Activity

30 days up to

User

Subprojects

Activity

From 06/26/2023 to 07/25/2023

07/25/2023

06:51 PM Revision 1daabcfd: Fix the installation of the pfSense base package with pkg -r.: Luiz Souza
06:10 PM pfSense Plus Feature #14611 (Rejected): tracking flows and added context: That's what ntop/softflowd/netflow in general are for. That sort of data storage and drill-down shouldn't be happenin... Jim Pingle
05:58 PM pfSense Plus Feature #14611 (Rejected): tracking flows and added context: pfSense does not have a cleaner way to track flows going through the firewall.
Seeing if a packet matches a rule i... Mike Moore
05:38 PM Bug #6167: IPsec IPComp not working: Renato Botelho wrote in #note-25:
> When it's fixed on FreeBSD we can import the fix and target it to a version
I... Ronald Antony
04:00 PM Feature #14610 (Closed): Add source address option to Check IP Services: Add a GUI option for Check IP Services to specify the source address - it should support gateway groups and VIPs.
... Marcos M
03:59 PM Bug #14605: Dynamic DNS uses the default gateway interface instead of the specified interface: This seems to be due to the Check IP Service using the default gateway which happens because the WANs are both RFC1918. Marcos M
03:22 PM Bug #14518: pfSense CrashLog on 2.7.0RC Upgrade: Hello Kris,
I have not been able to recreate the issue since the 1 time it occurred. The 1st machine I upgraded to... Matthew Drury
03:02 PM Bug #14609 (Resolved): Update check in GUI does not always honor the configured proxy settings: When checking for updates from **System > Update**, the function call to @update_repos()@ and @pfSense-repoc@ does no... Jim Pingle

07/24/2023

07:14 PM Bug #14577: OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``: Going back to the /tmp/<user> files.
I manually removed all the route (/tmp/<user>) files from the /tmp directory la... Michael Mercier
05:58 PM pfSense Docs Correction #14601 (Closed): Outdated mbuf reference in Squid Tuning doc: Outdated reference removed: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/de41f9b6a2bb9ac5cf4d7fffe9d10c4cd39... Jim Pingle
12:15 PM pfSense Docs Correction #14601: Outdated mbuf reference in Squid Tuning doc: That section should just be removed, it hasn't been relevant for years since the defaults were increased way beyond w... Jim Pingle
05:23 PM Bug #13423 (Feedback): IPv6 neighbor discovery protocol (NDP) fails in some cases: And that's been cherry-picked to our branches as well. Future snapshot builds will have the fix. Kristof Provost
03:47 PM Bug #13423: IPv6 neighbor discovery protocol (NDP) fails in some cases: I've pushed the fix upstream in https://cgit.freebsd.org/src/commit/?id=9c9a76dc6873427b14f6c84397dd60ea8e529d8d and ... Kristof Provost
03:46 PM Bug #13423 (Waiting on Merge): IPv6 neighbor discovery protocol (NDP) fails in some cases: Preliminary fix upstream: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=233683 Marcos M
03:55 PM Bug #6799 (In Progress): Negating ``<interface> net`` when a VIP exists on the interface results in unintended behavior: Marcos M
03:54 PM Feature #14448 (Pull Request Review): Support interface groups in firewall rule source/destination fields: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1048 Marcos M
01:12 PM Bug #14607 (Rejected): "Use remote DNS Servers, ingore local DNS" is not working properly: Can't reproduce it here, it's likely something in your setup or environment.
This site is not for support or diagn... Jim Pingle
12:51 PM Bug #14607: "Use remote DNS Servers, ingore local DNS" is not working properly: It's working fine only when disabling "DNS forwarder" and "DNS resolver" Evgeny Pankov
12:46 PM Bug #14607 (Rejected): "Use remote DNS Servers, ingore local DNS" is not working properly: Selecting "Use remote DNS Servers, ingore local DNS" takes no differ from "Use local DNS (127.0.0.1), fall back to re... Evgeny Pankov
12:05 PM Bug #14600 (Not a Bug): 2.7.0 Installation error on Oracle Cloud Infrastrucutre (OCI): Press space to select the disk for use, as described in the documentation:
https://docs.netgate.com/pfsense/en/lat... Jim Pingle
09:12 AM Regression #14569: ``bnxt(4)`` driver errors: Where do i get the 23.09 snapshot releases? David Ludvigsson
09:10 AM Regression #14569: ``bnxt(4)`` driver errors: I replaced the NICs to get online again, but ill try in a testbuild. David Ludvigsson
01:08 AM pfSense Packages Bug #14606 (Resolved): Deleting Last BFD Profile in FRR Package Causes PHP Fatal Error: To reproduce:
1. Enable BFD in FRR.
2. Create a BFD profile (only requires a profile name).
3. Delete the BFD pr... Bill Hughes

07/23/2023

08:21 PM Bug #14604: Bugs in dhclient implementation according to RFC 2131: Flole Systems wrote in #note-1:
> The ISPs understanding of the RFC is not correct. A client does not need to wait u... Nazar Mokrynskyi
08:16 PM Bug #14604: Bugs in dhclient implementation according to RFC 2131: The ISPs understanding of the RFC is not correct. A client does not need to wait up to 10 second for a response. Flole Systems
02:11 PM Bug #14604 (New): Bugs in dhclient implementation according to RFC 2131: I had issues with one of the ISPs on pfSense and after talking to their tech support and observing what is happening ... Nazar Mokrynskyi
07:55 PM Bug #14605 (Resolved): Dynamic DNS uses the default gateway interface instead of the specified interface: Steps:
# Configure a gateway group with WAN1 (tier 1) and WAN2 (tier 2), and set it as the default system gateway.
... Marcos M
09:32 AM pfSense Plus Regression #14171: High Availability Setup with Gateway to secondary pfSense not working - No Internet: I know it's not a bug but maybe this is affecting other areas since the FreeBSD route command (as of pfSense 2.7.0) b... Kyouko M
05:38 AM Bug #14603 (Duplicate): LAGG VLAN Interfaces report parent no longer exists: LAGG VLAN interfaces report parent interface no longer exists following the parent (LAGG0) being added under interfac... Jordan G
02:30 AM pfSense Plus Feature #14594: VDOM on pfsense: Kris Phillips wrote in #note-1:
> VDOM seems like a marketing rebrand for a VRF on Fortinet. TNSR currently has thi... Conor Dang
01:59 AM pfSense Plus Feature #14594: VDOM on pfsense: VDOM seems like a marketing rebrand for a VRF on Fortinet. TNSR currently has this, but pfSense Plus does not. Kris Phillips
02:04 AM pfSense Packages Bug #14504 (Incomplete): FTP_Client_Proxy package doesn't create firewall rule: Hello,
Do you mean it doesn't create a rule from the inside interface outbound for FTP traffic? If so, typically ... Kris Phillips
01:52 AM pfSense Plus Bug #14531: Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.: So I retested this today and now I'm seeing the same results with DCO enabled. The odd thing is that there is still ... Kris Phillips
01:48 AM Bug #14518: pfSense CrashLog on 2.7.0RC Upgrade: Hello Matthew,
Please test with the release of 2.7 and let us know if you're able to reproduce this issue. Kris Phillips
01:43 AM Bug #14600: 2.7.0 Installation error on Oracle Cloud Infrastrucutre (OCI): Santiago Nunez wrote in #note-1:
> should said: SPC-4 instead of 1:
>
> pass1: <ORACLE BlockVolume 1.0> Fixed Dir... Kris Phillips
01:27 AM pfSense Packages Bug #10502: LLDP spamming errors on Netgate XG-7100: still seeing this on 7100 running 23.05.1 lldpd 0.9.11_1 - set all protocol support to active, save... Jordan G
01:20 AM Bug #14473: Automatic gateway not updating after default deleted: it could be related to #12536 Alhusein Zawi
12:38 AM Bug #14473 (Confirmed): Automatic gateway not updating after default deleted: I can confirm this behavior on... Christopher Cope
12:55 AM pfSense Packages Bug #14498: php errors when looking at snort active rules: Jonathan Lee wrote in #note-16:
> @Christopher Cope
> I wanted to also take the time to message you and say I am so... Christopher Cope

07/22/2023

12:09 PM pfSense Packages Bug #14592 (Resolved): Issues with ACME Private Key handling: Danilo Zrenjanin
12:09 PM pfSense Packages Bug #14592: Issues with ACME Private Key handling: I couldn't reproduce any of the listed issues on the 0.7.5 Acme package.
I am marking this case resolved. Danilo Zrenjanin
10:59 AM pfSense Packages Bug #14596 (Confirmed): FreeRADIUS falsely shows its default is to save data during package reinstall: I can confirm this behavior.
Tested on:... Danilo Zrenjanin
07:22 AM Bug #14598 (Resolved): Link to view Captive Portal custom HTML page content does not work: The patch fixes it.
I am marking this ticket resolved. Danilo Zrenjanin
06:57 AM pfSense Packages Feature #14602: squidguard log search: Not sure if its possible to do with the package but if multiple categories are selected and the action is blocked, th... Mike Moore
06:52 AM pfSense Packages Feature #14602 (New): squidguard log search: Package > SquidGuard > Logs
The ability to search through the logs in the GUI. Right now there is no ability to do... Mike Moore
05:33 AM pfSense Docs Correction #14601 (Closed): Outdated mbuf reference in Squid Tuning doc: Performance Tweaks - https://docs.netgate.com/pfsense/en/latest/packages/cache-proxy/tune.html#performance-tweaks
... Mike Moore
12:41 AM Bug #14600: 2.7.0 Installation error on Oracle Cloud Infrastrucutre (OCI): should said: SPC-4 instead of 1:
pass1: <ORACLE BlockVolume 1.0> Fixed Direct Access SPC-4 SCSI device
... Santiago Nunez
12:35 AM Bug #14600 (Not a Bug): 2.7.0 Installation error on Oracle Cloud Infrastrucutre (OCI): I'm following this instructions to install pfSense 2.7.0 on Oracle Cloud Infrastructure
https://docs.oracle.com/en/l... Santiago Nunez

07/21/2023

07:47 PM pfSense Packages Bug #14571: PHP Error prevents LCDProc client from working properly due to empty VIP tags in config.xml: For the record, I now have an LCD with buttons and the fix I committed last week did correct the errors. Jim Pingle
07:14 PM Bug #14577: OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``: I've replicated the issue with the rules/anchors which I'll be looking at. The route file itself (/tmp/<User>) is alw... Marcos M
04:49 PM Bug #14577: OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``: As for the route files (e.g. /tmp/user100) I see the following:
1. When some users login, the file is removed duri... Michael Mercier
04:36 PM Bug #14577: OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``: Logs from when I do the steps above:... Michael Mercier
06:36 PM Bug #14290: ICMPv6 Path MTU Discovery breaks with NPT: I can confirm I also have this exact same issue on 23.05.1-RELEASE. However, It's not just when GIF tunnels are used... John S
06:17 PM Revision a30510e8: poudriere_bulk: re-add dhcpleases6 so we build it again. Fixes #14502: Christian McDonald
06:09 PM Regression #14502: DHCPv6 Prefix Delegation (PD) not installing routes: Georgiy Tyutyunnik wrote in #note-5:
> applied the patch to no effect, no routes were added for delegated prefixes
... Christian McDonald
06:05 PM Regression #14502: DHCPv6 Prefix Delegation (PD) not installing routes: applied the patch to no effect, no routes were added for delegated prefixes
tested on:
Version 2.7.0-RELEASE (amd64... Georgiy Tyutyunnik
05:45 PM pfSense Docs Correction #14599 (Rejected): Change Interface Names in TNSR Remote Office With Existing IPsec Hub to Something Else: When you search for something like "port forward" in our documentation, rather than bringing up the NAT page, it brin... Kris Phillips
02:55 PM Bug #14598 (Feedback): Link to view Captive Portal custom HTML page content does not work: Applied in changeset commit:d536506909c89b5f42e6bf1c63cf02e723b0fb72. Jim Pingle
02:38 PM Bug #14598: Link to view Captive Portal custom HTML page content does not work: Jim,
yep, I can confirm: This fix works fine!
Best,
Volker Volker Werbus
12:58 PM Bug #14598: Link to view Captive Portal custom HTML page content does not work: Looks like the regex at source:src/usr/local/www/services_captiveportal.php#L73 isn't quite right. It won't match @vi... Jim Pingle
08:17 AM Bug #14598 (Resolved): Link to view Captive Portal custom HTML page content does not work: Hi PFSense developers,
we run about 200+ locations and recently updated around 50% of the locations to 2.7.0
We... Volker Werbus
02:44 PM Revision d5365069: Fix Captive Portal view HTML link param. Fixes #14598: The way the code regex matches the parameter it needs the extra bit on
the end so it both matches the regex and gets ... Jim Pingle
02:31 PM pfSense Packages Bug #14596: FreeRADIUS falsely shows its default is to save data during package reinstall: Stated differently, it is not possible to restore FreeRADIUS settings unless one has at some point clicked the Save b... Steve Y
03:24 AM pfSense Packages Bug #14596 (Duplicate): FreeRADIUS falsely shows its default is to save data during package reinstall: forum thread: https://forum.netgate.com/topic/181594/restore-missing-freeradius-config
A new install of FreeRADIUS... Steve Y
02:09 PM Bug #14386: ``openvpn.auth-user.php`` gets stuck at 100% CPU usage when RADIUS authentication times out: I just checked my 23.05 box and I see 5 of these runaways. I guess we'll need to update to 23.05.1 to test that... Orion Poplawski
11:12 AM Bug #14386: ``openvpn.auth-user.php`` gets stuck at 100% CPU usage when RADIUS authentication times out: Can not reproduce on 23.05.1
23.05.1-RELEASE (amd64)
built on Wed Jun 28 03:57:27 UTC 2023
FreeBSD 14.0-CURRENT aleksei prokofiev
02:03 PM pfSense Packages Bug #14315 (Resolved): Routes are not exposed on Tailscale when an empty route entry exists in the GUI: Christian McDonald
11:57 AM pfSense Packages Bug #14315: Routes are not exposed on Tailscale when an empty route entry exists in the GUI: Tested on 23.05.1 and CE 2.7.0, looks like it has been fixed, I could not reproduce.
23.05.1-RELEASE (amd64)
built ... aleksei prokofiev
12:53 PM Bug #14597: Captive Portal: Allowed IPs are not working when config is inherited from earlier versions: Hi Jim,
I already did.
The difference is the entry <dir>both</dir> is missing at the allowed IP. Looks like 2.6... Volker Werbus
12:41 PM Bug #14597: Captive Portal: Allowed IPs are not working when config is inherited from earlier versions: Can you compare the @config.xml@ contents from an older entry with a new entry to see what the difference is in the r... Jim Pingle
08:13 AM Bug #14597 (New): Captive Portal: Allowed IPs are not working when config is inherited from earlier versions: Hi PFSense developers,
we are running 200+ locations with PFSense, varoius hardware, various versions. We did a ma... Volker Werbus
12:39 PM Feature #14595 (Rejected): Enable use of aliases: Those are two wildly different use cases and shouldn't be lumped into a single feature request.
Also doing so woul... Jim Pingle
11:31 AM Bug #14325: Captive Portal incorrectly allows leading zeroes on voucher roll numbers: Checked, I confirm this behavior on 23.05.1 as well.
23.05.1-RELEASE (amd64)
built on Wed Jun 28 03:57:27 UTC 2023
... aleksei prokofiev
06:35 AM Regression #14500: PHP Error when viewing Traffic Graphs in ``iftop`` mode: Can't reproduce the issue on 23.05.1 and on 23.09-DEVELOPMENT (amd64)
built on Wed Jul 19 20:12:23 UTC 2023 Lev Prokofev

