Project

General

Profile

Activity

From 02/01/2023 to 03/02/2023

03/02/2023

09:07 PM Feature #12521: Add the BBR2, QUIC, RACK Congestion Control (CC) protocols
https://man.freebsd.org/cgi/man.cgi?query=tcp_bbr&apropos=0&sektion=0&manpath=FreeBSD+14.0-CURRENT&arch=default&forma... hao zhang
04:40 PM pfSense Packages Bug #13421: Stunnel certificate does not refresh
I have experienced this problem in pfSense plus 22.05 / stunnel 5.50_11.
I "solved" it via brute force, but making t... S Premeau
04:38 PM pfSense Packages Feature #14063 (New): FileBeats for pfsense
Is it possible to create the GUI for the filebeat package in order to export suricata/snort logs to a SIEM stack or a... Mike Moore
02:36 PM pfSense Packages Bug #14058 (Feedback): Update vendor=on triggers installation failure
I am not able to reproduce this on 23.05 snapshots. I'm not sure it is worth the effort in fixing if it already works... Christian McDonald
02:34 PM pfSense Packages Feature #13905 (Bogus): Introduce GUI knob for controlling ```--snat-subnet-routes``` tailscaled option
Christian McDonald
02:31 PM pfSense Packages Feature #13905 (Incomplete): Introduce GUI knob for controlling ```--snat-subnet-routes``` tailscaled option
Marking as bogus until upstream supports this on FreeBSD Christian McDonald
02:33 PM pfSense Packages Feature #6651 (Resolved): Loopback interfaces
Christian McDonald
02:32 PM pfSense Packages Bug #13271 (Bogus): I got 'The WireGuard service is not running.' after I upgraded my pfSense VM from 22.05.r.20220604.1403 -> 22.05.r.20220609.1919
Marking bogus as this is now quite old. WireGuard upgrades seem to be working fine. Christian McDonald
02:30 PM pfSense Packages Todo #13906 (Resolved): Update tailscale from 1.34.2 to 1.36.0
Christian McDonald
02:30 PM Bug #13929 (Resolved): IGMP Proxy multicast group membership query packets have an invalid checksum
Christian McDonald
12:29 PM Bug #14062 (New): NTP AUTH ISSUE
NTP authentication requires not only the keyvalue but the key to function correctly. pfSense NTP only lists the optio... Jonathan Lee
12:11 PM pfSense Docs Todo #13986 (Resolved): LTE Router ZTE MF79U works on pfSense
Added and deployed: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/bbff8f4a89dfb9d9a681a1abd9b5b2c649ee4dc7 Jim Pingle
11:56 AM pfSense Docs Correction #14006 (Resolved): Netgate 5100 drive installation shows outdated information
Fixed and deployed: https://gitlab.netgate.com/docs/pfsense-platforms/-/commit/5a9bbe9475659a73f1e6bf153f0ead3dfd74ac0f Jim Pingle
08:17 AM Bug #14013 (Resolved): PHP error when attempting to bulk import Alias content
It works fine if I import a list under Firewall/Aliases/IP
I could replicate the issue only after choosing Firewal... Danilo Zrenjanin
07:59 AM Regression #14059: Old states are still used after a route change
That sort of leakage has always been a problem without rules to ensure it doesn't escape. The old states sort of mask... Jim Pingle
07:35 AM Bug #14061 (Not a Bug): PHP error if a non-privileged shell user attempts an operation which needs to write ``config.cache``
That isn't a bug in PHP code, it's failing to write files to @/tmp@ for some reason. We've seen a few reports of this... Jim Pingle
02:06 AM Bug #14061 (Resolved): PHP error if a non-privileged shell user attempts an operation which needs to write ``config.cache``
Running 23.01 on a 7100. Noticed these PHP errors many hours after they occurred, so unfortunately have no idea what... Andrew Warren
06:53 AM pfSense Packages Bug #10436: softflowd no longer sends flow data after upgrade (v0.9.9_1 -> v1.0.0)
I suppose that this redmine issue 10436 could be closed if Netgate make available the previous version (from pfsense ... Marcelo Cury

03/01/2023

09:48 PM Bug #14060 (Resolved): Auto Config Backup prints a confusing decryption error when using the wrong key
Enable auto config backup from the menu after entering (any) password, save, then disable (uncheck) "Enable ACB" and ... Jordan G
07:30 PM Revision 24c0f00f: Fixup IPsec enc algo PHP 8 issues. Fixes #14009
Jim Pingle
07:28 PM pfSense Packages Feature #12502: Option to include Syslog-ng Configuration Library (scl)
I didn't want to wait and did this:... Wagner Sartori Junior
05:05 PM Revision 66b989e8: Fix if descr case handling. Fixes #14057
Match the behavior of this new statement with the intent of the code on
previous versions. Jim Pingle
04:42 PM Regression #14059: Old states are still used after a route change
I believe the change that makes this a problem where it wasn't before is that states are now created on interface "all". Chris Linstruth
03:50 PM Regression #14059 (Not a Bug): Old states are still used after a route change
It's possible for traffic meant to be sent over an IPsec policy tunnel to instead go out of the WAN. This can happen ... Marcos M
03:48 PM Revision fed25589: Correct includes in IPsec widget. Fixes #14053
Jim Pingle
01:40 PM Bug #14009 (Feedback): PHP error from upgraded IPsec tunnel containing only deprecated ciphers
Applied in changeset commit:24c0f00ff82d78c1e5301e43df21c2ef8ebecf7f. Jim Pingle
01:34 PM pfSense Packages Bug #8454: Arpwatch package break email notifications from other sources
I am getting the same problem even though "Disable cron" is on and is correctly referenced in the PHP. It reappeared ... Jan-Peter Koopmann
01:32 PM pfSense Packages Bug #14058 (Resolved): Update vendor=on triggers installation failure
the custom_php_install command fails during pkg upgrade/install if the "Update Vendor" config option is on.... Jan-Peter Koopmann
01:13 PM Revision 038ab40e: Fix incorrect path for disableconsolemenu.
Jim Pingle
12:34 PM pfSense Packages Bug #10590 (Closed): pfBlockerNG: Invalid argument supplied for foreach()
Error is no longer relevant to current code base. Marcos M
11:15 AM Regression #14057 (Feedback): Dynamic gateway names use mixed case instead of upper case, leading to configuration mismatches
Applied in changeset commit:66b989e824042c0cf5e75b1cb245b0ae13548949. Jim Pingle
10:49 AM Regression #14057 (Resolved): Dynamic gateway names use mixed case instead of upper case, leading to configuration mismatches
Somewhere between 22.05.x and 23.01 dynamic gateway names started to come out as mixed case instead of being forced t... Jim Pingle
10:55 AM Bug #14056: DNS Resolver experiences intermittent resolution failures with SSL over TLS due to ASLR
Jim Pingle wrote in #note-1:
> There isn't nearly enough detail here to definitely say it's a bug and not a settings... Todd Adams
10:12 AM Bug #14056 (Feedback): DNS Resolver experiences intermittent resolution failures with SSL over TLS due to ASLR
There isn't nearly enough detail here to definitely say it's a bug and not a settings issue somewhere. For example, o... Jim Pingle
10:01 AM Bug #14056 (Closed): DNS Resolver experiences intermittent resolution failures with SSL over TLS due to ASLR
DNS is completely broken on PfSense 23.01 with SSL enabled and using Quad9. Reddit has also recognized the same bug: ... Todd Adams
10:24 AM Feature #14050 (Feedback): Support for ``iwlwifi`` wireless interfaces
MR was merged yesterday. Jim Pingle
10:22 AM pfSense Packages Bug #14042 (Resolved): An assigned Pass List is not shown as "Assigned" on the PASS LISTS tab when the list is used in the HOME_NET or EXTERNAL_NET setting on a Suricata interface.
PR merged, thanks! Jim Pingle
10:22 AM pfSense Packages Bug #14041 (Resolved): Post-install migration of existing settings throws a PHP error when the configuration contains the legacy layout of a single alias in a Pass List.
PR merged, thanks! Jim Pingle
10:01 AM Bug #14051 (Duplicate): PHP ERROR: Type: 1, File: /usr/local/www/firewall_rules.php, Line: 805
Duplicate of #13953 Jim Pingle
09:55 AM Regression #14053 (Feedback): Changing the default IPsec widget tab removes all widgets
Applied in changeset commit:fed25589f4eba4ac6293fec7135f0078c03dfb62. Jim Pingle
09:52 AM Regression #14053 (Confirmed): Changing the default IPsec widget tab removes all widgets
Jim Pingle
06:05 AM pfSense Packages Bug #10436: softflowd no longer sends flow data after upgrade (v0.9.9_1 -> v1.0.0)
I downgraded softflowd, so I'm not using 1.2.6_1, this is the reason for it not showing in my package manager.
I'm us... Marcelo Cury

02/28/2023

11:01 PM pfSense Packages Bug #10436: softflowd no longer sends flow data after upgrade (v0.9.9_1 -> v1.0.0)
Mark Hassman wrote in #note-11:
> Marcelo Cury wrote in #note-10:
> > Can someone test this with 23.01 snaps on the... Mark Hassman
10:44 PM pfSense Packages Bug #10436: softflowd no longer sends flow data after upgrade (v0.9.9_1 -> v1.0.0)
I tested and noticed that softflowd processes are dying.
So, I decided to test an older version, but doing this not r... Marcelo Cury
11:09 AM pfSense Packages Bug #10436: softflowd no longer sends flow data after upgrade (v0.9.9_1 -> v1.0.0)
Marcelo Cury wrote in #note-10:
> Can someone test this with 23.01 snaps on the SG-3100 ?
Confirmed - softflowd i... Mark Hassman
10:03 PM Revision 095b2481: Add iwlwifi support
Steve Wheeler
09:04 PM Bug #14055 (Resolved): Traffic shaped by limiters is dropped when routed to a GIF gateway
Tested on pfSense+ 23.01.
Test:
# Configure a GIF tunnel (IPv6 local/remote tunnel address) and interface for use... Marcos M
08:54 PM Revision c5b8e57a: Improve validation and escaping of bridge interfaces. Fixes #14052
Jim Pingle
08:41 PM pfSense Packages Bug #14054 (New): pfBlockerNG can incorrectly modify firewall rules
Some minutes after configuring a firewall rule, the pfBlockerNG cron job ran and incorrectly modified one of the floa... Marcos M
08:21 PM pfSense Packages Bug #12330 (Resolved): pfBlockerNG devel creating invalid NAT rules on boot
Marcos M
08:20 PM pfSense Packages Feature #11295 (Resolved): DNSBL IDN support
Marcos M
08:17 PM pfSense Packages Feature #11155 (Resolved): SafeSearch AAAA
Marcos M
08:17 PM pfSense Packages Bug #10252 (Not a Bug): pfblockerng-devel
Marcos M
08:15 PM pfSense Packages Feature #12882 (Resolved): Add the option to specify CURLOPT_INTERFACE in pfBlockerNG IPv4/IPv6 lists
Marcos M
08:14 PM pfSense Packages Bug #13180 (Duplicate): High CPU Utilization with pfb_filter since pfBlockerNG update to devel 3.1.0_4
Marcos M
07:17 PM Regression #14053 (Resolved): Changing the default IPsec widget tab removes all widgets
If you edit the IPSec widget and change the default tab it displays all dashboard widgets are removed.
The logs sh... Steve Wheeler
03:28 PM pfSense Packages Bug #14042: An assigned Pass List is not shown as "Assigned" on the PASS LISTS tab when the list is used in the HOME_NET or EXTERNAL_NET setting on a Suricata interface.
A pull request containing the fix for this issue has been submitted here: https://github.com/pfsense/FreeBSD-ports/pu... Bill Meeks
03:28 PM pfSense Packages Bug #14041: Post-install migration of existing settings throws a PHP error when the configuration contains the legacy layout of a single alias in a Pass List.
A pull request containing the fix for this issue has been submitted here: https://github.com/pfsense/FreeBSD-ports/pu... Bill Meeks
03:10 PM Bug #14052 (Feedback): Bridge interface is not properly validated when submitted on ``interfaces_bridge_edit.php``
Applied in changeset commit:c5b8e57aa51ff82b45bd6cb925ba512f4c01dcba. Jim Pingle
02:49 PM Bug #14052 (Resolved): Bridge interface is not properly validated when submitted on ``interfaces_bridge_edit.php``
When creating or editing a bridge interface on @interfaces_bridge_edit.php@, the submitted @$_POST['bridgeif']@ is us... Jim Pingle
02:54 PM Revision 48eab661: system_advanced_admin config refactor
Christian McDonald
02:31 PM Bug #14051 (Duplicate): PHP ERROR: Type: 1, File: /usr/local/www/firewall_rules.php, Line: 805
PHP error
PHP ERROR: Type: 1, File: /usr/local/www/firewall_rules.php, Line: 805, Message: Uncaught TypeError: Cann... Eric Hollebone
02:02 PM Feature #14050 (Pull Request Review): Support for ``iwlwifi`` wireless interfaces
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1017 Steve Wheeler
01:47 PM Feature #14050 (Resolved): Support for ``iwlwifi`` wireless interfaces
The iwlwifi(4) driver is supported in pfSense 23.01/2.7 but needs to be added to the 'wireless_regex' list in order f... Steve Wheeler
01:35 PM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions
Curious though I can't see a reason why it would let you do that by hand but the code would fail. For now I'd apply t... Jim Pingle
01:29 PM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions
I deleted the content of the file and let some notifications go through. That appears to have solved the issue; so I'... Paul Diederich
07:43 AM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions
Do you get an error if you try to erase @/var/db/notifyqueue.messages@ by hand? You can try @rm /var/db/notifyqueue.m... Jim Pingle
11:15 AM pfSense Plus Regression #13993: Switch ports on 7100/1100/2100 do not have Auto MDI-X support enabled
Ryan Coleman wrote in #note-5:
> Ok so it is not available to 23.01 -- it would have to be a point release then?
... Jim Pingle
11:13 AM Bug #14049 (Duplicate): OpenVPN: Remote access VPNs are shown in the "Peer to Peer Server Instance Statistics" in status
Duplicate of #12884 (already fixed).
Before reporting a problem, please search the existing issues (including clos... Jim Pingle
09:49 AM Bug #14049 (Duplicate): OpenVPN: Remote access VPNs are shown in the "Peer to Peer Server Instance Statistics" in status
I only have remote access VPNs:
!Screenshot%20from%202023-02-28%2012-40-14.png!
But in the status page the last... Federico Capoano
11:10 AM Bug #14048 (Duplicate): OpenVPN: Disabled "Client Certificate Key Usage Validation" Not Always Honored
Duplicate of #13056 (already fixed) Jim Pingle
09:36 AM Bug #14048 (Duplicate): OpenVPN: Disabled "Client Certificate Key Usage Validation" Not Always Honored
I have noticed an issue with OpenVPN in version 2.6.0.
I have a remote access VPN with UDP in tap mode.
When PfSe... Federico Capoano
10:33 AM pfSense Plus Bug #14044 (Not a Bug): After upgrade to 23.01, firewall will not route traffic anymore to the Internet
This behavior has existed for as long as I can remember. For example, the "Getting Started" guides for all appliances... Marcos M

