.0.a.20221202.0600 on my firewall at the current time so I installed the strongswan package above for... David Vazquez
11:39 AM Bug #13014: Deadlock in Charon VICI interface: we have new developers for this topic Hi Mateusz.
I Have this same issue in my configuration on production. One or... Rafał Kaźmierowski
11:34 AM Feature #12190: Ability to use an IPv6 prefix in firewall rules: Marcos M wrote in #note-2:
> This is possible in rules, but not practical to implement in aliases, see https://redmi... Greg Wallace
11:21 AM Feature #12190 (Rejected): Ability to use an IPv6 prefix in firewall rules: This is possible in rules, but not practical to implement in aliases, see https://redmine.pfsense.org/issues/6626#not... Marcos M
11:31 AM Bug #13659 (Resolved): replace direct config accesses for system/webgui paths in system_advanced_admin.inc: Marcos M
11:29 AM Regression #13744 (Feedback): Debug output shown on dashboard: It seems this was fixed with https://github.com/pfsense/pfsense/commit/2c8f5e09d54071db912638429e6a370efe544a62. Marcos M
10:59 AM pfSense Docs New Content #10311: Default net.link.ifqmaxlen value leads to packet loss under load in OpenVPN: Chris Collins wrote in #note-5:
> Interestingly its forced to a value of 128 now.
>
> If set it inside on /boot/l... Marcos M
09:57 AM Bug #12887: GUI does not reject an invalid OpenVPN tap mode configuration with an empty tunnel network "Bridge DHCP" disabled: > I shouldn't be required to send DHCP over the bridge
From what I understand, if no DHCP range is set, then there wo... Marcos M
09:20 AM Bug #12887: GUI does not reject an invalid OpenVPN tap mode configuration with an empty tunnel network "Bridge DHCP" disabled: Can someone explain this bug fix to me? It seems like it may have been driven by a change in OpenVPN itself, but this... Yousif Hassan
08:58 AM Feature #6626: Support for IPv6 firewall entries with dynamic delegated prefix and static host address: Thilo Gass wrote in #note-39:
> Format for source or destination address is {LAN-56}2601:db8::dead:beef
>
> but... Thilo Gass
08:50 AM pfSense Plus Regression #13712 (Resolved): PHP error: pkg-utils.inc: I was able to replicate that previously. Looks good in the current snap on all archs.
Tested:... Steve Wheeler
08:22 AM pfSense Plus Regression #13741: Update message interpreted as the available version: You will only see it on a system that is sent a message. I believe that's only the aarch64 supported devices right no... Steve Wheeler
07:52 AM pfSense Plus Bug #13348: Error when deleting ZFS Boot Environment created from duplicate of non-default entry: FWIW: I get these errors whenever I (try to) delete a snapshot that is the parent snapshot of another clone. But dele... Jonas R
05:09 AM pfSense Packages Bug #13409: Copy button for Optional pre-shared key for this tunnel works in HTTPS mode only: Still persist such behavior on
23.01-DEVELOPMENT (amd64)
built on Sat Dec 10 03:22:16 UTC 2022
FreeBSD 14.0-CURRENT aleksei prokofiev

12/10/2022

10:05 PM Bug #13742: Captive Portal MAC bypass - pf rules are not enforced: Ive noticed that there are anchor rules that do not apply as there is no MAC bypass available. Its as if the config i... Mike Moore
07:17 PM Bug #13742: Captive Portal MAC bypass - pf rules are not enforced: Can you help me diagnose this then because im really not understanding how this is currently possible?
I cant use an... Mike Moore
06:45 PM Bug #13742: Captive Portal MAC bypass - pf rules are not enforced: I tested this in Dec 10th build of 23.01 pfSense Plus and was unable to reproduce this. I did the following:
1. Cre... Kris Phillips
05:38 PM Bug #13742 (Not a Bug): Captive Portal MAC bypass - pf rules are not enforced: I am able to bypass all firewall rules for an Interface that has Captive Portal enabled using MAC or IP bypass.
This... Mike Moore
09:45 PM Regression #13744 (Resolved): Debug output shown on dashboard: Crash report begins. Anonymous machine information:
amd64
14.0-CURRENT
FreeBSD 14.0-CURRENT #0 devel-main-n2558... RED SKULL
08:39 PM Bug #13659: replace direct config accesses for system/webgui paths in system_advanced_admin.inc: WebGUI redirect option is showing up in System>Advanced
23.01-DEVELOPMENT (amd64)
built on Sat Dec 10 03:22:16 ... Alhusein Zawi
08:06 PM pfSense Plus Regression #13726: pkg-utils.inc error at first boot: not seeing this on fresh install using 23.01-amd64-20221210-0318 build Jordan G
06:57 PM pfSense Plus Regression #13726: pkg-utils.inc error at first boot: No longer seeing this on the December 10th builds. Looks fixed. Kris Phillips
07:18 PM pfSense Plus Bug #11626: Google LDAP connections fail due to lack of SNI for TLS 1.3: Builds for 23.01 are including openldap26-client version 2.6.3, so this can probably be marked as Feedback. Kris Phillips
07:12 PM pfSense Plus Bug #13348: Error when deleting ZFS Boot Environment created from duplicate of non-default entry: This should probably be marked as Incomplete. Kris Phillips
07:07 PM pfSense Plus Regression #13741: Update message interpreted as the available version: Steve Wheeler wrote:
> In some circumstances the message sent by the update server is seen as the available version ... Kris Phillips
09:00 AM pfSense Plus Regression #13741 (Resolved): Update message interpreted as the available version: In some circumstances the message sent by the update server is seen as the available version by the GUI upgrade page:... Steve Wheeler
07:03 PM pfSense Plus Regression #13712: PHP error: pkg-utils.inc: Not seeing
Lev Prokofev wrote in #note-6:
> Tested on
>
> @23.01-DEVELOPMENT (amd64)
> built on Thu Dec 08 0... Kris Phillips
07:00 PM pfSense Plus Regression #13743: Latest snapshot defaults to 22.05 branch selected which can pull that version's package information: Confirmed that the drop down appears to show 22.05 Stable, but oddly it shows the current 23.01 build in both the "Cu... Kris Phillips
06:46 PM pfSense Plus Regression #13743 (Closed): Latest snapshot defaults to 22.05 branch selected which can pull that version's package information: 23.01-DEVELOPMENT (amd64)
built on Sat Dec 10 03:22:16 UTC 2022
FreeBSD 14.0-CURRENT
On a fresh installation, Sy... Chris W
06:49 PM Bug #13687: Cannot add limiters named ``new``: No longer able to reproduce this bug in the Dec 10th builds of 23.01. It appears this may be fixed. Kris Phillips
04:33 PM Bug #13729: Gateways stuck in Unknown status: Jordan Greene wrote in #note-5:
> what virtual environment, host version, etc?
Qemu 7 with 3 virtio network inter... Nazar Mokrynskyi
04:17 PM Bug #13729: Gateways stuck in Unknown status: what virtual environment, host version, etc? Jordan G
07:37 AM Bug #13729: Gateways stuck in Unknown status: Marcos M wrote in #note-3:
> I would not recommend it for production, but it should be fine for personal use.
It ... Nazar Mokrynskyi
04:10 PM pfSense Plus Regression #13724: pfSense-upgrade breaks the pkg repo conf: Updating from 23.01.a.20221206.1416 to 23.01.a.20221210.0318 required running pkg update -f && pkg upgrade or being... Jordan G
12:13 AM pfSense Plus Regression #13724: pfSense-upgrade breaks the pkg repo conf: Happy to confirm that Glenn's approach worked for me as well now. After nearly a month of breakage, I'm back on the d... Nick Goehring
03:45 PM pfSense Packages Bug #13730: Suricata fails to download Emerging Threats rule archive due to a behavior change in a native PHP function in PHP 8.1: I tested using both the Emerging Threats Open rules and the Emerging Threats Pro rules in a 2.7.0-DEVEL CE virtual ma... Bill Meeks
02:29 PM pfSense Packages Bug #13730: Suricata fails to download Emerging Threats rule archive due to a behavior change in a native PHP function in PHP 8.1: I presume this was initially opened using the ETOpen rule list and not the ETPro list. ETOpen working fine on:
23.... Chris W
01:02 PM pfSense Plus Feature #13649: Support for ChaCha20-Poly1305 and AES-128-GCM encryption with OpenVPN DCO: added as shown
23.01-DEVELOPMENT (amd64)
built on Fri Dec 02 06:04:48 UTC 2022 Alhusein Zawi
10:12 AM Bug #12645: ``filterdns`` does not monitor remote IPsec gateways for IPv6 address changes: Tested against:... Danilo Zrenjanin
08:37 AM Regression #13739: Interfaces without a configured name appear as lowercase: In addition this changes the auto generated gateway name for any dynamic gateway on an affected interface.
So if W... Steve Wheeler
07:41 AM Bug #11730 (Resolved): "Dark" theme does not sufficiently distinguish between selected and deselected elements in option lists: Tested against:... Danilo Zrenjanin

