Activity
From 03/04/2023 to 04/02/2023
04/02/2023
-
09:01 PM Todo #14231 (Rejected): Set net prefix to /24 by default when add new net
- Dear pfSense stuff:
In DNS Resolver ACL configuration page set net prefix to /24 by default when add new net.
(... -
03:21 PM pfSense Packages Bug #14230: PHP error with pfBlockerNG
- As a workaround, use the @System Patches@ package to apply the following patch (set @Path Strip Count@ to @0@)....
-
03:11 PM pfSense Packages Bug #14230 (New): PHP error with pfBlockerNG
- On @pfBlockerNG-3.2.0_3@ and @pfSense-23.01@....
-
11:33 AM Bug #13996: Limiters using the fq_pie scheduler no longer pass any traffic.
- I am not the only one with the problem: https://forum.netgate.com/topic/177555/fq_pie-no-internet?_=1680451711804
... -
10:52 AM Bug #14227 (Duplicate): Traffic Shaper - selected scheduler not recognized
-
12:17 AM Bug #14227: Traffic Shaper - selected scheduler not recognized
- looking at diagnostic>limiter info displays a limiter with tail drop/FIFO above the AQM/scheduler that are modifiable...
-
12:09 AM Bug #14227 (Duplicate): Traffic Shaper - selected scheduler not recognized
- Limiter created and enabled with a child queue enabled, both saved and applied. Make change and save parent limiter, ...
-
10:51 AM pfSense Packages Bug #14075 (Feedback): Using the ``Transparent ClientIP`` option in HAproxy results in kernel panics
- The original report was from a customer's system, however I have not been able to reproduce this either on 23.01 nor ...
-
10:13 AM pfSense Plus Bug #14224 (Duplicate): Error when deleting Boot Environment that was the source for a clone
-
06:54 AM pfSense Docs Todo #14225: Feedback on Packages — IDS / IPS — Configuring the Snort Package
- Should of added, there are 4 policies and *Max-Detect* is not mentioned on the help page
-
05:25 AM pfSense Docs Todo #14225: Feedback on Packages — IDS / IPS — Configuring the Snort Package
- this snort page lists the different policies but also gives a warning that the *Max-Detect* should only be used in te...
-
05:45 AM pfSense Docs Todo #14229: Snort - Add help page for SID MGMT
- Sticky topics - https://forum.netgate.com/category/53/ids-ips
-
05:43 AM pfSense Docs Todo #14229 (New): Snort - Add help page for SID MGMT
- there is no help page for
* https://x.x.x.x/help.php?page=snort/snort_sid_mgmt.php
* Services --> Snort --> SID M... -
03:43 AM pfSense Packages Bug #14228 (Resolved): pfBlockerNG might not support new Maxmind license keys
- https://dev.maxmind.com/geoip/release-notes/2023?lang=en#changes-to-maxmind-license-keys
* New license keys will b... -
03:08 AM pfSense Packages Feature #13195: Dedicated website for Feed mangement - Community Driven
- or the website could be website where end users (me and others) can add feeds and report dead feeds that would then b...
-
03:06 AM pfSense Packages Feature #14193: Website to add and remove feeds automatically
- duplicate of #13195 - close this one
04/01/2023
-
10:52 PM pfSense Docs Todo #14226 (New): Feedback on Packages — IDS / IPS — Configuring the Snort Package
- *Page:* https://docs.netgate.com/pfsense/en/latest/packages/snort/setup.html
*Feedback:* The docs seem to unnecess... -
08:58 PM Feature #13868: Allow packet capture on unassigned interfaces
- Danilo Zrenjanin wrote in #note-4:
> I tested the commit da2879b467746b43c8b8687700b6d7f34d4fd302 against the 22.05 ... -
08:49 PM pfSense Packages Todo #14221: Sync settings and inline documentation needs improving
- >>http is insecure because your password will be transmitted in plain text so use https
Not sure it's relevant to ... -
03:35 AM pfSense Packages Todo #14221 (New): Sync settings and inline documentation needs improving
- This inline notes on the sync page (Firewall --> pfBlockerNG --> Sync) need improving.
* *Add: Allow Sync Pushes*
... -
08:41 PM pfSense Plus Bug #14168: OpenVPN status GUI cannot display RADIUS ACL Generated Ruleset with usernames containing an ``@`` symbol
- Jim Pingle wrote in #note-1:
> Is this newly broken in 23.01 (regression) or has it never worked, even on older vers... -
08:36 PM pfSense Plus Bug #14224: Error when deleting Boot Environment that was the source for a clone
- Confirmed on 23.01. The boot environment deletes, but throws the error, so it appears to be cosmetic in nature, than...
-
12:14 PM pfSense Plus Bug #14224 (Duplicate): Error when deleting Boot Environment that was the source for a clone
- Steps to reproduce.
1. Navigate to System > Boot Environments
2. Create New Boot Environment
3. Clone that n... -
08:34 PM pfSense Packages Bug #14218: Deleting a shellcmd entry results in a PHP error and crash report
- A diff of the merge request fixes the problem when applied as a system patch. Deleting a shellcmd job doesn't give an...
-
10:08 AM pfSense Packages Bug #14218 (Pull Request Review): Deleting a shellcmd entry results in a PHP error and crash report
- https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/334
-
03:20 PM Bug #13996 (Not a Bug): Limiters using the fq_pie scheduler no longer pass any traffic.
-
03:19 PM Bug #13996: Limiters using the fq_pie scheduler no longer pass any traffic.
- I'm unable to reproduce this on a virtual machine which was upgraded to 23.01 from 22.05 (and to 22.05 from 22.01 pre...
-
02:02 PM pfSense Docs Todo #14225 (New): Feedback on Packages — IDS / IPS — Configuring the Snort Package
- *Page:* https://docs.netgate.com/pfsense/en/latest/packages/snort/setup.html
*Feedback:*
the following statemen... -
01:55 PM pfSense Packages Bug #11477: FRR does not recognize some BFD options
not exist
frr 1.2_3
pfsense 23.01-
12:16 PM pfSense Plus Bug #14074 (Resolved): Cannot edit or delete ZFS Boot Environment with a name containing only numbers
- Did some more testing. The other error seems to be unrelated to this issue. I created another redmine to track it. ht...
-
11:17 AM pfSense Packages Bug #14223 (New): Block Offenders - Incorrect statement/description
- The description on the options 'Block Offenders' is incorrect for 'inline mode' but still valid for 'Legacy Mode'
... -
10:55 AM pfSense Packages Bug #14220: pfBlockerNG does not sync to HA secondary
- Apparently my search for "sync" wasn't good enough. Apologies for the dupe.
-
06:46 AM pfSense Packages Bug #14220: pfBlockerNG does not sync to HA secondary
- I alreay created a bug for it, see https://redmine.pfsense.org/issues/14189 .
No feedback yet, if someone is even ... -
07:08 AM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions
- I can confirm the fix is working for me. I don't see any repeats anymore. Thanks Jim!
-
04:37 AM Feature #14222 (New): Add additional checks to admin account when disabling - Prevent lockouts
- Currently on a fresh copy of pfSense and only an admin account I am able to disable this 'admin' account. This is a p...
-
02:32 AM Todo #14183: Update OpenVPN Wizard to match current certificate and OpenVPN options
- Changeset tested on...
03/31/2023
-
06:58 PM Regression #14217: IPsec Phase 2 rekey failures with some PFS key groups
- Rekeying appears to work OK using PFS group 18 in IKEv1. Though it doesn't remove old rekeyed SAs....
-
01:50 PM Regression #14217: IPsec Phase 2 rekey failures with some PFS key groups
- When rekeying from 2.7 against 2.6 the remote side accepts the rekeys and installs the new child_SA. But the local si...
-
12:41 PM Regression #14217 (Confirmed): IPsec Phase 2 rekey failures with some PFS key groups
- Seeing this between a 2.7 VM and 23.01 on a 5100.
Tunnel rekeys as expected using PFS key group 14 but fails after... -
11:15 AM Regression #14217: IPsec Phase 2 rekey failures with some PFS key groups
- Jim Pingle wrote in #note-1:
> Is this tunnel mode or VTI?
This behavior is on both tunnel and VTI. Logs are for VTI... -
10:36 AM Regression #14217: IPsec Phase 2 rekey failures with some PFS key groups
- Is this tunnel mode or VTI?
Are those logs in forward or reverse order? They seem to be in reverse which makes re... -
10:24 AM Regression #14217 (Resolved): IPsec Phase 2 rekey failures with some PFS key groups
- IPSec phase 2 with some specific PFS key groups fails to rekey with the following logs message:
Mar 31 12:47:14 ch... -
05:30 PM Regression #14139: CARP announcement src MAC should be virtual MAC
- Looking good on 2.7.0.a.20230331.1347, these are virtual src MACs coming from the MASTER:
tcpdump -e -i
00:13:3... -
09:08 AM Regression #14139 (Ready To Test): CARP announcement src MAC should be virtual MAC
- The fix has been merged and will be present in future snapshot builds.
-
05:27 PM pfSense Packages Bug #14220 (Duplicate): pfBlockerNG does not sync to HA secondary
- After making changes they are not replicated to the secondary. E.g. on /pfblockerng/pfblockerng_ip.php check "kill s...
-
04:28 PM pfSense Packages Bug #14218 (Resolved): Deleting a shellcmd entry results in a PHP error and crash report
1. Install the shellcmd package from System > Package Manager.
2. Services > shellcmd >
Command: ...-
02:43 PM Bug #14212: Using limiters and VLANs crashes with kernel panic
- Jim Pingle wrote in #note-3:
> Bug reports must be for the current version or snapshots, not outdated releases. It's... -
02:28 PM Bug #14212 (Rejected): Using limiters and VLANs crashes with kernel panic
- Bug reports must be for the current version or snapshots, not outdated releases. It's entirely possible this has alre...
-
12:53 PM Bug #14212: Using limiters and VLANs crashes with kernel panic
- Jim Pingle wrote in #note-1:
> What version are you using?
>
> Can you replicate the problem on development snaps... -
07:17 AM Bug #14212 (Incomplete): Using limiters and VLANs crashes with kernel panic
- What version are you using?
Can you replicate the problem on development snapshots?
At a minimum we are going t... -
05:30 AM Bug #14212 (Rejected): Using limiters and VLANs crashes with kernel panic
- This problem was reported way on the past, at the time I ended up stopping using TS and lost track of this. Now I end...
-
01:00 PM Bug #14124 (Resolved): Some blank SAN fields are not ignored when creating a certificate
- !clipboard-202303311957-pkspm.png!
The patch clarifies the function of add button. I am marking this ticket resolved. -
10:28 AM Bug #14118: freeRadius "Amount of Time" setting is not accurately tracked for Stop/Start settings in Caaptive Portal
- re: 23.01 mid Feb release: Although the $rastart_time and $rastop_time are set around line 684 for the call to line 2...
-
09:05 AM Regression #13943 (Ready To Test): OpenVPN crashes with Signal 8 with very low fragment size
- Future snapshots will have OpenVPN 2.6.2, which contains the fix.
-
08:54 AM Bug #14216 (New): ntopng causes OpenVPN server errors 'error - IP packet with unknown IP version=15 seen' when OpenVPN server interface is selected
- If the OpenVPN server interface is selected in the ntopng 'General Options' - 'Interfaces', it causes thousands of Op...
-
07:58 AM Regression #14164 (Feedback): IPv6 interface configuration race condition can lead to kernel panic
- Let's keep this in a feedback state for a bit so we can confirm it's fixed in snapshots.
-
07:46 AM Todo #14210: Proposed new Icons for Logs to make for more logical reading
- I'm open to changing the icons but personally I don't find either of those any better/worse than the current icons.
... -
04:51 AM Todo #14210 (New): Proposed new Icons for Logs to make for more logical reading
- On the firewall logs (Status --> System Logs --> Firewall --> normal view) and probably elsewhere you use the followi...
-
07:22 AM Todo #14209 (Closed): Update Time Zone data to 2023c or later
- This was merged in yesterday when we synced the tree with upstream and should be in today's snapshots.
-
03:50 AM Todo #14209 (Closed): Update Time Zone data to 2023c or later
- Hi,
Egypt decided to return to daylight saving in 2023
tzdata need to be updated to 2023c
thanks and best regar... -
07:16 AM Feature #14213 (Rejected): Set range for random Gateway and network used for OpenVPN connections
- The address assigned to a client is set by the server to which it connects or set static in the tunnel network field....
-
05:31 AM Feature #14213 (Rejected): Set range for random Gateway and network used for OpenVPN connections
- When I create a new OpenVPN client (VPN --> OpenVPN --> Clients), assign it to an interface it becomes a gateway. The...
-
07:14 AM Todo #14215 (Closed): Redmine - Add CE to pfSense 2.6.0/2.7.0 Repo names for clarity
- We can consider that for future versions but changing existing ones can have some unintended side effects.
Given t... -
06:11 AM Todo #14215 (Closed): Redmine - Add CE to pfSense 2.6.0/2.7.0 Repo names for clarity
- Is it possible to add the *CE* to the 2.6.0 and 2.7.0 Redmine repo names so they follow your other products naming.
... -
05:50 AM Feature #14214 (New): Add logging options to the GUI for DNS Resolver
- This is a simple request to have the logging options to be added to the GUI for the DNS Resolver. The list below is n...
-
05:13 AM Todo #14211 (New): OpenVPN Status page (Stop|Start|Restart) - Use Ajax instead of full page reload.
- (Status --> OpenVPN)
When I (Start|Stop|Restart) an OpenVPN service in any of the sections (Client Connections|Pee... -
05:06 AM Bug #14136 (Resolved): Services Status page and Dashboard widget do not list the ``radvd`` service with certain static IPv6 configurations
- I replicated the issue on 23.01.
Re-tested the same scenario on 2.7.0.a.20230330.0600, and it worked fine. I am ma... -
03:10 AM Bug #14176 (Resolved): Uptime displays plural seconds for multiple minutes in the System Information Dashboard widget
- Tested on the 2.7.0.a.20230330.0600. It works fine.
I am marking this ticket resolved. -
03:03 AM pfSense Plus Regression #14137 (Confirmed): pfSense Plus Upgrade repo data remains on the system after upgradng
- I hit that case and confirmed that the offered workaround fixes it.
03/30/2023
-
10:27 PM Feature #14208: Automatic Split-DNS for 1:1 NAT
- PR: https://github.com/pfsense/pfsense/pull/4630
-
10:26 PM Feature #14208 (Pull Request Review): Automatic Split-DNS for 1:1 NAT
- There is a well-known challenge of dealing with accessing public IP addresses from inside the network. The two existi...
-
04:46 PM Regression #14164 (Closed): IPv6 interface configuration race condition can lead to kernel panic
- Fix landed upstream and locally after the merge
-
02:45 PM pfSense Docs New Content #14170 (Closed): Radius Authentication Timeout
- Note added and deployed: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/961dbec8f6cfdf95313ee3aff4c33d67f5bc118b
-
02:16 PM pfSense Packages Regression #13978: PHP errors with squidGuard
- Additionally:...
-
01:51 PM pfSense Docs Todo #14207 (Resolved): Rate limiting on Chelsio T4/5 NICs
- Chelsio T520-CR and T420-CR are unable to route speeds over 470mbps when updated to 23.01 code. Goes to full 1gb spee...
-
12:38 PM Revision 6f8ad15a: Fix memory RRD initialization. Fixes #14011
-
12:23 PM pfSense Docs Todo #14187 (Closed): Feedback on Certificate Management — Certificate Revocation List Management
- Though the existing text states that they should check if it's in use and remove it from use before deleting, I added...