02/27/2023

09:52 PM Revision 715b1301: build php82 versions of extra database extensions
Christian McDonald
09:51 PM Revision 9093ee0d: Revert "remove unnecessary ports from poudriere_bulk"
This reverts commit 20e33e814e3a9f60e6efc1e3b6e53e06a1a9bb7f Christian McDonald
08:59 PM Revision 20e33e81: remove unnecessary ports from poudriere_bulk
Christian McDonald
07:27 PM Feature #14047 (Resolved): Options to control Intel Speed Shift
pfSense 23.01 and 2.7 supports Intel Speed Shift by default via the hwpstate_intel(4) driver.
This enables hardwar... Steve Wheeler
05:12 PM Bug #14046 (Rejected): bsdinstall based installs are missing EFISYS DOS label on efi partition
The pfSense-boot package relies on the existence of a /dev/msdosfs/EFISYS geom label to mount the EFI DOS partition a... Reid Linnemann
05:04 PM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions
I applied the system package but that did not solve the issue; its still sending e-mails out constantly and not clear... Paul Diederich
07:39 AM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions
It doesn't appear related to the content of the file, I copied that into mine and triggered a notification and it sen... Jim Pingle
04:20 PM Revision 0d83ed08: Update memory calulations. Implements #14011
* Update memory usage calculation for system info widget
* Add RRD data sources for new memory areas
* Upgrade code t... Jim Pingle
04:19 PM Bug #14045 (Resolved): ``pfSense-boot`` can fail to copy the EFI bootloader
The pfSense-boot post install script uses cp to copy the bootloader to the efi partition. If this copy is interrupted... Reid Linnemann
04:11 PM pfSense Packages Regression #14043: Netgate Firmware Upgrade fails to mount EFISYS
A default UFS install also mounts the EFI partition by default:... Steve Wheeler
03:43 PM pfSense Packages Regression #14043 (Resolved): Netgate Firmware Upgrade fails to mount EFISYS
The Netgate Firmware Upgrade package can on 4100/6100/8200 if the EFI partition is already mounted.
The webgui outpu... Steve Wheeler
04:02 PM pfSense Plus Bug #14044 (Not a Bug): After upgrade to 23.01, firewall will not route traffic anymore to the Internet
After upgrading to 23.01, if the WAN interface receives an IP address from the same range of addresses as configured ... Martin Kusch
03:32 PM pfSense Packages Regression #13978: PHP errors with squidGuard
Additional report:... Marcos M
03:05 PM pfSense Plus Regression #13993: Switch ports on 7100/1100/2100 do not have Auto MDI-X support enabled
Jim Pingle wrote in #note-4:
> Ryan Coleman wrote in #note-3:
> > Luiz Souza wrote in #note-1:
> > > Fixed in 23.... Ryan Coleman
07:31 AM pfSense Plus Regression #13993: Switch ports on 7100/1100/2100 do not have Auto MDI-X support enabled
Ryan Coleman wrote in #note-3:
> Luiz Souza wrote in #note-1:
> > Fixed in 23.05 and also in the 23.01 branch.
> ... Jim Pingle
01:16 PM pfSense Packages Bug #10692: PIMD starts twice at boot
I still see things which are strange running the actual 2.7 build in combination with the latest pimd beta from githu... Louis B
10:30 AM Todo #14011 (Feedback): Update memory graphs to account for changes in memory reporting
Applied in changeset commit:0d83ed084a987f3446a0cbdcf249fc5b8722726f. Jim Pingle
10:16 AM Bug #14009: PHP error from upgraded IPsec tunnel containing only deprecated ciphers
According to a user on the forum thread, their pre-upgrade configuration contained the following section:... Jim Pingle
08:10 AM Bug #14009: PHP error from upgraded IPsec tunnel containing only deprecated ciphers
Looks like this is from the upgrade code that removes deprecated encryption options, somehow it ends up with an empty... Jim Pingle
08:44 AM pfSense Packages Bug #14042: An assigned Pass List is not shown as "Assigned" on the PASS LISTS tab when the list is used in the HOME_NET or EXTERNAL_NET setting on a Suricata interface.
I will work on this and submit a pull request containing the fix. Bill Meeks
08:33 AM pfSense Packages Bug #14042 (Resolved): An assigned Pass List is not shown as "Assigned" on the PASS LISTS tab when the list is used in the HOME_NET or EXTERNAL_NET setting on a Suricata interface.
On the PASS LIST tab, user-generated custom Pass Lists are denoted as "Assigned" when the Pass List name is assigned ... Bill Meeks
08:44 AM pfSense Packages Bug #14041: Post-install migration of existing settings throws a PHP error when the configuration contains the legacy layout of a single alias in a Pass List.
I will work on this and submit a pull request containing the fix. Bill Meeks
08:28 AM pfSense Packages Bug #14041 (Resolved): Post-install migration of existing settings throws a PHP error when the configuration contains the legacy layout of a single alias in a Pass List.
Some time back the Pass List logic in Suricata was changed to allow the addition of multiple custom IPs and/or aliase... Bill Meeks
08:24 AM pfSense Packages Bug #13997: NUT Package and 23.01
I have applied the workaround for now per https://forum.netgate.com/topic/102959/nut-package/1072?_=1677507452044&lan... Greg Jacobs
08:18 AM pfSense Packages Bug #13997: NUT Package and 23.01
Also related forum thread https://forum.netgate.com/topic/102959/nut-package/1052?lang=en-US Greg Jacobs
07:54 AM pfSense Docs Todo #14028 (Duplicate): Feedback on Releases — 23.01 New Features and Changes - Errata/Known Hardware Issues for 4860 & 8860
Duplicate of #14023 Jim Pingle
07:54 AM Feature #14030: GUI setting/tunable for ZFS ARC Maximum size
Let's keep this issue specific to one request and not over-generalize it.
 Jim Pingle
07:52 AM pfSense Plus Bug #13976: SNMP logs "Device not configured" error message when queries involve built-in switch port interfaces
This appears to be the same as #8600 and to fix it then, we suppressed that error.
 Jim Pingle
07:44 AM pfSense Plus Bug #13976: SNMP logs "Device not configured" error message when queries involve built-in switch port interfaces
Ditto. Same here after upgrading HA 7100's from 22.05 to 23.01.... Michael Novotny
07:34 AM Bug #14033: PHP error in NTP Server if the configuration contains a partial section of old ``openntpd`` settings
Looks like that could happen if your configuration still happened to have a partial section from the old openntpd set... Jim Pingle
07:29 AM Regression #13963: OpenVPN and GIF interface create/destroy operations fail due to outdated ``linker.hints``
If @kldxref /boot/kernel@ did not fix it, then it is *not* related to this Redmine issue but something else entirely,... Jim Pingle
12:41 AM Regression #13963: OpenVPN and GIF interface create/destroy operations fail due to outdated ``linker.hints``
I can't upgrade until this Tailscale situation is resolved. Is this the correct issue to follow updates on Tailscale ... R W
07:19 AM Bug #14040 (Rejected): ip asignadas openvpn-client
This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
07:01 AM Bug #14040 (Rejected): ip asignadas openvpn-client
donde se guardan las ip asignadas por el openvpn-client cuando no esta configuradas como dinamica Vicente Millan

02/26/2023

09:59 PM Regression #14039: Limiters have no effect on upload traffic passed by policy routing rules
The issue can be avoided by creating a floating rule that applies the upload limiter.
Without the floating rule, the... Marcos M
07:10 PM Regression #14039 (Resolved): Limiters have no effect on upload traffic passed by policy routing rules
Upload traffic is not limited if the rule passing the traffic uses @route-to@. This last worked in pfSense+ 22.01 and... Marcos M
09:30 PM pfSense Plus Regression #13993: Switch ports on 7100/1100/2100 do not have Auto MDI-X support enabled
Luiz Souza wrote in #note-1:
> Fixed in 23.05 and also in the 23.01 branch.
I don't see any recommended patches -... Ryan Coleman
07:14 PM Regression #13026 (Resolved): Limiters do not work
The original issue of limiters not working at all has been resolved. I've created a separate issue for the @route-to@... Marcos M
09:56 AM Bug #14033: PHP error in NTP Server if the configuration contains a partial section of old ``openntpd`` settings
20230226 - Fixed by a reset to "Factory Defaults". FCS FCS
09:21 AM Regression #13988 (Confirmed): PHP error with OpenVPN if the server certificate subject has duplicate components
The issue looks to be that the cert used for the OpenVPN server contains multiple @CN@ fields/values (which indicates... Marcos M
05:28 AM Regression #13983: Multiple PHP errors in the DHCP Server when the configuration contains an empty section for an interface
Another one report but from xg-7100-1U
aleksei prokofiev

02/25/2023

10:18 PM Feature #13168: Multiple Dashboard views for a single user
Jim Pingle wrote in #note-1:
> B: You can sort of do this now. Each user can have its own custom dashboard. *System ... Sergei Shablovsky
10:10 PM pfSense Packages Todo #14038: Make more informative counter of selected interfaces
P.s.
The dimension of this drop-down selectors in WebGUI allow to do this without breaking whole interface view on... Sergei Shablovsky
10:06 PM pfSense Packages Todo #14038 (New): Make more informative counter of selected interfaces
Hi pfSense team!
In WebGUI -> in “DNS Resolver” package -> “General settings” -> both selectors: “Network Interfac... Sergei Shablovsky
09:35 PM pfSense Packages Bug #10692: PIMD starts twice at boot
*not* seeing this happen with pimd 0.0.3_6 on 23.05.a.20230224.0600 Jordan G
07:13 PM pfSense Plus Regression #13993: Switch ports on 7100/1100/2100 do not have Auto MDI-X support enabled
running version 23.05.a.20230224.0600 on 7100 I am again able to successfully connect with 1100, this was not working... Jordan G
04:33 PM pfSense Packages Bug #11898: PHP error from apcupsd dashboard widget when battery is charging
updating APCUPSd package to 0.3.92_1 does not produce this issue any longer when battery charge <100% Jordan G
01:33 PM pfSense Packages Bug #11898 (Resolved): PHP error from apcupsd dashboard widget when battery is charging
Fix merged, will be in builds soon (might be a couple days) Jim Pingle
01:17 PM pfSense Packages Bug #11898: PHP error from apcupsd dashboard widget when battery is charging
I was able to reproduce this by forcing the battery charge < 100. Not sure what the original logic is trying to do th... Jim Pingle
02:53 PM Bug #14035: PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded
See: https://forum.netgate.com/post/1090298
More detail needed to reproduce Steve Wheeler
01:55 PM Bug #14035: PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded
I can't reproduce this by adding/removing/adding a GIF interface. Do we know what was in the config.xml section for t... Jim Pingle
11:08 AM Bug #14035 (Resolved): PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded
After removing an recreating a GIF tunnel:... Steve Wheeler
02:33 PM Bug #14037 (Resolved): PHP Error enabling ICMP6 using EasyRule
Tried to enable ICMP6 for a host from the system log page to allow a host to ping through and received:
[20-Feb-20... Trix Farrar
02:00 PM Bug #14036 (Resolved): PHP error when the ``timeserver`` section of the configuration is empty
The following error is thrown when there is an empty or missing "timeserver" entry in the config.
The code should ... Christopher Cope
01:33 PM pfSense Packages Regression #13970 (Resolved): PHP error in apcupsd widget from UTF-8 string handling
Fix merged, will be in builds soon (might be a couple days) Jim Pingle
01:20 PM pfSense Packages Regression #13970: PHP error in apcupsd widget from UTF-8 string handling
This is from the degree symbol the package adds into the temperature string. At some point it changed and is now hand... Jim Pingle
12:37 PM Bug #13938: Kernel panic accessing the GUI over IPsec in certain environments when using nginx ``sendfile`` with unmapped mbufs
I can confirm that applying the patch from the forum fixed the issues with connections over IPsec.
https://forum.net... Danilo Zrenjanin
12:16 PM pfSense Packages Feature #14032: Neighbor Discovery Proxy (NDproxy)
Yuki Hiramatsu wrote:
> ISPs around the world are making effective use of IPv6.
> DHCPv6-PD and others are already ... Yuki Hiramatsu
06:51 AM pfSense Packages Feature #14032 (New): Neighbor Discovery Proxy (NDproxy)
ISPs around the world are making effective use of IPv6.
DHCPv6-PD and others are already supported, but pfsense has ... Yuki Hiramatsu
12:05 PM pfSense Packages Bug #13997: NUT Package and 23.01
Seeing same bug / issue... Greg Jacobs
10:27 AM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions
This has happened with a notification that acb.netgate.com couldn't be resolved. Issue was fixed by rebooting the OS.... Paul Diederich
08:40 AM Bug #14031 (Feedback): Identical SMTP notifications repeat in an infinite loop under certain conditions
I don't doubt it's happening as this isn't the first report we have received about it, but thus far nobody has been a... Jim Pingle
01:25 AM Bug #14031 (Resolved): Identical SMTP notifications repeat in an infinite loop under certain conditions
When a notification is generated, the system begins sending those notifications to the configured SMTP e-mail address... Paul Diederich
10:05 AM Bug #14034 (Resolved): PHP errors in ``xmlrpc.php`` during configuration synchronization if the target host has an empty XML tag for a given section
There are several cases where xmlrpc is still accessing the config directly. This causes errors in PHP8 when the seco... Christopher Cope
09:56 AM pfSense Packages Bug #14029 (Resolved): Suricata: Release dangling array reference variables used in post-install migration
PR merged, thanks! Jim Pingle
09:14 AM Bug #14033 (Resolved): PHP error in NTP Server if the configuration contains a partial section of old ``openntpd`` settings
Did a reboot and set NTP setting again, and error persists. https://192.168.x.x/services_ntpd.php
Error:
Fatal ... FCS FCS