12/09/2022

09:30 PM pfSense Plus Regression #13724: pfSense-upgrade breaks the pkg repo conf: Thanks for the feedback! Christian McDonald
09:00 PM pfSense Plus Regression #13724: pfSense-upgrade breaks the pkg repo conf: Working for me now. Was able to successfully upgrade from 22.05 to 23.01.a.20221209.1819.
Since the upgrade had prev... Glenn Hall
02:49 PM pfSense Plus Regression #13724: pfSense-upgrade breaks the pkg repo conf: on an SG5100 running 22.05. Attempting to switch to the 23.01 branch no longer breaks the upgrade/pkg function on my ... Nick Goehring
12:01 PM pfSense Plus Regression #13724 (Feedback): pfSense-upgrade breaks the pkg repo conf: Fixed in the latest snapshot.
Only make the link after complete the repo settings download. Luiz Souza
07:32 PM pfSense Packages Regression #13697: pfBlockerNG alerts error on 2.7.0 devel and PHP 8.1: Not seeing the original error anymore with -devel version 3.1.0_14 on:
2.7.0-DEVELOPMENT (amd64)
built on Fri Dec 09... Chris W
06:53 PM Revision 483512b3: Prevent get_pf_rules() from indexing a string error. Fixes #13660: pfSense_get_pf_rules(), which populates the $rulescnt variable sent to
get_pf_rules(), will terminate its loop fetchi... Reid Linnemann
05:24 PM Revision c7f74fcc: Add phpunit/phpunit to composer as dev dependency: Christian McDonald
04:48 PM Regression #13739: Interfaces without a configured name appear as lowercase: The interfaces lack a descr tag initially, so they are assumed to be the internal name of the interface ('wan', 'lan'... Jim Pingle
11:37 AM Regression #13739: Interfaces without a configured name appear as lowercase: Jim Pingle wrote in #note-1:
> Where exactly are they printed lowercase?
>
> Boot output? The console menu? A das... Christopher Cope
11:22 AM Regression #13739: Interfaces without a configured name appear as lowercase: Where exactly are they printed lowercase?
Boot output? The console menu? A dashboard widget? Interface status page... Jim Pingle
11:20 AM Regression #13739 (Resolved): Interfaces without a configured name appear as lowercase: ... Christopher Cope
04:12 PM pfSense Packages Bug #13640 (Resolved): PHP Error: util.inc:1932: Tested on... Christopher Cope
02:04 PM pfSense Plus Feature #13740 (New): Feature Request: Mark Boot Environments with different properties. I.e "No boot", "No Delete" etc etc: Boot snapshots are awesome. However. I see huge potential for expanding the features on these. So here are a few sugg... Jonas R
01:18 PM Revision 2c8f5e09: Remove leftover debug prints.: Jim Pingle
12:59 PM Regression #13661 (Resolved): Input validation issues on firewall_shaper.php: Tested against:... Danilo Zrenjanin
12:20 PM Regression #13660: PHP8.1 error after applying floating rules changes: This is probably another case where the returned array can contain an element keyed 'error' that indicates some error... Reid Linnemann
12:17 PM pfSense Packages Bug #13641 (Not a Bug): PHP Error: squid.inc:852: I'm going to close this as not a bug, when we upgrade php we expect php errors before the packages are updated. Reid Linnemann
12:16 PM pfSense Packages Bug #13641 (Assigned): PHP Error: squid.inc:852: Reid Linnemann
12:15 PM Bug #13529 (Resolved): Intel i226 network interfaces do not honor a manually selected link speed: Reid Linnemann
11:59 AM pfSense Plus Regression #13726 (Feedback): pkg-utils.inc error at first boot: The PHP has to be initialized before calling pfSense-upgrade in the first boot.
Fixed in 3f97a8052c5767bfb7e20d1b8... Luiz Souza
10:50 AM Regression #13614: Cannot Edit Firewall Rules - 2.7.0-DEVELOPMENT (amd64) built on Mon Oct 31 06:05:27 UTC 2022: Don't see listed errors on
@2.7.0-DEVELOPMENT (amd64)
built on Fri Dec 09 06:13:30 UTC 2022
FreeBSD 14.0-CURR... Lev Prokofev
10:35 AM Bug #12960 (Resolved): VGA install defaults to serial as primary console when loading/saving admin GUI settings without making changes: This is working properly for both EFI and legacy BIOS installs. Either way, when visiting the page for the first time... Jim Pingle
10:16 AM Bug #13280 (Resolved): Entries for ``net.link.ifqmaxlen`` duplicated in ``/boot/loader.conf``: No, those are unrelated. They are added during the process that builds the images and are left as-is in the file, the... Jim Pingle
10:03 AM Regression #13735 (Resolved): UPnP service status is incorrect when disabled: Service is now hidden when disabled. Jim Pingle
09:57 AM Bug #13737: Killing OpenVPN client connection from dashboard widget fails with error: The affected Version is
2.6.0-RELEASE (amd64)
built on Mon Jan 31 19:57:53 UTC 2022 me me
07:26 AM Bug #13737 (Duplicate): Killing OpenVPN client connection from dashboard widget fails with error: Duplicate of #12817 Jim Pingle
03:48 AM Bug #13737: Killing OpenVPN client connection from dashboard widget fails with error: I couldn't replicate this issue on the following releases:... Danilo Zrenjanin
01:23 AM Bug #13737 (Duplicate): Killing OpenVPN client connection from dashboard widget fails with error: When I tried to kill a OpenVPN client connection from the dashboard OpenVPN widget it failed (see attached PHP_errors... me me
09:41 AM Bug #13295 (Resolved): Incorrect function parameters for ``get_dpinger_status()`` call in ``gwlb.inc``: Closing as it seems to be correct now in the code, even if it didn't impact much (if anything), can always reopen if ... Jim Pingle
09:36 AM Bug #13736: Captive Portal service restart needed after MAC bypass: Here are a list of specific issues in Captive Portal on 23.01 (most are already resolved):
https://redmine.pfsense... Jim Pingle
08:52 AM Bug #13736: Captive Portal service restart needed after MAC bypass: Thanks for the feedback Jim.
Would you happen to have the changelog just for Captive Portal?
Its going to take m... Mike Moore
07:29 AM Bug #13736 (Feedback): Captive Portal service restart needed after MAC bypass: Can you try this on a development snapshot? There have been a number of captive portal fixes there after 22.05 and th... Jim Pingle
09:32 AM pfSense Packages Regression #13628 (Resolved): FreeRADIUS Users cleared out each time a user is add, removed, or modified: Seems to be working OK on current snaps+package version. Users are listed in the GUI OK, I can modify them, and the u... Jim Pingle
08:57 AM Bug #13014: Deadlock in Charon VICI interface: I've built strongswan packages for 22.05 (should also work on 2.6.0) and 23.01:
https://people.freebsd.org/~kp/stron... Kristof Provost
07:25 AM pfSense Packages Bug #13642 (Resolved): PHP Error: frr_zebra.inc:159: This appears to be OK on a current snap with the latest package (After removing some leftover debug prints in the bas... Jim Pingle
01:48 AM pfSense Packages Bug #13642: PHP Error: frr_zebra.inc:159: I had neglected originally to bump the portrevision, so the package was not actually rebuilt. That has been done as o... Reid Linnemann
07:25 AM pfSense Packages Bug #13564 (Resolved): PHP error after creating a Route Map: This appears to be OK on a current snap with the latest package (After removing some leftover debug prints in the bas... Jim Pingle
01:49 AM pfSense Packages Bug #13564: PHP error after creating a Route Map: The above commit adds a workaround if the user's config.xml already has empty config tags in the frrglobalroutemaps tag. Reid Linnemann
07:23 AM Regression #13581 (Resolved): Empty Dynamic DNS entry causes PHP errors in various contexts: Jim Pingle
06:26 AM Regression #13581: Empty Dynamic DNS entry causes PHP errors in various contexts: After upgrading to v2.7.0.a.20221209.0600 I am no longer experiencing this issue and can see the graphs. TyphooN .
02:10 AM pfSense Plus Regression #13712 (Feedback): PHP error: pkg-utils.inc: Danilo Zrenjanin
02:05 AM pfSense Plus Regression #13712: PHP error: pkg-utils.inc: Tested on
@23.01-DEVELOPMENT (amd64)
built on Thu Dec 08 06:08:06 UTC 2022
FreeBSD 14.0-CURRENT@
It works fin... Lev Prokofev
01:28 AM pfSense Packages Bug #13738 (Resolved): Typo under Services/Snort/Interface Settings/WAN - Rules: Once at the rules selection page, the "Category Selection:" should be set to "User Forced Disabled Rules"
Hover the ... Danilo Zrenjanin
12:14 AM Revision 63a0efce: Work around for empty config tags. Fixes #13564.: Related to issue #13642, the serialization of route maps was broken for a time
in such a way that the frrglobalroutem... Reid Linnemann

12/08/2022

10:03 PM Revision 663a93e4: globals.inc needs to be sourced in auth_func.inc: Christian McDonald
09:11 PM Revision 4fb9658d: Improve visibility of select fields in dark theme. Fix #11730: Marcos M
09:03 PM Revision 2568e151: Rector direct global g accesses: Christian McDonald
08:28 PM Revision 7e8a2c76: Merge branch 'rcm-rector': Christian McDonald
08:24 PM Revision 255a18ee: Introduce GlobalGGetExprRector.php: Christian McDonald
07:15 PM Revision b573f119: Use correct UPnP enabled test. Fixes #13735: Jim Pingle
06:32 PM Bug #13736: Captive Portal service restart needed after MAC bypass: Found perhaps an associated issue with this bug.
Once the clients are added to the whitelist on Captive Portal, Fir... Mike Moore
06:25 PM Bug #13736 (Not a Bug): Captive Portal service restart needed after MAC bypass: When using either MAC or IP address bypass in Captive Portal for a Guest WLAN setup, when entering a MAC address for... Mike Moore
06:20 PM pfSense Packages Bug #13564 (Feedback): PHP error after creating a Route Map: Applied in changeset pfsense:commit:63a0efce7eb90ddea102e79a6750d4c19605f1cf. Reid Linnemann
04:53 PM pfSense Packages Bug #13564: PHP error after creating a Route Map: I neglected to tick the portrevision when I fixed this in #13642, I have corrected that and the next build should hav... Reid Linnemann
11:20 AM pfSense Packages Bug #13564 (New): PHP error after creating a Route Map: I still get errors here:... Jim Pingle
03:39 PM pfSense Packages Bug #13587 (Resolved): Zabbix-agent62 install fails: Test version zabbix-agent62 version 1.0.6 on... Christopher Cope
03:37 PM Bug #13240 (Resolved): User is forced to pick an NPt destination IPv6 prefix length even when choosing a drop-down entry which contains a defined prefix length: Working correctly on current snap Jim Pingle
03:36 PM Bug #13364 (Resolved): Using the copy (not clone) function on firewall rules unintentionally converts interface ``address`` to interface ``net``: Working correctly on current snap Jim Pingle
03:30 PM Bug #13493 (Resolved): Several advanced DHCP6 client options do not inform the user when rejecting invalid input: Working as expected now Jim Pingle
03:21 PM Todo #13501 (Resolved): Clean up obsolete code in ``pfSense-dhclient-script``: Old unused code block is gone and things are still working normally. Closing. Jim Pingle
03:20 PM Bug #11730 (Feedback): "Dark" theme does not sufficiently distinguish between selected and deselected elements in option lists: Applied in changeset commit:4fb9658da45fb6b0fcda92607ded50456bf0d0b6. Marcos M
03:09 PM Revision 01d714a1: Add nikic/php-parser as a composer dev dependency: Christian McDonald
02:48 PM Bug #13253 (Resolved): ``dhcp6c`` is not restarted when applying settings when multiple WANs are configured for DHCP6: Jim Pingle
02:31 PM Bug #12632 (Resolved): Changing an interface IP address and gateway at the console does not save the new gateway if one already exists for the interface: Seems to be doing the right/expected thing. It prompts to set the default gateway and does so when instructed.... Jim Pingle
02:14 PM Bug #4500 (Resolved): UPnP/NAT-PMP status page does not display all port mappings: Jim Pingle
02:13 PM Todo #13648 (Resolved): Remove deprecated IPsec algorithms (3DES, Blowfish, and CAST 128 encryption; MD5 HMAC/Hashing): I've tried the upgrade path several more times and it's been doing the right/expected thing each time. Deprecated ent... Jim Pingle
01:40 PM Regression #13735 (Feedback): UPnP service status is incorrect when disabled: Applied in changeset commit:b573f1194c44baf82fe2d0b094032e72207865ae. Jim Pingle
01:14 PM Regression #13735 (Resolved): UPnP service status is incorrect when disabled: When the UPnP service is disabled (top checkbox unchecked), the service is still listed but shown as stopped.
It s... Jim Pingle
01:23 PM pfSense Plus Bug #13664 (Resolved): GUI allows configuring OpenVPN DCO with incompatible options (TCP, compression, TAP, net30): Jim Pingle
01:08 PM pfSense Plus Bug #13664: GUI allows configuring OpenVPN DCO with incompatible options (TCP, compression, TAP, net30): Testes against the following release:... Danilo Zrenjanin
01:22 PM Todo #13357 (Resolved): Spelling and typo corrections: These have been in for almost a month, should be good to close as there hasn't been any observed negative impact. Jim Pingle
01:07 PM Regression #13604 (Resolved): OpenVPN service status is incorrect: Works as expected. Jim Pingle
12:43 PM Regression #13373 (Resolved): IPsec rejects certificates if any SAN is wildcard rather than rejecting when **all** SANs are wildcard: A cert with both a wildcard and non-wildcard SAN works on current snapshots.
Jim Pingle
10:55 AM Bug #12757 (Resolved): Clean up use of ``pfctl -F`` in ``/etc/inc/filter.inc``: The code in question is gone. Jim Pingle
10:24 AM Bug #13734: PPP interfaces with a QinQ parent can't initialize the PPPoE node for link: If we can find a fix maybe we can get this in but I don't see this as being a blocker for 23.01. Jim Pingle
10:21 AM Bug #13734: PPP interfaces with a QinQ parent can't initialize the PPPoE node for link: Might be related to https://redmine.pfsense.org/issues/7981 Danilo Zrenjanin
10:20 AM Bug #13734 (New): PPP interfaces with a QinQ parent can't initialize the PPPoE node for link: After defining PPPoE using a QinQ interface as a parent, the PPPoE node for the link can't be initialized.
Here ar... Danilo Zrenjanin
10:23 AM Bug #13014: Deadlock in Charon VICI interface: A way to reproduce it reliably, but I appreciate that that's not easy (I've been trying to get one for two days, afte... Kristof Provost
10:07 AM Bug #13014: Deadlock in Charon VICI interface: Kristof Provost wrote in #note-30:
> I've tried running charon under valgrind's helgrind and drd tools. The idea was... David Vazquez
07:24 AM Bug #13014: Deadlock in Charon VICI interface: I've tried running charon under valgrind's helgrind and drd tools. The idea was to identify any lock misuse or lock o... Kristof Provost
08:08 AM Todo #13731 (Resolved): Add multicast group membership (``ifmcstat``) to ``status.php``: Output is present on a current snap. Jim Pingle
08:06 AM Bug #13479 (Resolved): Input validation is checking RAM disk sizes when they are inactive: Working as expected.
Jim Pingle
08:05 AM Bug #12737 (Resolved): CA path is not defined when using ``curl`` in the shell: Working as expected. Mark a CA as trusted and cURL in a shell prompt can connect to a server with a cert signed by th... Jim Pingle
07:55 AM Todo #13718 (Resolved): Improve LDAP debugging: This is working well. Go to Diag > Auth, pick the server, enter the credentials, check the debug box and:... Jim Pingle
07:41 AM pfSense Plus Regression #13712 (Resolved): PHP error: pkg-utils.inc: Tested against:... Danilo Zrenjanin
02:51 AM Revision 089c14df: Update Rector to v0.15: Christian McDonald

