Activity

30 days up to

User

Subprojects

Activity

From 02/23/2023 to 03/24/2023

03/24/2023

08:25 PM Bug #14178: Captive Portal Pass-through MAC Auto Entry registering MAC address for unauthenticated users when using Pass-through credits: Typo in the third bullet of Actual Behavior "They don't ever see the login/portal prompt." Dean Arnold
08:21 PM Bug #14178 (New): Captive Portal Pass-through MAC Auto Entry registering MAC address for unauthenticated users when using Pass-through credits: The Captive Portal "Pass-through MAC Auto Entry" feature is adding an Allowed Client MAC address registration for una... Dean Arnold
07:17 PM Revision 1b121a0f: Correct plural seconds check.: Steve Wheeler
05:54 PM Feature #14177 (New): tcprtt Measures the TCP handshake RTT using the stats(9) statistics framework: My coworker thought using 8.8.8.8 for the gateway monitor would suffice for a “is the internet up” monitor. Well, goo... Ryan Whitlock
03:15 PM Bug #9459: patch pf: silence a runtime warning pfr_update_stats: assertion failed.: I see. Thanks for the info.
Issue still exists so status of this bug shouldn't be 'resolved'.. Casper B
02:21 PM Bug #14176: Uptime displays plural seconds for multiple minutes in the System Information Dashboard widget: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1023 Steve Wheeler
02:06 PM Bug #14176 (Resolved): Uptime displays plural seconds for multiple minutes in the System Information Dashboard widget: The check to display seconds as plural is incorrectly checking for multiple minutes here:
https://github.com/pfsense... Steve Wheeler
01:25 PM pfSense Plus Bug #14175: LDAP authentication for SSH fails: Can confirm the issue.... Lev Prokofev
12:58 PM pfSense Plus Bug #14175 (New): LDAP authentication for SSH fails: LDAP authentication fails for SSH user authentication via LDAP with error (Invalid credentials).
Same user successfu... Georgiy Tyutyunnik
12:43 PM pfSense Docs New Content #14174 (Rejected): Feedback on Certificate Management — Certificate Authority Management: *Page:* https://docs.netgate.com/pfsense/en/latest/certificates/ca.html
*Feedback:*
the *Trust Store* section s... Jon Brown
10:20 AM pfSense Plus Feature #14173 (Needs Patch): QAT driver does not attach to QAT virtual function devices passed through to VM on Xeon D-2146NT: pfSense is virtualized under Linux.
Hypervisor:
* qemu-kvm
* i440fx (q35 doesn't work either)
* kernel 5.15.9... name name
10:03 AM pfSense Plus Regression #14102 (Feedback): Console menu incorrectly shows option ``99`` on some ARMv7/ARM64 installations: Fixed in 209cb8b1. Reid Linnemann
09:59 AM pfSense Plus Regression #14102: Console menu incorrectly shows option ``99`` on some ARMv7/ARM64 installations: I've simplified and improved the EMMC/SATA rootdev check for aarch64 devices. The modified script is more specific ab... Reid Linnemann
09:55 AM Regression #14172 (Resolved): PHP error in Captive Portal if ``usedmacs`` list is empty: ... name name
09:51 AM pfSense Plus Regression #14171: High Availability Setup with Gateway to secondary pfSense not working - No Internet: I forgot to add: All currently available patches were applied via the System Patches package, before any testing was ... name name
09:44 AM pfSense Plus Regression #14171 (Not a Bug): High Availability Setup with Gateway to secondary pfSense not working - No Internet: Hi,
the following setup is working just fine on pfSense CE 2.6.0:
* High Availability/CARP
* Gateway group WAN... name name
06:15 AM Regression #14039: Limiters have no effect on upload traffic passed by policy routing rules: I think in general you currently don't need more testers but can at least share that we are quite affected since we h... Jose Duarte
04:13 AM pfSense Docs New Content #14170 (Closed): Radius Authentication Timeout: https://docs.netgate.com/pfsense/en/latest/usermanager/radius.html#radius-configuration ... Danilo Zrenjanin
03:44 AM Bug #14169 (Not a Bug): OpenVPN Backend for authentication doesn't distinguish reject from timeout: When multiple auth servers are defined in the list, the VPN doesn't respect the reject message from the first server ... Danilo Zrenjanin

03/23/2023

08:35 PM pfSense Plus Bug #14168 (New): OpenVPN status GUI cannot display RADIUS ACL Generated Ruleset with usernames containing an ``@`` symbol: When looking at the Status --> OpenVPN page and viewing a user's ACLs from RADIUS, if the user signed in with user@do... Kris Phillips
03:03 PM Regression #14164: IPv6 interface configuration race condition can lead to kernel panic: ... Christian McDonald
11:15 AM Regression #14164 (Resolved): IPv6 interface configuration race condition can lead to kernel panic: While re-configuring an interface that has an IPv6 config, such as when the link bounces, it's possible to hit a race... Steve Wheeler
01:59 PM Bug #14167 (Confirmed): Auto Config Backup: Selected manual backups are not retained.: The 'Manual backups to keep' feature in ACB does not retain the selected number of manual backups as expected.
Man... Steve Wheeler
12:49 PM Feature #14166 (New): Use netstat output for interface packet counters: Currently the In/Out Packets counters shown for Interface Status are taken from pfctl. Hence they show the identical ... Steve Wheeler
12:31 PM Feature #14165 (Resolved): Option to allow the DNS Forwarder to ignore system DNS servers: Since the change for #12902 I can no longer specify custom servers in the DNS Forward configuration. I do not want t... Orion Poplawski
12:08 PM Bug #14060: Auto Config Backup prints a confusing decryption error when using the wrong key: Tested on:
Version 23.01-RELEASE (amd64)
built on Fri Feb 10 20:06:33 UTC 2023
FreeBSD 14.0-CURRENT
patch resol... Georgiy Tyutyunnik
10:02 AM Todo #14098 (Resolved): Match upstream changes in PF syntax to disable fragment disassembly: The patch fixes this one. I am marking this ticket resolved. Danilo Zrenjanin
08:37 AM Regression #14163 (Waiting on Merge): Running ``ifconfig`` logs a high volume of netlink debug messages (``genl_handle_message``) on dev snapshots: This will be fixed when we do our next merge from upstream FreeBSD Christian McDonald
08:13 AM Regression #14163 (Resolved): Running ``ifconfig`` logs a high volume of netlink debug messages (``genl_handle_message``) on dev snapshots: System log is being spammed with kernel messages. CE 2.7.0.a.20230322.0600. It only appears to happen when the Dashb... Keith Townsend
07:56 AM Regression #14015 (Resolved): Alias list is not sorted: I tested the patch with different upper-lower case setups. The patch works fine.
I am marking this ticket resolved. Danilo Zrenjanin
07:46 AM Bug #13992 (Resolved): Custom default state timeouts are not respected in the ruleset: The patch fixes the issue. I've just run the Status > Filter Reload after applying the patch.
I am marking this t... Danilo Zrenjanin
05:25 AM pfSense Packages Feature #14160: Add Search Engine Group in feeds: This is so we can whitelist search engines "Search Engines IPv4", "Search Engines IPv6" Jon Brown
05:02 AM pfSense Packages Feature #14160 (New): Add Search Engine Group in feeds: It would be good to get a search engine feed so you can either block them or use them as a whitelist. I have included... Jon Brown
05:22 AM pfSense Packages Feature #14162 (New): Add 'Google Services' feed group: This group can be used to allow the blocking or whitelisting of google services. I have added what I found along with... Jon Brown
05:17 AM pfSense Packages Feature #14161 (New): Add 'Microsoft Services' feed: This should include all of the Microsoft services and preferably in separate items. I have included links to the page... Jon Brown
03:17 AM pfSense Packages Feature #14159 (New): Add netgate bogon feeds: Can you add the netgate bogon feeds.
* https://files.netgate.com/lists/
** https://files.netgate.com/lists/bogon-... Jon Brown
02:48 AM pfSense Packages Bug #13936: PHP error from RRD Graphs when attempting a query a newly created empty database: Can replicate on ... Lev Prokofev
02:30 AM Regression #13942: PHP error on ``status_logs_settings.php`` if the configuration contains an empty ``syslog`` section: I couldn't apply the patch on the:... Danilo Zrenjanin
02:03 AM Feature #14002 (Resolved): Option to enable/disable console bell, enabled by default: Tested the patch against:... Danilo Zrenjanin

03/22/2023

07:38 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``: For clarity the e1000 iflib driver that is in-kernel in pfSense has a bug that prevents it passing vlan0 if vlan hard... Steve Wheeler
06:30 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``: Kris Phillips wrote in #note-31:
> Hayden Hill wrote in #note-30:
> > Kris Phillips wrote in #note-29:
> > > FYI i... Hayden Hill
10:02 AM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``: Hayden Hill wrote in #note-30:
> Kris Phillips wrote in #note-29:
> > FYI it appears this issue has spread in 23.01... Kris Phillips
03:34 PM pfSense Packages Feature #13200: Custom DNS Servers for Alert settings: One solution would be to deny:
LAN: Deny any != pfblockerng ip TCP/UDP:53
WAN: ANY outgoing TCP/UDP:53
And allow... Carlos Montalvo J.
12:55 PM pfSense Plus Bug #14158: Unable to delete boot environment "X". Error 3: Duplicate of https://redmine.pfsense.org/issues/14074 Christopher Cope
12:55 PM pfSense Plus Bug #14158 (Duplicate): Unable to delete boot environment "X". Error 3: Christopher Cope
12:38 PM pfSense Plus Bug #14158 (Duplicate): Unable to delete boot environment "X". Error 3: Hi,
I was going to make a new backup recovery in the Boot Environments.
I name it with one number ie. 1, then save ... B. B.
11:44 AM Feature #14157 (New): Wildcards for 'Host Overrides' and 'Domain Overrides' in the GUI: Can you add the ability to use wildcards in 'Host Overrides' and 'Domain Overrides' in the GUI.
I know I can add w... Jon Brown
11:36 AM Feature #14156 (Rejected): See the configured .opvn file from the GUI for the OpenVPN servers: It would be a useful feature for diagnosing issues quickly to see the generate .OPVN file in the GUI.
If the onscr... Jon Brown
11:27 AM pfSense Packages Todo #14155 (Rejected): 'Block Outside DNS' option is present in the server and on the client: I find this situation confusing and propose a couple of resolutions:
* If the option 'Block Outside DNS' should stay... Jon Brown
11:22 AM pfSense Packages Feature #11165: OpenVPN Exporter - Allow for name customization: I would like to see this so if I want, I can create more human readable connection names which are shown in the OpenV... Jon Brown
10:59 AM Regression #13965 (Resolved): Automatic DHCP failover firewall rules are not present in the ruleset when failover is active: The patch fixes it.
I am marking this ticket resolved. Danilo Zrenjanin
09:22 AM Feature #14144: Improve support for renaming interface groups: maybe this should have been bug, not feature. Sorry. Kyle Wadman
07:18 AM Feature #14144 (New): Improve support for renaming interface groups: I have noticed that when an Interface Groups is renamed, all the Separators are lost.
I then named it back to the or... Kyle Wadman
08:41 AM pfSense Packages Bug #14142 (Not a Bug): PHP errors in OpenVPN Client Export package: This doesn't look like a bug. From the logs, the OpenVPN export package needs to be updated / reinstalled.
If that... Christopher Cope
06:05 AM pfSense Packages Bug #14142 (Rejected): PHP errors in OpenVPN Client Export package: Good moorning after installation last version of pf-sense, system shows Us the follow error related openvpn .
I am... Stefano Raniero
08:40 AM pfSense Packages Feature #14154 (New): Ability to use pfSense alias in IPv4 Custom_List: Firewall --> pfBlockerNG --> IP --> IPv4 --> edit/add --> IPv4 Custom_List
the reasons for this are:
* I only hav... Jon Brown
08:36 AM pfSense Packages Bug #14153 (New): default whitelist is not created: When I click on the button from the + button from the reports tab and follow the whitelisting, the default whitelist ... Jon Brown
08:35 AM pfSense Plus Bug #14140: OpenVPN Custom Options removes newline before push statements: Sorry, i forgot to describe WHY this is a problem.
The issue is that the invalid formatting of the options will ca... Nick Maludy
08:19 AM Feature #14152 (New): Add a way to find where an alias is used in the GUI: I would like the ability to find where an alias is used via the GUI. I imagine a button next to the other alias optio... Jon Brown
08:08 AM pfSense Packages Feature #14151 (New): Add (ASN) to IPv4 Custom_List information: Firewall --> pfBlockerNG --> IP --> IPv4 --> IPv4 Custom_List
the line ... Jon Brown
08:05 AM pfSense Packages Feature #14150 (New): Source and Destination information for IPv4 Custom_List and feeds: Firewall --> pfBlockerNG --> IP --> IPv4 --> list
When you edit/create a list you have to select an action type an... Jon Brown
07:58 AM pfSense Packages Feature #14149 (New): Make the NEXT Scheduled CRON counter active: I would like the countdown timer of the cron to be active. Like on an aution page of ebay. :)
Firewall --> pfBlock... Jon Brown
07:54 AM pfSense Packages Feature #14148 (New): Update alias information and error handling: On the following sections can you:
Firewall --> pfBlockerNG --> IP --> IPv4
*Advanced Inbound Firewall Rule Set... Jon Brown
07:48 AM pfSense Packages Feature #14147 (New): when you rename an alias the alias reference in pfsense Advanced Inbound/Outbound rules ar enot updated: I refer to the rules @ (Firewall --> pfBlockerNG --> IP --> IPv4)
I noticed that when I renamed an alias that the ... Jon Brown
07:36 AM pfSense Packages Bug #14146 (New): Small Typo in 'Advanced Outbound firewall rule settings' warning message: When creating an IPv4 outbound permit rule (Firewall --> pfBlockerNG --> Ip --> IPv4) and you leave the **Custom Prot... Jon Brown
07:20 AM Feature #14145 (New): Combined rule view (Floating + Group + Interface) that shows all rules relevant to a given interface: When viewing an interface firewall rule section it would be nice to have a toggle to "show inherited". This would sho... Kyle Wadman
07:09 AM pfSense Docs Correction #14143 (Closed): Feedback on System Monitoring — Remote Logging with Syslog: *Page:* https://docs.netgate.com/pfsense/en/latest/monitoring/logs/remote.html
*correction:*
in the section *Se... Jon Brown

03/21/2023

07:17 PM pfSense Packages Bug #14054: pfBlockerNG can incorrectly modify firewall rules: It appears this related to the IPv4 IP list being updated, and happens during this step:... Marcos M
06:38 PM pfSense Packages Bug #14141 (Rejected): pfsense 2.6.0 -pfSense-pkg-squid installation failed!: Hi guys,
Any help please.
I'm working on a lab project that is due in the comming days. Everything has worke fine u... Jean Smail Origene
05:43 PM pfSense Packages Todo #9200: Add DNS support for Google domain to Acme manager: It appears that Google Domains has added support for DNS-01 ACME Challenges using a token generated on Google Domains... Ryan Keen
01:56 PM pfSense Packages Feature #8547: fwknop Port Knocking Package: I'd like to add a vote here, too. This would be *incredibly* useful.
Port knocking is not an _alternative_ to a VP... Liquid Thex
01:54 PM pfSense Plus Bug #14140 (Not a Bug): OpenVPN Custom Options removes newline before push statements: Hello,
I'm setting up an OpenVPN server and need to pass in some additional option in two places:
1. VPN -> Ope... Nick Maludy
12:49 PM Regression #14139 (Resolved): CARP announcement src MAC should be virtual MAC: Hi All,
I think at some point in the last couple of 2.7.0 builds CARP function became somewhat broken. CARP announ... Robert Karsai
11:12 AM Feature #12091: RFE: Add support for sssd authentication: Just updated to psSense Plus 23.01 and now with sssd-1.16.5_8 it fails to start with:
ld-elf.so.1: /usr/local/sbin... Orion Poplawski
02:22 AM Regression #14138 (Feedback): Kernel Panic in ``rtsock_msg_mbuf``: I’ve been having a number of these over the last week or so. Last night’s was overnight when no one was using the net... Stephen Baines
12:09 AM pfSense Plus Regression #14137: pfSense Plus Upgrade repo data remains on the system after upgradng: Also, if package manager unavailable, may help next solution
Check and then uncheck dashboard auto update box in Sys... aleksei prokofiev

03/20/2023

10:36 PM Bug #13624: Only one alias in local network of OpenVPN Server works in 2.6.0: Also ran into the sub-alias not updating the parent alias issue as described by Florian Bat.
This had one of our en... Dean Arnold
07:21 PM pfSense Plus Regression #14137 (Resolved): pfSense Plus Upgrade repo data remains on the system after upgradng: After upgrading from CE to pfSense Plus the repo data used for that should be removed from the firewall leaving it us... Steve Wheeler
02:14 PM Revision 875221b6: ArrayGetExprRector support for variable and funccall array keys: Change how buildPathArgNode() generates an Arg node - as we introduce support
for more complicated expressions in arr... Reid Linnemann
02:14 PM Revision ce614369: Make ArrayGetExprRector configurable for multiple variables: Rector only permits a single instance of a Rule class in a configuration, so in
order to allow the ArrayGetExprRector... Reid Linnemann
02:14 PM Revision 96eb75ed: Rename GlobalGGetExprRector and friends to ArrayGetExprRector: Reid Linnemann
02:14 PM Revision 46f5b38a: Make GlobalGGetExprRector configurable, add simple test for $g variable: Reid Linnemann
02:03 PM pfSense Packages Bug #14116 (Duplicate): Squid Error went I press SAVE button.: Duplicate of https://redmine.pfsense.org/issues/13984
Missing Squid Reverse config values. Steve Wheeler
10:19 AM pfSense Packages Bug #14116: Squid Error went I press SAVE button.: Looks like Clamav is the issue, once I disable this services, the error is gone.