02/24/2023

09:42 PM Feature #11825: Assign IPv6 address to WAN with PD-only ISP
A workaround is creating a VLAN interface on the WAN interface and having the VLAN interface track the WAN interface ... Nicolas Avrutin
09:28 PM Revision 40a27b99: add textproc/ripgrep
Christian McDonald
08:10 PM Revision 83aded16: Upgrade to PHP8.2
Christian McDonald
07:22 PM pfSense Packages Bug #14029: Suricata: Release dangling array reference variables used in post-install migration
A pull request containing the fix for this issue has been submitted here: https://github.com/pfsense/FreeBSD-ports/pu... Bill Meeks
04:50 PM pfSense Packages Bug #14029 (Resolved): Suricata: Release dangling array reference variables used in post-install migration
Config array reference variables are used in the post-install migration code of the package to iterate configured int... Bill Meeks
06:13 PM Feature #14030 (New): GUI setting/tunable for ZFS ARC Maximum size
The default settings for ARC in FreeBSD are appropriate to optimise disk access for most computer systems.
For a re... Patch Public
06:06 PM Bug #13938: Kernel panic accessing the GUI over IPsec in certain environments when using nginx ``sendfile`` with unmapped mbufs
The workarounds used here also seem to apply at least partially to connections over OpenVPN tunnels.
See: https://fo... Steve Wheeler
05:47 PM pfSense Plus Feature #14012: ZFS memory usage graphs
This feature request is probably related: zfs GUI functionality - alerts https://redmine.pfsense.org/issues/9226 but ... Patch Public
04:37 PM pfSense Docs Todo #14028 (Duplicate): Feedback on Releases — 23.01 New Features and Changes - Errata/Known Hardware Issues for 4860 & 8860
*Page:* https://docs.netgate.com/pfsense/en/latest/releases/23-01.html
*Feedback:*
The errata notes _Devices ba... Ad Ves
02:11 PM Todo #14027 (Resolved): Update PHP to 8.2.6
Christian McDonald
12:43 PM pfSense Packages Regression #13950 (Resolved): PHP error with pfBlockerNG
Marcos M
10:34 AM Todo #14011 (Pull Request Review): Update memory graphs to account for changes in memory reporting
Internal MR:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1014
Initial diff attached here as wel... Jim Pingle
10:15 AM pfSense Packages Regression #13978: PHP errors with squidGuard
see the crash log below... mokey fraggle
10:14 AM pfSense Packages Regression #13978: PHP errors with squidGuard
This also impacts pfblocker-ng and squid. I suspect it has to do with what appears to be an incompatibility with php ... mokey fraggle
09:23 AM Regression #14026 (Resolved): HA node with CARP VIP in backup state is unable to ping the active node using that CARP VIP address
This was brought up by a customer and I am able to reproduce it.
Master 10.41.1.252
Backup 10.40.1.253
CAR... Christopher Cope
07:56 AM pfSense Packages Bug #14021: Squid ClamAV showing bytecode errors for version 334
As of 2-24-23 this has been resolved with . . .
"Empty script bytecode-334.cdiff, need to download entire databas... Jonathan Lee
07:53 AM pfSense Packages Bug #14021: Squid ClamAV showing bytecode errors for version 334
This error is also present on package reinstall of Squid Proxy Jonathan Lee
07:45 AM Regression #14025 (Duplicate): 23.01 and "bip" missing
Duplicate of #14002 Jim Pingle
03:49 AM Regression #14025: 23.01 and "bip" missing
*EDIT :*
I specify that if I launch the "reboot" function from the menu, I hear "beeps" and at the end of the "boot"... Steph Swiss
12:24 AM Regression #14025 (Duplicate): 23.01 and "bip" missing
I haven't changed anything on my hardware, I went from version 22.05 to 23.01 release and now I don't hear any "beep"... Steph Swiss
07:38 AM Bug #14022: PHP error when exporting a CRL for an old CA
Thanks Jim, I can confirm the patch works for me.
(Sorry, I've erroneously set the pfSense Plus version to 23.05 w... Matthew Fearnley
01:57 AM Bug #13014: Deadlock in Charon VICI interface
still happening on pf+ 23.01-RELEASE
if we leave a single VPN trying to connect when other side not configured corr... Dan Bailey

02/23/2023

04:50 PM pfSense Packages Regression #13884 (Resolved): pfBlockerNG DNSBL TLD option causes reloads to take a long time
Jim Pingle
03:50 PM pfSense Packages Regression #13884: pfBlockerNG DNSBL TLD option causes reloads to take a long time
Should be resolved in v3.2.0_3 BBcan177 .
04:49 PM pfSense Packages Regression #13960 (Resolved): PHP Fatal error - pfblockerng.widget.php
Jim Pingle
03:49 PM pfSense Packages Regression #13960: PHP Fatal error - pfblockerng.widget.php
Should be resolved in v3.2.0_3 BBcan177 .
04:48 PM pfSense Packages Regression #14024: PHP error in HAProxy Widget with Show Client Traffic enabled
It is only afecting the Dashboard Widget. Rodrigo Goncalves
04:47 PM pfSense Packages Regression #14024 (Resolved): PHP error in HAProxy Widget with Show Client Traffic enabled
After updating to pfsense plus 23.01 the haproxy dashboard widget is broken when acessing the pfsense web gui behind ... Rodrigo Goncalves
02:48 PM Bug #9459: patch pf: silence a runtime warning pfr_update_stats: assertion failed.
Casper B wrote in #note-8:
> Anonymous wrote in #note-5:
> > No response from OP. Assumed fixed
>
> Still happen... Jens Groh
02:01 PM Bug #9459: patch pf: silence a runtime warning pfr_update_stats: assertion failed.
Anonymous wrote in #note-5:
> No response from OP. Assumed fixed
Still happening here.. v 22.05
patch is in OP... Casper B
02:31 PM Revision 46b15903: Correct unbound 'all' if check for ACLs. Fixes #13851
Jim Pingle
01:42 PM pfSense Docs Todo #14023 (Closed): Feedback on Releases — 23.01 New Features and Changes
*Page:* https://docs.netgate.com/pfsense/en/latest/releases/23-01.html
*Feedback:*
Can the wording around this ... Offstage Roller
12:57 PM Bug #13938: Kernel panic accessing the GUI over IPsec in certain environments when using nginx ``sendfile`` with unmapped mbufs
To make searching easier the backtrace this generates is:... Steve Wheeler
10:49 AM Bug #13279: DHCP config override affects Gateway installation.
It seems the config override should contain option 55 values like _subnet-mask,routers,domain-name-servers,domain-nam... Lev Prokofev
05:43 AM Bug #13279: DHCP config override affects Gateway installation.
Is there any progress on this? It's the same also after upgrading to pfSense Plus 23.01. Emanuel Gerber
09:11 AM pfSense Packages Bug #14021: Squid ClamAV showing bytecode errors for version 334
This error is still present after 24hrs ClamAV will not update currently, This is what Squid is using for Antivirus s... Jonathan Lee
09:04 AM pfSense Packages Feature #13863: squidguard auto update blacklist
Side Note: I recently learned to use
cp /tmp/squidGuard_blacklist_update.sh /usr/local/bin/;/usr/local/bin/squidG... Jonathan Lee
08:40 AM Bug #13851 (Feedback): DNS Resolver does not generate automatic ACLs for IPv6 when Network Interfaces is set to "All"
Applied in changeset commit:46b159032fef8c78783aa1a749d2238cfed7ac0d. Jim Pingle
08:26 AM Bug #13851 (In Progress): DNS Resolver does not generate automatic ACLs for IPv6 when Network Interfaces is set to "All"
Not sure why I couldn't reproduce this before, but I found it happening on one of my lab systems. Since it was easy t... Jim Pingle
07:35 AM Bug #14022: PHP error when exporting a CRL for an old CA
Nothing immediately stands out in the cert but I can replicate it easily with that CA.
Making the following change... Jim Pingle
06:36 AM Bug #14022 (Resolved): PHP error when exporting a CRL for an old CA
I have a CA that was generated in 2016, possibly from an old version of pfSense.
When Create a CRL using it and tr... Matthew Fearnley
06:20 AM Bug #14013: PHP error when attempting to bulk import Alias content
Jim Pingle wrote in #note-3:
> Applied in changeset commit:290b3461bb816e9fc161568e499d43b24542cb9f.
i test your cod... Amin Sadeghi
06:20 AM Bug #14013: PHP error when attempting to bulk import Alias content
I was able to easily replicate it on an install that was very close to a default config. The error happened on a line... Jim Pingle
06:11 AM Bug #14013: PHP error when attempting to bulk import Alias content
Danilo Zrenjanin wrote in #note-4:
> I couldn't reproduce this issue.
>
> I tried with bulk import, but I couldn... Amin Sadeghi
04:35 AM Bug #14013: PHP error when attempting to bulk import Alias content
I couldn't reproduce this issue.
I tried with bulk import, but I couldn't replicate that issue on a stock 23.01 i... Danilo Zrenjanin
03:04 AM Bug #14004 (Resolved): PHP errors when configuration lacks any certificates
Danilo Zrenjanin
03:04 AM Bug #14004: PHP errors when configuration lacks any certificates
Tested the patch against:... Danilo Zrenjanin

02/22/2023

11:54 PM pfSense Packages Bug #14021 (Not a Bug): Squid ClamAV showing bytecode errors for version 334
Squids ClamAV Freshclam update will not complete and displays error for database version 334. This just started to oc... Jonathan Lee
08:32 PM Revision ff715efc: Do not try to retain FreeBSD default cron jobs. Fixes #14016
Jim Pingle
05:40 PM Revision 4342d179: Correct alias sort order. Fixes #14015
Jim Pingle
05:37 PM Revision 290b3461: Correct alias bulk import code for PHP 8.x. Fixes #14013
Jim Pingle
04:44 PM Bug #14020 (New): Captive Portal breaks policy routing for allowed IP addresses with specified bandwidth after upgrade to 2.6.0
The topic on forum.netgate is here: (https://forum.netgate.com/topic/178194/captive-portal-blocking-allowed-ip-addres... Mohammad Adnan Ataya
03:40 PM pfSense Packages Bug #14019 (Resolved): PHP Error: /usr/local/pkg/avahi/avahi.inc:76
In 23.01-REL:... Steve Wheeler
03:22 PM pfSense Plus Regression #13993 (Feedback): Switch ports on 7100/1100/2100 do not have Auto MDI-X support enabled
Fixed in 23.05 and also in the 23.01 branch. Luiz Souza
02:58 PM pfSense Packages Bug #14018: Service Watchdog keeps monitoring services after thy had been removed
The items were removed from Service Watchdog, but it still was sending notifications.
Do you have any control over... Yuri Weinstein
02:47 PM pfSense Packages Bug #14018 (Rejected): Service Watchdog keeps monitoring services after thy had been removed
There is nothing the package can do about that. You added the entry manually, you have to remove it manually.
 Jim Pingle
02:44 PM pfSense Packages Bug #14018 (Rejected): Service Watchdog keeps monitoring services after thy had been removed
I suspect it's true for any package, but I tested on pfBlockerNG
Steps:
Have `pfBlockerNG` monitored by `Servic... Yuri Weinstein
02:40 PM Regression #14016 (Feedback): FreeBSD default ``cron`` jobs are enabled when they should be disabled
Applied in changeset commit:ff715efce5e6c65b3d49dc2da7e1bdc437ecbf12. Jim Pingle
02:30 PM Regression #14016 (Resolved): FreeBSD default ``cron`` jobs are enabled when they should be disabled
Somewhere in the move to FreeBSD main the default OS cron jobs in /etc/crontab got enabled. It looks like maybe in th... Jim Pingle
02:38 PM pfSense Plus Feature #14017 (New): Ability to remove all packages before upgardes with saved configuration
Currently, every time when a new upgrade is available the first thing recommended to do is uninstalling all packages.... Yuri Weinstein
02:24 PM pfSense Plus Bug #14005: SFP Interfaces not available with Traffic Shaper in v23.01
!pfsense-22.05.png!
!pfsense-23.01.png!
 Brendon Flint
01:31 PM Todo #14011: Update memory graphs to account for changes in memory reporting
I'll take a look at this one soonish Jim Pingle
09:32 AM Todo #14011 (Resolved): Update memory graphs to account for changes in memory reporting
FreeBSD reports memory usage broken down differently than it did in the past. The code handling the memory graphs and... Jim Pingle
01:11 PM Revision 060f5055: Fix typo in filter.inc var name ref. Fixes #14010
Reported-By: Noelite on Github Jim Pingle
11:50 AM pfSense Packages Regression #13970: PHP error in apcupsd widget from UTF-8 string handling
I'm seeing a similar issue. apcupsd is gathering data from the UPS. The widget is throwing this error after upgrading... Andrew Dakin
11:50 AM Regression #14015 (Feedback): Alias list is not sorted
Applied in changeset commit:4342d179afe732baf3a73e2db4381b57b1aa7703. Jim Pingle
11:39 AM Regression #14015 (Resolved): Alias list is not sorted
The alias list on firewall_aliases.php is not sorted as expected. The array is run through @asort()@ which isn't sort... Jim Pingle
11:47 AM pfSense Packages Bug #14014 (Duplicate): APCUPSD widget not working after pfSense + update to v.23.01
Based on the error in the screenshots this is a duplicate of #13970 Jim Pingle
11:31 AM pfSense Packages Bug #14014 (Duplicate): APCUPSD widget not working after pfSense + update to v.23.01
I opened an new issue on suggestion from rcoleman-netgate in link: https://forum.netgate.com/topic/178106/apcupsd-wid... Matjaz Bavcon
11:45 AM Bug #14013 (Feedback): PHP error when attempting to bulk import Alias content
Applied in changeset commit:290b3461bb816e9fc161568e499d43b24542cb9f. Jim Pingle
11:22 AM Bug #14013 (Confirmed): PHP error when attempting to bulk import Alias content
Jim Pingle
10:25 AM Bug #14013 (Resolved): PHP error when attempting to bulk import Alias content
Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/www/firewall_aliases_imp... Amin Sadeghi
11:00 AM pfSense Packages Bug #14003: Reports/Alerts Issue with IPv6 Addresses
Still seeing them after removing ip_cache.sqlite.
 Andy Kniveton
08:42 AM pfSense Packages Bug #14003: Reports/Alerts Issue with IPv6 Addresses

It could be that the old records are in the sqlite cache file?
sqlite3 /var/db/pfblockerng/ip_cache.sqlite .... BBcan177 .
03:25 AM pfSense Packages Bug #14003: Reports/Alerts Issue with IPv6 Addresses
Still occurring after 3.2.0_3 Andy Kniveton
10:22 AM pfSense Plus Bug #13975: when assigning a vlan to wan interface configured mac address is not used
I've done some more testing.
I now have the physical interface igc0 set as opt1. In that interface is set the want... Oscar Muntenaar
09:50 AM pfSense Plus Feature #14012 (New): ZFS memory usage graphs
It's becoming increasingly relevant for users to monitor ZFS memory usage, especially ARC usage. This is ideal as a s... Jim Pingle
09:12 AM Feature #14008: Change upgrade/reboot countdown timer to a general "busy" indicator
To add to the conversation, as a relative newcomer to Netgate/pfSense, the fact that there is a 2 minute timer implie... Mike Kazimar
09:03 AM Feature #14008: Change upgrade/reboot countdown timer to a general "busy" indicator
Brainstorming it the other direction, perhaps after "n" minutes show a message to check the console, or after a while... Steve Y
08:15 AM Feature #14008: Change upgrade/reboot countdown timer to a general "busy" indicator
It's a good idea since that varies a lot by hardware but it's all a guess. I'm not even sure why we need a visible ti... Jim Pingle
08:49 AM pfSense Plus Bug #13981 (Feedback): PHP Error on ``status_interfaces.php`` with empty switch VLAN group configuration and assigned VLAN interfaces
Fix committed to plus tree (@5841d5850265476100b719e60e38b65887cd1460@).
You can install the "System Patches packa... Jim Pingle
08:39 AM pfSense Plus Bug #13981: PHP Error on ``status_interfaces.php`` with empty switch VLAN group configuration and assigned VLAN interfaces
To trigger this you also need at least one assigned VLAN tagged interface -- it need not be on the switch interface. Jim Pingle
08:24 AM pfSense Plus Bug #13981 (In Progress): PHP Error on ``status_interfaces.php`` with empty switch VLAN group configuration and assigned VLAN interfaces
Jim Pingle
07:43 AM Regression #13988 (Feedback): PHP error with OpenVPN if the server certificate subject has duplicate components
That would have to be an issue in the certificate data. Somehow one of those certificates is triggering a return of m... Jim Pingle
07:31 AM Bug #14009: PHP error from upgraded IPsec tunnel containing only deprecated ciphers
Do we have access to the config that triggered this? Somehow it would have to have either a completely empty tunnel e... Jim Pingle
07:25 AM Regression #14010 (Feedback): Typo in ``filter.inc`` variable for DHCPv6 VLAN priority tag value
Applied in changeset commit:060f50552e63f4ef73cd08eed329691010632b8d. Jim Pingle
07:15 AM Regression #14010 (Resolved): Typo in ``filter.inc`` variable for DHCPv6 VLAN priority tag value
In source:src/etc/inc/filter.inc#L3730 there is a typo in a variable name, @dhcpc6vpt@ should be @dhcp6cvpt@ that was... Jim Pingle

