Activity

30 days up to

User

Subprojects

Activity

From 04/10/2023 to 05/09/2023

05/09/2023

09:58 PM pfSense Packages Bug #14369: DNSBL Parsing error when DNSBL Mode "Unbound python mode".: pfBlockerNG-devel ver 3.2.0_4 Jens Kristensen
09:50 PM pfSense Packages Bug #14369 (Closed): DNSBL Parsing error when DNSBL Mode "Unbound python mode".: Hi,
First, Thank you for this EXCELLENT package!
This may very well be a user-error. In that case I apologize.
... Jens Kristensen
09:05 PM Regression #14368: Intermittent DNS failures: This is actually for *23.01*
That somehow posted before I had finished typing and checking everything. Here are t... Doug Miles
08:54 PM Regression #14368 (Duplicate): Intermittent DNS failures: When DNS Resolver is set to forwarding mode and "Use SSL/TLS for outgoing DNS Queries to Forwarding Servers" is enabl... Doug Miles
07:29 PM pfSense Docs New Content #14317 (Feedback): Add docs for Ethernet Filtering (Plus Only): This should get it the rest of the way for this release:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/166... Jim Pingle
06:34 PM pfSense Packages Bug #14366: Enabling IPv6 DNSBL pfb_dnsbl service startup failure: Patch is in place for development branches and cherry-picked to 23.05. Christian McDonald
06:24 PM pfSense Packages Bug #14366 (Feedback): Enabling IPv6 DNSBL pfb_dnsbl service startup failure: Christian McDonald
03:42 PM pfSense Packages Bug #14366 (Resolved): Enabling IPv6 DNSBL pfb_dnsbl service startup failure: https://forum.netgate.com/topic/179874/failure-when-starting-pfb_dnsbl-service?lang=en-US Christian McDonald
06:02 PM Feature #13416: Change gateway monitoring actions default to "disabled": Yes plz! Gateway actions on a single WAN (most of our customers) is silly and only complicates things. Monitoring s... George Phillips
05:27 PM Feature #13416: Change gateway monitoring actions default to "disabled": Good idea. In my testing, the gateway monitoring action will mark the gateway down, although it is still functional. ... Craig Coonrad
05:22 PM Feature #13416: Change gateway monitoring actions default to "disabled": Definitely a positive move - limit 'automatic' monitoring to if there's a gateway group existing or maybe just a 'str... Ryan Coleman
05:57 PM Bug #14363 (Resolved): "All" user group overwritten after assigning an existing user to a group: Patch fixed the issue. Marcos M
03:15 PM Bug #14363 (Feedback): "All" user group overwritten after assigning an existing user to a group: Applied in changeset commit:a2a2e8a8bee55d5b0c393d2c2d311a2fc8903bce. Jim Pingle
03:03 PM Bug #14363 (In Progress): "All" user group overwritten after assigning an existing user to a group: Looks like more PHP weirdness. There are several loops in @local_user_set_groups()@ and each uses a variable @$group@... Jim Pingle
02:03 AM Bug #14363 (Resolved): "All" user group overwritten after assigning an existing user to a group: Tested on @23.01@.
Steps to reproduce on a default configuration:
# Create a new user; assign a password, no grou... Marcos M
04:52 PM Bug #14313 (Assigned): Unable to create nested URL table aliases: Tested on 23.01 and on 23.05-RC (built on Tue May 09 02:36:47 UTC 2023)
I tried to create nested URL table alias b... Azamat Khakimyanov
04:28 PM Bug #14367: Captive Portal connected page logo does not load: See the attached example.
I'm not sure why it would fetch from the redirect's domain instead of the firewall's dom... Marcos M
03:53 PM Bug #14367: Captive Portal connected page logo does not load: That doesn't make much sense. Relative paths would only affect a local image file, not one coming from a remote URL. ... Jim Pingle
03:51 PM Bug #14367 (New): Captive Portal connected page logo does not load: The Captive Portal connected page logo does not load. It seems to be due to the use of relative paths given that the ... Marcos M
03:07 PM Revision a2a2e8a8: Work around PHP var ref scope weirdness. Fixes #14363: Jim Pingle
12:45 PM Regression #14365 (Feedback): PHP error in RSS widget after saving settings: Applied in changeset commit:7b69f93c2b8f642c5abc6b714d36f7f0b76ba8b6. Jim Pingle
12:36 PM Regression #14365 (Resolved): PHP error in RSS widget after saving settings: If you save settings for the RSS widget, the widget generates a PHP error.
This happens even with the default sett... Jim Pingle
12:39 PM Revision 7b69f93c: Ensure RSS widget number values are treated as int. Fixes #14365: Jim Pingle
08:50 AM pfSense Packages Bug #14364 (Confirmed): APCUPSD unable to process date string: Hi,
After upgrading on a new install from 2.6.0 to + v23.01 (on amd64 if relevant) I'm unable to use the apcupsd w... Lloyd Collins
01:52 AM Bug #14361 (Duplicate): pfSense writes erroneous tunnel network in OpenVPN client configuration despite being provided a valid tunnel network: Thanks for the report. This has already been fixed. See https://redmine.pfsense.org/issues/13350 Marcos M
01:25 AM Bug #14361 (Duplicate): pfSense writes erroneous tunnel network in OpenVPN client configuration despite being provided a valid tunnel network: Please see the following Reddit post: https://www.reddit.com/r/PFSENSE/comments/11tyu6k/openvpn_site_to_site_ssltls_i... James Dekker
01:32 AM pfSense Docs Todo #14362 (Closed): Feedback on Troubleshooting — Troubleshooting Multiple Disks: *Page:* https://docs.netgate.com/pfsense/en/latest/troubleshooting/multiple-disks.html
*Feedback:*
Some users hav... Marcos M
01:27 AM Regression #13943 (Resolved): OpenVPN crashes with Signal 8 with very low fragment size: I could not reproduce the issue on @23.05.r.20230505.1836@. Marcos M
01:12 AM pfSense Docs Todo #14360 (Closed): Feedback on pfSense® software Configuration Recipes — Virtualizing with Proxmox® VE: *Page:* https://docs.netgate.com/pfsense/en/latest/recipes/virtualize-proxmox-ve.html
*Feedback:*
To enable AES-N... Joshua Fox

05/08/2023

08:23 PM Bug #14356: URL scheme is not properly validated in some cases: Thank you for looking at this, I thought I should share it as it could possibly be used with a zero day if it is not ... Jonathan Lee
07:15 PM Bug #14356: URL scheme is not properly validated in some cases: I just don't want to get caught in a situation where something big relies on the current behavior that would be a pai... Jim Pingle
05:46 PM Bug #14356: URL scheme is not properly validated in some cases: Different areas behave differently, however they all expect a valid URL with a scheme. For example:
* The OpenVPN in... Marcos M
02:12 PM Bug #14356: URL scheme is not properly validated in some cases: Marcos M wrote in #note-3:
> This currently affects multiple areas:
Affects how? They get a PHP error? Or they fa... Jim Pingle
08:01 PM pfSense Docs New Content #14317: Add docs for Ethernet Filtering (Plus Only): More progress: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/8959bb98382c02b4d531493d898fb9050abb35ea Jim Pingle
07:16 PM pfSense Docs New Content #14317: Add docs for Ethernet Filtering (Plus Only): Reorganized Advanced options and added the Ethernet Rules option along the way: https://gitlab.netgate.com/docs/pfSen... Jim Pingle
07:10 PM Todo #14359 (New): Reorganize Advanced Options: The placement of several options under the various Advanced options tabs doesn't make much sense in current versions.... Jim Pingle
04:43 PM Bug #14358: Discrepancy in "TTL for Host Cache Entries" Description: That is a bit awkward as it is. The stored value and value in the backend is in seconds but at some point the GUI dro... Jim Pingle
04:20 PM Bug #14358 (Resolved): Discrepancy in "TTL for Host Cache Entries" Description: Hello,
There appears to be a discrepancy in the description. Services / DNS Resolver / Advanced Settings - TTL fo... Jason Bauman
02:21 PM Revision 89803e07: Fix net/miniupnpd 2.3.3 build: Christian McDonald
02:05 PM Feature #14294: Add option to disable update-optimization.: PR link: https://github.com/pfsense/pfsense/pull/4637 Jim Pingle
01:50 PM Regression #14351 (Resolved): Ram Disks are not created at boot.: Same here. On a system where I hit that error on the previous builds, a current build works without error. RAM disks ... Jim Pingle
01:48 PM pfSense Plus Bug #14357 (Feedback): Making Changes to DNS Resolution Behavior Causes DNS Servers to be Lost: I can't reproduce this here. Where exactly are they missing from?
If I change that mode from the default (use local,... Jim Pingle
01:42 PM pfSense Docs New Content #14355: Create new doc about managing ``/boot/loader.conf.local``: That file is mentioned many times throughout the docs, and having to mention every time that the file should be creat... Jim Pingle
01:34 PM Bug #14354: Outbound NAT rule input validation error when attempting to manually specify "Other Subnet" with a valid address: Looks like it might just be one inverted test tripping it up but it needs more time/testing to ensure this change doe... Jim Pingle

05/07/2023

10:36 PM Bug #2218: CARP VIPs can become master too early at boot time: I thought I had responded to this ticket but I must have gotten distracted before I hit submit.
I have changes tha... Reid Linnemann
10:13 PM Bug #2218 (Pull Request Review): CARP VIPs can become master too early at boot time: Thanks for the contribution. There's already a merge request being reviewed internally for this issue:
https://gitlab... Marcos M
07:58 PM Bug #2218: CARP VIPs can become master too early at boot time: I already have a working implementation to delay CARP at bootup. I just pushed it to github.
It starts carp in mai... Andreas Pross
08:30 PM Bug #14356 (Pull Request Review): URL scheme is not properly validated in some cases: In all uses of the function @is_URL()@, the URL scheme is required. If the subdomain @www@ is specified, the function... Marcos M
03:42 AM Bug #14356: URL scheme is not properly validated in some cases: Exactly the steps I did to reproduce the issue. Thank you for checking. Jonathan Lee
03:40 AM Bug #14356: URL scheme is not properly validated in some cases: Tested this in pfSense Plus 23.05 RC builds from May 6th. Created an Alias called "Test Alias" that was set to "Host... Kris Phillips
12:39 PM pfSense Packages Feature #9721 (Resolved): add squidclient -h 127.0.0.1 mgr:info output to Diagnostics / Squid and status.php: Tested on 23.01
There is /Services/Squid/Status page and this page has correct /status_squid.php address
I marked t... Azamat Khakimyanov
04:11 AM Regression #14351: Ram Disks are not created at boot.: seeing tmpfs for /tmp and /var according to the dashboard widget with 23.05.r.20230505.1836 Jordan G
03:43 AM Bug #14354: Outbound NAT rule input validation error when attempting to manually specify "Other Subnet" with a valid address: I can confirm this bug. This can be easily worked around by adding a VIP with a type of "Other" and then using that ... Kris Phillips
02:42 AM pfSense Plus Bug #14357 (Closed): Making Changes to DNS Resolution Behavior Causes DNS Servers to be Lost: If DNS servers are define by DHCP in pfSense Plus 23.05 and you change the DNS Resolution Behavior under System --> G... Kris Phillips

05/06/2023

11:01 PM Bug #14356 (Resolved): URL scheme is not properly validated in some cases: Hello fellow pfSense Redmine community members can you please help?
If you generate an error inside of an Aliases ... Jonathan Lee
10:06 PM pfSense Docs New Content #14355 (Closed): Create new doc about managing ``/boot/loader.conf.local``: *Page:* https://docs.netgate.com/pfsense/en/latest/hardware/tune.html
*Feedback:*
The file "/boot/loader.conf.loc... Jason Self
07:57 PM pfSense Packages Regression #13984: PHP errors with squid: Thanks for your reply.
For those logs you reviewed the user could not reinstall the package as it would not fully... Jonathan Lee
04:37 PM pfSense Packages Regression #13984: PHP errors with squid: The patch can't be applied to non-existent files, hence (re)installing the package will trigger issues resolved by th... Marcos M
01:57 PM pfSense Plus Regression #14137 (Feedback): pfSense Plus Upgrade repo data remains on the system after upgradng: Fixed in the latest pfSense-upgrade. Luiz Souza
08:42 AM pfSense Packages Bug #12705 (Resolved): IPsec Profile Wizard/Apple: IKEv2 VPN with ECDSA server certificate does not connect using generated profile: Tested EAP-TLS using ECDSA certs - works fine
Tested EAP-RADIUS using ECDSA certs - works fine
I am marking this ... Danilo Zrenjanin
06:59 AM pfSense Plus Feature #13227: Group-based Mobile IPsec Virtual Address Pool assignment via RADIUS: Christopher de Haas wrote in #note-3:
> I very much hope to see this in an upcoming version. We currently have to us... Tue Madsen
06:52 AM pfSense Packages Bug #13632 (Resolved): tailscale does not survive reboot on pfsense with ram disk in use: Danilo Zrenjanin
06:51 AM pfSense Packages Bug #13632: tailscale does not survive reboot on pfsense with ram disk in use: Tested against:... Danilo Zrenjanin
04:24 AM Bug #14354 (Resolved): Outbound NAT rule input validation error when attempting to manually specify "Other Subnet" with a valid address: I believe I have stumbled upon a bug within the WebUI while attempting to create brand new outbound NAT rule with a m... Sum Fox

05/05/2023

10:19 PM pfSense Plus Regression #14137: pfSense Plus Upgrade repo data remains on the system after upgradng: aleksei prokofiev wrote in #note-1:
> Also, if package manager unavailable, may help next solution
> Check and then... Grant Macdonald
09:54 PM pfSense Plus Feature #13227: Group-based Mobile IPsec Virtual Address Pool assignment via RADIUS: I very much hope to see this in an upcoming version. We currently have to use openvpn instances or full pfSense insta... Christopher de Haas
08:36 PM pfSense Packages Regression #13984: PHP errors with squid: This patch fixed the issue with the other user ben and the HA use, but the other user Hugo still has issues reinsta... Jonathan Lee
08:24 PM Bug #14353: Dynamics DNS Widget only showing host name without domain for Azure DNS service: Scenario:
Configure Dynamic DNS Update for an Azure DNS host entry, add dynamic DNS status widget to the dashboard.... Sean M
05:30 PM Bug #14353 (New): Dynamics DNS Widget only showing host name without domain for Azure DNS service: Currently the Azure dynamic DNS service doesn't show the host + domain and only shows the host name on the status wid... Sean M
07:39 PM pfSense Plus Bug #8600: "snmpd SIOCGIFDESCR (e6000sw0port1): Device not configured": Jim Pingle wrote in #note-12:
> Martin Stockzell wrote in #note-11:
> > Jim Pingle wrote in #note-10:
> > > See #1... Martin Stockzell
07:38 PM pfSense Plus Bug #8600: "snmpd SIOCGIFDESCR (e6000sw0port1): Device not configured": Martin Stockzell wrote in #note-11:
> Jim Pingle wrote in #note-10:
> > See #13976 -- it's already fixed on 23.05 s... Jim Pingle
07:36 PM pfSense Plus Bug #8600: "snmpd SIOCGIFDESCR (e6000sw0port1): Device not configured": Jim Pingle wrote in #note-10:
> See #13976 -- it's already fixed on 23.05 snapshots
My bad I actually thought it ... Martin Stockzell
07:28 PM pfSense Plus Bug #8600: "snmpd SIOCGIFDESCR (e6000sw0port1): Device not configured": See #13976 -- it's already fixed on 23.05 snapshots Jim Pingle
07:27 PM pfSense Plus Bug #8600: "snmpd SIOCGIFDESCR (e6000sw0port1): Device not configured": Unfortunatly it's back...
@May 5 21:20:06 snmpd 15562 SIOCGIFDESCR (e6000sw0port3): Device not configured
May 5 21:2... Martin Stockzell
07:27 PM pfSense Plus Feature #14339: Sort interfaces by name/custom order: I meant to add, if you just want the cosmetic sorting there is an option for that under System > General and it can b... Jim Pingle
06:54 PM pfSense Docs New Content #14317: Add docs for Ethernet Filtering (Plus Only): I started on them here:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/8c98f9424906a84009ddd9b0640c633d0ca6... Jim Pingle
05:56 PM pfSense Docs New Content #14317 (In Progress): Add docs for Ethernet Filtering (Plus Only): Jim Pingle
06:39 PM pfSense Plus Bug #14340 (Resolved): Unicast CARP XMLRPC sync does not adjust CARP peer address when sycnrhonizing: Jim Pingle
06:39 PM pfSense Plus Bug #14340: Unicast CARP XMLRPC sync does not adjust CARP peer address when sycnrhonizing: tested on:
Version
23.05-BETA (amd64)
built on Wed May 03 06:05:00 UTC 2023
FreeBSD 14.0-CURRENT
patches succe... Georgiy Tyutyunnik
05:45 PM pfSense Docs New Content #14318 (Resolved): Add docs for Unicast CARP (Plus only): Added:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/8f027172df25bf58b2051dd6811218b02dcd3c4d
http://st... Jim Pingle
03:48 PM Todo #14352 (New): Virtual IP address configuration input fields are handled inconsistently between VIP types: When editing a VIP, some options are enabled/disabled when changing types (e.g. Address Type, CARP Options) while oth... Jim Pingle
12:25 PM Todo #13508: Uncouple RAM Disk size from available kernel memory: The last commit, @b10998b1951b3e0d1cb74449a6b6dd333b9d292a@, did not work on some systems and triggered a boot time f... Jim Pingle
12:24 PM Regression #14351 (Feedback): Ram Disks are not created at boot.: This was indeed broken by my last change on #13508 somehow. Since that fix was only partial anyhow, reverting that is... Jim Pingle
12:05 PM Regression #14351: Ram Disks are not created at boot.: I was seeing that when I had the RAM disk size set larger than the free memory (but smaller than RAM+SWAP) but not wh... Jim Pingle
11:58 AM Regression #14351 (Resolved): Ram Disks are not created at boot.: RAM disks fail to be created at boot showing the alert:... Steve Wheeler
12:21 PM Revision 1c0fa041: Revert "Correct RAM disk swap calculation. Issue #13508": This reverts commit b10998b1951b3e0d1cb74449a6b6dd333b9d292a. Jim Pingle
07:20 AM Bug #14350 (New): Captive portal text messages are not translated: See here :
How to translate captive portal reply messages? : https://forum.netgate.com/topic/179878/how-to-transla... Gertjan KROEB
05:36 AM pfSense Packages Bug #14349 (Closed): The ClamAV 0.105.1 got a few vulnerabilities: Current ClamAV 0.105.1 got a few vulnerabilities:
https://blog.clamav.net/2023/02/clamav-01038-01052-and-101-pat... Lev Prokofev
03:27 AM pfSense Packages Feature #10818: UDP Broadcast Relay: I can verify that pkg install *pfSense-pkg-udpbroadcastrelay-1.0.pkg* doesn't work on pfSense 2.6
It would be nice i... I W