This is my config file:
cat... Peter Moreno
11:52 AM Feature #13017 (Pull Request Review): Packet capture: add preview results while capture is running: Thank you for the pull request. This has been implemented with a re-write of the Packet Capture page. See https://red... Marcos M
09:42 AM Bug #14136 (Resolved): Services Status page and Dashboard widget do not list the ``radvd`` service with certain static IPv6 configurations: After upgrading from 2.5.2 to 23.01 I noticed that @radvd@ no longer appears in Services Status or the associated das... David Myers
04:38 AM pfSense Plus Bug #14135: iOT Devices not reconnecting properly: I forgot to mention we also tested this with a Sony TV (1 year old and up to date Firmware) on an ethernet connection... Steven Cedrone
04:24 AM pfSense Plus Bug #14135 (Rejected): iOT Devices not reconnecting properly: IOT Devices of different manufacturers all seem to have this problem and while the problem is being experienced I wou... Steven Cedrone
04:32 AM pfSense Plus Bug #13497: unbound process looks like stuck periodically: Yaroslav Semenenko wrote:
> Hello,
>
> I have Netgate 2100.
> Unbound service is needed to restart sometimes due... Steven Cedrone
03:50 AM pfSense Plus Feature #14134 (Rejected): Notifier on main dashboard for other updates availble: Packages / System Patches (if installed) Under the PfSense current Version.: A notifier on the Main Landing page under the Current PfSense Version number that lets you also know if your packages... Steven Cedrone
03:47 AM pfSense Plus Feature #14133 (New): Exporting and Importing - Change Layout: Please change Backup & Restore to allow for choosing only what areas you want to import/export without having to do i... Steven Cedrone
03:39 AM pfSense Plus Bug #14132 (Not a Bug): Aliases of the same name current as previously deleted will not be respected properly: This problem is hard to describe so I'll give as much information as possible as best as I can.
-Alias was created... Steven Cedrone
03:30 AM pfSense Plus Feature #14131 (New): Add Dynamic DNS Service: DYNU: Please add Dynamic DNS provider DYNU
https://www.dynu.com/en-US/
It's working now but sometimes won't update an... Steven Cedrone
03:10 AM Feature #14130 (New): Add DynDNS Provider - IPv64.net: I would like to have the German DynDNS provider IPv64.net added. An integration with DynDNS is very easy there via th... Dennis Schröder

03/19/2023

10:52 PM pfSense Plus Bug #14129 (Resolved): Chelsio T520 unable to route past 470Mbps: Chelsio T520-CR and T420-CR are unable to route speeds over 470mbps when updated to 23.01 code. Goes to full 1gb spee... Bruce Talbot
05:58 PM Bug #14128 (New): Input validation does not prevent limiter bandwidth values that are too large: There exists a limit to the bandwidth value within Limiters:
https://github.com/pfsense/FreeBSD-src/blob/bd5b6c0d6cc... Marcos M
04:33 PM pfSense Packages Regression #14024: PHP error in HAProxy Widget with Show Client Traffic enabled: I have the same issue but only affecting one of my deployments. As a workaround you can disable the haproxy service t... Hans Perera
04:01 PM pfSense Plus Bug #12974 (Closed): Typing anything into 1100/2100 recovery installer causes process to stop: This should be closed. Updating to reflect. Ryan Coleman
03:27 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``: Kris Phillips wrote in #note-29:
> FYI it appears this issue has spread in 23.01 to the igc driver as well. After u... Hayden Hill
02:13 PM Bug #14127 (New): Captive Portal - LDAP server with special characters in description fails to authenticate in: When you have an LDAP configured that has commas (and likely other special characters) two things fail:
1) Selecti... Ryan Coleman
11:25 AM pfSense Packages Feature #14126 (New): Quality monitoring graph scale adjustment: If possible, it would be nice if the scale of the packet loss side of the onitoring graph was not the same as the lat... Chris Linstruth
02:33 AM pfSense Plus Feature #14125 (New): Add Cateogory field to Available Packages Tab like Installed Packages Tab: Under the Installed Packages the header fields have the following listed at the top Name Category Version Description... Scott Costa

03/18/2023

10:22 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``: FYI it appears this issue has spread in 23.01 to the igc driver as well. After upgrading to 23.01 on a Netgate 4100,... Kris Phillips
09:37 PM Bug #14124: Some blank SAN fields are not ignored when creating a certificate: I just realized that if I just enter the type of IP address and value of 10.0.0.2 and not click add, just save then 1... Mario Jauvin
09:33 PM Bug #14124: Some blank SAN fields are not ignored when creating a certificate: Kris, this is an interesting comment and you are quite true. If I delete the second blank entry in my screen shot th... Mario Jauvin
09:12 PM Bug #14124: Some blank SAN fields are not ignored when creating a certificate: This doesn't appear to be a bug. You have a FQDN or Hostname entry added as an Alternative Name, but nothing defined... Kris Phillips
04:07 PM Bug #14124 (Resolved): Some blank SAN fields are not ignored when creating a certificate: If I add a alternate name
!clipboard-202303181705-cigpe.png!
and click save, I get this error:
!clipboard-20230318... Mario Jauvin
09:36 PM pfSense Packages Bug #13985: Telegraf error After Update PFSense to 23.01: Unable to replicate in pfSense CE 2.7. Possible it's just an issue on Plus for some reason. Kris Phillips
09:30 PM pfSense Packages Bug #14116: Squid Error went I press SAVE button.: Hello,
What settings do you have enabled and what page were you on that you clicked save to cause this issue? I'v... Kris Phillips
08:02 PM pfSense Plus Bug #14074: Cannot edit or delete ZFS Boot Environment with a name containing only numbers: i installed the patch.
it renamed the two broken boot environments with the name i originally gave them, swapping ... Mark Grant
04:57 PM pfSense Plus Bug #14074: Cannot edit or delete ZFS Boot Environment with a name containing only numbers: The patch works well. I'm not hitting any of the problems I encountered previously. *It only applies to the currently... Chris W
01:57 PM pfSense Plus Bug #14074 (Pull Request Review): Cannot edit or delete ZFS Boot Environment with a name containing only numbers: https://gitlab.netgate.com/pfSense/factory/-/merge_requests/94 Christopher Cope
01:01 PM pfSense Plus Bug #14074 (Confirmed): Cannot edit or delete ZFS Boot Environment with a name containing only numbers: I was able to reproduce this by cloning the default environment, naming it 20230318 (today's date), no description. C... Chris W
06:29 PM Bug #14115: DHCP Server page does not properly select a default interface tab if neither WAN nor LAN are capable of being DHCP servers: this state occurs with previous versions too.
click on the tab of opt interface and you will be able to configur... Alhusein Zawi

03/17/2023

09:21 PM Bug #13655: DNS Forwarder (``dnsmasq``) is using an invalid combination of options when "Query DNS servers sequentially" is enabled: Just to update this: This issue is being addressed in upstream dnsmasq now in order to disallow this invalid and misl... Flole Systems
06:26 PM pfSense Docs Correction #14123 (Closed): DNS Rebinding pfsense documentation: DNS protection documentation here: <https://docs.netgate.com/pfsense/en/latest/services/dns/rebinding.html#dns-protec... Alex Sensation
06:16 PM pfSense Plus Bug #13967 (Feedback): aarch64 23.01 upgrade can fail to write the bootloader: Fix has been released to the world this week. Reid Linnemann
06:15 PM Bug #14046 (Rejected): bsdinstall based installs are missing EFISYS DOS label on efi partition: There are many reasons the EFISYS label is missing. pfSense-upgrade has also been modified to restore this FAT label ... Reid Linnemann
03:35 PM Revision 5c4a6ada: Improve alias sorting (again). Issue #14015: asort does not handle natural case-insensitive sorting of
multi-dimensional arrays properly, so it needs a custom sor... Jim Pingle
02:57 PM Bug #14007 (Resolved): Using PF reserved keywords for interface descriptions results in an invalid ruleset: Jim Pingle
01:18 PM Bug #14007: Using PF reserved keywords for interface descriptions results in an invalid ruleset: patch fixes the issue, prohibiting the reserved pf keywords from being configured as interface names
Tested on:
Ver... Georgiy Tyutyunnik
02:53 PM Feature #14122 (New): Allow selecting the repo branch on config restore: Currently the config restore code always defaults the update repo branch to current stable. The branch set in the con... Steve Wheeler
12:14 PM Feature #12070: Support for VLAN ``0``: Steve Wheeler wrote in #note-15:
> This specific feature request was opened to handle vlan0 for ISPs other than AT&T... Matt Johnson
10:33 AM Feature #12070: Support for VLAN ``0``: This specific feature request was opened to handle vlan0 for ISPs other than AT&T.
It is marked resolved because t... Steve Wheeler
10:02 AM Feature #12070: Support for VLAN ``0``: EDIT: thanks for the update Steve
I noticed the fix was implemented at the dhclient level which is good but the or... Matt Johnson
10:02 AM Feature #12070: Support for VLAN ``0``: Steve Wheeler wrote in #note-12:
> For clarification this issue is marked resolved because pfSense can now accept pr... Matt Johnson
09:28 AM Feature #12070: Support for VLAN ``0``: For clarification this issue is marked resolved because pfSense can now accept priority tagged dhcp replies (vlan0). ... Steve Wheeler
11:41 AM Bug #14092 (Ready To Test): Kernel panic when PF passes a large/fragmented ICMP6 packet: Snapshots as of today have the relevant fix included. Kristof Provost
11:03 AM Regression #14015: Alias list is not sorted: Also of note: I added another patch to the system patches package which applies on top of the previous patch (@4342d1... Jim Pingle
11:00 AM Regression #14015 (Feedback): Alias list is not sorted: Should be fixed by commit:5c4a6ada1867a7d6ec13461680d8309d154c90b1 seems to be OK in various tests I've done.
Beca... Jim Pingle
09:27 AM Regression #14015: Alias list is not sorted: This was also broken again by commit:29cd08ea0da6246ad416e33b3788c05c0b0a5172 during a rector pass. It was changed ba... Jim Pingle
06:35 AM Regression #14015: Alias list is not sorted: Danilo Zrenjanin wrote in #note-3:
> I couldn't reproduce the issue on the:
> I made an extensive list of aliases t... Jim Pingle
03:19 AM Regression #14015: Alias list is not sorted: I couldn't reproduce the issue on the:... Danilo Zrenjanin
10:33 AM Feature #14121 (Duplicate): Add ability to batch import IPs into an *existing* alias: Firewall > Aliases > IP already has an "Import" button that allows creating a *new* alias by pasting a long list of I... Sean McBride
10:15 AM Bug #14117 (Resolved): PHP Error on ``status_interfaces.php`` from PPP interface uptime: Tested on the:... Danilo Zrenjanin
06:17 AM Regression #13962 (Resolved): PPP interfaces do not request DNS servers when "DNS Server Override" is enabled: Tested against:... Danilo Zrenjanin