07/20/2023

10:51 PM Feature #14595 (Rejected): Enable use of aliases: If possible, it’d be useful to have the ability to use aliases for DNS servers in both ‘General Setup’ and in ‘Servic... James Chambers
05:55 PM Feature #14402: Dynamic DNS support for Porkbun: PR merged, thanks! Jim Pingle
05:40 PM Feature #14402 (Feedback): Dynamic DNS support for Porkbun: Applied in changeset commit:d9d91d5df28c235baba4bfe3cc7c792037df35c2. Nita Vesa
05:32 PM Revision d9d91d5d: Add dynamic DNS support for Porkbun DNS, closes #14402: Signed-off-by: Nita Vesa <nita.vesa@elektrik.link> Nita Vesa
04:43 PM Revision 834bb946: services_dhcp_relay.php: introduce proper shortcut section for dhcrelay: Christian McDonald
04:08 PM pfSense Packages Feature #14529: eBPFShield: https://github.com/generic-ebpf/generic-ebpf
should do the job adds kernel/user space tools
Generic eBPF run... Michael Lawrence
01:54 PM Revision 56490538: services_dhcp.php: cleanup warning notice when DHCP relay is enabled: Christian McDonald
12:53 PM Bug #14590: OpenVPN server crashes when client closes connection: me me wrote in #note-2:
> > This site is not for support or diagnostic discussion.
>
> I did not ask for support.... Jim Pingle
06:38 AM Bug #14590: OpenVPN server crashes when client closes connection: > This site is not for support or diagnostic discussion.
I did not ask for support.
> If an actionable bug can ... me me
12:52 PM pfSense Packages Bug #14560 (Resolved): NRPE does not function properly on Plus 23.09 / CE 2.7.0: Jim Pingle
07:01 AM pfSense Packages Bug #14560: NRPE does not function properly on Plus 23.09 / CE 2.7.0: Tested package 4.1 on ... Lev Prokofev
09:12 AM pfSense Packages Bug #14554: PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string: I do have some customizations in unbound, but they're not connected with dhcp (private-domain, local-zone, forward-zo... Alex Kolesnik
08:51 AM pfSense Packages Bug #14554: PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string: I set up DHCP Static Mappings in the DHCP server but couldn't replicate the issue with a fresh pfBlocker installation... Danilo Zrenjanin
09:01 AM pfSense Plus Bug #14531: Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.: Can confirm if DCO is not active, the widget shows the correct graphs Lev Prokofev
07:01 AM pfSense Plus Bug #14531: Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.: The sole distinction lies in whether the DCO option was activated or deactivated on the server. ... Danilo Zrenjanin
06:59 AM pfSense Plus Bug #14531: Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.: I tested again on a VM hosted on ProxMox with the factory default config file and the OpenVPN configured through the ... Danilo Zrenjanin
08:52 AM pfSense Packages Regression #14561: FRR errors accessing Global Settings after deleting BGP neighbor: I can confirm this behavior.
This seems to be a duplicate of https://redmine.pfsense.org/issues/14493
Danilo Zrenjanin
08:12 AM pfSense Packages Bug #14553 (Resolved): Call to undefined function sync_package_filer(): Tested on the:... Danilo Zrenjanin
02:38 AM Bug #14593: Build.sh script failing while trying to rename the new php-pfSense-module: (Correction) The file is *builder_common.sh* not the build.sh Fabricio Guzzy
12:42 AM Bug #14593 (New): Build.sh script failing while trying to rename the new php-pfSense-module: Up to Version 2.6.0, the build.sh script could successfully rename the php-pfsense-module to be used with a different... Fabricio Guzzy
12:58 AM pfSense Plus Feature #14594 (New): VDOM on pfsense: I do not see this feature in any of the open requests but having a similar functionality to VDOM (virtual domain) on ... Conor Dang

07/19/2023

07:16 PM pfSense Packages Bug #14592 (Feedback): Issues with ACME Private Key handling: Commit: https://github.com/pfsense/FreeBSD-ports/commit/2b3c7e925fed1d53763e6d2eee5e5ab2289b4116
Packages are buil... Jim Pingle
06:40 PM pfSense Packages Bug #14592 (Resolved): Issues with ACME Private Key handling: There are some problems with private key handling in the ACME package that appear to have been ongoing for a while.
... Jim Pingle
07:12 PM Bug #14591: Restoring with different interfaces (partially?) applies changes before reboot: That does sound very similar but only one of my cases was using VLANs (restore from 4860 to a very temporary 2100 wit... Steve Y
07:01 PM Bug #14591: Restoring with different interfaces (partially?) applies changes before reboot: You are correct that this is unlikely to affect only plus. I've set it to pfSense. Steve was looking into this a bit ... Jim Pingle
05:27 PM Bug #14591: Restoring with different interfaces (partially?) applies changes before reboot: typo: deletes or adds _an_ interface Steve Y
05:26 PM Bug #14591 (New): Restoring with different interfaces (partially?) applies changes before reboot: Initial forum topic: https://forum.netgate.com/topic/181356/restore-issues-apply-changes-button-missing-save-does-not... Steve Y
05:05 PM Regression #14502: DHCPv6 Prefix Delegation (PD) not installing routes: Applied in changeset commit:892d939ee0473992abece201ed3d5d2bfdfd276f. Christian McDonald
05:00 PM Regression #14502 (Feedback): DHCPv6 Prefix Delegation (PD) not installing routes: Christian McDonald
05:01 PM Regression #14534 (Resolved): Cavium ``qlnxe`` / ``if_qlnxe`` driver is not present: Christian McDonald
04:59 PM Revision 892d939e: Restore and continue to support dhcpleases6 until Kea migration is complete. Fixes #14502: Christian McDonald
03:23 PM Bug #14450 (Closed): 23.05 fails to boot on Hyper-V after VM power off, workaround: Marcos M
03:00 PM pfSense Packages Bug #14585 (Closed): Fatal error editing acme certificates: Looking at the PHP code blocks you showed above, something must not have updated in your setup. Lines were added to i... Jim Pingle
12:58 PM Bug #14590 (Rejected): OpenVPN server crashes when client closes connection: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
12:56 PM Bug #14590 (Rejected): OpenVPN server crashes when client closes connection: I have a OpenVPN server running on interface WAN2 which has a single OpenVPN client connecting to it.
The OpenVPN se... me me
12:52 PM pfSense Packages Feature #10462 (Resolved): CPU Temp Screen: Jim Pingle
12:51 PM pfSense Packages Feature #10462: CPU Temp Screen: Works well! Thank you very much! odo maitre
12:44 PM pfSense Packages Feature #10462 (Feedback): CPU Temp Screen: I didn't merge the original PR since other work on the package caused conflicts and made a lot of the changes unneces... Jim Pingle
12:51 PM pfSense Packages Bug #11509 (Closed): LCD package - not starting at boot - stop and start in Status Window not possible: This report is quite old and the package has had significant work done to it since then. Please try it again on pfSen... Jim Pingle
12:46 PM pfSense Packages Feature #14321: Add UPS information to LCDproc screen: It should be OK to add that in, but it would need to be made conditional. By that I mean the option for the screen sh... Jim Pingle
12:42 PM pfSense Packages Bug #14571 (Resolved): PHP Error prevents LCDProc client from working properly due to empty VIP tags in config.xml: The error as originally stated in this issue is solved. If you still have problems starting LCDProc, please post a ne... Jim Pingle
12:38 PM Bug #14589 (Rejected): Error in auto generated Gateways: I cannot reproduce the problem as stated. A disconnected and assigned client has an empty/undefined gateway and once ... Jim Pingle
06:30 AM Bug #14589 (Rejected): Error in auto generated Gateways: 2.7.0: When using an OpenVPN-Client and assigning an interface to it, an ipv4 gateway is auto generated with gateway ... Chris Fokkenrood
02:26 AM pfSense Packages Feature #14588 (Resolved): Add FRR diagnostic status output plugin: Since FRR is a package and the status output does not generate information for packages, it would be really helpful f... Chris Linstruth

07/18/2023

07:15 PM pfSense Packages Bug #14585: Fatal error editing acme certificates: I just edited config.xml and added actions to my items.
It worked. I immediately got access to those items in pfS... Phil Tull
05:32 PM pfSense Packages Bug #14585: Fatal error editing acme certificates: Thanks. I'm going to try this tonight.
Perfect. Phil Tull
05:01 PM pfSense Packages Bug #14585: Fatal error editing acme certificates: Phil Tull wrote in #note-6:
> ok one more question please.
> Is it possible for me to edit the live config.xml and ... Jim Pingle
04:59 PM pfSense Packages Bug #14585: Fatal error editing acme certificates: ok one more question please.
Is it possible for me to edit the live config.xml and put in the actions (presumable to... Phil Tull
04:53 PM pfSense Packages Bug #14585: Fatal error editing acme certificates: Phil Tull wrote in #note-4:
> I'm considering your suggestion to reinstall acme.
In this case I doubt it would ma... Jim Pingle
04:15 PM pfSense Packages Bug #14585: Fatal error editing acme certificates: I'm considering your suggestion to reinstall acme.
Would that require me to rebuild all my acme settings?
I wonder ... Phil Tull
04:10 PM pfSense Packages Bug #14585 (New): Fatal error editing acme certificates: OK, you mean no actions defined in the list in the cert entry -- I thought you meant they showed no action icons in t... Jim Pingle
03:41 PM pfSense Packages Bug #14585: Fatal error editing acme certificates: Yes, I'm in the config.xml and it looks perfectly normal to me. I'll attach an example entry.
Consider this...
<p... Phil Tull
02:42 PM pfSense Packages Bug #14585 (Feedback): Fatal error editing acme certificates: Sounds like you have a corrupted/incomplete certificate entry in the configuration that is leading to the errors, but... Jim Pingle
01:22 AM pfSense Packages Bug #14585 (Closed): Fatal error editing acme certificates: After updating pfSense from 2.6.0 to 2.7.0, cannot manage acme certificates IF the certificate has NO actions.
Acme ... Phil Tull
04:55 PM Bug #14587: Firewall Log Sort By Time: Brian Shell wrote in #note-2:
> Setting the logging to RFC-5424 does indeed work around the issue, thank you. I don... Jim Pingle
04:22 PM Bug #14587: Firewall Log Sort By Time: Setting the logging to RFC-5424 does indeed work around the issue, thank you. I don't have the programming skills to... Brian Shell
03:24 PM Bug #14587: Firewall Log Sort By Time: The sortable table code is usually smart enough to pick up on date fields but apparently not in this case. When the l... Jim Pingle
03:14 PM Bug #14587 (New): Firewall Log Sort By Time: When viewing the System Logs > Firewall, and trying to sort by Time with newest first, it appears the sort is working... Brian Shell
03:14 PM Bug #14579: PHP error in ``handle_wireless_post()`` when toggling some wireless interface options: The same could happen on CE, not just Plus. There are several places there for that and other settings nearby which c... Jim Pingle
03:09 PM pfSense Plus Feature #14582 (Not a Bug): Interfaces/Interface Assignments wireless MAC missing: That is intentional. Those are not wireless interfaces directly, but virtual "clones" of a wireless interface (VAPs).... Jim Pingle
03:07 PM pfSense Docs Todo #14580 (Closed): Feedback on Installing and Upgrading — Prepare Installation Media: I added a warning on https://docs.netgate.com/pfsense/en/latest/install/download-installer-image.html in two places -... Jim Pingle
02:45 PM pfSense Packages Bug #14553 (Feedback): Call to undefined function sync_package_filer(): Request merged. Jim Pingle
02:36 PM pfSense Packages Feature #14583: Add LiveKit package: In my opinion, I don't believe this package, essentially being a video conference server, is a good fit for running o... Jim Pingle
02:36 PM Bug #14576: "Convert interface definitions" option is not respected when bulk copying rules: I had apply the patch, now I can see the difference.
Fixed, thanks guys!!! Peter Moreno
01:03 PM Bug #14576: "Convert interface definitions" option is not respected when bulk copying rules: Peter Moreno wrote in #note-3:
> How to apply the patch to 2.7-Release?
> Regards!!
You can install the "System ... Jim Pingle
03:32 AM Bug #14576: "Convert interface definitions" option is not respected when bulk copying rules: How to apply the patch to 2.7-Release?
Regards!! Peter Moreno
01:00 PM Bug #14584 (Rejected): Report a Bug.: We cannot accept bug reports against past versions, only against the current release, which is either Plus 23.05.1 or... Jim Pingle
12:58 PM pfSense Packages Feature #14101 (Resolved): Add Zabbix 6.4 packages: Jim Pingle
12:57 PM pfSense Plus Bug #14531: Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.: There is likely some other configuration factor contributing here then, such as tun/tap, subnet size, topology, etc. ... Jim Pingle
12:55 PM Todo #14581 (Resolved): CE 2.7.0 release branch missing on GitHub repository: Jim Pingle
10:30 AM Todo #14581: CE 2.7.0 release branch missing on GitHub repository: Noah Jacobson wrote:
> pfSense CE 2.7.0 has been released however there is no branch for it on the public GitHub. Th... Noah Jacobson
12:22 PM Bug #14577: OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``: I have been able to reproduce the issue, some details below.
My OpenVPN server has the @Allow connected clients to... Michael Mercier
05:30 AM pfSense Plus Bug #14586 (Resolved): Adding an IP Alias VIP using a unicast CARP VIP as its parent changes the CARP VIP to multicast at the OS level: Adding IP Alias to a unicast CARP VIP results in the CARP VIP being reconfigured to multicast. Reapplying (i.e. savin... James George

