Activity

30 days up to

User

Subprojects

Activity

From 07/16/2023 to 08/14/2023

08/14/2023

10:19 PM pfSense Plus Bug #14586: Adding an IP Alias VIP using a unicast CARP VIP as its parent changes the CARP VIP to multicast at the OS level: James George wrote in #note-9:
> I'm happy to test the fix in my environment if you'd like; I'd just need a diff/pat... Reid Linnemann
09:53 PM Bug #14648: Values obtained from ``sysctl`` are sometimes unexpectedly empty, leading to PHP and other math errors: Hi
I received the error again
Crash report begins. Anonymous machine information:
amd64
14.0-CURRENT
FreeB... Michael Clews
08:53 PM Bug #14687: Error in boot messages about missing ``/boot/loader.conf.d`` directory: Stock FreeBSD comes with the directory.
Thus the best long term option is to just add one, but I don't know to do ... Mateusz Guzik
08:00 PM Bug #14687 (Closed): Error in boot messages about missing ``/boot/loader.conf.d`` directory: This is defined in /boot/defaults/loader.conf:... Steve Wheeler
07:35 PM Todo #14686 (Feedback): Check for deprecated OpenVPN encryption and digest options on upgrade: Applied in changeset commit:45b87923fecb8d7e414f927997b399fbe5a69355. Jim Pingle
05:44 PM Todo #14686 (Resolved): Check for deprecated OpenVPN encryption and digest options on upgrade: OpenSSL 3.x deprecated several algorithms for encryption and digest.
Encryption algorithms removed from OpenVPN:
... Jim Pingle
07:35 PM Todo #14677 (Feedback): Prevent weak SHA1 certificates from being used with OpenVPN clients and servers: Applied in changeset commit:45b87923fecb8d7e414f927997b399fbe5a69355. Jim Pingle
07:27 PM Revision 45b87923: Check OpenVPN instances for deprecated items: * Check for weak certificate digests. Implements #14677
* Check for deprecated encryption and digests. Implements #14686 Jim Pingle
03:53 PM Revision e1267c0f: Improve GUI cert digest help text: Instead of calling out one weak digest, mention the current best
practice minimum and that others may fail for being ... Jim Pingle
02:30 PM pfSense Plus Bug #14682: DCO OpenVPN server bound to Localhost does not pass traffic as expected: I can confirm this (even on 23.09 snaps) but it doesn't seem to be a routing issue. I see all the same interface conf... Jim Pingle
12:32 PM pfSense Plus Bug #14685 (Not a Bug): Kernel panic on reroot: The crash looks like it could potentially be a problem with the filesystem or disk. While there is a possibility it's... Jim Pingle
12:18 PM Regression #14678: CA and Certificate renewal page does not properly list some SHA1 certificates as being weak: aleksei prokofiev wrote in #note-2:
> Tested this patch on 23.05.1 and 2.7.0
> After apply the patch the the cert m... Jim Pingle
12:15 PM pfSense Packages Bug #14683: PHP error on ``status_frr.php`` from using too much memory: Probably too much data for that page to deal with (e.g. route table is gigantic).
It already tries to limit how th... Jim Pingle
12:12 PM Bug #14681 (Duplicate): IGMP proxy cause crash on 23.05.1: The backtrace looks close enough that it seems like the same bug. No reason for a new report at this point. Even if i... Jim Pingle
12:10 PM Bug #14680 (Not a Bug): server/client openvpn /30: This is just how OpenVPN works. With a /24 subnet, SSL/TLS, and no DCO you have to have Overrides to setup iroutes be... Jim Pingle
06:12 AM Bug #14651: pfSense 2.7.0 Release has PPPoE bug. Unable to even make connection. LCP: Down Event and Link: Down event with no explanation: Lucas Tam wrote in #note-3:
> I recently had a similar issue with my PPPoE interfaces w/ a QNAP QXG-2G4T-I225 passed... Cin Lung Chen
02:12 AM Bug #14684: Allowed IP Address does not control incoming speed in captive portal, PF Sense Release 2.7 Latest: I Also make a issue thread on forum.netgate.com, where Mr. Rcoleman-netgate advice me to address this bug
on this bu... Noman Haroon
02:07 AM Bug #14684: Allowed IP Address does not control incoming speed in captive portal, PF Sense Release 2.7 Latest: Dear PF Sense Engineers, I have shared a video, Kindly check it.
https://drive.google.com/drive/folders/1kVCGz0lYr... Noman Haroon