02/21/2023

10:59 PM Bug #14009 (Resolved): PHP error from upgraded IPsec tunnel containing only deprecated ciphers
PHP error after upgrading to 23.01 and trying to configure IPsec tunnels.... Marcos M
09:33 PM Feature #14008 (New): Change upgrade/reboot countdown timer to a general "busy" indicator
Newcomers to pfSense may assume the 2 minute timer suggests that is how long the upgrade is expected to take. Since ... Steve Y
08:12 PM Bug #14007 (Resolved): Using PF reserved keywords for interface descriptions results in an invalid ruleset
Interface descriptions are used to generate system aliases placed in @/tmp/rules.debug@. Interface descriptions are c... Marcos M
06:33 PM Revision 8de38eec: Always work with cert list as array. Fixes #14004
Jim Pingle
06:18 PM Revision 0e847960: NTP status corrections. Fixes #13999
While here, unbreak the GPS status display. Jim Pingle
03:35 PM pfSense Packages Regression #13960 (Feedback): PHP Fatal error - pfblockerng.widget.php
Looks like this is resolved with https://github.com/pfsense/FreeBSD-ports/pull/1233 Marcos M
03:29 PM pfSense Docs Correction #14006 (Resolved): Netgate 5100 drive installation shows outdated information
https://docs.netgate.com/pfsense/en/latest/solutions/sg-5100/m-2-sata-installation.html
> The standoff for the M.2... Marcos M
03:13 PM pfSense Packages Regression #13884: pfBlockerNG DNSBL TLD option causes reloads to take a long time
https://github.com/pfsense/FreeBSD-ports/pull/1233
https://github.com/pfsense/FreeBSD-ports/pull/1234 Christian McDonald
02:42 PM pfSense Packages Regression #13884 (Feedback): pfBlockerNG DNSBL TLD option causes reloads to take a long time
Christian McDonald
01:45 PM pfSense Plus Bug #14005 (New): SFP Interfaces not available with Traffic Shaper in v23.01
I have dual Netgate 1541 in HA mode. The SFP interfaces LAN (cxl1) and WAN (cxl0) are not available for configuration... Brendon Flint
01:31 PM Bug #13929 (Feedback): IGMP Proxy multicast group membership query packets have an invalid checksum
The fix has been pushed to the 23.01 ports tree. In a few hours you should be able to run: @pkg upgrade igmpproxy@ on... Christian McDonald
11:07 AM Bug #13929: IGMP Proxy multicast group membership query packets have an invalid checksum
experimental arm pkg Nizam Moidu
12:58 PM pfSense Packages Bug #13951 (Resolved): pfblockerNG does not allow for vlan description changes
Marcos M
12:57 PM pfSense Packages Regression #13950 (Feedback): PHP error with pfBlockerNG
Marcos M
12:56 PM pfSense Packages Bug #13989 (Duplicate): XML-RPC Sync not triggered
Likely referring to the following:
https://redmine.pfsense.org/issues/12916
https://redmine.pfsense.org/issues/12918 Marcos M
12:40 PM Bug #14004 (Feedback): PHP errors when configuration lacks any certificates
Applied in changeset commit:8de38eecb5939b212c973a3209b8c5d455e4a64c. Jim Pingle
12:35 PM Bug #14004: PHP errors when configuration lacks any certificates
I spotted a couple other areas outside of the resolver that had a similar call in the code to here, where if there we... Jim Pingle
10:55 AM Bug #14004 (Resolved): PHP errors when configuration lacks any certificates
When visiting the DNS resolver config page without any certs present:... Steve Wheeler
12:37 PM Feature #13998 (Rejected): FreeBSD Jails for use with updates?
We've looked into that before IIRC and it wasn't viable for a variety of reasons. ZFS has some features we're looking... Jim Pingle
12:25 PM Regression #13999 (Feedback): PHP error in NTP widget and status with GPS data
Applied in changeset pfsense:commit:0e847960910ae9f14ca7b52c84be25fe4b9d1064. Jim Pingle
11:15 AM Regression #13999 (In Progress): PHP error in NTP widget and status with GPS data
Looks like the exact same crash can happen on status_ntpd.php, both seem to need a GPS module present to trigger.
 Jim Pingle
12:11 PM pfSense Packages Bug #14003: Reports/Alerts Issue with IPv6 Addresses
There is a change in the next v3.2.0_3 which should fix this... see after that is installed. BBcan177 .
10:44 AM pfSense Packages Bug #14003 (New): Reports/Alerts Issue with IPv6 Addresses
I have Geo blocked China traffic inbound on my WAN interface, IPv4 traffic shows correctly in the Alerts tab but IPv6... Andy Kniveton
10:18 AM Feature #14002 (Resolved): Option to enable/disable console bell, enabled by default
In 23.01 logging into the firewall no longer sounds a beep from the speaker is it's present.
This is because the d... Steve Wheeler
10:02 AM Feature #14001 (Rejected): Always disable DNSSEC if forwarding enabled in Resolver
While that may be a good practice it isn't something we should force programmatically. Disabling security options une... Jim Pingle
09:38 AM Feature #14001 (Rejected): Always disable DNSSEC if forwarding enabled in Resolver
This is both a feature request and a regression. In just a few days I've experienced an issue and seen multiple forum... Steve Y
07:59 AM Bug #13992: Custom default state timeouts are not respected in the ruleset
Applied the patch and it's working fine here even without a reboot. Anonymous
07:10 AM Bug #13992: Custom default state timeouts are not respected in the ruleset
aleksei prokofiev wrote in #note-5:
> Applied provided patch and nothing changes. After reboot all works good and ti... Jim Pingle
12:38 AM Bug #13992: Custom default state timeouts are not respected in the ruleset
Applied provided patch and nothing changes. After reboot all works good and timeouts are saves.
So, reboot required... aleksei prokofiev
07:47 AM pfSense Packages Bug #13995 (Resolved): Suricata not saving automatic assignment of a new pass list for an interface - PHP 8.1 regression
PR merged. Jim Pingle
07:46 AM pfSense Packages Bug #13991 (Resolved): Snort error reported after update 23.01
PR merged. Jim Pingle
07:46 AM pfSense Packages Bug #13994 (Resolved): Snort not saving automatic assignment of a new pass list for an interface - PHP 8.1 regression
PR merged. Jim Pingle

02/20/2023

10:46 PM pfSense Packages Bug #13951: pfblockerNG does not allow for vlan description changes
Yes. 23.01 with pfblocker installed allows for LAGG interface changes.
Curious as to why this couldn’t happen prior Mike Moore
10:36 PM pfSense Packages Bug #13951: pfblockerNG does not allow for vlan description changes
I believe this is resolved? BBcan177 .
09:56 PM Bug #14000 (Rejected): PHP error with xmlrpc
This is from an external utility hitting XMLRPC, most likely the Home Assistant integration. Nothing we can do about ... Jim Pingle
08:40 PM Bug #14000 (Rejected): PHP error with xmlrpc
Error on 23.01-RELEASE (migration from CE 2.6.0).... Marcos M
05:55 PM Revision d015b45a: Fix state tiemout handling. Fixes #13992
Jim Pingle
05:11 PM Regression #13999 (Resolved): PHP error in NTP widget and status with GPS data
I have had this issue since the beta and I am still having it on 23.01 final.
I put the NTP widget on my home screen... anthony mushamel
04:36 PM Bug #8846 (Confirmed): Misleading error message when adding/editing static routes which use a gateway on a disabled interface
I'm still able to replicate this in 22.05 and 23.01. And in 2.7.0.a.20230215.0600
Tested a gateway created directl... Steve Wheeler
04:22 PM Feature #13998 (Rejected): FreeBSD Jails for use with updates?
Hypothetical solution with use with 2100-MAX and the 30GB drive:
Containerized updates? Just update with a Jailed ... Jonathan Lee
04:14 PM pfSense Packages Bug #13997: NUT Package and 23.01
Cyberpower 1200 avr Jonathan Lee
04:10 PM pfSense Packages Bug #13997 (Closed): NUT Package and 23.01
Feb 17 13:56:23 Lee_Family kernel: pid 53495 (usbhid-ups), jid 0, uid 66: exited on signal 11
Feb 17 09:20:53 Lee_... Jonathan Lee
04:12 PM pfSense Packages Bug #13811: Youtube content getting filtered on Squid when none is Selected
I have also tested this, and it fixes the YouTube issue.
Discussion post on this issue was also here.
https://for... Jonathan Lee
04:11 PM pfSense Packages Bug #13972: nut on pfsense spams console every 5 minutes "UPS ups is unavailable" against cyberpower snmp rmcard205
I have opened a different ticket for mine, my issue is with direct USB connection to the UPS Jonathan Lee
02:42 PM pfSense Packages Bug #13596 (Resolved): pfBlockerNG-devel Unbound does not start when using DNSBL python regex with multiple commented lines
Marcos M
12:03 PM pfSense Packages Bug #13596: pfBlockerNG-devel Unbound does not start when using DNSBL python regex with multiple commented lines
This has been resolved. BBcan177 .
01:16 PM Bug #13996 (New): Limiters using the fq_pie scheduler no longer pass any traffic.
After updating to 23.01 limiters using the fq_pie scheduler no longer pass any traffic.
When using the same floati... Anonymous
01:14 PM pfSense Packages Bug #13995: Suricata not saving automatic assignment of a new pass list for an interface - PHP 8.1 regression
Pull Request #1232 has been posted containing the fix for this issue: https://github.com/pfsense/FreeBSD-ports/pull/1... Bill Meeks
12:52 PM pfSense Packages Bug #13995 (Resolved): Suricata not saving automatic assignment of a new pass list for an interface - PHP 8.1 regression
Suricata has the same issue as identified in #13994 for Snort. This is a PHP 8.1 regression. A pull request containin... Bill Meeks
12:35 PM pfSense Packages Bug #13991: Snort error reported after update 23.01
Pull Request #1231 has been posted to the DEVEL branch to address this issue: https://github.com/pfsense/FreeBSD-port... Bill Meeks
10:09 AM pfSense Packages Bug #13991: Snort error reported after update 23.01
I will take a look at this and post a fix. Likely related to previous PHP 8.1 fixes. This is the second report of thi... Bill Meeks
09:47 AM pfSense Packages Bug #13991 (Resolved): Snort error reported after update 23.01
Hi, after the pfsense 23.01 update on the Netgate SG 1100, in snort, when snutter rules are generated in the alerts, ... Antonio Briguglio
12:34 PM pfSense Packages Bug #13994: Snort not saving automatic assignment of a new pass list for an interface - PHP 8.1 regression
Pull Request #1231 has been posted to the DEVEL branch to address this issue: https://github.com/pfsense/FreeBSD-port... Bill Meeks
11:35 AM pfSense Packages Bug #13994 (Resolved): Snort not saving automatic assignment of a new pass list for an interface - PHP 8.1 regression
When the user clicks the icon to suppress an alert on the ALERTS tab, and there is no existing assigned Suppress List... Bill Meeks
12:05 PM Bug #13992 (Feedback): Custom default state timeouts are not respected in the ruleset
Applied in changeset commit:d015b45a395045a56b9190f284459a6a4cc57568. Jim Pingle
11:34 AM Bug #13992: Custom default state timeouts are not respected in the ruleset
Setting timeouts via the Firewall Optimiazation Options field is still created and applied as expected in 23.01-REL.
... Steve Wheeler
11:26 AM Bug #13992: Custom default state timeouts are not respected in the ruleset
The expected values do not get added to the rules.debug file so are not applied to pf.... Steve Wheeler
10:30 AM Bug #13992 (Resolved): Custom default state timeouts are not respected in the ruleset
When I change the timeouts:
UDP Single to 60
UDP Multiple to 300
And then check from the command line with pfctl... Anonymous
12:01 PM pfSense Packages Bug #13989: XML-RPC Sync not triggered
Its only triggered if there were updates to the feeds. Please re-confirm? BBcan177 .
04:42 AM pfSense Packages Bug #13989 (Duplicate): XML-RPC Sync not triggered
XML-RPC Sync not triggered.
Neither on Update/CRON/Reload forced or scheduled. Gerold Kroetlinger
11:05 AM pfSense Plus Regression #13993 (Resolved): Switch ports on 7100/1100/2100 do not have Auto MDI-X support enabled
In 23.01 the 7100 switch ports do not support auto-MDI/X. A cross-over cable is required to link two ports on the swi... Steve Wheeler
10:06 AM pfSense Packages Bug #13990 (Duplicate): pfBlockerNG reload freezes
Marcos M
09:28 AM pfSense Packages Bug #13990 (Duplicate): pfBlockerNG reload freezes
When Wildcard Blocking (TLD) is activated in DNSBL and want to reload, it freezes when it arrives at.
TLD:
TLD an... Anil Ramkisoen