03/16/2023

11:25 PM Regression #13983 (Resolved): Multiple PHP errors in the DHCP Server when the configuration contains an empty section for an interface: Tested on... Christopher Cope
10:21 PM Regression #14076 (Resolved): PHP error if the configuration has an empty Auto Configuration Backup section: Tested on... Christopher Cope
09:05 PM Regression #14015 (In Progress): Alias list is not sorted: Looks like there may be an issue if aliases are not sorted in the config, the ID in the list may not match the ID in ... Jim Pingle
07:59 PM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: Prime BDE wrote in #note-28:
> Nunya Business wrote in #note-27:
> > This problem has returned with the current ver... Gianluca Semadeni
05:17 PM Regression #14120 (Resolved): ``syslogd`` tries to bind interfaces with no IP address: In 23.01 syslogd will try to bind to an interface that has no IP resulting in the service failing to start.
This i... Steve Wheeler
05:16 PM Revision 1792ffdb: ppp-linkup: Keep routerv6 address scope: Original code was removing address scope from v6 router and because of
that, system always use default gateway to con... Renato Botelho
02:07 PM Feature #14119: Correct or fully implement, in Captive Portal authentication routines, the Tunnel attributes related to the freeRadius VLAN ID setting: If freeRadius was correctly parsing the attributes sent in the accounting communication to freeRadius, the following ... Dale Harron
01:09 PM Feature #14119: Correct or fully implement, in Captive Portal authentication routines, the Tunnel attributes related to the freeRadius VLAN ID setting: WRT ##14093's rejection,
"The solution here is to set each portal to use the RADIUS server in a different way, eith... Dale Harron
11:10 AM Feature #14119 (New): Correct or fully implement, in Captive Portal authentication routines, the Tunnel attributes related to the freeRadius VLAN ID setting: This may be either a bug or the completion of a partially implemented feature to support freeRadius users.
The cap... Dale Harron
01:40 PM Revision ae1bda66: composer update: Christian McDonald
01:12 PM Revision cf2a2f82: Add safety belts to PPP historical uptime calculation. Fixes #14117: Jim Pingle
12:25 PM Bug #13939 (Feedback): IPv6 does not work on secondary PPPoE WAN: Applied in changeset commit:1792ffdb859a5cb40c11360c30989ccc3b7a9271. Renato Botelho
09:19 AM Bug #13939: IPv6 does not work on secondary PPPoE WAN: Reid Linnemann wrote in #note-2:
> It actually looks like this was written from the get-go to omit the scope, which ... Renato Botelho
10:32 AM Todo #6727: Missing file apple-touch-icon-precomposed.png ?: I'm on v2.6.0 CE and I just got this error myself. Interesting. Seems like it would be an easy fix. Allistah F
10:23 AM Bug #14118 (New): freeRadius "Amount of Time" setting is not accurately tracked for Stop/Start settings in Caaptive Portal: Re: tested on 23.01 plus mid Feb release: Correct time accounting error in captiveportal.inc Stop/Start routines for... Dale Harron
08:20 AM Bug #14117 (Feedback): PHP Error on ``status_interfaces.php`` from PPP interface uptime: Applied in changeset commit:cf2a2f82c2aa551b26a6d9606d5e6da1e760ff6b. Jim Pingle
08:00 AM Bug #14117 (Resolved): PHP Error on ``status_interfaces.php`` from PPP interface uptime: Seems to require the "Uptime Logging" option enabled on a plain PPP type WAN (cell modem style, NOT PPPoE/L2TP/PPTP)
... Jim Pingle
07:10 AM Regression #13943: OpenVPN crashes with Signal 8 with very low fragment size: For reference, the fix appears to be: https://github.com/OpenVPN/openvpn/commit/b9a9de156bc3ad517bfc6d1042ad0ef0350b638e Jim Pingle
07:00 AM Regression #13943: OpenVPN crashes with Signal 8 with very low fragment size: OpenVPN has fixed it in version 2.6.1!
When is it available in pfsense+ 23.01? Patrick Schmid
06:33 AM Bug #13860 (Resolved): Typo in Remote IPv4/IPv6 Address help text on ``interfaces_gre_edit.php``: The patch fixes it.
Tested against:... Danilo Zrenjanin
06:29 AM Bug #13953 (Resolved): PHP Error loading Floating rule tab with OpenVPN group rules when there are no OpenVPN instances in the configuration: Danilo Zrenjanin
06:29 AM Bug #13953: PHP Error loading Floating rule tab with OpenVPN group rules when there are no OpenVPN instances in the configuration: Tested the patch on the:... Danilo Zrenjanin
03:29 AM Bug #14034 (Resolved): PHP errors in ``xmlrpc.php`` during configuration synchronization if the target host has an empty XML tag for a given section: Danilo Zrenjanin
03:29 AM Bug #14034: PHP errors in ``xmlrpc.php`` during configuration synchronization if the target host has an empty XML tag for a given section: I tested the patch against:... Danilo Zrenjanin
02:49 AM pfSense Packages Feature #14101: Add Zabbix 6.4 packages: Should there be any help needed, I happen to be the maintainer of all zabbix ports. Juraj Lutter
01:32 AM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound: Hi there, I just wanted to say thanks for all the time and work that is going into this fix. It's really a problem w... Allistah F
12:52 AM pfSense Packages Bug #14116: Squid Error went I press SAVE button.: Crash report begins. Anonymous machine information:
amd64
14.0-CURRENT
FreeBSD 14.0-CURRENT #1 devel-main-n2558... Peter Moreno
12:51 AM pfSense Packages Bug #14116 (Duplicate): Squid Error went I press SAVE button.: Hello, I have squid+SG on Pfsense 2.7-dev, testing.
I was trying to do a little change and went I press 'SAVE' butto... Peter Moreno

03/15/2023

03:00 PM Bug #14061: PHP error if a non-privileged shell user attempts an operation which needs to write ``config.cache``: The only potential possible cause I can see is that both this and #14031 are initially triggered by source:usr/local/... Jim Pingle
07:37 AM Bug #14061 (New): PHP error if a non-privileged shell user attempts an operation which needs to write ``config.cache``: Reopening this for some more investigation. There appear to be several people hitting this, but not consistently and ... Jim Pingle
02:50 PM pfSense Docs Todo #14107: Add troubleshooting steps for LDAP auth: Note added and deployed:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/022334bebe388fd6edea9ac2418cb0c0944... Jim Pingle
02:40 PM pfSense Plus Feature #14112 (Duplicate): Allow user to trigger license re-sync and/or reset in system_register.php: We already have an internal issue for this.
Jim Pingle
01:57 PM pfSense Plus Bug #14104: Google LDAP connections still fail even after adding SNI for TLS 1.3: LDAP client certs are only available on Plus. Jim Pingle
12:21 PM pfSense Docs Todo #14114 (Closed): Change info about ESXi version which might work with pfSense.: Updated and deployed:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/57c3e5e2789a84b71a4eb3544f68e7077c87c4fb Jim Pingle
07:43 AM pfSense Docs Todo #14114 (Closed): Change info about ESXi version which might work with pfSense.: on https://docs.netgate.com/pfsense/en/latest/recipes/virtualize-esxi.html we have
_Article explains how to install ... Azamat Khakimyanov
12:16 PM Bug #14115 (Resolved): DHCP Server page does not properly select a default interface tab if neither WAN nor LAN are capable of being DHCP servers: When both WAN and LAN are set to DHCP, the DHCP server web interface doesn't appropriately select an interface tab.
... Christian McDonald
11:13 AM pfSense Docs Todo #14111 (Closed): Installation pages flash drive too small for 23.01 ARM64 image: Updated and deployed.
https://gitlab.netgate.com/docs/netgate-docs/-/commit/b45a21365b0faf6bee17141d70b41a216698b964 Jim Pingle
11:00 AM pfSense Docs Todo #14111: Installation pages flash drive too small for 23.01 ARM64 image: I'll update that doc but do note the documents for the 1100 and 2100 both actually say 8GB already:
https://docs.n... Jim Pingle
09:45 AM pfSense Packages Bug #14113 (Duplicate): PHP Error: /usr/local/pkg/avahi/avahi.inc:76: Duplicate of #14019 Jim Pingle
02:22 AM pfSense Packages Bug #14113 (Duplicate): PHP Error: /usr/local/pkg/avahi/avahi.inc:76: Just updated my pfsense box to 23.01 from 22.05. Everything was going smoothly, but on my first login i received a no... S Hunor
12:50 AM Bug #13624: Only one alias in local network of OpenVPN Server works in 2.6.0: I also discovered this issue in 2.7.0 & 22.x with alias parsing in the all OpenVPN configuration page network fields.... Dean Arnold

03/14/2023

09:34 PM pfSense Docs Todo #14107: Add troubleshooting steps for LDAP auth: It helped someone on 23.01 after they saw the following from pfSense on a pcap when testing the auth:
> Alert (Level... Marcos M
10:52 AM pfSense Docs Todo #14107 (Closed): Add troubleshooting steps for LDAP auth: That shouldn't be needed on current versions since the LDAP CA setup is different than it was back at the time that s... Jim Pingle
10:43 AM pfSense Docs Todo #14107 (Closed): Add troubleshooting steps for LDAP auth: Add the troubleshooting step of restarting php-fpm as detailed here:
https://forum.netgate.com/post/893499
Add to... Marcos M
08:44 PM pfSense Plus Feature #14112 (Duplicate): Allow user to trigger license re-sync and/or reset in system_register.php: There may be a case for adding some buttons in system_register.php that allow the user to 1) Force the existing pfSen... M Felden
04:50 PM pfSense Docs Todo #14111 (Closed): Installation pages flash drive too small for 23.01 ARM64 image: The installation media page says 4GB is sufficient for pfSense but the 23.01 ARM64 image is 4 in one and expands to 4... Ryan Coleman
03:43 PM Revision 5f43b9b5: RAM disk size check/options update. Fixes #13508: * Update RAM disk size/free memory calculations
* Fix up some text in the option labels
* Show current /tmp and /var ... Jim Pingle
02:53 PM Bug #11877 (Resolved): Labels and description disappear in firewall_schedule_edit.php: There's a quirk with the fix where removing the row with the labels does not re-add the labels until the changes are ... Marcos M
01:42 PM pfSense Packages Bug #14075: Using the ``Transparent ClientIP`` option in HAproxy results in kernel panics: I have returned ipfw to development snapshots so we can work on replicating and testing there. It is not possible to ... Christian McDonald
12:02 PM pfSense Docs Todo #14110 (Resolved): Clean up outdated references to "Factory" edition: Main docs:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/9a0c401f51fa65168905fe798fe4b74475e8e6f9
Platf... Jim Pingle
11:05 AM pfSense Docs Todo #14110 (Resolved): Clean up outdated references to "Factory" edition: There are a few remaining references in the documentation to the old "Factory" edition ("FE") name that need updated ... Jim Pingle
11:28 AM Feature #14109: Auto Configuration Backup Key Feature Request: Thanks for the reply, speaking from experience is all I noticed they are ever changing with each software reload or c... Jonathan Lee
11:09 AM Feature #14109 (Rejected): Auto Configuration Backup Key Feature Request: The key is not something that should be passed around that freely, it should be treated like a password or similar to... Jim Pingle
11:04 AM Feature #14109 (Rejected): Auto Configuration Backup Key Feature Request: Hello fellow pfSense Community,
I wanted to add a feature request for Auto Configuration Backup, there is no setti... Jonathan Lee
10:54 AM pfSense Packages Bug #14108 (Rejected): Antivirus Bases showing outdated main.cvd with a version dated year 2021: Per ClamAV's website:
"ClamAV signatures come in a variety of formats, one for each of the distinct detection method... Jonathan Lee
10:50 AM Todo #13508 (Feedback): Uncouple RAM Disk size from available kernel memory: Applied in changeset commit:5f43b9b527a6a65bd2c70ac231e3fdceff6ab0d3. Jim Pingle
07:55 AM Todo #13508 (In Progress): Uncouple RAM Disk size from available kernel memory: Note to self: tmpfs data can get moved to swap under memory pressure, which further extends its potential capacity, s... Jim Pingle
10:41 AM pfSense Plus Bug #14106 (New): arc4random: WARNING: initial seeding bypassed the cryptographic random device because it was not yet seeded and the knob 'bypass_before_seeding' was enabled.: 23.01 is now showing this error after a fresh firmware install on a Netgate 2100-MAX system. It will continue to boot... Jonathan Lee
10:24 AM Feature #14105 (New): Ability to set 'block-local' gateway flag in OpenVPN Server Config: I am setting up my OpenVPN servers so when a client connects all their traffic (except VPN tunnel traffic) goes throu... Jon Brown
08:50 AM Todo #14103 (Resolved): Add more disk information to status output: This is present and working in the latest snapshot. Jim Pingle
08:08 AM pfSense Plus Regression #13895: Early boot hangs on Hyper-V with Gen2 VMs: Thanks Chris.
While this doesn't solve your immediate situation, it looks like repro is possible with Windows Serv... Leon Dang
03:11 AM pfSense Plus Bug #14104 (New): Google LDAP connections still fail even after adding SNI for TLS 1.3: tested on 23.01 and with IPv6
After fixing https://redmine.pfsense.org/issues/11626 I see that the LDAP client is ... Azamat Khakimyanov
02:28 AM Bug #14077: Kernel panic from incoming IPv6 connections: Sorry, I missed that.
I believe I understand the issue. Briefly put, pf_refragment6() ends up calling ip6_forward(... Kristof Provost

03/13/2023

11:17 PM Revision d6911589: Add more disk info to status output. Implements #14103: Jim Pingle
10:56 PM Bug #14077: Kernel panic from incoming IPv6 connections: #14092 is not public, so it's impossible to check what that one is about and what will trigger it. Flole Systems
12:23 PM Bug #14077: Kernel panic from incoming IPv6 connections: This issue isn't related to IPv4 NAT, so your NAT rules will not matter.
See #14092 as well, because this is almos... Kristof Provost
09:17 PM pfSense Plus Regression #13895: Early boot hangs on Hyper-V with Gen2 VMs: Here is a screenshot of the memmap command on an affect VM. This machine is on Windows Server 2022. The Pfsense VM ... Chris Poillion
07:03 PM Revision c37e9ab9: Catch case when DHCP WAN comes up late during boot. Fixes #13671: Jim Pingle
06:37 PM Revision 5c75223e: Fix typo. Fixes #13860: Jim Pingle
06:31 PM Revision 6c186dae: Auth log behavior update. Fixes #12464: Jim Pingle
06:25 PM Todo #14103 (Feedback): Add more disk information to status output: Applied in changeset commit:d691158995f63347d2ad7ab037b7bf3d4fe989bb. Jim Pingle
06:16 PM Todo #14103 (Resolved): Add more disk information to status output: The status output could use some more disk information we've been requesting recently:... Jim Pingle
06:04 PM Revision 4fe6481f: Add knob for console bell (default: enabled). Fixes #14002: Jim Pingle
05:54 PM pfSense Plus Regression #14102 (Resolved): Console menu incorrectly shows option ``99`` on some ARMv7/ARM64 installations: The console menu is intended to only show menu option 99 'Install to device' if pfSense is not running from eMMC or S... Steve Wheeler
05:27 PM pfSense Packages Feature #14101 (Resolved): Add Zabbix 6.4 packages: https://www.freshports.org/net-mgmt/zabbix64-agent/
https://www.freshports.org/net-mgmt/zabbix64-proxy/
Tirso Ramirez
05:11 PM Revision 7ce12dcb: Do not allow an interface to use PF reserved words as its name. Fixes #14007: Jim Pingle
03:58 PM Revision 5f121e6a: Improve floating rule handling of missing VPNs. Fixes #13953: Jim Pingle
03:39 PM Revision 0dbc2d6a: GW Edit: Handle missing OpenVPN/IPsec entries better. Fixes #13973: Jim Pingle
03:02 PM Revision 9bfd8974: Improve handling of XMLRPC sync of empty sections. Fixes #14034: Jim Pingle
02:10 PM Bug #13671 (Feedback): DHCP client can fail permanently if an interface is down at boot: Applied in changeset commit:c37e9ab908cffe20227cc8c88ae5463b5562a397. Jim Pingle
02:03 PM Bug #13671 (In Progress): DHCP client can fail permanently if an interface is down at boot: I was able to reproduce this in a VM finally. The key is to boot with the interface detected and then reconnect it ju... Jim Pingle
01:45 PM Bug #13860 (Feedback): Typo in Remote IPv4/IPv6 Address help text on ``interfaces_gre_edit.php``: Applied in changeset commit:5c75223e38c6c3ba1b67f9ab24b9f7ea34bde0f8. Jim Pingle
01:38 PM Bug #13860 (In Progress): Typo in Remote IPv4/IPv6 Address help text on ``interfaces_gre_edit.php``: Jim Pingle
01:40 PM Feature #12464 (Feedback): Option to control log level of authentication messages in system logs ("Emergency" vs "Notice" level): Applied in changeset commit:6c186dae17fe41851c2ee3bb72852178596f2652. Jim Pingle
01:30 PM Feature #12464 (In Progress): Option to control log level of authentication messages in system logs ("Emergency" vs "Notice" level): Now that the console bell behavior is split off from this (See #14002) I think what we should do here is just keep th... Jim Pingle
01:29 PM Revision f884cc20: filter: correctly disable fragment reassembly: Kristof Provost
01:15 PM Feature #14002 (Feedback): Option to enable/disable console bell, enabled by default: Applied in changeset commit:4fe6481fa35f31b93ed5841c3342cbb5bd76237c. Jim Pingle
01:04 PM Feature #14002 (In Progress): Option to enable/disable console bell, enabled by default: The more I look at this the less it's tied to the login messages since it's a general console bell setting. I've got ... Jim Pingle
01:10 PM pfSense Plus Regression #13824: CPU/Crypto Detection for the 3100 is not functioning properly: Bill McGonigle wrote in #note-4:
> Is the patch world-readable anywhere? I have affected hardware and the System Pa... Jim Pingle
01:08 PM pfSense Plus Regression #13824: CPU/Crypto Detection for the 3100 is not functioning properly: Is the patch world-readable anywhere? I have affected hardware and the System Patches feature can't resolve this com... Bill McGonigle
12:22 PM Bug #14092 (In Progress): Kernel panic when PF passes a large/fragmented ICMP6 packet: I believe I understand the issue. Briefly put, pf_refragment6() ends up calling ip6_forward() for traffic in the outp... Kristof Provost
12:20 PM Bug #14007 (Feedback): Using PF reserved keywords for interface descriptions results in an invalid ruleset: Applied in changeset commit:7ce12dcb36c73d6526dd46ef6b790d189be25a40. Jim Pingle
12:09 PM Bug #14007 (In Progress): Using PF reserved keywords for interface descriptions results in an invalid ruleset: The fix for #14057 likely also solved this as a byproduct but we should still reject these names just in case.
I c... Jim Pingle
11:05 AM Bug #13953 (Feedback): PHP Error loading Floating rule tab with OpenVPN group rules when there are no OpenVPN instances in the configuration: Applied in changeset commit:5f121e6a11df8f640f01d27795afeaefb55c50d6. Jim Pingle
10:50 AM Bug #13973 (Feedback): PHP error in ``gwlb.inc`` when OpenVPN or IPsec instances referred to by assigned interface entries are missing: Applied in changeset commit:0dbc2d6a7679e85d69bae85ec57d90674e393ea8. Jim Pingle
10:43 AM Bug #13973: PHP error in ``gwlb.inc`` when OpenVPN or IPsec instances referred to by assigned interface entries are missing: There is already a check which prevents deleting an assigned VPN instance, so it's not clear how this situation may h... Jim Pingle
10:29 AM Bug #13973 (In Progress): PHP error in ``gwlb.inc`` when OpenVPN or IPsec instances referred to by assigned interface entries are missing: Jim Pingle
10:50 AM Bug #13003: Malicious Driver Detection event on ``ixl(4)`` driver: Today we have had a crash with the "Malicious Driver Detection" event at 10:00:26 Colombia time:
Mar 13 10:00:26 ker... Daniel Montealvaro
10:10 AM Bug #14034 (Feedback): PHP errors in ``xmlrpc.php`` during configuration synchronization if the target host has an empty XML tag for a given section: Applied in changeset commit:9bfd89747eba77091ab6e2df5639a33a185342f8. Jim Pingle
09:43 AM pfSense Packages Feature #14100 (New): Use interface groups as an Alias for IP Interface/Rules Configuration: Hi
I understand that there is an order in how firewall rules are used but my suggestion is not for altering that.
... Jon Brown
09:28 AM pfSense Plus Regression #14099 (Duplicate): snmpd SIOCGIFDESCR (e6000sw0port1): Device not configured: Duplicate of #13976 Jim Pingle
09:26 AM pfSense Plus Regression #14099 (Duplicate): snmpd SIOCGIFDESCR (e6000sw0port1): Device not configured: See bug #8600 Björn Bylander
09:18 AM pfSense Plus Bug #8600: "snmpd SIOCGIFDESCR (e6000sw0port1): Device not configured": This bug seems to have popped up again on my SG-3100 after upgrading to 23.01. Björn Bylander
09:09 AM Feature #8794: NTP authentication support: I can confirm this issue still occurs in version 23 Jonathan Lee
09:05 AM pfSense Packages Regression #13978: PHP errors with squidGuard: Also:... Steve Wheeler
08:40 AM Todo #14098 (Resolved): Match upstream changes in PF syntax to disable fragment disassembly: PF enables fragment disassembly by default now, so to disable it the directive must explicitly be @fragment no reasse... Jim Pingle
07:38 AM Bug #13938 (Resolved): Kernel panic accessing the GUI over IPsec in certain environments when using nginx ``sendfile`` with unmapped mbufs: @sendfile@ is @off@ in all @nginx@ configurations now, for the GUI and Captive Portal.
Jim Pingle