-
11:54 AM pfSense Plus Bug #14206: package manager broken
- Almost certainly this though: https://redmine.pfsense.org/issues/14137
-
11:35 AM pfSense Plus Bug #14206 (Rejected): package manager broken
- This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... -
11:19 AM pfSense Plus Bug #14206 (Rejected): package manager broken
- newbe question *How do I remove pfsense plus upgrade? *
just upgraded to pfsense plus 23.01
when I click for availa... -
10:52 AM pfSense Docs Todo #13968 (In Progress): Marvell install instructions need updated
- I updated the 1100 and 2100 docs a couple weeks ago:
* https://gitlab.netgate.com/docs/pfsense-platforms/-/commit/... -
10:42 AM pfSense Docs New Content #13941 (In Progress): Memory usage in pfSense
- First step, I updated the breakdown of memory types in the graph text:
https://gitlab.netgate.com/docs/pfSense-doc... -
10:37 AM pfSense Docs Correction #13987 (Closed): Monitoring system graphs need updated info about Nat States
- Note added:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/04d2ec5dd76ba85922322f62c9fb67f58f64d47b
-
09:58 AM Regression #13942 (Resolved): PHP error on ``status_logs_settings.php`` if the configuration contains an empty ``syslog`` section
- That was my bad. I probably didn't wait long enough for the system_package to finish the installation process after r...
-
09:14 AM Regression #13942: PHP error on ``status_logs_settings.php`` if the configuration contains an empty ``syslog`` section
- I tried again on a fresh snapshot and @<syslog></syslog>@ does not produce a crash. If you added a tag you might have...
-
09:00 AM Regression #13942: PHP error on ``status_logs_settings.php`` if the configuration contains an empty ``syslog`` section
- Danilo Zrenjanin wrote in #note-6:
> I applied the patch (8b962c6a752a654f2def293d93c102d2d20a6887) and then made a ... -
08:33 AM Regression #13942: PHP error on ``status_logs_settings.php`` if the configuration contains an empty ``syslog`` section
- I applied the patch (8b962c6a752a654f2def293d93c102d2d20a6887) and then made a backup. I added an empty <syslog></sys...
-
07:45 AM Todo #14011 (Feedback): Update memory graphs to account for changes in memory reporting
- Applied in changeset commit:6f8ad15a0160bc1369e9fd4bcf3ac4c8462c9be7.
-
07:34 AM Todo #14011 (In Progress): Update memory graphs to account for changes in memory reporting
- Looks like the command that gets run at boot to put "unknown" values into the RRD (source:/src/etc/inc/rrd.inc#L642) ...
-
07:19 AM pfSense Packages Bug #14203 (Rejected): Zabbix Agent 6.2 installation fails
- The package installs fine (both agent and proxy) so whatever problem you are encountering is likely unique to your se...
-
04:19 AM pfSense Packages Bug #14203 (Rejected): Zabbix Agent 6.2 installation fails
- I see that this issue is reported a couple of times, i.e. https://redmine.pfsense.org/issues/13587 however it still p...
-
07:05 AM pfSense Plus Feature #14205 (New): Allow for maximum concurrent users, per user, in captive portal
- We have several schools who wish to impose how many devices are allowed to have access via the Captive Portal, per us...
-
06:58 AM pfSense Plus Bug #14204 (Pull Request Review): System Information Dashboard widget stops showing CPU details on aarch64
-
06:58 AM pfSense Plus Bug #14204: System Information Dashboard widget stops showing CPU details on aarch64
- https://gitlab.netgate.com/pfSense/factory/-/merge_requests/97
-
06:43 AM pfSense Plus Bug #14204 (Resolved): System Information Dashboard widget stops showing CPU details on aarch64
- In aarch64 systems (1100, 2100) the system information widget gets CPU data by greping the strings from dmesg.
Howev...
03/29/2023
-
08:43 PM Bug #13252: reduce frequency of php-fpm socket connection attempts from check_reload_status
- If it helps, I've experienced something similar in the past few days.
I got a report that "internet is down", but by... -
07:32 PM Revision 8dcaa361: Remove deprecated/removed NCP toggle from OpenVPN. Fixes #14201
-
05:29 PM pfSense Packages Bug #14199: ACME - Issue with corrupted cert
- Hi Jim .
My bad, I said HAProxy by mistake, I am using ACME for this, attached screenshot
-
11:57 AM pfSense Packages Bug #14199: ACME - Issue with corrupted cert
- The attached configuration snippet isn't a valid configuration for ACME. I'm not sure how it ended up in that state, ...
-
05:23 PM Bug #14077: Kernel panic from incoming IPv6 connections
- Jim Pingle wrote in #note-13:
> Bruno Dambrine wrote in #note-12:
> > 1 - Can I install the last snapshop of pfsens... -
03:54 PM Bug #14077: Kernel panic from incoming IPv6 connections
- I'm not proficient with FreeBSD package management so this is probably a dumb question, but is there any way to drop ...
-
04:03 PM Revision 0abc80b1: OpenVPN wizard updates. Fixes #14183
- * Added Randomize Serial option when creating CA
* Added Common Name field to CA/Cert (still can use descr if blank)
... -
02:58 PM pfSense Packages Todo #14202 (Resolved): Rename exported OpenVPN connect files as "connect" rather than "ios"
- Some of the files have names that are not following the same rules as the rest. I have made corrections to some of th...
-
02:53 PM Revision 8b962c6a: Update direct config access in status_logs_settings.php. Fix #13942
-
02:40 PM Todo #14201 (Feedback): Remove deprecated NCP enable/disable toggle from OpenVPN
- Applied in changeset commit:8dcaa3610c92aea930cc1fa631247ff2bce81e83.
-
12:23 PM Todo #14201 (Resolved): Remove deprecated NCP enable/disable toggle from OpenVPN
- CE snapshots now have OpenVPN 2.6.0 which removed the deprecated @ncp-disable@ option, making cipher negotiation comp...
-
01:54 PM Revision 3706158f: Disble unmapped mbufs. #13938
-
01:01 PM Revision 7e7910fd: syslogd source interface corrections. Fixes #14120
- * Do not attempt to use a source address when remote logging is
disabled.
* Do not attempt to use a source address ... -
11:10 AM Todo #14183 (Feedback): Update OpenVPN Wizard to match current certificate and OpenVPN options
- Applied in changeset commit:0abc80b184bcf16387fb9befa1f5f4695280c561.
-
11:03 AM Todo #14183 (In Progress): Update OpenVPN Wizard to match current certificate and OpenVPN options
- Making this more general as there are a few other places that need updated as well. I went through and compared thing...
-
10:02 AM pfSense Packages Bug #14200 (New): WireGuard reply-to without NAT
- I have discovered that the WireGuard package requires the interface to have the gateway set for the reply-to rules to...
-
10:00 AM Regression #13942 (Feedback): PHP error on ``status_logs_settings.php`` if the configuration contains an empty ``syslog`` section
- Applied in changeset commit:8b962c6a752a654f2def293d93c102d2d20a6887.
-
08:56 AM Bug #13938 (Feedback): Kernel panic accessing the GUI over IPsec in certain environments when using nginx ``sendfile`` with unmapped mbufs
-
08:56 AM Bug #13938: Kernel panic accessing the GUI over IPsec in certain environments when using nginx ``sendfile`` with unmapped mbufs
- That is a good point.
I've addressed this case too
https://gitlab.netgate.com/pfSense/pfSense/-/commit/3706158fe69c... -
08:40 AM Bug #13938: Kernel panic accessing the GUI over IPsec in certain environments when using nginx ``sendfile`` with unmapped mbufs
- Seeing as this is a bug in mbuf handling, I would argue the thing to do is to flip the unmapped buf support off -- th...
-
08:10 AM Regression #14120 (Feedback): ``syslogd`` tries to bind interfaces with no IP address
- Applied in changeset commit:7e7910fded01a44a7ab1014e95bbfb0fbae709a8.
-
07:46 AM Regression #14120: ``syslogd`` tries to bind interfaces with no IP address
- Did this happen on previous versions or just on 23.01 and after?
EDIT: Nevermind, it probably did based on the code. ... -
08:08 AM Regression #14164 (In Progress): IPv6 interface configuration race condition can lead to kernel panic
-
08:08 AM Regression #14164: IPv6 interface configuration race condition can lead to kernel panic
- Posted a review upstream: https://reviews.freebsd.org/D39317
-
07:32 AM Regression #14163: Running ``ifconfig`` logs a high volume of netlink debug messages (``genl_handle_message``) on dev snapshots
- Updating subject and excluding from release notes since it was a regression introduced between snapshots and not in a...
03/28/2023
-
05:34 PM pfSense Packages Bug #14199: ACME - Issue with corrupted cert
- Attaching the Acme section of my config.xml backup which had this issue after upgrading to the new release on Feb 17 ...
-
04:55 PM pfSense Packages Bug #14199 (Resolved): ACME - Issue with corrupted cert
- Hi team
After creating a new cert in HAProxy i got an timeout on the webui interface then receive this error:
P... -
05:22 PM Revision bfa5cfef: Skip blank SAN values, make + more clear. Fixes #14124
-
04:44 PM Revision 9d87553c: Fix radvd service check. Fixes #14136
-
03:48 PM Revision d588bb5c: Allow editing of CRL properties. Fixes #14185
- Fixes editing of imported CRLs and also allows editing properties of
internal CRLs. -
03:00 PM Revision 663e29bb: Note that CA serial is ignored when randomizing. Fixes #14188
- While here, when creating a CA, set the default serial to 1 since the
GUI won't allow saving with the serial remainin... -
02:36 PM Bug #14077: Kernel panic from incoming IPv6 connections
- Bruno Dambrine wrote in #note-12:
> 1 - Can I install the last snapshop of pfsense CE on my netgate 6100 as I do wit... -
12:50 PM Bug #14077: Kernel panic from incoming IPv6 connections
- Sorry, I have two questions.
1 - Can I install the last snapshop of pfsense CE on my netgate 6100 as I do with pfs... -
09:40 AM Bug #14077 (Feedback): Kernel panic from incoming IPv6 connections
- A fix for this was merged into snapshots around the 17th. If possible, please upgrade to a current dev snapshot and s...
-
02:33 PM Feature #14197 (Rejected): DHCP Leases - Add interface column
- The lease database doesn't record the interface, and given the potential size of the leases display calculating that ...
-
01:56 PM Feature #14197 (Rejected): DHCP Leases - Add interface column
- Status --> DHCP Leases
Can you add an Interface column so the results can be sorted by interface and also this mak... -
02:25 PM pfSense Packages Todo #14194: Better colours for alerts
- Green and Red are also not great choices because some people are red/green color blind, so ideally whatever colors ar...
-
01:32 PM pfSense Packages Todo #14194 (New): Better colours for alerts
- on the page Firewall --> pfBlockerNG --> Reports --> unified (and others)
pfBlocker uses
* 'Red' for traffic st... -
02:05 PM Feature #14198 (New): Allow gateway group with no members
- I would like the option of having gateway groups with no members, or perhaps a null entry if needed.
h2. Why
I ... -
01:50 PM pfSense Packages Feature #14196 (Incomplete): permitted firewall rules - additional text
- Firewall --> pfBlockerNG --> DNSBL --> DNSBL Configuration --> Permit Firewall Rules
Can you add some additional i... -
01:45 PM pfSense Packages Feature #14195 (New): Customise what are class as Full Domains when blocking with DNSBL
- Currently when a DNSBL is Blocked you get one of 2 pages depending what was looked up. Most lookups will end up beeb ...
-
01:26 PM pfSense Packages Feature #14193 (Duplicate): Website to add and remove feeds automatically
- I would like to see a website where end users (me and others) can add feeds and report dead feeds that would then be ...
-
01:15 PM Bug #14136: Services Status page and Dashboard widget do not list the ``radvd`` service with certain static IPv6 configurations
- Jim Pingle wrote in #note-2:
> Took me a bit to find one but I was able to reproduce this on one system in my lab --... -
11:50 AM Bug #14136 (Feedback): Services Status page and Dashboard widget do not list the ``radvd`` service with certain static IPv6 configurations
- Applied in changeset commit:9d87553c55770db317d0f65f608933f4412af363.
-
11:46 AM Bug #14136: Services Status page and Dashboard widget do not list the ``radvd`` service with certain static IPv6 configurations
- Took me a bit to find one but I was able to reproduce this on one system in my lab -- the others already showed it OK...
-
01:09 PM Revision c5faa351: Message queue handling improvements. Fixes #14031 Fixes #14061
- * Do not attempt to process the message queue without sufficient
privileges.
* Check for permission to write the me... -
01:04 PM Bug #13487: GUI IPV6-WAN-status stays "Offline, Packetloss" after a short communication hick up
- To be noted. In the actual 2.7 snapshot the IPV6 gateway is still relatively frequently changing to 'unavailable'
-
12:30 PM Bug #14124 (Feedback): Some blank SAN fields are not ignored when creating a certificate
- Applied in changeset commit:bfa5cfef8125d4ba07db5aa481fd854978b20c63.
-
11:22 AM pfSense Packages Feature #14192 (Rejected): Instant Website Redaction Technology Not working
- Hello Fellow Netgate Community Members,
I wanted to share some topics for discussion and possibly create a communi... -
10:55 AM Feature #14185 (Feedback): Ability to edit Certificate Revocation List properties
- Applied in changeset commit:d588bb5c211c5e2fb9e00647bff206ac6c806c26.
-
10:48 AM Feature #14185 (In Progress): Ability to edit Certificate Revocation List properties
- Making this more general since while I was in there it was also not too hard to allow editing the lifetime and serial...
-
04:59 AM Feature #14185: Ability to edit Certificate Revocation List properties
- just a small followup that is related.
I created a CRL using 'import an existing certificate revocation list' and ... -
10:10 AM Todo #14188 (Feedback): Add note to inform the user that the "Next Certificate Serial" value is ignored when the "Randomize Serial" option is enabled
- Applied in changeset commit:663e29bb666388407c52fbb8d418ff24077bffe0.
-
09:45 AM Regression #14163: Running ``ifconfig`` logs a high volume of netlink debug messages (``genl_handle_message``) on dev snapshots
- For the record, this appears to be triggered by running @ifconfig@. So any page or action that ends up using ifconfig...
-
09:39 AM Bug #14092 (Resolved): Kernel panic when PF passes a large/fragmented ICMP6 packet
- Looks good to me. I cannot crash a current Plus 23.05 or CE 2.7.0 snapshot with a large ping packet as I could before...
-
09:33 AM pfSense Packages Regression #14189: pfBlocker-NG: HA-Sync is not working
- I understand, but I don't know what is "not" happening.
There are two choices when configuring Sync for pfBlockerN... -
09:25 AM Bug #14061 (Feedback): PHP error if a non-privileged shell user attempts an operation which needs to write ``config.cache``
- Applied in changeset commit:c5faa351c1ef6d4555478a7f50b3a16ece7e0b2a.
-
08:13 AM Bug #14061: PHP error if a non-privileged shell user attempts an operation which needs to write ``config.cache``
- The more I looked at this I'm fairly certain it's the same root cause as #14031 -- If an unprivileged user such as @n...
-
09:25 AM Bug #14031 (Feedback): Identical SMTP notifications repeat in an infinite loop under certain conditions
- Applied in changeset commit:c5faa351c1ef6d4555478a7f50b3a16ece7e0b2a.
-
08:15 AM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions
- I was able to reproduce this on demand by triggering a notification from nut and a notification from the system short...
-
07:08 AM Regression #14139 (Waiting on Merge): CARP announcement src MAC should be virtual MAC
-
05:43 AM pfSense Docs Todo #14191 (Rejected): Feedback on pfSense® software Configuration Recipes — OpenVPN Site-to-Site Configuration Example with SSL/TLS
- *Page:* https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-s2s-tls.html
*Feedback:*
Hi there,
I think ... -
02:56 AM Todo #14190 (Duplicate): Update nvd3 (web ui dependency) to 1.8.6
- Updates and minifies nvd3 for better performance and some bug fixes.
PR: https://github.com/pfsense/pfsense/pull/4629
03/27/2023
-
08:20 PM Regression #14139: CARP announcement src MAC should be virtual MAC
- The bug is fairly obvious now. The check for multicast in carp_output() expects the IP address to be in host endianne...