02/19/2023

09:04 PM Regression #13983: Multiple PHP errors in the DHCP Server when the configuration contains an empty section for an interface
Additional report:... Marcos M
06:57 PM Regression #13983: Multiple PHP errors in the DHCP Server when the configuration contains an empty section for an interface
Additional report:... Marcos M
12:40 PM Regression #13983: Multiple PHP errors in the DHCP Server when the configuration contains an empty section for an interface
Additional report:... Marcos M
04:45 PM Regression #13988 (Duplicate): PHP error with OpenVPN if the server certificate subject has duplicate components
Saving an OpenVPN Server configuration results in the following error:... Marcos M
12:43 PM pfSense Packages Regression #13950 (Waiting on Merge): PHP error with pfBlockerNG
Marcos M
11:37 AM pfSense Docs Correction #13987 (Closed): Monitoring system graphs need updated info about Nat States
https://docs.netgate.com/pfsense/en/latest/monitoring/graphs/list.html#states-graph
No info about Nat States menti... JohnPoz _
11:35 AM pfSense Plus Bug #13981: PHP Error on ``status_interfaces.php`` with empty switch VLAN group configuration and assigned VLAN interfaces
For reference, the @<vlangroups>@ element in @/cf/conf/config.xml@ can be removed to work around the issue (e.g. by u... Marcos M
10:04 AM pfSense Plus Bug #13981: PHP Error on ``status_interfaces.php`` with empty switch VLAN group configuration and assigned VLAN interfaces
This is triggered by the presence of empty <vlangroups> tags in the switch config which are not usually there.
The... Steve Wheeler
11:32 AM pfSense Plus Bug #13967: aarch64 23.01 upgrade can fail to write the bootloader
For reference, the firmware may be re-installed (rather than upgraded) to work around the issue. Marcos M
09:51 AM pfSense Packages Bug #13972: nut on pfsense spams console every 5 minutes "UPS ups is unavailable" against cyberpower snmp rmcard205
Jonathan Lee wrote in #note-2:
> Kernel issues please review attached log showing issue for NUT package
I'm not s... Jason Montleon
05:50 AM pfSense Docs Todo #13986 (Resolved): LTE Router ZTE MF79U works on pfSense
Hello Netgate Team,
The Router ZTE MF79U is not available in the list yet:
https://docs.netgate.com/pfsense/en/la... Igor Liebermann
03:24 AM pfSense Packages Bug #13985 (Duplicate): Telegraf error After Update PFSense to 23.01
Telegraf craches after update to 23.01
Hardware: Netgate 6100
Telegraf Version: 0.9_6
https://github.com/pfsense/... Marijan Kruljac

02/18/2023

09:59 PM pfSense Packages Regression #13984: PHP errors with squid
Resolve for this was found when working with members of the Netgate forum, resave the reverse proxy settings and afte... Jonathan Lee
08:43 PM pfSense Packages Regression #13984: PHP errors with squid
This error displays when any changes are made under Squid Jonathan Lee
08:42 PM pfSense Packages Regression #13984: PHP errors with squid
System was not having issues under prior version of pfSense. After update PHP errors occur when you try to make chang... Jonathan Lee
08:38 PM pfSense Packages Regression #13984 (Resolved): PHP errors with squid
I am not running Squid Reverse proxy, only Squid Proxy for outbound traffic.... Jonathan Lee
09:29 PM pfSense Packages Bug #10692: PIMD starts twice at boot
seeing 2x PIMD start, each with unique PIDs running 0.0.3_6 on 23.01 release Jordan G
08:39 PM pfSense Packages Bug #13972: nut on pfsense spams console every 5 minutes "UPS ups is unavailable" against cyberpower snmp rmcard205
Kernel issues please review attached log showing issue for NUT package Jonathan Lee
08:06 PM Bug #13729: Gateways stuck in Unknown status
Jordan Greene wrote in #note-9:
> Nazar Mokrynskyi wrote:
> > My pfSense is virtualized, so its interfaces are alwa... Nazar Mokrynskyi
07:53 PM Bug #13729: Gateways stuck in Unknown status
Nazar Mokrynskyi wrote:
> My pfSense is virtualized, so its interfaces are always up.
> pfSense was able to get IP ... Jordan G
07:03 PM pfSense Packages Todo #13906: Update tailscale from 1.34.2 to 1.36.0
Tailscale package updated to version *0.1.1_2* - showing dependency tailscale-1.36.0  Jordan G
03:23 PM pfSense Packages Bug #13898: Issues saving pfBlocker Sync Targets
This should be fixed in v3.2.0_2 BBcan177 .
03:22 PM pfSense Packages Regression #13950: PHP error with pfBlockerNG
This should be fixed in v3.2.0_2 BBcan177 .
10:13 AM pfSense Packages Regression #13950: PHP error with pfBlockerNG
Here is another after-clean install/restore:... Danilo Zrenjanin
02:05 PM pfSense Packages Bug #11898: PHP error from apcupsd dashboard widget when battery is charging
After upgrading to 23.01-RELEASE I also see similar behavior:... Anthony Messina
12:22 PM Regression #13983 (Resolved): Multiple PHP errors in the DHCP Server when the configuration contains an empty section for an interface
Seeing multiple pfSense 23.01 users having these PHP fatal error crashes. I got it in the DHCP Server tab by simply c... Car F
11:27 AM Bug #13915: PHP errors when re-running Traffic Shaper Wizards with different settings
If I can be of help, please let me know. I am having this issue as well, consistently. See https://forum.netgate.com/... Drew Saur
09:08 AM Bug #13982 (Duplicate): PHP error: /usr/local/www/firewall_rules.php:805
Duplicate of #13953 Jim Pingle
08:56 AM Bug #13982 (Duplicate): PHP error: /usr/local/www/firewall_rules.php:805
After upgrading to 23.01 with floating rules present and no currently configured OpenVPN intances:... Steve Wheeler
09:02 AM pfSense Packages Bug #13515: Snort with PHP 8.1 - TypeError when saving edits to an interface
One report of this still in 23.01-REL:
https://forum.netgate.com/topic/178019/php-errors-at-upgrade-to-23-01/ Steve Wheeler
08:56 AM pfSense Packages Bug #13979 (Duplicate): PfblockerNG fails to load on 23.01
Duplicate: https://redmine.pfsense.org/issues/13950 Christopher Cope
03:57 AM pfSense Packages Bug #13979: PfblockerNG fails to load on 23.01
My machine: netgate 6100 Paolo Est
03:55 AM pfSense Packages Bug #13979 (Duplicate): PfblockerNG fails to load on 23.01
Notifications in this message: 1
================================
10:31:41 PHP ERROR: Type: 1, File: /usr/local/w... Paolo Est
08:54 AM pfSense Packages Bug #13980 (Duplicate): PfblockerNG error on installation on 23.01
Duplicate https://redmine.pfsense.org/issues/13950 Christopher Cope
03:57 AM pfSense Packages Bug #13980: PfblockerNG error on installation on 23.01
My machine: netgate 6100 Paolo Est
03:55 AM pfSense Packages Bug #13980 (Duplicate): PfblockerNG error on installation on 23.01
Executing custom_php_install_command()...
Rebuilding GeoIP tabs...grep: /usr/local/share/GeoIP/cc/Africa_v4.txt: No ... Paolo Est
07:50 AM pfSense Plus Bug #13981 (Resolved): PHP Error on ``status_interfaces.php`` with empty switch VLAN group configuration and assigned VLAN interfaces
Devices with switches are hitting this after upgrading to 23.01.... Steve Wheeler

02/17/2023

11:14 PM pfSense Packages Regression #13978 (Resolved): PHP errors with squidGuard
Receiving the following error when trying to install/uninstall the squidguard package.
codePHP ERROR: Type: 1, Fil... Bob Williams
10:05 PM Revision a81a848e: Remove subtree support from devel/git since we do not need it and it pulls in a bunch of ruby deps
Brad Davis
09:57 PM Revision 879c85b0: add net/mcjoin and net/mrouted to poudriere_bulk
Christian McDonald
09:33 PM Regression #13963: OpenVPN and GIF interface create/destroy operations fail due to outdated ``linker.hints``
If the /dev/tun part is significant I'm still seeing this after running both `kldxref` (and restarting) and patching ... Zac West
10:45 AM Regression #13963: OpenVPN and GIF interface create/destroy operations fail due to outdated ``linker.hints``
The change above will make it refresh the linker.hints file on each boot instead of only when the file doesn't exist.... Jim Pingle
10:40 AM Regression #13963 (Feedback): OpenVPN and GIF interface create/destroy operations fail due to outdated ``linker.hints``
Applied in changeset pfsense:commit:18b8e41591905844627377b76347f8acba88f0a1. Jim Pingle
08:35 AM Regression #13963: OpenVPN and GIF interface create/destroy operations fail due to outdated ``linker.hints``
It looks like the Tailcalse is affected too.
https://forum.netgate.com/topic/177923/tailscale-service-won-t-start-a... Danilo Zrenjanin
04:34 PM Revision 18b8e415: Refresh linker hints at each boot. Fixes #13963
Jim Pingle
03:54 PM Revision ef882c74: Merge pull request #4626 from bmeeks8/suricata-6.0.10_netmap_v14_api_build_opts
Jim Pingle
03:42 PM Bug #13929: IGMP Proxy multicast group membership query packets have an invalid checksum
Attached is a bundled up pkg that can be installed on amd64... Christian McDonald
02:40 PM Bug #13929: IGMP Proxy multicast group membership query packets have an invalid checksum
@Christian McDonald
sorry about the different output on freebsd 14, I figured out the issue, the bug is indeed in th... Nizam Moidu
02:11 PM Bug #13929: IGMP Proxy multicast group membership query packets have an invalid checksum
I've tried different versions of llvm across different versions of FreeBSD... I get the same result:... Christian McDonald
12:57 PM Bug #13929: IGMP Proxy multicast group membership query packets have an invalid checksum
Unfortunately I get the same output with the example program on 22.05 (FreeBSD 12.3) and 23.01 (FreeBSD14) Christian McDonald
12:37 PM Bug #13929: IGMP Proxy multicast group membership query packets have an invalid checksum
@Nizam Moidu
Thanks for the example program. This is immensely helpful. I'm looking at it now. Christian McDonald
09:46 AM Bug #13929: IGMP Proxy multicast group membership query packets have an invalid checksum
Has a bug report been filed upstream at https://bugs.freebsd.org/ ?
If so, can you please link it here Christian McDonald
09:37 AM Bug #13929: IGMP Proxy multicast group membership query packets have an invalid checksum
issue seems to be from freeBSD-14 upstream, freeBSD-13 seems to generate valid igmp query packets,
any idea pfsense ... Nizam Moidu
10:06 AM pfSense Packages Bug #13925 (Resolved): Suricata 6.0.8_7 - PHP Fatal Errror on IP Rep Tab
PR merged. Will be in builds soon. Jim Pingle
10:06 AM pfSense Packages Feature #13955 (Resolved): Add NETMAP_V14 build option knob to Suricata binary makefile options in file ./tools/conf/pfPorts/make.conf
PR merged. Will be in builds soon. Jim Pingle
10:06 AM pfSense Packages Bug #13920 (Resolved): 23.01RC - Suricata stops working after Wireguard installed
PR merged. Will be in builds soon. Jim Pingle
09:18 AM Todo #13977 (Rejected): ip asignadas openvpn-client
You shouldn't assign statics within the range for dynamic assignment. The lack of checking there is not something we ... Jim Pingle
08:43 AM Todo #13977: ip asignadas openvpn-client
Hello everyone, I have a problem when accessing with my client vpn, when accessing it gives me a dhcp error because w... Vicente Millan
08:40 AM Todo #13977 (Rejected): ip asignadas openvpn-client
Saliudos a todos tengo un problemas al accesar con mi client vpn, al accesar me da error de dhcp porque al crear mi p... Vicente Millan
07:24 AM Bug #13973: PHP error in ``gwlb.inc`` when OpenVPN or IPsec instances referred to by assigned interface entries are missing
You assigned an OpenVPN server as an interface, then removed the server entry but not the assignment? That isn't a va... Jim Pingle
07:16 AM Bug #13974 (Rejected): No network connectivity after 23.01 upgrade, 23.01 fresh image installation and configuration restoration
There isn't enough information here to say there is a bug. Interfaces such as OpenVPN get dummy entries that are allo... Jim Pingle
07:12 AM Bug #13573 (New): DHCP Server generates an invalid configuration for static mappings when defining network booting and UEFI HTTPBoot URL
Jim Pingle
07:00 AM pfSense Plus Bug #13976 (Resolved): SNMP logs "Device not configured" error message when queries involve built-in switch port interfaces
SNMP polls cause the following errors in system logs:
Feb 17 12:52:11 snmpd 9415 SIOCGIFDESCR (e6000sw0port1): De... Georgiy Tyutyunnik
05:39 AM pfSense Plus Bug #13975: when assigning a vlan to wan interface configured mac address is not used
I've tried the configuration on a sg-3100, that does exactly the same. Once you set the wan interface to the .34 inte... Oscar Muntenaar
04:53 AM pfSense Plus Bug #13975 (Not a Bug): when assigning a vlan to wan interface configured mac address is not used
I just updated my 22.05 to 23.01, and I noticed my mac address I configured in the physical interface was not getting... Oscar Muntenaar
05:06 AM Bug #12079: Kernel panic when running IGMP Proxy: Sleeping thread owns a non-sleepable lock
Hello. This is the same issue. I can't make promises, but it possibly going to get fixed some time next month. Mateusz Guzik
02:27 AM pfSense Packages Feature #10500: Build HAProxy Package with buildin Prometheus exporter
Per-Arne Hellarvik wrote in #note-14:
> I want to reopen this. The service has disappeared:
> [...]
Just stop using ... DRago_Angel [InV@DER]