03/12/2023

04:02 PM pfSense Packages Bug #13043: OSPF over Wireguard interface doesn't populate neighbors after reboot: Hi,
just wanted to confirm. I can reproduce this issue on all of my installations so far. Mostly PFsense CE 2.6.0 ... Johann Lohberger
03:29 PM Bug #11877 (Feedback): Labels and description disappear in firewall_schedule_edit.php: Right. The fix is in snapshots. Christian McDonald
02:28 PM Bug #13938: Kernel panic accessing the GUI over IPsec in certain environments when using nginx ``sendfile`` with unmapped mbufs: We will now disable sendfile mode. Sendfile has little to no benefit for us on pfSense.
This feature of nginx has ... Christian McDonald
01:05 PM Bug #14077: Kernel panic from incoming IPv6 connections: Thank you for the information.
I got an unexpected crash but I forgot that I have another NAT rule (the 443 NAT rule... Bruno Dambrine
10:33 AM Bug #13325 (Confirmed): System Information widget breaks with multiple instances: Marcos M
09:09 AM pfSense Packages Regression #14097 (Duplicate): Upgrade to 23.01: PHP Fatal error: Uncaught TypeError: Unsupported operand types: string / int in /etc/inc/util.inc: Duplicate of #14024 Jim Pingle
01:28 AM pfSense Packages Regression #14097 (Duplicate): Upgrade to 23.01: PHP Fatal error: Uncaught TypeError: Unsupported operand types: string / int in /etc/inc/util.inc: After the upgrade to version 23.01-RELEASE I right away got a message from the Crash reporter:... Sebastian Wagner
04:57 AM Bug #13729: Gateways stuck in Unknown status: Same issue, restarting dpinger service resolved the issue. I have dpinger in service watchdog service do it should no... Marko Koivusalo
01:55 AM Revision 37c29e4d: Disable nginx sendfile mode, Fixes #13938: Christian McDonald

03/11/2023

09:37 PM pfSense Plus Feature #13786: ldap intergration for firewall rules: Mike Moore wrote in #note-4:
> So there is no way in the future to create a LAN rule stating
> Src: AD/mmoore
> Ds... Kris Phillips
09:29 PM pfSense Plus Feature #14017: Ability to remove all packages before upgardes with saved configuration: There is already an option to reinstall packages from Diagnostics --> Backup and Restore. It would be beneficial for... Kris Phillips
09:25 PM pfSense Plus Regression #14080: Installer fails to install to a geom mirror: Typically right now we also have issues with the installer converting from gmirror to ZFS. Haven't tested since 22.0... Kris Phillips
09:06 PM Bug #14060: Auto Config Backup prints a confusing decryption error when using the wrong key: that looks better, when I do the same thing I get the following now with that patch applied to 23.01
__
The followi... Jordan G
08:05 PM Bug #13938 (Feedback): Kernel panic accessing the GUI over IPsec in certain environments when using nginx ``sendfile`` with unmapped mbufs: Applied in changeset commit:37c29e4de148a14480c01c8fa179e9b630bb0fb4. Christian McDonald
07:44 PM Bug #14089 (Duplicate): System information widget bars operate incorrectly when widget is "split": Duplicate of #13325 Christopher Cope
03:34 PM pfSense Packages Bug #14096 (Resolved): Status_Traffic_Totals does not work on snapshots due to sqlite change: It looks like a recent change in sqlite broke vnstat which leads to Status_Traffic_Totals not working:
https://for... Jim Pingle
02:05 PM pfSense Packages Bug #14094: HAProxy "Write to Disk" files not being saved: Christopher Cope wrote in #note-2:
> The files are not wrote unless HAProxy is enabled, and the backend / frontend a... Ryan V
01:39 PM pfSense Packages Bug #14094 (Not a Bug): HAProxy "Write to Disk" files not being saved: Ryan V wrote:
> pfSense v2.6.0, HAProxy package v0.61_7.
>
> I am trying to save a map file via the Files tab in ... Christopher Cope
12:34 PM pfSense Packages Bug #14094: HAProxy "Write to Disk" files not being saved: Replying to add that nothing helpful is showing in the logs found in Status > System Logs:... Ryan V
12:31 PM pfSense Packages Bug #14094 (Not a Bug): HAProxy "Write to Disk" files not being saved: pfSense v2.6.0, HAProxy package v0.61_7.
I am trying to save a map file via the Files tab in the HAProxy GUI. I ad... Ryan V
01:57 PM Bug #14077: Kernel panic from incoming IPv6 connections: This looks similar to another crash we have been able to reproduce, and we're still working on a fix. I suspect it's ... Jim Pingle
01:41 PM Bug #14077: Kernel panic from incoming IPv6 connections: Hi.
I have rebuild the configuration and I may have some useful information.
First of all, some information on ... Bruno Dambrine
01:54 PM Bug #13003: Malicious Driver Detection event on ``ixl(4)`` driver: Good afternoon.
We have tried updating the driver, disabling TSO, increasing queues, changing the interface... Wit... Daniel Montealvaro
01:10 PM Bug #14095: Removing an interface group does not remove rules for the interface group: This isn't an alias problem, the alias code is doing what it should and preventing you from removing an item that's i... Jim Pingle
01:02 PM Bug #14095 (New): Removing an interface group does not remove rules for the interface group: If an Alias was used in a rule on an Interface Group, after removing the interface group, you won't be able to delete... Danilo Zrenjanin
12:30 PM pfSense Plus Bug #13981 (Resolved): PHP Error on ``status_interfaces.php`` with empty switch VLAN group configuration and assigned VLAN interfaces: Replicated the issue on SG-2100.... Danilo Zrenjanin
09:08 AM pfSense Packages Bug #14088 (Resolved): pfsense 2.7-dev pfSense-pkg-snort installation failed!: Jim Pingle
01:03 AM pfSense Packages Bug #14088: pfsense 2.7-dev pfSense-pkg-snort installation failed!: Yes, now I could install snort, thanks!!! Peter Moreno
09:08 AM Bug #11877 (New): Labels and description disappear in firewall_schedule_edit.php: Jim Pingle
12:13 AM Bug #11877: Labels and description disappear in firewall_schedule_edit.php: Tested on 23.01, It still disappears descriptions and labels. Lev Prokofev

03/10/2023

05:09 PM Revision 5efa3d45: Improve error handling in ACB. Fixes #14060: It wasn't printing a helpful message when it failed to decrypt a
configuration (e.g. using the wrong key). Jim Pingle
04:51 PM Revision 404efa21: Resolve various PHP8 issues in ACB. Fixes #14076: Jim Pingle
03:28 PM Revision 94e26e56: Fix labels and description dissapear in firewall_schedule_edit.php, #11877: Christian McDonald
03:16 PM Revision a478307d: Start sshd after hosts and interfaces: Steve Wheeler
03:05 PM Revision 29cd08ea: Aliases config access refactor by brd: Christian McDonald
02:19 PM Feature #14093 (Rejected): Captive Portal permits user to authenticate / log into wrong vlan ID selected in freeRadius: The solution here is to set each portal to use the RADIUS server in a different way, either with a different NAS Iden... Jim Pingle
01:38 PM Feature #14093 (Rejected): Captive Portal permits user to authenticate / log into wrong vlan ID selected in freeRadius: When two or more separate Captive Portals use freeRadius for authentication and a user in freeRadius exists with a VL... Dale Harron
02:15 PM Bug #13851 (Resolved): DNS Resolver does not generate automatic ACLs for IPv6 when Network Interfaces is set to "All": Jim Pingle
01:01 PM Bug #13851: DNS Resolver does not generate automatic ACLs for IPv6 when Network Interfaces is set to "All": Tested on:
Version 23.01-RELEASE (amd64)
built on Fri Feb 10 20:06:33 UTC 2023
FreeBSD 14.0-CURRENT
patch suc... Georgiy Tyutyunnik
12:55 PM Feature #13844: Make RADIUS Start/Stop accounting immediately log off a user that exceeds quota when reauthentication is disabled: I considered a separate redmine but this issue must be resolved simultaneous with this redmine as simply removing the... Dale Harron
12:21 PM Bug #14092: Kernel panic when PF passes a large/fragmented ICMP6 packet: The backtrace here looks the same as on #14077, they may be the same. Jim Pingle
08:35 AM Bug #14092 (Resolved): Kernel panic when PF passes a large/fragmented ICMP6 packet: With pf enabled and a rule to pass IPv6 ICMP, the kernel may panic when receiving and passing a large ICMP6 packet:
... Jim Pingle
12:21 PM pfSense Packages Bug #14075: Using the ``Transparent ClientIP`` option in HAproxy results in kernel panics: This is likely a bug in ipfw, which was included in 23.01. 23.05 does not contain the ipfw kernel module.
23.01:
... Christian McDonald
11:15 AM Bug #14060 (Feedback): Auto Config Backup prints a confusing decryption error when using the wrong key: Applied in changeset pfsense:commit:5efa3d459f07382c8ab9d487775f07cb1114e212. Jim Pingle
11:08 AM Bug #14060 (In Progress): Auto Config Backup prints a confusing decryption error when using the wrong key: It just can't decrypt the config because it isn't using the right encryption key. If you set the correct key then you... Jim Pingle
11:00 AM Regression #14076 (Feedback): PHP error if the configuration has an empty Auto Configuration Backup section: Applied in changeset commit:404efa211294c85fa497b756d494d41f1b0f658d. Jim Pingle
10:50 AM Regression #14076: PHP error if the configuration has an empty Auto Configuration Backup section: This one can also happen with the empty settings tag:... Jim Pingle
10:47 AM Regression #14076 (In Progress): PHP error if the configuration has an empty Auto Configuration Backup section: Jim Pingle
10:29 AM pfSense Plus Bug #14068 (Closed): Importing Chained Cert Data into the System --> Cert Manager --> Certificates Breaks Authentication: Kris Phillips wrote in #note-2:
> The message of "Unknown CA" is what pfSense is sending to the remote host. This w... Jim Pingle
10:16 AM pfSense Plus Bug #14068: Importing Chained Cert Data into the System --> Cert Manager --> Certificates Breaks Authentication: Jim Pingle wrote in #note-1:
> Allowing multiple CAs in a single entry was always a hackish workaround for things th... Kris Phillips
09:29 AM Bug #11877: Labels and description disappear in firewall_schedule_edit.php: Reapplied the patch. I was unable to rebase in GitLab.
Feedback now appreciated. Christian McDonald
09:26 AM Bug #11877 (Feedback): Labels and description disappear in firewall_schedule_edit.php: Christian McDonald
08:44 AM pfSense Packages Bug #14088: pfsense 2.7-dev pfSense-pkg-snort installation failed!: I checked the Suricata port and it still uses luajit:luajit-openresty. Both work now. Christian McDonald
07:00 AM pfSense Packages Bug #14088: pfsense 2.7-dev pfSense-pkg-snort installation failed!: Christian McDonald wrote in #note-3:
> Thanks Bill for the history, that was helpful.
>
> I set the luajit-openre... Bill Meeks
08:07 AM Bug #14035: PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded: My configuration also has @<gifs></gifs>@ and I can create a new GIF OK. I still can't find a way to reproduce this r... Jim Pingle
07:25 AM Regression #14091 (Confirmed): The "Kill States" button does not work consistently: It doesn't seem to be about the destination, it works sometimes and not others.
I tried a few different states and... Jim Pingle
03:49 AM Regression #14091 (Resolved): The "Kill States" button does not work consistently: Steps to reproduce
1)go to Dignostics=>States
2)Use the Filter expression field to filter using some known destinat... Lev Prokofev
04:18 AM Bug #14034: PHP errors in ``xmlrpc.php`` during configuration synchronization if the target host has an empty XML tag for a given section: If no VIP is defined on the primary, after any XMLRPC action, it will create an empty <virtualip></virtualip> tag on ... Danilo Zrenjanin