-
06:35 PM Regression #14139: CARP announcement src MAC should be virtual MAC
- Actually, they do.
-
06:14 PM Regression #14139: CARP announcement src MAC should be virtual MAC
- Switches do not learn what port to use based on the carp announcements, so that's not actually something to worry abo...
-
08:40 AM Regression #14139: CARP announcement src MAC should be virtual MAC
- Hi Jim, yes, master & backup states are OK, even the switchover is OK, however without the right announcements coming...
-
08:38 AM Regression #14139: CARP announcement src MAC should be virtual MAC
- Hmm, yeah, that could be fallout from the unicast carp work. In unicast mode we use the interface Mac as source (most...
-
08:12 AM Regression #14139: CARP announcement src MAC should be virtual MAC
- On @2.7.0.a.20230314.0600@ the CARP advertisement source MAC was still the CARP MAC, but on current snaps it is the i...
-
07:14 PM pfSense Packages Regression #14189: pfBlocker-NG: HA-Sync is not working
- Packages get updated directly, they don't get patches.
Also there is almost no detail here or on the linked forum ... -
05:31 PM pfSense Packages Regression #14189 (Closed): pfBlocker-NG: HA-Sync is not working
- I'm not the only one with this problem.
See https://forum.netgate.com/topic/179060/pfblockerng-sync-not-working .
... -
06:11 PM Regression #14163: Running ``ifconfig`` logs a high volume of netlink debug messages (``genl_handle_message``) on dev snapshots
- As Christian said, these logs will go away with the next upstream merge.
They are harmless and can safely be ignored... -
06:09 AM Regression #14163: Running ``ifconfig`` logs a high volume of netlink debug messages (``genl_handle_message``) on dev snapshots
- Hi, I think this is related: https://redmine.pfsense.org/issues/14139 CARP do have problems in the last few builds, t...
-
05:28 PM pfSense Plus Regression #14181: ``mmcsd0`` controller timeout/system hang on 1100
- I found mmc-utils but I'm sure if it can tell me about the health of the flash. What else can I do to test it? I reme...
-
10:23 AM pfSense Plus Regression #14181: ``mmcsd0`` controller timeout/system hang on 1100
- I have seen the same thing on my 1100 but given the timing (could be hours, days, or even weeks between timeouts) it ...
- 04:36 PM Revision 1e05389e: Capitalize "dns" in DynDNS ttl help text
- 04:36 PM Revision e89ddfb9: Reorder DynDNS zone id help text alphabetically
- 04:36 PM Revision f9f13d00: Reorder DynDNS pasxsowrd help text alphabetically
- 04:36 PM Revision 6d610dde: Reorder DynDNS username help text alphabetically
- 04:36 PM Revision d3d29594: Reorder DynDNS hostname help text alphabetically
-
03:12 PM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions
- I can confirm I have this issue too _and_ I have nut installed. Actually, I am suffering from it now and can't reboot...
-
02:56 PM Bug #14031 (Confirmed): Identical SMTP notifications repeat in an infinite loop under certain conditions
- We've run up against issues like this with NUT before but not always a loop. See https://redmine.pfsense.org/issues/1...
-
02:49 PM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions
- I do have nut installed on my system. It hasn't repeated the process since my last report; maybe its a rare sequence ...
-
02:44 PM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions
- I finally had a system in my lab get stuck doing this, it was a fresh image of a 23.05 dev snapshot, restored a confi...
-
02:53 PM Bug #13224 (Duplicate): Email notification flood when UPS (NUT) and WAN send notifications
- Closing in favor of #14031 since it has more/better detail.
-
02:18 PM Bug #14124: Some blank SAN fields are not ignored when creating a certificate
- Jim Pingle wrote in #note-4:
> The "Add" button adds a new row to the form, it doesn't save or take any other action.... -
07:34 AM Bug #14124: Some blank SAN fields are not ignored when creating a certificate
- The "Add" button adds a new row to the form, it doesn't save or take any other action. It's working as intended and i...
-
11:37 AM Todo #14186 (Feedback): Improve DynDNS help text readability
- PR merged.
-
09:12 AM Todo #14186: Improve DynDNS help text readability
- Github PR link: https://github.com/pfsense/pfsense/pull/4628
-
09:12 AM Todo #14186 (Resolved): Improve DynDNS help text readability
- * To improve readability I've reordered hostname, username, password, zone id help texts alphabetically.
* Changed '... -
11:27 AM pfSense Packages Todo #9200: Add DNS support for Google domain to Acme manager
- Ryan Keen wrote in #note-9:
> It appears that Google Domains has added support for DNS-01 ACME Challenges using a to... -
11:02 AM pfSense Plus Bug #14074: Cannot edit or delete ZFS Boot Environment with a name containing only numbers
- OK, it may still be worth a quick look to see if we can make that smoother in case users are stuck with the problem e...
-
09:34 AM pfSense Plus Bug #14074: Cannot edit or delete ZFS Boot Environment with a name containing only numbers
- just want to be precise so you dont spend time on this if you dont have to;
the patch fixed the issue regarding n... -
07:27 AM pfSense Plus Bug #14074 (New): Cannot edit or delete ZFS Boot Environment with a name containing only numbers
- The current patch was merged into dev builds last week, but since there is still an issue with the patch applied, mov...
-
10:58 AM Bug #13423: IPv6 neighbor discovery protocol (NDP) fails in some cases
- Matt Gaynor wrote in #note-18:
> Also facing this issue, with the same lack of NDP response from pfSense, IPv6 is un... -
09:15 AM Bug #13423: IPv6 neighbor discovery protocol (NDP) fails in some cases
- Also facing this issue, with the same lack of NDP response from pfSense, IPv6 is unusable when using a non link-local...
-
10:47 AM Feature #14185: Ability to edit Certificate Revocation List properties
- That should be fairly easy, not sure why it isn't there already unless something in the form structure of that page m...
-
08:59 AM Feature #14185: Ability to edit Certificate Revocation List properties
- the CRL buttons
!crl-buttons.jpg!
-
08:54 AM Feature #14185 (Resolved): Ability to edit Certificate Revocation List properties
- Can you add the option to rename a 'Certificate Revocation List'
h2. Scenario
I have made a list and then added... -
10:43 AM Todo #14183: Update OpenVPN Wizard to match current certificate and OpenVPN options
- I agree, we should either add that as an option or silently enable it by default.
That whole workflow is probably ... -
08:14 AM Todo #14183: Update OpenVPN Wizard to match current certificate and OpenVPN options
- https://docs.netgate.com/pfsense/en/latest/certificates/ca.html...
-
08:00 AM Todo #14183 (Resolved): Update OpenVPN Wizard to match current certificate and OpenVPN options
- When running the OpenVPN wizard (VPN --> OpenVPN --> Wizards --> Type of Server: Local User Access ) On step 6 of 11,...
-
10:41 AM Todo #14184 (Rejected): Redmine - Automatically subscribe the issue reporter
- The only options there are in your own profile settings. There is no global option in Redmine to change that behavior.
-
08:06 AM Todo #14184 (Rejected): Redmine - Automatically subscribe the issue reporter
- When I create an issue in Redmine I have to manually subscribe/watch.
Can you change the settings so when I report... -
10:35 AM Bug #14182: PHP error when XMLRPC client attempts to synchronize without any synchronization settings in the configuration
- The only way I can see that error happening is if the HA sync settings in the configuration are empty, which isn't va...
-
04:30 AM Bug #14182 (Closed): PHP error when XMLRPC client attempts to synchronize without any synchronization settings in the configuration
- After upgrading to 23.01 the FreeRADIUS XMLRPC Sync get PHP error. ...
-
10:31 AM pfSense Plus Bug #13967 (Resolved): aarch64 23.01 upgrade can fail to write the bootloader
-
10:30 AM Regression #14138 (Feedback): Kernel Panic in ``rtsock_msg_mbuf``
- Is the backtrace always the same?
Is there anything else going on when this happens?
In the message buffer it l... -
10:13 AM pfSense Plus Bug #14140 (Not a Bug): OpenVPN Custom Options removes newline before push statements
- Not a bug. Statements must be separated with a *semicolon* , not a newline.
This is stated clearly in the descript... -
10:10 AM pfSense Plus Regression #14180 (Feedback): ConnectX-4 LX MCX4121A-ACAT - VT-d passthrough of both ports, virtualized pfSense fails to boot due to mlx5 driver errors
- The error messages are different so this may not be the case, but over on the TNSR side we have seen behavior changes...
-
10:00 AM Feature #14177: tcprtt Measures the TCP handshake RTT using the stats(9) statistics framework
- If we do include this it should also warn against using it arbitrarily, since some public services may also not react...
-
09:56 AM Bug #9459: patch pf: silence a runtime warning pfr_update_stats: assertion failed.
- Given the age of the original issue this was likely fixed before and then regressed in a later version. Please make a...
-
09:56 AM pfSense Docs New Content #14174: Feedback on Certificate Management — Certificate Authority Management
- see https://forum.netgate.com/topic/179007/add-this-certificate-authority-to-the-operating-system-trust-store/5?_=167...
-
09:49 AM pfSense Docs New Content #14174 (Rejected): Feedback on Certificate Management — Certificate Authority Management
- The current text already covers the second point and the first point is irrelevant.
The text already says "When ad... -
09:55 AM Bug #14176 (Feedback): Uptime displays plural seconds for multiple minutes in the System Information Dashboard widget
- MR merged
-
09:52 AM pfSense Plus Bug #14175: LDAP authentication for SSH fails
- Did the same configuration work before 23.01?
-
09:37 AM Todo #14188 (Resolved): Add note to inform the user that the "Next Certificate Serial" value is ignored when the "Randomize Serial" option is enabled
- When editing or creating a CA you have the option to 'Randomize Serial'. When this is used the 'Next Certificate Seri...
-
09:36 AM pfSense Plus Feature #14173: QAT driver does not attach to QAT virtual function devices passed through to VM on Xeon D-2146NT
- Hi Jim,
thank you for looking into it.
I'm already in contact with the Intel QAT driver team, to see if the fau... -
09:30 AM pfSense Plus Feature #14173 (Needs Patch): QAT driver does not attach to QAT virtual function devices passed through to VM on Xeon D-2146NT
- If it fails on FreeBSD 14-CURRENT then it needs fixed upstream first and we can pull in the fix from there. It could ...
-
09:26 AM pfSense Docs Todo #14187 (Closed): Feedback on Certificate Management — Certificate Revocation List Management
- *Page:* https://docs.netgate.com/pfsense/en/latest/certificates/crl.html#delete-a-certificate-revocation-list
*Fee... -
09:21 AM pfSense Plus Regression #14171 (Not a Bug): High Availability Setup with Gateway to secondary pfSense not working - No Internet
- This is not and will not be a supported CARP configuration. WANs must be static using CARP for CARP to function prope...
-
09:19 AM Bug #14169 (Not a Bug): OpenVPN Backend for authentication doesn't distinguish reject from timeout
- This is not a bug, it's intended behavior.
When an auth server is down or fails it may either timeout, reject acce... -
09:17 AM pfSense Plus Bug #14168: OpenVPN status GUI cannot display RADIUS ACL Generated Ruleset with usernames containing an ``@`` symbol
- Is this newly broken in 23.01 (regression) or has it never worked, even on older versions?
-
09:14 AM Feature #14166: Use netstat output for interface packet counters
- Also netstat has libxo support so getting the data should be fairly simple (e.g. @netstat -ni --libxo=json@)
-
09:08 AM Feature #14165: Option to allow the DNS Forwarder to ignore system DNS servers
- That isn't a use case that should have worked before, it just happened to work by accident. Adding an option to accom...
-
09:06 AM Bug #14060 (Resolved): Auto Config Backup prints a confusing decryption error when using the wrong key
-
08:54 AM Feature #14156 (Rejected): See the configured .opvn file from the GUI for the OpenVPN servers
- Exposing that level of backend config data in the GUI would be more confusing and rarely help users solve problems. A...
-
08:53 AM pfSense Packages Todo #14155 (Rejected): 'Block Outside DNS' option is present in the server and on the client
- The two options cover different scenarios: The option in the base pushes to all clients, the option in the client exp...
-
08:42 AM pfSense Docs Correction #14143: Feedback on System Monitoring — Remote Logging with Syslog
- I thought the syslog-ng information was relevant because it would clear up when to use remote logging to a separate s...
-
08:37 AM pfSense Docs Correction #14143: Feedback on System Monitoring — Remote Logging with Syslog
- Updating the links is OK, but adding more info on syslog-ng should go in its own separate doc somewhere. It doesn't c...
-
08:39 AM Feature #14144: Improve support for renaming interface groups
- This may end up being related to #14095 -- or at least overlapping somewhat.
-
08:32 AM pfSense Packages Bug #14142 (Rejected): PHP errors in OpenVPN Client Export package
- Christopher is right, it looks like the package needs updating because @vpn_openvpn_export_shared.php@ is removed on ...
-
08:14 AM pfSense Packages Bug #14141 (Rejected): pfsense 2.6.0 -pfSense-pkg-squid installation failed!
- This isn't a bug, but a problem with your current update settings. This site is not for support or diagnostic discuss...
-
08:09 AM pfSense Plus Bug #14132: Aliases of the same name current as previously deleted will not be respected properly
- Thanks for the update. You sparked an idea about not everything being removed when an Alias is changed.
I'm goin... -
07:55 AM pfSense Plus Bug #14132 (Not a Bug): Aliases of the same name current as previously deleted will not be respected properly
- There isn't nearly enough evidence here of a bug and not something else happening in the configuration or existing st...
-
08:04 AM pfSense Plus Feature #14134: Notifier on main dashboard for other updates availble: Packages / System Patches (if installed) Under the PfSense current Version.
- Jim Pingle wrote in #note-1:
> There is already a packages widget which shows available package updates.
My apolo... -
07:56 AM pfSense Plus Feature #14134 (Rejected): Notifier on main dashboard for other updates availble: Packages / System Patches (if installed) Under the PfSense current Version.
- There is already a packages widget which shows available package updates.
-
07:59 AM pfSense Plus Bug #14135 (Rejected): iOT Devices not reconnecting properly
- There isn't any evidence here of a bug in pfSense. Myself and many others use various IOT devices in many different w...
-
07:53 AM pfSense Packages Feature #14126: Quality monitoring graph scale adjustment
- Moving over to the graph frontend location since I'm fairly certain if it can be changed, it's in the parts located i...
-
07:32 AM Bug #14115: DHCP Server page does not properly select a default interface tab if neither WAN nor LAN are capable of being DHCP servers
- Looks like one test is reversed when it's trying to locate the starting interface. I don't have a setup to test this ...
03/26/2023
-
06:29 PM Regression #14138: Kernel Panic in ``rtsock_msg_mbuf``
- It's the exact same hardware I ran the previous version on, with no changes to hardware or BIOS settings. The problem...
-
05:46 AM Bug #9577: radvd send_ra_forall failed on interface / can't join ipv6-allrouters
- This problem returned for me after updating to pfSense 2.6.0.
Immediately after starting radvd, it starts spamming...
03/25/2023
-
09:40 PM Bug #8343 (Resolved): Gateway Routes (Default Routes) not removed in Kernel when removed from GUI
disabling/disconnecting the WAN_DHCP interface will remove the default route
tested on
2.7.0-DEVELOPMENT (amd...-
08:48 PM pfSense Plus Bug #13967: aarch64 23.01 upgrade can fail to write the bootloader
- This has been working for over a week now without issue. We can close this as Resolved.
-
08:44 PM Regression #14138: Kernel Panic in ``rtsock_msg_mbuf``
- Did this start after updating or something? General Protection Fault is almost always hardware failure or a hardware...
-
08:05 PM pfSense Plus Regression #14181: ``mmcsd0`` controller timeout/system hang on 1100
- Well I'm running on a completely different SG-1100 now so I'll wait and see if the problem reoccurs before the next v...