02/16/2023

10:36 PM Bug #13573: DHCP Server generates an invalid configuration for static mappings when defining network booting and UEFI HTTPBoot URL
Commenting this line causes it to work as expected.
https://github.com/pfsense/pfsense/blob/master/src/etc/inc/servi... Jason Montleon
08:52 PM Bug #13573: DHCP Server generates an invalid configuration for static mappings when defining network booting and UEFI HTTPBoot URL
This still happens for me on 23.01-RELEASE.... Jason Montleon
10:33 PM Bug #12079: Kernel panic when running IGMP Proxy: Sleeping thread owns a non-sleepable lock
I may have hit this same issue. My pfsense box has crashed three times the last few months.
Due to my almost zero k... Arturo de Vries
10:13 PM Bug #13974 (Rejected): No network connectivity after 23.01 upgrade, 23.01 fresh image installation and configuration restoration
When PFSense is upgraded / re-imaged to 23.01 and configuration file restored, some interfaces that are un-assigned o... YP Lo
10:00 PM Bug #13973 (Resolved): PHP error in ``gwlb.inc`` when OpenVPN or IPsec instances referred to by assigned interface entries are missing
I have previously configured OpenVPN interface and OpenVPN, but subsequently removed OpenVPN configuration but leavin... YP Lo
09:24 PM pfSense Packages Bug #13972 (Closed): nut on pfsense spams console every 5 minutes "UPS ups is unavailable" against cyberpower snmp rmcard205
This is a bug in nut. I've seen similar on Linux and have confirmed MIB 0.52 fixes it rebuilding packages there.
T... Jason Montleon
06:43 PM Revision d9fa4584: Correct NAT state regex matching for rrd graphs. Fixes #13966
The original regex was ambiguous for posix REs, and some basic RE application
may have been done for *? which is not ... Reid Linnemann
05:35 PM pfSense Packages Bug #13971 (New): Prometheus service for HAProxy is gone
In https://redmine.pfsense.org/issues/10500 it was added. Now it's gone:... Per-Arne Hellarvik
05:31 PM pfSense Packages Feature #10500: Build HAProxy Package with buildin Prometheus exporter
I want to reopen this. The service has disappeared:... Per-Arne Hellarvik
04:56 PM pfSense Packages Regression #13970 (Resolved): PHP error in apcupsd widget from UTF-8 string handling
In 23.01 release:... Steve Wheeler
04:18 PM Revision 2186435b: Fix DHCP server config path typos. Fixes #13965
Jim Pingle
02:59 PM pfSense Packages Bug #13969: Status_Monitoring ignores NAT states
To apply the fix manually in the meantime, use this patch:... Jim Pingle
02:52 PM pfSense Packages Bug #13969 (Feedback): Status_Monitoring ignores NAT states
Fix pushed, will be in dev snapshots.
Not picked to 23.01 since it doesn't make sense to update this without havin... Jim Pingle
02:40 PM pfSense Packages Bug #13969 (Resolved): Status_Monitoring ignores NAT states
The fix for #13966 corrected parsing of NAT states for RRD, but the Status_Monitoring frontend appears to be ignoring... Jim Pingle
02:37 PM pfSense Docs Todo #13968 (Closed): Marvell install instructions need updated
The Marvell units below show screenshots from old versions of pfSense and don't inform about the option to select UFS... Christopher Cope
02:24 PM Revision e53f0573: Fix DNS override enable test. Fixes #13962
Jim Pingle
01:25 PM Regression #13966 (Feedback): RRD update script does not parse state data properly
Applied in changeset commit:d9fa4584e3fb63d6051e9f1db7655f931cb1be19. Reid Linnemann
12:37 PM Regression #13966: RRD update script does not parse state data properly
This has probably not worked correctly in a while. In addition to '.*?' being ambiguous in extended REs, these patter... Reid Linnemann
10:44 AM Regression #13966 (Resolved): RRD update script does not parse state data properly
The states graph is not functional on 23.01 and current dev snapshots of CE and Plus
The regex pattern used by the... Jim Pingle
12:24 PM Regression #13963: OpenVPN and GIF interface create/destroy operations fail due to outdated ``linker.hints``
This also affects GIF interfaces, so it's more general than just OpenVPN.
https://forum.netgate.com/topic/177928/h... Jim Pingle
07:50 AM Regression #13963: OpenVPN and GIF interface create/destroy operations fail due to outdated ``linker.hints``
See: https://forum.netgate.com/topic/177887/openvpn-could-not-be-established-after-upgrade-to-23-01-on-sg-3100 Steve Wheeler
07:47 AM Regression #13963 (Resolved): OpenVPN and GIF interface create/destroy operations fail due to outdated ``linker.hints``
Tunnels can fail to start like:... Steve Wheeler
10:57 AM pfSense Plus Bug #13967 (Resolved): aarch64 23.01 upgrade can fail to write the bootloader
In some situations an upgrade to 23.01 on an 1100 or 2100 will fail after the upgrade process is unable to update the... Steve Wheeler
10:25 AM Regression #13965 (Feedback): Automatic DHCP failover firewall rules are not present in the ruleset when failover is active
Applied in changeset commit:2186435b5185ceb294cd6a4c1380db443e4dd218. Jim Pingle
10:17 AM Regression #13965 (Resolved): Automatic DHCP failover firewall rules are not present in the ruleset when failover is active
In an HA setup when the DHCP server is configured with a failover peer IP address, the ruleset should automatically g... Jim Pingle
09:46 AM Bug #12056: Filterlog says "Unknown Option %u"
Seems to be caused by https://github.com/pfsense/FreeBSD-ports/blob/95209049501e8372d0f31dcf2dfb45269a179151/sysutils... Florian Apolloner
08:33 AM Regression #13962: PPP interfaces do not request DNS servers when "DNS Server Override" is enabled
Updating the subject to match the root cause of the problem.
You can install the "System Patches package":https://... Jim Pingle
08:30 AM Regression #13962 (Feedback): PPP interfaces do not request DNS servers when "DNS Server Override" is enabled
Applied in changeset commit:e53f0573d853325dfb463eab8bfe59a9f4d6ce61. Jim Pingle
08:27 AM Regression #13962: PPP interfaces do not request DNS servers when "DNS Server Override" is enabled
The test in the code that generates the MPD config for PPP interfaces isn't checking the override setting correctly s... Jim Pingle
08:06 AM Regression #13962 (Confirmed): PPP interfaces do not request DNS servers when "DNS Server Override" is enabled
I can reproduce this here locally at least on one system.
The DNS servers are not getting passed through to @/usr/... Jim Pingle
04:05 AM Regression #13962 (Resolved): PPP interfaces do not request DNS servers when "DNS Server Override" is enabled
System --> General Setup --> DNS Server Settings --> DNS Server Override --> [x] Allow DNS server list to be overridd... Philip Gahl
08:31 AM pfSense Plus Bug #13964: PHP syntax error in ``ec2_setup.php``
That code only exists in Plus, and it's in the factory ports repo under @sysutils/pfSense-ec2_setup@ Jim Pingle
08:19 AM pfSense Plus Bug #13964 (Resolved): PHP syntax error in ``ec2_setup.php``
The ec2_setup.php file contains code that is not compatible with PHP 8.1.... Danilo Zrenjanin
07:45 AM Todo #13959: Trim blank characters from static IP address fields on the Interface configuration page
It shouldn't be letting that through.
It should either be doing a @trim()@ on the input to remove whitespace or it... Jim Pingle
07:37 AM Bug #13961: Virtual IP address input validation does not check for overlap with DHCP address ranges
You are right, if it is checked in one direction then it should be checked in both.
 Jim Pingle
04:00 AM Bug #13961 (Confirmed): Virtual IP address input validation does not check for overlap with DHCP address ranges
Firewall|Virtual IPs/Add:
When adding a Virtual IP to an interface in the WebGUI, there is no check at this point to... Willy Tenner
07:34 AM Regression #13943: OpenVPN crashes with Signal 8 with very low fragment size
Florian Achleitner wrote in #note-8:
> Unfortunately, theres is no mechanism to restart a crashed service automatica... Jim Pingle
06:59 AM Regression #13943: OpenVPN crashes with Signal 8 with very low fragment size
I wonder if explicitly specifying a value for mssfix would fix this. From the docs:... Florian Apolloner
06:52 AM Regression #13943: OpenVPN crashes with Signal 8 with very low fragment size
We observed this today. OpenVPN crashed with these log lines:
openvpn:... Florian Achleitner

02/15/2023

08:30 PM Revision c19e685a: Add and enable new NETMAP_V14 Suricata build option
Bill Meeks
08:26 PM pfSense Packages Regression #13950: PHP error with pfBlockerNG
Another report after upgrading to 23.01:... Marcos M
08:25 PM pfSense Packages Regression #13960 (Resolved): PHP Fatal error - pfblockerng.widget.php
Upgrading to new 23.01 release today and was greeted with unusable WebConfigurator due to php error on Pfblocker dash... RED SKULL
07:10 PM pfSense Packages Regression #13958: Snort exits with signal 10 on arm32
Signal 10 is the "unaligned memory access" fault. My first suspicion is an update of the llvm compiler in 23.01 has r... Bill Meeks
06:09 PM pfSense Packages Regression #13958 (Resolved): Snort exits with signal 10 on arm32
In 23.01 Snort core dumps with signal 10:... Steve Wheeler
06:39 PM Todo #13959 (Resolved): Trim blank characters from static IP address fields on the Interface configuration page
A days ago i have a trouble configuring Unbound.
When adding a service in a new interface (only in IPv6) the test... william costa
03:01 PM pfSense Packages Bug #13920: 23.01RC - Suricata stops working after Wireguard installed
The final fix for this issue is contained in pull request #1226 posted for review and merge. The request may be viewe... Bill Meeks
02:58 PM pfSense Packages Feature #13955: Add NETMAP_V14 build option knob to Suricata binary makefile options in file ./tools/conf/pfPorts/make.conf
The required Pull Request for this feature has been posted for review and merge. The request is available here: https... Bill Meeks
02:56 PM pfSense Packages Bug #13925: Suricata 6.0.8_7 - PHP Fatal Errror on IP Rep Tab
The pull request containing this fix has been posted for review and merge. The pull request can be viewed here: https... Bill Meeks
11:25 AM Bug #13883 (Resolved): UDP checksum errors with ``ixgbe`` interfaces
Noted, thanks! Jim Pingle
11:23 AM Bug #13883: UDP checksum errors with ``ixgbe`` interfaces
This issue appears to be fixed now that commit @d9b31bb0c79fc0febe4c93d71af6bc7de4009ccf@ was merged on 2/9. This can... Glenn Hall
09:10 AM pfSense Packages Feature #13957 (Rejected): BandwidthD
For any of that to be possible the actual developers of bandwidthd would have to add those functions first, which at ... Jim Pingle
09:01 AM pfSense Packages Feature #13957 (Rejected): BandwidthD
The current application available through pfsense doesn't allow for monitoring of multiple interfaces and data collec... Mike Moore
08:12 AM Bug #13953: PHP Error loading Floating rule tab with OpenVPN group rules when there are no OpenVPN instances in the configuration
Jim Pingle wrote in #note-1:
> Looks like maybe you have rules defined for the OpenVPN group on the Floating tab but... Christos Messios
07:54 AM Feature #13956 (New): Add advanced firewall rule function

I want to implement something like the following rule functionality in pfsense. This function is used to prevent in... yon Liu
07:34 AM Bug #13954 (Duplicate): Invalid custom DHCP option data can cause the DHCP daemon to fail
I can't replicate this here on snapshots as it appears to be fixed by #13584.
Your error was caused because you en... Jim Pingle

02/14/2023

10:07 PM pfSense Packages Feature #13955: Add NETMAP_V14 build option knob to Suricata binary makefile options in file ./tools/conf/pfPorts/make.conf
I will be submitting the pull request to accomplish this request as soon as pfSense Plus 23.01 exits RC status and go... Bill Meeks
10:01 PM pfSense Packages Feature #13955 (Resolved): Add NETMAP_V14 build option knob to Suricata binary makefile options in file ./tools/conf/pfPorts/make.conf
Suricata 6.0.9 and later supports a new Makefile build option called NETMAP_V14. This enables a binary build using th... Bill Meeks
10:06 PM pfSense Packages Bug #13925: Suricata 6.0.8_7 - PHP Fatal Errror on IP Rep Tab
Thanks Marcos. I have already created the necessary fix and posted the commit to my personal FreeBSD-ports repo. I wi... Bill Meeks
07:06 PM pfSense Packages Bug #13925: Suricata 6.0.8_7 - PHP Fatal Errror on IP Rep Tab
Here's the diff submitted previously FWIW:... Marcos M
07:02 PM pfSense Packages Bug #13925: Suricata 6.0.8_7 - PHP Fatal Errror on IP Rep Tab
I have taken responsibility for correcting this issue in the Suricata GUI package. I have a PR ready for submission s... Bill Meeks
04:03 PM Bug #13954 (Duplicate): Invalid custom DHCP option data can cause the DHCP daemon to fail
It took a 24 hours and 30 configuration changes to be noticed, so I don't know exactly what I did (I'm a newb in pfSe... Corey Cooper
07:24 AM Bug #13953: PHP Error loading Floating rule tab with OpenVPN group rules when there are no OpenVPN instances in the configuration
Looks like maybe you have rules defined for the OpenVPN group on the Floating tab but you have no OpenVPN clients or ... Jim Pingle
12:55 AM Bug #13953 (Resolved): PHP Error loading Floating rule tab with OpenVPN group rules when there are no OpenVPN instances in the configuration
PHP ERROR: Type: 1, File: /usr/local/www/firewall_rules.php, Line: 805, Message: Uncaught TypeError: Cannot access of... Christos Messios

02/13/2023

03:52 PM pfSense Packages Feature #12711: Add InfluxDB V2 support
Is it possible to get some TLC on this? I use Telegraf and InfluxDB V2 for my metrics from my homelab, so this is a b... Per-Arne Hellarvik
03:24 PM Revision a6494075: poudriere: start building kea
Christian McDonald
01:56 PM Bug #13952 (New): OpenVPN: Pfsense doesn't report the correct client IP in log after DHCP reply from Radius
We have 2 pfsense nodes experiencing the same issue.
We have openvpn server setup in them with the IPv4 Tunnel range... Data Vee
11:00 AM pfSense Packages Regression #13947 (Feedback): Remove 4096GB quota limit
Validation removed in ddebe728, plumbed through plus-devel and 23.01 Reid Linnemann
10:23 AM pfSense Packages Bug #13951: pfblockerNG does not allow for vlan description changes
A workaround i have found is to first disable the interface under Interfaces/Interface Assignments / Select an interf... Mike Moore
10:21 AM pfSense Packages Bug #13951 (Resolved): pfblockerNG does not allow for vlan description changes
After a few weeks of troubleshooting within the forums, the problem has been traced directly to pfblocker. If install... Mike Moore
07:12 AM Bug #13940 (Pull Request Review): Firewall log parser does not handle SCTP log entries
Jim Pingle

02/12/2023

11:46 PM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound
Christian McDonald wrote in #note-49:
> Unbound reloads are faster now when Python mode is enabled. I eliminated the... Michael Kolassa
09:09 PM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound
Unbound reloads are faster now when Python mode is enabled. I eliminated the expensive task of reloading the entire p... Christian McDonald
08:28 PM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound
Christian McDonald wrote in #note-47:
> Taking this one on as I'm now quite familiar with Unbound in pfSense
Sorr... Michael Kolassa
09:00 PM pfSense Packages Regression #13950 (Resolved): PHP error with pfBlockerNG
After restoring a config backup which contains pfBlockerNG-devel to a fresh install of 23.01, a crash/alert shows the... Marcos M
01:06 PM pfSense Plus Bug #13949: Boot Environments do not seem to cleanly restore the system
That’s why I said that errors in packages are irrelevant
User runs 22.05 and has no errors in packages - BE “defa... Yuri Weinstein
11:57 AM pfSense Plus Bug #13949: Boot Environments do not seem to cleanly restore the system
There is some conflating of issues here. What I'm saying is, the issue with pfBlockerNG specifically wasn't unique to... Christian McDonald
11:16 AM pfSense Plus Bug #13949: Boot Environments do not seem to cleanly restore the system
IMHO errors with packages are irrelevant.
User expectations are that BE switches in between different pfS versions... Yuri Weinstein
11:10 AM pfSense Plus Bug #13949: Boot Environments do not seem to cleanly restore the system
That issue with pfBlockerNG isn't related to BEs. I've seen it and I addressed it. It was also impacting CE 2.6.0
... Christian McDonald
10:35 AM pfSense Plus Bug #13949: Boot Environments do not seem to cleanly restore the system
`pfBlockerNG-devel` had errors:... Yuri Weinstein
10:07 AM pfSense Plus Bug #13949: Boot Environments do not seem to cleanly restore the system
We're going to need more information. What errors ? Christian McDonald
09:51 AM pfSense Plus Bug #13949 (New): Boot Environments do not seem to cleanly restore the system
I tried and set up 25.01RC and had a minor issue so decided to roll back to 22.05.
To my surprise, after restoring... Yuri Weinstein
06:15 AM Feature #13843: Add ability to properly configure RADIUS captive portal user quotas of 4096MB or more
From my perspective, the 32 bit overflow has broken the captive portal quota tracking with freeRadius that was workin... Dale Harron
02:02 AM Bug #731: Shaper: p2p catch all bandwidth allows various selections but only % usable
This claims to be resolved over 8 years ago, however at this moment I'm getting this error.
In the source in func... Grioghar Thomas-Baldwin
01:43 AM Bug #13929: IGMP Proxy multicast group membership query packets have an invalid checksum
I was going to upgrade from 2.6.0 CE to plus 23.01, but this bug is a stopper for me. I've got a working IPTV setup a... Arturo de Vries