08/13/2023

08:28 PM pfSense Plus Bug #14685 (Feedback): Kernel panic on reroot: When running a reroot on my firewall (Dell R220) it starts to stop services just fine then kernel panics and does a w... Ed McLain
04:29 PM Bug #14684 (Confirmed): Allowed IP Address does not control incoming speed in captive portal, PF Sense Release 2.7 Latest: Hi PF Sense Engineers, I like to report a bug. There is problem in captive portal in latest release 2.7, In captive p... Noman Haroon
02:38 PM Bug #14628: PPPoE Interface Panic: @Jim Pingle The issue was reported again earlier today and I am attaching the latest dump. The ending lines of logs w... Faisal Mahmood
06:17 AM Regression #14678: CA and Certificate renewal page does not properly list some SHA1 certificates as being weak: Tested this patch on 23.05.1 and 2.7.0
After apply the patch the the cert marks as Weak Digest
!clipboard-202308130... aleksei prokofiev
04:59 AM pfSense Packages Bug #14683 (Duplicate): PHP error on ``status_frr.php`` from using too much memory: amd64
14.0-CURRENT
FreeBSD 14.0-CURRENT #1 plus-RELENG_23_05_1-n256108-459fc493a87: Wed Jun 28 04:26:04 UTC 202... yon Liu
04:26 AM Bug #14681: IGMP proxy cause crash on 23.05.1: No patch was applied, because the patch requires a kernel build. Lev Prokofev
02:45 AM Bug #14681: IGMP proxy cause crash on 23.05.1: Did this issue crop up as a result of the patch in the linked redmine or does this crash happen without the patch? Kris Phillips
02:47 AM Bug #14680: server/client openvpn /30: Based on the note below the Tunnel Network field, this might be expected behavior:
_A tunnel network of /30 or small... Kris Phillips

08/12/2023

09:27 PM pfSense Plus Bug #14682 (Resolved): DCO OpenVPN server bound to Localhost does not pass traffic as expected: When connected to an OpenVPN server that has DCO enabled and the OpenVPN server is bound to Localhost with Port Forwa... Kris Phillips
08:27 PM pfSense Packages Bug #14643 (Not a Bug): Suricata PHP error after upgrade to CE 2.7.0: That is expected as the system upgrades the packages. Since it is working correctly after the upgrade, I'm marking th... Christopher Cope
08:26 PM pfSense Packages Bug #14644 (Not a Bug): Zeek PHP error after upgrade to CE 2.7.0: e 1/1 wrote in #note-2:
> Kris Phillips wrote in #note-1:
> > Do any issues occur with the package post-upgrade or ... Christopher Cope
08:20 PM Bug #13344: Vlan loses parent interface when changing LAGG mtu to jumbo frames: related/duplicate? https://redmine.pfsense.org/issues/14603 Jordan G
07:17 PM Bug #13996: Limiters using the fq_pie scheduler no longer pass any traffic.: I can confirm, I'm seeing this on 23.05.1 - if nothing else but the scheduler changes from FQ_CODEL to FQ_PIE under t... Jordan G
12:55 PM Bug #14681 (Duplicate): IGMP proxy cause crash on 23.05.1: Crash trace attached, possibly related to https://redmine.pfsense.org/issues/12079
Fatal trap 12: page fault whi... Lev Prokofev
03:14 AM Bug #14648: Values obtained from ``sysctl`` are sometimes unexpectedly empty, leading to PHP and other math errors: It happens in my case after logging into the system based on the time stamp as its the same time as my login.
not su... Michael Clews
03:10 AM Bug #14680 (Not a Bug): server/client openvpn /30: server/client does not work if the Tunnel Network is not /30 in ssl/tls , it works with shared key .
* create Op... Alhusein Zawi