-
07:23 PM pfSense Plus Regression #14181: ``mmcsd0`` controller timeout/system hang on 1100
- I haven't seen this with any other firewalls or on my personal Netgate 1100. I suspect you might have a fault eMMC t...
-
05:00 PM pfSense Plus Regression #14181: ``mmcsd0`` controller timeout/system hang on 1100
- Oops, I'm actually running 23.01.
-
02:26 PM pfSense Plus Regression #14181: ``mmcsd0`` controller timeout/system hang on 1100
- Craig Leres wrote:
> I've attached two serial console stack traces.
Here's one more crash from a few minutes ago,... -
12:28 PM pfSense Plus Regression #14181 (Closed): ``mmcsd0`` controller timeout/system hang on 1100
- Several times since upgrading to 23.05 and later reinstalling to switch to zfs root I've had a SG-1100 glitch and los...
-
07:43 PM Bug #14083: Adding MSS and MTU values on a LAGG VLAN interface breaks connectivity
- confirmed on 7100 running 23.01 - after setting mtu/mss and rebooting system receives and displays IP on WAN in conso...
-
07:28 PM pfSense Plus Bug #14104: Google LDAP connections still fail even after adding SNI for TLS 1.3
- If the client certificate is chained into a single entry with the CA data, may be related to this: https://redmine.pf...
-
06:43 PM pfSense Packages Todo #12351: Remove non-functional feeds
- shallalist is no longer updated, it needs to be removed from DNSBL categories
https://www.shallalist.de/ is comple... -
06:34 PM pfSense Packages Bug #13936 (Pull Request Review): PHP error from RRD Graphs when attempting a query a newly created empty database
- https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/333
-
06:30 PM pfSense Plus Regression #13993: Switch ports on 7100/1100/2100 do not have Auto MDI-X support enabled
- switch is not detected under interfaces menu with current build - 23.05.a.20230322.0600
-
12:24 PM pfSense Plus Bug #14140 (Confirmed): OpenVPN Custom Options removes newline before push statements
-
09:43 AM pfSense Plus Bug #14140: OpenVPN Custom Options removes newline before push statements
- I'm not able to reproduce this on the server settings, but can on the Client Specific Overrides page. After saving an...
-
09:19 AM pfSense Plus Regression #14180 (Feedback): ConnectX-4 LX MCX4121A-ACAT - VT-d passthrough of both ports, virtualized pfSense fails to boot due to mlx5 driver errors
- I've been running the following configuration for months now:
Hypervisor:
Linux Kernel 5.15
libvirt/qemu/kvm
... -
07:49 AM pfSense Packages Bug #14179 (New): FreeRadius is active but in an inoperable state, switches to a generated freeradius-temp certificate upon restart
- I was testing my HA setup yesterday evening and used the "Enter Persistent CARP Maintenance Mode" button quite a few ...
-
04:54 AM Regression #14039: Limiters have no effect on upload traffic passed by policy routing rules
- Tried as Floating Rule but for me same outcome, the Limiter Diagnostic showing no limiter applied.
03/24/2023
-
08:25 PM Bug #14178: Captive Portal Pass-through MAC Auto Entry registering MAC address for unauthenticated users when using Pass-through credits
- Typo in the third bullet of Actual Behavior "They don't ever see the login/portal prompt."
-
08:21 PM Bug #14178 (New): Captive Portal Pass-through MAC Auto Entry registering MAC address for unauthenticated users when using Pass-through credits
- The Captive Portal "Pass-through MAC Auto Entry" feature is adding an Allowed Client MAC address registration for una...
- 07:17 PM Revision 1b121a0f: Correct plural seconds check.
-
05:54 PM Feature #14177 (New): tcprtt Measures the TCP handshake RTT using the stats(9) statistics framework
- My coworker thought using 8.8.8.8 for the gateway monitor would suffice for a “is the internet up” monitor. Well, goo...
-
03:15 PM Bug #9459: patch pf: silence a runtime warning pfr_update_stats: assertion failed.
- I see. Thanks for the info.
Issue still exists so status of this bug shouldn't be 'resolved'.. -
02:21 PM Bug #14176: Uptime displays plural seconds for multiple minutes in the System Information Dashboard widget
- https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1023
-
02:06 PM Bug #14176 (Resolved): Uptime displays plural seconds for multiple minutes in the System Information Dashboard widget
- The check to display seconds as plural is incorrectly checking for multiple minutes here:
https://github.com/pfsense... -
01:25 PM pfSense Plus Bug #14175: LDAP authentication for SSH fails
- Can confirm the issue....
-
12:58 PM pfSense Plus Bug #14175 (New): LDAP authentication for SSH fails
- LDAP authentication fails for SSH user authentication via LDAP with error (Invalid credentials).
Same user successfu... -
12:43 PM pfSense Docs New Content #14174 (Rejected): Feedback on Certificate Management — Certificate Authority Management
- *Page:* https://docs.netgate.com/pfsense/en/latest/certificates/ca.html
*Feedback:*
the *Trust Store* section s... -
10:20 AM pfSense Plus Feature #14173 (Needs Patch): QAT driver does not attach to QAT virtual function devices passed through to VM on Xeon D-2146NT
- pfSense is virtualized under Linux.
Hypervisor:
* qemu-kvm
* i440fx (q35 doesn't work either)
* kernel 5.15.9... -
10:03 AM pfSense Plus Regression #14102 (Feedback): Console menu incorrectly shows option ``99`` on some ARMv7/ARM64 installations
- Fixed in 209cb8b1.
-
09:59 AM pfSense Plus Regression #14102: Console menu incorrectly shows option ``99`` on some ARMv7/ARM64 installations
- I've simplified and improved the EMMC/SATA rootdev check for aarch64 devices. The modified script is more specific ab...
-
09:55 AM Regression #14172 (Resolved): PHP error in Captive Portal if ``usedmacs`` list is empty
- ...
-
09:51 AM pfSense Plus Regression #14171: High Availability Setup with Gateway to secondary pfSense not working - No Internet
- I forgot to add: All currently available patches were applied via the System Patches package, before any testing was ...
-
09:44 AM pfSense Plus Regression #14171 (Not a Bug): High Availability Setup with Gateway to secondary pfSense not working - No Internet
- Hi,
the following setup is working just fine on pfSense CE 2.6.0:
* High Availability/CARP
* Gateway group WAN... -
06:15 AM Regression #14039: Limiters have no effect on upload traffic passed by policy routing rules
- I think in general you currently don't need more testers but can at least share that we are quite affected since we h...
-
04:13 AM pfSense Docs New Content #14170 (Closed): Radius Authentication Timeout
- https://docs.netgate.com/pfsense/en/latest/usermanager/radius.html#radius-configuration ...
-
03:44 AM Bug #14169 (Not a Bug): OpenVPN Backend for authentication doesn't distinguish reject from timeout
- When multiple auth servers are defined in the list, the VPN doesn't respect the reject message from the first server ...
03/23/2023
-
08:35 PM pfSense Plus Bug #14168 (New): OpenVPN status GUI cannot display RADIUS ACL Generated Ruleset with usernames containing an ``@`` symbol
- When looking at the Status --> OpenVPN page and viewing a user's ACLs from RADIUS, if the user signed in with user@do...
-
03:03 PM Regression #14164: IPv6 interface configuration race condition can lead to kernel panic
- ...
-
11:15 AM Regression #14164 (Resolved): IPv6 interface configuration race condition can lead to kernel panic
- While re-configuring an interface that has an IPv6 config, such as when the link bounces, it's possible to hit a race...
-
01:59 PM Bug #14167 (Confirmed): Auto Config Backup: Selected manual backups are not retained.
- The 'Manual backups to keep' feature in ACB does not retain the selected number of manual backups as expected.
Man... -
12:49 PM Feature #14166 (New): Use netstat output for interface packet counters
- Currently the In/Out Packets counters shown for Interface Status are taken from pfctl. Hence they show the identical ...
-
12:31 PM Feature #14165 (Resolved): Option to allow the DNS Forwarder to ignore system DNS servers
- Since the change for #12902 I can no longer specify custom servers in the DNS Forward configuration. I do not want t...
-
12:08 PM Bug #14060: Auto Config Backup prints a confusing decryption error when using the wrong key
- Tested on:
Version 23.01-RELEASE (amd64)
built on Fri Feb 10 20:06:33 UTC 2023
FreeBSD 14.0-CURRENT
patch resol... -
10:02 AM Todo #14098 (Resolved): Match upstream changes in PF syntax to disable fragment disassembly
- The patch fixes this one. I am marking this ticket resolved.
-
08:37 AM Regression #14163 (Waiting on Merge): Running ``ifconfig`` logs a high volume of netlink debug messages (``genl_handle_message``) on dev snapshots
- This will be fixed when we do our next merge from upstream FreeBSD
-
08:13 AM Regression #14163 (Resolved): Running ``ifconfig`` logs a high volume of netlink debug messages (``genl_handle_message``) on dev snapshots
- System log is being spammed with kernel messages. CE 2.7.0.a.20230322.0600. It only appears to happen when the Dashb...
-
07:56 AM Regression #14015 (Resolved): Alias list is not sorted
- I tested the patch with different upper-lower case setups. The patch works fine.
I am marking this ticket resolved. -
07:46 AM Bug #13992 (Resolved): Custom default state timeouts are not respected in the ruleset
- The patch fixes the issue. I've just run the Status > Filter Reload after applying the patch.
I am marking this t... -
05:25 AM pfSense Packages Feature #14160: Add Search Engine Group in feeds
- This is so we can whitelist search engines "Search Engines IPv4", "Search Engines IPv6"
-
05:02 AM pfSense Packages Feature #14160 (New): Add Search Engine Group in feeds
- It would be good to get a search engine feed so you can either block them or use them as a whitelist. I have included...
-
05:22 AM pfSense Packages Feature #14162 (New): Add 'Google Services' feed group
- This group can be used to allow the blocking or whitelisting of google services. I have added what I found along with...
-
05:17 AM pfSense Packages Feature #14161 (New): Add 'Microsoft Services' feed
- This should include all of the Microsoft services and preferably in separate items. I have included links to the page...
-
03:17 AM pfSense Packages Feature #14159 (New): Add netgate bogon feeds
- Can you add the netgate bogon feeds.
* https://files.netgate.com/lists/
** https://files.netgate.com/lists/bogon-... -
02:48 AM pfSense Packages Bug #13936: PHP error from RRD Graphs when attempting a query a newly created empty database
- Can replicate on ...
-
02:30 AM Regression #13942: PHP error on ``status_logs_settings.php`` if the configuration contains an empty ``syslog`` section
- I couldn't apply the patch on the:...
-
02:03 AM Feature #14002 (Resolved): Option to enable/disable console bell, enabled by default
- Tested the patch against:...
03/22/2023
-
07:38 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``
- For clarity the e1000 iflib driver that is in-kernel in pfSense has a bug that prevents it passing vlan0 if vlan hard...
-
06:30 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``
- Kris Phillips wrote in #note-31:
> Hayden Hill wrote in #note-30:
> > Kris Phillips wrote in #note-29:
> > > FYI i... -
10:02 AM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``
- Hayden Hill wrote in #note-30:
> Kris Phillips wrote in #note-29:
> > FYI it appears this issue has spread in 23.01... -
03:34 PM pfSense Packages Feature #13200: Custom DNS Servers for Alert settings
- One solution would be to deny:
LAN: Deny any != pfblockerng ip TCP/UDP:53
WAN: ANY outgoing TCP/UDP:53
And allow... -
12:55 PM pfSense Plus Bug #14158: Unable to delete boot environment "X". Error 3
- Duplicate of https://redmine.pfsense.org/issues/14074
-
12:55 PM pfSense Plus Bug #14158 (Duplicate): Unable to delete boot environment "X". Error 3
-
12:38 PM pfSense Plus Bug #14158 (Duplicate): Unable to delete boot environment "X". Error 3
- Hi,
I was going to make a new backup recovery in the Boot Environments.
I name it with one number ie. 1, then save ... -
11:44 AM Feature #14157 (New): Wildcards for 'Host Overrides' and 'Domain Overrides' in the GUI
- Can you add the ability to use wildcards in 'Host Overrides' and 'Domain Overrides' in the GUI.
I know I can add w... -
11:36 AM Feature #14156 (Rejected): See the configured .opvn file from the GUI for the OpenVPN servers
- It would be a useful feature for diagnosing issues quickly to see the generate .OPVN file in the GUI.
If the onscr... -
11:27 AM pfSense Packages Todo #14155 (Rejected): 'Block Outside DNS' option is present in the server and on the client
- I find this situation confusing and propose a couple of resolutions:
* If the option 'Block Outside DNS' should stay... -
11:22 AM pfSense Packages Feature #11165: OpenVPN Exporter - Allow for name customization
- I would like to see this so if I want, I can create more human readable connection names which are shown in the OpenV...
-
10:59 AM Regression #13965 (Resolved): Automatic DHCP failover firewall rules are not present in the ruleset when failover is active
- The patch fixes it.
I am marking this ticket resolved. -
09:22 AM Feature #14144: Improve support for renaming interface groups
- maybe this should have been bug, not feature. Sorry.
-
07:18 AM Feature #14144 (New): Improve support for renaming interface groups
- I have noticed that when an Interface Groups is renamed, all the Separators are lost.
I then named it back to the or... -
08:41 AM pfSense Packages Bug #14142 (Not a Bug): PHP errors in OpenVPN Client Export package
- This doesn't look like a bug. From the logs, the OpenVPN export package needs to be updated / reinstalled.
If that... -
06:05 AM pfSense Packages Bug #14142 (Rejected): PHP errors in OpenVPN Client Export package
- Good moorning after installation last version of pf-sense, system shows Us the follow error related openvpn .
I am... -
08:40 AM pfSense Packages Feature #14154 (New): Ability to use pfSense alias in IPv4 Custom_List
- Firewall --> pfBlockerNG --> IP --> IPv4 --> edit/add --> IPv4 Custom_List
the reasons for this are:
* I only hav... -
08:36 AM pfSense Packages Bug #14153 (New): default whitelist is not created
- When I click on the button from the + button from the reports tab and follow the whitelisting, the default whitelist ...
-
08:35 AM pfSense Plus Bug #14140: OpenVPN Custom Options removes newline before push statements
- Sorry, i forgot to describe WHY this is a problem.
The issue is that the invalid formatting of the options will ca... -
08:19 AM Feature #14152 (New): Add a way to find where an alias is used in the GUI
- I would like the ability to find where an alias is used via the GUI. I imagine a button next to the other alias optio...
-
08:08 AM pfSense Packages Feature #14151 (New): Add (ASN) to IPv4 Custom_List information
- Firewall --> pfBlockerNG --> IP --> IPv4 --> IPv4 Custom_List
the line ... -
08:05 AM pfSense Packages Feature #14150 (New): Source and Destination information for IPv4 Custom_List and feeds
- Firewall --> pfBlockerNG --> IP --> IPv4 --> list
When you edit/create a list you have to select an action type an... -
07:58 AM pfSense Packages Feature #14149 (New): Make the NEXT Scheduled CRON counter active
- I would like the countdown timer of the cron to be active. Like on an aution page of ebay. :)
Firewall --> pfBlock... -
07:54 AM pfSense Packages Feature #14148 (New): Update alias information and error handling
- On the following sections can you:
Firewall --> pfBlockerNG --> IP --> IPv4
*Advanced Inbound Firewall Rule Set... -
07:48 AM pfSense Packages Feature #14147 (New): when you rename an alias the alias reference in pfsense Advanced Inbound/Outbound rules ar enot updated
- I refer to the rules @ (Firewall --> pfBlockerNG --> IP --> IPv4)
I noticed that when I renamed an alias that the ... -
07:36 AM pfSense Packages Bug #14146 (New): Small Typo in 'Advanced Outbound firewall rule settings' warning message
- When creating an IPv4 outbound permit rule (Firewall --> pfBlockerNG --> Ip --> IPv4) and you leave the **Custom Prot...