02/11/2023

08:46 PM Feature #13948 (New): Allow %any for local_addrs IPsec endpoint setting
Charon allows setting %any as local_addrs, allowing connections to all IPs. We should offer a setting to set this opt... Flole Systems
12:03 PM pfSense Packages Regression #13947: Remove 4096GB quota limit
As an observation, you can avoid the overflow consequences of premature logout due to the 32 bit unsigned integer ove... Dale Harron
10:40 AM Bug #13929: IGMP Proxy multicast group membership query packets have an invalid checksum
Hopefully it will be fixed in the upcoming version 23.01. Otherwise I have to skip this version. :(
Is this bug al... Johannes Wanink
04:01 AM Bug #13940: Firewall log parser does not handle SCTP log entries
Done in https://github.com/pfsense/pfsense/pull/4625. Théo Sarrazin

02/10/2023

04:59 PM Revision 3269c456: update dependencies managed by composer
Christian McDonald
11:18 AM Feature #13843: Add ability to properly configure RADIUS captive portal user quotas of 4096MB or more
Let's keep the notes relevant to the issue topic, please. Your concerns about interim accounting overflowing uint32, ... Reid Linnemann

02/09/2023

07:40 AM pfSense Packages Bug #13874 (Resolved): pfBlocker -devel hanging on cron jobs
Thanks for testing and following up!
I'm going to mark this one resolved as there was some overlap with #13926 and... Jim Pingle
07:39 AM pfSense Packages Bug #13926 (Resolved): pfBlockerNG-devel 3.2.0 - Slow MaxMind Database Downloads under PHP 8.1
Jim Pingle
06:20 AM Feature #13843: Add ability to properly configure RADIUS captive portal user quotas of 4096MB or more
I believe I can finally put this project in perspective for all of us.
1. The reconciliation of the 32 bit unsigne... Dale Harron
05:39 AM pfSense Packages Bug #13936 (Confirmed): PHP error from RRD Graphs when attempting a query a newly created empty database
I replicated the issue. ... Danilo Zrenjanin
12:17 AM Revision 402c98a2: Update copyright years to include 2023
Reid Linnemann

02/08/2023

06:38 PM pfSense Packages Bug #13874: pfBlocker -devel hanging on cron jobs
Work has had me tied up so I haven't been able to do review the information Jim was kind enough to provide. I freed ... Allen C
06:31 PM Feature #13843: Add ability to properly configure RADIUS captive portal user quotas of 4096MB or more
If you are referring to periodic auth as both Reauth every minute checked and/or stop/start checked I have tested bot... Dale Harron
11:23 AM Feature #13843: Add ability to properly configure RADIUS captive portal user quotas of 4096MB or more
Regression #13947 covers this. Reid Linnemann
11:15 AM Feature #13843: Add ability to properly configure RADIUS captive portal user quotas of 4096MB or more
I understand the concern here. I think until I can improve on the pfSense-Max-Total-Octets used for preemptive logout... Reid Linnemann
07:21 AM Feature #13843: Add ability to properly configure RADIUS captive portal user quotas of 4096MB or more
Perhaps it would help if I took a different perspective here:
You do not have to implement the following: "Documen... Dale Harron
06:47 AM Feature #13843: Add ability to properly configure RADIUS captive portal user quotas of 4096MB or more
In way of clarification, the used-octets-user or used-octets-user-uniqueID files are currently correctly updated with... Dale Harron
03:36 PM pfSense Packages Bug #13926: pfBlockerNG-devel 3.2.0 - Slow MaxMind Database Downloads under PHP 8.1
This change fixed two issues I have seen with pfB since moving to 23.01: 1) slow MaxMind downloads; 2) slow block lis... Glenn Hall
11:21 AM pfSense Packages Regression #13947 (Feedback): Remove 4096GB quota limit
The 4096GB quota limit introduced to prevent pfSense-Max-Total-Octets overflowing uint32 for captive portal artificia... Reid Linnemann
08:37 AM pfSense Packages Bug #13897 (Resolved): IPsec Profile Wizard/Windows: Generated script adds an invalid route command for ``0.0.0.0/0``
Tested against the IPsec Profile Wizard pkg v. 1.1
It looks fine.
*Split Tunnel Routes* part is omitted if the loca... Danilo Zrenjanin
07:49 AM Bug #13946 (Resolved): Polish translation contains an invalid ``sprintf()`` format in the text for ``firewall_nat_out_edit.php``
A PHP error occurs when a user tries to open @firewall_nat_out_edit.php@ when using the Polish translation:... Jim Pingle
07:14 AM pfSense Packages Feature #13930: Hysteria Proxy/Relay
help doc link: https://hysteria.network/docs/advanced-usage/ yon Liu
04:41 AM pfSense Packages Feature #13930: Hysteria Proxy/Relay
It supports using ACME to obtain encryption certificates or self-signed certificates can be used. yon Liu
04:40 AM pfSense Packages Feature #13930: Hysteria Proxy/Relay
After I have tested and compared, it is designed to include encryption to bypass monitoring. After the network protoc... yon Liu
04:33 AM pfSense Packages Feature #13930: Hysteria Proxy/Relay
No, it has encryption, and it's specifically designed to bypass internet surveillance in authoritarian countries. Cer... yon Liu
06:44 AM Regression #13418: Captive Portal does not keep track of client data usage
In way of clarification, the used-octets-user or used-octets-user-uniqueID files are currently correctly updated with... Dale Harron
06:19 AM Regression #13418: Captive Portal does not keep track of client data usage
The solution that was applied for stop/start freeRadius that sends only incremental data use in each stop/start packe... Dale Harron
04:02 AM Bug #13929: IGMP Proxy multicast group membership query packets have an invalid checksum
I’m also hoping this could be fixed in 23.01.
It’s going to destroy a lot of IPTV setups when people upgrade. R. Picobello
03:59 AM Bug #13929: IGMP Proxy multicast group membership query packets have an invalid checksum
I can't upgrade to 23.01 if this issue is still active in 23.01.
Hopefully this will be fixed in 23.01 instead of ... Remie van de Zande

02/07/2023

10:31 PM Feature #12070: Support for VLAN ``0``
Christopher Cope wrote in #note-7:
> Tested on
> [...]
>
> Working successfully with AT&T on my edge without the... Matt Johnson
08:05 PM Revision e0fd8fdd: Enable the registration page on Plus.
Allow the customers to re-register an existing instance if the NDI changes.
Ticket: 9580 Luiz Souza
04:31 PM Bug #13945: DHCP Active Leases page display
Further testing on my system has shown the issue to be present in the "legacy" light and dark themes, the Beta themes... Mike McV
04:20 PM Bug #13945 (Rejected): DHCP Active Leases page display
Can't reproduce this here. The whole row is always displayed. FF 109.0.1, Chrome 110.0.5481.78.
If I reduce the wi... Jim Pingle
04:07 PM Bug #13945 (Rejected): DHCP Active Leases page display
The DHCP assigned leases page formatting will not allow a full row display regardless of window dimensions.
I have... Mike McV
03:49 PM Feature #13843: Add ability to properly configure RADIUS captive portal user quotas of 4096MB or more
@edaleh I believe I can now explain most of this behavior.
redmine 13418 fixed an issue with freeRadius where fr... Dale Harron
02:19 PM pfSense Packages Todo #13255: Set PKCS#12 algorithm when exporting OpenVPN ZIP or Windows bundles
That is part of the plan, see #13917 Jim Pingle
01:06 PM pfSense Packages Todo #13255: Set PKCS#12 algorithm when exporting OpenVPN ZIP or Windows bundles
Jim Pingle wrote:
> Currently when crafting a PKCS#12 archive the OpenVPN Client Export package does not set a speci... Thomas Ward
09:33 AM pfSense Packages Bug #10646 (Resolved): Reinstall package process stalls at pfBlockerNG when restoring a config
This has been working since the fix went in. Jim Pingle
09:33 AM pfSense Packages Bug #11398 (Resolved): pfBlocker upgrade hangs forever
This has been working since the fix went in. Jim Pingle
09:19 AM Bug #13935 (Resolved): RRD restore process does not sanitize filenames from backup XML
Backup and restore of RRD works as expected on current builds.
 Jim Pingle
08:21 AM Bug #10624 (Resolved): Memory leak in Unbound with Python module and DHCP lease registration active
No reports of problems that I've seen since the fix is in place. If it recurs we can always reopen or start a fresh i... Jim Pingle
08:20 AM Regression #11316 (Resolved): Unbound crashes with signal 11 when reloading
No reports of problems that I've seen since the fix is in place. If it recurs we can always reopen or start a fresh i... Jim Pingle
08:19 AM Todo #13893 (Closed): Update Unbound to 1.17.1
This has been in for a while and no apparent issues. Closing. Jim Pingle
08:18 AM Regression #13944 (Resolved): PHP error in ``flock()`` during certain XMLRPC operations
Certain XMLRPC operations generate a PHP error mentioning @flock()@:... Jim Pingle
08:13 AM Feature #13446 (Closed): Upgrade PHP from 7.4 to 8.1
All done for 23.01. New issues can be handled separately. Jim Pingle
08:13 AM pfSense Packages Regression #13892 (Resolved): PHP error from ``status_monitoring.php`` with empty OpenVPN servers
Jim Pingle
08:05 AM Bug #13940: Firewall log parser does not handle SCTP log entries
The protocol layout isn't defined in the log parser so it doesn't know what to do with it. There is no test for proto... Jim Pingle

02/06/2023

10:05 PM Regression #13943: OpenVPN crashes with Signal 8 with very low fragment size
Marcos M wrote in #note-2:
> Signal 8 (SIGFPE) is @floating-point exception@:
> https://man.freebsd.org/cgi/man.cgi?s... Leon Dang
08:38 PM Regression #13943: OpenVPN crashes with Signal 8 with very low fragment size
Signal 8 (SIGFPE) is @floating-point exception@:
https://man.freebsd.org/cgi/man.cgi?sektion=3&query=signal
The Open... Marcos M
08:27 PM Regression #13943 (Resolved): OpenVPN crashes with Signal 8 with very low fragment size
OpenVPN crashes after updating from 22.01 to 22.05. The issue also occurs on 23.01-RC. Tested on an XG-1537-M2-32GB.
... Marcos M
07:54 PM Regression #13942 (Pull Request Review): PHP error on ``status_logs_settings.php`` if the configuration contains an empty ``syslog`` section
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1010 Marcos M
07:08 PM Regression #13942 (Resolved): PHP error on ``status_logs_settings.php`` if the configuration contains an empty ``syslog`` section
See:
https://forum.netgate.com/topic/177633/logs-not-updating-on-23-01... Marcos M
06:34 PM pfSense Docs New Content #13941 (Resolved): Memory usage in pfSense
Questions frequently come up regarding memory usage in pfSense software. A doc on the subject could mention notes/qui... Marcos M
05:14 PM Revision ca80d184: Correct RRD backup/restore cmd file handling. Fixes #13935
Jim Pingle
04:18 PM Bug #13940 (Resolved): Firewall log parser does not handle SCTP log entries
Tested in 22.05 / 23.01.
The firewall logs page in the webGUI does not show the following entries in @/var/log/fil... Marcos M
04:15 PM Revision 053f60e5: util.inc: fix incorrect resource test in unlock()
Christian McDonald
03:48 PM Bug #13939: IPv6 does not work on secondary PPPoE WAN
It actually looks like this was written from the get-go to omit the scope, which is why it does @echo ${IP} |cut -d% ... Reid Linnemann
02:51 PM Bug #13939: IPv6 does not work on secondary PPPoE WAN
It may only need to ensure the proper scope gets added to that router file, which it isn't doing now.
source:src/usr... Jim Pingle
02:42 PM Bug #13939 (Resolved): IPv6 does not work on secondary PPPoE WAN
I have 2 PPPoE WANs at home and IPv6 only works on primary link, used as default gateway. In this case pppoe0 works ... Renato Botelho
02:38 PM pfSense Packages Bug #13920: 23.01RC - Suricata stops working after Wireguard installed
The fix for this issue requires an update to the custom blocking plugin compiled into the Suricata binary on pfSense.... Bill Meeks
02:24 PM Bug #13014: Deadlock in Charon VICI interface
We're still trying to reproduce this and gather data on it, but we are getting closer. Jim Pingle
02:12 PM Bug #13938 (Resolved): Kernel panic accessing the GUI over IPsec in certain environments when using nginx ``sendfile`` with unmapped mbufs
Under certain conditions which have not yet been identified, it is possible to encounter a kernel kernel panic on Fre... Jim Pingle
12:40 PM Bug #13937 (New): New OpenVPN entries are not immediately reflected in RRD graphs
When creating an OpenVPN entry, it is not immediately reflected in the RRD update script, graph database files, etc.
... Jim Pingle
12:33 PM pfSense Packages Bug #13936 (Resolved): PHP error from RRD Graphs when attempting a query a newly created empty database
Attempting to view an RRD graph of a new database that doesn't yet have data results in a PHP error.
Easiest way t... Jim Pingle
11:25 AM Bug #13935 (Feedback): RRD restore process does not sanitize filenames from backup XML
Applied in changeset commit:ca80d18493f8f91b21933ebd6b714215ae1e5e94. Jim Pingle
11:14 AM Bug #13935 (Resolved): RRD restore process does not sanitize filenames from backup XML
The code in source:src/etc/inc/config.lib.inc#L291 which restores RRD files from a @config.xml@ backup does not escap... Jim Pingle
08:46 AM pfSense Plus Bug #13933: Unable to make modifications to vlan descriptions
This site is not for support or diagnostic discussion, so that is something you'd need to keep on the forum thread an... Jim Pingle
08:25 AM pfSense Plus Bug #13933: Unable to make modifications to vlan descriptions
Although not a stock install of pfsense as there are other packages that needed to be installed via the repo[pfblocke... Mike Moore
07:30 AM pfSense Plus Bug #13933 (Rejected): Unable to make modifications to vlan descriptions
I can't reproduce this as stated. Changes to descriptions are immediately reflected as expected. They are stored in t... Jim Pingle
08:04 AM Bug #13929: IGMP Proxy multicast group membership query packets have an invalid checksum
Marking as 23.05 for now so it doesn't get missed. If we find a viable solution in the meantime we can try to squeeze... Jim Pingle
07:48 AM pfSense Packages Feature #13575: Update to frr 9.0.1
When this happens it's best to just move to 8.x and not keep two versions around.
 Jim Pingle
07:46 AM pfSense Packages Feature #13931 (Duplicate): Upgrade FRR from 7.x to 8.x
Duplicate of #13575 Jim Pingle
07:34 AM pfSense Packages Feature #13930: Hysteria Proxy/Relay
It's no surprise that it's faster than WireGuard as it has no encryption. It's a proxy/relay setup, not an encrypted ... Jim Pingle