05/04/2023

11:09 PM Bug #14077: Kernel panic from incoming IPv6 connections: This evening, I have installed the last beta of 23.05 on my 6100 and done some tests.
Currently no crash.
Thanks. Bruno Dambrine
05:40 PM Revision b08e5eb8: Update make.conf to use correct miniupnpd port options for v2.3.3: Christian McDonald
05:14 PM Todo #14307 (Feedback): Update miniupnpd to 2.3.3: Done.
Patch also submitted upstream: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=271244 Christian McDonald
05:01 PM pfSense Plus Feature #14348 (Resolved): Add unicast CARP indication and peer address to CARP status: On *Status > CARP* (@status_carp.php@) the status of each VHID is printed along with other info about the VIPs.
It... Jim Pingle
04:07 PM Feature #14347: Improve System menu behavior for Certificate Manager privileges: Link to the Pull Request: https://github.com/pfsense/pfsense/pull/4636 Ludovic Morin
04:03 PM Feature #14347 (Resolved): Improve System menu behavior for Certificate Manager privileges: I would like to have a user that can create or revoke certificates but not manage CA.
Currently, if a user does no... Ludovic Morin
03:45 PM pfSense Packages Feature #10818: UDP Broadcast Relay: Idealy the port would be updated upstream in FreeBSD rather than having to run a pfSense-specific build.
For those a... Marcos M
04:32 AM pfSense Packages Feature #10818: UDP Broadcast Relay: The upstream was updated to add additional features to include options such as --allowcidr and --blockcidr:
https://... James G
03:27 PM Bug #14346: Anchor for reordering gateways won't move to bottom position: Jim Pingle wrote in #note-7:
> No, because the order is significant when it comes to automatic selection. Interfaces... Jim Pingle
03:25 PM Bug #14346: Anchor for reordering gateways won't move to bottom position: Michael Kellogg wrote in #note-6:
> could they at least be sorted by name by default to match interfaces sorting ?
... Jim Pingle
03:22 PM Bug #14346: Anchor for reordering gateways won't move to bottom position: could they at least be sorted by name by default to match interfaces sorting ? Michael Kellogg
03:20 PM Bug #14346 (Confirmed): Anchor for reordering gateways won't move to bottom position: I was able to reproduce one problem here. You can't use the anchor to move a gateway to the bottom of the list. You c... Jim Pingle
03:15 PM Bug #14346: Anchor for reordering gateways won't move to bottom position: This may just be a side effect of #12920 and whether or not those gateways have an entry in config.xml or not. If the... Jim Pingle
02:29 PM Bug #14346: Anchor for reordering gateways won't move to bottom position: It seems doesn't save changes if you check the gateway marked as a "Default gateway", can you confirm? Lev Prokofev
02:27 PM Bug #14346 (Not a Bug): Anchor for reordering gateways won't move to bottom position: I'm not able to reproduce this.
* Select a gateway
* Select an anchor to move entry
* Click save
Christian McDonald
02:13 PM Bug #14346 (Confirmed): Anchor for reordering gateways won't move to bottom position: on page system_gateways.php if you check a gate way then click on anchor where you want it moved to saving it does no... Michael Kellogg
02:02 PM pfSense Packages Feature #9749: 95th percentile missing for quality in monitoring: Would still like to see this fixed or implemented Michael Kellogg
01:52 PM Bug #14345 (Resolved): Default tab on ``firewall_rules.php`` is not selected if the configuration has no WAN interface: If the firewall configuration lacks a WAN interface, the default tab on firewall_rules.php may end up as Floating, or... Jim Pingle
01:01 PM pfSense Plus Bug #14344 (Duplicate): No PHP errors found: Duplicate of #13938 Jim Pingle
10:06 AM pfSense Plus Bug #14344 (Duplicate): No PHP errors found: Crash report begins. Anonymous machine information:
amd64
14.0-CURRENT
FreeBSD 14.0-CURRENT #0 plus-RELENG_23_0... hamza başak
01:01 PM Bug #14343 (Duplicate): No PHP errors found: Duplicate of #13938 Jim Pingle
10:03 AM Bug #14343 (Duplicate): No PHP errors found: Crash report begins. Anonymous machine information:
amd64
14.0-CURRENT
FreeBSD 14.0-CURRENT #0 plus-RELENG_23_0... hamza başak
01:00 PM pfSense Plus Bug #14342 (Rejected): Packages not working: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
08:54 AM pfSense Plus Bug #14342 (Rejected): Packages not working: Hello,
I upgraded from community version to plus and the packages do not work.
*Install package:* * Unable to r... Andrei Lazarescu
12:11 AM pfSense Packages Bug #14341 (New): Squid Cache Table Logs Showing incorrect date: Squid - Cache Logs
Date-Time Message
31.12.1969 16:00:00
31.12.1969 16:00:00
31.12.1969 16:00:00
31.12.1969 1... Jonathan Lee
12:07 AM pfSense Packages Regression #13984: PHP errors with squid: Thanks, I appreciate you. I posted the information about this to the Netgate forum again. Jonathan Lee

05/03/2023

11:43 PM pfSense Packages Regression #13984: PHP errors with squid: This should resolve the error, thanks! Marcos M
10:19 PM pfSense Packages Regression #13984: PHP errors with squid: I got another user https://forum.netgate.com/user/hugoeyng to test with their PHP errors this was his result.
@jona... Jonathan Lee
08:42 PM pfSense Packages Regression #13984: PHP errors with squid: Installed and no errors so far. System running.
Thank you. This is with the change you made. Jonathan Lee
03:00 PM pfSense Packages Regression #13984: PHP errors with squid: Thanks for the test (no need to post patch details). Feel free to try again with the updated squidGuard patch. Marcos M
06:16 AM pfSense Packages Regression #13984: PHP errors with squid: It just dawned on me I use both modes on Squid transparently and SSL Intercept is this a problem with me using this p... Jonathan Lee
06:01 AM pfSense Packages Regression #13984: PHP errors with squid: Other Patch debug does not show 64 in debug Jonathan Lee
06:00 AM pfSense Packages Regression #13984: PHP errors with squid: <removed patch success details> Jonathan Lee
05:52 AM pfSense Packages Regression #13984: PHP errors with squid: I ran into an error and had to revert back. Attached is the error. Jonathan Lee
05:47 AM pfSense Packages Regression #13984: PHP errors with squid: One error after reboot
Jonathan Lee
05:34 AM pfSense Packages Regression #13984: PHP errors with squid: I appreciate all you do. Testing attached patches, I noticed you adjusted clam AV or Squids antivirus to store on the... Jonathan Lee
03:41 AM pfSense Packages Regression #13984 (Pull Request Review): PHP errors with squid: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/337
Patch for both squid and squidGuiard are att... Marcos M
08:38 PM pfSense Packages Regression #13958 (Resolved): Snort exits with signal 10 on arm32: This looks good in current snaps:
pfSense-23.05.b.20230503.0600
pfSense-pkg-snort-4.1.6_7
snort-2.9.20_3 Steve Wheeler
07:40 PM pfSense Plus Bug #14340 (Feedback): Unicast CARP XMLRPC sync does not adjust CARP peer address when sycnrhonizing: Fixed by the following commits:
* https://gitlab.netgate.com/pfSense/factory/-/commit/8d52ac6d5cdfc7173c03ce106ead... Jim Pingle
07:21 PM pfSense Plus Bug #14340 (Resolved): Unicast CARP XMLRPC sync does not adjust CARP peer address when sycnrhonizing: When XMLRPC sync is enabled for VIPs and the primary has a unicast CARP VIP configured, the VIP is copied to the seco... Jim Pingle
04:59 PM Regression #14172 (Resolved): PHP error in Captive Portal if ``usedmacs`` list is empty: The change fixes the error. I could induce the error before by manually running @captiveportal_write_usedmacs_db("");... Jim Pingle
04:06 PM Bug #14045 (Resolved): ``pfSense-boot`` can fail to copy the EFI bootloader: This has been working smoothly for some time now. Jim Pingle
03:55 PM Regression #14164 (Resolved): IPv6 interface configuration race condition can lead to kernel panic: No subsequent reports of this that I'm aware of. Jim Pingle
03:55 PM Bug #14335 (Resolved): Associated firewall rule for NAT port forward does not inherit ``nosync`` property, gets synchronized: Working as expected on current snapshots. Associated firewall rule inherits the nosync property, and neither the NAT ... Jim Pingle
11:33 AM Bug #14335: Associated firewall rule for NAT port forward does not inherit ``nosync`` property, gets synchronized: That is a separate issue: #14316 -- I found this one when testing and fixing that one.
To test this one properly, ... Jim Pingle
06:36 AM Bug #14335: Associated firewall rule for NAT port forward does not inherit ``nosync`` property, gets synchronized: In my testing before and after applying the patch, both the port forward and firewall-associated rule get copied to t... Danilo Zrenjanin
03:45 PM Todo #13508: Uncouple RAM Disk size from available kernel memory: There is a chicken/egg problem here that will need more time to solve properly to allow creating RAM disks at boot th... Jim Pingle
02:47 PM Todo #13508 (In Progress): Uncouple RAM Disk size from available kernel memory: Looks like there is still a problem here. The memory calculation in source:src/etc/rc.ramdisk_functions.sh is still u... Jim Pingle
03:39 PM Revision b10998b1: Correct RAM disk swap calculation. Issue #13508: It was not factored into the shell version as it should be (still a
problem here, see Redmine).
It was also returnin... Jim Pingle
03:35 PM Regression #14338 (Resolved): PHP error from empty separator: Confirmed resolved on current snapshots. Jim Pingle
03:26 PM Revision a33abf9d: Start building frr8 for development and testing. For #13575: Christian McDonald
02:42 PM Bug #14035 (Resolved): PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded: This is working well on current snapshots. Creating a GIF on a 3100 (ARMv7) loads the module and no longer generates ... Jim Pingle
02:40 PM Todo #13492 (Resolved): Start ``rtsold`` immediately after ``dhcp6c`` sends a request: Jim Pingle
02:39 PM Bug #13939 (Resolved): IPv6 does not work on secondary PPPoE WAN: Renato says this is working well on current snapshots and can be closed. Jim Pingle
02:37 PM pfSense Plus Regression #13895: Early boot hangs on Hyper-V with Gen2 VMs: I never could replicate the original hang here, but my Hyper-V test VM (Gen2, ZFS) upgraded fine from 23.01 to 23.05 ... Jim Pingle
02:30 PM Feature #14255 (Resolved): Support for Intel PCH temperature values in thermal sensors: Jim Pingle
02:30 PM Bug #13003 (Resolved): Malicious Driver Detection event on ``ixl(4)`` driver: Jim Pingle
02:29 PM Bug #13014 (Resolved): Deadlock in Charon VICI interface: Jim Pingle
02:26 PM Feature #13382 (Resolved): Packet Capture GUI with granular control: Still seems to be OK at least with the light testing I've done. If any new problems come up they can go into separate... Jim Pingle
02:18 PM pfSense Plus Bug #13976: SNMP logs "Device not configured" error message when queries involve built-in switch port interfaces: Before upgrading to the current snapshot:... Jim Pingle
01:53 PM pfSense Plus Bug #13976 (Resolved): SNMP logs "Device not configured" error message when queries involve built-in switch port interfaces: Christian McDonald
01:53 PM pfSense Plus Feature #14308 (Resolved): Support for Ethernet (L2) filtering rules: Latest snapshot has the updated help text and experimental note. Christian McDonald
01:11 PM Regression #14072 (Resolved): No working IPv6 gateway if upstream RA does not contain M or O flags because rtsold does not execute script: Tested latest Plus (23.05.b.20230503.0600) and CE (2.7.0.a.20230503.0600) snapshots and both are working well with th... Jim Pingle
12:53 PM Regression #14091 (Resolved): The "Kill States" button does not work consistently: Looks good on today's snapshot. I can kill states for a single address or a subnet. The states are actually removed a... Jim Pingle
11:36 AM pfSense Plus Feature #14339 (Rejected): Sort interfaces by name/custom order: The interface order is significant and must be maintained. Allowing this safely would require significant changes to ... Jim Pingle
04:04 AM pfSense Packages Bug #14287: pfBlockerNG does not uninstall cleanly when using RAM disks: Chris W wrote in #note-7:
> It looks like the issue you're seeing is due to a greater PHP problem as a result of u... Loh Phat

05/02/2023

10:09 PM pfSense Plus Feature #14339: Sort interfaces by name/custom order: This also applies to the VLAN page, where the vlans are listed in the order they were added. There is a way to sort t... douglas meyer
10:05 PM pfSense Plus Feature #14339 (Rejected): Sort interfaces by name/custom order: On the interfaces > assignments page, interfaces are displayed in the order I added them to my pfSense unit, instead ... douglas meyer
07:55 PM Regression #14338 (Feedback): PHP error from empty separator: Fixed by commit:9dd708be53639e1760d741c049f95f8ac7d56c35 Jim Pingle
07:53 PM Regression #14338 (Resolved): PHP error from empty separator: If the configuration contains an empty separator entry, it can lead to a PHP error:... Jim Pingle
07:55 PM Regression #14091 (Feedback): The "Kill States" button does not work consistently: Okay I have fixes in the PHP module that properly fixes #9270, which was still a bug and likely related to this issue. Christian McDonald
07:54 PM Revision 9dd708be: Fix PHP 8.x issues in separator functions. Fixes #14338: Jim Pingle
07:48 PM pfSense Packages Regression #13958 (Feedback): Snort exits with signal 10 on arm32: patches for armv7 are now in our tree. Christian McDonald
07:40 PM Revision e79a872f: Remove unnecessary utf8_encode'ing to pfSense_kill_states arguments. Partial #9270: Christian McDonald
05:38 PM Bug #14052 (Resolved): Bridge interface is not properly validated when submitted on ``interfaces_bridge_edit.php``: I can't get any problematic input past the new input validation. Looks solid to me.
Jim Pingle
05:35 PM Regression #14336 (Resolved): Firewall logs do not show the rule description: Patches fixed the issue. Marcos M
05:15 PM Regression #14336 (Feedback): Firewall logs do not show the rule description: Looks like the user label is in there first, not last, but my logs were so full of default deny blocks (one label, so... Jim Pingle
05:06 PM Regression #14336: Firewall logs do not show the rule description: Nevermind, I see it now. It worked in some cases but not all. Jim Pingle
05:02 PM Regression #14336: Firewall logs do not show the rule description: Make sure you're on the latest snapshot, not just applying the patch. It's possible your module is out of date.
It w... Jim Pingle
05:01 PM Regression #14336 (Confirmed): Firewall logs do not show the rule description: I applied the patch and the rule column now shows:
> id:1677444350 (1677444350)
The user description is still mis... Marcos M
01:04 PM Regression #14336 (Feedback): Firewall logs do not show the rule description: Applied in changeset commit:e472f96d82add603c187bf71cb5eb2cf5d44753c. Jim Pingle
12:42 PM Regression #14336 (In Progress): Firewall logs do not show the rule description: The structure of the labels returned by @pfSense_get_pf_rules()@ changed but it appears to be a simple change to fix. Jim Pingle
05:21 PM pfSense Plus Regression #14137 (In Progress): pfSense Plus Upgrade repo data remains on the system after upgradng: Luiz said he and Steve W. will work together on solving this. Jim Pingle
05:10 PM Revision 9f3f2b6f: Use first label, not last. Fixes #14336: Jim Pingle
04:58 PM Feature #14337 (Resolved): Allow SMTP notifications from non-root processes: The changes to address #14031 removed the ability for non root processes to send notifications. This one line change ... Denny Page
04:50 PM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions: It's too late for this issue / Plus 23.05, but if you want to open a new Redmine issue and propose it there we can co... Jim Pingle
04:41 PM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions: I would like to propose a small change to this fix. It is a "one liner," which maintains the ability to send notifica... Denny Page
04:40 PM Regression #14072 (Feedback): No working IPv6 gateway if upstream RA does not contain M or O flags because rtsold does not execute script: And Jim merged that, so this should be fixed in the next snapshot. Kristof Provost
04:26 PM Regression #14072: No working IPv6 gateway if upstream RA does not contain M or O flags because rtsold does not execute script: I've merged the rtsol change to our branches and propose this PHP tweak: https://gitlab.netgate.com/pfSense/pfSense/-... Kristof Provost
12:54 PM Regression #14072 (In Progress): No working IPv6 gateway if upstream RA does not contain M or O flags because rtsold does not execute script: Jim Pingle
09:21 AM Regression #14072: No working IPv6 gateway if upstream RA does not contain M or O flags because rtsold does not execute script: Proposed rtsol change: https://reviews.freebsd.org/D39931
(We'll also need a change in the PHP code to set '-A' ra... Kristof Provost
04:36 PM Revision 16bf36e0: Have rtsold always call the script, even if 'M' or 'O' bits are not set: Kristof Provost
04:36 PM pfSense Packages Regression #13984: PHP errors with squid: Additional errors:... Marcos M
03:47 PM Regression #14086 (Feedback): Current snapshot builds missing most kernel modules that were on previous builds/releases: Brad changed this back in crossbuild commit @02433536277d0174f62118ac2255676c88ee4f09@ on the RELENG_23_05 branch so ... Jim Pingle
03:38 PM pfSense Plus Feature #14308 (Feedback): Support for Ethernet (L2) filtering rules: Option text updated in https://gitlab.netgate.com/pfSense/factory/-/commit/3bc930fcb786a4b0fa264c093150f3d27b31f1ae
... Jim Pingle
02:49 PM pfSense Plus Feature #14308 (In Progress): Support for Ethernet (L2) filtering rules: To me for a tiny change, going to add a warning to the enable option marking this as beta/experimental for this relea... Jim Pingle
03:20 PM Bug #14335 (Feedback): Associated firewall rule for NAT port forward does not inherit ``nosync`` property, gets synchronized: Fixed in commit:3eee2ed7605c1e8ac5929fcc844b5d45a371d6a5 Jim Pingle
02:33 PM Bug #14335 (In Progress): Associated firewall rule for NAT port forward does not inherit ``nosync`` property, gets synchronized: This is a much smaller fix than I anticipated. Commit inbound.
Jim Pingle
03:12 PM pfSense Plus Bug #13976 (Feedback): SNMP logs "Device not configured" error message when queries involve built-in switch port interfaces: Fixed. Luiz Souza
02:54 PM Feature #14050 (Resolved): Support for ``iwlwifi`` wireless interfaces: The change is present in the code. No hardware available to check if it works and no feedback, so for now we will ass... Jim Pingle
02:51 PM Bug #14077 (Resolved): Kernel panic from incoming IPv6 connections: Jim Pingle
02:50 PM Feature #13054 (Resolved): Package plugin hook for web server configuration stanzas: Jim Pingle
02:50 PM Regression #14316 (Resolved): Filter/NAT rules configured with "No XMLRPC Sync" enabled are still synchronized: This is working as expected now. Rules marked nosync are no longer being synchronized. Jim Pingle
01:25 PM Regression #14316: Filter/NAT rules configured with "No XMLRPC Sync" enabled are still synchronized: Updating subject for release notes. Jim Pingle
02:33 PM Revision 3eee2ed7: Repsect NAT nosync for assoc rules. Fixes #14335: Jim Pingle
01:21 PM Bug #14022 (Resolved): PHP error when exporting a CRL for an old CA: Patch is present and working. I could replicate it before updating, but not after.
Jim Pingle
12:58 PM pfSense Docs New Content #14309 (Closed): UDP Broadcast Relay package: MR merged. Jim Pingle
12:44 PM Revision e472f96d: Update method of finding rule labels. Fixes #14336: The way rule labels are returned from pfSense_get_pf_rules() changed, so
this code needs to follow the new format. Jim Pingle
12:21 PM pfSense Packages Feature #14314: Keep DDNS entries on config change: https://github.com/pfsense/FreeBSD-ports/pull/1256 Andreas Pross
11:38 AM Regression #14327 (Resolved): Gateway popup in firewall rule list does not indicate current gateway status: The patch fixes it. Thanks!
I am marking this one resolved. Danilo Zrenjanin
03:25 AM Bug #13423: IPv6 neighbor discovery protocol (NDP) fails in some cases: I am running into this issue on 23.05-BETA using vmx. It seems to be similar to this issue upstream given that the co... Marcos M