-
07:20 AM Feature #14145 (New): Combined rule view (Floating + Group + Interface) that shows all rules relevant to a given interface
- When viewing an interface firewall rule section it would be nice to have a toggle to "show inherited". This would sho...
-
07:09 AM pfSense Docs Correction #14143 (Closed): Feedback on System Monitoring — Remote Logging with Syslog
- *Page:* https://docs.netgate.com/pfsense/en/latest/monitoring/logs/remote.html
*correction:*
in the section *Se...
03/21/2023
-
07:17 PM pfSense Packages Bug #14054: pfBlockerNG can incorrectly modify firewall rules
- It appears this related to the IPv4 IP list being updated, and happens during this step:...
-
06:38 PM pfSense Packages Bug #14141 (Rejected): pfsense 2.6.0 -pfSense-pkg-squid installation failed!
- Hi guys,
Any help please.
I'm working on a lab project that is due in the comming days. Everything has worke fine u... -
05:43 PM pfSense Packages Todo #9200: Add DNS support for Google domain to Acme manager
- It appears that Google Domains has added support for DNS-01 ACME Challenges using a token generated on Google Domains...
-
01:56 PM pfSense Packages Feature #8547: fwknop Port Knocking Package
- I'd like to add a vote here, too. This would be *incredibly* useful.
Port knocking is not an _alternative_ to a VP... -
01:54 PM pfSense Plus Bug #14140 (Not a Bug): OpenVPN Custom Options removes newline before push statements
- Hello,
I'm setting up an OpenVPN server and need to pass in some additional option in two places:
1. VPN -> Ope... -
12:49 PM Regression #14139 (Resolved): CARP announcement src MAC should be virtual MAC
- Hi All,
I think at some point in the last couple of 2.7.0 builds CARP function became somewhat broken. CARP announ... -
11:12 AM Feature #12091: RFE: Add support for sssd authentication
- Just updated to psSense Plus 23.01 and now with sssd-1.16.5_8 it fails to start with:
ld-elf.so.1: /usr/local/sbin... -
02:22 AM Regression #14138 (Feedback): Kernel Panic in ``rtsock_msg_mbuf``
- I’ve been having a number of these over the last week or so. Last night’s was overnight when no one was using the net...
-
12:09 AM pfSense Plus Regression #14137: pfSense Plus Upgrade repo data remains on the system after upgradng
- Also, if package manager unavailable, may help next solution
Check and then uncheck dashboard auto update box in Sys...
03/20/2023
-
10:36 PM Bug #13624: Only one alias in local network of OpenVPN Server works in 2.6.0
- Also ran into the sub-alias not updating the parent alias issue as described by Florian Bat.
This had one of our en... -
07:21 PM pfSense Plus Regression #14137 (Resolved): pfSense Plus Upgrade repo data remains on the system after upgradng
- After upgrading from CE to pfSense Plus the repo data used for that should be removed from the firewall leaving it us...
-
02:14 PM Revision 875221b6: ArrayGetExprRector support for variable and funccall array keys
- Change how buildPathArgNode() generates an Arg node - as we introduce support
for more complicated expressions in arr... -
02:14 PM Revision ce614369: Make ArrayGetExprRector configurable for multiple variables
- Rector only permits a single instance of a Rule class in a configuration, so in
order to allow the ArrayGetExprRector... -
02:14 PM Revision 96eb75ed: Rename GlobalGGetExprRector and friends to ArrayGetExprRector
-
02:14 PM Revision 46f5b38a: Make GlobalGGetExprRector configurable, add simple test for $g variable
-
02:03 PM pfSense Packages Bug #14116 (Duplicate): Squid Error went I press SAVE button.
- Duplicate of https://redmine.pfsense.org/issues/13984
Missing Squid Reverse config values. -
10:19 AM pfSense Packages Bug #14116: Squid Error went I press SAVE button.
Looks like Clamav is the issue, once I disable this services, the error is gone.
This is my config file:
cat...-
11:52 AM Feature #13017 (Pull Request Review): Packet capture: add preview results while capture is running
- Thank you for the pull request. This has been implemented with a re-write of the Packet Capture page. See https://red...
-
09:42 AM Bug #14136 (Resolved): Services Status page and Dashboard widget do not list the ``radvd`` service with certain static IPv6 configurations
- After upgrading from 2.5.2 to 23.01 I noticed that @radvd@ no longer appears in Services Status or the associated das...
-
04:38 AM pfSense Plus Bug #14135: iOT Devices not reconnecting properly
- I forgot to mention we also tested this with a Sony TV (1 year old and up to date Firmware) on an ethernet connection...
-
04:24 AM pfSense Plus Bug #14135 (Rejected): iOT Devices not reconnecting properly
- IOT Devices of different manufacturers all seem to have this problem and while the problem is being experienced I wou...
-
04:32 AM pfSense Plus Bug #13497: unbound process looks like stuck periodically
- Yaroslav Semenenko wrote:
> Hello,
>
> I have Netgate 2100.
> Unbound service is needed to restart sometimes due... -
03:50 AM pfSense Plus Feature #14134 (Rejected): Notifier on main dashboard for other updates availble: Packages / System Patches (if installed) Under the PfSense current Version.
- A notifier on the Main Landing page under the Current PfSense Version number that lets you also know if your packages...
-
03:47 AM pfSense Plus Feature #14133 (New): Exporting and Importing - Change Layout
- Please change Backup & Restore to allow for choosing only what areas you want to import/export without having to do i...
-
03:39 AM pfSense Plus Bug #14132 (Not a Bug): Aliases of the same name current as previously deleted will not be respected properly
- This problem is hard to describe so I'll give as much information as possible as best as I can.
-Alias was created... -
03:30 AM pfSense Plus Feature #14131 (New): Add Dynamic DNS Service: DYNU
- Please add Dynamic DNS provider DYNU
https://www.dynu.com/en-US/
It's working now but sometimes won't update an... -
03:10 AM Feature #14130 (New): Add DynDNS Provider - IPv64.net
- I would like to have the German DynDNS provider IPv64.net added. An integration with DynDNS is very easy there via th...
03/19/2023
-
10:52 PM pfSense Plus Bug #14129 (Resolved): Chelsio T520 unable to route past 470Mbps
- Chelsio T520-CR and T420-CR are unable to route speeds over 470mbps when updated to 23.01 code. Goes to full 1gb spee...
-
05:58 PM Bug #14128 (New): Input validation does not prevent limiter bandwidth values that are too large
- There exists a limit to the bandwidth value within Limiters:
https://github.com/pfsense/FreeBSD-src/blob/bd5b6c0d6cc... -
04:33 PM pfSense Packages Regression #14024: PHP error in HAProxy Widget with Show Client Traffic enabled
- I have the same issue but only affecting one of my deployments. As a workaround you can disable the haproxy service t...
-
04:01 PM pfSense Plus Bug #12974 (Closed): Typing anything into 1100/2100 recovery installer causes process to stop
- This should be closed. Updating to reflect.
-
03:27 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``
- Kris Phillips wrote in #note-29:
> FYI it appears this issue has spread in 23.01 to the igc driver as well. After u... -
02:13 PM Bug #14127 (New): Captive Portal - LDAP server with special characters in description fails to authenticate in
- When you have an LDAP configured that has commas (and likely other special characters) two things fail:
1) Selecti... -
11:25 AM pfSense Packages Feature #14126 (New): Quality monitoring graph scale adjustment
- If possible, it would be nice if the scale of the packet loss side of the onitoring graph was not the same as the lat...
-
02:33 AM pfSense Plus Feature #14125 (New): Add Cateogory field to Available Packages Tab like Installed Packages Tab
- Under the Installed Packages the header fields have the following listed at the top Name Category Version Description...
03/18/2023
-
10:22 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``
- FYI it appears this issue has spread in 23.01 to the igc driver as well. After upgrading to 23.01 on a Netgate 4100,...
-
09:37 PM Bug #14124: Some blank SAN fields are not ignored when creating a certificate
- I just realized that if I just enter the type of IP address and value of 10.0.0.2 and not click add, just save then 1...
-
09:33 PM Bug #14124: Some blank SAN fields are not ignored when creating a certificate
- Kris, this is an interesting comment and you are quite true. If I delete the second blank entry in my screen shot th...
-
09:12 PM Bug #14124: Some blank SAN fields are not ignored when creating a certificate
- This doesn't appear to be a bug. You have a FQDN or Hostname entry added as an Alternative Name, but nothing defined...
-
04:07 PM Bug #14124 (Resolved): Some blank SAN fields are not ignored when creating a certificate
- If I add a alternate name
!clipboard-202303181705-cigpe.png!
and click save, I get this error:
!clipboard-20230318... -
09:36 PM pfSense Packages Bug #13985: Telegraf error After Update PFSense to 23.01
- Unable to replicate in pfSense CE 2.7. Possible it's just an issue on Plus for some reason.
-
09:30 PM pfSense Packages Bug #14116: Squid Error went I press SAVE button.
- Hello,
What settings do you have enabled and what page were you on that you clicked save to cause this issue? I'v... -
08:02 PM pfSense Plus Bug #14074: Cannot edit or delete ZFS Boot Environment with a name containing only numbers
- i installed the patch.
it renamed the two broken boot environments with the name i originally gave them, swapping ... -
04:57 PM pfSense Plus Bug #14074: Cannot edit or delete ZFS Boot Environment with a name containing only numbers
- The patch works well. I'm not hitting any of the problems I encountered previously. *It only applies to the currently...
-
01:57 PM pfSense Plus Bug #14074 (Pull Request Review): Cannot edit or delete ZFS Boot Environment with a name containing only numbers
- https://gitlab.netgate.com/pfSense/factory/-/merge_requests/94
-
01:01 PM pfSense Plus Bug #14074 (Confirmed): Cannot edit or delete ZFS Boot Environment with a name containing only numbers
- I was able to reproduce this by cloning the default environment, naming it 20230318 (today's date), no description. C...
-
06:29 PM Bug #14115: DHCP Server page does not properly select a default interface tab if neither WAN nor LAN are capable of being DHCP servers
this state occurs with previous versions too.
click on the tab of opt interface and you will be able to configur...
03/17/2023
-
09:21 PM Bug #13655: DNS Forwarder (``dnsmasq``) is using an invalid combination of options when "Query DNS servers sequentially" is enabled
- Just to update this: This issue is being addressed in upstream dnsmasq now in order to disallow this invalid and misl...
-
06:26 PM pfSense Docs Correction #14123 (Closed): DNS Rebinding pfsense documentation
- DNS protection documentation here: <https://docs.netgate.com/pfsense/en/latest/services/dns/rebinding.html#dns-protec...
-
06:16 PM pfSense Plus Bug #13967 (Feedback): aarch64 23.01 upgrade can fail to write the bootloader
- Fix has been released to the world this week.
-
06:15 PM Bug #14046 (Rejected): bsdinstall based installs are missing EFISYS DOS label on efi partition
- There are many reasons the EFISYS label is missing. pfSense-upgrade has also been modified to restore this FAT label ...
-
03:35 PM Revision 5c4a6ada: Improve alias sorting (again). Issue #14015
- asort does not handle natural case-insensitive sorting of
multi-dimensional arrays properly, so it needs a custom sor... -
02:57 PM Bug #14007 (Resolved): Using PF reserved keywords for interface descriptions results in an invalid ruleset
-
01:18 PM Bug #14007: Using PF reserved keywords for interface descriptions results in an invalid ruleset
- patch fixes the issue, prohibiting the reserved pf keywords from being configured as interface names
Tested on:
Ver... -
02:53 PM Feature #14122 (New): Allow selecting the repo branch on config restore
- Currently the config restore code always defaults the update repo branch to current stable. The branch set in the con...
-
12:14 PM Feature #12070: Support for VLAN ``0``
- Steve Wheeler wrote in #note-15:
> This specific feature request was opened to handle vlan0 for ISPs other than AT&T... -
10:33 AM Feature #12070: Support for VLAN ``0``
- This specific feature request was opened to handle vlan0 for ISPs other than AT&T.
It is marked resolved because t... -
10:02 AM Feature #12070: Support for VLAN ``0``
- EDIT: thanks for the update Steve
I noticed the fix was implemented at the dhclient level which is good but the or... -
10:02 AM Feature #12070: Support for VLAN ``0``
- Steve Wheeler wrote in #note-12:
> For clarification this issue is marked resolved because pfSense can now accept pr... -
09:28 AM Feature #12070: Support for VLAN ``0``
- For clarification this issue is marked resolved because pfSense can now accept priority tagged dhcp replies (vlan0). ...
-
11:41 AM Bug #14092 (Ready To Test): Kernel panic when PF passes a large/fragmented ICMP6 packet
- Snapshots as of today have the relevant fix included.
-
11:03 AM Regression #14015: Alias list is not sorted
- Also of note: I added another patch to the system patches package which applies on top of the previous patch (@4342d1...
-
11:00 AM Regression #14015 (Feedback): Alias list is not sorted
- Should be fixed by commit:5c4a6ada1867a7d6ec13461680d8309d154c90b1 seems to be OK in various tests I've done.
Beca... -
09:27 AM Regression #14015: Alias list is not sorted
- This was also broken again by commit:29cd08ea0da6246ad416e33b3788c05c0b0a5172 during a rector pass. It was changed ba...
-
06:35 AM Regression #14015: Alias list is not sorted
- Danilo Zrenjanin wrote in #note-3:
> I couldn't reproduce the issue on the:
> I made an extensive list of aliases t... -
03:19 AM Regression #14015: Alias list is not sorted
- I couldn't reproduce the issue on the:...
-
10:33 AM Feature #14121 (Duplicate): Add ability to batch import IPs into an *existing* alias
- Firewall > Aliases > IP already has an "Import" button that allows creating a *new* alias by pasting a long list of I...
-
10:15 AM Bug #14117 (Resolved): PHP Error on ``status_interfaces.php`` from PPP interface uptime
- Tested on the:...
-
06:17 AM Regression #13962 (Resolved): PPP interfaces do not request DNS servers when "DNS Server Override" is enabled
- Tested against:...
03/16/2023
-
11:25 PM Regression #13983 (Resolved): Multiple PHP errors in the DHCP Server when the configuration contains an empty section for an interface
- Tested on...
-
10:21 PM Regression #14076 (Resolved): PHP error if the configuration has an empty Auto Configuration Backup section
- Tested on...
-
09:05 PM Regression #14015 (In Progress): Alias list is not sorted
- Looks like there may be an issue if aliases are not sorted in the config, the ID in the list may not match the ID in ...
-
07:59 PM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
- Prime BDE wrote in #note-28:
> Nunya Business wrote in #note-27:
> > This problem has returned with the current ver... -
05:17 PM Regression #14120 (Resolved): ``syslogd`` tries to bind interfaces with no IP address
- In 23.01 syslogd will try to bind to an interface that has no IP resulting in the service failing to start.
This i... -
05:16 PM Revision 1792ffdb: ppp-linkup: Keep routerv6 address scope
- Original code was removing address scope from v6 router and because of
that, system always use default gateway to con... -
02:07 PM Feature #14119: Correct or fully implement, in Captive Portal authentication routines, the Tunnel attributes related to the freeRadius VLAN ID setting
- If freeRadius was correctly parsing the attributes sent in the accounting communication to freeRadius, the following ...
-
01:09 PM Feature #14119: Correct or fully implement, in Captive Portal authentication routines, the Tunnel attributes related to the freeRadius VLAN ID setting
- WRT ##14093's rejection,
"The solution here is to set each portal to use the RADIUS server in a different way, eith... -
11:10 AM Feature #14119 (New): Correct or fully implement, in Captive Portal authentication routines, the Tunnel attributes related to the freeRadius VLAN ID setting
- This may be either a bug or the completion of a partially implemented feature to support freeRadius users.