03/09/2023

09:17 PM pfSense Packages Bug #14088 (Feedback): pfsense 2.7-dev pfSense-pkg-snort installation failed!: Thanks Bill for the history, that was helpful.
Honestly one of these days I need to audit the port options that we h... Christian McDonald
07:54 PM pfSense Packages Bug #14088: pfsense 2.7-dev pfSense-pkg-snort installation failed!: Christian McDonald wrote in #note-1:
> This also impacts 23.05 snapshots.
>
> We currently build nginx with LUA supp... Bill Meeks
04:43 PM pfSense Packages Bug #14088: pfsense 2.7-dev pfSense-pkg-snort installation failed!: This also impacts 23.05 snapshots.
We currently build nginx with LUA support (which we don't use). Snort also depend... Christian McDonald
11:49 AM pfSense Packages Bug #14088 (Resolved): pfsense 2.7-dev pfSense-pkg-snort installation failed!: Hello.
I want to test snort on pfsense 2.7-dev latest version
But I receive this error:
>>> Installing pfSen... Peter Moreno
05:55 PM Bug #14077: Kernel panic from incoming IPv6 connections: Bruno Dambrine wrote in #note-2:
> I have reinstalled the 6100 with the 23.01 to make sure that the issue is not lin... Paul Kennedy
05:42 PM Bug #13325: System Information widget breaks with multiple instances: Just following up on this as this is STILL and ALSO occurring on the latest pfSense+ version 23.01. Larry Bernardo
02:45 PM pfSense Plus Bug #14090 (New): Significant State Creation Causes LACP, BGP, and Possibly Other Components to Temporarily Fail: When testing with a customer, when a remote host has a large number of new states being created, then transitioning t... Kris Phillips
12:34 PM Bug #14089 (Duplicate): System information widget bars operate incorrectly when widget is "split": System information widget fields:
State table size
MBUF Usage
Temperature
Load average
CPU usage
Memory usage... Georgiy Tyutyunnik
12:33 PM pfSense Docs Correction #14084 (Resolved): Feedback on Virtual Private Networks — OpenVPN — OpenVPN Configuration Options — Client Specific Overrides: I pushed a correction for this, it will be live in ~10-15 minutes when the build finishes. Jim Pingle
11:16 AM pfSense Docs Correction #14084: Feedback on Virtual Private Networks — OpenVPN — OpenVPN Configuration Options — Client Specific Overrides: It's actually working as it should in that case, but you are right the docs could use some clarity on that.
Withou... Jim Pingle
05:46 AM pfSense Docs Correction #14084 (Resolved): Feedback on Virtual Private Networks — OpenVPN — OpenVPN Configuration Options — Client Specific Overrides: *Page:* https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/configure-overrides.html
Using:... Marius Popa
11:06 AM Bug #14087 (Duplicate): Adding CARP: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/www/xmlrpc.php:399: Duplicate of #14034 Jim Pingle
10:44 AM Bug #14087 (Duplicate): Adding CARP: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/www/xmlrpc.php:399: When I add a (my first) Virtual IP (CARP) I get an error on the secondary:... Michael Lipp
10:57 AM pfSense Packages Regression #14043 (Feedback): Netgate Firmware Upgrade fails to mount EFISYS: Fixed in plus as of 67fef1ab045a. /mnt and /boot/efi are both unmounted prior to mounting the ESP at /mnt. Reid Linnemann
07:35 AM Regression #14086 (Resolved): Current snapshot builds missing most kernel modules that were on previous builds/releases: At some point between March 1 and March 8 dev snapshot builds of CE 2.7.0 the kernel package lost 90% of its modules.... Jim Pingle
07:02 AM pfSense Plus Bug #14085 (New): QAT not working / same speed as AES-NI with CPIC-8955!: My post on the netgate forum, still no unanswer:
https://forum.netgate.com/topic/175096/ipsec-with-qat-low-performan... Alexandru Racovita
06:30 AM Bug #14070: STUN or Override WAN address in UPnP breaks working port forwarding if WAN IP is Private IP: Simplified testing:
*Scenario 1.*
Upstream router gives pfsense a *Private IP in DMZ* on WAN.
UPnP settings in pfse... Greger Blennerud

03/08/2023

06:57 PM pfSense Plus Regression #13895: Early boot hangs on Hyper-V with Gen2 VMs: I can't repro it in Win-11 Hyper-V. 4GB, ZFS, 3 NICs, ISO still attached.
In the loader prompt (option 3), can you... Leon Dang
01:53 PM Bug #14070: STUN or Override WAN address in UPnP breaks working port forwarding if WAN IP is Private IP: Here's the "same" testing with some more details:
Testing is done in two difference scenarios, where the first has p... Greger Blennerud
01:09 PM Bug #14083 (Resolved): Adding MSS and MTU values on a LAGG VLAN interface breaks connectivity: Steps to reproduce:
# Under Interfaces/WAN, define MTU 1480 and MSS 1440. Save and Apply the changes.
# Reboot th... Danilo Zrenjanin
10:16 AM pfSense Docs Todo #14082 (Closed): Feedback on Network Address Translation — Port Forwards: That definitely is wrong as-is, it should be:... Jim Pingle
09:05 AM pfSense Docs Todo #14082 (Closed): Feedback on Network Address Translation — Port Forwards: *Page:* https://docs.netgate.com/pfsense/en/latest/nat/port-forwards.html#adding-port-forwards
*Feedback:*
The bu... Steve Y
07:54 AM pfSense Plus Regression #14080: Installer fails to install to a geom mirror: Reid Linnemann wrote in #note-2:
> Do we want to cut the cord on UFS and just be done with it?
UFS is OK and not ... Jim Pingle
07:34 AM Regression #14072: No working IPv6 gateway if upstream RA does not contain M or O flags because rtsold does not execute script: Ricardo Mendes wrote in #note-3:
> Since the current behaviour introduced by the update is what we'd consider to be ... Jim Pingle
05:06 AM Regression #14072: No working IPv6 gateway if upstream RA does not contain M or O flags because rtsold does not execute script: Hi there,
I initially posted about this issue on the forums and would like to leave a suggestion here;
Since th... Ricardo Mendes
07:06 AM pfSense Packages Feature #14081 (New): Nagios: Hello,
I have a problem with the netgate in version 23.01 for Nagio monitoring.
After researching the problem of... Florian BELIARD
01:43 AM Bug #13003: Malicious Driver Detection event on ``ixl(4)`` driver: Good afternoon.
We have the same problem with our 1541.
We are in version 23.01.
The problem is that sometimes the... Daniel Montealvaro

03/07/2023

11:02 PM pfSense Plus Regression #14080: Installer fails to install to a geom mirror: Do we want to cut the cord on UFS and just be done with it? Reid Linnemann
07:44 PM pfSense Plus Regression #14080: Installer fails to install to a geom mirror: You can get past that point by manually setting the UFS slice on the mirror to mount at @/@ though it still fails eve... Jim Pingle
06:12 PM pfSense Plus Regression #14080 (New): Installer fails to install to a geom mirror: The 23.01 installer fails to create the expected mount points when trying to reinstall UFS to an existing gmirror.
... Steve Wheeler
03:28 PM Bug #14045: ``pfSense-boot`` can fail to copy the EFI bootloader: Merged to plus with merge commit 70bd508078 Reid Linnemann
12:21 PM pfSense Plus Bug #14074: Cannot edit or delete ZFS Boot Environment with a name containing only numbers: more experimentation
if i create a new environment with the same name as the old damaged ones (now 0 or 1) it create... Mark Grant
12:10 PM Bug #14077: Kernel panic from incoming IPv6 connections: I have reinstalled the 6100 with the 23.01 to make sure that the issue is not linked to the upgrade.
I got the same ... Bruno Dambrine
10:43 AM Regression #14072: No working IPv6 gateway if upstream RA does not contain M or O flags because rtsold does not execute script: Louis B wrote in #note-1:
> I also think the RA behavoir is not OK! See my form post https://forum.netgate.com/topic... Jim Pingle
09:41 AM Regression #14072: No working IPv6 gateway if upstream RA does not contain M or O flags because rtsold does not execute script: I also think the RA behavoir is not OK! See my form post https://forum.netgate.com/topic/178423/some-doubts-about-rou... Louis B
08:51 AM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset: Nunya Business wrote in #note-27:
> This problem has returned with the current version of the Wireguard package, 1.1... Prime BDE

03/06/2023

09:44 PM Revision 8b8f94c7: Safely update efi loader from pfSense-boot. Fixes #14045: Alter pfSense-boot +INSTALL script to safely update the efi loader from
/boot/loader.efi. The update is now done with... Reid Linnemann
04:39 PM Bug #14045: ``pfSense-boot`` can fail to copy the EFI bootloader: Merge to plus is still pending before this can be closed. Reid Linnemann
04:30 PM Bug #14045 (Feedback): ``pfSense-boot`` can fail to copy the EFI bootloader: Applied in changeset commit:8b8f94c7e10d9bc64d267eb8fb6f4280f13d3ab9. Reid Linnemann
04:33 PM pfSense Plus Bug #13967: aarch64 23.01 upgrade can fail to write the bootloader: Fix for this is introduced into pfSense-updgrade at revision 2c4bf3c in plus packages only at this time. pfSense-upgr... Reid Linnemann
04:32 PM Bug #14035: PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded: We actually have the full config this is hitting this in Nextcloud.
The gif section is empty:... Steve Wheeler
12:10 PM Bug #14035: PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded: Jay Maynard wrote in #note-3:
> What information can I supply?
See my comment in #note-1 above. Jim Pingle
11:34 AM Bug #14035: PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded: What information can I supply? Jay Maynard
03:46 PM pfSense Plus Bug #14074: Cannot edit or delete ZFS Boot Environment with a name containing only numbers: did some more trials, and found if i just use the date as 20230306 it does it.
named it 20230306, the other day i na... Mark Grant
09:38 AM pfSense Plus Bug #14074: Cannot edit or delete ZFS Boot Environment with a name containing only numbers: to get the initial issue;
what i did; i didnt read the limitation of what characters could be used, and used a "-"... Mark Grant
07:17 AM pfSense Plus Bug #14074 (Feedback): Cannot edit or delete ZFS Boot Environment with a name containing only numbers: There must be some additional steps needed to replicate the problem. I tried a 23.01 system here and I could create a... Jim Pingle
02:53 AM pfSense Plus Bug #14074: Cannot edit or delete ZFS Boot Environment with a name containing only numbers: now that it has this new boot environment '0' if i try to edit it, it makes a new boot environment. Each time.
ho... Mark Grant
03:09 PM Revision d24242c7: Handle IPsec P1 w/o valid proposals better. Fixes #14009: Jim Pingle
02:49 PM pfSense Docs Todo #14023 (Closed): Feedback on Releases — 23.01 New Features and Changes: I pushed updates to this section today which include updates for this text. They should appear when the build finishe... Jim Pingle
02:36 PM Bug #14009 (Resolved): PHP error from upgraded IPsec tunnel containing only deprecated ciphers: That fixed it. I am marking this ticket resolved. Danilo Zrenjanin
09:20 AM Bug #14009 (Feedback): PHP error from upgraded IPsec tunnel containing only deprecated ciphers: Applied in changeset commit:d24242c77ae420b9df0723ca6f1dab209e69c357. Jim Pingle
07:08 AM Bug #14009 (In Progress): PHP error from upgraded IPsec tunnel containing only deprecated ciphers: Jim Pingle
02:18 PM pfSense Packages Bug #14079 (Rejected): Debug descriptions misleading: The current text is correct. There is no need to suppress anything, it's clearly explained in the result string.
E... Jim Pingle
01:28 PM pfSense Packages Bug #14079 (Rejected): Debug descriptions misleading: the purpose of the debug button is... Jon Brown
12:23 PM Bug #14061 (Not a Bug): PHP error if a non-privileged shell user attempts an operation which needs to write ``config.cache``: That really isn't viable. We'd have to potentially catch any/every PHP error or rewrite every call that might even po... Jim Pingle
10:09 AM Regression #14078: Traffic graph shows half actual throughput when switching back to the graph: 'Clear graphs when not visible' must be selected. Steve Y
10:08 AM Regression #14078 (Confirmed): Traffic graph shows half actual throughput when switching back to the graph: When switching back to the traffic graph page, the graph restarts as designed but the data shown is now half actual.
... Steve Y
07:38 AM Bug #14077: Kernel panic from incoming IPv6 connections: There must be some other required component to replicate this. I've not seen a panic like this on the 6100 at my edge... Jim Pingle
07:11 AM Regression #14053 (Resolved): Changing the default IPsec widget tab removes all widgets: Jim Pingle
07:10 AM Bug #14071 (Not a Bug): installing packages on 23.05: Jim Pingle
07:08 AM pfSense Plus Bug #14068 (Feedback): Importing Chained Cert Data into the System --> Cert Manager --> Certificates Breaks Authentication: Allowing multiple CAs in a single entry was always a hackish workaround for things that didn't support chains. Import... Jim Pingle
12:48 AM Feature #7746: Proxy NDP: Hi, All.
I have again asked for an ND Proxy implementation in Feature #14032.
Does anyone agree with me? Yuki Hiramatsu

03/05/2023

07:43 PM Bug #14077 (Resolved): Kernel panic from incoming IPv6 connections: After upgrading to 23.01, the system crashes with the following test on a Netgate 6100:
* With a default configurati... Marcos M
07:29 PM Regression #14076 (Resolved): PHP error if the configuration has an empty Auto Configuration Backup section: After upgrading to 23.01, the following is reported:... Marcos M
07:25 PM Feature #4681 (Resolved): AutoConfigBackup make a way to easily download a saved backup: This functionality now exists. Marcos M
07:14 PM pfSense Packages Bug #14075 (Not a Bug): Using the ``Transparent ClientIP`` option in HAproxy results in kernel panics: Report from a Netgate 7100 after upgrading to @23.01@.
Before disabling the @Transparent ClientIP@ option in hapro... Marcos M
03:43 PM pfSense Plus Regression #13895: Early boot hangs on Hyper-V with Gen2 VMs: This can be replicated on Azure as well. Deploy a new pfSense+ 23.01 Gen 2 VM on Azure with a size which allows addin... Marcos M
03:38 PM pfSense Plus Bug #14074: Cannot edit or delete ZFS Boot Environment with a name containing only numbers: Are you able to replicate this reliably? If so, please detail the steps to do so. Marcos M
03:18 PM pfSense Plus Bug #14074 (Resolved): Cannot edit or delete ZFS Boot Environment with a name containing only numbers: i just created a new boot environment, but it apparently didnt like the name i gave it and set it to '0'
It cann... Mark Grant
01:52 PM pfSense Packages Bug #14058: Update vendor=on triggers installation failure: Thanks Chris. Let’s wait and see then. Jan-Peter Koopmann
01:34 PM Bug #14061 (New): PHP error if a non-privileged shell user attempts an operation which needs to write ``config.cache``: It would be preferable to add better error handling for these kinds of PHP errors, and ideally show a more useful ale... Marcos M
04:24 AM Regression #13381: Software VLAN tagging does not work on ``ixgbe(4)`` interfaces: Steve Wheeler wrote:
> VLAN tagged traffic fails on an ix NIC if hardware vlan tagging is disabled.
> For example:
... Nicolas Embriz
01:53 AM Regression #14053: Changing the default IPsec widget tab removes all widgets: Tested on
23.01-RELEASE (amd64)
built on Fri Feb 10 20:06:33 UTC 2023
FreeBSD 14.0-CURRENT
After apply the pat... aleksei prokofiev