08/11/2023

09:52 PM Regression #14679: Allow simultaneously including/excluding the same type: This would make sense for types that allow "all of" and "none of" (host, mac, port). Marcos M
08:36 PM Regression #14679 (New): Allow simultaneously including/excluding the same type: Hi All
With the updates in the last couple version it looks like functionality was lost with the GUI packet captur... Martin Kenney
09:02 PM Revision 8c605478: Show the correct selection when editing oNAT rules: Fixes a copy/paste error from 887d0e7d. Marcos M
07:44 PM pfSense Packages Bug #14644: Zeek PHP error after upgrade to CE 2.7.0: Kris Phillips wrote in #note-1:
> Do any issues occur with the package post-upgrade or is just the upgrade PHP errors... e 1/1
07:15 PM Regression #14678 (Feedback): CA and Certificate renewal page does not properly list some SHA1 certificates as being weak: Applied in changeset commit:3ad1e1cb0dd5fa9a486448bfd44c82c230741306. Jim Pingle
06:05 PM Regression #14678 (Resolved): CA and Certificate renewal page does not properly list some SHA1 certificates as being weak: Noticed this when working on other OpenSSL changes, but some certificates are not being flagged by the renewal page a... Jim Pingle
07:12 PM Todo #14677 (In Progress): Prevent weak SHA1 certificates from being used with OpenVPN clients and servers: Adding the GUI warnings and filtering out the invalid certificate choices is now complete.
The upgrade code is the... Jim Pingle
07:11 PM Todo #14672 (In Progress): Prevent weak SHA1 certificates from being used with GUI and Captive Portal: Adding the GUI warnings and filtering out the invalid certificate choices is now complete.
The upgrade code is the... Jim Pingle
07:05 PM Revision 3ad1e1cb: Certificate digest strength changes: Part of ongoing changes for OpenSSL 3.x
* Consolidate and improve checks for weak digest algorithms.
Fixes #14678
... Jim Pingle
05:38 PM pfSense Packages Regression #14636 (Feedback): "Legacy" strength PKCS#12 Export needs ``-legacy`` provider parameter on OpenSSL command: I pushed this change on Wednesday:
https://github.com/pfsense/FreeBSD-ports/commit/f61ca6b81bab553e94046b1e6c5811a... Jim Pingle
04:29 PM Revision b6698d5b: Add the new initial installation tarball to the pkg-plist files in the base core package.: Luiz Souza
04:16 PM Revision 10f20bdb: Add a list of initial files installed only a single time.: Those files are mostly static and will not be upgraded with the rest of the
system to also preserve user customizatio... Luiz Souza
03:52 PM pfSense Packages Feature #14423: haproxy 2.7 QUIC support (+ maybe LUA 5.4?): Pawel Piaskowy wrote:
> Hello,
>
> I appreciate all pfSense+ updates and efforts Team is doing (I am relatively new ... Torben Hørup
01:46 PM Bug #14651: pfSense 2.7.0 Release has PPPoE bug. Unable to even make connection. LCP: Down Event and Link: Down event with no explanation: I recently had a similar issue with my PPPoE interfaces w/ a QNAP QXG-2G4T-I225 passed through to the VM using VMXNet... Lucas Tam
12:54 PM Bug #14665 (Feedback): IGMP Proxy cannot start on VirtIO (``vtnet``) interfaces: I've committed the relevant fix upstream and merged that into our trees. igmpproxy is expected to work in the next sn... Kristof Provost
12:36 PM pfSense Packages Bug #12899 (Resolved): Suricata doesn't honor Pass List: Jim Pingle
01:14 AM pfSense Packages Bug #12899: Suricata doesn't honor Pass List: Another pass at resolving this long standing, but random, issue is in the code of Pull Request 1284 (https://github.c... Bill Meeks
12:36 PM pfSense Packages Bug #14530 (Resolved): Suricata 6.0.13 package interface settings: Jim Pingle
01:11 AM pfSense Packages Bug #14530: Suricata 6.0.13 package interface settings: This issue is resolved by Pull Request 1285 https://github.com/pfsense/FreeBSD-ports/pull/1285 merged on August 10, 2... Bill Meeks
12:36 PM Bug #14648: Values obtained from ``sysctl`` are sometimes unexpectedly empty, leading to PHP and other math errors: Those are the exact same errors as above. You can try the patch above and see if you can reproduce it after.
At th... Jim Pingle
07:42 AM Bug #14648: Values obtained from ``sysctl`` are sometimes unexpectedly empty, leading to PHP and other math errors: Got a slightly different variant (havent changed anything):
PHP ERROR: Type: 1, File: /etc/inc/util.inc, Line: 2479,... Michael Clews
04:52 AM Revision 157e4821: Make sure all of /etc/dh-parameters* are not in the pfSense-base package.: For details, see e02a5d8c0f8627ed0259e1cc91dbbdaeb9746602 and #4816. Luiz Souza