07/17/2023

08:27 PM Revision d605ac4d: dhcpd: re-add devfs to dhcpd chroot (BPF needs it): Christian McDonald
08:16 PM Revision 7ddc0080: dhcpd: remove unnecessary paths from dhcpd chroot: Christian McDonald
07:22 PM Feature #14483: Conditionally reconfigure IPsec VTI interfaces only when necessary while applying IPsec changes: Just wanted to follow up to say that my testing has observed similar findings as well. Apologies for the late reply.... Mike Moore
05:56 PM Bug #14584 (Rejected): Report a Bug.: https://forum.netgate.com/topic/181585/report-a-bug
Hello everyone, thank you for accepting me I did a clean insta... e ok
04:39 PM pfSense Packages Bug #14571: PHP Error prevents LCDProc client from working properly due to empty VIP tags in config.xml: Soren Pedersen wrote in #note-7:
> @Jim Pringle:
>
> I installed the updated version of LCDProc on PFsense 2.7.0 ... Jim Pingle
04:33 PM pfSense Packages Bug #14571: PHP Error prevents LCDProc client from working properly due to empty VIP tags in config.xml: @Jim Pringle:
I installed the updated version of LCDProc on PFsense 2.7.0 and the service still refuses to start. Re... Soren Pedersen
03:32 PM Bug #14574 (Resolved): Firewall rules are not displayed properly when they reference a URL table alias and its file does not exist: Marcos M
03:14 PM pfSense Packages Feature #14583: Add LiveKit package: PR link => https://github.com/pfsense/FreeBSD-ports/pull/1273 Andrés Manelli
01:00 PM pfSense Packages Feature #14583 (Pull Request Review): Add LiveKit package: This is to add the LiveKit server as a pfSense package and configuration UI.
I created a pull request in GitHub wi... Andrés Manelli
02:45 PM pfSense Packages Regression #14445: HAProxy PHP error /usr/local/www/haproxy/haproxy_global.php:138: I'm experiencing this regression on CE 2.7 when trying to de-activate HA Proxy. If I then refresh the browser, I am a... Alex Neihaus
09:37 AM Revision dc57795c: Unset DPCRE2/SPCRE2 options for haproxy-devel: Fix build failure:
====> You cannot select multiple options from the PCRE radio
=====> Only one of th... Kristof Provost
08:06 AM pfSense Plus Bug #14005: SFP Interfaces not available with Traffic Shaper in v23.01: Hi Chris, Yes, I was booting between different snapshots v22.05 and then 23.01. The Netgates have been updated to 23.... Brendon Flint
02:27 AM pfSense Packages Bug #14532: Error is logged every time a domain in the DNSBL is temporarily unlocked or re-locked: After doing some more testing on this, I also get the results you reported, i.e., nothing gets logged to py_errors.lo... Derek Fong
02:06 AM pfSense Plus Feature #14582 (Not a Bug): Interfaces/Interface Assignments wireless MAC missing: hello fellow redmine members,
I noticed that wireless interfaces do not list their mac address. Please see attached. Jonathan Lee

07/16/2023

11:47 PM Todo #14581 (Resolved): CE 2.7.0 release branch missing on GitHub repository: pfSense CE 2.7.0 has been released however there is no branch for it on the public GitHub. The @master@ branch has al... Noah Jacobson
11:45 AM pfSense Plus Bug #13348 (Resolved): Error when deleting ZFS Boot Environment created from duplicate of non-default entry: Christian McDonald
02:45 AM pfSense Plus Bug #13348: Error when deleting ZFS Boot Environment created from duplicate of non-default entry: Tested on July 10th builds of 23.09. Following Marcos' steps, I'm not able to reproduce this bug, so looking fixed. Kris Phillips
05:41 AM pfSense Docs Todo #14580 (Closed): Feedback on Installing and Upgrading — Prepare Installation Media: *Page:* https://docs.netgate.com/pfsense/en/latest/install/prepare-installer-media.html
*Feedback:* for verifying ... Eric Kurman
02:37 AM pfSense Plus Bug #14531: Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.: I tested this with AES-128-GCM and DCO enabled and the Status --> Traffic Graphs still show traffic normally for me. ... Kris Phillips
02:27 AM Regression #14569: ``bnxt(4)`` driver errors: Hello,
Are you able to test this in the 23.09 snapshots to see if this issue is resolved? Kris Phillips
02:20 AM Bug #14579: PHP error in ``handle_wireless_post()`` when toggling some wireless interface options: Tested this on 23.09 DEVELOPMENT builds. I'm not able to reproduce this, so either something else is needed to recre... Kris Phillips
02:04 AM pfSense Packages Bug #14562: PHP error when trying to run OSPF and BGP in the same time: is there a specific configuration in OSPF/BGP? Alhusein Zawi
12:39 AM pfSense Packages Bug #14553 (Pull Request Review): Call to undefined function sync_package_filer(): Thank you for the bug report. I have tested and confirmed the issue. A merge request is created so this fix will be a... Christopher Cope

07/15/2023

09:11 PM Bug #14548 (Resolved): ``status_logs_filter_dynamic.php`` does not encode value of ``interfacefilter`` in raw mode: Tested on... Christopher Cope
09:04 PM pfSense Plus Bug #14005: SFP Interfaces not available with Traffic Shaper in v23.01: I presume you're booting between different ZFS snapshots, correct? If you upgrade or reflash to 23.05.1, does it beha... Chris W
08:15 PM pfSense Packages Feature #14101: Add Zabbix 6.4 packages: the package is added .
23.05.1-RELEASE (amd64)
built on Wed Jun 28 03:57:27 UTC 2023
FreeBSD 14.0-CURRENT Alhusein Zawi
07:45 PM pfSense Plus Bug #13348: Error when deleting ZFS Boot Environment created from duplicate of non-default entry: I was able to create a new boot environment, clone it and remove the original as described above on 23.09.a.20230710.... Jordan G
07:26 PM pfSense Plus Regression #14436: Upgrades from 23.05-RC/beta/dev fail server authentication: seeing some different choices in the branch selection just when cycling Jordan G
06:39 PM pfSense Packages Bug #14532 (Not a Bug): Error is logged every time a domain in the DNSBL is temporarily unlocked or re-locked: What pfSense and pfBlocker versions are you using?
I'm unable to replicate this on pfSense Plus 23.05.1 with pfBlo... Chris W
05:50 PM Bug #14574: Firewall rules are not displayed properly when they reference a URL table alias and its file does not exist: Using above changeset on 23.05.1 restoring a firewall rule that references a non-existent alias produces a notificati... Jordan G
08:29 AM pfSense Plus Bug #14531: Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.: I ran another test and this time, I disabled DCO. The traffic Graph widget was showing traffic.
The problem only oc... Danilo Zrenjanin
07:32 AM pfSense Packages Bug #14530 (Confirmed): Suricata 6.0.13 package interface settings: Danilo Zrenjanin
06:58 AM pfSense Plus Bug #14563 (Resolved): System Log - General Log Order Setting is not being respected when using Raw Logs: Tested the patch against:... Danilo Zrenjanin
12:38 AM Bug #14579 (Resolved): PHP error in ``handle_wireless_post()`` when toggling some wireless interface options: Hello fellow redmine community members. I found a php error when I change SSID to hidden. WiFi card works otherwise.
... Jonathan Lee

07/14/2023

10:37 PM Feature #14448 (In Progress): Support interface groups in firewall rule source/destination fields: Marcos M
07:07 PM pfSense Packages Bug #14571 (Feedback): PHP Error prevents LCDProc client from working properly due to empty VIP tags in config.xml: This should be fixed now. I don't have a panel with buttons to test it (yet, it's on the way) but I see why it was fa... Jim Pingle
12:21 PM pfSense Packages Bug #14571 (In Progress): PHP Error prevents LCDProc client from working properly due to empty VIP tags in config.xml: I have some ideas on why the button calls are hitting that error, I'll work on it some more.
Good to know the othe... Jim Pingle
02:51 AM pfSense Packages Bug #14571: PHP Error prevents LCDProc client from working properly due to empty VIP tags in config.xml: I've updated to the newest package and life is good again. thank you Cino .
05:15 PM Bug #14577: OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``: Does OpenVPN need to be restarted after applying the patch? If so I will need to book a maintenance window for it to... Michael Mercier
02:53 PM Bug #13327 (Resolved): Valid OpenVPN client connections rejected due to extraneous output to ovpn_auth_verify: Jim Pingle
02:03 PM Bug #13327: Valid OpenVPN client connections rejected due to extraneous output to ovpn_auth_verify: I just tested with CE 2.7. I confirmed that my [[patch: https://redmine.pfsense.org/issues/13327#note-5]] is no longe... Brian Martin
12:18 PM pfSense Packages Bug #13343 (Resolved): HAproxy cookie protection syntax needs updated: Jim Pingle
05:51 AM pfSense Packages Bug #13343: HAproxy cookie protection syntax needs updated: Hello,
it works now together with the haproxy version 0.61_11.
Thanks!
Johannes Goldynia
09:20 AM Bug #14576 (Resolved): "Convert interface definitions" option is not respected when bulk copying rules: Tested the patch against:... Danilo Zrenjanin
08:59 AM Bug #14524 (Resolved): Cannot select IP Alias VIP with CARP VIP parent in Virtual IP drop-down on Gateway Groups: I have conducted tests on both versions 23.05 and 23.05.1 and can confirm that the patch is functioning properly as a... Danilo Zrenjanin
01:02 AM pfSense Packages Feature #14032: Neighbor Discovery Proxy (NDproxy): There is a growing need for this with more providers sticking us with /64. It's understandable that this wouldn't be ... spoon spoon

07/13/2023

10:45 PM pfSense Packages Bug #14571: PHP Error prevents LCDProc client from working properly due to empty VIP tags in config.xml: Seeing some errors when trying to use the Reboot or Shutdown functions from the LCD buttons:... Steve Wheeler
07:50 PM pfSense Packages Bug #14571 (Feedback): PHP Error prevents LCDProc client from working properly due to empty VIP tags in config.xml: Fixed in the new version of the package I just committed. Will be available once the package builds finish.
Jim Pingle
10:20 PM Bug #14577 (Feedback): OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``: The duplicate connections are disconnected automatically after the timeout period, at which point the related files/r... Marcos M
09:18 PM Bug #14577: OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``: Yes, the "duplicate" @ovpn_ovpns1_<user>_<port>.rules@ differ by port number, multiple connections are *not* enabled ... Michael Mercier
07:00 PM Bug #14577: OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``: I presume the "duplicate" @ovpn_ovpns1_<user>_<port>.rules@ files differ by port number, in which case it'd mean the ... Marcos M
02:49 PM Bug #14577 (Needs Patch): OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``: Hello,
I am seeing duplicate @ovpn_ovpns1_<user>_<port>.rules@ files in the /tmp directory, and I also see duplica... Michael Mercier
07:54 PM pfSense Packages Bug #14406: Squid Proxy version 0.4.46 Missing Error subfolder and files for "en" or "en-usa" and all other languages.: Hello,
I wanted to add an issue I am experiencing with Squid plugin version 0.4.46.
I am not sure if this iss... K Puleston
05:29 PM Feature #14265 (Resolved): Option to invalidate GUI login session if the client address changes: I've just tested again applying the patch on a clean install. It works as expected.
Tested against:... Danilo Zrenjanin
03:35 PM Bug #14574 (Feedback): Firewall rules are not displayed properly when they reference a URL table alias and its file does not exist: Applied in changeset commit:2aba9f00f3b4fc179153f2bc77fca61ec373e372. Marcos M
03:35 PM Bug #13068 (Feedback): Firewall rules fail to load when a URL table alias file does not exist: Applied in changeset commit:3789fca8088be8df178266d899a9261385752469. Marcos M
03:24 PM Revision 2aba9f00: Don't fetch contents of nonexistent URL aliases. Fix #14574: Marcos M
03:24 PM Revision 3789fca8: Validate all URL alias types when expanding URL aliases. Fix #13068: Marcos M
03:03 PM pfSense Packages Bug #13343 (Feedback): HAproxy cookie protection syntax needs updated: PR merged, thanks!
Packages are building for Plus 23.05.1 and CE 2.7.0, they will be available shortly.
Jim Pingle
01:53 PM pfSense Packages Todo #14202 (Resolved): Rename exported OpenVPN connect files as "connect" rather than "ios": This has been available for Plus 23.05.1 and CE 2.7.0 for several days with no reports of trouble.
We can open new... Jim Pingle
01:53 PM pfSense Packages Todo #13255 (Resolved): Set PKCS#12 algorithm when exporting OpenVPN ZIP or Windows bundles: This has been available for Plus 23.05.1 and CE 2.7.0 for several days with no reports of trouble.
We can open new... Jim Pingle
01:52 PM pfSense Packages Todo #13917 (Resolved): OpenVPN Client Export: Integrate OpenVPN 2.6.0: This has been available for Plus 23.05.1 and CE 2.7.0 for several days with no reports of trouble.
We can open new... Jim Pingle
01:36 PM pfSense Docs New Content #14573 (Resolved): Add a warning to ZFS users not to upgrade the ZFS pool beyond what the bootloader supports: Note added and deployed: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/a8e1b3f931cac290e3edfad77f529e9c6fcbe92a Jim Pingle
12:50 PM Bug #14576 (Feedback): "Convert interface definitions" option is not respected when bulk copying rules: Applied in changeset commit:77e168861ba43b3d6290df07fc04481c09174b28. Jim Pingle
12:41 PM Bug #14576 (Resolved): "Convert interface definitions" option is not respected when bulk copying rules: When using the "Copy" button to bulk copy rules from one interface to another, the "Convert interface definitions" op... Jim Pingle
12:43 PM Revision 77e16886: Correct JS for bulk rule copy convertif. Fixes #14576: Jim Pingle
12:12 PM Bug #14575 (Duplicate): Renewing the pppoe WAN cause crash if the Tailscale enabled: The backtrace here is identical to #14431 and given the way the problem is stated seems highly likely to be the same ... Jim Pingle
07:07 AM Bug #14575 (Duplicate): Renewing the pppoe WAN cause crash if the Tailscale enabled: Steps to reproduce:
Install and enable Tailscale
In Status=>Interfaces On the WAN interface, click on Disconnect ... Lev Prokofev
07:28 AM pfSense Packages Feature #14321: Add UPS information to LCDproc screen: Geo Rou wrote:
> Hi,
>
> I'd like to add a new screen to LCDproc that reads the UPS information from NUT.
Jus... odo maitre