02/05/2023

09:16 PM Bug #13934 (Closed): Killing states by gateway can miss some IPv6 outbound states
Due to the default outbound rules, IPv6 outbound states are created with @gateway: ::@ which prevents the states from... Marcos M
05:50 PM pfSense Plus Bug #13933: Unable to make modifications to vlan descriptions
This is a reproducible issue. Changes to VLAN description cause all interfaces to flap. I have the system.log file to... Mike Moore
12:55 PM pfSense Plus Bug #13933: Unable to make modifications to vlan descriptions
Uploading log output jpeg. This occurs each time the vlan description is attempted to be changed but doesn't. There i... Mike Moore
12:49 PM pfSense Plus Bug #13933 (Rejected): Unable to make modifications to vlan descriptions
The issue is focused on interface heirarchy.
1. Attempting to change vlan description <clicking save> does not resul... Mike Moore
09:18 AM pfSense Packages Bug #13920: 23.01RC - Suricata stops working after Wireguard installed
Bill Meeks wrote in #note-7:
> Just to be clear on this PHP error. I think you are getting that because you made an ... Greger Blennerud
07:55 AM pfSense Packages Feature #13930: Hysteria Proxy/Relay
I have notified the developer of this program, and the developer has agreed to promote this program. And it is recomm... yon Liu

02/04/2023

10:41 PM Bug #13344: Vlan loses parent interface when changing LAGG mtu to jumbo frames
Matthew Whittaker-Williams wrote:
> When I try to add jumbo frames to lagg interface ( 9000 ) - main
> When I chan... Jordan G
09:36 PM pfSense Packages Bug #13932 (Not a Bug): Deprecation Message for Arpwatch
I checked the code. We are already using -w instead of -m. We could remove the pkg-message from our net-mgmt/arpwatch. Christian McDonald
06:12 PM pfSense Packages Bug #13932 (Not a Bug): Deprecation Message for Arpwatch
During install, the following message about deprecated flags is mentioned:
_
The -m flag is deprecated. If you are ... Kris Phillips
02:21 PM pfSense Packages Bug #13920: 23.01RC - Suricata stops working after Wireguard installed
Greger Blennerud wrote in #note-6:
> The actual list found in /usr/local/etc/suricata/suricata_28603_vtnet1 never cha... Bill Meeks
04:08 AM pfSense Packages Bug #13920: 23.01RC - Suricata stops working after Wireguard installed
I decided to do some more testing and discovered some wierd issues with the passlist.
First of all, I get a discrep... Greger Blennerud
11:03 AM Bug #13915: PHP errors when re-running Traffic Shaper Wizards with different settings
Athanasios Chatzi wrote in #note-2:
> Jim Pingle wrote in #note-1:
> > Can you attach the @<ezshaper>[...]</ezshape... Athanasios Chatzi
05:49 AM Bug #13915: PHP errors when re-running Traffic Shaper Wizards with different settings
Hi all!
Same problem here!! Since i updated to 23.01-RC i have the same problem like you.
I always had it worki... Humberto Nieto
10:59 AM pfSense Packages Feature #13931 (Duplicate): Upgrade FRR from 7.x to 8.x
The FRR latest version has fixed many problems. Including the bug fixes submitted by me. And added many new features.... yon Liu
10:55 AM pfSense Packages Feature #13930 (New): Hysteria Proxy/Relay
Please consider adding this function. I have tested that its actual network speed is 5-10 times faster than wireguard... yon Liu
10:05 AM pfSense Packages Bug #13925 (Pull Request Review): Suricata 6.0.8_7 - PHP Fatal Errror on IP Rep Tab
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/328 Christopher Cope
08:45 AM pfSense Packages Bug #13925 (Confirmed): Suricata 6.0.8_7 - PHP Fatal Errror on IP Rep Tab
I'm able to reproduce this on... Christopher Cope
04:33 AM Feature #13843: Add ability to properly configure RADIUS captive portal user quotas of 4096MB or more
If the new 4095 GB limit set in the freeRadius user file edit/create code is related to this Feature, it is INCORRECT... Dale Harron
02:47 AM Bug #13929 (Resolved): IGMP Proxy multicast group membership query packets have an invalid checksum
Having a TV provider with multicast streams, working flawless in 22.50 when upgraded to 23.01 it starts stuttering an... R. Picobello

02/03/2023

09:34 PM Revision 8a2c52b0: Refactor some direct config access in sysctl
Christian McDonald
07:22 PM pfSense Plus Bug #13924 (Not a Bug): 23.01.r.20230202.1645 reports a creation date of 2022-07-01 23:36 - also have to manually add interfaces after rebooting each time.
Thanks for following up! Jim Pingle
07:16 PM pfSense Plus Bug #13924: 23.01.r.20230202.1645 reports a creation date of 2022-07-01 23:36 - also have to manually add interfaces after rebooting each time.
Christian McDonald wrote in #note-3:
> tailscaled expects to solely own the tailscale0 interface.
>
> pfSense is ... Scott Costa
06:48 PM pfSense Plus Bug #13924: 23.01.r.20230202.1645 reports a creation date of 2022-07-01 23:36 - also have to manually add interfaces after rebooting each time.
Christian McDonald wrote in #note-3:
> tailscaled expects to solely own the tailscale0 interface.
>
> pfSense is ... Scott Costa
08:28 AM pfSense Plus Bug #13924: 23.01.r.20230202.1645 reports a creation date of 2022-07-01 23:36 - also have to manually add interfaces after rebooting each time.
tailscaled expects to solely own the tailscale0 interface.
pfSense is throwing an interface mismatch/change warnin... Christian McDonald
07:22 AM pfSense Plus Bug #13924 (Incomplete): 23.01.r.20230202.1645 reports a creation date of 2022-07-01 23:36 - also have to manually add interfaces after rebooting each time.
The creation date you are referencing is the creation date of the default Boot Environment and that's normal/expected... Jim Pingle
06:20 PM Bug #13928 (Duplicate): Add Notification to webConfigurator for Low Disk Space
Duplicate of #10467 Jim Pingle
04:30 PM Bug #13928 (Duplicate): Add Notification to webConfigurator for Low Disk Space
Frequently customers will run into disk space issues with very little indication what is causing it. Adding a notifi... Kris Phillips
04:33 PM pfSense Packages Bug #13920: 23.01RC - Suricata stops working after Wireguard installed
Looking into this deeper, I suspect there is potentially an issue with the custom blocking plugin used with the Suric... Bill Meeks
11:07 AM pfSense Packages Regression #13884: pfBlockerNG DNSBL TLD option causes reloads to take a long time
Related forum thread: https://forum.netgate.com/topic/177504/v-3-2-0-with-pfsense-23-01-rc-20230202 Jim Pingle
10:40 AM pfSense Packages Bug #13874: pfBlocker -devel hanging on cron jobs
There may be two distinct issues there: One with downloads, and one with processing.
If you find it's hanging up on ... Jim Pingle
10:10 AM pfSense Packages Bug #13874: pfBlocker -devel hanging on cron jobs
Ran into this issue on pfBlockerNG-devel v3.2.0 a few days ago. Have been deploying dailies, currently on v2.7.0.a.2... Allen C
10:24 AM Bug #13927 (New): Cannot set AdvDefaultLifetime aka "Router lifetime"
Typically, setting AdvDefaultLifetime to 0 means that a router cannot be used as a default router.
(c.f. https://lin... Jan L.
10:08 AM pfSense Packages Bug #13926 (Feedback): pfBlockerNG-devel 3.2.0 - Slow MaxMind Database Downloads under PHP 8.1
I merged the changes to the pfBlockerNG cURL defaults, so the next build will include them. Jim Pingle
09:48 AM pfSense Packages Bug #13926: pfBlockerNG-devel 3.2.0 - Slow MaxMind Database Downloads under PHP 8.1
Steve Wilson wrote in #note-2:
> Jim,
>
> With your patch applied the download completes in about 5 seconds, so i... Jim Pingle
09:44 AM pfSense Packages Bug #13926: pfBlockerNG-devel 3.2.0 - Slow MaxMind Database Downloads under PHP 8.1
Jim,
With your patch applied the download completes in about 5 seconds, so it solves the issue. But note that the... Steve Wilson
09:24 AM pfSense Packages Bug #13926: pfBlockerNG-devel 3.2.0 - Slow MaxMind Database Downloads under PHP 8.1
If you can easily reproduce this, try the following patch (path strip=1):... Jim Pingle
04:37 AM pfSense Packages Bug #13926 (Resolved): pfBlockerNG-devel 3.2.0 - Slow MaxMind Database Downloads under PHP 8.1
Prior to the update to PHP 8.1, downloads of the MaxMind database would take approximately 4 seconds. After the updat... Steve Wilson
08:11 AM pfSense Packages Bug #13922 (Resolved): Snort - rules package downloads may hang for an extended period if remote site offers an HTTP/2 connection
PR merged, thanks! Jim Pingle
08:11 AM pfSense Packages Bug #13923 (Resolved): Snort - fails to clean-up all files when uninstalling and also creates an unnecessary barnyard2 logging subdirectory.
PR merged, thanks! Jim Pingle
08:11 AM pfSense Packages Bug #13839 (Resolved): Suricata version updates take a long time
PR merged, thanks! Jim Pingle
01:54 AM pfSense Packages Bug #13925 (Resolved): Suricata 6.0.8_7 - PHP Fatal Errror on IP Rep Tab
Clicking on the IP Rep tab when editing an existing interface throws a PHP error.
Steps to reproduce:
1. Naviga... Steve Wilson

02/02/2023

11:31 PM pfSense Plus Bug #13924: 23.01.r.20230202.1645 reports a creation date of 2022-07-01 23:36 - also have to manually add interfaces after rebooting each time.
Intended to mention that having to manually add the interfaces back and DHCP not auto starting all began upon upgradi... Scott Costa
11:25 PM pfSense Plus Bug #13924 (Not a Bug): 23.01.r.20230202.1645 reports a creation date of 2022-07-01 23:36 - also have to manually add interfaces after rebooting each time.
23.01.r.20230202.1645 reports a incorrect creation date of 2022-07001 23:36 after installing it.
Also, after firs... Scott Costa
07:26 PM pfSense Packages Bug #13922: Snort - rules package downloads may hang for an extended period if remote site offers an HTTP/2 connection
This issue is resolved by pull request #1225 posted against the DEVEL snapshots here: https://github.com/pfsense/Free... Bill Meeks
07:04 PM pfSense Packages Bug #13922 (Resolved): Snort - rules package downloads may hang for an extended period if remote site offers an HTTP/2 connection
Changes in cURL function behavior in PHP 8.1 make the Snort package vulnerable to a hang condition when downloading r... Bill Meeks
07:26 PM pfSense Packages Bug #13923: Snort - fails to clean-up all files when uninstalling and also creates an unnecessary barnyard2 logging subdirectory.
This issue is resolved by pull request #1225 posted against the DEVEL snapshots here: https://github.com/pfsense/Free... Bill Meeks
07:10 PM pfSense Packages Bug #13923 (Resolved): Snort - fails to clean-up all files when uninstalling and also creates an unnecessary barnyard2 logging subdirectory.
The Snort package fails to clean up all it's _*.rules_ files when uninstalling. It also creates a Barnyard2 logging s... Bill Meeks
06:27 PM pfSense Packages Bug #13839: Suricata version updates take a long time
Jim Pingle wrote in #note-6:
> To fix some issues in Dynamic DNS where it didn't want to close connections (it hung ... Bill Meeks
06:12 PM pfSense Packages Bug #13839: Suricata version updates take a long time
The pull request to correct this issue has been submitted against the snapshots DEVEL branch here: https://github.com... Bill Meeks
05:19 PM pfSense Packages Bug #13839: Suricata version updates take a long time
To fix some issues in Dynamic DNS where it didn't want to close connections (it hung pretty much indefinitely) we end... Jim Pingle
05:07 PM pfSense Packages Bug #13839: Suricata version updates take a long time
After some digging around, I am pretty sure I found the problem here. It is related to HTTP/2 support in cURL. I can ... Bill Meeks
05:24 PM pfSense Packages Bug #13566 (Resolved): Non-devel pfBlocker Package Broken in 2.7 CE with PHP 8.1
Tested on... Christopher Cope
04:31 PM pfSense Packages Bug #13920: 23.01RC - Suricata stops working after Wireguard installed
Christian McDonald wrote in #note-3:
> Hi,
>
> I'll have a look. Might not be this week, but definitely next week... Bill Meeks
02:23 PM pfSense Packages Bug #13920: 23.01RC - Suricata stops working after Wireguard installed
Hi,
I'll have a look. Might not be this week, but definitely next week. Christian McDonald
01:43 PM pfSense Packages Bug #13920: 23.01RC - Suricata stops working after Wireguard installed
I might need some assistance from the Netgate wireguard guru on this one. I don't have a functioning wireguard packag... Bill Meeks
10:38 AM pfSense Packages Bug #13920 (Resolved): 23.01RC - Suricata stops working after Wireguard installed
Upgraded to 23.01RC from 22.05 without any packages installed. Current base system shown as 23.01.r.20230202.0019
... Greger Blennerud
12:51 PM pfSense Docs Correction #13921 (Closed): OpenVPN Monitoring Docs need updated
https://redmine.pfsense.org/issues/13129
The above issue changes have been committed. The docs haven't been updated ... Christopher Cope
10:47 AM pfSense Packages Bug #13919 (Resolved): Typo in suricata package: cpnfig_set_path()
PR merged Jim Pingle
08:34 AM pfSense Packages Bug #13919: Typo in suricata package: cpnfig_set_path()
This issue has been corrected in pull request 1223 posted here: https://github.com/pfsense/FreeBSD-ports/pull/1223.
... Bill Meeks
05:15 AM pfSense Packages Bug #13919 (Resolved): Typo in suricata package: cpnfig_set_path()
FreeBSD 14.0-CURRENT #0 plus-RELENG_23_01-n256014-9cf2a68c5e5: Thu Feb 2 00:48:35 UTC 2023 root@freebsd:/var/jen... Brian Macy

02/01/2023

04:43 PM Revision 5e15b80d: composer update
Christian McDonald
02:32 PM Regression #12827: High latency and packet loss during a filter reload
Hello.
To reiterate, there are 2 distinct issues remaining.
What was patched, was one change which resulted in ... Mateusz Guzik
12:04 PM Todo #13893: Update Unbound to 1.17.1
No need to mention the old version, the one that was there was only present on snapshots, previous versions of Plus w... Jim Pingle
07:59 AM pfSense Packages Bug #10436: softflowd no longer sends flow data after upgrade (v0.9.9_1 -> v1.0.0)
Can someone test this with 23.01 snaps on the SG-3100 ?
 Marcelo Cury
 

Also available in: Atom