12/07/2022

11:27 PM Bug #13014: Deadlock in Charon VICI interface: We have tried everything based on....
https://forum.netgate.com/topic/172075/my-ipsec-service-hangs/6
We now have o... Dan Bailey
10:10 PM pfSense Packages Feature #13733 (Resolved): Upgrade ha proxy 2.6: As above, 2.6 has been out since May 2022, opnsense has it!
devel branch still only 2.5.5 Darren Taylor
09:20 PM Feature #13732: Allow the use of macros within aliases: I agree it can be tedious. There's the @Copy@ button on the rules page which does make it easier. Marcos M
01:08 PM Feature #13732: Allow the use of macros within aliases: In ipv6 we now receive public ip locally and this is dynamic.
The old way to block private IP is not an option with ... Luc Courville
12:54 PM Feature #13732: Allow the use of macros within aliases: I understand but this is a easy way to help everyone.
Let me give you an exemple
If you have 10 interface that me... Luc Courville
11:57 AM Feature #13732: Allow the use of macros within aliases: The @* net@ and @* address@ options are actually macros, not aliases, which are handled differently by the system. It... Marcos M
11:33 AM Feature #13732 (New): Allow the use of macros within aliases: Because of limitation of IPv6 at the current way. (Traffic is allow between Vlan) I found a solution but this will be... Luc Courville
09:11 PM Bug #13729: Gateways stuck in Unknown status: I would not recommend it for production, but it should be fine for personal use. Marcos M
09:08 PM pfSense Packages Regression #13628 (Feedback): FreeRADIUS Users cleared out each time a user is add, removed, or modified: Merged. Marcos M
08:53 PM Bug #11730 (Pull Request Review): "Dark" theme does not sufficiently distinguish between selected and deselected elements in option lists: There exist a number of workarounds with mixed complexity and compatibility between different browsers and even versi... Marcos M
08:42 PM Revision 0c6c7237: Update composer.lock: Christian McDonald
05:36 PM pfSense Packages Regression #13697 (Feedback): pfBlockerNG alerts error on 2.7.0 devel and PHP 8.1: This should be fixed in CE as of "e912a45":https://github.com/pfsense/FreeBSD-ports/commit/e912a4571e950f6f6f8759f9fe... Reid Linnemann
05:05 PM Bug #13723: dpinger doesn't renew Gateway Monitoring IP address for IPsec VTi after changing IPsec VTi subnet: This might be related to #13362, there seems to be some missing functionality for updating gateways when VTI interfac... Reid Linnemann
04:40 PM Revision 9a5eb723: Add ifmcstat to status.php. Implements #13731: Jim Pingle
03:51 PM Revision dce1eece: Use rtrim for trimming whitespace and EOLs from version files: Christian McDonald
03:01 PM Bug #13591: Changing the GUI port does not redirect the browser to the new port on save: Updating subject for release notes. Jim Pingle
02:58 PM Bug #13436: Input validation on ``system_advanced_firewall.inc`` uses incorrect variable references for some fields: Updating subject for release notes. Jim Pingle
02:56 PM Bug #13390: "Dark" theme uses the same colors for disabled and enabled input fields: Updating subject for release notes. Jim Pingle
02:53 PM Bug #13364: Using the copy (not clone) function on firewall rules unintentionally converts interface ``address`` to interface ``net``: Updating subject for release notes. Jim Pingle
02:52 PM Bug #13318: Neighbor hostnames in the NDP Table on ``diag_ndp.php`` are always empty: Updating subject for release notes. Jim Pingle
02:48 PM Bug #4500: UPnP/NAT-PMP status page does not display all port mappings: Updating subject for release notes. Jim Pingle
02:47 PM Regression #13593: pfSense-repo.abi left at FreeBSD:14:amd64 after changing update branch to DEVEL and back: Not a problem in a release, excluding from release notes. Jim Pingle
02:47 PM Bug #13638: ``fcgicli`` fails to write packets with ``nvpair`` values that exceed ``128`` bytes: Updating subject for release notes. Jim Pingle
02:46 PM Todo #13440: Update external HTTPS/HTTP links: Updating subject for release notes. Jim Pingle
02:44 PM Todo #13357: Spelling and typo corrections: Updating subject for release notes. Jim Pingle
02:42 PM Feature #13304: ALTQ GUI support for Broadcom Netextreme II (``bxe``) interfaces: Updating subject for release notes. Jim Pingle
02:40 PM Regression #13604: OpenVPN service status is incorrect: Not a problem in a release, excluding from release notes. Jim Pingle
02:40 PM Regression #13601: Error creating port forward rule with port alias: Updating subject for release notes. Jim Pingle
02:39 PM Bug #13507: Copying multiple rules at the same time results in new rules with duplicate tracker IDs: Updating subject for release notes. Jim Pingle
02:38 PM Todo #13505: Correct DHCP client rule descriptions in the generated firewall ruleset: Updating subject for release notes. Jim Pingle
02:37 PM Regression #13459: Automatic ``reply-to`` bypass for traffic in the same subnet is no longer functioning in main builds: Not a problem in a release, excluding from release notes. Jim Pingle
02:37 PM Bug #13445: ``easyrule`` CLI script has multiple bugs and undesirable behaviors: Updating subject for release notes. Jim Pingle
02:33 PM Regression #13460: Panic with netgraph interfaces: Wasn't a bug in a release, exclude from notes. Jim Pingle
02:32 PM Todo #13648: Remove deprecated IPsec algorithms (3DES, Blowfish, and CAST 128 encryption; MD5 HMAC/Hashing): Updating subject for release notes. Jim Pingle
02:30 PM Todo #13398 (Resolved): Information box on ``status_ipsec.php`` says "IPsec not enabled" even when a tunnel is established: Info block now only contains a link to configure IPsec no matter what the current IPsec state is, which is the intend... Jim Pingle
02:27 PM Bug #11539: Mobile IPsec ``split_include`` value of ``0.0.0.0/0`` causes some clients to fail: Updating subject for release notes. Jim Pingle
02:26 PM Bug #11539 (Ready To Test): Mobile IPsec ``split_include`` value of ``0.0.0.0/0`` causes some clients to fail: Still no feedback on the proposed fix Jim Pingle
02:26 PM Bug #13675: Code that sets IPv6 MTU can unintentionally act on IPv4 addresses: Updating subject for release notes. Jim Pingle
02:24 PM Bug #13671 (Ready To Test): DHCP client can fail permanently if an interface is down at boot: Updating subject for release notes. Jim Pingle
02:22 PM Todo #13501: Clean up obsolete code in ``pfSense-dhclient-script``: Updating subject for release notes. Jim Pingle
02:22 PM Bug #13493: Several advanced DHCP6 client options do not inform the user when rejecting invalid input: Updating subject for release notes. Jim Pingle
02:10 PM Regression #13381: Software VLAN tagging does not work on ``ixgbe(4)`` interfaces: Updating subject for release notes. Jim Pingle
02:09 PM Bug #12632: Changing an interface IP address and gateway at the console does not save the new gateway if one already exists for the interface: Updating subject for release notes. Jim Pingle
02:05 PM Regression #13167 (Resolved): DigitalOcean Dynamic DNS update fails with a "bad request" error: Jim Pingle
02:04 PM Regression #13167: DigitalOcean Dynamic DNS update fails with a "bad request" error: Updating subject for release notes. Jim Pingle
02:05 PM Regression #13303: DNSExit Dynamic DNS updates no longer work: Updating subject for release notes. Jim Pingle
02:04 PM Bug #13298: Dynv6 Dynamic DNS client does not check the response code when updating: Updating subject for release notes. Jim Pingle
02:02 PM Bug #12612: DNS Resolver is restarted during every ``rc.newwanip`` event even for interfaces not used in the resolver: Updating subject for release notes. Jim Pingle
12:37 PM Feature #13584: Input validation for numbered DHCP options in static mappings: Updating subject for release notes. Jim Pingle
12:36 PM Feature #12070: Support for VLAN ``0``: Updating subject for release notes. Jim Pingle
12:34 PM Feature #10345: Improve distinction between online and idle/offline entries in DHCP lease list: Updating subject for release notes. Jim Pingle
12:32 PM Bug #13479: Input validation is checking RAM disk sizes when they are inactive: Updating subject for release notes. Jim Pingle
12:31 PM Bug #12737: CA path is not defined when using ``curl`` in the shell: Updating subject for release notes. Jim Pingle
12:29 PM Regression #13488: All Captive Portal users are given the same limiter pipe pair: Updating subject for release notes. Jim Pingle
12:29 PM Regression #13323: Captive Portal breaks policy based routing for MAC address bypass clients: Updating subject for release notes. Jim Pingle
12:27 PM Todo #12782: Disable ``pkg`` compatibility flag which creates ``txz`` file extension symbolic links: Updating subject for release notes. Jim Pingle
12:22 PM Bug #13132: Multiple ``<sshdata>`` or ``<rrddata>`` sections in ``config.xml`` lead to an XML parsing error during restore: Updating subject for release notes. Jim Pingle
12:21 PM Feature #13388: Support for international characters in the AutoConfigBackup Hint/Identifier field: Updating subject for release notes. Jim Pingle
12:20 PM Feature #11266: Option to list AutoConfigBackup entries in "reverse" order (newest at top): Updating subject for release notes. Jim Pingle
12:19 PM Regression #13356: RADIUS authentication attempts no longer send RADIUS NAS IP attribute: Updating subject for release notes. Jim Pingle
12:11 PM Feature #13367: Specify CA trust store location when downloading and validating URL alias content: Updating subject for release notes again, last one was a bit off.
Though really this would affect anything using d... Jim Pingle
12:06 PM Feature #13367: Specify CA trust store location when downloading and validating URL alias content: Updating subject for release notes. Jim Pingle
12:09 PM Feature #13362: Update dynamic gateway consumers when their interface is renamed: That sounds like the most likely culprit. We should target an enhancement for 23.05 I think. Reid Linnemann
12:02 PM Feature #13362 (New): Update dynamic gateway consumers when their interface is renamed: If an interface with dynamic gateways is renamed, the dynamic gateways also change names to follow the interface, but... Jim Pingle
12:05 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: Updating subject for release notes. Jim Pingle
12:03 PM pfSense Packages Regression #13695 (Duplicate): pfBlockerNG-devel net 3.1.0_11 install error | 2.7.0-DEVELOPMENT (amd64) built on Thu Nov 24 06:05:10 UTC 2022: Cause is the same as #13679, resolution should fix this particular issue. Can you confirm? Reid Linnemann
12:03 PM pfSense Plus Bug #13358: Traffic to OpenVPN DCO RA clients above the first available tunnel IP address is incorrectly routed: Updating subject for release notes. Jim Pingle
12:03 PM pfSense Plus Regression #13355: OpenVPN crashes after reaching the configured concurrent connection limit: Updating subject for release notes. Jim Pingle
11:54 AM Bug #13282: Alias content is sometimes incomplete if the firewall cannot resolve an FQDN in the alias: Updating subject for release notes. Jim Pingle
10:50 AM Todo #13731 (Feedback): Add multicast group membership (``ifmcstat``) to ``status.php``: Applied in changeset commit:9a5eb723dd2127601e0c0da22c5a30ebc3067417. Jim Pingle
10:22 AM Todo #13731 (Resolved): Add multicast group membership (``ifmcstat``) to ``status.php``: Having the multicast group membership in the status output can be helpful for diagnosing IPv6 issues.
Jim Pingle
10:40 AM Bug #13280: Entries for ``net.link.ifqmaxlen`` duplicated in ``/boot/loader.conf``: Version 2.7.0-DEVELOPMENT (amd64)
built on Fri Dec 02 06:04:46 UTC 2022
FreeBSD 14.0-CURRENT
Hyper-V VMs
net.link... Georgiy Tyutyunnik
10:39 AM pfSense Packages Feature #9833: ACME: add ability to use custom ACME server: Another +1. Just got Step CA installed, and it's really great. Right now I'm just creating CSR's and creating certs t... Jeremy Schoonover
10:37 AM pfSense Packages Feature #10818: UDP Broadcast Relay: Sadly it doesn't seem to IPv6.
I have set up mDNS (5353/224.0.0.251) and SSDP (1900/239.255.255.250), only with IPv6... Øystein Gåsdal
10:00 AM pfSense Packages Feature #10818: UDP Broadcast Relay: I installed pfSense-pkg-udpbroadcastrelay-0.1_6.pkg on my 2.6 install, but am unable to start the service...
!clipbo... John Stafford
12:59 AM pfSense Packages Feature #10818: UDP Broadcast Relay: I've successfully installed the 1.0 package on the 2.7.0 snapshots and was able to configure mDNS (5353/224.0.0.251) ... Dean Arnold
10:33 AM Bug #13423: IPv6 neighbor discovery protocol (NDP) fails in some cases: It may also be useful to set `net.inet6.icmp6.nd6_debug` to 1 in the system tunables, and then restarting the machine... Kristof Provost
10:21 AM Bug #13423: IPv6 neighbor discovery protocol (NDP) fails in some cases: ... Chris Linstruth
10:10 AM Bug #13423: IPv6 neighbor discovery protocol (NDP) fails in some cases: In my case I had an extra IP alias VIP on that interface for fe80:: and removing that VIP and saving/applying the int... Jim Pingle
10:08 AM Bug #13423: IPv6 neighbor discovery protocol (NDP) fails in some cases: Jim and I have done a bit more digging on his setup, and we believe the issue is that the interface is not joined on ... Kristof Provost
09:46 AM Bug #13423: IPv6 neighbor discovery protocol (NDP) fails in some cases: As with cjl, a packet capture on an affected target shows the NS arrive, but there is no NA response. Other hosts in ... Jim Pingle
08:49 AM Bug #13423: IPv6 neighbor discovery protocol (NDP) fails in some cases: Here is a packet capture filtered on the MAC address that is not receiving NDP responses. (Taken on the node that is ... Chris Linstruth
08:44 AM Bug #13423: IPv6 neighbor discovery protocol (NDP) fails in some cases: This is from a system that is currently refusing to offer NDP to a host:... Chris Linstruth
12:45 AM Bug #12870: Clicking Save & Force Update on a Dynamic DNS entry results in a GUI timeout: I can also confirm the recent changeset fixes the issue in 2.7.0 snapshots. Dean Arnold