07/12/2023

10:44 PM Bug #14574 (Pull Request Review): Firewall rules are not displayed properly when they reference a URL table alias and its file does not exist: Fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1047 Marcos M
10:28 PM Bug #14574 (Resolved): Firewall rules are not displayed properly when they reference a URL table alias and its file does not exist: Steps to reproduce:
# Disconnect pfSense from the internet.
# Restore a config with a URL IP or Port alias which do... Marcos M
10:44 PM Bug #13068 (Pull Request Review): Firewall rules fail to load when a URL table alias file does not exist: This occurs when the related file under @/var/db/aliastables/@ does not exist. I found a related bug while troublesho... Marcos M
05:22 PM pfSense Docs New Content #14573 (Resolved): Add a warning to ZFS users not to upgrade the ZFS pool beyond what the bootloader supports: Speifically in the 2.7 release notes where an unwary user can hit this:
https://docs.netgate.com/pfsense/en/latest/r... Steve Wheeler
04:30 PM pfSense Packages Bug #14572 (Resolved): Unused DNSBL files may not be removed: Hi,
I get the following crash report:... Jove Too
03:28 PM pfSense Packages Bug #14560 (Feedback): NRPE does not function properly on Plus 23.09 / CE 2.7.0: Updated package committed on devel branches and also to RELENG_2_7_0, should be available soon on CE 2.7.0 and in dev... Jim Pingle
01:32 PM pfSense Packages Bug #14560 (In Progress): NRPE does not function properly on Plus 23.09 / CE 2.7.0: Some care will be needed here since CE 2.7.0 apparently has the OS package nrpe-4.1.0 while Plus 23.05.1 has nrpe3-3.... Jim Pingle
02:48 PM pfSense Packages Bug #14571 (Resolved): PHP Error prevents LCDProc client from working properly due to empty VIP tags in config.xml: Since the latest pfSense update, the LCDproc client is unable to connect to the LCDproc server. I can confirm LCDproc... Cino .
02:15 PM pfSense Docs Correction #14511: Dynamic Routing over WireGuard: Hi Jim,
Did you manage to test my thesis in a lab? Mike Moore
12:26 PM pfSense Packages Regression #14452: Prometheus node_exporter generates errors with the default config: Confirmed this also affects the 2.7 package:
https://forum.netgate.com/topic/180575/node_exporter-is-not-working-pr... Steve Wheeler
09:41 AM Regression #14570 (Duplicate): Broadcom NetXtreme interfaces (bnxt) driver issue in 23.05.1: Duplicate of https://redmine.pfsense.org/issues/14569 Danilo Zrenjanin
09:18 AM Regression #14570 (Duplicate): Broadcom NetXtreme interfaces (bnxt) driver issue in 23.05.1: Broadcom NetXtreme interfaces don't work in 23.05.1
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=269133 Danilo Zrenjanin
09:38 AM pfSense Plus Bug #14531: Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.: In my case:
DCO enabled
Tun mode
Platform 5100
Lev Prokofev
09:11 AM Regression #14569: ``bnxt(4)`` driver errors: wrong link, heres the correct one.
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=269133 David Ludvigsson
09:09 AM Regression #14569 (Closed): ``bnxt(4)`` driver errors: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=236983 happening on both pfsense CE 2.7 and plus 23.5.1.
sample ... David Ludvigsson

07/11/2023

09:52 PM pfSense Packages Bug #13489 (Resolved): Tailscale Exit node without IPv6 connectivity break connections with Chromium based browser: We are up to Tailscale v1.44.
> Tailscale 1.30.1 has been released which includes the fix for this issue. The upda... Christian McDonald
09:35 PM Feature #11369 (Resolved): add Enabling IPv6 Source Address Validation support: This is now enabled by default after the move to FreeBSD 14. Marcos M
09:08 PM pfSense Packages Bug #13515: Snort with PHP 8.1 - TypeError when saving edits to an interface: I am still seeing this error in 2.7.0-RELEASE.... Jove Too
07:56 PM Revision 5a2d873b: ipsec: correct typo in var name when modifying p1s: Reid Linnemann
03:44 PM pfSense Docs Todo #14564 (Closed): Feedback on Releases — 22.05/22.05.1 New Features and Changes (add note for 2100): Corrected and deployed:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/370c2215edefe68c74f1d5326604df23f7a5... Jim Pingle
03:43 PM Bug #14567 (Rejected): Traffic flow since upgrade from 2.5 to 2.6: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
03:42 PM Bug #14567 (Rejected): Traffic flow since upgrade from 2.5 to 2.6: Since upgrading from 2.5 to 2.6 http will flow from LAN interface into our IIS interface hit our IIS servers and repl... Rob Woodcock
09:10 AM pfSense Packages Bug #14554: PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string: By reading /usr/local/pkg/pfblockerng/pfblockerng.inc it seems a few more lines down this part might be affected as w... Buster de

07/10/2023

10:22 PM Regression #14026: HA node with CARP VIP in backup state is unable to ping the active node using that CARP VIP address: For reference:
This is due to source validation which is now being enabled by default. To return the previous behavi... Marcos M
08:13 PM pfSense Packages Bug #14560: NRPE does not function properly on Plus 23.09 / CE 2.7.0: Thank you all!
> So to re-summarize, these -5- 6 changes appear to restore 100% functionality from the previous rele... Tom Huerlimann
05:25 PM pfSense Packages Bug #14560: NRPE does not function properly on Plus 23.09 / CE 2.7.0: @TomTheOne: I'd suggest rebooting after making the five changes I listed above. nrpe3.sh definitely seems to get gene... Jeff Morris
05:12 PM pfSense Packages Bug #14560: NRPE does not function properly on Plus 23.09 / CE 2.7.0: Ok, I think I've got this figured out... nrpe3.sh gets automatically generated, so disregard my previous comment rega... Jeff Morris
05:06 PM pfSense Packages Bug #14560: NRPE does not function properly on Plus 23.09 / CE 2.7.0: In my case, nrpe is already running by manually starting the service via start-script in /usr/local/etc/rc.d/nrpe.
I... Tom Huerlimann
04:44 PM pfSense Packages Bug #14560: NRPE does not function properly on Plus 23.09 / CE 2.7.0: Sorry for the confusion Tom. Those changes do indeed fix it on my system, but after seeing your comment I just did so... Jeff Morris
04:18 PM pfSense Packages Bug #14560: NRPE does not function properly on Plus 23.09 / CE 2.7.0: Thank you
> So in summary, these 4 changes appear to restore 100% functionality from the previous release:
>
> /... Tom Huerlimann
04:07 PM pfSense Packages Bug #14560: NRPE does not function properly on Plus 23.09 / CE 2.7.0: Two more notes:
(1) At least on my system, the command="/usr/local/sbin/nrpe" change had to be made to /usr/local/... Jeff Morris
03:37 PM pfSense Packages Bug #14560: NRPE does not function properly on Plus 23.09 / CE 2.7.0: In addition to the daemon name being changed from nrpe3 to nrpe, I've noticed that the associated check command has a... Jeff Morris
07:27 PM pfSense Packages Bug #14566 (Confirmed): Softlflowd package don't send ICMP flows: I am using the softflowd package v.1.2.6_1 on pfsense v.2.7.0
Apparently icmp traffic is not sent from the sensor to... Yuran Yastreb
04:00 PM Bug #14565 (Duplicate): php crash when killing openvpn session: Duplicate of #12817 which is fixed in 2.7.0.
Jim Pingle
03:59 PM Bug #14565 (Duplicate): php crash when killing openvpn session: Hi,
I just copy/paste the crash report here. This is a regression from 2.5.x... abk imp
03:43 PM pfSense Docs Todo #14564 (Closed): Feedback on Releases — 22.05/22.05.1 New Features and Changes (add note for 2100): *Page:* https://docs.netgate.com/pfsense/en/latest/releases/22-05.html
*Feedback:*
Per https://forum.netgate.com/... Steve Y
02:26 PM Regression #14374: Static ARP entries are not configured at boot: Yeah I just tested this on my 2.7 and working..
I posted details of the test here.
https://forum.netgate.com/po... JohnPoz _
02:04 PM Regression #14374: Static ARP entries are not configured at boot: ARAMP1 _ wrote in #note-22:
> Does not appear to work on 2.7.0.
It works on 2.7.0 in my testing here. You will ne... Jim Pingle
01:46 PM Regression #14374: Static ARP entries are not configured at boot: Does not appear to work on 2.7.0. ARAMP1 _
01:04 PM Regression #14374 (Resolved): Static ARP entries are not configured at boot: Jim Pingle
01:15 PM pfSense Plus Bug #14563 (Feedback): System Log - General Log Order Setting is not being respected when using Raw Logs: Applied in changeset pfsense:commit:7f7d0165a37f0d7d2e0e8e5d1bd4ab2e35fc8ab8. Christopher Cope
01:06 PM pfSense Packages Bug #14559 (Duplicate): nrpe 3.1_6 service control broken on pfSense 2.7.0: Jim Pingle
01:05 PM Bug #14462 (Resolved): Breadcrumb path missing on ``system_register.php``: Jim Pingle

07/09/2023

12:25 PM Bug #14434: PPPoE WAN interface with VIPs causes continuous interface restarting: This also affects 2.7 and when using IPAlias VIPs on the WAN.
See: https://forum.netgate.com/topic/181345/2-7-0-pppo... Steve Wheeler
08:03 AM pfSense Packages Bug #14364: APCUPSD unable to process date string: Perfect, thanks Kris :-) Lloyd Collins
01:44 AM pfSense Packages Bug #14364 (Confirmed): APCUPSD unable to process date string: Yeah we should add a date format option to the widget so that it properly displayed depending on user input. Kris Phillips
01:56 AM pfSense Packages Bug #14349 (Confirmed): The ClamAV 0.105.1 got a few vulnerabilities: pfSense Plus 23.09 has the latest ClamAV 1.1.0, which is not vulnerable:
/usr/local/sbin/clamd --version
ClamAV 1... Kris Phillips
01:37 AM pfSense Packages Feature #14529: eBPFShield: The project appears to be primarily written for Debian-based Linux and the Summer of Code project from 2020 doesn't a... Kris Phillips
01:20 AM pfSense Packages Bug #14560 (Confirmed): NRPE does not function properly on Plus 23.09 / CE 2.7.0: Tested on 23.09. Confirmed this behavior.
Editing /usr/local/etc/rc.d/nrpe to change this allows the service to... Kris Phillips

07/08/2023

11:45 PM Bug #13542: Boot delay caused when OpenVPN config uses alias list that relies on DNS: I no longer work for the company that operates this instance but I might be able to get access and retest this after ... Adrien Carlyle
11:03 PM Bug #13542: Boot delay caused when OpenVPN config uses alias list that relies on DNS: I'm unable to reproduce this to any noteworthy degree on 23.05.1. Steps taken:
1. Made an alias "mint" to mint.home.... Chris W
09:34 PM pfSense Plus Bug #14563 (Pull Request Review): System Log - General Log Order Setting is not being respected when using Raw Logs: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1046 Christopher Cope
09:29 PM pfSense Plus Bug #14563 (Confirmed): System Log - General Log Order Setting is not being respected when using Raw Logs: Thank you for that detail! I was able to confirm that behavior. I'll get the patch submitted shortly. Christopher Cope
08:58 PM pfSense Plus Bug #14563: System Log - General Log Order Setting is not being respected when using Raw Logs: Thank you for your reply. I have just noticed that the problem happens when using "Raw Logs" format in combination wi... Fred Lear
06:09 PM pfSense Plus Bug #14563: System Log - General Log Order Setting is not being respected when using Raw Logs: I am unable to reproduce this. I have a fresh 23.05.1 install and changing the global option instantly affects all lo... Christopher Cope
05:58 PM pfSense Plus Bug #14563 (Resolved): System Log - General Log Order Setting is not being respected when using Raw Logs: No matter what the "Forward/Reverse Display" option in general System Log settings is set to, the logs are always dis... Fred Lear
09:33 PM Revision 7f7d0165: /etc/inc/syslog.inc: Update accessor method formatting. Fixes #14563: Christopher Cope
05:29 PM pfSense Packages Bug #14562 (Resolved): PHP error when trying to run OSPF and BGP in the same time: The following PHP error is thrown when you enable OSPF while the BGP service is already running.... Danilo Zrenjanin
04:35 PM Feature #8173: dhcp6c - RAW Options: Hi there. This seems a pretty old request, but still no change so far.
Some ISP actually require to send specific ra... Sylvain A
04:02 PM pfSense Packages Regression #14561 (Resolved): FRR errors accessing Global Settings after deleting BGP neighbor: Steps to reproduce:
1. Install FRR.
2. Create a BGP neighbor without staring FRR.
3. Delete the neighbor.
4. Atte... Christopher Cope
03:20 PM Feature #14535: DNS Unbound Resolver will still resolve IPv6 AAAA URLS when LAN and WAN are set to none for IPv6.: At this point this discussion is best taken to the forum at https://forum.netgate.com/category/46/ipv6 Chris Linstruth
03:19 PM Feature #14535: DNS Unbound Resolver will still resolve IPv6 AAAA URLS when LAN and WAN are set to none for IPv6.: Then they thought they had IPv6 available to use and, properly, tried to use it first. Check the IPv6 configuration o... Chris Linstruth
01:14 PM pfSense Packages Regression #14494 (Confirmed): FRR,PHP errors when deleting AS-path: I can confirm this behavior.
Tested against:... Danilo Zrenjanin
12:42 PM pfSense Packages Regression #14493 (Confirmed): FRR,PHP errors when deleting neighbor: I can confirm this behavior.
Tested against:... Danilo Zrenjanin
09:20 AM pfSense Packages Bug #14559: nrpe 3.1_6 service control broken on pfSense 2.7.0: To be deleted, i posted in the wrong category.
Correct one here: https://redmine.pfsense.org/issues/14560 Tom Huerlimann
08:12 AM pfSense Packages Bug #14559 (Duplicate): nrpe 3.1_6 service control broken on pfSense 2.7.0: nrpe 3.1_5 works smooth on pfSense 2.7.0, after the upgrade to nrpe 3.1_6 the service can not be controled anymore vi... Tom Huerlimann
09:20 AM pfSense Packages Bug #14560 (Resolved): NRPE does not function properly on Plus 23.09 / CE 2.7.0: nrpe 3.1_5 works smooth on pfSense 2.7.0, after the upgrade to nrpe 3.1_6 the service can not be controled anymore vi... Tom Huerlimann
07:42 AM pfSense Packages Bug #14364: APCUPSD unable to process date string: Done, and it's fixed the problem and the widget is working again, but apctest expects the format in DD/MM/YY and the ... Lloyd Collins
06:56 AM pfSense Packages Bug #14364: APCUPSD unable to process date string: Are you able to try with the month and then day in the first and second numbers respectively when entering the date? ... Jordan G
07:42 AM Bug #14462: Breadcrumb path missing on ``system_register.php``: appears correct with changeset patched Jordan G
07:12 AM Regression #14374: Static ARP entries are not configured at boot: patch works on 23.05.1 as advertised Jordan G