05/01/2023

10:04 PM pfSense Docs Todo #14207 (Confirmed): Rate limiting on Chelsio T4/5 NICs: This appears to affect current 2.7 and 23.05 snapshots.
The -SO hardware variants seem unaffected Steve Wheeler
09:37 PM Regression #14336 (Resolved): Firewall logs do not show the rule description: Tested in @23.05.b.20230428.2019@. It previously worked on @23.05.b.20230428.1452@.
Firewall log entries under @St... Marcos M
08:24 PM Bug #14178: Captive Portal Pass-through MAC Auto Entry registering MAC address for unauthenticated users when using Pass-through credits: Hello, Is it possible for someone to review and prioritize this issue? Dean Arnold
07:16 PM pfSense Plus Bug #13976: SNMP logs "Device not configured" error message when queries involve built-in switch port interfaces: It _looks_ like this would be a current equivalent change:... Jim Pingle
07:12 PM pfSense Plus Bug #13976: SNMP logs "Device not configured" error message when queries involve built-in switch port interfaces: The last time we fixed this appears to be in src commit b33b6cb8a704be9c4053ca4f050357cd9eb0a13d (Internal link: http... Jim Pingle
06:28 PM Bug #14335 (Resolved): Associated firewall rule for NAT port forward does not inherit ``nosync`` property, gets synchronized: If a user creates a port forward and checks the box to disable XMLRPC sync, this property is not copied to an automat... Jim Pingle
06:21 PM pfSense Plus Regression #14233 (Resolved): pfSense installer crashes on the 7100: This is fixed in current 23.05 snaps. The Apr 3rd snap panics at every boot, current snaps boot and install fine.
... Steve Wheeler
05:13 PM pfSense Plus Regression #14233: pfSense installer crashes on the 7100: was able to install to m.2 on 7100 using memstick-serial-23.05-DEVELOPMENT-amd64-20230427-0208.img without issue Jordan G
04:52 PM pfSense Plus Regression #14233: pfSense installer crashes on the 7100: Does this 7100 have any expansion cards in it?
M.2 or eMMC?
Does it happen with a more recent BETA snapshot?
Jim Pingle
06:01 PM Bug #14022 (Feedback): PHP error when exporting a CRL for an old CA: Local patch added in ports repo commit @3d9792221fb093f50af07d46dd5c753807ecde1f@. Will be in the next snapshot.
Jim Pingle
05:50 PM Bug #13911: Unnecessary delay when querying ``ixgbe(4)`` interfaces with SFP ports: The delay is still present in the driver but it's probably best if we look into the driver changes over a longer term... Jim Pingle
05:20 PM Regression #14316 (Feedback): Filter/NAT rules configured with "No XMLRPC Sync" enabled are still synchronized: Fixed in commit:0b612e5498164239ce431e0d61185c8af0627813
The syntax for @array_path_enabled()@ was missing the pat... Jim Pingle
05:19 PM Revision 0b612e54: Correct array_path_enabled syntax for nosync check. Fixes #14316: Jim Pingle
04:48 PM pfSense Plus Bug #13455: Serial console output fails to render properly in certain cases on 4100, 6100, and 8200.: Moving forward, still no leads on a cause here.
Jim Pingle
04:03 PM pfSense Plus Regression #14320 (Resolved): ``ifconfig -a`` prints CARP information for interfaces that do not have CARP configured: This is fixed on current snapshots. CARP info is only printed for interfaces which actually contain CARP VIPs now.
Jim Pingle
03:51 PM pfSense Plus Regression #14334 (Closed): 2100/1100 PCIe bus devices are not recognized: Copying from NG 9622 so it will get a release notes entry. This is already confirmed to be resolved on 23.05.
In 2... Jim Pingle
03:28 PM pfSense Packages Todo #14333 (New): Reduce config writes: When the service is started, multiple config writes are performed. System logs (reversed) show:... Marcos M
03:11 PM pfSense Docs Todo #14332 (Resolved): Remove Experimental Note on WireGuard Docs: Done: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/a447f58d9485d6cd6d2cbe11602da401ffbc623f
That is on th... Jim Pingle
02:45 PM pfSense Docs Todo #14332 (Resolved): Remove Experimental Note on WireGuard Docs: Christian McDonald
03:11 PM Regression #14327 (Feedback): Gateway popup in firewall rule list does not indicate current gateway status: Fixed in commit:d357172cfcbc5def693a8948ba95b068bd5f4ab2 it will be in the next 23.05 snapshot.
The fix also applies... Jim Pingle
01:33 PM Regression #14327 (In Progress): Gateway popup in firewall rule list does not indicate current gateway status: This is actually a bug, not a missing feature. The gateway popup should be showing the gateway group status with the ... Jim Pingle
02:41 PM Revision d357172c: FW rule GW status popup improvements. Fixes #14327: * Fix status check to account for current gw status/substatus strings
* Include Tier for gateway groups
* Sort groups... Jim Pingle
02:28 PM Bug #14331 (New): rDNS for the Hostname IP is first DNS override rather than hostname: +Expected Function:+
Given that Hostname produces a typical local DNS entry for subnets, eg:
`local-data: "my.d... Pete Holzmann
01:10 PM Regression #14072: No working IPv6 gateway if upstream RA does not contain M or O flags because rtsold does not execute script: If it worked before but does not work on 23.01, then it probably does require forcing dhcp to launch when M/O are not... Jim Pingle
12:12 AM Regression #14072: No working IPv6 gateway if upstream RA does not contain M or O flags because rtsold does not execute script: This issue impacts Canadian Telus PureFibre [native IPv6 over fibre to the house] residential customers.
Telus imple... William Blew
01:06 PM Todo #13508: Uncouple RAM Disk size from available kernel memory: It should have rejected the change if there was not enough free memory. Unfortunately since the amount of memory in u... Jim Pingle
01:00 PM Bug #13915 (Resolved): PHP errors when re-running Traffic Shaper Wizards with different settings: Jim Pingle
12:40 PM pfSense Packages Bug #14330: Arpwatch - Cron "Broken pipe" Errors: Jim Pingle wrote in #note-1:
> Not a bug in arpwatch, it's from #14016 -- see that issue for details. There is a fix... James Blanton
12:28 PM pfSense Packages Bug #14330 (Rejected): Arpwatch - Cron "Broken pipe" Errors: Not a bug in arpwatch, it's from #14016 -- see that issue for details. There is a fix in the recommended patches area... Jim Pingle
12:26 PM pfSense Packages Bug #14330 (Rejected): Arpwatch - Cron "Broken pipe" Errors: I've got 11 XG-7100 1U's that I've upgraded to 23.01, all of which have Arpwatch installed. Since upgrading them, I'm... James Blanton
12:31 PM pfSense Docs Todo #14234 (Feedback): Update Packet Capture docs to reflect the new GUI: That revert was only on stable/dev. This feature is not in a release yet, so it's on the releng/23.05 branch, not sta... Jim Pingle
12:27 PM Regression #14322 (Resolved): CARP password is not being respected on 23.05 snapshots: Nodes are behaving properly on the current snapshot (23.05.b.20230501.0600) again, thanks!
* If I change the VIP pas... Jim Pingle

04/30/2023

11:55 PM pfSense Plus Bug #14329 (New): DDNS IPv6 update PHP error: Dynamic DNS updates to DigitalOcean for IPv6 fail with a PHP error. This error appears in both the GUI's crash report... Ryan H
08:50 PM pfSense Docs New Content #14309 (Pull Request Review): UDP Broadcast Relay package: https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/57 Marcos M
07:25 PM Todo #13508: Uncouple RAM Disk size from available kernel memory: I set /tmp to 200000 on a small VM. It was accepted and rebooted. On boot I got this:
@ RAM disk creation failed. ... Chris Linstruth
06:17 PM Regression #14322 (Feedback): CARP password is not being respected on 23.05 snapshots: I've committed the fix upstream and cherry-picked it to our branches. This will be fixed in the next snapshots. Kristof Provost
04:40 PM pfSense Packages Bug #14287: pfBlockerNG does not uninstall cleanly when using RAM disks: 23.01 is the current stable release for my Netgate 3100
Version 23.01-RELEASE (arm)
built on Fri Feb 10 20:06:58... Loh Phat
04:33 PM pfSense Docs Todo #14234 (Waiting on Merge): Update Packet Capture docs to reflect the new GUI: Docs still need to be updated given the commit/MR was reverted with 38d3b819cfa131a94ae5b90b96e76c3b2e583fb9. Marcos M
08:40 AM pfSense Packages Bug #14315: Routes are not exposed on Tailscale when an empty route entry exists in the GUI: Tested on 23.01 and I can confirm that. aleksei prokofiev
08:33 AM Bug #14325: Captive Portal incorrectly allows leading zeroes on voucher roll numbers: I've tested on 23.01 and can confirm that. aleksei prokofiev
03:45 AM Bug #14248: Static routes to monitor IP disappears if you set a gateway group as a default gateway.: also unable to replicate this condition in multi-wan environment Jordan G
03:10 AM Bug #13915: PHP errors when re-running Traffic Shaper Wizards with different settings: not seeing any php errors so far when utilizing the traffic shaping wizard or manipulating bandwidth settings after i... Jordan G
02:38 AM Bug #14328 (Duplicate): HA XMLRPC Sync between 1100s can cause errors with Virtual IP Sync: Duplicate of #14034, already solved and in system patches. Jim Pingle
01:17 AM Bug #14328: HA XMLRPC Sync between 1100s can cause errors with Virtual IP Sync: Setup two 1100s with stock 23.01 and configured them with OPT as the SYNC port. Tested this and was unable to reprod... Kris Phillips
01:00 AM Bug #14328 (Duplicate): HA XMLRPC Sync between 1100s can cause errors with Virtual IP Sync: All XMLRPC sync options work fine until you choose "Virtual IP" and then the secondary will get the following crash r... Kris Phillips

04/29/2023

10:32 PM pfSense Packages Bug #14287: pfBlockerNG does not uninstall cleanly when using RAM disks: How did you arrive at 23.01, from a previous CE or Plus version?
I'm not able to reproduce this on a 23.01 Plus inst... Chris W
07:21 PM pfSense Packages Bug #12705: IPsec Profile Wizard/Apple: IKEv2 VPN with ECDSA server certificate does not connect using generated profile: Tested on the MacOS Monterey, Version 12.6.3.
I defined certs on pfSense using ECDSA instead of RSA. IPsec Authe... Danilo Zrenjanin
06:00 PM Regression #14327 (Resolved): Gateway popup in firewall rule list does not indicate current gateway status: Hovering a Gateway Group, defined in a Firewall Rule, shows the gateways participating in the group. However, the gat... Danilo Zrenjanin
04:06 PM pfSense Packages Bug #14326 (Rejected): RRD Summary 2.0_2 is not showing any data: Tested on 22.01, 22.05 and 23.01 - all with RRD Summary version 2.0_2
During several weeks I tried but RRD Summary... Azamat Khakimyanov
04:03 PM pfSense Packages Bug #11563: BIND GUI writes TXT records > 255 characters: It seems a bit outdated but I am currently working on a fix for that.
It just needs some testing.
https://github.com... Andreas Pross
03:16 PM pfSense Plus Feature #14308: Support for Ethernet (L2) filtering rules: Tested on an ATT connection. 802.1X traffic passed with the new filtering rules perfectly and without incident. See... Kris Phillips
03:13 PM pfSense Packages Todo #12865 (Resolved): RRD Summary improvements: Tested on 23.01
I saw correct time period and interface names with 'OPTx' in brackets.
I marked this ToDo as ... Azamat Khakimyanov
03:11 PM Regression #12821: Intel e1000 driver (``em``, ``igb``) cannot pass packets tagged with VLAN ``0``: I can confirm this issue is still present in 23.05. When testing the Ethernet filtering rules in 23.05, it was neces... Kris Phillips
10:33 AM pfSense Packages Bug #13878 (Resolved): IPsec Profile Wizard/Apple: Generated profile does not contain the correct ``AuthenticationMethod`` for IKEv2 EAP configurations: Danilo Zrenjanin
10:33 AM pfSense Packages Bug #13878: IPsec Profile Wizard/Apple: Generated profile does not contain the correct ``AuthenticationMethod`` for IKEv2 EAP configurations: Tested on: ... Danilo Zrenjanin
07:12 AM Bug #14325 (Resolved): Captive Portal incorrectly allows leading zeroes on voucher roll numbers: If you will create the Voucher roll with the number "000" or "0001" the system will allow you to create a such roll, ... Lev Prokofev
12:49 AM pfSense Plus Feature #14323 (Resolved): Print ZFS Boot Environment status in console menu banner: Tested on... Christopher Cope