03/04/2023

08:17 PM pfSense Packages Todo #14073 (Confirmed): Shalla block list is offline but still available in pfBlocker: The Shalla Services blocklist went offline permanently in January 2022. It's still available as a list option in the ... Chris W
07:40 PM Bug #14056: DNS Resolver experiences intermittent resolution failures with SSL over TLS due to ASLR: I have successfully been using DNSoTLS with 1.1.1.2/security.cloudflare-dns.com for some time and have temporarily sw... Jordan G
07:23 PM Regression #14057 (Resolved): Dynamic gateway names use mixed case instead of upper case, leading to configuration mismatches: Tested on... Christopher Cope
07:09 PM Regression #14016 (Resolved): FreeBSD default ``cron`` jobs are enabled when they should be disabled: Tested on... Christopher Cope
06:29 PM Regression #14010 (Resolved): Typo in ``filter.inc`` variable for DHCPv6 VLAN priority tag value: Tested on... Christopher Cope
04:35 PM pfSense Packages Bug #14019 (Resolved): PHP Error: /usr/local/pkg/avahi/avahi.inc:76: Tested on 2.2_4. I don't see reproduction steps, so I'm assuming this was triggered on install or when navigating to... Kris Phillips
03:58 PM Bug #14071: installing packages on 23.05: Repos for 23.05 are not public at this time, which will cause the issue described here. This can be closed as not a ... Kris Phillips
01:57 PM Bug #14071 (Not a Bug): installing packages on 23.05: I am not able to install any package in 23.05
the error is attached
23.05-DEVELOPMENT (amd64)
built on Fri... Alhusein Zawi
03:46 PM Regression #14072 (Resolved): No working IPv6 gateway if upstream RA does not contain M or O flags because rtsold does not execute script: On 23.01, rtsold is not firing the script at @/var/etc/rtsold_<if>_script.sh@ unless the router advertisement receive... Jim Pingle
01:09 PM Bug #14070 (New): STUN or Override WAN address in UPnP breaks working port forwarding if WAN IP is Private IP: I discovered some weird behavior when experimenting with UPnP - STUN and Override WAN address in a failover scenario ... Greger Blennerud
10:57 AM Feature #14069 (New): UPnP & NAT-PMP External Interface - multi select and/or gateway group: Using UPnP in a failover scenario with dual WAN does not work unless you manually change the External interface and r... Greger Blennerud
09:44 AM Bug #14009: PHP error from upgraded IPsec tunnel containing only deprecated ciphers: I applied the patch on:... Danilo Zrenjanin
08:54 AM Bug #14036 (Resolved): PHP error when the ``timeserver`` section of the configuration is empty: I could replicate the issue on the:... Danilo Zrenjanin
08:37 AM Bug #14065: UPnP not working when WAN IP is private IP range.: Greger Blennerud wrote in #note-4:
> Jim Pingle wrote in #note-3:
> > We've tried communicating with them before ab... Greger Blennerud
07:51 AM Bug #14037 (Resolved): PHP Error enabling ICMP6 using EasyRule: I could replicate the issue on the:... Danilo Zrenjanin
07:05 AM pfSense Packages Bug #14058: Update vendor=on triggers installation failure: Yep very sure.
I even ran it through truss and watched the fetch calls be made and return successfully.
I waa a... Christian McDonald
04:12 AM pfSense Packages Bug #14058: Update vendor=on triggers installation failure: Are you sure you selected „update vendor list“ in the arpwatch settings before trying to reproduce it? Jan-Peter Koopmann

03/03/2023

10:54 PM Feature #855: Ability to selectively kill states on gateway recovery: 6 month addition!
As above, using LTE/5G for backup means the data is very expensive. A brief failover will mean ... Chris B
08:44 PM pfSense Plus Bug #14068 (Closed): Importing Chained Cert Data into the System --> Cert Manager --> Certificates Breaks Authentication: Previously, including the entire CA chain as well as the client certificate in the certificate under System --> Cert ... Kris Phillips
05:40 PM pfSense Packages Bug #13421: Stunnel certificate does not refresh: Thanks for the work. Added to my pfsense and will see at the next refresh in a few days if it is working. A Schnee
04:59 PM Revision fae6b2c0: Fix PHP errors from empty DHCP configs. Fixes #13983: Jim Pingle
04:00 PM Revision 6ffd8bbc: Avoid a PHP error if time server list is empty. Fixes #14036: Jim Pingle
03:08 PM Feature #8794: NTP authentication support: Patch files for review attached.
All that is needed is to add the ntp key variable to be set from /usr/local/www/ser... LamaZ .
08:58 AM Feature #8794: NTP authentication support: Is there any updates on this. I am also using Lamaz patch as it will not use authentication without both key and key ... Jonathan Lee
02:42 PM Revision 82364513: Fix PHP error from migrating old NTP settings. Fixes #14033: Jim Pingle
02:11 PM Revision be6d4417: Fix EasyRule ICMP6 and invalid protos. Fixes #14037: Jim Pingle
01:16 PM pfSense Packages Regression #14064 (Resolved): Upgrading to 23.01 breaks Tailscale on the SG-3100 on 23.01: Christian McDonald
11:50 AM pfSense Packages Regression #14064: Upgrading to 23.01 breaks Tailscale on the SG-3100 on 23.01: Attached here is the updated package with the fix.
We are testing another fix that is blocking publishing updated ... Christian McDonald
09:38 AM pfSense Packages Regression #14064 (Feedback): Upgrading to 23.01 breaks Tailscale on the SG-3100 on 23.01: Fixed.
https://github.com/pfsense/FreeBSD-ports/commit/78cff659895de3b5244c650fa74eec2fd975387e
Look for package ve... Christian McDonald
06:24 AM pfSense Packages Regression #14064: Upgrading to 23.01 breaks Tailscale on the SG-3100 on 23.01: Exactly the same thing happening here on my SG-3100
Mar 3 07:10:40 php-fpm 27594 /pkg_edit.php: The command '/u... Scott Bennett
01:54 AM pfSense Packages Regression #14064 (Resolved): Upgrading to 23.01 breaks Tailscale on the SG-3100 on 23.01: Users are reporting that Tailscale will not start/operate on the NetGate SG-3100 appliance after upgrading to pfSense... R W
11:05 AM Regression #13983 (Feedback): Multiple PHP errors in the DHCP Server when the configuration contains an empty section for an interface: Applied in changeset commit:fae6b2c014749b3f56e03b3ea7e51ecee2cf53be. Jim Pingle
10:25 AM Regression #13983 (In Progress): Multiple PHP errors in the DHCP Server when the configuration contains an empty section for an interface: Looks like most (or all?) of these are from having an empty interface config in DHCP settings, e.g.... Jim Pingle
10:10 AM Bug #14036 (Feedback): PHP error when the ``timeserver`` section of the configuration is empty: Applied in changeset commit:6ffd8bbcbb3e4d4b84a0036ff879a9837c4f0d45. Jim Pingle
10:02 AM Bug #14036: PHP error when the ``timeserver`` section of the configuration is empty: I don't see how anyone would get it into this state without manual config editing. Neither system.php nor the NTP con... Jim Pingle
10:02 AM Bug #14065: UPnP not working when WAN IP is private IP range.: Jim Pingle wrote in #note-3:
> We've tried communicating with them before about this but they didn't see the need to ... Greger Blennerud
09:55 AM Bug #14065: UPnP not working when WAN IP is private IP range.: We've tried communicating with them before about this but they didn't see the need to make an option for it.
There... Jim Pingle
08:58 AM Bug #14065: UPnP not working when WAN IP is private IP range.: Jim Pingle wrote in #note-1:
> Duplicate of #10398
>
> This is, unfortunately, outside of our control. Any chang... Greger Blennerud
08:17 AM Bug #14065 (Duplicate): UPnP not working when WAN IP is private IP range.: Duplicate of #10398
This is, unfortunately, outside of our control. Any changes for this will have to come from t... Jim Pingle
08:13 AM Bug #14065 (Duplicate): UPnP not working when WAN IP is private IP range.: The changes and updates to miniupnp that have been made in the last year have been much appreciated by everyone havin... Greger Blennerud
09:58 AM Feature #14067: Per-instance options to control Dynamic DNS client Check IP Service behavior: It would also be nice in some rare cases to force it the opposite way, to disable the check entirely so it will use t... Jim Pingle
09:50 AM Feature #14067 (Resolved): Per-instance options to control Dynamic DNS client Check IP Service behavior: Dynamic DNS has the ability to fetch the public IP via e.g. a service like dyndns.org. However, unless the IP on WAN ... Greger Blennerud
09:20 AM pfSense Plus Feature #14066 (New): Add line number to rules and insert option: From a rule management perspective, is it possible to do the following:
1. Add line numbers in the GUI. So an admin ... Mike Moore
09:14 AM Bug #14062: NTP AUTH ISSUE: Feature #8794 also lists movement on this issue. Jonathan Lee
08:50 AM Bug #14033 (Feedback): PHP error in NTP Server if the configuration contains a partial section of old ``openntpd`` settings: Applied in changeset commit:82364513c64f0233617a356b62a461b6eba253f3. Jim Pingle
08:20 AM Bug #14037 (Feedback): PHP Error enabling ICMP6 using EasyRule: Applied in changeset commit:be6d44179f8a82b7adbdf95336d68ee491963ae0. Jim Pingle
07:57 AM pfSense Packages Bug #14019 (Feedback): PHP Error: /usr/local/pkg/avahi/avahi.inc:76: I pushed a fix, it will be in the next build of the package.
Jim Pingle

03/02/2023

09:07 PM Feature #12521: Add the BBR2, QUIC, RACK Congestion Control (CC) protocols: https://man.freebsd.org/cgi/man.cgi?query=tcp_bbr&apropos=0&sektion=0&manpath=FreeBSD+14.0-CURRENT&arch=default&forma... hao zhang
04:40 PM pfSense Packages Bug #13421: Stunnel certificate does not refresh: I have experienced this problem in pfSense plus 22.05 / stunnel 5.50_11.
I "solved" it via brute force, but making t... S Premeau
04:38 PM pfSense Packages Feature #14063 (New): FileBeats for pfsense: Is it possible to create the GUI for the filebeat package in order to export suricata/snort logs to a SIEM stack or a... Mike Moore
02:36 PM pfSense Packages Bug #14058 (Feedback): Update vendor=on triggers installation failure: I am not able to reproduce this on 23.05 snapshots. I'm not sure it is worth the effort in fixing if it already works... Christian McDonald
02:34 PM pfSense Packages Feature #13905 (Bogus): Introduce GUI knob for controlling ```--snat-subnet-routes``` tailscaled option: Christian McDonald
02:31 PM pfSense Packages Feature #13905 (Incomplete): Introduce GUI knob for controlling ```--snat-subnet-routes``` tailscaled option: Marking as bogus until upstream supports this on FreeBSD Christian McDonald
02:33 PM pfSense Packages Feature #6651 (Resolved): Loopback interfaces: Christian McDonald
02:32 PM pfSense Packages Bug #13271 (Bogus): I got 'The WireGuard service is not running.' after I upgraded my pfSense VM from 22.05.r.20220604.1403 -> 22.05.r.20220609.1919: Marking bogus as this is now quite old. WireGuard upgrades seem to be working fine. Christian McDonald
02:30 PM pfSense Packages Todo #13906 (Resolved): Update tailscale from 1.34.2 to 1.36.0: Christian McDonald
02:30 PM Bug #13929 (Resolved): IGMP Proxy multicast group membership query packets have an invalid checksum: Christian McDonald
12:29 PM Bug #14062 (New): NTP AUTH ISSUE: NTP authentication requires not only the keyvalue but the key to function correctly. pfSense NTP only lists the optio... Jonathan Lee
12:11 PM pfSense Docs Todo #13986 (Resolved): LTE Router ZTE MF79U works on pfSense: Added and deployed: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/bbff8f4a89dfb9d9a681a1abd9b5b2c649ee4dc7 Jim Pingle
11:56 AM pfSense Docs Correction #14006 (Resolved): Netgate 5100 drive installation shows outdated information: Fixed and deployed: https://gitlab.netgate.com/docs/pfsense-platforms/-/commit/5a9bbe9475659a73f1e6bf153f0ead3dfd74ac0f Jim Pingle
08:17 AM Bug #14013 (Resolved): PHP error when attempting to bulk import Alias content: It works fine if I import a list under Firewall/Aliases/IP
I could replicate the issue only after choosing Firewal... Danilo Zrenjanin
07:59 AM Regression #14059: Old states are still used after a route change: That sort of leakage has always been a problem without rules to ensure it doesn't escape. The old states sort of mask... Jim Pingle
07:35 AM Bug #14061 (Not a Bug): PHP error if a non-privileged shell user attempts an operation which needs to write ``config.cache``: That isn't a bug in PHP code, it's failing to write files to @/tmp@ for some reason. We've seen a few reports of this... Jim Pingle
02:06 AM Bug #14061 (Resolved): PHP error if a non-privileged shell user attempts an operation which needs to write ``config.cache``: Running 23.01 on a 7100. Noticed these PHP errors many hours after they occurred, so unfortunately have no idea what... Andrew Warren
06:53 AM pfSense Packages Bug #10436: softflowd no longer sends flow data after upgrade (v0.9.9_1 -> v1.0.0): I suppose that this redmine issue 10436 could be closed if Netgate make available the previous version (from pfsense ... Marcelo Cury

03/01/2023

09:48 PM Bug #14060 (Resolved): Auto Config Backup prints a confusing decryption error when using the wrong key: Enable auto config backup from the menu after entering (any) password, save, then disable (uncheck) "Enable ACB" and ... Jordan G
07:30 PM Revision 24c0f00f: Fixup IPsec enc algo PHP 8 issues. Fixes #14009: Jim Pingle
07:28 PM pfSense Packages Feature #12502: Option to include Syslog-ng Configuration Library (scl): I didn't want to wait and did this:... Wagner Sartori Junior
05:05 PM Revision 66b989e8: Fix if descr case handling. Fixes #14057: Match the behavior of this new statement with the intent of the code on
previous versions. Jim Pingle
04:42 PM Regression #14059: Old states are still used after a route change: I believe the change that makes this a problem where it wasn't before is that states are now created on interface "all". Chris Linstruth
03:50 PM Regression #14059 (Not a Bug): Old states are still used after a route change: It's possible for traffic meant to be sent over an IPsec policy tunnel to instead go out of the WAN. This can happen ... Marcos M
03:48 PM Revision fed25589: Correct includes in IPsec widget. Fixes #14053: Jim Pingle
01:40 PM Bug #14009 (Feedback): PHP error from upgraded IPsec tunnel containing only deprecated ciphers: Applied in changeset commit:24c0f00ff82d78c1e5301e43df21c2ef8ebecf7f. Jim Pingle
01:34 PM pfSense Packages Bug #8454: Arpwatch package break email notifications from other sources: I am getting the same problem even though "Disable cron" is on and is correctly referenced in the PHP. It reappeared ... Jan-Peter Koopmann
01:32 PM pfSense Packages Bug #14058 (Resolved): Update vendor=on triggers installation failure: the custom_php_install command fails during pkg upgrade/install if the "Update Vendor" config option is on.... Jan-Peter Koopmann
01:13 PM Revision 038ab40e: Fix incorrect path for disableconsolemenu.: Jim Pingle
12:34 PM pfSense Packages Bug #10590 (Closed): pfBlockerNG: Invalid argument supplied for foreach(): Error is no longer relevant to current code base. Marcos M
11:15 AM Regression #14057 (Feedback): Dynamic gateway names use mixed case instead of upper case, leading to configuration mismatches: Applied in changeset commit:66b989e824042c0cf5e75b1cb245b0ae13548949. Jim Pingle
10:49 AM Regression #14057 (Resolved): Dynamic gateway names use mixed case instead of upper case, leading to configuration mismatches: Somewhere between 22.05.x and 23.01 dynamic gateway names started to come out as mixed case instead of being forced t... Jim Pingle
10:55 AM Bug #14056: DNS Resolver experiences intermittent resolution failures with SSL over TLS due to ASLR: Jim Pingle wrote in #note-1:
> There isn't nearly enough detail here to definitely say it's a bug and not a settings... Todd Adams
10:12 AM Bug #14056 (Feedback): DNS Resolver experiences intermittent resolution failures with SSL over TLS due to ASLR: There isn't nearly enough detail here to definitely say it's a bug and not a settings issue somewhere. For example, o... Jim Pingle
10:01 AM Bug #14056 (Closed): DNS Resolver experiences intermittent resolution failures with SSL over TLS due to ASLR: DNS is completely broken on PfSense 23.01 with SSL enabled and using Quad9. Reddit has also recognized the same bug: ... Todd Adams
10:24 AM Feature #14050 (Feedback): Support for ``iwlwifi`` wireless interfaces: MR was merged yesterday. Jim Pingle
10:22 AM pfSense Packages Bug #14042 (Resolved): An assigned Pass List is not shown as "Assigned" on the PASS LISTS tab when the list is used in the HOME_NET or EXTERNAL_NET setting on a Suricata interface.: PR merged, thanks! Jim Pingle
10:22 AM pfSense Packages Bug #14041 (Resolved): Post-install migration of existing settings throws a PHP error when the configuration contains the legacy layout of a single alias in a Pass List.: PR merged, thanks! Jim Pingle
10:01 AM Bug #14051 (Duplicate): PHP ERROR: Type: 1, File: /usr/local/www/firewall_rules.php, Line: 805: Duplicate of #13953 Jim Pingle
09:55 AM Regression #14053 (Feedback): Changing the default IPsec widget tab removes all widgets: Applied in changeset commit:fed25589f4eba4ac6293fec7135f0078c03dfb62. Jim Pingle
09:52 AM Regression #14053 (Confirmed): Changing the default IPsec widget tab removes all widgets: Jim Pingle
06:05 AM pfSense Packages Bug #10436: softflowd no longer sends flow data after upgrade (v0.9.9_1 -> v1.0.0): I downgraded softflowd, so I'm not using 1.2.6_1, this is the reason for it not showing in my package manager.
I'm us... Marcelo Cury