07/07/2023

10:32 PM Regression #14502: DHCPv6 Prefix Delegation (PD) not installing routes: See this here in 2.7 also. Steve Wheeler
10:29 PM pfSense Packages Bug #14557 (Not a Bug): SSL Offloading configuration settings missing from frontends: Jim Pingle
09:37 PM pfSense Packages Bug #14557: SSL Offloading configuration settings missing from frontends: Andrew Cz wrote:
> The SSL Offloading section of any and all frontends are missing.
>
> I was expecting to see the s... Andrew Cz
03:02 PM pfSense Packages Bug #14557 (Not a Bug): SSL Offloading configuration settings missing from frontends: The SSL Offloading section of any and all frontends are missing.
I was expecting to see the section that can be fo... Andrew Cz
06:43 PM pfSense Packages Todo #13917 (Feedback): OpenVPN Client Export: Integrate OpenVPN 2.6.0: Included in OpenVPN client export package 1.9. Will be in snapshots for testing, then release branches if it tests OK.
Jim Pingle
06:43 PM pfSense Packages Todo #13255 (Feedback): Set PKCS#12 algorithm when exporting OpenVPN ZIP or Windows bundles: Included in OpenVPN client export package 1.9. Will be in snapshots for testing, then release branches if it tests OK.
Jim Pingle
05:11 PM pfSense Packages Todo #13255 (In Progress): Set PKCS#12 algorithm when exporting OpenVPN ZIP or Windows bundles: Jim Pingle
06:43 PM pfSense Packages Todo #14202 (Feedback): Rename exported OpenVPN connect files as "connect" rather than "ios": Included in OpenVPN client export package 1.9. Will be in snapshots for testing, then release branches if it tests OK.
Jim Pingle
05:10 PM pfSense Packages Todo #14202 (In Progress): Rename exported OpenVPN connect files as "connect" rather than "ios": The change from "ios" to "connect" would be good.
The change from "config" to "archive" is not needed, it is a con... Jim Pingle
06:15 PM pfSense Packages Bug #14426: PHP errors in Lightsquid: This occurs with 23.05.1 also
Attached is logs Jonathan Lee
05:59 PM Bug #14432 (New): PHP error when failing to write ``config.cache``: Marcos M
05:08 PM pfSense Plus Bug #14175: LDAP authentication for SSH fails: With @Use Authentication Server for Shell Authentication@ checked, this issue can prevent the firewall from booting c... Marcos M
04:42 PM Feature #14483: Conditionally reconfigure IPsec VTI interfaces only when necessary while applying IPsec changes: Without the solution I described there is no viable workaround that wouldn't cripple the function in some way (e.g. c... Jim Pingle
04:01 PM Feature #14483: Conditionally reconfigure IPsec VTI interfaces only when necessary while applying IPsec changes: Appreciate the analysis. Is there a workaround that I can implement?
In my scenario my BGP peers bounce which breaks... Mike Moore
03:58 PM Feature #14535: DNS Unbound Resolver will still resolve IPv6 AAAA URLS when LAN and WAN are set to none for IPv6.: Thanks for looking at this,
For me all the sudden clients kept trying to use AAAA (IPv6) results. Again, I had so ... Jonathan Lee
03:51 PM Feature #14558 (New): Feature Request: GUI options to Unbound Resolver's new DoH abilities: Hello fellow PfSense Redmine community members,
I was wondering if the DNS resolver could have GUI abilities to co... Jonathan Lee
02:33 PM pfSense Plus Regression #14378: Packages are not removed when using the hardware reset button: Also happens when using the console menu to restore to defaults. Or at least, they are not removed, not sure which. ... Steve Y
02:28 PM pfSense Packages Bug #14556 (New): Tailscale dropping routes from FIB: Installation has several tailscale nodes. The problematic node is a 6100. Some of the other nodes are 2100s.
At so... Chris Linstruth
01:17 PM pfSense Packages Feature #14101 (Feedback): Add Zabbix 6.4 packages: Brad Davis
01:14 PM Revision 264198a5: ipsec: refactor config access: Christian McDonald
12:50 PM Revision 74033068: Move the options to Zabbix 6.4 after ece014b0: (cherry picked from commit 653c88154893f4ea87b9fccdffeff2b0bfcbe364) Brad Davis
12:50 PM Revision 653c8815: Move the options to Zabbix 6.4 after ece014b0: Brad Davis
12:41 PM Revision 5a1b86a4: Update to zabbix 6.4 after ports merge: (cherry picked from commit ea05d6a1299374e5178d5d258b4f9e944ebeff12) Kristof Provost
11:59 AM pfSense Plus Bug #13348 (Feedback): Error when deleting ZFS Boot Environment created from duplicate of non-default entry: Fixed: https://gitlab.netgate.com/pfSense/FreeBSD-src/-/commit/2a3ce72f2163aa8bc0cd4224354a43c8067569c7 Christian McDonald
01:40 AM pfSense Plus Bug #13348: Error when deleting ZFS Boot Environment created from duplicate of non-default entry: https://reviews.freebsd.org/D40903
Christian McDonald

07/06/2023

07:15 PM Regression #14534 (Feedback): Cavium ``qlnxe`` / ``if_qlnxe`` driver is not present: Christian McDonald
05:49 PM Regression #14534: Cavium ``qlnxe`` / ``if_qlnxe`` driver is not present: I see the problem. I'm running a test build now to confirm. This will be resolved in the next release. Christian McDonald
06:17 PM Feature #14483: Conditionally reconfigure IPsec VTI interfaces only when necessary while applying IPsec changes: I was able to find a system in my lab where I could reproduce this. After some investigation it turns out there isn't... Jim Pingle
12:15 PM Feature #14483: Conditionally reconfigure IPsec VTI interfaces only when necessary while applying IPsec changes: "Ignore IPsec Restart" doesn't actually control whether or not FRR/BGP/etc restart on interface events. What it contr... Jim Pingle
06:12 PM pfSense Plus Feature #14555: Display Overridden Interface Names On Interface and VLAN Setup Pages: Alternatively, you could just hide the internal device names altogether for those specific areas previously mentioned... John Uplink
06:01 PM pfSense Plus Feature #14555 (New): Display Overridden Interface Names On Interface and VLAN Setup Pages: Please reference overridden interface names in various places in the pfSense web management UI. It seems that in some... John Uplink
06:06 PM Regression #14374: Static ARP entries are not configured at boot: Jim Pingle wrote in #note-18:
> Applied in changeset commit:5082edf92795fe8266be49905fe4f07eb682449d.
Confirmed t... Zachary Cohen
05:30 PM Regression #14374 (Feedback): Static ARP entries are not configured at boot: Applied in changeset commit:5082edf92795fe8266be49905fe4f07eb682449d. Jim Pingle
05:30 PM Regression #14374: Static ARP entries are not configured at boot: Looks like it was a simple change in a PHP test early in the static route setup function. Simple to fix by using a be... Jim Pingle
04:14 PM Regression #14374: Static ARP entries are not configured at boot: I can reproduce this in my lab as well. Jim Pingle
06:39 AM Regression #14374: Static ARP entries are not configured at boot: I can also validate that Regression #14374 is present on my 3.7.0 installation.
I noticed that simply opening and sa... Zachary Cohen
05:47 PM Bug #13552: Dashboard - uptime shows nothing and gateway widget loses default gateway soon after PPPoE comes up: Jim Pingle wrote in #note-1:
> This seems to be the same as #12811
Still happening in 2.7.0, in effect worse in 2... Phil Lee
05:21 PM Revision 5082edf9: Fix static ARP interface check. Fixes #14374: Jim Pingle
04:22 PM Bug #14550: MySQLi PHP module missing after upgrade from 2.6 to 2.7: The suggestion worked well! Thanks for your help! Jefeson Alves
12:23 PM Bug #14550 (Not a Bug): MySQLi PHP module missing after upgrade from 2.6 to 2.7: That module is not included in the base OS but is available as an add-on. You must install/track manually, it may not... Jim Pingle
03:55 PM Bug #14524: Cannot select IP Alias VIP with CARP VIP parent in Virtual IP drop-down on Gateway Groups: Applied in changeset commit:d333e763df6cad2fdfa6be447826a4814e0fece6. Anonymous
03:48 PM Bug #14524 (Feedback): Cannot select IP Alias VIP with CARP VIP parent in Virtual IP drop-down on Gateway Groups: PR merged, thanks! Jim Pingle
09:54 AM Bug #14524: Cannot select IP Alias VIP with CARP VIP parent in Virtual IP drop-down on Gateway Groups: Created as Pull request https://github.com/pfsense/pfsense/pull/4646 Jens Groh
03:53 PM pfSense Packages Bug #13343 (Pull Request Review): HAproxy cookie protection syntax needs updated: Jim Pingle
03:00 PM pfSense Packages Bug #13343: HAproxy cookie protection syntax needs updated: Sorry for the duplicate report; for some reason I missed this one.
I've now prepared a pull request https://github... Alfredo Pironti
03:48 PM Revision d333e763: Update util.inc: Add additional check to correctly display "Alias-on-CARP"-style Virtual IPs in Gateway Group VIP dropdown selection. ... qwertiko GmbH
03:45 PM Bug #14462 (Feedback): Breadcrumb path missing on ``system_register.php``: Applied in changeset commit:437fd1b694ea70e8d7043814cc262346209064ea. Christopher Cope
07:16 AM Bug #14462: Breadcrumb path missing on ``system_register.php``: The merge hasn't been completed yet, but I have tested the commit and it appears to be working as intended.
!clipb... Danilo Zrenjanin
03:35 PM Revision 437fd1b6: Add page title to system_register.php. Fixes #14462: Christopher Cope
12:38 PM Feature #14265: Option to invalidate GUI login session if the client address changes: I tested it multiple times on multiple clients and it always kicked me off. Are you sure the client address is changi... Jim Pingle
08:29 AM Feature #14265: Option to invalidate GUI login session if the client address changes: I conducted a test on the commit, however, altering the client source IP address did not result in a connection break... Danilo Zrenjanin
12:34 PM Regression #14503 (Rejected): The system is stuck on boot on the Synchronizing user settings if remote authentication server is set.: There may be some other aspect of the poster's setup that is a factor here, like it being remote, or maybe it's used ... Jim Pingle
07:45 AM Regression #14503: The system is stuck on boot on the Synchronizing user settings if remote authentication server is set.: I couldn't replicate this behavior on:... Danilo Zrenjanin
12:29 PM Bug #14552 (Duplicate): No Site-to-Site VPN after upgrading CE from 2.6.0 to 2.7.0: Please do not open duplicate issues. Keep the discussion on the forum and if there is a proven bug and not a configur... Jim Pingle
04:40 AM Bug #14552 (Duplicate): No Site-to-Site VPN after upgrading CE from 2.6.0 to 2.7.0: A long-standing configuration in CE 2.6.0 should survive an update to 2.7.0. A growing number of users is reporting t... Michael Schefczyk
12:25 PM Feature #14535: DNS Unbound Resolver will still resolve IPv6 AAAA URLS when LAN and WAN are set to none for IPv6.: If the clients don't have working IPv6 they wouldn't use the AAAA results. But you don't know what is making the DNS ... Jim Pingle
08:36 AM pfSense Packages Bug #14553: Call to undefined function sync_package_filer(): ... Alex Kolesnik
08:29 AM pfSense Packages Bug #14553 (Resolved): Call to undefined function sync_package_filer(): https://forum.netgate.com/topic/180220/filer-package-xmlrpc-sync-error Alex Kolesnik
08:34 AM pfSense Packages Bug #14554 (Duplicate): PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string: https://forum.netgate.com/topic/180950/error-on-pfblockerng-inc-5310-pfblockerng-devel-3-2-0_5... Alex Kolesnik
08:14 AM Feature #13245: Type column on Alias lists: I tested the commit, and it looks fine.
!clipboard-202307061014-v9aqd.png!
Danilo Zrenjanin
07:06 AM pfSense Packages Bug #13432: ups driver will not start: The root cause appears to be the kernel not recognizing some UPS models as a UPS. See discussion here:
https://fo... Doug Miles
06:54 AM Bug #14545 (Resolved): Per-log settings for file size and retention count are not honored: I am marking this case resolved. Danilo Zrenjanin
06:54 AM Bug #14545: Per-log settings for file size and retention count are not honored: The patch fixes the described issue.
Tested against:... Danilo Zrenjanin
01:25 AM Feature #14551 (New): DynDns Route53 using IAM Roles Anywhere: Static credentials for IAM Users to access AWS is considered poor practice, but necessary before IAM Roles Anywhere. ... Gene Chung