04/28/2023

05:03 PM Regression #14322: CARP password is not being respected on 23.05 snapshots: https://reviews.freebsd.org/D39874 has the fix(es). I'll give melifaro@ a few days to look at the netlink bits. Kristof Provost
04:48 PM Regression #14322 (In Progress): CARP password is not being respected on 23.05 snapshots: Kristof is looking into this. He says it's actually two separate problems (the password behavior, and printing out th... Jim Pingle
01:08 PM Regression #14322 (Resolved): CARP password is not being respected on 23.05 snapshots: On pfSense Plus 23.01, Plus 23.05 snapshots, and CE 2.7.0 snapshots, it appears that the CARP password is not being r... Jim Pingle
04:46 PM Feature #13382: Packet Capture GUI with granular control: Latest code looks better to me. I can filter using the top set of options and it doesn't grab more than I asked for.
... Jim Pingle
03:09 PM Feature #13382 (Feedback): Packet Capture GUI with granular control: MRs merged, ready to be tested again.
Jim Pingle
03:16 PM pfSense Plus Feature #14323: Print ZFS Boot Environment status in console menu banner: Updating subject for release notes. Jim Pingle
02:53 PM pfSense Plus Feature #14323 (Resolved): Print ZFS Boot Environment status in console menu banner: Christian McDonald
03:14 PM Bug #13915: PHP errors when re-running Traffic Shaper Wizards with different settings: Updating subject for release notes. Jim Pingle
03:12 PM pfSense Plus Feature #14308: Support for Ethernet (L2) filtering rules: Updating subject for release notes. Jim Pingle
03:11 PM Bug #14035: PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded: Updating subject for release notes. Jim Pingle
03:11 PM pfSense Packages Feature #14324 (New): pfBlockerNG to use geoLite "country" instead of "registered_country": Hello,
Explanations here: https://forum.netgate.com/topic/179567/country-vs-registered-country/4?_=1682682466761
... Pierre Chopot
03:10 PM Bug #13014: Deadlock in Charon VICI interface: Updating subject for release notes. Jim Pingle
02:28 PM pfSense Packages Feature #11719: ACME - Create script for DNSExit API: After a few years updating TXT records manually every 2 months I finally could (with the help of chat gpt) setup my c... drun kly
12:34 PM pfSense Packages Feature #14321 (Closed): Add UPS information to LCDproc screen: Hi,
I'd like to add a new screen to LCDproc that reads the UPS information from NUT.
Should show the current U... Geo Rou
12:34 PM pfSense Plus Regression #14320 (Feedback): ``ifconfig -a`` prints CARP information for interfaces that do not have CARP configured: The fix has been pushed upstream and merged into our branched. It'll be in the next snapshots.
The issue was that ... Kristof Provost
06:50 AM Todo #14209: Update Time Zone data to 2023c or later: Jim Pingle wrote in #note-2:
> Updating subject for release notes.
hi again,
as the release of 2.7 still taking ... khaled osama

04/27/2023

09:26 PM Revision 43efba01: Use new utility function for ethertype, use correct operator, and remove redundant code. Fix #13382: Marcos M
09:17 PM Revision e8a7e86c: Expose new utility function to validate ethertype. redmine #14308: Marcos M
07:12 PM Revision 41b33b17: refactor is_module_loaded to first check by module name, then by file name: Christian McDonald
05:18 PM Bug #14055 (Resolved): Traffic shaped by limiters is dropped when routed to a GIF gateway: Works on 23.05.a.20230427.0208, thanks! Marcos M
05:11 PM Bug #14301: Input validation error when saving IGMP Proxy settings: Jim Pingle wrote in #note-1:
> Can this be reproduced on 23.05? Are you sure this isn't the same problem as #13929 ?... Kris Phillips
04:48 PM Feature #13382 (Pull Request Review): Packet Capture GUI with granular control: Thanks! https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1032/diffs addresses that issue. This worked with... Marcos M
02:40 PM Feature #13382 (New): Packet Capture GUI with granular control: There seems to be an issue with the logic on the page now. If you only want to filter based on the top section of cus... Jim Pingle
02:30 PM Revision d9fb30c4: Corrections for shaper wizards. Fixes #13915: * Fix many inconsistencies in formatting between the wizards
* Fix a few potential bugs in both (changes made to one ... Jim Pingle
02:29 PM pfSense Plus Regression #14320: ``ifconfig -a`` prints CARP information for interfaces that do not have CARP configured: Just to note, this only happens on 23.05 snapshots so it is likely related to unicast CARP changes. Jim Pingle
02:28 PM pfSense Plus Regression #14320 (Resolved): ``ifconfig -a`` prints CARP information for interfaces that do not have CARP configured: On a system with five interfaces configured, I have CARP VIPs on two of them (vtnet0, vtnet1) and yet @ifconfig -a@ p... Jim Pingle
01:56 PM Revision fd30ce6a: refactor format_number and eliminate trailing space on unitless numbers: Christian McDonald
01:42 PM Bug #2218 (Confirmed): CARP VIPs can become master too early at boot time: Steve Wheeler
12:21 PM pfSense Plus Bug #14319 (Rejected): PHP Fatal error bytes exhausted guiconfig.in: Not enough information here for a valid bug report. This site is not for support or diagnostic discussion.
For ass... Jim Pingle
12:20 PM pfSense Plus Bug #14319 (Rejected): PHP Fatal error bytes exhausted guiconfig.in: Crash report begins. Anonymous machine information:
amd64
14.0-CURRENT
FreeBSD 14.0-CURRENT #0 plus-RELENG_23_0... Michael Pelley
11:19 AM pfSense Plus Feature #14308 (Feedback): Support for Ethernet (L2) filtering rules: MR was merged, it's in snapshots for testing. Jim Pingle
10:52 AM Bug #14061 (Resolved): PHP error if a non-privileged shell user attempts an operation which needs to write ``config.cache``: Jim Pingle
10:36 AM Feature #13416: Change gateway monitoring actions default to "disabled": This seems like a good idea. The cost of running the gateway alarm event on a single WAN system far outweighs any ben... Steve Wheeler
10:28 AM pfSense Docs New Content #14318 (Resolved): Add docs for Unicast CARP (Plus only): Unicast CARP was added to Plus recently and needs documentation:
* New option on CARP VIP config to pick Multicast... Jim Pingle
10:16 AM pfSense Docs New Content #14317 (Resolved): Add docs for Ethernet Filtering (Plus Only): Ethernet/L2 filtering was added to Plus in #14308 and needs documentation.
A few notable items:
* Plus only fea... Jim Pingle
09:40 AM Bug #13915 (Feedback): PHP errors when re-running Traffic Shaper Wizards with different settings: Applied in changeset commit:d9fb30c4179deccad54c8869537c93efd41b97aa. Jim Pingle
07:32 AM Bug #13915 (In Progress): PHP errors when re-running Traffic Shaper Wizards with different settings: Reviewing the files again this morning I spotted a couple potential problems still, will have a follow-up commit comi... Jim Pingle
02:01 AM Bug #13915: PHP errors when re-running Traffic Shaper Wizards with different settings: Jim Pingle wrote in #note-16:
> Will let this soak in snapshots over the weekend and if things are OK I'll look in... Stefan Weichinger
09:10 AM Regression #14316: Filter/NAT rules configured with "No XMLRPC Sync" enabled are still synchronized: This applies in both 23.01 and 23.05. Steve Wheeler
08:31 AM Regression #14316 (Resolved): Filter/NAT rules configured with "No XMLRPC Sync" enabled are still synchronized: Christian McDonald

04/26/2023

10:05 PM Revision 04491654: Load if_gif if needed when creating a gif interface. Fixes #14035: Reid Linnemann
07:44 PM Revision c966d0cc: PHP 8 fixes in Dedicated Links Shaper Wizard. Fixes #13915: While here, clean up some formatting. Jim Pingle
05:16 PM Revision 1c6665b0: PHP 8 fixes in Multi-All Shaper Wizard. Issue #13915: While here, clean up some formatting. Jim Pingle
05:15 PM Bug #14035 (Feedback): PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded: Applied in changeset commit:0449165411edfa1aaa37ca6f6dae5b9c56604c92. Reid Linnemann
12:33 PM Bug #14035 (Confirmed): PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded: This is closer but not enough, the module isn't automatically loaded when creating the GIF with pfSense_interface_cre... Reid Linnemann
01:12 AM Bug #14035 (Feedback): PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded: Since MODULES_OVERRIDE was fixed in crossbuild at on 3 March 2023, all modules are no longer being built and included... Reid Linnemann
05:12 PM pfSense Plus Regression #14137: pfSense Plus Upgrade repo data remains on the system after upgradng: aleksei prokofiev wrote in #note-1:
> Also, if package manager unavailable, may help next solution
> Check and then... Gabriel Zellmer
02:47 PM Bug #13915 (Feedback): PHP errors when re-running Traffic Shaper Wizards with different settings: commit:c966d0cc68fde98c305ea48aee14c254b8cd207a addresses issues in the dedicated links wizard.
I did some light t... Jim Pingle
12:18 PM Bug #13915: PHP errors when re-running Traffic Shaper Wizards with different settings: I just pushed commit:1c6665b003bc7ac9a7c558e5d93aa2f0dd774c18 which will show up shortly. It addresses the PHP issues... Jim Pingle
09:41 AM Bug #13915 (In Progress): PHP errors when re-running Traffic Shaper Wizards with different settings: Jim Pingle
12:50 PM pfSense Packages Bug #14315 (Resolved): Routes are not exposed on Tailscale when an empty route entry exists in the GUI: In the Tailscale package settings, if an empty entry exists for @Advertised Routes@, no routes will be exposed to the... Marcos M
10:15 AM Bug #14055 (Feedback): Traffic shaped by limiters is dropped when routed to a GIF gateway: I've pushed a slightly simplified version of this patch upstream and to our branched. This should be fixed in the nex... Kristof Provost
07:32 AM pfSense Packages Feature #14311 (Rejected): Widget for System -> Patches: Given the personal and custom nature of patches this is not viable. Not everyone will apply every patch, since not ev... Jim Pingle
07:27 AM Feature #14310 (Duplicate): Policy test: Duplicate of #2771 Jim Pingle
07:24 AM Bug #14313 (Feedback): Unable to create nested URL table aliases: It's possible the docs are wrong. The nesting was added not too long ago (~1yr) and I recently updated the docs (#122... Jim Pingle
05:22 AM Bug #14313 (Assigned): Unable to create nested URL table aliases: In docs there is a phrase:
_"URL table aliases can nest other URL table aliases, and URL aliases can nest other URL ... Azamat Khakimyanov
07:02 AM Revision ddf9d1e1: Fix MSS clamping for IPsec IPv6 VPNs: The definition of vpn_networks did not include the IPsec IPv6 pool.
Signed-off-by: Richard Laager <rlaager@wiktel.com> Richard Laager
06:13 AM pfSense Packages Feature #14314 (Pull Request Review): Keep DDNS entries on config change: Each time the BIND config is changed, all DDNS entries in all master zones are lost because the zone.db is overwritte... Andreas Pross
03:46 AM Bug #13014 (Feedback): Deadlock in Charon VICI interface: I've merged the fix to the relevant branches. It will be present in tomorrow's CE and plus snapshots. Kristof Provost
02:09 AM Bug #14312: MSS clamping on VPN traffic does not work on IPsec IPv6 mobile VPNs: https://github.com/pfsense/pfsense/pull/4634 Richard Laager
02:09 AM Bug #14312 (Resolved): MSS clamping on VPN traffic does not work on IPsec IPv6 mobile VPNs: Steps to reproduce:
1. Configure a mobile IPsec VPN with an IPv6 pool.
2. In System -> Advanced -> Firewall & NAT, ... Richard Laager

04/25/2023

05:39 PM pfSense Packages Feature #14311 (Rejected): Widget for System -> Patches: I have the System_Patches package installed. There is no notification of updates.
It would be nice to have a notifi... William Liporace
05:23 PM Bug #14035 (Confirmed): PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded: I'm hitting this on a clean(ish) 23.05 armv7 install. Full log shows more errors:... Steve Wheeler
04:26 PM pfSense Plus Feature #14308 (Pull Request Review): Support for Ethernet (L2) filtering rules: https://gitlab.netgate.com/pfSense/factory/-/merge_requests/102 Christian McDonald
12:27 PM pfSense Plus Feature #14308 (Resolved): Support for Ethernet (L2) filtering rules: Christian McDonald
03:25 PM Feature #14310 (Duplicate): Policy test: Probably useful for those who have a lengthy ruleset.
Have a policy test rule option where an admin can put in a So... Mike Moore
02:57 PM pfSense Docs Correction #13921 (Closed): OpenVPN Monitoring Docs need updated: Done: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/001d6d1bd85b1004ced30a5a0b28952cd38acf3e Jim Pingle
12:34 PM pfSense Docs Correction #13921 (In Progress): OpenVPN Monitoring Docs need updated: Jim Pingle
02:37 PM Bug #13014: Deadlock in Charon VICI interface: Hey Kristof, I have not had the issue recur at all. Seems like it's fixed to me! Thank you for keeping up with it. David Vazquez
11:54 AM Bug #13014: Deadlock in Charon VICI interface: Hi David, did you see the issue recur? It'd be very nice to have confirmation so we can land this (and upstream stron... Kristof Provost
02:19 PM Bug #14055 (In Progress): Traffic shaped by limiters is dropped when routed to a GIF gateway: Jim Pingle
01:40 PM Bug #14055: Traffic shaped by limiters is dropped when routed to a GIF gateway: I've been able to reproduce it (with a floating rule so locally ordinated traffic hits the route-to rule).
The iss... Kristof Provost
12:51 PM pfSense Docs New Content #14309 (Closed): UDP Broadcast Relay package: Add documentation for the new package UDP Broadcast Relay: https://redmine.pfsense.org/issues/10818
Reference: htt... Marcos M
12:45 PM pfSense Packages Bug #14287: pfBlockerNG does not uninstall cleanly when using RAM disks: Correction, I applied the patch at https://redmine.pfsense.org/issues/14230 and it didn't help. I know it's a differ... Loh Phat
12:28 PM pfSense Docs New Content #13941 (Resolved): Memory usage in pfSense: Looks great. Marcos M
10:21 AM pfSense Plus Regression #14235 (Resolved): Undersized CESA TDMA descriptor pools can be exhausted, leading to errors: Christian McDonald
10:20 AM pfSense Plus Bug #14204 (Resolved): System Information Dashboard widget stops showing CPU details on aarch64: Christian McDonald
10:18 AM pfSense Plus Feature #14293 (Resolved): Package plugin hook for pf Ethernet rules: Currently no consumers of this feature, but it's simple enough that it should work. Christian McDonald
10:18 AM pfSense Plus Feature #13511 (Resolved): Priority Code Point (PCP) option on interface configuration: This seems to work as expected. Christian McDonald
10:17 AM pfSense Plus Bug #13348: Error when deleting ZFS Boot Environment created from duplicate of non-default entry: Going to punt this to 23.09. Bigger fish to fry for 23.05 release. Christian McDonald
09:48 AM pfSense Docs New Content #11714 (Closed): Add section about the correct addresses to use for failover peers when Troubleshooting High Availability DHCP Failover: Added, along with another missing potential failure point (firewall rules): https://gitlab.netgate.com/docs/pfSense-d... Jim Pingle
07:56 AM pfSense Docs New Content #12565 (Closed): Document new "Duplicate Connection Limit" option on OpenVPN server instances: Added a while back: https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/configure-server-tunnel.html#duplicate-con... Jim Pingle
07:14 AM Bug #13003 (Feedback): Malicious Driver Detection event on ``ixl(4)`` driver: Jim Pingle
04:52 AM Bug #13003 (Ready To Test): Malicious Driver Detection event on ``ixl(4)`` driver: As we've not been able to reproduce this issue the best we can do (and have done) for now is to disable the malicious... Kristof Provost