12/06/2022

10:06 PM Revision 8e26b84f: Cleanup globals.inc. Use single quotes on scalar strings.: Christian McDonald
08:53 PM Bug #13729: Gateways stuck in Unknown status: Marcos M wrote in #note-1:
> There's a decent chance this is fixed in 2.7/23.01. Please test there.
I'm willing t... Nazar Mokrynskyi
01:43 PM Bug #13729 (Feedback): Gateways stuck in Unknown status: There's a decent chance this is fixed in 2.7/23.01. Please test there. Marcos M
12:13 PM Bug #13729 (Resolved): Gateways stuck in Unknown status: My pfSense is virtualized, so its interfaces are always up.
I have a multi-WAN setup with WAN and WAN2 interfaces.
... Nazar Mokrynskyi
07:11 PM Revision 97ac6eb4: Eliminate some direct config access in util.inc, add some documentation: Christian McDonald
05:01 PM pfSense Packages Bug #13730 (Feedback): Suricata fails to download Emerging Threats rule archive due to a behavior change in a native PHP function in PHP 8.1: Merged to CE as of 71bfc136 Reid Linnemann
03:29 PM pfSense Packages Bug #13730: Suricata fails to download Emerging Threats rule archive due to a behavior change in a native PHP function in PHP 8.1: Pull request 1201 has been submitted to the DEVEL branch. Details are here: https://github.com/pfsense/FreeBSD-ports/... Bill Meeks
03:23 PM pfSense Packages Bug #13730 (Resolved): Suricata fails to download Emerging Threats rule archive due to a behavior change in a native PHP function in PHP 8.1: Suricata fails to download Emerging Threats rules archives in the latest pfSense DEVEL snapshots due to apparent chan... Bill Meeks
03:17 PM Revision def2ce00: Add append hook to globals.inc.: Christian McDonald
01:39 PM pfSense Packages Regression #13628 (Pull Request Review): FreeRADIUS Users cleared out each time a user is add, removed, or modified: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/301
Copy/paste/apply attached patch (strip count... Marcos M
12:51 PM pfSense Plus Bug #13664 (Feedback): GUI allows configuring OpenVPN DCO with incompatible options (TCP, compression, TAP, net30): GUI now hides dev mode and topology choices when DCO is enabled, both front and backend code force the use of tun dev... Jim Pingle
12:35 PM pfSense Plus Feature #13728: Builtin Database for historical log collection: In fairness Jim, other vendors have a similar feature set. This isn’t an oddball request. It’s an attempt to have so... Mike Moore
11:17 AM pfSense Plus Feature #13728 (Rejected): Builtin Database for historical log collection: The firewall is not a place to run a database. Massively increases the attack surface and complexity for little benef... Jim Pingle
10:39 AM pfSense Plus Feature #13728 (Rejected): Builtin Database for historical log collection: Not sure of the amount of effort / technical debt that would be needed to accomplish this but I would like to see the... Mike Moore
12:08 PM Feature #6742: OAuth2 authentication for OpenVPN (and for FreeRadius): We would like to setup a captive portal with an authentication server that supports type oauth2. At the moment it's o... Tom Peeters
12:08 PM Feature #3377: OAuth2 authentication in captive portal: We would like to setup a captive portal with an authentication server that supports type oauth2. At the moment it's o... Tom Peeters
11:51 AM Regression #13629 (Duplicate): Uncaught TypeError: Cannot access offset of type string on string in /usr/local/www/services_dhcp.php: This was duplicated by #13719 and a fix was put in there.
Jim Pingle
07:14 AM pfSense Packages Regression #13714 (Resolved): PHP8.1 error when adding a new interface.: PR merged, thanks! Jim Pingle
06:58 AM pfSense Packages Regression #13714: PHP8.1 error when adding a new interface.: A fix for this issue has been submitted for review and merge. The pull request is here: https://github.com/pfsense/Fr... Bill Meeks
05:47 AM pfSense Packages Regression #13714: PHP8.1 error when adding a new interface.: I am working on this and will post a pull request to DEVEL soon.
Bill Meeks
07:09 AM pfSense Packages Bug #13727 (Not a Bug): Snort - PHP 8.1 error when adding a new interface: Jim Pingle
07:06 AM pfSense Packages Bug #13727: Snort - PHP 8.1 error when adding a new interface: Not a bug.
Oops! This bug report was submitted in error. Please delete it. The Snort package does NOT have the bug r... Bill Meeks
07:00 AM pfSense Packages Bug #13727 (Not a Bug): Snort - PHP 8.1 error when adding a new interface: When adding a new interface to Snort, a fatal PHP 8.1 error is thrown due to passing a NULL where an array parameter ... Bill Meeks
06:19 AM Bug #13014: Deadlock in Charon VICI interface: Kris Phillips wrote in #note-26:
> Kristof Provost wrote in #note-25:
> > Thanks for that.
> >
> > There's nothi... Mikael Karlsson
03:02 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: Brian M wrote in #note-116:
> I have the same issue. Mixing FQDN and IP addresses caused me hours of frustration why... Reid Linnemann
12:54 AM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries: I have the same issue. Mixing FQDN and IP addresses caused me hours of frustration why various rules were not working... Brian M
01:18 AM Revision dd8a019e: Fix a regression caused by Rector: Fixes #13712: Christian McDonald

12/05/2022

09:13 PM Revision c5c09acd: Replace direct config access in services_dhcp.php. Fix #13719: Marcos M
08:08 PM pfSense Plus Regression #13726 (Resolved): pkg-utils.inc error at first boot: On the first boot after install the console shows:... Steve Wheeler
07:25 PM pfSense Plus Regression #13712: PHP error: pkg-utils.inc: Applied in changeset pfsense:commit:dd8a019e7676fc326d0656d5ee7ab2cb12cba67a. Christian McDonald
07:19 PM pfSense Plus Regression #13712 (Feedback): PHP error: pkg-utils.inc: Christian McDonald
12:46 PM pfSense Plus Regression #13712: PHP error: pkg-utils.inc: Steve Wheeler wrote:
> When switching repos in 23.01:
>
> [...]
>
> Tested in:
> [...]
>
> Does not affect... Ryan Coleman
05:42 PM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound: Jeff Kuehl wrote in #note-45:
> I agree, I'll test too
Count me in as well. I'd be happy to test a patch! David Reitz
09:58 AM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound: I agree, I'll test too Jeff Kuehl
05:28 PM Bug #13707: Unbound not binding to LAN on startup when explicitly set: This isn't a discussion platform, the forum is. Simple as that. To find the root cause, this needs more discussion, a... Jim Pingle
04:02 PM Bug #13707: Unbound not binding to LAN on startup when explicitly set: Thanks Jim, but if I'm just going to be shunted back to the forum with "it must be something wrong with your hardware... Simon Byrnand
02:53 PM Bug #13707: Unbound not binding to LAN on startup when explicitly set: Please continue the discussion on the forum, this isn't the place to diagnose your situation in that kind of detail -... Jim Pingle
02:41 PM Bug #13707: Unbound not binding to LAN on startup when explicitly set: Jim Pingle wrote in #note-10:
> Simon Byrnand wrote in #note-9:
> > Jim Pingle wrote in #note-8:
> > There seems to b... Simon Byrnand
10:24 AM Bug #13707: Unbound not binding to LAN on startup when explicitly set: Simon Byrnand wrote in #note-9:
> Jim Pingle wrote in #note-8:
> There seems to be something missing in your descri... Jim Pingle
10:13 AM Bug #13707: Unbound not binding to LAN on startup when explicitly set: Jim Pingle wrote in #note-8:
> It gets started/restarted by rc.bootup, rc.newwanip, and/or rc.newwanipv6. There ar... Simon Byrnand
08:27 AM Bug #13707 (New): Unbound not binding to LAN on startup when explicitly set: Simon Byrnand wrote in #note-5:
> In https://redmine.pfsense.org/projects/pfsense/repository/1/revisions/31c37082cad... Jim Pingle
03:53 AM Bug #13707: Unbound not binding to LAN on startup when explicitly set: Jordan Greene wrote in #note-6:
> Simon Byrnand wrote in #note-5:
>
> > Thinking it might be related to the Unifi co... Simon Byrnand
04:54 PM Revision dbff99ef: Eliminate backticks shell execution operator in diag_system_activity.php.: Christian McDonald
04:34 PM Regression #13719 (Resolved): PHP8.1 error when saving DHCP Server settings.: Thanks for confirming. Marcos M
03:20 PM Regression #13719 (Feedback): PHP8.1 error when saving DHCP Server settings.: Applied in changeset commit:c5c09acd9713a8e3ed3a553dc4d83daf4baf9502. Marcos M
01:25 PM Regression #13719: PHP8.1 error when saving DHCP Server settings.: *CONFIRMED* :
The patch posted by Marcos resolves the issue, even with pfBlockerNG-devel installed. Eric R
12:10 PM Regression #13719: PHP8.1 error when saving DHCP Server settings.: Ah, my mistake. Missed that. Just downloaded the patch and will apply it and report results this afternoon. Eric R
11:53 AM Regression #13719: PHP8.1 error when saving DHCP Server settings.: That link is not public, that's why a patch file was attached aswell. Flole Systems
11:30 AM Regression #13719: PHP8.1 error when saving DHCP Server settings.: Marcos, can you verify the link? I am unable to access the one you provided. Showing as unreachable. Eric R
09:12 AM Regression #13719: PHP8.1 error when saving DHCP Server settings.: If you are able to reproduce the problem, please test the patch. Marcos M
02:29 AM Regression #13719: PHP8.1 error when saving DHCP Server settings.: What is strange is that I installed 2.6.0 from a USB stick, then unsuccessfully because of my i-226 network cards, re... Steph Swiss
01:28 PM Revision 4dc4ac50: Fix unnecessarily duplicated work. Issue #13250: Jim Pingle
12:03 PM pfSense Docs Correction #13725: Configure Switch docs cite LAGGs tab that does not exist: That was combined into the ports tab quite a while ago:
https://gitlab.netgate.com/pfSense/factory/-/commit/862f39... Jim Pingle
11:50 AM pfSense Docs Correction #13725 (New): Configure Switch docs cite LAGGs tab that does not exist: On the docs for all Marvell switch-based appliances there are many references to a LAGGs tab that no longer exists.
... Ryan Coleman
11:28 AM Bug #8087: Provide Calling-Station-ID to RADIUS backed VPN connections: The format itself is application-specific. Marcos M
10:47 AM Bug #8087: Provide Calling-Station-ID to RADIUS backed VPN connections: Christian Ullrich wrote in #note-4:
> OpenVPN makes the client's apparent address available in environment variables... Brandon Verkada
07:54 AM Bug #13722 (Not a Bug): OpenVPN connection fail after service restart: I can't reproduce that problem as stated. Edit/Save does sometimes take actions the service restart does not, but if ... Jim Pingle
07:53 AM pfSense Packages Bug #13587 (Feedback): Zabbix-agent62 install fails: It's in the tree now on both CE and Plus, CE might even be in current snapshots, Plus tomorrow. Jim Pingle
07:50 AM pfSense Plus Regression #13724 (Resolved): pfSense-upgrade breaks the pkg repo conf: Upgrades from 22.05 to 23.01 will fail with an error like:... Steve Wheeler
07:49 AM pfSense Packages Bug #13692 (New): Netgate_Firmware_Upgrade - Title link needs updated: Not duplicate. I requested individual issues for these as they have defined links but need correcting in each separat... Jim Pingle
07:49 AM pfSense Packages Bug #13690 (New): IPsec Profile Wizard: Update package description and link in ``pkg-descr``: Not duplicate. I requested individual issues for these as they have defined links but need correcting in each separat... Jim Pingle
07:47 AM Bug #13721 (Duplicate): PHP Fatal error - firewall_rules.php - FreeBSD 14.0-CURRENT #0 devel-main-n255818-a851396c4f4: Fri Dec 2 06:29:25 UTC 2022: Duplicate of #13660 Jim Pingle
07:45 AM Bug #13258 (Resolved): Hidden menu option ``100`` incorrectly handles HTTPS detection: Jim Pingle
07:45 AM Bug #13453 (Resolved): Incorrect word in "Network Interfaces" help text on ``services_unbound.php``: Jim Pingle
07:31 AM Bug #13298 (Resolved): Dynv6 Dynamic DNS client does not check the response code when updating: Jim Pingle
07:31 AM Regression #13303 (Resolved): DNSExit Dynamic DNS updates no longer work: Jim Pingle
07:30 AM Todo #13250 (Resolved): Clean up DHCP Server option language: I wasn't looking at the RA pages here, just the DHCP pages. But I removed that "Seconds." bit just now in commit:4dc4... Jim Pingle
07:26 AM Regression #13488 (Resolved): All Captive Portal users are given the same limiter pipe pair: Jim Pingle
07:25 AM Bug #13645 (Resolved): PHP errors regarding ssh: Jim Pingle
07:24 AM Bug #13132 (Resolved): Multiple ``<sshdata>`` or ``<rrddata>`` sections in ``config.xml`` lead to an XML parsing error during restore: That should be sufficient testing.
The "live" method can be done if you are logged in and sitting at the backup pa... Jim Pingle
07:14 AM Bug #13723 (Confirmed): dpinger doesn't renew Gateway Monitoring IP address for IPsec VTi after changing IPsec VTi subnet: Tested on 22.05
Steps to reproduce:
1. Create Routed IPsec with IPv6 addresses as a Local and Remote. In my case ... Azamat Khakimyanov
06:19 AM Bug #12764: VTI gateway status is pending after assigning the VTI interface: I found it on my VM which had Gateway monitoring disabled so dpinger was not active (Status/Services). So when I adde... Azamat Khakimyanov
06:13 AM Bug #12764: VTI gateway status is pending after assigning the VTI interface: Tested on latest 23.01-DEV (built on Mon Dec 05 06:05:03 UTC 2022)
This issue hasn't been resolved yet. When new R... Azamat Khakimyanov
01:06 AM pfSense Packages Bug #13564 (Feedback): PHP error after creating a Route Map: I believe this is fixed by the resolution for #13642. Can you retest? Reid Linnemann
12:53 AM pfSense Packages Bug #13679 (Feedback): Error in pfBlockerNG Post Install Script: Should be fixed in CE as of "18035e":https://github.com/pfsense/FreeBSD-ports/commit/18035e2a5340c0b57be694a2d5b3f777... Reid Linnemann