07/05/2023

10:30 PM Feature #14535: DNS Unbound Resolver will still resolve IPv6 AAAA URLS when LAN and WAN are set to none for IPv6.: If the router is not saying it is IPv6-capable the clients will not have IPv6 available to use. Every modern IPv4-onl... Chris Linstruth
09:41 PM Feature #14535: DNS Unbound Resolver will still resolve IPv6 AAAA URLS when LAN and WAN are set to none for IPv6.: If LAN is set to none for IPv6, it technically would never be able to access AAAA correct? Jonathan Lee
12:44 PM Feature #14535 (Not a Bug): DNS Unbound Resolver will still resolve IPv6 AAAA URLS when LAN and WAN are set to none for IPv6.: That's how DNS works.
The _clients_ are requesting A and AAAA records, the service is giving the clients the respo... Jim Pingle
10:20 PM Bug #14550 (Not a Bug): MySQLi PHP module missing after upgrade from 2.6 to 2.7: After upgrading from version 2.6 to 2.7 on the amd64 architecture, the following crash report message is displayed on... Jefeson Alves
08:05 PM Bug #14545 (Feedback): Per-log settings for file size and retention count are not honored: Applied in changeset commit:6021c3e059885ce3fff09e5b00df037db034ff14. Jim Pingle
07:56 PM Bug #14545: Per-log settings for file size and retention count are not honored: This also affects the retention count, not just the log size. Easy fix, it's not using the full correct path to the X... Jim Pingle
04:47 PM Bug #14545 (Confirmed): Per-log settings for file size and retention count are not honored: Setting the log file size for individual logs is not reflected in the generated file: /var/etc/newsyslog.conf.d/pfSen... Steve Wheeler
04:31 PM Bug #14545 (Resolved): Per-log settings for file size and retention count are not honored: Since upgrade from 2.6.0 to 2.7.0 there is something wrong with syslog. When increasing the file size of some logs le... odo maitre
07:56 PM Revision 6021c3e0: Use correct per-log settings path. Fixes #14545: Jim Pingle
07:40 PM Bug #14549 (Feedback): Interface value is not properly validated when submitted on ``interfaces_gif_edit.php`` and ``interfaces_gre_edit.php``: Applied in changeset commit:d69d6c8424ab4299234fb5ec6964682e2e6cbcdd. Jim Pingle
07:30 PM Bug #14549 (Resolved): Interface value is not properly validated when submitted on ``interfaces_gif_edit.php`` and ``interfaces_gre_edit.php``: When submitting a form on @interfaces_gif_edit.php@ and @interfaces_gre_edit.php@ the page takes an optional value fo... Jim Pingle
07:31 PM Revision d69d6c84: Improve GIF/GRE interface handling. Fixes #14549: Jim Pingle
07:00 PM Bug #14548 (Feedback): ``status_logs_filter_dynamic.php`` does not encode value of ``interfacefilter`` in raw mode: Applied in changeset commit:f387c974a9a597bf01ab86ec049cca186a1e050c. Jim Pingle
06:50 PM Bug #14548 (Resolved): ``status_logs_filter_dynamic.php`` does not encode value of ``interfacefilter`` in raw mode: When accessing the dynamic firewall log view via @status_logs_filter_dynamic.php@ in RAW mode (@filtersubmit=1@) the ... Jim Pingle
06:51 PM Revision f387c974: Encode dynamic log if filter. Fixes #14548: Jim Pingle
05:55 PM Bug #14547 (Feedback): ``getserviceproviders.php`` does not always validate value of ``$connection``, displays without encoding: Applied in changeset commit:543dc9253d6ab0e755ee043da2217d996a28ab5e. Jim Pingle
05:43 PM Bug #14547 (Resolved): ``getserviceproviders.php`` does not always validate value of ``$connection``, displays without encoding: When obtaining PPP service provider plan information, the code in @getserviceproviders.php@ does not test or validate... Jim Pingle
05:51 PM pfSense Packages Bug #14406: Squid Proxy version 0.4.46 Missing Error subfolder and files for "en" or "en-usa" and all other languages.: @jonathanlee and @pete-wright I wanted to confirm that I had not seen this thread and had performed similar steps to ... Eric Reiss
05:43 PM Revision 543dc925: Multiple issues with PPP providers. Fixes #14547: * Update code for PHP 8.x
* Fix connection name handling (validation, parsing, etc)
* Fix output encoding of plan dat... Jim Pingle
04:51 PM Bug #14524: Cannot select IP Alias VIP with CARP VIP parent in Virtual IP drop-down on Gateway Groups: Will gladly try to send that in as a pull tomorrow. Jens Groh
12:59 PM Bug #14524: Cannot select IP Alias VIP with CARP VIP parent in Virtual IP drop-down on Gateway Groups: Can you submit that change as a pull request on Github?
https://docs.netgate.com/pfsense/en/latest/development/pul... Jim Pingle
11:40 AM Bug #14524: Cannot select IP Alias VIP with CARP VIP parent in Virtual IP drop-down on Gateway Groups: Just wanted to add that the fix is working in a production setting on a customer's box running with multiple VIPs and... Jens Groh
04:47 PM Feature #14546 (New): Package description should identify SSD/HDD requirement: Netgate has a list of which packages have an SSD requirement or recommendation at https://www.netgate.com/supported-p... Steve Y
04:07 PM Bug #14543 (Not a Bug): minor issue installing 2.7 with ZFS, mouse required!: If there is only one entry it's already there, the cursor is already in the right place.
Pressing the space bar wo... Jim Pingle
03:53 PM Bug #14543: minor issue installing 2.7 with ZFS, mouse required!: Marcos M wrote in #note-1:
> It sounds as if the keyboard was not detected.
>
The keyboard was detected and us... Patrik Stahlman
03:40 PM Bug #14543 (Incomplete): minor issue installing 2.7 with ZFS, mouse required!: The installer has been tested on multiple platforms, including Proxmox VE, Microsoft Hyper-V, and VMware ESXi. If the... Marcos M
03:05 PM Bug #14543 (Not a Bug): minor issue installing 2.7 with ZFS, mouse required!: This is a rare corner case (IMHO) but perhaps a "bug" worth fixing.
I was going to install a fresh 2.7 with ZFS.... Patrik Stahlman
04:05 PM Bug #14537: Nat Reflection changed behavior on pfsense 2.7: Hello Jim,
thanks for your reply. It was not a request for support.
I just notified a changed behavior between pf... Michele Zamboni
12:57 PM Bug #14537 (Rejected): Nat Reflection changed behavior on pfsense 2.7: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
03:56 PM Bug #14544 (Resolved): PPP interface default username/password are not being populated from provider data on ``interfaces.php`` and ``interfaces_ppps_edit.php``: When selecting a PPP interface service (country, provider, plan) there is JavaScript on the page which is supposed to... Jim Pingle
03:23 PM pfSense Packages Feature #14538 (Resolved): Add switch for Tailscale DNS: With the accept DNS option enabled (default):... Christian McDonald
01:51 PM pfSense Packages Feature #14538 (Feedback): Add switch for Tailscale DNS: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/commit/543e81ef566acdd95d4c13f04f3535c62e1e9ac4
Done. Christian McDonald
02:05 PM Bug #14542 (Confirmed): Gateway widget tooltip incorrectly indicates some gateways as being default: Jim Pingle
02:00 PM Bug #14542 (Resolved): Gateway widget tooltip incorrectly indicates some gateways as being default: The gateway widget display incorrect information. When hovering over any gateway it is shown (in the pop-up) that it ... Patrik Stahlman
01:24 PM Bug #14541: No Site-to-Site VPN after upgrading CE from 2.6.0 to 2.7.0: If I still may respond: I would never dare to post anything here prematurely. This was filed AFTER posting in the for... Michael Schefczyk
12:59 PM Bug #14541 (Not a Bug): No Site-to-Site VPN after upgrading CE from 2.6.0 to 2.7.0: That is almost certainly a configuration issue. This site is not for support or diagnostic discussion.
For assista... Jim Pingle
06:53 AM Bug #14541 (Not a Bug): No Site-to-Site VPN after upgrading CE from 2.6.0 to 2.7.0: After upgrading from CE 2.6.0 to 2.7.0, OpenVPN site-to-site does stop working. This does not seem to be an isolated ... Michael Schefczyk
01:07 PM Regression #14534: Cavium ``qlnxe`` / ``if_qlnxe`` driver is not present: Jim Pingle wrote in #note-3:
> I don't see the module in the builds or in the kernel configuration, but the string fo... Nikolaos Astyrakakis
12:53 PM Regression #14534: Cavium ``qlnxe`` / ``if_qlnxe`` driver is not present: I don't see the module in the builds or in the kernel configuration, but the string for it is still in @MODULES_OVERR... Jim Pingle
12:58 PM Bug #14540 (Rejected): Crash logs after 2.6 > 2.7 upgrade. Keep reappearing after delete: That looks like some portion of your upgrade did not complete properly. This site is not for support or diagnostic di... Jim Pingle
12:56 AM Bug #14540 (Rejected): Crash logs after 2.6 > 2.7 upgrade. Keep reappearing after delete: I’m seeing a message to a crash log on the dashboard of pfsense after the upgrade from 2.6.0 to 2.7.0. I did clear i... Keith Sauer
12:55 PM pfSense Packages Bug #14536 (Duplicate): Backend cookie protection option generates invalid haproxy config file: Duplicate of #13343 Jim Pingle
12:42 PM pfSense Packages Bug #10692 (Confirmed): PIMD starts twice at boot: Jim Pingle
12:41 PM Regression #12215 (Closed): OpenVPN does not resync when running on a gateway group: Jim Pingle
12:23 PM pfSense Plus Bug #14531: Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.: It would help to know a few things, such as:
* Is DCO enabled or disabled?
* Is OpenVPN in tap or tun mode?
* Ha... Jim Pingle
12:20 PM Feature #14533 (Duplicate): Kil UDP states on gateway recovery: Duplicate of #855 Jim Pingle
10:07 AM Feature #9545: Enable Multipath Routing in the Kernel: Jim, are you aware of any plans to enable multipath in the FRR package? Alex Kolesnik

07/04/2023

03:07 PM Bug #14497 (Feedback): Kernel panic when using traffic shaping on a PPPoE interface: I've cherry-picked the fix to our branches as well. It should be part of future snapshot builds.
There's no real w... Kristof Provost
02:48 PM Regression #14026: HA node with CARP VIP in backup state is unable to ping the active node using that CARP VIP address: https://forum.netgate.com/topic/181163/strange-carp-behavioral-change-bug-in-ha-setup-after-upgrade-from-2-6-0-to-2-7... Jonathan Lee
04:45 AM pfSense Packages Feature #14539 (New): Add support for Oracle Cloud Infrastructure (OCI) vNIC management to work with unicast CARP: Add the ability to invoke OCI APIs to relocate secondary IPs (i.e. CARP VIPs) on vNICs when CARP VIP events occur in ... James George
01:27 AM pfSense Packages Feature #14538 (Resolved): Add switch for Tailscale DNS: from cmacdonald on Reddit - Add a simple knob to the Tailscale section of the pfSense Web UI to toggle whether pfSens... Lily S

07/03/2023

11:00 PM pfSense Packages Regression #14452: Prometheus node_exporter generates errors with the default config: I stumbled upon this today. This PR [[https://github.com/prometheus/node_exporter/pull/2584]] may provide additional ... Steven Hostetler
07:36 PM Bug #14497: Kernel panic when using traffic shaping on a PPPoE interface: Fixed upstream in https://cgit.freebsd.org/src/commit/?id=d0b0424fa0ca8fb239e00d6bdd5e6340b7a85e68
Test case: https:... Kristof Provost
02:36 PM Bug #14497: Kernel panic when using traffic shaping on a PPPoE interface: I believe I've identified the cause. It's not quite what I thought initially, but it's close.
We are indeed enqueuin... Kristof Provost
04:31 PM Bug #14537: Nat Reflection changed behavior on pfsense 2.7: Added System>Advanced>Firewall & NAT>Network Address Translation configuration. Michele Zamboni
04:15 PM Bug #14537 (Rejected): Nat Reflection changed behavior on pfsense 2.7: Hello,
we are having problems with NAT Reflection after updating to pfsense 2.7 from 2.6
It seems that now NAT re... Michele Zamboni
02:46 PM Regression #14374: Static ARP entries are not configured at boot: Just to chime in - this came up in recent thread
https://forum.netgate.com/topic/181220/arp-tables-most-static-add... JohnPoz _
01:43 PM Bug #11759: Traffic graphs on dashboard double upload on pppoe links: This issue is still present in 23.05.1
I also run a traffic shaper on WAN.
What's not shown in the traffic graph a... Patrik Stahlman
01:33 PM pfSense Packages Bug #14536 (Duplicate): Backend cookie protection option generates invalid haproxy config file: On PFSense 2.7.0, with haproxy 0.61_10 package installed.
Create a haproxy backend, edit it and enable the "Cookie... Alfredo Pironti
10:49 AM Bug #14524: Cannot select IP Alias VIP with CARP VIP parent in Virtual IP drop-down on Gateway Groups: I made a small patch against the current stable (CE) repository.
Problem most certainly stems from util.inc (https... Jens Groh
08:54 AM Regression #14534: Cavium ``qlnxe`` / ``if_qlnxe`` driver is not present: Kris Phillips wrote in #note-1:
> Nikolaos Astyrakakis wrote:
> > Interfaces using qlnxe driver are not appearing i... Nikolaos Astyrakakis
07:03 AM Todo #10464: Don't change the current update repo when new releases are available: Same here: pfSense uninstalled the asterisk package without any approval:... Alex Kolesnik
02:56 AM pfSense Packages Bug #14498: php errors when looking at snort active rules: In the interest of coming to a resolution on this ticket...
The issue identified here is more of a generic problem w... Bill Meeks
02:19 AM pfSense Packages Bug #14498: php errors when looking at snort active rules: @Christopher Cope
I wanted to also take the time to message you and say I am sorry for the reply with, "If you do no... Jonathan Lee
12:20 AM pfSense Packages Bug #14498: php errors when looking at snort active rules: @Ryan Coleman
Can you mark my open TAC ticket #1731574435 as closed as it is confirmed this is a code/software is... Jonathan Lee
01:11 AM pfSense Packages Bug #14514: SNORT randomly starts blocking the IP address on the interface that it is residing on: Hello fellow Redmine members,
I do understand that adding my ISP issued IP address to the pass list and or suppres... Jonathan Lee
01:05 AM pfSense Packages Bug #14108: Antivirus Bases showing outdated main.cvd with a version dated year 2021: @Kris Phillips
Thanks for looking into this Jonathan Lee
01:03 AM pfSense Packages Regression #13984: PHP errors with squid: @Marcos
Thanks for looking into this. Jonathan Lee
01:01 AM Regression #14500: PHP Error when viewing Traffic Graphs in ``iftop`` mode: @Jim Pingle
Thanks for looking into this. I appreciate all you do. Jonathan Lee
12:59 AM pfSense Packages Bug #14406: Squid Proxy version 0.4.46 Missing Error subfolder and files for "en" or "en-usa" and all other languages.: @Pete Wright thanks for confirming this issue. Jonathan Lee