The cap... -
01:40 PM Revision ae1bda66: composer update
-
01:12 PM Revision cf2a2f82: Add safety belts to PPP historical uptime calculation. Fixes #14117
-
12:25 PM Bug #13939 (Feedback): IPv6 does not work on secondary PPPoE WAN
- Applied in changeset commit:1792ffdb859a5cb40c11360c30989ccc3b7a9271.
-
09:19 AM Bug #13939: IPv6 does not work on secondary PPPoE WAN
- Reid Linnemann wrote in #note-2:
> It actually looks like this was written from the get-go to omit the scope, which ... -
10:32 AM Todo #6727: Missing file apple-touch-icon-precomposed.png ?
- I'm on v2.6.0 CE and I just got this error myself. Interesting. Seems like it would be an easy fix.
-
10:23 AM Bug #14118 (New): freeRadius "Amount of Time" setting is not accurately tracked for Stop/Start settings in Caaptive Portal
- Re: tested on 23.01 plus mid Feb release: Correct time accounting error in captiveportal.inc Stop/Start routines for...
-
08:20 AM Bug #14117 (Feedback): PHP Error on ``status_interfaces.php`` from PPP interface uptime
- Applied in changeset commit:cf2a2f82c2aa551b26a6d9606d5e6da1e760ff6b.
-
08:00 AM Bug #14117 (Resolved): PHP Error on ``status_interfaces.php`` from PPP interface uptime
- Seems to require the "Uptime Logging" option enabled on a plain PPP type WAN (cell modem style, NOT PPPoE/L2TP/PPTP)
... -
07:10 AM Regression #13943: OpenVPN crashes with Signal 8 with very low fragment size
- For reference, the fix appears to be: https://github.com/OpenVPN/openvpn/commit/b9a9de156bc3ad517bfc6d1042ad0ef0350b638e
-
07:00 AM Regression #13943: OpenVPN crashes with Signal 8 with very low fragment size
- OpenVPN has fixed it in version 2.6.1!
When is it available in pfsense+ 23.01? -
06:33 AM Bug #13860 (Resolved): Typo in Remote IPv4/IPv6 Address help text on ``interfaces_gre_edit.php``
- The patch fixes it.
Tested against:... -
06:29 AM Bug #13953 (Resolved): PHP Error loading Floating rule tab with OpenVPN group rules when there are no OpenVPN instances in the configuration
-
06:29 AM Bug #13953: PHP Error loading Floating rule tab with OpenVPN group rules when there are no OpenVPN instances in the configuration
- Tested the patch on the:...
-
03:29 AM Bug #14034 (Resolved): PHP errors in ``xmlrpc.php`` during configuration synchronization if the target host has an empty XML tag for a given section
-
03:29 AM Bug #14034: PHP errors in ``xmlrpc.php`` during configuration synchronization if the target host has an empty XML tag for a given section
- I tested the patch against:...
-
02:49 AM pfSense Packages Feature #14101: Add Zabbix 6.4 packages
- Should there be any help needed, I happen to be the maintainer of all zabbix ports.
-
01:32 AM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound
- Hi there, I just wanted to say thanks for all the time and work that is going into this fix. It's really a problem w...
-
12:52 AM pfSense Packages Bug #14116: Squid Error went I press SAVE button.
- Crash report begins. Anonymous machine information:
amd64
14.0-CURRENT
FreeBSD 14.0-CURRENT #1 devel-main-n2558... -
12:51 AM pfSense Packages Bug #14116 (Duplicate): Squid Error went I press SAVE button.
- Hello, I have squid+SG on Pfsense 2.7-dev, testing.
I was trying to do a little change and went I press 'SAVE' butto...
03/15/2023
-
03:00 PM Bug #14061: PHP error if a non-privileged shell user attempts an operation which needs to write ``config.cache``
- The only potential possible cause I can see is that both this and #14031 are initially triggered by source:usr/local/...
-
07:37 AM Bug #14061 (New): PHP error if a non-privileged shell user attempts an operation which needs to write ``config.cache``
- Reopening this for some more investigation. There appear to be several people hitting this, but not consistently and ...
-
02:50 PM pfSense Docs Todo #14107: Add troubleshooting steps for LDAP auth
- Note added and deployed:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/022334bebe388fd6edea9ac2418cb0c0944... -
02:40 PM pfSense Plus Feature #14112 (Duplicate): Allow user to trigger license re-sync and/or reset in system_register.php
- We already have an internal issue for this.
-
01:57 PM pfSense Plus Bug #14104: Google LDAP connections still fail even after adding SNI for TLS 1.3
- LDAP client certs are only available on Plus.
-
12:21 PM pfSense Docs Todo #14114 (Closed): Change info about ESXi version which might work with pfSense.
- Updated and deployed:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/57c3e5e2789a84b71a4eb3544f68e7077c87c4fb -
07:43 AM pfSense Docs Todo #14114 (Closed): Change info about ESXi version which might work with pfSense.
- on https://docs.netgate.com/pfsense/en/latest/recipes/virtualize-esxi.html we have
_Article explains how to install ... -
12:16 PM Bug #14115 (Resolved): DHCP Server page does not properly select a default interface tab if neither WAN nor LAN are capable of being DHCP servers
- When both WAN and LAN are set to DHCP, the DHCP server web interface doesn't appropriately select an interface tab.
... -
11:13 AM pfSense Docs Todo #14111 (Closed): Installation pages flash drive too small for 23.01 ARM64 image
- Updated and deployed.
https://gitlab.netgate.com/docs/netgate-docs/-/commit/b45a21365b0faf6bee17141d70b41a216698b964 -
11:00 AM pfSense Docs Todo #14111: Installation pages flash drive too small for 23.01 ARM64 image
- I'll update that doc but do note the documents for the 1100 and 2100 both actually say 8GB already:
https://docs.n... -
09:45 AM pfSense Packages Bug #14113 (Duplicate): PHP Error: /usr/local/pkg/avahi/avahi.inc:76
- Duplicate of #14019
-
02:22 AM pfSense Packages Bug #14113 (Duplicate): PHP Error: /usr/local/pkg/avahi/avahi.inc:76
- Just updated my pfsense box to 23.01 from 22.05. Everything was going smoothly, but on my first login i received a no...
-
12:50 AM Bug #13624: Only one alias in local network of OpenVPN Server works in 2.6.0
- I also discovered this issue in 2.7.0 & 22.x with alias parsing in the all OpenVPN configuration page network fields....
03/14/2023
-
09:34 PM pfSense Docs Todo #14107: Add troubleshooting steps for LDAP auth
- It helped someone on 23.01 after they saw the following from pfSense on a pcap when testing the auth:
> Alert (Level... -
10:52 AM pfSense Docs Todo #14107 (Closed): Add troubleshooting steps for LDAP auth
- That shouldn't be needed on current versions since the LDAP CA setup is different than it was back at the time that s...
-
10:43 AM pfSense Docs Todo #14107 (Closed): Add troubleshooting steps for LDAP auth
- Add the troubleshooting step of restarting php-fpm as detailed here:
https://forum.netgate.com/post/893499
Add to... -
08:44 PM pfSense Plus Feature #14112 (Duplicate): Allow user to trigger license re-sync and/or reset in system_register.php
- There may be a case for adding some buttons in system_register.php that allow the user to 1) Force the existing pfSen...
-
04:50 PM pfSense Docs Todo #14111 (Closed): Installation pages flash drive too small for 23.01 ARM64 image
- The installation media page says 4GB is sufficient for pfSense but the 23.01 ARM64 image is 4 in one and expands to 4...
-
03:43 PM Revision 5f43b9b5: RAM disk size check/options update. Fixes #13508
- * Update RAM disk size/free memory calculations
* Fix up some text in the option labels
* Show current /tmp and /var ... -
02:53 PM Bug #11877 (Resolved): Labels and description disappear in firewall_schedule_edit.php
- There's a quirk with the fix where removing the row with the labels does not re-add the labels until the changes are ...
-
01:42 PM pfSense Packages Bug #14075: Using the ``Transparent ClientIP`` option in HAproxy results in kernel panics
- I have returned ipfw to development snapshots so we can work on replicating and testing there. It is not possible to ...
-
12:02 PM pfSense Docs Todo #14110 (Resolved): Clean up outdated references to "Factory" edition
- Main docs:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/9a0c401f51fa65168905fe798fe4b74475e8e6f9
Platf... -
11:05 AM pfSense Docs Todo #14110 (Resolved): Clean up outdated references to "Factory" edition
- There are a few remaining references in the documentation to the old "Factory" edition ("FE") name that need updated ...
-
11:28 AM Feature #14109: Auto Configuration Backup Key Feature Request
- Thanks for the reply, speaking from experience is all I noticed they are ever changing with each software reload or c...
-
11:09 AM Feature #14109 (Rejected): Auto Configuration Backup Key Feature Request
- The key is not something that should be passed around that freely, it should be treated like a password or similar to...
-
11:04 AM Feature #14109 (Rejected): Auto Configuration Backup Key Feature Request
- Hello fellow pfSense Community,
I wanted to add a feature request for Auto Configuration Backup, there is no setti... -
10:54 AM pfSense Packages Bug #14108 (Rejected): Antivirus Bases showing outdated main.cvd with a version dated year 2021
- Per ClamAV's website:
"ClamAV signatures come in a variety of formats, one for each of the distinct detection method... -
10:50 AM Todo #13508 (Feedback): Uncouple RAM Disk size from available kernel memory
- Applied in changeset commit:5f43b9b527a6a65bd2c70ac231e3fdceff6ab0d3.
-
07:55 AM Todo #13508 (In Progress): Uncouple RAM Disk size from available kernel memory
- Note to self: tmpfs data can get moved to swap under memory pressure, which further extends its potential capacity, s...
-
10:41 AM pfSense Plus Bug #14106 (New): arc4random: WARNING: initial seeding bypassed the cryptographic random device because it was not yet seeded and the knob 'bypass_before_seeding' was enabled.
- 23.01 is now showing this error after a fresh firmware install on a Netgate 2100-MAX system. It will continue to boot...
-
10:24 AM Feature #14105 (New): Ability to set 'block-local' gateway flag in OpenVPN Server Config
- I am setting up my OpenVPN servers so when a client connects all their traffic (except VPN tunnel traffic) goes throu...
-
08:50 AM Todo #14103 (Resolved): Add more disk information to status output
- This is present and working in the latest snapshot.
-
08:08 AM pfSense Plus Regression #13895: Early boot hangs on Hyper-V with Gen2 VMs
- Thanks Chris.
While this doesn't solve your immediate situation, it looks like repro is possible with Windows Serv... -
03:11 AM pfSense Plus Bug #14104 (New): Google LDAP connections still fail even after adding SNI for TLS 1.3
- tested on 23.01 and with IPv6
After fixing https://redmine.pfsense.org/issues/11626 I see that the LDAP client is ... -
02:28 AM Bug #14077: Kernel panic from incoming IPv6 connections
- Sorry, I missed that.
I believe I understand the issue. Briefly put, pf_refragment6() ends up calling ip6_forward(...
03/13/2023
-
11:17 PM Revision d6911589: Add more disk info to status output. Implements #14103
-
10:56 PM Bug #14077: Kernel panic from incoming IPv6 connections
- #14092 is not public, so it's impossible to check what that one is about and what will trigger it.
-
12:23 PM Bug #14077: Kernel panic from incoming IPv6 connections
- This issue isn't related to IPv4 NAT, so your NAT rules will not matter.
See #14092 as well, because this is almos... -
09:17 PM pfSense Plus Regression #13895: Early boot hangs on Hyper-V with Gen2 VMs
- Here is a screenshot of the memmap command on an affect VM. This machine is on Windows Server 2022. The Pfsense VM ...
-
07:03 PM Revision c37e9ab9: Catch case when DHCP WAN comes up late during boot. Fixes #13671
-
06:37 PM Revision 5c75223e: Fix typo. Fixes #13860
-
06:31 PM Revision 6c186dae: Auth log behavior update. Fixes #12464
-
06:25 PM Todo #14103 (Feedback): Add more disk information to status output
- Applied in changeset commit:d691158995f63347d2ad7ab037b7bf3d4fe989bb.
-
06:16 PM Todo #14103 (Resolved): Add more disk information to status output
- The status output could use some more disk information we've been requesting recently:...
-
06:04 PM Revision 4fe6481f: Add knob for console bell (default: enabled). Fixes #14002
-
05:54 PM pfSense Plus Regression #14102 (Resolved): Console menu incorrectly shows option ``99`` on some ARMv7/ARM64 installations
- The console menu is intended to only show menu option 99 'Install to device' if pfSense is not running from eMMC or S...
-
05:27 PM pfSense Packages Feature #14101 (Resolved): Add Zabbix 6.4 packages
- https://www.freshports.org/net-mgmt/zabbix64-agent/
https://www.freshports.org/net-mgmt/zabbix64-proxy/
-
05:11 PM Revision 7ce12dcb: Do not allow an interface to use PF reserved words as its name. Fixes #14007
-
03:58 PM Revision 5f121e6a: Improve floating rule handling of missing VPNs. Fixes #13953
-
03:39 PM Revision 0dbc2d6a: GW Edit: Handle missing OpenVPN/IPsec entries better. Fixes #13973
-
03:02 PM Revision 9bfd8974: Improve handling of XMLRPC sync of empty sections. Fixes #14034
-
02:10 PM Bug #13671 (Feedback): DHCP client can fail permanently if an interface is down at boot
- Applied in changeset commit:c37e9ab908cffe20227cc8c88ae5463b5562a397.
-
02:03 PM Bug #13671 (In Progress): DHCP client can fail permanently if an interface is down at boot
- I was able to reproduce this in a VM finally. The key is to boot with the interface detected and then reconnect it ju...
-
01:45 PM Bug #13860 (Feedback): Typo in Remote IPv4/IPv6 Address help text on ``interfaces_gre_edit.php``
- Applied in changeset commit:5c75223e38c6c3ba1b67f9ab24b9f7ea34bde0f8.
-
01:38 PM Bug #13860 (In Progress): Typo in Remote IPv4/IPv6 Address help text on ``interfaces_gre_edit.php``
-
01:40 PM Feature #12464 (Feedback): Option to control log level of authentication messages in system logs ("Emergency" vs "Notice" level)
- Applied in changeset commit:6c186dae17fe41851c2ee3bb72852178596f2652.
-
01:30 PM Feature #12464 (In Progress): Option to control log level of authentication messages in system logs ("Emergency" vs "Notice" level)
- Now that the console bell behavior is split off from this (See #14002) I think what we should do here is just keep th...
-
01:29 PM Revision f884cc20: filter: correctly disable fragment reassembly
-
01:15 PM Feature #14002 (Feedback): Option to enable/disable console bell, enabled by default
- Applied in changeset commit:4fe6481fa35f31b93ed5841c3342cbb5bd76237c.
-
01:04 PM Feature #14002 (In Progress): Option to enable/disable console bell, enabled by default
- The more I look at this the less it's tied to the login messages since it's a general console bell setting. I've got ...
-
01:10 PM pfSense Plus Regression #13824: CPU/Crypto Detection for the 3100 is not functioning properly
- Bill McGonigle wrote in #note-4:
> Is the patch world-readable anywhere? I have affected hardware and the System Pa... -
01:08 PM pfSense Plus Regression #13824: CPU/Crypto Detection for the 3100 is not functioning properly
- Is the patch world-readable anywhere? I have affected hardware and the System Patches feature can't resolve this com...
-
12:22 PM Bug #14092 (In Progress): Kernel panic when PF passes a large/fragmented ICMP6 packet
- I believe I understand the issue. Briefly put, pf_refragment6() ends up calling ip6_forward() for traffic in the outp...
-
12:20 PM Bug #14007 (Feedback): Using PF reserved keywords for interface descriptions results in an invalid ruleset
- Applied in changeset commit:7ce12dcb36c73d6526dd46ef6b790d189be25a40.
-
12:09 PM Bug #14007 (In Progress): Using PF reserved keywords for interface descriptions results in an invalid ruleset
- The fix for #14057 likely also solved this as a byproduct but we should still reject these names just in case.