08/10/2023

10:55 PM Revision 887d0e7d: Refactor outbound NAT target config field: Don't keep a separate target field, and handle
some older configs on upgrade. Marcos M
10:53 PM Revision 1b8b0963: Revert "Refactor outbound NAT target config field": This reverts commit 5557bc594916a5a6ff51ac8ed319a6ad436d3475. Marcos M
08:44 PM Feature #3288 (In Progress): Support interface macros in Outbound NAT rules: Marcos M
07:00 PM Feature #3288 (Feedback): Support interface macros in Outbound NAT rules: Marcos M
06:30 PM Revision 5557bc59: Refactor outbound NAT target config field: There's no need to keep a separate target field,
and now it's easier to implement #3288. Marcos M
06:08 PM pfSense Packages Bug #14676 (Confirmed): Listening Port option in the Tailscale configurator is not respected: Christian McDonald
05:37 PM pfSense Packages Bug #14676: Listening Port option in the Tailscale configurator is not respected: David G wrote in #note-7:
> Christian McDonald wrote in #note-5:
> > I bet something else is already listening on 1... David G
05:27 PM pfSense Packages Bug #14676: Listening Port option in the Tailscale configurator is not respected: Christian McDonald wrote in #note-5:
> I bet something else is already listening on 11111, forcing tailscaled to cho... David G
05:14 PM pfSense Packages Bug #14676 (Not a Bug): Listening Port option in the Tailscale configurator is not respected: Christian McDonald
05:12 PM pfSense Packages Bug #14676: Listening Port option in the Tailscale configurator is not respected: I bet something else is already listening on 11111, forcing tailscaled to choose another port to bind. Christian McDonald
05:09 PM pfSense Packages Bug #14676: Listening Port option in the Tailscale configurator is not respected: David G wrote in #note-3:
> Christian McDonald wrote in #note-2:
> > I'm not able to replicate this report myself.
... David G
04:49 PM pfSense Packages Bug #14676: Listening Port option in the Tailscale configurator is not respected: Christian McDonald wrote in #note-2:
> I'm not able to replicate this report myself.
Here are some screenshots of... David G
04:13 PM pfSense Packages Bug #14676: Listening Port option in the Tailscale configurator is not respected: I'm not able to replicate this report myself. Christian McDonald
10:32 AM pfSense Packages Bug #14676: Listening Port option in the Tailscale configurator is not respected: Tested on 2.7.0 and 23.05.1 , Tailscale 0.1.4
Can not reproduce, if I change listen port it always changed appropria... aleksei prokofiev
02:54 AM pfSense Packages Bug #14676 (Confirmed): Listening Port option in the Tailscale configurator is not respected: The tailscaled process starts and listens on a random port, instead of the one specified. This causes things like dir... David G
04:24 PM Todo #14672: Prevent weak SHA1 certificates from being used with GUI and Captive Portal: Added Captive Portal here since it will also fail with a SHA1 cert or CA Jim Pingle
04:19 PM Todo #14677 (Resolved): Prevent weak SHA1 certificates from being used with OpenVPN clients and servers: OpenVPN built against OpenSSL 3.0 rejects any certificate (client or server) using SHA1 hash. Surprisingly, a SHA1 CA... Jim Pingle