04/24/2023

10:34 PM Regression #14305: Boot loader is not updated during upgrade from pfSense CE 2.6 to 2.7: To work around the issue:
# After the first reboot when it fails to boot, use option 6 to boot with @kernel.old@
# ... Marcos M
08:03 PM Regression #14305: Boot loader is not updated during upgrade from pfSense CE 2.6 to 2.7: Further testing:
* Issue occurs when updating from CE 2.6 to 2.7 (tested @2.7.0.a.20230424.0600@) using Gen2/UEFI.
... Marcos M
02:30 PM Regression #14305: Boot loader is not updated during upgrade from pfSense CE 2.6 to 2.7: This appears to be a UEFI issue. Everything legacy I have tested upgraded OK but UEFI systems hang at the frame buffer. Steve Wheeler
10:50 AM Regression #14305 (Confirmed): Boot loader is not updated during upgrade from pfSense CE 2.6 to 2.7: Reproduced on Windows 11 Hyper-V after upgrading a fresh Gen2 ZFS install of 2.6. Marcos M
09:55 AM Regression #14305 (Resolved): Boot loader is not updated during upgrade from pfSense CE 2.6 to 2.7: Trying to upgrade to 2.7dev from 2.6 results in a failed boot.
Appears to be kernel or driver related as hitting 6... Steve Gladden
09:10 PM pfSense Plus Bug #13875 (Duplicate): Boot after upgrade form 22.05 to 23.01 hangs: This looks like the issue reported here which is fixed for 23.05: https://redmine.pfsense.org/issues/13895 Marcos M
05:30 PM pfSense Plus Bug #13875: Boot after upgrade form 22.05 to 23.01 hangs: I'm also experiencing this issue @jimp. Host OS is Hyper-V 2022.
This post on reddit summarizes the issue exactl... Travis McMurry
07:34 PM pfSense Plus Regression #13895 (Feedback): Early boot hangs on Hyper-V with Gen2 VMs: Marcos M
07:26 PM pfSense Plus Regression #13895: Early boot hangs on Hyper-V with Gen2 VMs: For reference:
Early boot hang fixes which resolve serial console issues in Azure/Hyper-V
https://github.com/pfsense... Marcos M
06:42 PM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions: Thanks. I submitted a PR that addresses the issue. Denny Page
03:09 PM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions: How to properly send notifications from nut is not a topic for this Redmine. Feel free to discuss it more on the foru... Jim Pingle
02:50 PM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions: Hmm... "the times it happened to work were purely by chance" seems quite a bit overstated. It seems to be rather the ... Denny Page
10:39 AM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions: They absolutely *did not* work correctly (hence this bug). They failed in new/different ways on 23.01 but they also f... Jim Pingle
10:32 AM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions: Given that non-root package notifications worked previously, I think users are going to perceive this as a regression... Denny Page
07:26 AM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions: That's not a problem we can solve here. Somehow the unprivileged process would have to submit a message into the queu... Jim Pingle
06:10 PM Bug #13915: PHP errors when re-running Traffic Shaper Wizards with different settings: Thank you for whatever you can do - I hope this makes it into a Patch update soon, because I miss this feature dearly. Drew Saur
09:12 AM Bug #13915: PHP errors when re-running Traffic Shaper Wizards with different settings: Looking at the code (traffic_shaper_wizard_multi_all.inc:773) and nearby if tests the various step numbers use:
<p... Steve Y
07:36 AM Bug #13915: PHP errors when re-running Traffic Shaper Wizards with different settings: Also getting the same issue with a slight variation of the error.
Fatal error: Uncaught TypeError: Cannot access off... David Askew
07:20 AM Bug #13915: PHP errors when re-running Traffic Shaper Wizards with different settings: There are also similar errors in the dedicated links shaper wizard, not just the multiple lan/wan wizard. See duplica... Jim Pingle
04:58 PM pfSense Packages Feature #10818 (Feedback): UDP Broadcast Relay: The package is now available for dev snapshots (currently 23.05/2.7). Marcos M
03:09 PM Todo #14307 (Resolved): Update miniupnpd to 2.3.3: pfSense: @2.2.1_1,1@ (equivalent of @2.2.1@) https://github.com/pfsense/FreeBSD-ports/tree/devel/net/miniupnpd
Main:... Marcos M
03:06 PM Regression #14306: Pfsense CE 2.6.0 installation fails: Jim Pingle wrote in #note-1:
> This is almost certainly an issue with your hardware EFI/BIOS and not a bug in pfSense... greg besack
02:45 PM Regression #14306 (Not a Bug): Pfsense CE 2.6.0 installation fails: This is almost certainly an issue with your hardware EFI/BIOS and not a bug in pfSense. Jim Pingle
01:38 PM Regression #14306 (Not a Bug): Pfsense CE 2.6.0 installation fails: Running the AMD64 USB Memstick installer with VGA console.
Performed a zfs guided install to a mirror on 1 m.2 sata... greg besack
09:20 AM Todo #14304 (Rejected): please upgrade openvpn to 2.6.3: That will happen naturally as we sync ports upstream for snapshots.
Past versions won't be updated. Jim Pingle
09:06 AM Todo #14304 (Rejected): please upgrade openvpn to 2.6.3: https://www.freshports.org/security/openvpn
security/openvpn: bugfix update to v2.6.3
For security repairs, pleas... yon Liu
07:17 AM Bug #14303 (Duplicate): Error when trying to setup traffic shaping: Duplicate of #13915 Jim Pingle
07:16 AM pfSense Packages Bug #14299: pfBlockerNG does not honor the cURL source interface setting for DNSBL lists: This morning I noticed the following:... Charles Hamilton
07:16 AM Bug #14301 (Feedback): Input validation error when saving IGMP Proxy settings: Can this be reproduced on 23.05? Are you sure this isn't the same problem as #13929 ? Jim Pingle
07:12 AM pfSense Plus Regression #14300 (Duplicate): Re: ``mmcsd0`` controller timeout/system hang on 1100: The previous issue (#14181) is closed because it's either solved on *23.05* or it's hardware. So either it's already ... Jim Pingle
07:09 AM Todo #13959 (Resolved): Trim blank characters from static IP address fields on the Interface configuration page: Jim Pingle

04/23/2023

05:03 PM Bug #14288 (Pull Request Review): Setting system DNS servers can incorrectly modify routes for interface addresses: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1029
This ignores route changes when the DNS IP addres... Marcos M
12:58 PM pfSense Packages Bug #14179: FreeRadius is active but in an inoperable state, switches to a generated freeradius-temp certificate upon restart: Hi Chris,
thanks for looking into this.
Yes I upgraded from 2.6.0 and the original version was probably somethi... name name
11:55 AM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions: Jim, I tested this patch and the end effect, at least for 23.01, is that non root notifications just silently fail.
... Denny Page
11:43 AM Bug #14303 (Duplicate): Error when trying to setup traffic shaping: I'm trying to setup some traffic shaping but after going through the wizard I get the following error:
Fatal error... David Askew
10:24 AM pfSense Packages Bug #14287: pfBlockerNG does not uninstall cleanly when using RAM disks: Related https://redmine.pfsense.org/issues/13817 Marcos M
10:02 AM pfSense Packages Bug #14287: pfBlockerNG does not uninstall cleanly when using RAM disks: Looks like a pfSense PHP 8 code issue.
{main} thrown in /etc/inc/config.lib.inc on line 928
PHP ERROR: Type: 1, Fi... BBcan177 .
08:50 AM pfSense Packages Bug #14287: pfBlockerNG does not uninstall cleanly when using RAM disks: Note that System Patches 2.2.1 is installed with all recommended patches applied. Loh Phat
08:36 AM pfSense Packages Bug #14287: pfBlockerNG does not uninstall cleanly when using RAM disks: Error when removing 3.2.0_4:... Loh Phat
10:22 AM Bug #14302 (Not a Bug): Automated Configuration Backup Failure: Sometimes the server is not reachable due to maintenance, however that error indicates there was a temporary issue wi... Marcos M
06:18 AM Bug #14302 (Not a Bug): Automated Configuration Backup Failure: I am getting a message that my backup is failing to upload to the Netgate servers (which I have it set to do after ev... P Davis

04/22/2023

09:48 PM pfSense Packages Bug #14287: pfBlockerNG does not uninstall cleanly when using RAM disks: If you update to the latest pfBlockerNG and then uninstall it with Keep Settings unchecked, does this still leave orp... Kris Phillips
09:41 PM pfSense Plus Regression #14300: Re: ``mmcsd0`` controller timeout/system hang on 1100: Typically these messages indicate eMMC controller or storage chip failure. It is unlikely to be a bug. Are you able... Kris Phillips
08:22 PM pfSense Plus Regression #14300 (Duplicate): Re: ``mmcsd0`` controller timeout/system hang on 1100: [the original issue is closed so I can no longer post to it!?!]
I'm still on 23.01, running my spare SG-1100, and ... Craig Leres
09:31 PM Bug #14301 (Resolved): Input validation error when saving IGMP Proxy settings: When attempting to add interfaces to IGMP Proxy or make any configuration changes, there is an error stating "There w... Kris Phillips
09:07 PM pfSense Packages Bug #14179: FreeRadius is active but in an inoperable state, switches to a generated freeradius-temp certificate upon restart: Steps taken to reproduce:
1. Install FreeRadius package into a virtual machine of 23.01
2. Configure FreeRadius with... Chris W
07:59 PM pfSense Plus Feature #14295 (Resolved): Promiscuous Mode option on interface configuration: Tested on... Christopher Cope
05:53 PM Feature #13382: Packet Capture GUI with granular control: 23.05.a.20230421.0022 packet capture has the updated interface with additional options but now also has the filter pr... Jordan G
05:33 PM pfSense Packages Bug #13632: tailscale does not survive reboot on pfsense with ram disk in use: tailscale v0.1.3 on 23.05.a.20230421.0022 in the package's settings provides a configurable field for state directory... Jordan G
04:02 AM pfSense Packages Bug #13632: tailscale does not survive reboot on pfsense with ram disk in use: The latest Tailscale version under available packages is 0.1.2.
v0.1.3 is not listed yet. Please check. Danilo Zrenjanin
03:58 PM Todo #13959: Trim blank characters from static IP address fields on the Interface configuration page: Looks good on 23.05.a.20230421.0022 - adding space(s) on the leading or trailing end of static IPv6 address in interf... Jordan G
05:38 AM pfSense Packages Bug #13936 (Resolved): PHP error from RRD Graphs when attempting a query a newly created empty database: Tested against:... Danilo Zrenjanin
04:38 AM pfSense Packages Bug #10900 (Not a Bug): /packages/backup/backup.php?a=download&t=backup HTTP 504, or Sends PHP Error Message as ASCII/Text file Named pfsense.bak.tgz: The References.7z file initially included indicates that the issue was with allocated PHP memory. ... Danilo Zrenjanin
04:17 AM pfSense Packages Bug #10936: both haproxy/haproxy-devel non-existent option lb-agent-chk: haproxy 0.61_9
Still has the lb-agent-chk listed as the check method. The needs to be removed.
Danilo Zrenjanin
02:42 AM Bug #13655 (Resolved): DNS Forwarder (``dnsmasq``) is using an invalid combination of options when "Query DNS servers sequentially" is enabled: Tested the patch against:... Danilo Zrenjanin
01:37 AM pfSense Packages Bug #13985: Telegraf error After Update PFSense to 23.01: @aleksei prokofiev, what dependent Telefraf Package have you? Marijan Kruljac
01:18 AM pfSense Packages Bug #13985: Telegraf error After Update PFSense to 23.01: Can't reproduce,
Installed 2.6 CE
Installed and configure Telegraf with influx DB
Upgraded to 23.01
no errors oc... Lev Prokofev
12:27 AM pfSense Plus Feature #14297: Add Option for Vendor Class ID in DHCP Client: With only option 60 there could be a caveat described here https://redmine.pfsense.org/issues/13279
You also need to... Lev Prokofev

04/21/2023

04:59 PM pfSense Plus Feature #14297: Add Option for Vendor Class ID in DHCP Client: It is possible to do this already using the Send Options field in the advanced dhcp client options.
However a sepa... Steve Wheeler
03:07 PM pfSense Plus Feature #14297 (New): Add Option for Vendor Class ID in DHCP Client: Some ISPs require a Vendor Class ID be sent (option 60) when requesting DHCP. This can currently be accomplished in ... Kris Phillips
04:20 PM pfSense Packages Bug #14299: pfBlockerNG does not honor the cURL source interface setting for DNSBL lists: More details:
https://redmine.pfsense.org/issues/12882#change-59903
The cURL interface can be specified via the... Charles Hamilton
04:02 PM pfSense Packages Bug #14299: pfBlockerNG does not honor the cURL source interface setting for DNSBL lists: Pull request: https://github.com/pfsense/FreeBSD-ports/pull/1251 Charles Hamilton
04:00 PM pfSense Packages Bug #14299 (Resolved): pfBlockerNG does not honor the cURL source interface setting for DNSBL lists: Pull request to fix the problem is on its way. Charles Hamilton
03:09 PM pfSense Docs Todo #14298 (Closed): Add documentation for vendor-class-identifier: If we add vendor-class-identifier to pfSense Plus's web interface like in #14297, we'll need documentation items adde... Kris Phillips
02:41 PM Bug #14182 (Closed): PHP error when XMLRPC client attempts to synchronize without any synchronization settings in the configuration: Those new errors wouldn't be related. Should we want to address those, they'd need to be in a separate issue for that... Jim Pingle
12:50 PM Bug #14182: PHP error when XMLRPC client attempts to synchronize without any synchronization settings in the configuration: tested on:
Version 23.01-RELEASE (amd64)
built on Fri Feb 10 20:06:33 UTC 2023
FreeBSD 14.0-CURRENT
unable to r... Georgiy Tyutyunnik
01:53 PM Revision 481e2b0d: Add pfSense-pkg-udpbroadcastrelay to poudriere_bulk: Christian McDonald
12:40 PM Bug #14296: 2.6 poor performance in hyper-v: "it doesn't work how I expect" isn't sufficient for a bug report. The forum is the correct place to discuss issues li... Jim Pingle
12:15 PM Bug #14296: 2.6 poor performance in hyper-v: William Warren wrote:
> i instlaled pfsense in server 2022 hyper-v
> when using 2.6 performance is very poort..lik... William Warren
12:13 PM Bug #14296 (Rejected): 2.6 poor performance in hyper-v: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
12:06 PM Bug #14296 (Rejected): 2.6 poor performance in hyper-v: i instlaled pfsense in server 2022 hyper-v
when using 2.6 performance is very poort..like 5 meghabits out of 240 av... William Warren
12:27 PM pfSense Plus Feature #14173: QAT driver does not attach to QAT virtual function devices passed through to VM on Xeon D-2146NT: Thank you for responding.
I'm aware of the hardware you are selling. Now that the next generation of Atom and Xeon... name name
11:06 AM pfSense Plus Feature #14173: QAT driver does not attach to QAT virtual function devices passed through to VM on Xeon D-2146NT: We make sure that QAT works on hardware we sell: C3000, C2000, and the add-on CPIC cards in the Netgate shop. Support... Jim Pingle
10:51 AM pfSense Plus Feature #14173: QAT driver does not attach to QAT virtual function devices passed through to VM on Xeon D-2146NT: I was informed by Intel that there will be no QAT support in FreeBSD 14.0 for any chips other than those belonging to... name name
09:19 AM pfSense Plus Feature #14295 (Resolved): Promiscuous Mode option on interface configuration: Christian McDonald
06:38 AM pfSense Packages Bug #13985: Telegraf error After Update PFSense to 23.01: I've tested on
23.01-RELEASE (amd64)
built on Fri Feb 10 20:06:33 UTC 2023
FreeBSD 14.0-CURRENT
I can't repro... aleksei prokofiev
03:55 AM Feature #14294 (Pull Request Review): Add option to disable update-optimization.: Add option to DHCP / DHCPv6 to disable update optimization for DDNS.
If DNS Server is loosing DDNS entries, for ex... Andreas Pross

04/20/2023

02:53 PM pfSense Plus Feature #13511: Priority Code Point (PCP) option on interface configuration: Updating subject for release notes. Jim Pingle
09:46 AM pfSense Plus Feature #13511 (Feedback): Priority Code Point (PCP) option on interface configuration: Christian McDonald
02:51 PM pfSense Plus Regression #14102: Console menu incorrectly shows option ``99`` on some ARMv7/ARM64 installations: Updating subject for release notes. Jim Pingle
08:12 AM pfSense Plus Regression #14102 (Resolved): Console menu incorrectly shows option ``99`` on some ARMv7/ARM64 installations: After the latest Plus commit for this issue from Luiz (d470b17c454abb59f48846d361a260191655f1fe) it appears to be OK ... Jim Pingle
11:27 AM pfSense Packages Bug #13985: Telegraf error After Update PFSense to 23.01: New knowledge, have installed the community version virtually.
The Telegraf Package Dependencies are different.
Comm... Marijan Kruljac
11:11 AM pfSense Plus Feature #14293: Package plugin hook for pf Ethernet rules: https://gitlab.netgate.com/pfSense/factory/-/commit/738ac108364a4abbcd2b6c918b34ff9e7511c7ca Christian McDonald
11:10 AM pfSense Plus Feature #14293 (Resolved): Package plugin hook for pf Ethernet rules: Packages can now add pf ether rules using the @<filter_rules_needed>package_rules</filter_rules_needed>@ mechanism.
... Christian McDonald
09:53 AM pfSense Plus Regression #14292 (Resolved): Status LEDs on the Netgate 1100 do not function properly: The 1100 status LED is created with a different name after the DTS change in 23.01.
It is now @/dev/led/led2@ and ... Jim Pingle
09:51 AM pfSense Plus Feature #14291 (Closed): Support for cryptographic acceleration using the Multi-Buffer Crypto for IPsec Library (IPsec-MB, IIMB): The kernel module for the Intel® Multi-Buffer Crypto for IPsec Library (a.k.a. IPsec-MB or IIMB) has been added in th... Jim Pingle
07:52 AM pfSense Plus Regression #14181 (Closed): ``mmcsd0`` controller timeout/system hang on 1100: Another update after another 2 weeks on 23.05 with my 1100, still have yet to see another timeout. It was happening f... Jim Pingle
06:14 AM Bug #14290 (Resolved): ICMPv6 Path MTU Discovery breaks with NPT: I have the following setup:
Tunnel via HE.net
Internal Prefix on LAN: 2001:db8:1::1/64
Routed /48 from HE: 2001:... Philip S

04/19/2023

04:24 PM Feature #14289 (Resolved): Enable ``@`` support for name.com in Dynamic DNS: Hello. I am on pfSense CE 2.6.0 and when I try to create or update a client record for the dynamic dns provider "name... Peter Scordamaglia
12:39 PM Revision d49f0945: Fix invalid pcap filters in some cases. Fixes #13382: Marcos M
10:56 AM pfSense Plus Feature #13511: Priority Code Point (PCP) option on interface configuration: This is ready to land: https://gitlab.netgate.com/pfSense/factory/-/merge_requests/99 Christian McDonald
10:56 AM pfSense Plus Feature #13511 (Pull Request Review): Priority Code Point (PCP) option on interface configuration: Christian McDonald
08:09 AM Bug #14288: Setting system DNS servers can incorrectly modify routes for interface addresses: This impacted quite a few users at the time. It should at least be documented. I would prefer to see a note on the Ge... Steve Wheeler
08:01 AM Bug #13014: Deadlock in Charon VICI interface: Kristof Provost wrote in #note-48:
> I've built that patch in a package for 23.01. Can someone who's been seeing thi... David Vazquez
07:45 AM Feature #13382 (Feedback): Packet Capture GUI with granular control: Applied in changeset commit:d49f09459f3c317d4e32d2c5a42131f48b1ca68d. Marcos M
07:39 AM Feature #13382 (Pull Request Review): Packet Capture GUI with granular control: Jim Pingle
06:22 AM Regression #14139 (Resolved): CARP announcement src MAC should be virtual MAC: Tested against: ... Danilo Zrenjanin
05:09 AM Bug #12079: Kernel panic when running IGMP Proxy: Sleeping thread owns a non-sleepable lock: Hey Arturo,
thank you for your patience
I wrote a highly experimental patch to sort it out, I don't know yet if... Mateusz Guzik
03:26 AM Bug #12079: Kernel panic when running IGMP Proxy: Sleeping thread owns a non-sleepable lock: Just had another hard crash. Had to reboot the system manually. Any news on this issue?
For the moment I have disab... Arturo de Vries
05:06 AM Bug #14083: Adding MSS and MTU values on a LAGG VLAN interface breaks connectivity: We had a customer complaining about similar behavior at Netgate 2100. However, I couldn't reproduce this behavior on ... Danilo Zrenjanin
03:36 AM Regression #14283 (Resolved): Nothing is logged through ``syslog`` if the configuration contains an empty ``<syslogd>`` section or if that section is not present: Tested the diff against:... Danilo Zrenjanin