I c... -
11:05 AM Bug #13953 (Feedback): PHP Error loading Floating rule tab with OpenVPN group rules when there are no OpenVPN instances in the configuration
- Applied in changeset commit:5f121e6a11df8f640f01d27795afeaefb55c50d6.
-
10:50 AM Bug #13973 (Feedback): PHP error in ``gwlb.inc`` when OpenVPN or IPsec instances referred to by assigned interface entries are missing
- Applied in changeset commit:0dbc2d6a7679e85d69bae85ec57d90674e393ea8.
-
10:43 AM Bug #13973: PHP error in ``gwlb.inc`` when OpenVPN or IPsec instances referred to by assigned interface entries are missing
- There is already a check which prevents deleting an assigned VPN instance, so it's not clear how this situation may h...
-
10:29 AM Bug #13973 (In Progress): PHP error in ``gwlb.inc`` when OpenVPN or IPsec instances referred to by assigned interface entries are missing
-
10:50 AM Bug #13003: Malicious Driver Detection event on ``ixl(4)`` driver
- Today we have had a crash with the "Malicious Driver Detection" event at 10:00:26 Colombia time:
Mar 13 10:00:26 ker... -
10:10 AM Bug #14034 (Feedback): PHP errors in ``xmlrpc.php`` during configuration synchronization if the target host has an empty XML tag for a given section
- Applied in changeset commit:9bfd89747eba77091ab6e2df5639a33a185342f8.
-
09:43 AM pfSense Packages Feature #14100 (New): Use interface groups as an Alias for IP Interface/Rules Configuration
- Hi
I understand that there is an order in how firewall rules are used but my suggestion is not for altering that.
... -
09:28 AM pfSense Plus Regression #14099 (Duplicate): snmpd SIOCGIFDESCR (e6000sw0port1): Device not configured
- Duplicate of #13976
-
09:26 AM pfSense Plus Regression #14099 (Duplicate): snmpd SIOCGIFDESCR (e6000sw0port1): Device not configured
- See bug #8600
-
09:18 AM pfSense Plus Bug #8600: "snmpd SIOCGIFDESCR (e6000sw0port1): Device not configured"
- This bug seems to have popped up again on my SG-3100 after upgrading to 23.01.
-
09:09 AM Feature #8794: NTP authentication support
- I can confirm this issue still occurs in version 23
-
09:05 AM pfSense Packages Regression #13978: PHP errors with squidGuard
- Also:...
-
08:40 AM Todo #14098 (Resolved): Match upstream changes in PF syntax to disable fragment disassembly
- PF enables fragment disassembly by default now, so to disable it the directive must explicitly be @fragment no reasse...
-
07:38 AM Bug #13938 (Resolved): Kernel panic accessing the GUI over IPsec in certain environments when using nginx ``sendfile`` with unmapped mbufs
- @sendfile@ is @off@ in all @nginx@ configurations now, for the GUI and Captive Portal.
03/12/2023
-
04:02 PM pfSense Packages Bug #13043: OSPF over Wireguard interface doesn't populate neighbors after reboot
- Hi,
just wanted to confirm. I can reproduce this issue on all of my installations so far. Mostly PFsense CE 2.6.0 ... -
03:29 PM Bug #11877 (Feedback): Labels and description disappear in firewall_schedule_edit.php
- Right. The fix is in snapshots.
-
02:28 PM Bug #13938: Kernel panic accessing the GUI over IPsec in certain environments when using nginx ``sendfile`` with unmapped mbufs
- We will now disable sendfile mode. Sendfile has little to no benefit for us on pfSense.
This feature of nginx has ... -
01:05 PM Bug #14077: Kernel panic from incoming IPv6 connections
- Thank you for the information.
I got an unexpected crash but I forgot that I have another NAT rule (the 443 NAT rule... -
10:33 AM Bug #13325 (Confirmed): System Information widget breaks with multiple instances
-
09:09 AM pfSense Packages Regression #14097 (Duplicate): Upgrade to 23.01: PHP Fatal error: Uncaught TypeError: Unsupported operand types: string / int in /etc/inc/util.inc
- Duplicate of #14024
-
01:28 AM pfSense Packages Regression #14097 (Duplicate): Upgrade to 23.01: PHP Fatal error: Uncaught TypeError: Unsupported operand types: string / int in /etc/inc/util.inc
- After the upgrade to version 23.01-RELEASE I right away got a message from the Crash reporter:...
-
04:57 AM Bug #13729: Gateways stuck in Unknown status
- Same issue, restarting dpinger service resolved the issue. I have dpinger in service watchdog service do it should no...
-
01:55 AM Revision 37c29e4d: Disable nginx sendfile mode, Fixes #13938
03/11/2023
-
09:37 PM pfSense Plus Feature #13786: ldap intergration for firewall rules
- Mike Moore wrote in #note-4:
> So there is no way in the future to create a LAN rule stating
> Src: AD/mmoore
> Ds... -
09:29 PM pfSense Plus Feature #14017: Ability to remove all packages before upgardes with saved configuration
- There is already an option to reinstall packages from Diagnostics --> Backup and Restore. It would be beneficial for...
-
09:25 PM pfSense Plus Regression #14080: Installer fails to install to a geom mirror
- Typically right now we also have issues with the installer converting from gmirror to ZFS. Haven't tested since 22.0...
-
09:06 PM Bug #14060: Auto Config Backup prints a confusing decryption error when using the wrong key
- that looks better, when I do the same thing I get the following now with that patch applied to 23.01
__
The followi... -
08:05 PM Bug #13938 (Feedback): Kernel panic accessing the GUI over IPsec in certain environments when using nginx ``sendfile`` with unmapped mbufs
- Applied in changeset commit:37c29e4de148a14480c01c8fa179e9b630bb0fb4.
-
07:44 PM Bug #14089 (Duplicate): System information widget bars operate incorrectly when widget is "split"
- Duplicate of #13325
-
03:34 PM pfSense Packages Bug #14096 (Resolved): Status_Traffic_Totals does not work on snapshots due to sqlite change
- It looks like a recent change in sqlite broke vnstat which leads to Status_Traffic_Totals not working:
https://for... -
02:05 PM pfSense Packages Bug #14094: HAProxy "Write to Disk" files not being saved
- Christopher Cope wrote in #note-2:
> The files are not wrote unless HAProxy is enabled, and the backend / frontend a... -
01:39 PM pfSense Packages Bug #14094 (Not a Bug): HAProxy "Write to Disk" files not being saved
- Ryan V wrote:
> pfSense v2.6.0, HAProxy package v0.61_7.
>
> I am trying to save a map file via the Files tab in ... -
12:34 PM pfSense Packages Bug #14094: HAProxy "Write to Disk" files not being saved
- Replying to add that nothing helpful is showing in the logs found in Status > System Logs:...
-
12:31 PM pfSense Packages Bug #14094 (Not a Bug): HAProxy "Write to Disk" files not being saved
- pfSense v2.6.0, HAProxy package v0.61_7.
I am trying to save a map file via the Files tab in the HAProxy GUI. I ad... -
01:57 PM Bug #14077: Kernel panic from incoming IPv6 connections
- This looks similar to another crash we have been able to reproduce, and we're still working on a fix. I suspect it's ...
-
01:41 PM Bug #14077: Kernel panic from incoming IPv6 connections
- Hi.
I have rebuild the configuration and I may have some useful information.
First of all, some information on ... -
01:54 PM Bug #13003: Malicious Driver Detection event on ``ixl(4)`` driver
- Good afternoon.
We have tried updating the driver, disabling TSO, increasing queues, changing the interface... Wit... -
01:10 PM Bug #14095: Removing an interface group does not remove rules for the interface group
- This isn't an alias problem, the alias code is doing what it should and preventing you from removing an item that's i...
-
01:02 PM Bug #14095 (New): Removing an interface group does not remove rules for the interface group
- If an Alias was used in a rule on an Interface Group, after removing the interface group, you won't be able to delete...
-
12:30 PM pfSense Plus Bug #13981 (Resolved): PHP Error on ``status_interfaces.php`` with empty switch VLAN group configuration and assigned VLAN interfaces
- Replicated the issue on SG-2100....
-
09:08 AM pfSense Packages Bug #14088 (Resolved): pfsense 2.7-dev pfSense-pkg-snort installation failed!
-
01:03 AM pfSense Packages Bug #14088: pfsense 2.7-dev pfSense-pkg-snort installation failed!
- Yes, now I could install snort, thanks!!!
-
09:08 AM Bug #11877 (New): Labels and description disappear in firewall_schedule_edit.php
-
12:13 AM Bug #11877: Labels and description disappear in firewall_schedule_edit.php
- Tested on 23.01, It still disappears descriptions and labels.
03/10/2023
-
05:09 PM Revision 5efa3d45: Improve error handling in ACB. Fixes #14060
- It wasn't printing a helpful message when it failed to decrypt a
configuration (e.g. using the wrong key). -
04:51 PM Revision 404efa21: Resolve various PHP8 issues in ACB. Fixes #14076
-
03:28 PM Revision 94e26e56: Fix labels and description dissapear in firewall_schedule_edit.php, #11877
- 03:16 PM Revision a478307d: Start sshd after hosts and interfaces
-
03:05 PM Revision 29cd08ea: Aliases config access refactor by brd
-
02:19 PM Feature #14093 (Rejected): Captive Portal permits user to authenticate / log into wrong vlan ID selected in freeRadius
- The solution here is to set each portal to use the RADIUS server in a different way, either with a different NAS Iden...
-
01:38 PM Feature #14093 (Rejected): Captive Portal permits user to authenticate / log into wrong vlan ID selected in freeRadius
- When two or more separate Captive Portals use freeRadius for authentication and a user in freeRadius exists with a VL...
-
02:15 PM Bug #13851 (Resolved): DNS Resolver does not generate automatic ACLs for IPv6 when Network Interfaces is set to "All"
-
01:01 PM Bug #13851: DNS Resolver does not generate automatic ACLs for IPv6 when Network Interfaces is set to "All"
- Tested on:
Version 23.01-RELEASE (amd64)
built on Fri Feb 10 20:06:33 UTC 2023
FreeBSD 14.0-CURRENT
patch suc... -
12:55 PM Feature #13844: Make RADIUS Start/Stop accounting immediately log off a user that exceeds quota when reauthentication is disabled
- I considered a separate redmine but this issue must be resolved simultaneous with this redmine as simply removing the...
-
12:21 PM Bug #14092: Kernel panic when PF passes a large/fragmented ICMP6 packet
- The backtrace here looks the same as on #14077, they may be the same.
-
08:35 AM Bug #14092 (Resolved): Kernel panic when PF passes a large/fragmented ICMP6 packet
- With pf enabled and a rule to pass IPv6 ICMP, the kernel may panic when receiving and passing a large ICMP6 packet:
... -
12:21 PM pfSense Packages Bug #14075: Using the ``Transparent ClientIP`` option in HAproxy results in kernel panics
- This is likely a bug in ipfw, which was included in 23.01. 23.05 does not contain the ipfw kernel module.
23.01:
... -
11:15 AM Bug #14060 (Feedback): Auto Config Backup prints a confusing decryption error when using the wrong key
- Applied in changeset pfsense:commit:5efa3d459f07382c8ab9d487775f07cb1114e212.
-
11:08 AM Bug #14060 (In Progress): Auto Config Backup prints a confusing decryption error when using the wrong key
- It just can't decrypt the config because it isn't using the right encryption key. If you set the correct key then you...
-
11:00 AM Regression #14076 (Feedback): PHP error if the configuration has an empty Auto Configuration Backup section
- Applied in changeset commit:404efa211294c85fa497b756d494d41f1b0f658d.
-
10:50 AM Regression #14076: PHP error if the configuration has an empty Auto Configuration Backup section
- This one can also happen with the empty settings tag:...
-
10:47 AM Regression #14076 (In Progress): PHP error if the configuration has an empty Auto Configuration Backup section
-
10:29 AM pfSense Plus Bug #14068 (Closed): Importing Chained Cert Data into the System --> Cert Manager --> Certificates Breaks Authentication
- Kris Phillips wrote in #note-2:
> The message of "Unknown CA" is what pfSense is sending to the remote host. This w... -
10:16 AM pfSense Plus Bug #14068: Importing Chained Cert Data into the System --> Cert Manager --> Certificates Breaks Authentication
- Jim Pingle wrote in #note-1:
> Allowing multiple CAs in a single entry was always a hackish workaround for things th... -
09:29 AM Bug #11877: Labels and description disappear in firewall_schedule_edit.php
- Reapplied the patch. I was unable to rebase in GitLab.
Feedback now appreciated. -
09:26 AM Bug #11877 (Feedback): Labels and description disappear in firewall_schedule_edit.php
-
08:44 AM pfSense Packages Bug #14088: pfsense 2.7-dev pfSense-pkg-snort installation failed!
- I checked the Suricata port and it still uses luajit:luajit-openresty. Both work now.
-
07:00 AM pfSense Packages Bug #14088: pfsense 2.7-dev pfSense-pkg-snort installation failed!
- Christian McDonald wrote in #note-3:
> Thanks Bill for the history, that was helpful.
>
> I set the luajit-openre... -
08:07 AM Bug #14035: PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded
- My configuration also has @<gifs></gifs>@ and I can create a new GIF OK. I still can't find a way to reproduce this r...
-
07:25 AM Regression #14091 (Confirmed): The "Kill States" button does not work consistently
- It doesn't seem to be about the destination, it works sometimes and not others.
I tried a few different states and... -
03:49 AM Regression #14091 (Resolved): The "Kill States" button does not work consistently
- Steps to reproduce
1)go to Dignostics=>States
2)Use the Filter expression field to filter using some known destinat... -
04:18 AM Bug #14034: PHP errors in ``xmlrpc.php`` during configuration synchronization if the target host has an empty XML tag for a given section
- If no VIP is defined on the primary, after any XMLRPC action, it will create an empty <virtualip></virtualip> tag on ...
03/09/2023
-
09:17 PM pfSense Packages Bug #14088 (Feedback): pfsense 2.7-dev pfSense-pkg-snort installation failed!
- Thanks Bill for the history, that was helpful.
Honestly one of these days I need to audit the port options that we h... -
07:54 PM pfSense Packages Bug #14088: pfsense 2.7-dev pfSense-pkg-snort installation failed!
- Christian McDonald wrote in #note-1:
> This also impacts 23.05 snapshots.
>
> We currently build nginx with LUA supp... -
04:43 PM pfSense Packages Bug #14088: pfsense 2.7-dev pfSense-pkg-snort installation failed!
- This also impacts 23.05 snapshots.
We currently build nginx with LUA support (which we don't use). Snort also depend... -
11:49 AM pfSense Packages Bug #14088 (Resolved): pfsense 2.7-dev pfSense-pkg-snort installation failed!
- Hello.
I want to test snort on pfsense 2.7-dev latest version
But I receive this error:
>>> Installing pfSen... -
05:55 PM Bug #14077: Kernel panic from incoming IPv6 connections
- Bruno Dambrine wrote in #note-2:
> I have reinstalled the 6100 with the 23.01 to make sure that the issue is not lin... -
05:42 PM Bug #13325: System Information widget breaks with multiple instances
- Just following up on this as this is STILL and ALSO occurring on the latest pfSense+ version 23.01.
-
02:45 PM pfSense Plus Bug #14090 (New): Significant State Creation Causes LACP, BGP, and Possibly Other Components to Temporarily Fail
- When testing with a customer, when a remote host has a large number of new states being created, then transitioning t...
-
12:34 PM Bug #14089 (Duplicate): System information widget bars operate incorrectly when widget is "split"
- System information widget fields:
State table size
MBUF Usage
Temperature
Load average
CPU usage
Memory usage... -
12:33 PM pfSense Docs Correction #14084 (Resolved): Feedback on Virtual Private Networks — OpenVPN — OpenVPN Configuration Options — Client Specific Overrides
- I pushed a correction for this, it will be live in ~10-15 minutes when the build finishes.