12/04/2022

10:35 PM Regression #13719: PHP8.1 error when saving DHCP Server settings.: Found a workaround.
You can reconfigure the interfaces and DHCP Servers via console to the box. Had no issues maki... Eric R
04:43 PM Regression #13719: PHP8.1 error when saving DHCP Server settings.: I determined what was causing the issue. It seems to be caused by the pfBlockerNG-devel package. I had a second route... Eric R
01:26 PM Regression #13719 (Pull Request Review): PHP8.1 error when saving DHCP Server settings.: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/967
Copy/paste/apply the attached patch via the System P... Marcos M
10:16 AM Regression #13719: PHP8.1 error when saving DHCP Server settings.: *Debugging output can be collected to share with pfSense developers or others providing support or assistance.*
... Steph Swiss
10:14 AM Regression #13719: PHP8.1 error when saving DHCP Server settings.: *OUPS* ... in fact I still have the BUG (PHP error) when I use the "SAVE" button, however I finally managed to "fix" ... Steph Swiss
10:02 AM Regression #13719: PHP8.1 error when saving DHCP Server settings.: Hello,
I found how to "fix" (now I don't have this PHP error message anymore).
To start in "Services > DHCP Serve... Steph Swiss
01:49 AM Regression #13719: PHP8.1 error when saving DHCP Server settings.: You are very lucky because on the "built on Tue Nov 29 06:04:43 UTC 2022" and on the last one "the same one you have"... Steph Swiss
10:34 PM Bug #13722 (Not a Bug): OpenVPN connection fail after service restart: I am using OPenVPN client. When service is started from Status -> OpenVPN (stop, then start) I always getting "TLS Er... Stanislav Meshcheriakov
04:35 PM Bug #13076 (Resolved): Marking a gateway as down does not affect IPsec entries using gateway groups: Tested on latest snap - now works correctly. Marcos M
02:14 PM pfSense Packages Feature #13361: Add Zabbix 6.2 (agent and proxy) packages: +1
Agent 6.2 install does not work, same error. Hannes Palmquist

12/03/2022

11:56 PM Regression #13719: PHP8.1 error when saving DHCP Server settings.: Tested on
2.7.0-DEVELOPMENT (amd64)
built on Fri Dec 02 06:04:46 UTC 2022
FreeBSD 14.0-CURRENT
I can not reprod... aleksei prokofiev
03:52 AM Regression #13719: PHP8.1 error when saving DHCP Server settings.: Hello and sorry for my bad English :-(
I just registered to be able to write here. I have exactly the same bug wit... Steph Swiss
09:13 PM pfSense Packages Bug #13247 (Confirmed): Open-VM-Tools service actions do not work: Can confirm this behavior on pfSense Plus 23.01. Since this is a kernel module and not a service, probably best to j... Kris Phillips
09:04 PM pfSense Packages Bug #13690 (Duplicate): IPsec Profile Wizard: Update package description and link in ``pkg-descr``: This is a duplicated of https://redmine.pfsense.org/issues/12759 Kris Phillips
09:02 PM pfSense Packages Regression #13714 (Confirmed): PHP8.1 error when adding a new interface.: I'm able to reproduce this. Marked as Confirmed. Kris Phillips
09:01 PM pfSense Packages Bug #13692 (Duplicate): Netgate_Firmware_Upgrade - Title link needs updated: Marking as duplicate of https://redmine.pfsense.org/issues/12759
The Netgate Firmware Upgrade package is a proprie... Kris Phillips
08:59 PM pfSense Packages Bug #13709 (Resolved): Suricata 6.0.6_1 - PHP 8.1 Error on Alerts Page: Tested with Suricata 6.0.8_2. Not seeing PHP error messages on the Alerts page. Looks to be resolved. Kris Phillips
08:52 PM Bug #13721: PHP Fatal error - firewall_rules.php - FreeBSD 14.0-CURRENT #0 devel-main-n255818-a851396c4f4: Fri Dec 2 06:29:25 UTC 2022: There is not enough information in this bug report. What was the steps/action(s) that caused this crash report to ap... Kris Phillips
08:32 PM Bug #13721 (Duplicate): PHP Fatal error - firewall_rules.php - FreeBSD 14.0-CURRENT #0 devel-main-n255818-a851396c4f4: Fri Dec 2 06:29:25 UTC 2022: amd64
14.0-CURRENT
FreeBSD 14.0-CURRENT #0 devel-main-n255818-a851396c4f4: Fri Dec 2 06:29:25 UTC 2022 root@fr... RED SKULL
08:48 PM pfSense Packages Bug #13587: Zabbix-agent62 install fails: Tested on latest builds in case the above merge request was merged in. It has not. Kris Phillips
07:39 PM Bug #13258: Hidden menu option ``100`` incorrectly handles HTTPS detection: running 23.01.a.20221202.0600
!clipboard-202212031938-mrhwj.png!
Jordan G
07:29 PM Bug #13707: Unbound not binding to LAN on startup when explicitly set: Simon Byrnand wrote in #note-5:
> Thinking it might be related to the Unifi controller software I'm also running on ... Jordan G
12:00 PM Bug #13707: Unbound not binding to LAN on startup when explicitly set: Well that was an ordeal updating to the development snapshot. :(
My first attempt at an in place upgrade from 2.6.0 ... Simon Byrnand
06:36 PM Bug #13453: Incorrect word in "Network Interfaces" help text on ``services_unbound.php``: language has been corrected to not reference improper field selection - pfSense Plus Dev 23.01.a.20221202.0600 Jordan G
04:59 PM Bug #13507 (Resolved): Copying multiple rules at the same time results in new rules with duplicate tracker IDs: Alhusein Zawi
04:59 PM Bug #13507: Copying multiple rules at the same time results in new rules with duplicate tracker IDs: there is no duplication after copy/past the rules.
anchor "userrules/*"
pass in quick on $WAN reply-to ( em0 ... Alhusein Zawi
03:05 PM pfSense Packages Bug #13513: Cannot install Squid: Kris Phillips wrote in #note-9:
> Tested on Nov 18th builds. Package installs properly with no more errors. Issue ... Peter Moreno
01:45 PM Regression #13666 (Resolved): Assigned bridge interfaces are not configured at boot: fixed
after reboot :
[23.01-DEVELOPMENT][admin@pfSense.home.arpa]/root: ifconfig bridge0
bridge0: ... Alhusein Zawi
01:10 PM Bug #12612 (Resolved): DNS Resolver is restarted during every ``rc.newwanip`` event even for interfaces not used in the resolver: Tested against the:... Danilo Zrenjanin
12:27 PM Bug #13307 (Resolved): PPP interface custom reset date/time Hour and Minute fields do not properly handle ``0`` value: Alhusein Zawi
12:27 PM Bug #13307: PPP interface custom reset date/time Hour and Minute fields do not properly handle ``0`` value: Custom reset option takes 0 value
23.01-DEVELOPMENT (amd64)
built on Fri Dec 02 06:04:48 UTC 2022
Alhusein Zawi
07:15 AM Bug #8087: Provide Calling-Station-ID to RADIUS backed VPN connections: OpenVPN makes the client's apparent address available in environment variables:... Christian Ullrich
07:08 AM Bug #13298: Dynv6 Dynamic DNS client does not check the response code when updating: Working as expected, tested on
23.01-DEVELOPMENT (amd64)
built on Fri Dec 02 06:04:48 UTC 2022
FreeBSD 14.0-CURR... Lev Prokofev
06:50 AM Regression #13303: DNSExit Dynamic DNS updates no longer work: Can confirm that it's working as expected on
23.01-DEVELOPMENT (amd64)
built on Fri Dec 02 06:04:48 UTC 2022
Fr... Lev Prokofev
05:27 AM Todo #13250: Clean up DHCP Server option language: Checked against:... Danilo Zrenjanin
04:58 AM Bug #13387 (Resolved): Input validation is not rejecting invalid description characters when editing a CA or Certificate: Tested against:... Danilo Zrenjanin
04:37 AM Regression #13488: All Captive Portal users are given the same limiter pipe pair: Looks like pipes per user fixed. Users using their own pipe.
Tested
@23.01-DEVELOPMENT (amd64)
built on Fri D... Lev Prokofev
04:08 AM Bug #13539 (Resolved): Missing descriptions for referrers to firewall aliases cause empty strings for references to be returned when deleting an in-use alias: Tested against:... Danilo Zrenjanin
02:29 AM Bug #13645: PHP errors regarding ssh: Tested on
23.01-DEVELOPMENT (amd64)
built on Fri Dec 02 06:04:48 UTC 2022
FreeBSD 14.0-CURRENT
No such error... Lev Prokofev