02/28/2023

11:01 PM pfSense Packages Bug #10436: softflowd no longer sends flow data after upgrade (v0.9.9_1 -> v1.0.0): Mark Hassman wrote in #note-11:
> Marcelo Cury wrote in #note-10:
> > Can someone test this with 23.01 snaps on the... Mark Hassman
10:44 PM pfSense Packages Bug #10436: softflowd no longer sends flow data after upgrade (v0.9.9_1 -> v1.0.0): I tested and noticed that softflowd processes are dying.
So, I decided to test an older version, but doing this not r... Marcelo Cury
11:09 AM pfSense Packages Bug #10436: softflowd no longer sends flow data after upgrade (v0.9.9_1 -> v1.0.0): Marcelo Cury wrote in #note-10:
> Can someone test this with 23.01 snaps on the SG-3100 ?
Confirmed - softflowd i... Mark Hassman
10:03 PM Revision 095b2481: Add iwlwifi support: Steve Wheeler
09:04 PM Bug #14055 (Resolved): Traffic shaped by limiters is dropped when routed to a GIF gateway: Tested on pfSense+ 23.01.
Test:
# Configure a GIF tunnel (IPv6 local/remote tunnel address) and interface for use... Marcos M
08:54 PM Revision c5b8e57a: Improve validation and escaping of bridge interfaces. Fixes #14052: Jim Pingle
08:41 PM pfSense Packages Bug #14054 (New): pfBlockerNG can incorrectly modify firewall rules: Some minutes after configuring a firewall rule, the pfBlockerNG cron job ran and incorrectly modified one of the floa... Marcos M
08:21 PM pfSense Packages Bug #12330 (Resolved): pfBlockerNG devel creating invalid NAT rules on boot: Marcos M
08:20 PM pfSense Packages Feature #11295 (Resolved): DNSBL IDN support: Marcos M
08:17 PM pfSense Packages Feature #11155 (Resolved): SafeSearch AAAA: Marcos M
08:17 PM pfSense Packages Bug #10252 (Not a Bug): pfblockerng-devel: Marcos M
08:15 PM pfSense Packages Feature #12882 (Resolved): Add the option to specify CURLOPT_INTERFACE in pfBlockerNG IPv4/IPv6 lists: Marcos M
08:14 PM pfSense Packages Bug #13180 (Duplicate): High CPU Utilization with pfb_filter since pfBlockerNG update to devel 3.1.0_4: Marcos M
07:17 PM Regression #14053 (Resolved): Changing the default IPsec widget tab removes all widgets: If you edit the IPSec widget and change the default tab it displays all dashboard widgets are removed.
The logs sh... Steve Wheeler
03:28 PM pfSense Packages Bug #14042: An assigned Pass List is not shown as "Assigned" on the PASS LISTS tab when the list is used in the HOME_NET or EXTERNAL_NET setting on a Suricata interface.: A pull request containing the fix for this issue has been submitted here: https://github.com/pfsense/FreeBSD-ports/pu... Bill Meeks
03:28 PM pfSense Packages Bug #14041: Post-install migration of existing settings throws a PHP error when the configuration contains the legacy layout of a single alias in a Pass List.: A pull request containing the fix for this issue has been submitted here: https://github.com/pfsense/FreeBSD-ports/pu... Bill Meeks
03:10 PM Bug #14052 (Feedback): Bridge interface is not properly validated when submitted on ``interfaces_bridge_edit.php``: Applied in changeset commit:c5b8e57aa51ff82b45bd6cb925ba512f4c01dcba. Jim Pingle
02:49 PM Bug #14052 (Resolved): Bridge interface is not properly validated when submitted on ``interfaces_bridge_edit.php``: When creating or editing a bridge interface on @interfaces_bridge_edit.php@, the submitted @$_POST['bridgeif']@ is us... Jim Pingle
02:54 PM Revision 48eab661: system_advanced_admin config refactor: Christian McDonald
02:31 PM Bug #14051 (Duplicate): PHP ERROR: Type: 1, File: /usr/local/www/firewall_rules.php, Line: 805: PHP error
PHP ERROR: Type: 1, File: /usr/local/www/firewall_rules.php, Line: 805, Message: Uncaught TypeError: Cann... Eric Hollebone
02:02 PM Feature #14050 (Pull Request Review): Support for ``iwlwifi`` wireless interfaces: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1017 Steve Wheeler
01:47 PM Feature #14050 (Resolved): Support for ``iwlwifi`` wireless interfaces: The iwlwifi(4) driver is supported in pfSense 23.01/2.7 but needs to be added to the 'wireless_regex' list in order f... Steve Wheeler
01:35 PM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions: Curious though I can't see a reason why it would let you do that by hand but the code would fail. For now I'd apply t... Jim Pingle
01:29 PM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions: I deleted the content of the file and let some notifications go through. That appears to have solved the issue; so I'... Paul Diederich
07:43 AM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions: Do you get an error if you try to erase @/var/db/notifyqueue.messages@ by hand? You can try @rm /var/db/notifyqueue.m... Jim Pingle
11:15 AM pfSense Plus Regression #13993: Switch ports on 7100/1100/2100 do not have Auto MDI-X support enabled: Ryan Coleman wrote in #note-5:
> Ok so it is not available to 23.01 -- it would have to be a point release then?
... Jim Pingle
11:13 AM Bug #14049 (Duplicate): OpenVPN: Remote access VPNs are shown in the "Peer to Peer Server Instance Statistics" in status: Duplicate of #12884 (already fixed).
Before reporting a problem, please search the existing issues (including clos... Jim Pingle
09:49 AM Bug #14049 (Duplicate): OpenVPN: Remote access VPNs are shown in the "Peer to Peer Server Instance Statistics" in status: I only have remote access VPNs:
!Screenshot%20from%202023-02-28%2012-40-14.png!
But in the status page the last... Federico Capoano
11:10 AM Bug #14048 (Duplicate): OpenVPN: Disabled "Client Certificate Key Usage Validation" Not Always Honored: Duplicate of #13056 (already fixed) Jim Pingle
09:36 AM Bug #14048 (Duplicate): OpenVPN: Disabled "Client Certificate Key Usage Validation" Not Always Honored: I have noticed an issue with OpenVPN in version 2.6.0.
I have a remote access VPN with UDP in tap mode.
When PfSe... Federico Capoano
10:33 AM pfSense Plus Bug #14044 (Not a Bug): After upgrade to 23.01, firewall will not route traffic anymore to the Internet: This behavior has existed for as long as I can remember. For example, the "Getting Started" guides for all appliances... Marcos M

02/27/2023

09:52 PM Revision 715b1301: build php82 versions of extra database extensions: Christian McDonald
09:51 PM Revision 9093ee0d: Revert "remove unnecessary ports from poudriere_bulk": This reverts commit 20e33e814e3a9f60e6efc1e3b6e53e06a1a9bb7f Christian McDonald
08:59 PM Revision 20e33e81: remove unnecessary ports from poudriere_bulk: Christian McDonald
07:27 PM Feature #14047 (Resolved): Options to control Intel Speed Shift: pfSense 23.01 and 2.7 supports Intel Speed Shift by default via the hwpstate_intel(4) driver.
This enables hardwar... Steve Wheeler
05:12 PM Bug #14046 (Rejected): bsdinstall based installs are missing EFISYS DOS label on efi partition: The pfSense-boot package relies on the existence of a /dev/msdosfs/EFISYS geom label to mount the EFI DOS partition a... Reid Linnemann
05:04 PM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions: I applied the system package but that did not solve the issue; its still sending e-mails out constantly and not clear... Paul Diederich
07:39 AM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions: It doesn't appear related to the content of the file, I copied that into mine and triggered a notification and it sen... Jim Pingle
04:20 PM Revision 0d83ed08: Update memory calulations. Implements #14011: * Update memory usage calculation for system info widget
* Add RRD data sources for new memory areas
* Upgrade code t... Jim Pingle
04:19 PM Bug #14045 (Resolved): ``pfSense-boot`` can fail to copy the EFI bootloader: The pfSense-boot post install script uses cp to copy the bootloader to the efi partition. If this copy is interrupted... Reid Linnemann
04:11 PM pfSense Packages Regression #14043: Netgate Firmware Upgrade fails to mount EFISYS: A default UFS install also mounts the EFI partition by default:... Steve Wheeler
03:43 PM pfSense Packages Regression #14043 (Resolved): Netgate Firmware Upgrade fails to mount EFISYS: The Netgate Firmware Upgrade package can on 4100/6100/8200 if the EFI partition is already mounted.
The webgui outpu... Steve Wheeler
04:02 PM pfSense Plus Bug #14044 (Not a Bug): After upgrade to 23.01, firewall will not route traffic anymore to the Internet: After upgrading to 23.01, if the WAN interface receives an IP address from the same range of addresses as configured ... Martin Kusch
03:32 PM pfSense Packages Regression #13978: PHP errors with squidGuard: Additional report:... Marcos M
03:05 PM pfSense Plus Regression #13993: Switch ports on 7100/1100/2100 do not have Auto MDI-X support enabled: Jim Pingle wrote in #note-4:
> Ryan Coleman wrote in #note-3:
> > Luiz Souza wrote in #note-1:
> > > Fixed in 23.... Ryan Coleman
07:31 AM pfSense Plus Regression #13993: Switch ports on 7100/1100/2100 do not have Auto MDI-X support enabled: Ryan Coleman wrote in #note-3:
> Luiz Souza wrote in #note-1:
> > Fixed in 23.05 and also in the 23.01 branch.
> ... Jim Pingle
01:16 PM pfSense Packages Bug #10692: PIMD starts twice at boot: I still see things which are strange running the actual 2.7 build in combination with the latest pimd beta from githu... Louis B
10:30 AM Todo #14011 (Feedback): Update memory graphs to account for changes in memory reporting: Applied in changeset commit:0d83ed084a987f3446a0cbdcf249fc5b8722726f. Jim Pingle
10:16 AM Bug #14009: PHP error from upgraded IPsec tunnel containing only deprecated ciphers: According to a user on the forum thread, their pre-upgrade configuration contained the following section:... Jim Pingle
08:10 AM Bug #14009: PHP error from upgraded IPsec tunnel containing only deprecated ciphers: Looks like this is from the upgrade code that removes deprecated encryption options, somehow it ends up with an empty... Jim Pingle
08:44 AM pfSense Packages Bug #14042: An assigned Pass List is not shown as "Assigned" on the PASS LISTS tab when the list is used in the HOME_NET or EXTERNAL_NET setting on a Suricata interface.: I will work on this and submit a pull request containing the fix. Bill Meeks
08:33 AM pfSense Packages Bug #14042 (Resolved): An assigned Pass List is not shown as "Assigned" on the PASS LISTS tab when the list is used in the HOME_NET or EXTERNAL_NET setting on a Suricata interface.: On the PASS LIST tab, user-generated custom Pass Lists are denoted as "Assigned" when the Pass List name is assigned ... Bill Meeks
08:44 AM pfSense Packages Bug #14041: Post-install migration of existing settings throws a PHP error when the configuration contains the legacy layout of a single alias in a Pass List.: I will work on this and submit a pull request containing the fix. Bill Meeks
08:28 AM pfSense Packages Bug #14041 (Resolved): Post-install migration of existing settings throws a PHP error when the configuration contains the legacy layout of a single alias in a Pass List.: Some time back the Pass List logic in Suricata was changed to allow the addition of multiple custom IPs and/or aliase... Bill Meeks
08:24 AM pfSense Packages Bug #13997: NUT Package and 23.01: I have applied the workaround for now per https://forum.netgate.com/topic/102959/nut-package/1072?_=1677507452044&lan... Greg Jacobs
08:18 AM pfSense Packages Bug #13997: NUT Package and 23.01: Also related forum thread https://forum.netgate.com/topic/102959/nut-package/1052?lang=en-US Greg Jacobs
07:54 AM pfSense Docs Todo #14028 (Duplicate): Feedback on Releases — 23.01 New Features and Changes - Errata/Known Hardware Issues for 4860 & 8860: Duplicate of #14023 Jim Pingle
07:54 AM Feature #14030: GUI setting/tunable for ZFS ARC Maximum size: Let's keep this issue specific to one request and not over-generalize it.
Jim Pingle
07:52 AM pfSense Plus Bug #13976: SNMP logs "Device not configured" error message when queries involve built-in switch port interfaces: This appears to be the same as #8600 and to fix it then, we suppressed that error.
Jim Pingle
07:44 AM pfSense Plus Bug #13976: SNMP logs "Device not configured" error message when queries involve built-in switch port interfaces: Ditto. Same here after upgrading HA 7100's from 22.05 to 23.01.... Michael Novotny
07:34 AM Bug #14033: PHP error in NTP Server if the configuration contains a partial section of old ``openntpd`` settings: Looks like that could happen if your configuration still happened to have a partial section from the old openntpd set... Jim Pingle
07:29 AM Regression #13963: OpenVPN and GIF interface create/destroy operations fail due to outdated ``linker.hints``: If @kldxref /boot/kernel@ did not fix it, then it is *not* related to this Redmine issue but something else entirely,... Jim Pingle
12:41 AM Regression #13963: OpenVPN and GIF interface create/destroy operations fail due to outdated ``linker.hints``: I can't upgrade until this Tailscale situation is resolved. Is this the correct issue to follow updates on Tailscale ... R W
07:19 AM Bug #14040 (Rejected): ip asignadas openvpn-client: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
07:01 AM Bug #14040 (Rejected): ip asignadas openvpn-client: donde se guardan las ip asignadas por el openvpn-client cuando no esta configuradas como dinamica Vicente Millan