07/02/2023

11:59 PM pfSense Packages Bug #14498: php errors when looking at snort active rules: @Bill Meeks
Thank you for confirming the code issue. As you quoted,
"No matter how much RAM is in the firewall,... Jonathan Lee
11:48 PM pfSense Packages Bug #14498: php errors when looking at snort active rules: _How were you attempting to implement a paged output? Was it images that you created and or just accessing sections o... Ryan Coleman
10:47 PM pfSense Packages Bug #14498: php errors when looking at snort active rules: I would just make a buffered image and save it everytime that method was called on. It would save the file and open i... Jonathan Lee
10:36 PM pfSense Packages Bug #14498: php errors when looking at snort active rules: Thanks for your reply and looking into this at a granular level.
I noticed you said " _I've toyed around with tryi... Jonathan Lee
06:24 PM pfSense Packages Bug #14498: php errors when looking at snort active rules: This is a consequence of the PHP process itself running out of memory. Because the output is being buffered in an att... Bill Meeks
02:41 PM pfSense Packages Bug #14498: php errors when looking at snort active rules: The truth is, I really want to fix this PHP software issue, again I am still a student and rather overzealous when I ... Jonathan Lee
05:30 AM pfSense Packages Bug #14498: php errors when looking at snort active rules: Your ticket number is: 1731574435 Jonathan Lee
05:29 AM pfSense Packages Bug #14498: php errors when looking at snort active rules: TAC ticket open with this referenced copy of config is loaded with my serial number. I hope that provides everything ... Jonathan Lee
05:11 AM pfSense Packages Bug #14498: php errors when looking at snort active rules: Also attached is *proof* that the custom rules I have in Snort are in use and functional within this regard.
_S... Jonathan Lee
05:03 AM pfSense Packages Bug #14498: php errors when looking at snort active rules: After sometime I still show no memory errors inside of the SG-2100MAX for this timestamp.
Please let me know if y... Jonathan Lee
04:59 AM pfSense Packages Bug #14498: php errors when looking at snort active rules: Per your request in 23.05.1
See attached system goes to blank screen error occurs and no errors in system logs tha... Jonathan Lee
04:46 AM pfSense Packages Bug #14498: php errors when looking at snort active rules: I do also have custom rules active inside snort. I do not know if that causes it. As custom rules are pasted in and l... Jonathan Lee
04:38 AM pfSense Packages Bug #14498: php errors when looking at snort active rules: Hello thanks for the reply. This PHP error occurs when I attempt to view the active rules in snort. I only have 20 pe... Jonathan Lee
11:08 PM Feature #14535: DNS Unbound Resolver will still resolve IPv6 AAAA URLS when LAN and WAN are set to none for IPv6.: See attached with custom options only IPv4 address is resolved. Without them it will still show an IPv6 address even ... Jonathan Lee
11:06 PM Feature #14535 (Not a Bug): DNS Unbound Resolver will still resolve IPv6 AAAA URLS when LAN and WAN are set to none for IPv6.: Hello fellow redmine members,
I have noticed that the DNS unbound still resolves AAAA ipv6 when the LAN and WAN in... Jonathan Lee
09:33 PM pfSense Packages Bug #14491: FRR not starting with AgentX enabled: We can confirm this also on our 2.7 Upgrade which broke FRR from starting (although I think its somthing to do with t... Yif Swery
04:11 PM Bug #12612: DNS Resolver is restarted during every ``rc.newwanip`` event even for interfaces not used in the resolver: It seems the problem is back in 2.7.0 - even if nothing has changed running rc.newwanip is restarting unbound. odo maitre
04:24 AM Feature #5074: Standard release notes URLs to facilitate GUI viewing before upgrade: Even a static link to https://docs.netgate.com/pfsense/en/latest/releases/index.html on the "update available" page w... router owner
12:11 AM Bug #14462: Breadcrumb path missing on ``system_register.php``: still present in 23.05.1 for system_register.php page Jordan G

07/01/2023

11:59 PM Bug #14477: Defining IP address on an Interface doesn't check defined VIPs for possible IP address overlapping: This bug are likely related: https://redmine.pfsense.org/issues/13961 Kris Phillips
11:57 PM pfSense Packages Bug #10692: PIMD starts twice at boot: confirming, same thing as above with 23.05.1 and pimd 0.0.3_6 Jordan G
11:45 PM pfSense Plus Bug #14531: Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.: What is being done to reproduce this? I have two OpenVPN Client interfaces and the widget on the dashboard shows tra... Kris Phillips
06:24 AM pfSense Plus Bug #14531 (Confirmed): Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.: Tested on SG-3100 23.05.1 release. I can confirm this behavior. Danilo Zrenjanin
11:41 PM Regression #14534: Cavium ``qlnxe`` / ``if_qlnxe`` driver is not present: Nikolaos Astyrakakis wrote:
> Interfaces using qlnxe driver are not appearing in 2.7.0 version.
>
> I added if_ql... Kris Phillips
12:13 PM Regression #14534 (Resolved): Cavium ``qlnxe`` / ``if_qlnxe`` driver is not present: Interfaces using qlnxe driver are not appearing in 2.7.0 version.
I added if_qlnxe_load="YES" but the interfaces a... Nikolaos Astyrakakis
11:39 PM Bug #13277: IGMP Proxy webConfigurator Page Always Produces Error: Tested on 23.05 and 23.05.1. The error is present on both releases. Kris Phillips
11:04 PM Regression #12215: OpenVPN does not resync when running on a gateway group: 23.05.1 has OpenVPN clients using the configured gateway group as the correct interface(s) and appears to failover an... Jordan G
10:30 PM pfSense Packages Bug #14498: php errors when looking at snort active rules: We'll need more information to confirm if this is actually a bug. It is possible you are hitting the memory limit in ... Christopher Cope
10:31 AM Feature #14533 (Duplicate): Kil UDP states on gateway recovery: Hi the community
I tested pfsense 2.7CE and I hoped it can finally solved a long time problem that udp states for ... Lionel RIVIERE
09:48 AM Regression #14517 (Resolved): Log rotation is not active if the configuration contains an empty ``<syslog>`` section or if that section is not present: Tested the patch against the:... Danilo Zrenjanin
05:37 AM Bug #14237: Intermittent packet loss related to DHCP with Multi-WAN: Still an issue on 2.7.0 release. Seems to happen more frequently now, but might also be a coincidence. Nazar Mokrynskyi
12:36 AM Todo #10464: Don't change the current update repo when new releases are available: Imo there are three separate updates pfsense manages
* pfsense update: branch set to current should update as new cur... Patch Public

06/30/2023

08:29 PM pfSense Packages Bug #14532 (Not a Bug): Error is logged every time a domain in the DNSBL is temporarily unlocked or re-locked: From the Reports > Alerts tab, when I click the red lock icon to temporarily unlock a domain listed under the DNSBL P... Derek Fong
06:09 PM Regression #14374: Static ARP entries are not configured at boot: pfSense 2.7.0 problem with static arp after reboot still exists. Evgeny Korostelev
05:17 PM pfSense Packages Todo #13917 (In Progress): OpenVPN Client Export: Integrate OpenVPN 2.6.0: Jim Pingle
04:48 PM pfSense Plus Bug #14531 (Confirmed): Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.: The Traffic Graph widget doesn't show the in\out traffic for the OpenVPN interfaces.
!clipboard-202306302045-mzwyk... Lev Prokofev
03:47 PM pfSense Packages Bug #14530 (Resolved): Suricata 6.0.13 package interface settings: Hello,
The text label at _Services / Suricata / Interfaces / <IF>(Edit) / <IF>Flow/Stream / Stream Memory Cap_ say... Robert Karsai
02:40 PM Feature #14265 (Feedback): Option to invalidate GUI login session if the client address changes: Applied in changeset commit:d6078e851ade476b6e9190fd77b9a70eb3c7bb92. Christopher Cope
02:33 PM Revision d6078e85: Add option to invalidate GUI login on IP address change. Implements #14265: Christopher Cope
02:06 PM Bug #14497: Kernel panic when using traffic shaping on a PPPoE interface: A bit more progress. It looks like we're enqueuing the same mbuf twice, so it gets used after it's been freed and tha... Kristof Provost
12:56 PM pfSense Packages Feature #14529: eBPFShield: Also can send alerts to SIEM ie call outs to "ransomware_.com" or other nastyware infected machines calling out to c... Michael Lawrence
12:46 PM pfSense Packages Feature #14529 (New): eBPFShield: https://github.com/sagarbhure/eBPFShield
Advanced host monitoring and threat detection with eBPF 🛡️
eBPFShield ... Michael Lawrence
08:12 AM Bug #14524: Cannot select IP Alias VIP with CARP VIP parent in Virtual IP drop-down on Gateway Groups: Created a forum topic just in case: https://forum.netgate.com/topic/181150/bug-in-gateway-group-creation-screen Jens Groh
07:03 AM pfSense Packages Bug #10936: both haproxy/haproxy-devel non-existent option lb-agent-chk: Tested on: ... Danilo Zrenjanin
06:22 AM pfSense Docs Todo #14528 (New): Feedback on pfSense® software Configuration Recipes — Configuring CoDel Limiters for Bufferbloat: *Page:* https://docs.netgate.com/pfsense/en/latest/recipes/codel-limiters.html
*Feedback:*
The documentation for ... Nico Neukirchen
03:50 AM Bug #12079: Kernel panic when running IGMP Proxy: Sleeping thread owns a non-sleepable lock: There seems to be little progress and a possible fix is being postponed.
I can't imagine that I'm the only one bumpi... Arturo de Vries

06/29/2023

11:18 PM Feature #14483: Conditionally reconfigure IPsec VTI interfaces only when necessary while applying IPsec changes: I moved one of my FRR neighbors over to wireguard and left the rest to IPsec VTI. As I suspected any changes to the I... Mike Moore
01:40 PM Feature #14483: Conditionally reconfigure IPsec VTI interfaces only when necessary while applying IPsec changes: IPsec with FRR is still not stable. Any hope in getting it looked at after the holiday? Mike Moore
09:09 PM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound: It is actively being worked on. Christian McDonald
09:06 PM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound: I had high hopes that we may see the fix in the latest version (23.05). Do we have a road map or at least a time fram... Mark Abram
09:00 PM Bug #14527 (Duplicate): DNS Resolver restarts when clients connect or reconnect: There is already a report for it (the one you linked to), no need for a duplicate. Add a comment on the open issue. Jim Pingle
08:31 PM Bug #14527 (Duplicate): DNS Resolver restarts when clients connect or reconnect: Hi,
So this problem has been an issue for some time. I mean years time. I run Unbound DNS externally because I am ... Mark Abram
08:46 PM Bug #14516: With Multiple static ARP MAC-IP pairing to the same IP address hosts in ARP TABLE showing wrong pairings: yes we can agree the user can configure it wrong all over. Again, an administrator might fat finger a large static DH... Jonathan Lee
08:28 PM Bug #14516: With Multiple static ARP MAC-IP pairing to the same IP address hosts in ARP TABLE showing wrong pairings: Because of the hostname mix up seen here can we please use a Java "map" object and or Python's "dictionary" equivalen... Jonathan Lee
01:35 PM Bug #14516: With Multiple static ARP MAC-IP pairing to the same IP address hosts in ARP TABLE showing wrong pairings: Why does the GUI allow it? Leading to, it does allow it so, why does it map to the wrong host names? Jonathan Lee
03:20 AM Bug #14516: With Multiple static ARP MAC-IP pairing to the same IP address hosts in ARP TABLE showing wrong pairings: Should DHCP allow multiple entries? Leading to if it does why did it not map to the correct hostname in the arp table... Jonathan Lee
05:15 PM Revision 6e1a1453: Make 2.7.0-RELEASE the default: Brad Davis
05:14 PM pfSense Plus Bug #14526 (Rejected): 23.05.01 can't normal boot: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
05:12 PM pfSense Plus Bug #14526 (Rejected): 23.05.01 can't normal boot: i am upgrade from 23.05 to 23.05.01. it is installed frr. the 23.05.01 can't normal work.
!clipboard-20230... yon Liu
04:57 PM Regression #14525 (Resolved): PHP error in ``status_ipsec.php`` after removing active IPsec tunnel configuration: ... Christopher Cope
04:23 PM pfSense Packages Feature #9141: FRR xmlrpc: To understand the set up then.
nodeA and nodeB will have sepearate routing neighbors probably exchanging the same ... Mike Moore
04:19 PM pfSense Packages Feature #14512: Basic Auth through GUI: This can be achieved through Advanced pass-thru.
I am only advocating having a GUI option available to create users/... Mike Moore
03:05 PM pfSense Packages Feature #9833: ACME: add ability to use custom ACME server: +1 as well. Also a shout out to Step CA. There are more and more options for ACME endpoints hosted privately, this ... Jamison Maxwell
02:39 PM Revision e0c84221: Bump next to 2.7.0-RELEASE: Brad Davis
01:43 PM Bug #14524 (Resolved): Cannot select IP Alias VIP with CARP VIP parent in Virtual IP drop-down on Gateway Groups: Running version: 23.05-plus
Affected: all? (as it's probably a UI issue)
Hi,
As this seems a clear UI issue/bu... Jens Groh
01:02 PM Bug #14432: PHP error when failing to write ``config.cache``: User still hitting this in 23.05:... Steve Wheeler
12:10 PM Revision 0fb335e6: Bump to 2.8.0-DEVELOPMENT: Brad Davis
07:26 AM pfSense Plus Bug #14515 (Resolved): Ethernet rule Action field hint text lists "reject" option which is not compatible with Ethernet rules: Tested the patched file. The help text on Ethernet rules says only "Choose what to do with packets that match the cri... Danilo Zrenjanin
03:14 AM pfSense Plus Bug #14515: Ethernet rule Action field hint text lists "reject" option which is not compatible with Ethernet rules: Thanks for looking into this small detail. I appreciate you. Jonathan Lee
06:45 AM pfSense Packages Bug #14460: PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/pkg/haproxy/haproxy.inc:2158: I have the exact same block of three lines on another appliance. So this might be some result of upgrades and changes... Stefan Weichinger
06:30 AM pfSense Packages Bug #14460: PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/pkg/haproxy/haproxy.inc:2158: I can confirm that after removing the lines, there are no PHP errors, and the service starts successfully.
Danilo Zrenjanin
12:38 AM pfSense Packages Bug #14523 (Resolved): PHP error when using an unsupported alias type in Advanced Rule Settings: Confirmed on both 2.6, 2.7-RC and 23.05 using pfBlockerNG-Devel 3.2.0_5 and 3.2.0_4. Removing pfBlockerNG-devel packa... Sengor K