12/02/2022

08:27 PM Bug #13132: Multiple ``<sshdata>`` or ``<rrddata>`` sections in ``config.xml`` lead to an XML parsing error during restore: I updated a virtual machine from 2.6 to 2.7.0.a.20221202.0600 and took a snapshot.
- SSH is enabled and the default a... Chris W
03:41 PM Regression #13719 (Resolved): PHP8.1 error when saving DHCP Server settings.: *BRANCH:* DEVEL version (devel)
*VERSION:* 2.7.0.a.20221202.0600
*ERROR MESSAGE:* PHP Fatal error: Uncaught TypeErr... Eric R
02:38 PM Revision 2af41fcd: Introduce public accessors for $g: g_has, g_get, and g_set.: Christian McDonald
02:25 PM Revision 51c72717: Improve LDAP debug logs. Implements #13718: Jim Pingle
02:16 PM Regression #13685 (Resolved): URL alias parsing is broken, gets stuck in infinite loop reading downloaded file: Jim Pingle
12:53 PM Regression #13685: URL alias parsing is broken, gets stuck in infinite loop reading downloaded file: tested on
Version 2.7.0-DEVELOPMENT (amd64)
built on Fri Dec 02 06:04:46 UTC 2022
FreeBSD 14.0-CURRENT
Alias i... Georgiy Tyutyunnik
01:16 PM pfSense Packages Bug #13587 (Pull Request Review): Zabbix-agent62 install fails: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/300 Christopher Cope
12:38 PM Revision 3a603398: Fix typo s/_echo/echo/: Renato Botelho
12:36 PM Feature #13388 (Resolved): Support for international characters in the AutoConfigBackup Hint/Identifier field: I was able to recreate the issue on the 22.05.
It worked as expected when I tested it against:... Danilo Zrenjanin
12:21 PM Bug #13706 (Confirmed): Static routes are not updated when updating a nested alias.: Tested against:... Danilo Zrenjanin
09:37 AM Bug #13093: LDAP authentication fails with extended query and RFC2307 group lookups enabled: I improved the LDAP debug logging a bit over on #13718 which may help here as well.
Jim Pingle
08:35 AM Todo #13718 (Feedback): Improve LDAP debugging: Applied in changeset commit:51c72717a62860a85b251ea17e72087a27d9e18a. Jim Pingle
08:23 AM Todo #13718 (Resolved): Improve LDAP debugging: The LDAP debug logs are inconsistent in their use of @log_auth()@ vs @log_error()@ and they should all be @log_error(... Jim Pingle
07:27 AM pfSense Plus Bug #13664 (In Progress): GUI allows configuring OpenVPN DCO with incompatible options (TCP, compression, TAP, net30): OK, I'll open this back up and work up similar changes to disable and force the TUN/TAP setting to always be 'tun', a... Jim Pingle
06:30 AM pfSense Plus Bug #13664: GUI allows configuring OpenVPN DCO with incompatible options (TCP, compression, TAP, net30): Tested against:... Danilo Zrenjanin

12/01/2022

09:30 PM Revision 7c841634: Revert "Remove unused global $config_extra": This reverts commit e36bc382ae1e0533c328b9dcd99959b17171de2e Christian McDonald
09:30 PM Revision e36bc382: Remove unused global $config_extra: Christian McDonald
08:48 PM Revision a4105aad: Remove unused xmlreader implementation and conditional sourcing: Christian McDonald
02:30 PM Bug #13717 (Duplicate): Stack overflow in ping(8) Vulnerability (FreeBSD): Duplicate of #13716 Jim Pingle
02:29 PM Bug #13717 (Duplicate): Stack overflow in ping(8) Vulnerability (FreeBSD): FreeBSD-SA-22:15.ping
https://www.freebsd.org/security/advisories/FreeBSD-SA-22:15.ping.asc
------
ping rea... RED SKULL
11:09 AM Bug #13716 (Resolved): CVE-2022-23093 / FreeBSD-SA-22:15.ping: Ref: https://www.freebsd.org/security/advisories/FreeBSD-SA-22:15.ping.asc
Not a significant concern for pfSense s... Jim Pingle
11:09 AM pfSense Packages Bug #13715 (New): arpwatch causing issues with Cron notifications?: Since upgrading to 2.7.0-devel I'm getting the following errors instead of the cron messages I'm expecting:
Arpwatch... Robert Johnston
11:03 AM Bug #13707: Unbound not binding to LAN on startup when explicitly set: Hi Danilo,
Yes, I'll try the latest development snapshot on the affected box sometime in the next few days and rep... Simon Byrnand
07:32 AM Bug #13707: Unbound not binding to LAN on startup when explicitly set: I tested against the:... Danilo Zrenjanin
09:09 AM pfSense Plus Regression #13613 (Ready To Test): OpenVPN crashes due to if_tuntap changes: Merged. This will turn up in the next snapshot build. Kristof Provost
08:06 AM pfSense Plus Regression #13613 (Pull Request Review): OpenVPN crashes due to if_tuntap changes: Jim Pingle
06:45 AM Bug #13254 (Resolved): DNS resolver does not update its configuration or reload during link down events: Tested against:... Danilo Zrenjanin

11/30/2022

08:37 PM Revision 04d726ac: Disable MTU input for a bridged interface: Bridge member interfaces cannot have their MTU configured independently from a
bridge, this change disables the MTU i... Reid Linnemann
08:37 PM Revision 51b682d9: Add ovpn qinqs to bridges instead of rebuilding them. Fixes #13666: qinq interfaces defined with parent openvpn interfaces are configured late in
rc.bootup, after qinqs for other physic... Reid Linnemann
06:57 PM pfSense Packages Regression #13714 (Resolved): PHP8.1 error when adding a new interface.: On the latest Suricata on 23.01 when adding a new interface:
> Fatal error: Uncaught TypeError: array_get_path(): Ar... Marcos M
06:55 PM pfSense Packages Bug #12956 (Resolved): suricata fails to use pcre in SID management (e.g. dropsid.conf): Marcos M
06:29 PM pfSense Plus Regression #13613: OpenVPN crashes due to if_tuntap changes: Tested patch and it worked well here. Marcos M
05:22 AM pfSense Plus Regression #13613: OpenVPN crashes due to if_tuntap changes: I can reproduce that here. It looks like the problem is that we send a SIGTERM to openvpn, but don't wait until it ac... Kristof Provost
12:13 AM pfSense Plus Regression #13613 (Feedback): OpenVPN crashes due to if_tuntap changes: I just ran into a different way of triggering what seems to be a similar issue. Editing a client with DCO enabled, un... Marcos M
06:02 PM Bug #12870 (Resolved): Clicking Save & Force Update on a Dynamic DNS entry results in a GUI timeout: The fix worked for me, thanks! Marcos M
06:01 PM Bug #13600 (Duplicate): Saving a DDNS entry can lead to the GUI timing out.: Marcos M
06:00 PM Bug #13600 (Resolved): Saving a DDNS entry can lead to the GUI timing out.: Worked well here, thanks! Marcos M
05:50 PM pfSense Packages Bug #13684 (Duplicate): HAProxy PHP error haproxy.inc:1229: Marcos M
05:13 PM pfSense Packages Bug #13684: HAProxy PHP error haproxy.inc:1229: Duplicate of #13562 (with fix in there) Robert Johnston
05:47 PM pfSense Packages Bug #13562 (Duplicate): HAProxy PHP error on upgrade to PHP8.1 update: I'm marking this one as duplicate given that the fix for both packages has already been submitted and pending review.... Marcos M
01:43 PM pfSense Packages Bug #13562: HAProxy PHP error on upgrade to PHP8.1 update: Okay, I have fixed all the errors I was getting. The procedure I used.
# Edit @/usr/local/pkg/haproxy/haproxy_util... Robert Johnston
03:01 PM Bug #13093 (Feedback): LDAP authentication fails with extended query and RFC2307 group lookups enabled: OK this may be another case where it's the LDAP schema at play.
If your groups are not in the same container as the ... Jim Pingle
02:45 PM Regression #13666 (Feedback): Assigned bridge interfaces are not configured at boot: Applied in changeset commit:51b682d9d7eb3bbba5bb6af96b09ab709115be58. Reid Linnemann
01:54 PM Bug #13713 (New): intermittent display of CPU Current / Max speed in System Information dashboard panel: A cosmetic / UX issue.
Issue:
When CPU powerd / scaling is enabled, the "Current: X MHz, Max: Y MHz" text is di... Royce Williams
01:11 PM pfSense Packages Bug #13709: Suricata 6.0.6_1 - PHP 8.1 Error on Alerts Page: The pull request has been merged. This issue can be marked as resolved. Bill Meeks
11:05 AM pfSense Plus Regression #13712 (Resolved): PHP error: pkg-utils.inc: When switching repos in 23.01:... Steve Wheeler
09:11 AM Regression #13705 (Resolved): PHP8.1 Captive Portal TypeError: I was getting this error every few hours. After applying this patch I've went almost 24 hours without an error. Marki... Christopher Cope
06:53 AM pfSense Plus Bug #13602: OpenVPN fails to start again if it crashes with DCO enabled: Jim is beter qualified to review these changes than I am. Kristof Provost
04:46 AM pfSense Packages Bug #13444: zabbix_proxy : cannot open "/var/log/zabbix-proxy/zabbix_proxy.log": [13] Permission denied: I see the same behavior, independently from Zabbix versions. The problem indeed, is in @newsyslog@ config for the ser... Juraj Lutter
02:29 AM Bug #13676 (Resolved): PHP errors on services_dhcpv6_relay.php: Tested against:... Danilo Zrenjanin