04/18/2023

08:05 PM Bug #14288: Setting system DNS servers can incorrectly modify routes for interface addresses: Some related discussion:
https://forum.netgate.com/topic/162791/
The issue was introduced in 2.5.1 with https://redm... Marcos M
07:21 PM Bug #14288 (Resolved): Setting system DNS servers can incorrectly modify routes for interface addresses: Tested on 23.01
Using an address on @lo0@ (e.g. a localhost VIP or simply @127.0.0.1) as a DNS sever under System ... Marcos M
08:03 PM Bug #12078: DNS Resolution Behavior does not consider named when setting localhost: The following patch allows for the localhost DNS server to be added automatically when the DNS Resolution behavior is... Marcos M
03:57 PM pfSense Packages Bug #13632: tailscale does not survive reboot on pfsense with ram disk in use: And as promised:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=270921 Christian McDonald
03:39 PM pfSense Packages Bug #13632 (Feedback): tailscale does not survive reboot on pfsense with ram disk in use: @v0.1.3@ includes migration code that will move the state file from @/var/db/tailscale/tailscale.state@ to a location... Christian McDonald
11:00 AM pfSense Packages Bug #13632 (In Progress): tailscale does not survive reboot on pfsense with ram disk in use: Looking at this.
First I need to expose the --statedir tailscaled option to the rc script (and upstream it). I'm t... Christian McDonald
01:31 PM pfSense Docs Todo #14234 (Feedback): Update Packet Capture docs to reflect the new GUI: I reorganized things a bit after merging the docs changes and filled in a little more info: https://gitlab.netgate.co... Jim Pingle
12:56 PM pfSense Packages Bug #14287 (Resolved): pfBlockerNG does not uninstall cleanly when using RAM disks: UNchecking "keep config" and then trying to remove the 3.2.0_3 package results in PHP error.
Other user reports th... Loh Phat
12:45 PM Regression #14217: IPsec Phase 2 rekey failures with some PFS key groups: Also working well here as well. Rekey happened on schedule and traffic continued to pass, where before it had failed:
Jim Pingle
12:16 PM Regression #14217 (Resolved): IPsec Phase 2 rekey failures with some PFS key groups: Confirmed this is rekeying as expected using PFS key group 18 in todays CE snnapshot: 2.7.0.a.20230418.0600... Steve Wheeler
08:21 AM Bug #14285 (Bogus): Fatal trap 12: page fault while in kernel mode: You are running a very old build. Please update. Christian McDonald
05:13 AM Bug #14285 (Bogus): Fatal trap 12: page fault while in kernel mode: Been using system for years and suddenly page fault error causing reboot it seems - during very low load/low traffic ... Ole Nielsen
04:53 AM Revision 4c8844e3: rc.carpmaster: remove openlog() call which changes php-fpm log facility: In commit 0eae38cd2511e304c4660f8aeead751564f9dfc9, this call was added
alongside other changes to the rc.carpmaster ... Reid Linnemann
04:25 AM Bug #14031: Identical SMTP notifications repeat in an infinite loop under certain conditions: Tested on 23.01
I was able to reproduce this issue.
After applying c5faa351c1ef6d4555478a7f50b3a16ece7e0b2a, the iss... Azamat Khakimyanov

04/17/2023

06:55 PM pfSense Packages Bug #11054: Check Client Certificate CN not working as described: pfSense CE @2.6.0@
FreeRADIUS package version @0.15.7_33@
As of April 2023, I was able to recreate this issue on acc... Greg Maub
06:19 PM Revision 11d14d62: Remove invalid syslog test. Fixes #14283: Having an empty syslog config section is valid, as is not having a
section at all. We should always generate the conf... Jim Pingle
04:04 PM Feature #13382: Packet Capture GUI with granular control: Alhusein Zawi wrote in #note-30:
> Is there way to keep/add the classic view of the packet capture ?
> in many case... Marcos M
08:55 AM Feature #13382 (Feedback): Packet Capture GUI with granular control: Applied in changeset commit:0d9f5d520a886769bcbd8929db98e53a6623f569. Marcos M
08:47 AM Feature #13382 (Pull Request Review): Packet Capture GUI with granular control: Jim Pingle
03:55 PM Bug #9353: PHPSession errors from limited access to dashboard and widgets: This also happens when a session times out and the user tried to access a page which triggers the general "no permiss... Marcos M
03:03 PM Bug #12747: Restarting the logging daemon during rotation also restarts ``sshguard``, leading to frequent log messages: Unfortunately a lot of this is out of our control as we are at the mercy of what sshguard supports. Not saying we won... Jim Pingle
02:55 PM Bug #12747: Restarting the logging daemon during rotation also restarts ``sshguard``, leading to frequent log messages: Still an issue in 23.01. Suggestions:
1. Stop logging the stop and start. I can't see how this is useful.
2. Make ... Mitch Claborn
02:55 PM pfSense Plus Bug #13497: unbound process looks like stuck periodically: Yaroslav Semenenko wrote:
> Hello,
>
> I have Netgate 2100.
> Unbound service is needed to restart sometimes due... Ketul Patel
02:04 PM pfSense Packages Bug #14284 (Incomplete): Wen changing frontend type, there will be invissible leftovers, disturbing defining the new type: During my trails to setup HA-proxy, I irregularly met a situation where I did not know which frontend type to use.
S... Louis B
01:43 PM Regression #14283: Nothing is logged through ``syslog`` if the configuration contains an empty ``<syslogd>`` section or if that section is not present: The code in this area is slightly different in plus which makes generating a patch more difficult. In the interest of... Jim Pingle
01:30 PM Regression #14283 (Feedback): Nothing is logged through ``syslog`` if the configuration contains an empty ``<syslogd>`` section or if that section is not present: Applied in changeset commit:11d14d628f333ed9b856a68630bfffa635de44f4. Jim Pingle
11:14 AM Regression #14283: Nothing is logged through ``syslog`` if the configuration contains an empty ``<syslogd>`` section or if that section is not present: In source:src/etc/inc/syslog.inc#L216 it checks for an empty syslog section which isn't really a valid test. Before t... Jim Pingle
10:56 AM Regression #14283 (Resolved): Nothing is logged through ``syslog`` if the configuration contains an empty ``<syslogd>`` section or if that section is not present: /var/etc/syslog.d empty. Nothing is being logged to /var/log files.
Possibly related to #13446 src/etc/inc/syslog.... Chris Linstruth
10:44 AM pfSense Plus Regression #14235: Undersized CESA TDMA descriptor pools can be exhausted, leading to errors: Updating subject for release notes. Jim Pingle
10:40 AM Todo #14209: Update Time Zone data to 2023c or later: Updating subject for release notes. Jim Pingle
10:39 AM Bug #14182: PHP error when XMLRPC client attempts to synchronize without any synchronization settings in the configuration: Updating subject for release notes. Jim Pingle
10:38 AM Bug #14034: PHP errors in ``xmlrpc.php`` during configuration synchronization if the target host has an empty XML tag for a given section: Updating subject for release notes. Jim Pingle
10:37 AM Feature #14050: Support for ``iwlwifi`` wireless interfaces: Updating subject for release notes. Jim Pingle
10:36 AM Todo #13702: Replace direct config accesses in ``system_advanced_sysctl``: Updating subject for release notes. Jim Pingle
10:35 AM Todo #13701: Replace direct config accesses for the rest of the paths in ``system_advanced_admin.inc``: Updating subject for release notes. Jim Pingle
10:35 AM Bug #13908: Firewall rules are not reloaded when removing a VIP, outdated rules/entries remain active: Updating subject for release notes. Jim Pingle
10:34 AM Bug #14045: ``pfSense-boot`` can fail to copy the EFI bootloader: Updating subject for release notes. Jim Pingle
10:32 AM Regression #13942: PHP error on ``status_logs_settings.php`` if the configuration contains an empty ``syslog`` section: Updating subject for release notes. Jim Pingle
10:31 AM Todo #14250: Update firewall host and domain fields in the Setup Wizard to match the description and warning text from ``system.php``: Updating subject for release notes. Jim Pingle
10:29 AM Bug #14136: Services Status page and Dashboard widget do not list the ``radvd`` service with certain static IPv6 configurations: Updating subject for release notes. Jim Pingle
10:27 AM Todo #14098: Match upstream changes in PF syntax to disable fragment disassembly: Updating subject for release notes. Jim Pingle
10:23 AM Regression #13962: PPP interfaces do not request DNS servers when "DNS Server Override" is enabled: Updating subject for release notes. Jim Pingle
10:22 AM Bug #14061: PHP error if a non-privileged shell user attempts an operation which needs to write ``config.cache``: Updating subject for release notes. Jim Pingle
10:20 AM Todo #14027: Update PHP to 8.2.6: Updating subject for release notes. Jim Pingle
10:20 AM Regression #14016: FreeBSD default ``cron`` jobs are enabled when they should be disabled: Updating subject for release notes. Jim Pingle
10:19 AM Bug #12947: Old IPv6 addresses may continue to be used after DHCP or RA changes: Jim Pingle wrote in #note-15:
> Still waiting on feedback from someone who can reproduce this to test against a 2.7.... David Myers
09:19 AM Bug #12947: Old IPv6 addresses may continue to be used after DHCP or RA changes: Still waiting on feedback from someone who can reproduce this to test against a 2.7.0 snap, 23.01 release, or a 23.05... Jim Pingle
10:19 AM Regression #13963: OpenVPN and GIF interface create/destroy operations fail due to outdated ``linker.hints``: Updating subject for release notes. Jim Pingle
09:13 AM Regression #13963 (Resolved): OpenVPN and GIF interface create/destroy operations fail due to outdated ``linker.hints``: This change is working well, numerous confirmations on the forum that it fixed the problem after applying it from the... Jim Pingle
10:17 AM Todo #14183: Update OpenVPN Wizard to match current certificate and OpenVPN options: Updating subject for release notes. Jim Pingle
10:15 AM Bug #13973: PHP error in ``gwlb.inc`` when OpenVPN or IPsec instances referred to by assigned interface entries are missing: Updating subject for release notes. Jim Pingle
10:12 AM Regression #13350: SSL/TLS OpenVPN Client fails with ``ifconfig`` error when the IPv4 Tunnel Network is defined: Updating subject for release notes. Jim Pingle
10:11 AM Bug #14036: PHP error when the ``timeserver`` section of the configuration is empty: Updating subject for release notes. Jim Pingle
10:10 AM Bug #14033: PHP error in NTP Server if the configuration contains a partial section of old ``openntpd`` settings: Updating subject for release notes. Jim Pingle
08:29 AM Bug #14033 (Resolved): PHP error in NTP Server if the configuration contains a partial section of old ``openntpd`` settings: Jim Pingle
10:08 AM Regression #13999 (Resolved): PHP error in NTP widget and status with GPS data: No crashes on current snapshots with a GPS-enabled NTP config. Both widget and status page show GPS data and link to ... Jim Pingle
10:06 AM Feature #12464: Option to control log level of authentication messages in system logs ("Emergency" vs "Notice" level): Updating subject for release notes. Jim Pingle
04:08 AM Feature #12464 (Resolved): Option to control log level of authentication messages in system logs ("Emergency" vs "Notice" level): Tested on 22.05 (built on Fri Apr 07 01:20:44 UTC 2023).
There is 'GUI login messages' option available in /System... Azamat Khakimyanov
10:03 AM Todo #13959: Trim blank characters from static IP address fields on the Interface configuration page: Updating subject for release notes. Jim Pingle
10:01 AM Todo #13492: Start ``rtsold`` immediately after ``dhcp6c`` sends a request: Updating subject for release notes. Jim Pingle
10:01 AM Bug #13939: IPv6 does not work on secondary PPPoE WAN: Updating subject for release notes. Jim Pingle
10:00 AM pfSense Plus Regression #13993: Switch ports on 7100/1100/2100 do not have Auto MDI-X support enabled: Updating subject for release notes. Jim Pingle
09:50 AM Feature #14255: Support for Intel PCH temperature values in thermal sensors: Updating subject for release notes. Jim Pingle
09:49 AM Bug #14176: Uptime displays plural seconds for multiple minutes in the System Information Dashboard widget: Updating subject for release notes. Jim Pingle
09:49 AM pfSense Plus Bug #14204: System Information Dashboard widget stops showing CPU details on aarch64: Updating subject for release notes. Jim Pingle
09:48 AM Bug #14115: DHCP Server page does not properly select a default interface tab if neither WAN nor LAN are capable of being DHCP servers: Updating subject for release notes. Jim Pingle
09:47 AM Regression #13983: Multiple PHP errors in the DHCP Server when the configuration contains an empty section for an interface: Updating subject for release notes. Jim Pingle
09:46 AM Todo #14188: Add note to inform the user that the "Next Certificate Serial" value is ignored when the "Randomize Serial" option is enabled: Updating subject for release notes. Jim Pingle
09:44 AM Bug #14124: Some blank SAN fields are not ignored when creating a certificate: Updating subject for release notes. Jim Pingle
09:43 AM Regression #14076: PHP error if the configuration has an empty Auto Configuration Backup section: Updating subject for release notes. Jim Pingle
09:42 AM Feature #14002: Option to enable/disable console bell, enabled by default: Changing this to a feature request. Even though it started as a way to address a regression, the change involved is a... Jim Pingle
09:29 AM Regression #14217 (Feedback): IPsec Phase 2 rekey failures with some PFS key groups: Jim Pingle
09:26 AM Regression #14217 (Ready To Test): IPsec Phase 2 rekey failures with some PFS key groups: Confirmed fixed with that change.
It'll be in the next CE and plus snapshots. Kristof Provost
08:13 AM Regression #14217: IPsec Phase 2 rekey failures with some PFS key groups: After a bit more digging I found that openssl_kdf.c's set_params() fails to set the salt with EVP_PKEY_CTX_add1_hkdf_... Kristof Provost
03:54 AM Regression #14217: IPsec Phase 2 rekey failures with some PFS key groups: I've started poking at this, and have been able to reproduce it. It still occurs on strongswan-5.9.10.
I've also d... Kristof Provost
09:18 AM Todo #14186 (Resolved): Improve DynDNS help text readability: If you can't patch it with that one alone there is likely some other change that needs applied first. There were seve... Jim Pingle
09:14 AM Bug #14031 (Resolved): Identical SMTP notifications repeat in an infinite loop under certain conditions: All signs point to this being solved. After patching, there have been no repeats. Jim Pingle
09:14 AM Todo #14011 (Resolved): Update memory graphs to account for changes in memory reporting: This all appears to be working as expected. It's also available in the system patches package and people have been ru... Jim Pingle
08:32 AM Bug #14278 (Rejected): pfsense Installation Documentation USB drive missing option: It's not clear what you mean here. What are you expecting to see that you don't see? There is no document for install... Jim Pingle
08:28 AM Bug #14277: Fatal error while restarting Unbound through SSH: A little follow-up here. The only way I can induce an error is to try running that command as a user without sufficie... Jim Pingle
03:43 AM Bug #14237: Intermittent packet loss related to DHCP with Multi-WAN: Uploading packet capture on ports 67 and 68 on WAN2 interface, pfSense reported 0.12% packet loss during 11:31:00 and... Nazar Mokrynskyi
03:32 AM Revision 0d9f5d52: Additional changes to new Packet Capture GUI. Implements #13382: Marcos M

04/16/2023

03:52 PM Bug #14278 (Rejected): pfsense Installation Documentation USB drive missing option: The pfsense documentation for installation on a USB drive is missing the option to select after rebooting without the... Stephanie Moses
03:21 PM Todo #14011: Update memory graphs to account for changes in memory reporting: OK cool. Chris Linstruth
11:47 AM pfSense Packages Bug #14153: default whitelist is not created: I was using pfBlockerNG-devel 3.2.0_3 but upgraded to pfBlockerNG-devel 3.2.0_4 and then checked my findings.
h2. ... Jon Brown
10:20 AM pfSense Packages Bug #14179: FreeRadius is active but in an inoperable state, switches to a generated freeradius-temp certificate upon restart: So after reading through the source code I found something that I thought was strange to even exist:... name name
09:46 AM pfSense Packages Bug #14179: FreeRadius is active but in an inoperable state, switches to a generated freeradius-temp certificate upon restart: Okay, now I've run into it again and discovered the following:
If the firewall has internet connectivity during co... name name
05:51 AM pfSense Plus Bug #13975: when assigning a vlan to wan interface configured mac address is not used: Hi Chris,
I've opened two tac cases (as I have a primary fw as a whitebox, and the sg-3100 as backup). I did a rec... Oscar Muntenaar
04:07 AM pfSense Packages Feature #14196: permitted firewall rules - additional text: * *Based on the text above this line, this is simply moving the rules from the one interface to a floating rule for... Jon Brown
03:17 AM pfSense Packages Bug #11797: Traffic Totals lost upon reboot when using a ramdisk for /var and /tmp: I'm experiencing this as well in pfSense @2.6.0 CE@ and Status_Traffic_Totals @2.3.2_2@ as of April 2023. Upon reboo... Greg Maub