06/28/2023

09:28 PM pfSense Packages Bug #14426: PHP errors in Lightsquid: Hi, it is happening in 4100 too.
Crash report begins. Anonymous machine information:
amd64
14.0-CURRENT
Free... Wil M
09:18 PM Feature #14402: Dynamic DNS support for Porkbun: I'm using pfsense+ 23.05-Release
I was able to import this PR using the patches plugin via this URL https://github... Adrien Carlyle
07:51 PM pfSense Packages Bug #14460: PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/pkg/haproxy/haproxy.inc:2158: Found my way: fixed now. Thanks for your help. Stefan Weichinger
06:56 PM pfSense Packages Bug #14460: PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/pkg/haproxy/haproxy.inc:2158: Tried editing with `viconfig`: as HAproxy is down, ACME couldn't pull a LetsEncrypt-Cert, so no GUI right now ... edi... Stefan Weichinger
06:41 PM pfSense Packages Bug #14460: PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/pkg/haproxy/haproxy.inc:2158: Stefan Weichinger wrote in #note-6:
> Jim Pingle wrote in #note-5:
> Great, thanks. How would I do this? HAproxy is... Jim Pingle
06:29 PM pfSense Packages Bug #14460: PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/pkg/haproxy/haproxy.inc:2158: Jim Pingle wrote in #note-5:
> This is your problem, the configuration is invalid:
>
> [...]
>
> If you delete... Stefan Weichinger
06:13 PM pfSense Packages Bug #14460: PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/pkg/haproxy/haproxy.inc:2158: This is your problem, the configuration is invalid:... Jim Pingle
06:15 AM pfSense Packages Bug #14460: PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/pkg/haproxy/haproxy.inc:2158: May I ask for help again? We'd like to see this issue solved ... thanks Stefan Weichinger
07:10 PM Bug #14522 (New): IPv6 doesn't get update on interface change if track interface is selected: How to reproduce:
configure a WAN connection with dynamic IPv6 and request a subnet:
!clipboard-202306282106-rec3j.... L J
06:22 PM Feature #14521 (New): Allow larger subets that /64 for track interface in interface settings: it would be very helpful if a larger subnet mask could be selected for a tracking interface (e.g. to allow a second f... L J
05:46 PM pfSense Packages Bug #14519: PHP Error: Cannot access offset of type string on string in /usr/local/pkg/status_traffic_totals.inc:189: Yes, it's consistent with the package not updating during the upgrade. Updating the package to the current (fixed) co... Jim Pingle
05:41 PM pfSense Packages Bug #14519: PHP Error: Cannot access offset of type string on string in /usr/local/pkg/status_traffic_totals.inc:189: This is strange as I get this error every time I log into the web interface. I've reinstalled the package and now the... L J
04:22 PM pfSense Packages Bug #14519 (Not a Bug): PHP Error: Cannot access offset of type string on string in /usr/local/pkg/status_traffic_totals.inc:189: OK I've tried but I can't reproduce this. The only thing I can think of is that somehow your system was trying to exe... Jim Pingle
03:27 PM pfSense Packages Bug #14519: PHP Error: Cannot access offset of type string on string in /usr/local/pkg/status_traffic_totals.inc:189: Looks like it's one of a common set of errors we've seen where the config has no (or a partial/empty) OpenVPN config ... Jim Pingle
03:09 PM pfSense Packages Bug #14519 (Not a Bug): PHP Error: Cannot access offset of type string on string in /usr/local/pkg/status_traffic_totals.inc:189: It seems that this error was already topic in #13775
Crash report begins. Anonymous machine information:
amd64... L J
05:37 PM Feature #14520 (New): Allow more than one IPv6 per Interface and in RA-Service: In current development status it is only possible to have one IPv6 per interface in tracking mode. If there are more ... L J
05:29 PM pfSense Packages Bug #14509 (Not a Bug): PHP Error in ``vpn_openvpn_export.php``: Jim Pingle
05:23 PM pfSense Packages Bug #14509: PHP Error in ``vpn_openvpn_export.php``: Issue fixed by manually upgrading the openvpn-client-export package:
---------------------------------------------... Ivo Gurp
03:04 PM pfSense Plus Bug #14515: Ethernet rule Action field hint text lists "reject" option which is not compatible with Ethernet rules: Updating subject and fixing project/target. Jim Pingle
02:17 PM pfSense Plus Bug #14515 (Feedback): Ethernet rule Action field hint text lists "reject" option which is not compatible with Ethernet rules: Thanks.
pf(4) only supports pass/block action semantics for L2 rule processing, reject/match are not supported.
I h... Christian McDonald
01:34 PM Bug #14518: pfSense CrashLog on 2.7.0RC Upgrade: I did have to update almost all of the packages after the upgrade. I think the acme package and system patches were t... Matthew Drury
01:15 PM Bug #14518: pfSense CrashLog on 2.7.0RC Upgrade: OK, and did you have to manually upgrade those packages after?
It's possible a problem with one of the old package... Jim Pingle
01:09 PM Bug #14518: pfSense CrashLog on 2.7.0RC Upgrade: There is no new crash report given upon a reboot.
Packages Installed:
Acme
llpd
nut
Openvpn-client-export
pfB... Matthew Drury
01:00 PM Bug #14518 (Feedback): pfSense CrashLog on 2.7.0RC Upgrade: The module errors are known/expected during any upgrade where the PHP version changes. We're working on trying to imp... Jim Pingle
12:51 PM Bug #14518 (Closed): pfSense CrashLog on 2.7.0RC Upgrade: I received this crash log upon upgrade to 2.7.0RC from 2.6.0. Everything seems to be running fine so far despite this... Matthew Drury
01:00 PM Regression #14517 (Feedback): Log rotation is not active if the configuration contains an empty ``<syslog>`` section or if that section is not present: Applied in changeset commit:892de1ecdaa23b164f6b2a2251d7538eee2199ea. Jim Pingle
12:42 PM Regression #14517 (Resolved): Log rotation is not active if the configuration contains an empty ``<syslog>`` section or if that section is not present: Similar to how logging didn't work in #14283, if the @<syslog>@ section of @config.xml@ is missing or empty, the news... Jim Pingle
12:53 PM Revision 892de1ec: Fix invalid log rotation setup test. Fixes #14517: Jim Pingle
12:00 AM pfSense Packages Feature #9238: Add support for Zerotier: Any update on this?
I third this idea Scott Howard

06/27/2023

10:57 PM Bug #14516 (Not a Bug): With Multiple static ARP MAC-IP pairing to the same IP address hosts in ARP TABLE showing wrong pairings: Hello fellow pfsense redmine community members,
I was researching just random items with MAC addresses and IP mapp... Jonathan Lee
10:25 PM pfSense Plus Bug #14515 (Resolved): Ethernet rule Action field hint text lists "reject" option which is not compatible with Ethernet rules: Hello fellow pfsense redmine members,
I wanted to post this under the experimental layer 2 access control list are... Jonathan Lee
10:22 PM pfSense Packages Bug #14514 (Duplicate): SNORT randomly starts blocking the IP address on the interface that it is residing on: Hello fellow pfsense Redmine team members,
I have found an issue where SNORT starts to block out my ip address th... Jonathan Lee
07:20 PM Bug #14513 (Resolved): Improve error handling in ``status.php``: The status.php page is typically used when there's an issue with the system. If PHP errors are encountered while gene... Marcos M
06:51 PM Revision 81c6453d: composer update: Christian McDonald
05:22 PM pfSense Docs Correction #14511: Dynamic Routing over WireGuard: The only other caveat i have found is if the tunnel is up using a non-zero allowed IP address and you have establishe... Mike Moore
04:45 PM pfSense Docs Correction #14511: Dynamic Routing over WireGuard: Correction. The route just made it in there when i did my screencap. I reverted back to 0.0.0.0/0 in Allowed IP Mike Moore
04:44 PM pfSense Docs Correction #14511: Dynamic Routing over WireGuard: Another post.
As you can see the routes exist within the BGP dameon process
sh ip bgp neighbors 10.6.106.2 receiv... Mike Moore
04:37 PM pfSense Docs Correction #14511: Dynamic Routing over WireGuard: Routing fails. I am uploading the pics to show.
Moving back to 0.0.0.0/0 restores connectivity. Mike Moore
04:26 PM pfSense Docs Correction #14511: Dynamic Routing over WireGuard: Mike Moore wrote in #note-2:
> Its possible things have changed.
> This is a site2site tunnel with a configuration ... Jim Pingle
04:24 PM pfSense Docs Correction #14511: Dynamic Routing over WireGuard: Its possible things have changed.
This is a site2site tunnel with a configuration with only 1x peer. I am doing BGP
... Mike Moore
04:09 PM pfSense Docs Correction #14511 (Feedback): Dynamic Routing over WireGuard: Unless something changed, if there is only one peer on the tunnel it used to assume that since it didn't have to deci... Jim Pingle
02:42 PM pfSense Docs Correction #14511 (Feedback): Dynamic Routing over WireGuard: https://docs.netgate.com/pfsense/en/latest/vpn/wireguard/routing.html#dynamic-routing
Please add a note that when ... Mike Moore
04:53 PM Revision 1d1b1c02: Bump to 2.7-RELEASE: Brad Davis
03:01 PM pfSense Packages Feature #14512 (New): Basic Auth through GUI: Add the ability through the GUI to provide basic authentication for either frontend or backend pools
You can hack ... Mike Moore
02:13 PM Bug #14497: Kernel panic when using traffic shaping on a PPPoE interface: I believe I've reproduced the problem. It required using ix3 as LAN interface and ix3.201 as PPPoE for WAN.
With a... Kristof Provost
03:57 AM Feature #14483: Conditionally reconfigure IPsec VTI interfaces only when necessary while applying IPsec changes: Hi. Making a heartbeat check.
Will this get investigated further?
At this time i cant reliably use VTI and FRR at ... Mike Moore

06/26/2023

10:03 PM pfSense Packages Bug #14510 (New): match rpki invalid What is actually executed is match rpki valid: when i setup match rpki invalid for deny, then actually executed is match rpki valid for deny.
please your check a... yon Liu
08:10 PM Bug #11418: 'NAT-T: Force' is broken for IPv6 IPsec: I submitted option B to strongSwan here: https://github.com/strongswan/strongswan/issues/1759 Richard Laager
08:06 PM Bug #11418: 'NAT-T: Force' is broken for IPv6 IPsec: This is a problem for us. In short, what is happening is that stateful firewalls in the middle are not associating th... Richard Laager
06:50 PM pfSense Packages Bug #14509 (Not a Bug): PHP Error in ``vpn_openvpn_export.php``: When clicking 'VPN >> OpenVPN >> Client Export' the following issue occurs (Intel Celeron 1005M):
----------------... Ivo Gurp
04:45 PM Bug #14497: Kernel panic when using traffic shaping on a PPPoE interface: I have no idea what could be going on here.
I'm going to assume that the `codel_should_drop: could not found the p... Kristof Provost
12:20 PM Bug #14497: Kernel panic when using traffic shaping on a PPPoE interface: Attached shaper config that hots this. Steve Wheeler
12:27 PM pfSense Packages Feature #12502 (Resolved): Option to include Syslog-ng Configuration Library (scl): Jim Pingle
12:26 PM pfSense Plus Bug #14507 (Not a Bug): CPU hog with 23.05: Given that the thread in question is from iflib this seems more like busy hardware or an upstream driver issue and no... Jim Pingle
12:24 PM Todo #14506 (Rejected): Cambio de IP publica caída de la VPN: This site is not for diagnosing or discussing problems with your installation. Please start a forum thread at https:/... Jim Pingle
05:29 AM Bug #13555: When WAN is lost, ipv6 interface will not renew upon WAN availability: The problem persists in version 23.05 with the same configuration as above (different ISP).
The problem doesn't seem... Vincent Gauthier
03:50 AM Regression #11545: Primary interface address is not always used when VIPs are present: Updated a patched 2.6.0 to 2.7.0.r.20230622.0600 and the issue https://redmine.pfsense.org/issues/11545#note-10 has r... M Felden

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

07/25/2023

07/24/2023

07/23/2023

07/22/2023

07/21/2023

07/20/2023

07/19/2023

07/18/2023

07/17/2023

07/16/2023

07/15/2023

07/14/2023

07/13/2023

07/12/2023

07/11/2023

07/10/2023

07/09/2023

07/08/2023

07/07/2023

07/06/2023

07/05/2023

07/04/2023

07/03/2023

07/02/2023

07/01/2023

06/30/2023

06/29/2023

06/28/2023

06/27/2023

06/26/2023