11/29/2022

11:57 PM pfSense Plus Bug #13602 (Pull Request Review): OpenVPN fails to start again if it crashes with DCO enabled: Marcos M
04:09 PM pfSense Plus Bug #13602 (New): OpenVPN fails to start again if it crashes with DCO enabled: I think it'd be preferred to implement part of this in both CE and Plus to avoid unnecessary code differences.
https... Marcos M
07:38 PM pfSense Packages Bug #13709: Suricata 6.0.6_1 - PHP 8.1 Error on Alerts Page: I've submitted a pull request to the 2.7.0 CE snapshot development branch to address this issue. The request is here:... Bill Meeks
04:44 PM pfSense Packages Bug #13709: Suricata 6.0.6_1 - PHP 8.1 Error on Alerts Page: Confirmed.
This is caused by a missing closing parenthesis in the if() conditional statement on line 545 directly ... Bill Meeks
08:36 AM pfSense Packages Bug #13709 (Resolved): Suricata 6.0.6_1 - PHP 8.1 Error on Alerts Page: Seeing this error upon clicking on the Suricata alerts tab:
"Parse error: syntax error, unexpected token ";" in /u... Steve Wilson
05:54 PM Revision f67c3ec2: rc.ipsec: Strip bonus quotes. Fixes #13076: The string was coming from check_reload_status wrapped in quotes that
were not necessary, and were causing the string... Jim Pingle
04:55 PM Revision 8de9ebba: $usedmacs should never be a string, default should be an array. For #13705: Christian McDonald
03:51 PM Revision 829322b3: Rector some direct config gets with complex paths.: Christian McDonald
03:04 PM Bug #13093: LDAP authentication fails with extended query and RFC2307 group lookups enabled: I'll poke at this and see what I can turn up. Apparently both of my lab LDAP servers are broken in different ways at ... Jim Pingle
12:05 PM Bug #13076 (Feedback): Marking a gateway as down does not affect IPsec entries using gateway groups: Applied in changeset commit:f67c3ec2946594a3679f6016716712ce74dac9c5. Jim Pingle
12:00 PM Bug #13076 (In Progress): Marking a gateway as down does not affect IPsec entries using gateway groups: I see why this is happening, the gateway value being passed to rc.ipsec is coming through as a quoted string where th... Jim Pingle
11:13 AM pfSense Packages Bug #13619 (Resolved): PHP Error in pfblockerNG-devel widget: The package version was bumped (now today on 3.1.0_11) to include the fix for this issue on pfSense+. I'm no longer s... Marcos M
10:58 AM Regression #13705 (Feedback): PHP8.1 Captive Portal TypeError: https://gitlab.netgate.com/pfSense/pfSense/-/commit/8de9ebba70b1e7860b071f06791479bbaf2d6e5c
Christian McDonald
10:23 AM Feature #13710 (New): Support UTF-8 CA/Certificate subject components: Some support was added for UTF-8 CA/Certificate fields in #12041 but it isn't complete.
The backend seems to handl... Jim Pingle
10:08 AM pfSense Plus Bug #13530: Remote Logging strange behavior: Jim, I am still trying to interconnect connect pfsense with my gray log server and there are surely multiple issues b... Louis B
08:09 AM Bug #13707: Unbound not binding to LAN on startup when explicitly set: Hi Jim,
Thanks for the reply.
If I take a backup of my current config, is it possible to do an in-place upgrade... Simon Byrnand
07:42 AM Bug #13707 (Feedback): Unbound not binding to LAN on startup when explicitly set: The fix for #13254 may have addressed this already. That fix won't apply to older versions, however, you will need to... Jim Pingle
04:47 AM Bug #13707 (New): Unbound not binding to LAN on startup when explicitly set: Hi,
This is related to the following forum thread:
https://forum.netgate.com/topic/176155/unbound-not-respondin... Simon Byrnand
07:54 AM Bug #13253: ``dhcp6c`` is not restarted when applying settings when multiple WANs are configured for DHCP6: The change is working as expected for this case in the latest snapshot. Saving and applying on a DHCP6 WAN causes the... Jim Pingle
05:36 AM pfSense Packages Feature #13708 (New): Apprise - Huge variety of notification methods in a single package: Apprise -
One notification library to rule them all.
A common and intuitive notification syntax.
Supports the ha... Jack Grimsdell
05:34 AM pfSense Packages Bug #13587: Zabbix-agent62 install fails: Hi, there seems to be an error in the installation, installs "zabbix62-agent" and then search for "zabbix-agent62".
... Xavier Roig

11/28/2022

09:04 PM Revision 8e88bd48: Pass reloadall flag to dhcp6c config. Fixes #13253: This ensures that if the interface is being configured in a way that requires a reload, that the DHCP6 client is also... Jim Pingle
08:09 PM Revision 7e3ea4a8: Rector some config unsets with complex paths.: Christian McDonald
07:16 PM Bug #13706 (Confirmed): Static routes are not updated when updating a nested alias.: Tested on @22.05@ and @23.01.a.20221123.0600@.
Setup:
* Create the network alias @a2@ with a subnet defined.
* C... Marcos M
05:29 PM Revision 02d6ca03: DDNS Save+Force timeout improvements. Fixes #12870: * In PHP8, curl_close is a no-op, so remove it.
* Now that curl_close does nothing, we have to set CURLOPT_FORBID_REU... Jim Pingle
05:21 PM Revision f4970dcd: Update Rector config with pfSense-specific tweaks and notes: Christian McDonald
05:03 PM Revision 75c2fbf0: Update namespace for custom Rectors to better align with on-disk hierarchy.: Christian McDonald
04:57 PM Regression #13705: PHP8.1 Captive Portal TypeError: Tested on... Christopher Cope
04:56 PM Regression #13705 (Resolved): PHP8.1 Captive Portal TypeError: ... Christopher Cope
04:54 PM Bug #13704 (Resolved): Refactor IPsec code using config access functions: Brad Davis
04:54 PM Todo #13702 (Resolved): Replace direct config accesses in ``system_advanced_sysctl``: Brad Davis
04:52 PM Todo #13701 (Resolved): Replace direct config accesses for the rest of the paths in ``system_advanced_admin.inc``: Brad Davis
03:10 PM Bug #13253 (Feedback): ``dhcp6c`` is not restarted when applying settings when multiple WANs are configured for DHCP6: Applied in changeset commit:8e88bd48a22b55d213ac7613be74c651706cfa0d. Jim Pingle
03:04 PM Revision 721fafba: Rector some direct config sets with pure scalar paths.: Christian McDonald
12:07 PM Bug #13600 (Feedback): Saving a DDNS entry can lead to the GUI timing out.: The new fix on #12870 probably fixed this as well, try with commit:02d6ca03965777ab95da05c7ae526aa75d2ddc2a applied o... Jim Pingle
11:40 AM Bug #12870 (Feedback): Clicking Save & Force Update on a Dynamic DNS entry results in a GUI timeout: Applied in changeset commit:02d6ca03965777ab95da05c7ae526aa75d2ddc2a. Jim Pingle
11:36 AM Bug #12870: Clicking Save & Force Update on a Dynamic DNS entry results in a GUI timeout: I think I have this fixed again, it's still weirdness in cURL.
With PHP 8, curl_close() does nothing, which explai... Jim Pingle
07:57 AM Bug #12870 (New): Clicking Save & Force Update on a Dynamic DNS entry results in a GUI timeout: The fixes should already be in 23.01/2.7.0 snapshots, but it's possible some other change broke this again.
I can ... Jim Pingle
08:50 AM pfSense Docs Correction #13699: Clarification to URL / URL Table Aliases in Docs: Jens Groh wrote in #note-2:
> So I'm right in remembering, that URL-style aliases are only fetched once (and again e... Jim Pingle
08:48 AM pfSense Docs Correction #13699: Clarification to URL / URL Table Aliases in Docs: Jim Pingle wrote in #note-1:
> The bottom part is wrong since the automatic update part only applies to URL table ... Jens Groh
08:26 AM pfSense Docs Correction #13699: Clarification to URL / URL Table Aliases in Docs: The behavior did change over time so neither one of those is quite right.
The top part is wrong because it doesn't... Jim Pingle
02:49 AM pfSense Docs Correction #13699 (New): Clarification to URL / URL Table Aliases in Docs: Hi,
I got a mail by a customer that was a bit confused about the wording on the docs page concerning the differenc... Jens Groh
08:13 AM Feature #13698 (Duplicate): Routes Flag - Legend: Duplicate of #13478
Though you can click the help link on the page ("(?)" in the breadcrumb bar) to get the docs p... Jim Pingle
08:07 AM Bug #13676: PHP errors on services_dhcpv6_relay.php: Jordan Greene wrote in #note-6:
> still happening on 23.01.a.20221124.0600
What exactly is the error message now?... Jim Pingle
08:05 AM pfSense Plus Bug #13530: Remote Logging strange behavior: Again, there isn't enough to go on there. It works fine and doesn't stop on many systems in other places (including m... Jim Pingle
08:02 AM Bug #13493: Several advanced DHCP6 client options do not inform the user when rejecting invalid input: Client-side validation in JS could probably be done to help guide users toward valid input, but that should be a sepa... Jim Pingle
07:54 AM Bug #13694 (Not a Bug): Strange behavior when disabling a firewall rule while anoter is simultaneosly in Edit mode: While this could be handled better, it's not a bug but a design flaw in how any area handles items by index number in... Jim Pingle
07:51 AM pfSense Packages Bug #13696 (Not a Bug): WireGuard v0.1.6_2 - Tunnel Will Never Handshake Again After WAN Reset: Jim Pingle
07:48 AM Regression #13618 (Duplicate): Creating URL Table (IPs) alias fails on applying: I missed this issue and ended up making a new one when I fixed it. See #13685 Jim Pingle
07:07 AM pfSense Packages Feature #11130 (Resolved): FRR RIP support: Azamat Khakimyanov
07:07 AM pfSense Packages Feature #11130: FRR RIP support: Tested on 22.05 and on latest 23.01-DEV (built on Thu Nov 24 06:04:19 UTC 2022)
I used RIP between 2 nodes, with adv... Azamat Khakimyanov
07:01 AM pfSense Packages Regression #12653 (Resolved): RIP related startup error: Tested on 22.05 and on latest 23.01-DEV (built on Thu Nov 24 06:04:19 UTC 2022)
There is no issue with RIP. I crea... Azamat Khakimyanov

11/27/2022

11:06 PM Feature #13698 (Duplicate): Routes Flag - Legend: Under Diagnostics / Routes in the Flags column, it would be helpful to have a legend somewhere on screen to indicate ... Mike Moore
06:45 PM Bug #13473: No IPv6 address acquired after reboot/dhcp6c not starting: Probably similar to #13671 Flole Systems
06:43 PM Bug #13473: No IPv6 address acquired after reboot/dhcp6c not starting: Have you tested with multiple client interfaces? As described the issue happens due to the new "single dhcpv6 client ... Flole Systems
04:54 PM Bug #13676: PHP errors on services_dhcpv6_relay.php: still happening on 23.01.a.20221124.0600 Jordan G
10:42 AM pfSense Plus Bug #13530: Remote Logging strange behavior: I did some further test. Not only the firewall log stops but also e.g. unbound. I disabled forwarding to GrayLog. At ... Louis B
07:59 AM pfSense Plus Bug #13530: Remote Logging strange behavior: Yep, I just started logging pfsense alarms in GrayLog, and .... it does not work. The firewall logging stops after so... Louis B
01:22 AM pfSense Packages Bug #13619: PHP Error in pfblockerNG-devel widget: Tested on 23.01.a.20221124.0600 and I don't see any errors on the widget
!clipboard-202211271021-lhh79.png!
aleksei prokofiev

11/26/2022

08:04 PM Bug #13687: Cannot add limiters named ``new``: Confirmed this bug on 23.01. Additionally, if you create a limiter named "new" and then create a queue, if you go an... Kris Phillips
08:04 PM Bug #13493: Several advanced DHCP6 client options do not inform the user when rejecting invalid input: Wouldn't it be possible to limit the possible characters in the web interface aswell? Using the HTML5 attribute @type... Flole Systems
08:02 PM Bug #13375: Mixing VTI and disabled Tunnel Mode phase 2 entries on the same phase 1 breaks VTI gateway monitoring: Confirmed for 23.01 builds too. Kris Phillips
07:56 PM Bug #13277: IGMP Proxy webConfigurator Page Always Produces Error: Tested on pfSense Plus 23.01 and this message is still present. However, the service starts and works normally regar... Kris Phillips
07:27 PM Bug #13014: Deadlock in Charon VICI interface: Kristof Provost wrote in #note-25:
> Thanks for that.
>
> There's nothing obviously suspect in the status or conf... Kris Phillips
07:24 PM pfSense Packages Bug #13623 (Resolved): Snort binary package fails to install on 2.7.0-DEVEL snapshots due to luajit-openresty version problems: This looks like it was merged, so I tested on the latest builds.
Issue is no longer present and the package inst... Kris Phillips
05:37 PM pfSense Packages Regression #13697 (Resolved): pfBlockerNG alerts error on 2.7.0 devel and PHP 8.1: Getting the following error:... Robert Johnston
10:25 AM Bug #12870: Clicking Save & Force Update on a Dynamic DNS entry results in a GUI timeout: I was able to replicate this issue with GoDaddy DNS. Click Save & Force Update then eventually a 504/timeout error ap... Dean Arnold
12:14 AM Bug #13694: Strange behavior when disabling a firewall rule while anoter is simultaneosly in Edit mode: Tested on
23.01-DEVELOPMENT (amd64)
built on Fri Nov 18 06:04:48 UTC 2022
FreeBSD 14.0-CURRENT
In step "4" a... Lev Prokofev