02/26/2023

09:59 PM Regression #14039: Limiters have no effect on upload traffic passed by policy routing rules: The issue can be avoided by creating a floating rule that applies the upload limiter.
Without the floating rule, the... Marcos M
07:10 PM Regression #14039 (Resolved): Limiters have no effect on upload traffic passed by policy routing rules: Upload traffic is not limited if the rule passing the traffic uses @route-to@. This last worked in pfSense+ 22.01 and... Marcos M
09:30 PM pfSense Plus Regression #13993: Switch ports on 7100/1100/2100 do not have Auto MDI-X support enabled: Luiz Souza wrote in #note-1:
> Fixed in 23.05 and also in the 23.01 branch.
I don't see any recommended patches -... Ryan Coleman
07:14 PM Regression #13026 (Resolved): Limiters do not work: The original issue of limiters not working at all has been resolved. I've created a separate issue for the @route-to@... Marcos M
09:56 AM Bug #14033: PHP error in NTP Server if the configuration contains a partial section of old ``openntpd`` settings: 20230226 - Fixed by a reset to "Factory Defaults". FCS FCS
09:21 AM Regression #13988 (Confirmed): PHP error with OpenVPN if the server certificate subject has duplicate components: The issue looks to be that the cert used for the OpenVPN server contains multiple @CN@ fields/values (which indicates... Marcos M
05:28 AM Regression #13983: Multiple PHP errors in the DHCP Server when the configuration contains an empty section for an interface: Another one report but from xg-7100-1U
aleksei prokofiev

02/25/2023

10:18 PM Feature #13168: Multiple Dashboard views for a single user: Jim Pingle wrote in #note-1:
> B: You can sort of do this now. Each user can have its own custom dashboard. *System ... Sergei Shablovsky
10:10 PM pfSense Packages Todo #14038: Make more informative counter of selected interfaces: P.s.
The dimension of this drop-down selectors in WebGUI allow to do this without breaking whole interface view on... Sergei Shablovsky
10:06 PM pfSense Packages Todo #14038 (New): Make more informative counter of selected interfaces: Hi pfSense team!
In WebGUI -> in “DNS Resolver” package -> “General settings” -> both selectors: “Network Interfac... Sergei Shablovsky
09:35 PM pfSense Packages Bug #10692: PIMD starts twice at boot: *not* seeing this happen with pimd 0.0.3_6 on 23.05.a.20230224.0600 Jordan G
07:13 PM pfSense Plus Regression #13993: Switch ports on 7100/1100/2100 do not have Auto MDI-X support enabled: running version 23.05.a.20230224.0600 on 7100 I am again able to successfully connect with 1100, this was not working... Jordan G
04:33 PM pfSense Packages Bug #11898: PHP error from apcupsd dashboard widget when battery is charging: updating APCUPSd package to 0.3.92_1 does not produce this issue any longer when battery charge <100% Jordan G
01:33 PM pfSense Packages Bug #11898 (Resolved): PHP error from apcupsd dashboard widget when battery is charging: Fix merged, will be in builds soon (might be a couple days) Jim Pingle
01:17 PM pfSense Packages Bug #11898: PHP error from apcupsd dashboard widget when battery is charging: I was able to reproduce this by forcing the battery charge < 100. Not sure what the original logic is trying to do th... Jim Pingle
02:53 PM Bug #14035: PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded: See: https://forum.netgate.com/post/1090298
More detail needed to reproduce Steve Wheeler
01:55 PM Bug #14035: PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded: I can't reproduce this by adding/removing/adding a GIF interface. Do we know what was in the config.xml section for t... Jim Pingle
11:08 AM Bug #14035 (Resolved): PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded: After removing an recreating a GIF tunnel:... Steve Wheeler
02:33 PM Bug #14037 (Resolved): PHP Error enabling ICMP6 using EasyRule: Tried to enable ICMP6 for a host from the system log page to allow a host to ping through and received:
[20-Feb-20... Trix Farrar
02:00 PM Bug #14036 (Resolved): PHP error when the ``timeserver`` section of the configuration is empty: The following error is thrown when there is an empty or missing "timeserver" entry in the config.
The code should ... Christopher Cope
01:33 PM pfSense Packages Regression #13970 (Resolved): PHP error in apcupsd widget from UTF-8 string handling: Fix merged, will be in builds soon (might be a couple days) Jim Pingle
01:20 PM pfSense Packages Regression #13970: PHP error in apcupsd widget from UTF-8 string handling: This is from the degree symbol the package adds into the temperature string. At some point it changed and is now hand... Jim Pingle
12:37 PM Bug #13938: Kernel panic accessing the GUI over IPsec in certain environments when using nginx ``sendfile`` with unmapped mbufs: I can confirm that applying the patch from the forum fixed the issues with connections over IPsec.
https://forum.net... Danilo Zrenjanin
12:16 PM pfSense Packages Feature #14032: Neighbor Discovery Proxy (NDproxy): Yuki Hiramatsu wrote:
> ISPs around the world are making effective use of IPv6.
> DHCPv6-PD and others are already ... Yuki Hiramatsu
06:51 AM pfSense Packages Feature #14032 (New): Neighbor Discovery Proxy (NDproxy): ISPs around the world are making effective use of IPv6.
DHCPv6-PD and others are already supported, but pfsense has ... Yuki Hiramatsu
12:05 PM pfSense Packages Bug #13997: NUT Package and 23.01: Seeing same bug / issue... Greg Jacobs
10:27 AM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions: This has happened with a notification that acb.netgate.com couldn't be resolved. Issue was fixed by rebooting the OS.... Paul Diederich
08:40 AM Bug #14031 (Feedback): Identical SMTP notifications repeat in an infinite loop under certain conditions: I don't doubt it's happening as this isn't the first report we have received about it, but thus far nobody has been a... Jim Pingle
01:25 AM Bug #14031 (Resolved): Identical SMTP notifications repeat in an infinite loop under certain conditions: When a notification is generated, the system begins sending those notifications to the configured SMTP e-mail address... Paul Diederich
10:05 AM Bug #14034 (Resolved): PHP errors in ``xmlrpc.php`` during configuration synchronization if the target host has an empty XML tag for a given section: There are several cases where xmlrpc is still accessing the config directly. This causes errors in PHP8 when the seco... Christopher Cope
09:56 AM pfSense Packages Bug #14029 (Resolved): Suricata: Release dangling array reference variables used in post-install migration: PR merged, thanks! Jim Pingle
09:14 AM Bug #14033 (Resolved): PHP error in NTP Server if the configuration contains a partial section of old ``openntpd`` settings: Did a reboot and set NTP setting again, and error persists. https://192.168.x.x/services_ntpd.php
Error:
Fatal ... FCS FCS

02/24/2023

09:42 PM Feature #11825: Assign IPv6 address to WAN with PD-only ISP: A workaround is creating a VLAN interface on the WAN interface and having the VLAN interface track the WAN interface ... Nicolas Avrutin
09:28 PM Revision 40a27b99: add textproc/ripgrep: Christian McDonald
08:10 PM Revision 83aded16: Upgrade to PHP8.2: Christian McDonald
07:22 PM pfSense Packages Bug #14029: Suricata: Release dangling array reference variables used in post-install migration: A pull request containing the fix for this issue has been submitted here: https://github.com/pfsense/FreeBSD-ports/pu... Bill Meeks
04:50 PM pfSense Packages Bug #14029 (Resolved): Suricata: Release dangling array reference variables used in post-install migration: Config array reference variables are used in the post-install migration code of the package to iterate configured int... Bill Meeks
06:13 PM Feature #14030 (New): GUI setting/tunable for ZFS ARC Maximum size: The default settings for ARC in FreeBSD are appropriate to optimise disk access for most computer systems.
For a re... Patch Public
06:06 PM Bug #13938: Kernel panic accessing the GUI over IPsec in certain environments when using nginx ``sendfile`` with unmapped mbufs: The workarounds used here also seem to apply at least partially to connections over OpenVPN tunnels.
See: https://fo... Steve Wheeler
05:47 PM pfSense Plus Feature #14012: ZFS memory usage graphs: This feature request is probably related: zfs GUI functionality - alerts https://redmine.pfsense.org/issues/9226 but ... Patch Public
04:37 PM pfSense Docs Todo #14028 (Duplicate): Feedback on Releases — 23.01 New Features and Changes - Errata/Known Hardware Issues for 4860 & 8860: *Page:* https://docs.netgate.com/pfsense/en/latest/releases/23-01.html
*Feedback:*
The errata notes _Devices ba... Ad Ves
02:11 PM Todo #14027 (Resolved): Update PHP to 8.2.6: Christian McDonald
12:43 PM pfSense Packages Regression #13950 (Resolved): PHP error with pfBlockerNG: Marcos M
10:34 AM Todo #14011 (Pull Request Review): Update memory graphs to account for changes in memory reporting: Internal MR:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1014
Initial diff attached here as wel... Jim Pingle
10:15 AM pfSense Packages Regression #13978: PHP errors with squidGuard: see the crash log below... mokey fraggle
10:14 AM pfSense Packages Regression #13978: PHP errors with squidGuard: This also impacts pfblocker-ng and squid. I suspect it has to do with what appears to be an incompatibility with php ... mokey fraggle
09:23 AM Regression #14026 (Resolved): HA node with CARP VIP in backup state is unable to ping the active node using that CARP VIP address: This was brought up by a customer and I am able to reproduce it.
Master 10.41.1.252
Backup 10.40.1.253
CAR... Christopher Cope
07:56 AM pfSense Packages Bug #14021: Squid ClamAV showing bytecode errors for version 334: As of 2-24-23 this has been resolved with . . .
"Empty script bytecode-334.cdiff, need to download entire databas... Jonathan Lee
07:53 AM pfSense Packages Bug #14021: Squid ClamAV showing bytecode errors for version 334: This error is also present on package reinstall of Squid Proxy Jonathan Lee
07:45 AM Regression #14025 (Duplicate): 23.01 and "bip" missing: Duplicate of #14002 Jim Pingle
03:49 AM Regression #14025: 23.01 and "bip" missing: *EDIT :*
I specify that if I launch the "reboot" function from the menu, I hear "beeps" and at the end of the "boot"... Steph Swiss
12:24 AM Regression #14025 (Duplicate): 23.01 and "bip" missing: I haven't changed anything on my hardware, I went from version 22.05 to 23.01 release and now I don't hear any "beep"... Steph Swiss
07:38 AM Bug #14022: PHP error when exporting a CRL for an old CA: Thanks Jim, I can confirm the patch works for me.
(Sorry, I've erroneously set the pfSense Plus version to 23.05 w... Matthew Fearnley
01:57 AM Bug #13014: Deadlock in Charon VICI interface: still happening on pf+ 23.01-RELEASE
if we leave a single VPN trying to connect when other side not configured corr... Dan Bailey

02/23/2023

04:50 PM pfSense Packages Regression #13884 (Resolved): pfBlockerNG DNSBL TLD option causes reloads to take a long time: Jim Pingle
03:50 PM pfSense Packages Regression #13884: pfBlockerNG DNSBL TLD option causes reloads to take a long time: Should be resolved in v3.2.0_3 BBcan177 .
04:49 PM pfSense Packages Regression #13960 (Resolved): PHP Fatal error - pfblockerng.widget.php: Jim Pingle
03:49 PM pfSense Packages Regression #13960: PHP Fatal error - pfblockerng.widget.php: Should be resolved in v3.2.0_3 BBcan177 .
04:48 PM pfSense Packages Regression #14024: PHP error in HAProxy Widget with Show Client Traffic enabled: It is only afecting the Dashboard Widget. Rodrigo Goncalves
04:47 PM pfSense Packages Regression #14024 (Resolved): PHP error in HAProxy Widget with Show Client Traffic enabled: After updating to pfsense plus 23.01 the haproxy dashboard widget is broken when acessing the pfsense web gui behind ... Rodrigo Goncalves
02:48 PM Bug #9459: patch pf: silence a runtime warning pfr_update_stats: assertion failed.: Casper B wrote in #note-8:
> Anonymous wrote in #note-5:
> > No response from OP. Assumed fixed
>
> Still happen... Jens Groh
02:01 PM Bug #9459: patch pf: silence a runtime warning pfr_update_stats: assertion failed.: Anonymous wrote in #note-5:
> No response from OP. Assumed fixed
Still happening here.. v 22.05
patch is in OP... Casper B
02:31 PM Revision 46b15903: Correct unbound 'all' if check for ACLs. Fixes #13851: Jim Pingle
01:42 PM pfSense Docs Todo #14023 (Closed): Feedback on Releases — 23.01 New Features and Changes: *Page:* https://docs.netgate.com/pfsense/en/latest/releases/23-01.html
*Feedback:*
Can the wording around this ... Offstage Roller
12:57 PM Bug #13938: Kernel panic accessing the GUI over IPsec in certain environments when using nginx ``sendfile`` with unmapped mbufs: To make searching easier the backtrace this generates is:... Steve Wheeler
10:49 AM Bug #13279: DHCP config override affects Gateway installation.: It seems the config override should contain option 55 values like _subnet-mask,routers,domain-name-servers,domain-nam... Lev Prokofev
05:43 AM Bug #13279: DHCP config override affects Gateway installation.: Is there any progress on this? It's the same also after upgrading to pfSense Plus 23.01. Emanuel Gerber
09:11 AM pfSense Packages Bug #14021: Squid ClamAV showing bytecode errors for version 334: This error is still present after 24hrs ClamAV will not update currently, This is what Squid is using for Antivirus s... Jonathan Lee
09:04 AM pfSense Packages Feature #13863: squidguard auto update blacklist: Side Note: I recently learned to use
cp /tmp/squidGuard_blacklist_update.sh /usr/local/bin/;/usr/local/bin/squidG... Jonathan Lee
08:40 AM Bug #13851 (Feedback): DNS Resolver does not generate automatic ACLs for IPv6 when Network Interfaces is set to "All": Applied in changeset commit:46b159032fef8c78783aa1a749d2238cfed7ac0d. Jim Pingle
08:26 AM Bug #13851 (In Progress): DNS Resolver does not generate automatic ACLs for IPv6 when Network Interfaces is set to "All": Not sure why I couldn't reproduce this before, but I found it happening on one of my lab systems. Since it was easy t... Jim Pingle
07:35 AM Bug #14022: PHP error when exporting a CRL for an old CA: Nothing immediately stands out in the cert but I can replicate it easily with that CA.
Making the following change... Jim Pingle
06:36 AM Bug #14022 (Resolved): PHP error when exporting a CRL for an old CA: I have a CA that was generated in 2016, possibly from an old version of pfSense.
When Create a CRL using it and tr... Matthew Fearnley
06:20 AM Bug #14013: PHP error when attempting to bulk import Alias content: Jim Pingle wrote in #note-3:
> Applied in changeset commit:290b3461bb816e9fc161568e499d43b24542cb9f.
i test your cod... Amin Sadeghi
06:20 AM Bug #14013: PHP error when attempting to bulk import Alias content: I was able to easily replicate it on an install that was very close to a default config. The error happened on a line... Jim Pingle
06:11 AM Bug #14013: PHP error when attempting to bulk import Alias content: Danilo Zrenjanin wrote in #note-4:
> I couldn't reproduce this issue.
>
> I tried with bulk import, but I couldn... Amin Sadeghi
04:35 AM Bug #14013: PHP error when attempting to bulk import Alias content: I couldn't reproduce this issue.
I tried with bulk import, but I couldn't replicate that issue on a stock 23.01 i... Danilo Zrenjanin
03:04 AM Bug #14004 (Resolved): PHP errors when configuration lacks any certificates: Danilo Zrenjanin
03:04 AM Bug #14004: PHP errors when configuration lacks any certificates: Tested the patch against:... Danilo Zrenjanin

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

03/24/2023

03/23/2023

03/22/2023

03/21/2023

03/20/2023

03/19/2023

03/18/2023

03/17/2023

03/16/2023

03/15/2023

03/14/2023

03/13/2023

03/12/2023

03/11/2023

03/10/2023

03/09/2023

03/08/2023

03/07/2023

03/06/2023

03/05/2023

03/04/2023

03/03/2023

03/02/2023

03/01/2023

02/28/2023

02/27/2023

02/26/2023

02/25/2023

02/24/2023

02/23/2023