-
11:16 AM pfSense Docs Correction #14084: Feedback on Virtual Private Networks — OpenVPN — OpenVPN Configuration Options — Client Specific Overrides
- It's actually working as it should in that case, but you are right the docs could use some clarity on that.
Withou... -
05:46 AM pfSense Docs Correction #14084 (Resolved): Feedback on Virtual Private Networks — OpenVPN — OpenVPN Configuration Options — Client Specific Overrides
- *Page:* https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/configure-overrides.html
Using:... -
11:06 AM Bug #14087 (Duplicate): Adding CARP: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/www/xmlrpc.php:399
- Duplicate of #14034
-
10:44 AM Bug #14087 (Duplicate): Adding CARP: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/www/xmlrpc.php:399
- When I add a (my first) Virtual IP (CARP) I get an error on the secondary:...
-
10:57 AM pfSense Packages Regression #14043 (Feedback): Netgate Firmware Upgrade fails to mount EFISYS
- Fixed in plus as of 67fef1ab045a. /mnt and /boot/efi are both unmounted prior to mounting the ESP at /mnt.
-
07:35 AM Regression #14086 (Resolved): Current snapshot builds missing most kernel modules that were on previous builds/releases
- At some point between March 1 and March 8 dev snapshot builds of CE 2.7.0 the kernel package lost 90% of its modules....
-
07:02 AM pfSense Plus Bug #14085 (New): QAT not working / same speed as AES-NI with CPIC-8955!
- My post on the netgate forum, still no unanswer:
https://forum.netgate.com/topic/175096/ipsec-with-qat-low-performan... -
06:30 AM Bug #14070: STUN or Override WAN address in UPnP breaks working port forwarding if WAN IP is Private IP
- Simplified testing:
*Scenario 1.*
Upstream router gives pfsense a *Private IP in DMZ* on WAN.
UPnP settings in pfse...
03/08/2023
-
06:57 PM pfSense Plus Regression #13895: Early boot hangs on Hyper-V with Gen2 VMs
- I can't repro it in Win-11 Hyper-V. 4GB, ZFS, 3 NICs, ISO still attached.
In the loader prompt (option 3), can you... -
01:53 PM Bug #14070: STUN or Override WAN address in UPnP breaks working port forwarding if WAN IP is Private IP
- Here's the "same" testing with some more details:
Testing is done in two difference scenarios, where the first has p... -
01:09 PM Bug #14083 (Resolved): Adding MSS and MTU values on a LAGG VLAN interface breaks connectivity
- Steps to reproduce:
# Under Interfaces/WAN, define MTU 1480 and MSS 1440. Save and Apply the changes.
# Reboot th... -
10:16 AM pfSense Docs Todo #14082 (Closed): Feedback on Network Address Translation — Port Forwards
- That definitely is wrong as-is, it should be:...
-
09:05 AM pfSense Docs Todo #14082 (Closed): Feedback on Network Address Translation — Port Forwards
- *Page:* https://docs.netgate.com/pfsense/en/latest/nat/port-forwards.html#adding-port-forwards
*Feedback:*
The bu... -
07:54 AM pfSense Plus Regression #14080: Installer fails to install to a geom mirror
- Reid Linnemann wrote in #note-2:
> Do we want to cut the cord on UFS and just be done with it?
UFS is OK and not ... -
07:34 AM Regression #14072: No working IPv6 gateway if upstream RA does not contain M or O flags because rtsold does not execute script
- Ricardo Mendes wrote in #note-3:
> Since the current behaviour introduced by the update is what we'd consider to be ... -
05:06 AM Regression #14072: No working IPv6 gateway if upstream RA does not contain M or O flags because rtsold does not execute script
- Hi there,
I initially posted about this issue on the forums and would like to leave a suggestion here;
Since th... -
07:06 AM pfSense Packages Feature #14081 (New): Nagios
- Hello,
I have a problem with the netgate in version 23.01 for Nagio monitoring.
After researching the problem of... -
01:43 AM Bug #13003: Malicious Driver Detection event on ``ixl(4)`` driver
- Good afternoon.
We have the same problem with our 1541.
We are in version 23.01.
The problem is that sometimes the...
03/07/2023
-
11:02 PM pfSense Plus Regression #14080: Installer fails to install to a geom mirror
- Do we want to cut the cord on UFS and just be done with it?
-
07:44 PM pfSense Plus Regression #14080: Installer fails to install to a geom mirror
- You can get past that point by manually setting the UFS slice on the mirror to mount at @/@ though it still fails eve...
-
06:12 PM pfSense Plus Regression #14080 (New): Installer fails to install to a geom mirror
- The 23.01 installer fails to create the expected mount points when trying to reinstall UFS to an existing gmirror.
... -
03:28 PM Bug #14045: ``pfSense-boot`` can fail to copy the EFI bootloader
- Merged to plus with merge commit 70bd508078
-
12:21 PM pfSense Plus Bug #14074: Cannot edit or delete ZFS Boot Environment with a name containing only numbers
- more experimentation
if i create a new environment with the same name as the old damaged ones (now 0 or 1) it create... -
12:10 PM Bug #14077: Kernel panic from incoming IPv6 connections
- I have reinstalled the 6100 with the 23.01 to make sure that the issue is not linked to the upgrade.
I got the same ... -
10:43 AM Regression #14072: No working IPv6 gateway if upstream RA does not contain M or O flags because rtsold does not execute script
- Louis B wrote in #note-1:
> I also think the RA behavoir is not OK! See my form post https://forum.netgate.com/topic... -
09:41 AM Regression #14072: No working IPv6 gateway if upstream RA does not contain M or O flags because rtsold does not execute script
- I also think the RA behavoir is not OK! See my form post https://forum.netgate.com/topic/178423/some-doubts-about-rou...
-
08:51 AM pfSense Packages Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
- Nunya Business wrote in #note-27:
> This problem has returned with the current version of the Wireguard package, 1.1...
03/06/2023
-
09:44 PM Revision 8b8f94c7: Safely update efi loader from pfSense-boot. Fixes #14045
- Alter pfSense-boot +INSTALL script to safely update the efi loader from
/boot/loader.efi. The update is now done with... -
04:39 PM Bug #14045: ``pfSense-boot`` can fail to copy the EFI bootloader
- Merge to plus is still pending before this can be closed.
-
04:30 PM Bug #14045 (Feedback): ``pfSense-boot`` can fail to copy the EFI bootloader
- Applied in changeset commit:8b8f94c7e10d9bc64d267eb8fb6f4280f13d3ab9.
-
04:33 PM pfSense Plus Bug #13967: aarch64 23.01 upgrade can fail to write the bootloader
- Fix for this is introduced into pfSense-updgrade at revision 2c4bf3c in plus packages only at this time. pfSense-upgr...
-
04:32 PM Bug #14035: PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded
- We actually have the full config this is hitting this in Nextcloud.
The gif section is empty:... -
12:10 PM Bug #14035: PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded
- Jay Maynard wrote in #note-3:
> What information can I supply?
See my comment in #note-1 above. -
11:34 AM Bug #14035: PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded
- What information can I supply?
-
03:46 PM pfSense Plus Bug #14074: Cannot edit or delete ZFS Boot Environment with a name containing only numbers
- did some more trials, and found if i just use the date as 20230306 it does it.
named it 20230306, the other day i na... -
09:38 AM pfSense Plus Bug #14074: Cannot edit or delete ZFS Boot Environment with a name containing only numbers
- to get the initial issue;
what i did; i didnt read the limitation of what characters could be used, and used a "-"... -
07:17 AM pfSense Plus Bug #14074 (Feedback): Cannot edit or delete ZFS Boot Environment with a name containing only numbers
- There must be some additional steps needed to replicate the problem. I tried a 23.01 system here and I could create a...
-
02:53 AM pfSense Plus Bug #14074: Cannot edit or delete ZFS Boot Environment with a name containing only numbers
- now that it has this new boot environment '0' if i try to edit it, it makes a new boot environment. Each time.
ho... -
03:09 PM Revision d24242c7: Handle IPsec P1 w/o valid proposals better. Fixes #14009
-
02:49 PM pfSense Docs Todo #14023 (Closed): Feedback on Releases — 23.01 New Features and Changes
- I pushed updates to this section today which include updates for this text. They should appear when the build finishe...
-
02:36 PM Bug #14009 (Resolved): PHP error from upgraded IPsec tunnel containing only deprecated ciphers
- That fixed it. I am marking this ticket resolved.
-
09:20 AM Bug #14009 (Feedback): PHP error from upgraded IPsec tunnel containing only deprecated ciphers
- Applied in changeset commit:d24242c77ae420b9df0723ca6f1dab209e69c357.
-
07:08 AM Bug #14009 (In Progress): PHP error from upgraded IPsec tunnel containing only deprecated ciphers
-
02:18 PM pfSense Packages Bug #14079 (Rejected): Debug descriptions misleading
- The current text is correct. There is no need to suppress anything, it's clearly explained in the result string.
E... -
01:28 PM pfSense Packages Bug #14079 (Rejected): Debug descriptions misleading
- the purpose of the debug button is...
-
12:23 PM Bug #14061 (Not a Bug): PHP error if a non-privileged shell user attempts an operation which needs to write ``config.cache``
- That really isn't viable. We'd have to potentially catch any/every PHP error or rewrite every call that might even po...
-
10:09 AM Regression #14078: Traffic graph shows half actual throughput when switching back to the graph
- 'Clear graphs when not visible' must be selected.
-
10:08 AM Regression #14078 (Confirmed): Traffic graph shows half actual throughput when switching back to the graph
- When switching back to the traffic graph page, the graph restarts as designed but the data shown is now half actual.
... -
07:38 AM Bug #14077: Kernel panic from incoming IPv6 connections
- There must be some other required component to replicate this. I've not seen a panic like this on the 6100 at my edge...
-
07:11 AM Regression #14053 (Resolved): Changing the default IPsec widget tab removes all widgets
-
07:10 AM Bug #14071 (Not a Bug): installing packages on 23.05
-
07:08 AM pfSense Plus Bug #14068 (Feedback): Importing Chained Cert Data into the System --> Cert Manager --> Certificates Breaks Authentication
- Allowing multiple CAs in a single entry was always a hackish workaround for things that didn't support chains. Import...
-
12:48 AM Feature #7746: Proxy NDP
- Hi, All.
I have again asked for an ND Proxy implementation in Feature #14032.
Does anyone agree with me?
03/05/2023
-
07:43 PM Bug #14077 (Resolved): Kernel panic from incoming IPv6 connections
- After upgrading to 23.01, the system crashes with the following test on a Netgate 6100:
* With a default configurati... -
07:29 PM Regression #14076 (Resolved): PHP error if the configuration has an empty Auto Configuration Backup section
- After upgrading to 23.01, the following is reported:...
-
07:25 PM Feature #4681 (Resolved): AutoConfigBackup make a way to easily download a saved backup
- This functionality now exists.
-
07:14 PM pfSense Packages Bug #14075 (Not a Bug): Using the ``Transparent ClientIP`` option in HAproxy results in kernel panics
- Report from a Netgate 7100 after upgrading to @23.01@.
Before disabling the @Transparent ClientIP@ option in hapro... -
03:43 PM pfSense Plus Regression #13895: Early boot hangs on Hyper-V with Gen2 VMs
- This can be replicated on Azure as well. Deploy a new pfSense+ 23.01 Gen 2 VM on Azure with a size which allows addin...
-
03:38 PM pfSense Plus Bug #14074: Cannot edit or delete ZFS Boot Environment with a name containing only numbers
- Are you able to replicate this reliably? If so, please detail the steps to do so.
-
03:18 PM pfSense Plus Bug #14074 (Resolved): Cannot edit or delete ZFS Boot Environment with a name containing only numbers
i just created a new boot environment, but it apparently didnt like the name i gave it and set it to '0'
It cann...-
01:52 PM pfSense Packages Bug #14058: Update vendor=on triggers installation failure
- Thanks Chris. Let’s wait and see then.
-
01:34 PM Bug #14061 (New): PHP error if a non-privileged shell user attempts an operation which needs to write ``config.cache``
- It would be preferable to add better error handling for these kinds of PHP errors, and ideally show a more useful ale...
-
04:24 AM Regression #13381: Software VLAN tagging does not work on ``ixgbe(4)`` interfaces
- Steve Wheeler wrote:
> VLAN tagged traffic fails on an ix NIC if hardware vlan tagging is disabled.
> For example:
... -
01:53 AM Regression #14053: Changing the default IPsec widget tab removes all widgets
- Tested on
23.01-RELEASE (amd64)
built on Fri Feb 10 20:06:33 UTC 2023
FreeBSD 14.0-CURRENT
After apply the pat...
03/04/2023
-
08:17 PM pfSense Packages Todo #14073 (Confirmed): Shalla block list is offline but still available in pfBlocker
- The Shalla Services blocklist went offline permanently in January 2022. It's still available as a list option in the ...
-
07:40 PM Bug #14056: DNS Resolver experiences intermittent resolution failures with SSL over TLS due to ASLR
- I have successfully been using DNSoTLS with 1.1.1.2/security.cloudflare-dns.com for some time and have temporarily sw...
-
07:23 PM Regression #14057 (Resolved): Dynamic gateway names use mixed case instead of upper case, leading to configuration mismatches
- Tested on...
-
07:09 PM Regression #14016 (Resolved): FreeBSD default ``cron`` jobs are enabled when they should be disabled
- Tested on...
-
06:29 PM Regression #14010 (Resolved): Typo in ``filter.inc`` variable for DHCPv6 VLAN priority tag value
- Tested on...
-
04:35 PM pfSense Packages Bug #14019 (Resolved): PHP Error: /usr/local/pkg/avahi/avahi.inc:76
- Tested on 2.2_4. I don't see reproduction steps, so I'm assuming this was triggered on install or when navigating to...
-
03:58 PM Bug #14071: installing packages on 23.05
- Repos for 23.05 are not public at this time, which will cause the issue described here. This can be closed as not a ...
-
01:57 PM Bug #14071 (Not a Bug): installing packages on 23.05
I am not able to install any package in 23.05
the error is attached
23.05-DEVELOPMENT (amd64)
built on Fri...-
03:46 PM Regression #14072 (Resolved): No working IPv6 gateway if upstream RA does not contain M or O flags because rtsold does not execute script
- On 23.01, rtsold is not firing the script at @/var/etc/rtsold_<if>_script.sh@ unless the router advertisement receive...
-
01:09 PM Bug #14070 (New): STUN or Override WAN address in UPnP breaks working port forwarding if WAN IP is Private IP
- I discovered some weird behavior when experimenting with UPnP - STUN and Override WAN address in a failover scenario ...
-
10:57 AM Feature #14069 (New): UPnP & NAT-PMP External Interface - multi select and/or gateway group
- Using UPnP in a failover scenario with dual WAN does not work unless you manually change the External interface and r...
-
09:44 AM Bug #14009: PHP error from upgraded IPsec tunnel containing only deprecated ciphers
- I applied the patch on:...
-
08:54 AM Bug #14036 (Resolved): PHP error when the ``timeserver`` section of the configuration is empty
- I could replicate the issue on the:...
-
08:37 AM Bug #14065: UPnP not working when WAN IP is private IP range.
- Greger Blennerud wrote in #note-4:
> Jim Pingle wrote in #note-3:
> > We've tried communicating with them before ab... -
07:51 AM Bug #14037 (Resolved): PHP Error enabling ICMP6 using EasyRule
- I could replicate the issue on the:...
-
07:05 AM pfSense Packages Bug #14058: Update vendor=on triggers installation failure
- Yep very sure.
I even ran it through truss and watched the fetch calls be made and return successfully.
I waa a... -
04:12 AM pfSense Packages Bug #14058: Update vendor=on triggers installation failure
- Are you sure you selected „update vendor list“ in the arpwatch settings before trying to reproduce it?
Also available in: Atom