04/15/2023

10:30 PM pfSense Packages Bug #14021: Squid ClamAV showing bytecode errors for version 334: This has resolved on its own and updates again. Jonathan Lee
10:29 PM pfSense Plus Bug #14106: arc4random: WARNING: initial seeding bypassed the cryptographic random device because it was not yet seeded and the knob 'bypass_before_seeding' was enabled.: Nothing has occurred that I can see. Tubi steaming service is having issues but that is not related. Jonathan Lee
09:27 PM pfSense Plus Bug #14106: arc4random: WARNING: initial seeding bypassed the cryptographic random device because it was not yet seeded and the knob 'bypass_before_seeding' was enabled.: Warning message appears to be expected. Do you have any issues as a result of this message? Kris Phillips
10:27 PM Bug #14033: PHP error in NTP Server if the configuration contains a partial section of old ``openntpd`` settings: no issues using or configuring NTP on aarch64 running 23.05.a.20230407.0116 Jordan G
09:22 PM Bug #14237: Intermittent packet loss related to DHCP with Multi-WAN: What does a packet capture on a WAN interface with a failed DHCP lease renewal look like?
This redmine is very v... Kris Phillips
09:15 PM pfSense Packages Bug #10692: PIMD starts twice at boot: double starting again with pfSense Plus 23.05.a.20230414.0600 and PIMD 0.0.3_6, at least it's self aware... Jordan G
09:14 PM pfSense Packages Feature #14196 (Incomplete): permitted firewall rules - additional text: Based on the text above this line, this is simply moving the rules from the one interface to a floating rule for mult... Kris Phillips
09:12 PM Todo #14250 (Resolved): Update firewall host and domain fields in the Setup Wizard to match the description and warning text from ``system.php``: Jim Pingle
08:49 PM Todo #14250: Update firewall host and domain fields in the Setup Wizard to match the description and warning text from ``system.php``: this appears in the wizard now as expected - tested on 23.05.a.20230414.0600
!clipboard-202304152048-8hd6j.png!
Jordan G
09:12 PM pfSense Packages Bug #14153: default whitelist is not created: What version of pfBlocker are you using?
I'm unable to reproduce this with a fresh install of pfBlockerNG-devel 3.... Chris W
09:11 PM pfSense Packages Bug #14230: PHP error with pfBlockerNG: I'm not seeing any PHP errors in 3.2.0_4 of pfBlockerNG. Was there any particular steps to reproduce this problem? Kris Phillips
08:39 PM Bug #14270: Default domain is not used in IPsec Split DNS: Tested on 23.01 as well. Can confirm that the checkbox unchecks itself when left blank and the option is not set in ... Kris Phillips
07:56 PM pfSense Packages Bug #14228 (Resolved): pfBlockerNG might not support new Maxmind license keys: Chris W
07:56 PM pfSense Packages Bug #14228: pfBlockerNG might not support new Maxmind license keys: Closing this out since 3.2.0_4 is now available in System > Package Manager. Chris W
06:05 PM pfSense Packages Bug #14275: Deleting a route map that is assigned to an active neighbor causes crash: it shows an error if the route map was deleted..
the configuration shows the route map is not deleted while it w... Alhusein Zawi
03:49 PM Bug #9577: radvd send_ra_forall failed on interface / can't join ipv6-allrouters: Can this issue be reopened since it has reappeared in 2.6.0?
FWIW, I saw the same issue appeared in OPNsense, wher... Lars Veldcholte
01:56 PM Feature #13382: Packet Capture GUI with granular control: Is there way to keep/add the classic view of the packet capture ?
in many cases I need to start a quick pcap by se... Alhusein Zawi
11:36 AM pfSense Packages Bug #14218 (Resolved): Deleting a shellcmd entry results in a PHP error and crash report: Tested against:... Danilo Zrenjanin
10:04 AM pfSense Plus Bug #13975 (Not a Bug): when assigning a vlan to wan interface configured mac address is not used: I'm unable e to reproduce this. Steps taken:
1. Flash a 3100 with a new installation of 22.05
2. Noted original W... Chris W
09:45 AM Bug #14277 (Duplicate): Fatal error while restarting Unbound through SSH: The top couple lines there are the same PHP error from the other issue, so let's keep the discussion over there since... Jim Pingle
02:20 AM Bug #14277 (Duplicate): Fatal error while restarting Unbound through SSH: High CPU usage and issues with DNS resolver.
Applied - c5faa351c1ef6d4555478a7f50b3a16ece7e0b2a BUG #14061
SS... Ketul Patel
09:39 AM Bug #13573 (Resolved): DHCP Server generates an invalid configuration for static mappings when defining network booting and UEFI HTTPBoot URL: Jim Pingle
12:35 AM Bug #13573: DHCP Server generates an invalid configuration for static mappings when defining network booting and UEFI HTTPBoot URL: Able to reproduce on ... Lev Prokofev
09:31 AM pfSense Packages Bug #11797 (Confirmed): Traffic Totals lost upon reboot when using a ramdisk for /var and /tmp: Steve Wheeler
04:25 AM Bug #14236 (Resolved): PHP Error when viewing Traffic Graphs in ``iftop`` mode: I couldn't reproduce it too. But according to the forum, it's fixed.
I am marking this ticket resolved.
Danilo Zrenjanin
03:05 AM Regression #14120 (Resolved): ``syslogd`` tries to bind interfaces with no IP address: The patch fixes this behavior.
The syslogd starts even if there is no IP on the defined source interface. In that... Danilo Zrenjanin

04/14/2023

06:57 PM pfSense Packages Bug #13654: Wireguard does not fail back failover WAN setup.: Still has this problem. Are there any progress on this? Frode Martin
05:18 PM Bug #14256 (Resolved): PHP Error performing IPv6 ``ip_in_subnet()`` when passing a host addresses within prefix: Jim Pingle
04:48 PM Bug #14256: PHP Error performing IPv6 ``ip_in_subnet()`` when passing a host addresses within prefix: I used modified file in 2.7.0, also in 23.01 version and all is fine now. No more PHP error. thank you! Karel Fischl
03:41 PM pfSense Plus Bug #13497: unbound process looks like stuck periodically: I use the Netgate 1100 with 23.01-RELEASE and can second that unbound from time to time stuck. Only restart the servi... Tom Joad
03:22 PM Revision e5e1e8f9: Fix DHCP HTTPBoot w/static maps. Fixes #13573: Jim Pingle
03:17 PM pfSense Packages Bug #14075 (Not a Bug): Using the ``Transparent ClientIP`` option in HAproxy results in kernel panics: Christian McDonald
03:17 PM Bug #13938 (Resolved): Kernel panic accessing the GUI over IPsec in certain environments when using nginx ``sendfile`` with unmapped mbufs: kern.ipc.mb_use_ext_pgs has been disabled for 2 weeks now.
Marking as resolved. Christian McDonald
03:15 PM pfSense Packages Bug #14058 (Resolved): Update vendor=on triggers installation failure: Christian McDonald
03:14 PM Feature #12982 (Rejected): Add support for RFC7499 in RADIUS library.: RFC7499 is experimental. Thus, it is unlikely we will support RFC7499. Christian McDonald
02:32 PM Revision 0ba1a7ec: Fix handling of OpenVPN client TN. Fixes #13350: * ifconfig format was incorrect for certain mode combinations, leading
to OpenVPN failing to start.
* Changed wordi... Jim Pingle
12:39 PM Bug #14115 (Resolved): DHCP Server page does not properly select a default interface tab if neither WAN nor LAN are capable of being DHCP servers: Jim Pingle
12:24 PM Bug #14115: DHCP Server page does not properly select a default interface tab if neither WAN nor LAN are capable of being DHCP servers: tested on:
Version 23.01-RELEASE (amd64)
built on Fri Feb 10 20:06:33 UTC 2023
FreeBSD 14.0-CURRENT
patch fixes... Georgiy Tyutyunnik
12:00 PM Regression #13350 (Resolved): SSL/TLS OpenVPN Client fails with ``ifconfig`` error when the IPv4 Tunnel Network is defined: Jim Pingle
11:59 AM Regression #13350: SSL/TLS OpenVPN Client fails with ``ifconfig`` error when the IPv4 Tunnel Network is defined: tested on:
Version 23.01-RELEASE (amd64)
built on Fri Feb 10 20:06:33 UTC 2023
FreeBSD 14.0-CURRENT
patch fixes... Georgiy Tyutyunnik
09:52 AM Regression #13350: SSL/TLS OpenVPN Client fails with ``ifconfig`` error when the IPv4 Tunnel Network is defined: When testing I checked a variety of different mode/TN combinations and they all had the correct syntax now, for examp... Jim Pingle
09:40 AM Regression #13350 (Feedback): SSL/TLS OpenVPN Client fails with ``ifconfig`` error when the IPv4 Tunnel Network is defined: Applied in changeset commit:0ba1a7ec7871f8f6bd240a08f238a2fb1ecba16b. Jim Pingle
08:17 AM Regression #13350 (In Progress): SSL/TLS OpenVPN Client fails with ``ifconfig`` error when the IPv4 Tunnel Network is defined: Jim Pingle
11:04 AM Bug #13573: DHCP Server generates an invalid configuration for static mappings when defining network booting and UEFI HTTPBoot URL: I added a custom system patch with this and it works for me. Thank you! Jason Montleon
10:30 AM Bug #13573 (Feedback): DHCP Server generates an invalid configuration for static mappings when defining network booting and UEFI HTTPBoot URL: Applied in changeset commit:e5e1e8f9c498e1e5094394a049bb62d09ec8e034. Jim Pingle
10:27 AM Bug #13573: DHCP Server generates an invalid configuration for static mappings when defining network booting and UEFI HTTPBoot URL: So not only was this breaking HTTPBoot in general with static mappings, but it also was preventing that option from b... Jim Pingle
10:20 AM Bug #13573 (In Progress): DHCP Server generates an invalid configuration for static mappings when defining network booting and UEFI HTTPBoot URL: I was able to replicate this from a stock config with just three changes:
* Network booting checked
* HTTPBoot UR... Jim Pingle
10:10 AM Bug #13554 (Duplicate): Configuration file error caused by setting UEFI HTTPBoot URL in DHCP Service: Duplicate of #13573 Jim Pingle
02:17 AM Regression #14267 (Resolved): PHP error when saving an ICMP firewall rule with no subtypes selected: The patch fixes it.
I tested the patch against the following release:... Danilo Zrenjanin

04/13/2023

04:02 PM Revision 3019cad0: Add plugin hook for nginx conf. Implements #13054: * Plugin hook is called once for entries to be placed below locations in
the main GUI server, and a second time for... Jim Pingle
03:26 PM Bug #14276: One.com dynamic DNS doesn't work: Sure, pull request has been created here now: https://github.com/pfsense/pfsense/pull/4632
While creating it I notic... Alexander Arques
02:20 PM Bug #14276: One.com dynamic DNS doesn't work: Can you submit that change as a pull request on Github?
https://docs.netgate.com/pfsense/en/latest/development/pul... Jim Pingle
01:32 PM Bug #14276: One.com dynamic DNS doesn't work: By the way there are some more notes about what issues I fixed and how I went about it in this thread but the patch a... Alexander Arques
01:25 PM Bug #14276 (Pull Request Review): One.com dynamic DNS doesn't work: I registered a domain on One.com yesterday and later found out that the Dynamic DNS updater for it in pfSense doesn't... Alexander Arques
03:21 PM Todo #14027: Update PHP to 8.2.6: PHP 8.2.5 has been released, but we will stay at 8.2.4 this close to release
8.2.5 merge will happen after we branch... Christian McDonald
02:50 PM Regression #13350: SSL/TLS OpenVPN Client fails with ``ifconfig`` error when the IPv4 Tunnel Network is defined: When adding a tunnel network it makes a couple changes to the config, notably it *removes* the @pull@ directive, it a... Jim Pingle
11:25 AM Bug #13014: Deadlock in Charon VICI interface: The nice people at the Strongswan project think they know what the problem is, and have posted an experimental patch.... Kristof Provost
11:18 AM Bug #13908 (Resolved): Firewall rules are not reloaded when removing a VIP, outdated rules/entries remain active: The patch fixes it.
Tested against:... Danilo Zrenjanin
11:10 AM Feature #13054 (Feedback): Package plugin hook for web server configuration stanzas: Applied in changeset commit:3019cad09231b105f955d161a6e24d98d3623b71. Jim Pingle
11:07 AM Feature #13054: Package plugin hook for web server configuration stanzas: Implementation is as described in the issue description. The plugin can be defined in a package as in the following e... Jim Pingle
06:36 AM pfSense Packages Bug #14275 (Resolved): Deleting a route map that is assigned to an active neighbor causes crash: Steps to reproduce:
2.7.0.a.20230405.0015 / FRR 7.5.1.
1) Establish BGP session to a neighbor and announce a p... M Felden
04:42 AM Feature #14274 (New): Android App by adding a couple of lines of code - Sort off: Because pfSense GUI is mobile responsive you can use a mobile to perform actions in the GUI which is nice but a few p... Jon Brown

04/12/2023

08:37 PM Regression #14091: The "Kill States" button does not work consistently: I'll take this one. I'm quite familiar with the module after porting it to PHP8. Christian McDonald
09:27 AM Regression #14091: The "Kill States" button does not work consistently: Tried this again since some changes went into the module overnight. If I filter and try to kill a subnet style string... Jim Pingle
08:06 PM Revision b63b534c: remove dhcpleases6 from base install: Christian McDonald
07:57 PM Bug #14273: Traffic to a VIP is not port forwarding TCP or UDP: I will re-verify my findings on Sunday... both the end user system and the lab one I had here failed but every other ... Ryan Coleman
06:05 PM Bug #14273 (New): Traffic to a VIP is not port forwarding TCP or UDP: When there is a VIP on an interface (CARP, IP Alias) the traffic comes in to the interface no problem but if it is to... Ryan Coleman
07:38 PM Revision 53dbfb25: Fix default DHCP server if selection. Fixes #14115: Jim Pingle
07:15 PM Revision 3dfbc1fa: Safety belt check for CP used mac db content. Fixes #14172: Jim Pingle
07:09 PM Revision 7fb2954d: Don't sync if settings are empty. Fixes #14182: Jim Pingle
06:59 PM Revision 40eb0d51: Add user limits pchtherm data. Implements #14255: Steve Wheeler
03:19 PM Revision f48271e0: dnsmasq strict order/all servers are mutually exclusive. Fixes #13655: Jim Pingle
03:07 PM Revision e90ba648: Automatic CARP/VIP rule refinements. Fixes #13908: * Perform a filter reload after deleting a VIP. This is important not
only for CARP but other VIPs, since they may ... Jim Pingle
02:56 PM Feature #13054 (In Progress): Package plugin hook for web server configuration stanzas: Jim Pingle
02:45 PM Bug #14115 (Feedback): DHCP Server page does not properly select a default interface tab if neither WAN nor LAN are capable of being DHCP servers: Applied in changeset commit:53dbfb25ff1a611806f81f39a6fd8b5b9938f175. Jim Pingle
02:25 PM Regression #14172 (Feedback): PHP error in Captive Portal if ``usedmacs`` list is empty: Applied in changeset commit:3dfbc1fa812b2131b11c176ce22de9b2d8d233ea. Jim Pingle
02:20 PM Bug #14182 (Feedback): PHP error when XMLRPC client attempts to synchronize without any synchronization settings in the configuration: Applied in changeset commit:7fb2954dce0c7732a34681d31723f4f5fe58f7c5. Jim Pingle
02:05 PM Feature #14255 (Feedback): Support for Intel PCH temperature values in thermal sensors: Applied in changeset commit:40eb0d510305bc8cdba81f80bd81ade3c8045db3. Anonymous
07:53 AM Feature #14255 (Pull Request Review): Support for Intel PCH temperature values in thermal sensors: Jim Pingle
12:43 PM Todo #14027 (Resolved): Update PHP to 8.2.6: Nothing that I know of. Christian McDonald
10:58 AM Bug #14167 (Confirmed): Auto Config Backup: Selected manual backups are not retained.: It's entirely on the backend in ACB. Steve Wheeler
10:42 AM Bug #14167: Auto Config Backup: Selected manual backups are not retained.: Does anything even need to change on the frontend here? It seems like the client side is doing all it can and the bac... Jim Pingle
10:43 AM Regression #14217: IPsec Phase 2 rekey failures with some PFS key groups: Updating subject for release notes. Jim Pingle
10:30 AM Bug #13655 (Feedback): DNS Forwarder (``dnsmasq``) is using an invalid combination of options when "Query DNS servers sequentially" is enabled: Applied in changeset commit:f48271e08f81c560bf70107c76e9caf3311042be. Jim Pingle
10:21 AM Bug #13655 (In Progress): DNS Forwarder (``dnsmasq``) is using an invalid combination of options when "Query DNS servers sequentially" is enabled: Moving that to an @else@ clause is ideal for now since they should be mutually exclusive. Jim Pingle
10:20 AM Bug #13908 (Feedback): Firewall rules are not reloaded when removing a VIP, outdated rules/entries remain active: Applied in changeset commit:e90ba648cf5256dffbc9294bb6318c899db21f88. Jim Pingle
07:43 AM pfSense Packages Bug #14258: HA-proxy, IPV6-address in combination with portnumber => fatal: Attached a picture from another situation where the IPV6-addresses are not properly extracted / handover from the GUI... Louis B
07:21 AM pfSense Packages Bug #13969 (Resolved): Status_Monitoring ignores NAT states: Tested on 23.05-DEV (built on Fri Apr 07 01:20:44 UTC 2023) and on 2.7-DEV (built on Wed Apr 12 06:05:24 UTC 2023)
... Azamat Khakimyanov
07:10 AM Regression #13966 (Resolved): RRD update script does not parse state data properly: Tested on 23.01 and on 23.05-DEV (built on Fri Apr 07 01:20:44 UTC 2023) and on 2.7-DEV (built on Wed Apr 12 06:05:24... Azamat Khakimyanov
06:38 AM pfSense Plus Bug #13976: SNMP logs "Device not configured" error message when queries involve built-in switch port interfaces: I have the same on my Netgate 7100. Hope there is a fix soon because this **** is flooding mit logs :/ Manuel M.
05:44 AM pfSense Packages Bug #14199: ACME - Issue with corrupted cert: Attached PHP error log Juan Francisco Rodriguez Garcia
04:22 AM Todo #14188 (Resolved): Add note to inform the user that the "Next Certificate Serial" value is ignored when the "Randomize Serial" option is enabled: Tested on 2.7 (built on Tue Apr 11 06:05:40 UTC 2023) and on 23.05 (built on Fri Apr 07 01:20:44 UTC 2023)
Both DE... Azamat Khakimyanov