11/25/2022

04:14 PM pfSense Packages Bug #13696: WireGuard v0.1.6_2 - Tunnel Will Never Handshake Again After WAN Reset: Never mind. It was a problem with my firewall. Follow the guide here and you'll be fine: https://mullvad.net/en/help/... Nunya Business
02:08 PM pfSense Packages Bug #13696: WireGuard v0.1.6_2 - Tunnel Will Never Handshake Again After WAN Reset: I think I found the solution for 0.1.6_2. Once your tunnel is setup with peers, you have your tun_wg0 Interface, and ... Nunya Business
07:27 AM pfSense Packages Bug #13696: WireGuard v0.1.6_2 - Tunnel Will Never Handshake Again After WAN Reset: even just rebooting or restarting Wireguard Nunya Business
07:14 AM pfSense Packages Bug #13696 (Not a Bug): WireGuard v0.1.6_2 - Tunnel Will Never Handshake Again After WAN Reset: This old bug has returned: https://redmine.pfsense.org/issues/12399
Identical symptoms: make any changes to the tu... Nunya Business
07:10 AM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: This problem has returned with the current version of the Wireguard package, 1.1.6_2.
Identical symptoms: make any... Nunya Business

11/24/2022

07:08 PM pfSense Packages Regression #13695 (Duplicate): pfBlockerNG-devel net 3.1.0_11 install error | 2.7.0-DEVELOPMENT (amd64) built on Thu Nov 24 06:05:10 UTC 2022: PHP ERROR: Type: 1, File: /usr/local/pkg/pfblockerng/pfblockerng_install.inc, Line: 142, Message: Uncaught TypeError:... RED SKULL
04:39 PM Regression #13618: Creating URL Table (IPs) alias fails on applying: This appears to be resolved now. I update around once a week on my test system so unsure which build fixed it. Brad Smith
03:32 PM Bug #13694 (Not a Bug): Strange behavior when disabling a firewall rule while anoter is simultaneosly in Edit mode: It appears this is regardless of interface. WAN and floating are from the original ticket so they're used here as an ... Chris W
09:03 AM Regression #13026: Limiters do not work: I can replicate the issue Steve describes, but I'm not quite sure if it's a bug or somewhat surprising expected behav... Kristof Provost
01:07 AM pfSense Docs New Content #10311: Default net.link.ifqmaxlen value leads to packet loss under load in OpenVPN: Interestingly its forced to a value of 128 now.
If set it inside on /boot/loader.conf.local, it will apply on the ... Chris Collins

11/23/2022

08:47 PM Regression #12827: High latency and packet loss during a filter reload: Hi guys feedback from myself.
I had this enabled when I first updated to 2.6.0. Had noticed no issues.
But yesterd... Chris Collins
04:34 PM Revision 522e3f91: DHCP6 Adv field validation errors. Fixes #13493: A few fields were being validated but not informing the user when the
values were bad. This commit lets the user know... Jim Pingle
02:06 PM Revision 1e45d13f: Rector some direct config gets with pure scalar paths.: Christian McDonald
01:06 PM pfSense Plus Bug #13693 (Rejected): Private domain in resolver custom options randomly breaks resolution for that domain: There isn't nearly enough here to suggest it's actually a bug or anything actionable on our part -- This site is not ... Jim Pingle
01:04 PM pfSense Plus Bug #13693 (Rejected): Private domain in resolver custom options randomly breaks resolution for that domain: I have the following "custom options" configuration in my DNS resolver settings to allow DNS over OpenVPN to work pro... Ryan Goodfellow
11:33 AM Regression #13666: Assigned bridge interfaces are not configured at boot: The resolution to #13225 appears to have caused this. The rebuilding of the bridge interfaces after logical ovpn inte... Reid Linnemann
10:45 AM Bug #13493 (Feedback): Several advanced DHCP6 client options do not inform the user when rejecting invalid input: Applied in changeset commit:522e3f912bf849161e5a52e50fcc7fc80c3b11f5. Jim Pingle
10:32 AM pfSense Packages Bug #13692 (New): Netgate_Firmware_Upgrade - Title link needs updated: >Netgate_Firmware_Upgrade links to https://github.com/pfSense-pkg-Netgate_Firmware_Upgrade/pfSense-pkg-Netgate_Firmwa... Christopher Cope
10:30 AM pfSense Packages Bug #13691 (Resolved): ldpd - Title link needs updated: >lldpd links to https://docs.netgate.com/pfsense/en/latest/packages/nut.html
That is the wrong package. Christopher Cope
10:30 AM pfSense Packages Bug #13690 (Closed): IPsec Profile Wizard: Update package description and link in ``pkg-descr``: >ipsec-profile-wizard links to http://www.netgate.com/docs/
Perhaps that is on purpose, but it would seem better t... Christopher Cope
10:07 AM Bug #13689 (Rejected): Links on some package names are incorrect.: Each package manages its own link(s) in its @pkg-descr@ file -- this will need to be one separate Redmine under Packa... Jim Pingle
10:04 AM Bug #13689 (Rejected): Links on some package names are incorrect.: When loading the list of packages in System > Package Manager > Available Packages some of the links need updated / c... Christopher Cope
09:37 AM Bug #13686: Unbound breaks SPF: Jim Pingle wrote in #note-3:
> That is not anything we can control, it's the behavior of Unbound itself. You can rai... Frederic Steinfels
09:28 AM pfSense Packages Bug #13612: Snort building lists is broken: A pull request has been submitted to the pfSense DEVEL branch of FreeBSD-ports to correct this issue. The pull reques... Bill Meeks
09:26 AM pfSense Packages Bug #13623: Snort binary package fails to install on 2.7.0-DEVEL snapshots due to luajit-openresty version problems: I have submitted a pull request to the pfSense DEVEL FreeBSD-ports tree to correct this issue. Here is the link: http... Bill Meeks
09:10 AM pfSense Plus Feature #13688 (Rejected): Twice(Dual) NAT separate configuration: Given that it's already possible now, and adding another way to do the same thing would likely confuse people even mo... Jim Pingle
09:06 AM pfSense Plus Feature #13688 (Rejected): Twice(Dual) NAT separate configuration: In order to do Twice NAT, source and destination IP fields need to be changed, one would need to create separate outb... Mike Moore
08:56 AM pfSense Packages Feature #13643: FRR - Display what BGP is advertsing to its neighbors: Appreciate the responses here. I didnt know if vtysh could be called from the cli - rather i didnt know how.
That be... Mike Moore
03:10 AM Bug #13148 (Ready To Test): Traffic passed by Captive Portal cannot use limiter queues on other rules: My understanding is that this is fixed, but that Reid had an unrelated issue. @Reid, can you confirm? Kristof Provost
02:41 AM Bug #13687 (Resolved): Cannot add limiters named ``new``: When I create a limiter named 'new' via the Traffic Shaper page (firewall_shaper_vinterface.php) with the name 'new' ... Kristof Provost

11/22/2022

08:38 PM Revision 88774881: Rector some more direct config unsets with pure scalar paths: Christian McDonald
06:45 PM Revision 6e081414: Rector some direct config unsets with pure scalar string paths.: Christian McDonald
06:18 PM Bug #13686: Unbound breaks SPF: That is not anything we can control, it's the behavior of Unbound itself. You can raise a request with them directly ... Jim Pingle
06:17 PM Bug #13686: Unbound breaks SPF: I see, thanks. I will reformulate my request. Instead of stripping the answer, wouldn't it make more sense to replace... Frederic Steinfels
06:00 PM Bug #13686 (Not a Bug): Unbound breaks SPF: This is not a bug, it's a security feature. Unbound disallows private addresses in replies by default. You can disabl... Jim Pingle
05:09 PM Bug #13686 (Not a Bug): Unbound breaks SPF: It seems the unbound module is not compliant with the SPF standard.
When I do the lookup on the pfsense unbound se... Frederic Steinfels
05:04 PM Revision fa323663: IPsec cert SAN improvements. Fixes #13373: * Improve descriptions of IPsec P1 cert fields.
* Allow using a cert with a wildcard SAN so long as there is at least... Jim Pingle
03:43 PM Revision f16d3f4d: Add CA/Cert invalid descr char list to help. Fixes #13387: Jim Pingle
03:10 PM Revision af613468: Fix regression in URL alias parsing. Fixes #13685: Jim Pingle
12:05 PM Bug #13493: Several advanced DHCP6 client options do not inform the user when rejecting invalid input: Looks like several fields get tested to ensure they are numeric ints before being stored, but don't have correspondin... Jim Pingle
12:04 PM Feature #4728: Expose ``nopool`` server option in the OpenVPN Server GUI: Hi, I do not think this is a duplicate and I just ran into this again. I actually want to be able to specify "nopool"... Florian Apolloner
11:56 AM Bug #13671: DHCP client can fail permanently if an interface is down at boot: MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/949 Jim Pingle
11:53 AM Bug #13671 (Feedback): DHCP client can fail permanently if an interface is down at boot: Try this change, for example:... Jim Pingle
11:50 AM Bug #13671: DHCP client can fail permanently if an interface is down at boot: @/etc/rc.linkup@ explicitly exits if it detects the platform is booting. We might be able to insert a test there to c... Jim Pingle
11:35 AM Bug #13473 (Incomplete): No IPv6 address acquired after reboot/dhcp6c not starting: I can't reproduce anything like this with LAGG and DHCP6 on current snapshots, it's all working happily here and none... Jim Pingle
11:15 AM Bug #13280 (Feedback): Entries for ``net.link.ifqmaxlen`` duplicated in ``/boot/loader.conf``: I cannot reproduce this on current snapshots either. The only place I can reproduce it is on a 22.05 system.
I hav... Jim Pingle
11:15 AM Regression #13373 (Feedback): IPsec rejects certificates if any SAN is wildcard rather than rejecting when **all** SANs are wildcard: Applied in changeset commit:fa3236635876914ab330778545ec8dd7cefe7a80. Jim Pingle
11:07 AM Regression #13373: IPsec rejects certificates if any SAN is wildcard rather than rejecting when **all** SANs are wildcard: I re-confirmed that using a cert with one non-wildcard SAN and multiple wildcard SANs does work properly in strongSwa... Jim Pingle
10:13 AM Bug #13574 (Resolved): Extra remote address information can confuse ``sshguard``: The extra information is no longer printed in the log, and sshguard properly recognizes the failed attempts even when... Jim Pingle
09:50 AM Bug #13387 (Feedback): Input validation is not rejecting invalid description characters when editing a CA or Certificate: Applied in changeset commit:f16d3f4d3f466bb1fca84c754e51fbaa1b9e48ba. Jim Pingle
09:42 AM Bug #13387 (In Progress): Input validation is not rejecting invalid description characters when editing a CA or Certificate: I'll add the list of invalid characters to the help text for those fields.
Jim Pingle
09:25 AM Bug #13425 (Resolved): Invalid alias name can still be used by code attempting to validate URL table content: Attempting a previously working exploit no longer creates an arbitrary file. Marking resolved.
Jim Pingle
09:11 AM Bug #13425: Invalid alias name can still be used by code attempting to validate URL table content: Jordan Greene wrote in #note-3:
> when attempting to save an alias in 23.01.a.20221111.0600 include an additional / ... Jim Pingle
09:20 AM Regression #13685 (Feedback): URL alias parsing is broken, gets stuck in infinite loop reading downloaded file: Applied in changeset commit:af61346825f5507889d66c142c78babee837f6e4. Jim Pingle
09:08 AM Regression #13685 (In Progress): URL alias parsing is broken, gets stuck in infinite loop reading downloaded file: Jim Pingle
09:07 AM Regression #13685 (Resolved): URL alias parsing is broken, gets stuck in infinite loop reading downloaded file: In commit:c239afac1763951eacefc1dbc59ad04f9d319b91 we made the following change:... Jim Pingle
08:31 AM Bug #13426 (Resolved): ``status.php`` uses ``<name>`` component of ``/tmp/rules.packages.<name>`` filenames in shell command without encoding: Can't reproduce on snapshots. Marking resolved. Jim Pingle
07:13 AM Bug #12673: Firewall Logs Dashboard Widget is slow and may fail to update: I think I have solved all issues. The functionality is the same as the original NetGate version. However with a 20 ti... Louis B

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

12/21/2022

12/20/2022

12/19/2022

12/18/2022

12/17/2022

12/16/2022

12/15/2022

12/14/2022

12/13/2022

12/12/2022

12/11/2022

12/10/2022

12/09/2022

12/08/2022

12/07/2022

12/06/2022

12/05/2022

12/04/2022

12/03/2022

12/02/2022

12/01/2022

11/30/2022

11/29/2022

11/28/2022

11/27/2022

11/26/2022

11/25/2022

11/24/2022

11/23/2022

11/22/2022