04/11/2023

10:45 PM pfSense Packages Bug #14271 (Not a Bug): WireGuard does not work: Just for future reference these types of issues are best addressed first on the Forums before opening a Redmine issue... Christian McDonald
10:36 PM pfSense Packages Bug #14271: WireGuard does not work: It's working, thanks! hao zhang
10:20 PM pfSense Packages Bug #14271: WireGuard does not work: Did you enable WireGuard on the settings page? Christian McDonald
09:52 PM pfSense Packages Bug #14271: WireGuard does not work: WireGuard0.1.6_2
!clipboard-202304121052-budas.png!
hao zhang
09:51 PM pfSense Packages Bug #14271 (Not a Bug): WireGuard does not work: My WireGuard does not have a start/restart button after installation.
After going to the WireGuard configuration pag... hao zhang
07:24 PM Revision b959ca07: Trim whitespace from static addrs on save. Fixes #13959: Jim Pingle
07:19 PM Revision 9d6220c6: Remove sleep from Do Not Wait for RA code path. Fixes #13492: The purpose of the sleep was never documented as far back as I could
tell, and it appears to cause more harm than goo... Jim Pingle
05:15 PM Feature #14255: Support for Intel PCH temperature values in thermal sensors: Additionally add user configurable limits for PCH data.
https://gitlab.netgate.com/pfSense/pfSense/-/merge_reques... Steve Wheeler
04:40 PM Bug #14270 (New): Default domain is not used in IPsec Split DNS: The Split-DNS GUI option has the description:
> NOTE: If left blank, and a default domain is set, it will be used fo... Marcos M
04:38 PM Feature #7773 (Closed): IPSec using IKEv2 with split DNS not using provided domain names: This should be resolved with https://redmine.pfsense.org/issues/12975. Marcos M
03:29 PM Revision fbf8f9e8: Multiple issues with ICMP NAT/Rules. Fixes #14267: * When making an associated firewall rule for a port forward, do not
craft what would be an invalid port range.
* W... Jim Pingle
02:51 PM Bug #14262: IPv6 firewall log entries do not wrap and force the table width past the width of the page: If someone else wants to experiment, this is what I started with to insert the wbr and change the wrapping:... Jim Pingle
02:49 PM Bug #14262: IPv6 firewall log entries do not wrap and force the table width past the width of the page: There is much more to it than the wbr tags. The src/dst cells are locked at nowrap, as it the row itself. The descrip... Jim Pingle
02:34 PM Revision 854a454c: Additional changes to new Packet Capture GUI. Implements #13382: Marcos M
02:30 PM Todo #13959 (Feedback): Trim blank characters from static IP address fields on the Interface configuration page: Applied in changeset commit:b959ca071e503e59f6f361d411b0bc62a12d5821. Jim Pingle
02:27 PM Todo #13959: Trim blank characters from static IP address fields on the Interface configuration page: For whatever reason, is_ipaddrv4() rejects the address when it has extra blank space but the IPv6 version does not. I... Jim Pingle
02:30 PM Todo #13492 (Feedback): Start ``rtsold`` immediately after ``dhcp6c`` sends a request: Applied in changeset commit:9d6220c62a2a9633451d4ee04ca56ee1a013efc4. Jim Pingle
02:21 PM Todo #13701: Replace direct config accesses for the rest of the paths in ``system_advanced_admin.inc``: Err, sorry, 48eab661 Brad Davis
02:19 PM Todo #13701 (Resolved): Replace direct config accesses for the rest of the paths in ``system_advanced_admin.inc``: This was committed in 9c2b9b78 Brad Davis
02:17 PM Todo #13702 (Resolved): Replace direct config accesses in ``system_advanced_sysctl``: This work was committed in 48eab661 Brad Davis
12:45 PM Bug #14257: Rule order interface group 'is uncontrolled changing ^up and down^' :(: FWIW I've noticed the rule separators moving down one position when at the top. I haven't been able to reproduce this... Marcos M
12:08 PM Bug #14257: Rule order interface group 'is uncontrolled changing ^up and down^' :(: Not only the rules are moving, also the separators are moving up and down. Louis B
12:20 PM Bug #14035 (Feedback): PHP error when attempting to create a GIF interface when ``if_gif`` kernel module is not loaded: This is going to have to wait unless someone can find a way to reproduce it reliably since I still am unable to repli... Jim Pingle
12:03 PM Bug #12673: Firewall Logs Dashboard Widget is slow and may fail to update: Can you submit the proposed changes as a pull request on Github?
https://docs.netgate.com/pfsense/en/latest/develo... Jim Pingle
12:01 PM Bug #3132: Gateway events for IPv6 affect IPv4 services and vice versa: Doesn't look likely that we'll have time to finish this for 23.05. Moving forward to the next release target. Jim Pingle
11:57 AM Feature #13362: Update dynamic gateway consumers when their interface is renamed: Doesn't look likely that we'll have time to finish this for 23.05. Moving forward to the next release target. Jim Pingle
11:56 AM Feature #6960: Introduce Kea DHCP as an alternative DHCP server for IPv4 and IPv6: Doesn't look likely that we'll have time to finish this for 23.05. Moving forward to the next release target. Jim Pingle
11:55 AM Feature #14122: Allow selecting the repo branch on config restore: Doesn't look likely that we'll have time to finish this for 23.05. Moving forward to the next release target. Jim Pingle
11:55 AM Feature #14166: Use netstat output for interface packet counters: Doesn't look likely that we'll have time to finish this for 23.05. Moving forward to the next release target. Jim Pingle
11:52 AM Todo #14027: Update PHP to 8.2.6: Is there anything holding this back from being closed? It's been in snapshots for a while now and running well. Jim Pingle
11:51 AM pfSense Packages Bug #14096 (Resolved): Status_Traffic_Totals does not work on snapshots due to sqlite change: This apparently was fixed upstream and we brought it in during a recent ports merge. It's working on current snapshot... Jim Pingle
10:54 AM Bug #13915: PHP errors when re-running Traffic Shaper Wizards with different settings: I also "volunteer" to test something. Stefan Weichinger
10:35 AM Regression #14267 (Feedback): PHP error when saving an ICMP firewall rule with no subtypes selected: Applied in changeset commit:fbf8f9e8be74a4c40af1d33cc15bc7d228676eb4. Jim Pingle
07:40 AM Regression #14267 (Confirmed): PHP error when saving an ICMP firewall rule with no subtypes selected: A couple notes:
* The error happens when trying to save, not when loading the page
* The error is specific to ICMP
*... Jim Pingle
10:34 AM Regression #13350: SSL/TLS OpenVPN Client fails with ``ifconfig`` error when the IPv4 Tunnel Network is defined: There are more errors from this same case over on #14268 -- but this appears to be with DCO where the errors on #1426... Jim Pingle
10:33 AM Regression #14268 (Duplicate): OpenVPN client fails to start when a tunnel network is specified: We can count this one a duplicate since it appears to be the same root issue.
I still haven't seen a good way to k... Jim Pingle
10:15 AM Regression #14268: OpenVPN client fails to start when a tunnel network is specified: I have not seen a case yet where the tunnel network needed to be specified. Regarding #13350, that's the error I get ... Marcos M
07:20 AM Regression #14268 (Feedback): OpenVPN client fails to start when a tunnel network is specified: Are you certain that setup needs a tunnel network in the client? We have seen cases like #13350 where it was set impr... Jim Pingle
09:57 AM pfSense Plus Regression #13993 (Resolved): Switch ports on 7100/1100/2100 do not have Auto MDI-X support enabled: This is fixed in current snapshots. The switch ports link MDI and MDIX as expected.
The other issues reported here... Steve Wheeler
09:40 AM Feature #13382 (Feedback): Packet Capture GUI with granular control: Applied in changeset commit:854a454c4ba5aaaabab98ddb657f775a1745094d. Marcos M
08:14 AM Todo #14201 (Resolved): Remove deprecated NCP enable/disable toggle from OpenVPN: Tested on 2.7-DEV (built on Tue Apr 11 06:05:40 UTC 2023)
There is no 'NCP enable/disable' option for OpenVPN Serv... Azamat Khakimyanov
07:58 AM pfSense Plus Regression #14269 (Duplicate): 1100/2100: switch ports not enabled for auto-mdi-x: Fix appears to be in and working for me as well. I get a link between the LAN and OPT ports on an 1100 running a 23.0... Jim Pingle
07:50 AM pfSense Plus Regression #14269 (Feedback): 1100/2100: switch ports not enabled for auto-mdi-x: The same fix that applied to the 7100 is already in 23.05 snapshots. The switch ports link MDI and MDIX there as expe... Steve Wheeler
04:15 AM pfSense Plus Regression #14269: 1100/2100: switch ports not enabled for auto-mdi-x: aleksei prokofiev wrote:
> In 23.01 the 1100 switch ports do not support auto-MDI/X. The customer try to connect 110... Peter Poulos
03:51 AM pfSense Plus Regression #14269 (Duplicate): 1100/2100: switch ports not enabled for auto-mdi-x: In 23.01 the 1100 switch ports do not support auto-MDI/X. The customer try to connect 1100 with 2100 and no success, ... aleksei prokofiev

04/10/2023

09:10 PM Regression #14268 (Duplicate): OpenVPN client fails to start when a tunnel network is specified: Tested on pfSense+ 23.01/23.05dev with and without DCO.
With non-DCO, the logs show that it fails to configure the... Marcos M
08:10 PM Regression #14267 (Resolved): PHP error when saving an ICMP firewall rule with no subtypes selected: pfSense+ 23.01
Trying to edit an auto-generated NAT-associated firewall rule to allow ICMP results in a PHP error:... Marcos M
04:04 PM Feature #13382 (Pull Request Review): Packet Capture GUI with granular control: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1025
* Moved custom filter option to the first position ... Marcos M
03:56 PM Revision 02af3d3e: Normalize IPv6 prefix prior to use in ip_in_subnet(). Fixes #14256: Jim Pingle
02:58 PM pfSense Packages Bug #14228: pfBlockerNG might not support new Maxmind license keys: This was fixed in the 3.2.0_4 which is live. Artur Hawkwing
02:04 PM Revision aa3bbcb4: Add PCH thermal data to the thermal sensors widget and RRD graphs. Implements #14255: Steve Wheeler
01:40 PM Revision 4dc0624a: Fix punctuation. Fixes #14188: Jim Pingle
01:11 PM Revision 4b34ebd2: Update fw host/domain description text and add to wizard. Fixes #14250: * Update firewall host/domain description text
* Use same description on system.php and setup wizard Jim Pingle
01:05 PM Bug #11494: Wireguard interface sends ICMP Redirect when routing between two peers: Christian McDonald wrote in #note-9:
> Unable to replicate.
>
> We can revisit if someone can demonstrate that th... Andrei Caba
11:54 AM Bug #14266 (Rejected): Bug Captive Portal first access URL in HTTPS: As I mentioned on the other issue you opened (#14263), there isn't anything else you can do here.
There is no way ... Jim Pingle
11:41 AM Bug #14266 (Rejected): Bug Captive Portal first access URL in HTTPS: Good afternoon,
I'm using version 2.6 of the system, I tried this week to increase the use of the captive portal ... Simonetto Alimentos
11:05 AM Bug #14256 (Feedback): PHP Error performing IPv6 ``ip_in_subnet()`` when passing a host addresses within prefix: Applied in changeset commit:02af3d3efedacf511ebe834667fa7c707b46b43c. Jim Pingle
08:44 AM Bug #14256: PHP Error performing IPv6 ``ip_in_subnet()`` when passing a host addresses within prefix: We've seen this pop up in a couple different places so I'll see if there is a way to fix it more generally. The gist ... Jim Pingle
10:36 AM pfSense Docs Correction #14253 (Rejected): Single User Mode - Next Boot Configuration MUST manually be cleared on 3100: Looking this over, there is nowhere in the code that offers to reboot a 3100 in a way that would land a user in this ... Jim Pingle
10:10 AM Feature #14265 (Resolved): Option to invalidate GUI login session if the client address changes: Currently once the user logs in, their session is valid even if the client source address changes. This allows the us... Jim Pingle
10:01 AM Todo #14264 (New): Consider lowering default session timeout from current default of four hours (240m): The current session timeout is 240 minutes (four hours), but it might be time to lower that a bit. Current concerns w... Jim Pingle
09:20 AM Bug #14263 (Rejected): Bug Captive Portal quando Pagina é HTTPS: 1. We are only able to accept reports in English.
2. After running that through Google Translate it's about HTTPS ... Jim Pingle
06:24 AM Bug #14263 (Rejected): Bug Captive Portal quando Pagina é HTTPS: Bom dia, estou usando a versão 2.6 do sistema, tentei nesta semana incrementar o uso do captive portal em meu cenário... Simonetto Alimentos
09:14 AM Bug #14262: IPv6 firewall log entries do not wrap and force the table width past the width of the page: We solved this in the widget in #5332 by adding @<wbr>@ tags after each @:@ in an IPv6 address but it looks like that... Jim Pingle
01:53 AM Bug #14262 (New): IPv6 firewall log entries do not wrap and force the table width past the width of the page: IPV6-addresses are much wider than IPV4. That is not properly handled in the GUI. Extreme example is the Firewall log... Louis B
09:10 AM Feature #14255 (Feedback): Support for Intel PCH temperature values in thermal sensors: Applied in changeset commit:aa3bbcb4c1fd5f563cdba707887b17c5088ad7b9. Anonymous
08:59 AM pfSense Packages Todo #14194: Better colours for alerts: Sergei Shablovsky wrote in #note-2:
> Jim Pingle wrote in #note-1:
> > Green and Red are also not great choices bec... Jim Pingle
08:52 AM Bug #13996 (New): Limiters using the fq_pie scheduler no longer pass any traffic.: Jim Pingle
08:52 AM pfSense Plus Bug #14259 (Duplicate): Limiters with the fq_pie scheduler don't pass any traffic.: Duplicate of #13996 -- let's keep all the discussion on there.
Jim Pingle
08:50 AM Todo #14188 (Feedback): Add note to inform the user that the "Next Certificate Serial" value is ignored when the "Randomize Serial" option is enabled: Applied in changeset commit:4dc0624a1ab562736cf6236a81a0489f8ba35afc. Jim Pingle
08:49 AM Bug #14257 (Rejected): Rule order interface group 'is uncontrolled changing ^up and down^' :(: I can't reproduce this. The only way the rules would appear to reorder themselves is if they were not saved.
There... Jim Pingle
08:48 AM Todo #14011: Update memory graphs to account for changes in memory reporting: Because the "cache" value is a dummy in the FreeBSD sysctl tree now I used "cache" on the graph for ZFS ARC (when usi... Jim Pingle
08:40 AM Todo #14250 (Feedback): Update firewall host and domain fields in the Setup Wizard to match the description and warning text from ``system.php``: Applied in changeset commit:4b34ebd23dbe29b544727e8ab2727135b03f6110. Jim Pingle
08:35 AM Feature #14254 (Rejected): Add option "Reboot with Filesystem Check" to the Diagnostics > Reboot page for Netgate 3100: We cannot add this because as you noted on #14253 it cannot be cleared automatically on 3100.
We only add the opti... Jim Pingle
08:33 AM Feature #14251 (Duplicate): Add option to disable Intel Speed Shift so that Intel Speed Step can kick in: Duplicate of #14047 Jim Pingle
07:44 AM Feature #14249: Pre-set search string for DHCP leases when following shortcut link from DHCP configuration: Your description isn't very clear on what you are asking for. I can only assume you're asking that if you follow a li... Jim Pingle
07:34 AM pfSense Packages Bug #14218 (Feedback): Deleting a shellcmd entry results in a PHP error and crash report: MR merged Jim Pingle
07:28 AM Bug #14248 (Feedback): Static routes to monitor IP disappears if you set a gateway group as a default gateway.: If anyone can reproduce this starting with a completely fresh stock configuration, we'll need the steps involved to m... Jim Pingle
07:26 AM Bug #14247 (Duplicate): IPsec code needs updated to the new accessor methods.: Duplicate of #14009 Jim Pingle
05:47 AM Bug #13671 (Resolved): DHCP client can fail permanently if an interface is down at boot: Tested on 23.01
I was able to reproduce this Bug on my KVM by turning WAN (DHCP) interface off at certain moment d... Azamat Khakimyanov
01:45 AM Bug #14261 (Closed): Trim white space in a DHCP Leases page search field: Hi!
On DHCP Leases status page, in Search section, in Search term field BEFORE displaying results in Leases table ... Sergei Shablovsky

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

05/09/2023

05/08/2023

05/07/2023

05/06/2023

05/05/2023

05/04/2023

05/03/2023

05/02/2023

05/01/2023

04/30/2023

04/29/2023

04/28/2023

04/27/2023

04/26/2023

04/25/2023

04/24/2023

04/23/2023

04/22/2023

04/21/2023

04/20/2023

04/19/2023

04/18/2023

04/17/2023

04/16/2023

04/15/2023

04/14/2023

04/13/2023

04/12/2023

04/11/2023

04/10/2023