03:15 PM Feature #14667 (Resolved): Improve SCTP support in ``filterlog``: Looks good on the latest snapshot with @filterlog-0.1_10@.
!clipboard-202308101114-0moko.png!
Raw log content:
... Jim Pingle
02:15 PM pfSense Packages Bug #14674 (Resolved): Error after upgrade to HAProxy 0.62_1: Jim Pingle
02:08 PM pfSense Packages Bug #14674: Error after upgrade to HAProxy 0.62_1: It works for me too, thank you so much Crystian Geovani Dorabiatto
02:00 PM pfSense Packages Bug #14674: Error after upgrade to HAProxy 0.62_1: It seems to be working properly now with the new build no errors. Thanks Willem-Jan v R
12:54 PM pfSense Packages Bug #14674 (Feedback): Error after upgrade to HAProxy 0.62_1: I updated the non-devel version of the package with the code from -devel. The underlying versions of haproxy updated ... Jim Pingle
12:02 PM pfSense Packages Bug #14674 (In Progress): Error after upgrade to HAProxy 0.62_1: Jim Pingle
11:56 AM pfSense Packages Bug #14674: Error after upgrade to HAProxy 0.62_1: I had the same issue, Im using the Dev PKG but the Dev PKG has a lot of issue about SSL, in the past they fixed the s... Crystian Geovani Dorabiatto
11:36 AM pfSense Packages Bug #14674: Error after upgrade to HAProxy 0.62_1: I had the same issue. Luckily the develop version was working. I didn't make a new boot environment to restore from.
... Willem-Jan v R
02:37 AM pfSense Packages Bug #14674: Error after upgrade to HAProxy 0.62_1: Can confirm. Manually editing the file doesn't work. Kevin Ruffus
12:48 AM pfSense Packages Bug #14674 (Resolved): Error after upgrade to HAProxy 0.62_1: Looks like nbproc is no long supported in the config file and needs to be removed in order to start the service.
E... Chad High
01:05 PM Regression #14431: Sending IPv6 traffic on a disabled interface can trigger a kernel panic: In my case there is no involvement of Tailscale as I do not use it.
Regards.
☕️ Rob A
12:05 PM pfSense Plus Bug #14586 (Resolved): Adding an IP Alias VIP using a unicast CARP VIP as its parent changes the CARP VIP to multicast at the OS level: Jim Pingle
07:36 AM pfSense Plus Bug #14586: Adding an IP Alias VIP using a unicast CARP VIP as its parent changes the CARP VIP to multicast at the OS level: Tested on Dev build... Lev Prokofev
12:02 PM pfSense Packages Regression #14675 (Duplicate): HA Proxy can’t commit changes: Duplicate of #14674 (it has the full non-cropped error message) Jim Pingle
01:40 AM pfSense Packages Regression #14675 (Duplicate): HA Proxy can’t commit changes: There seems to an issue with commiting any changes in HA Proxy after a recent (today) package update.
There are foru... Mike Moore

08/09/2023

08:39 PM Bug #14673: Remove broken ``stun.sipgate.net`` from UPnP STUN server list: An example from a bug report from OpenWRT:
https://github.com/openwrt/packages/issues/17413#issuecomment-133790197... Kris Phillips
08:36 PM Bug #14673 (Resolved): Remove broken ``stun.sipgate.net`` from UPnP STUN server list: Some users are reporting that stun.sipgate.net, which is the first item in the list of the "Some public STUN servers:... Kris Phillips
07:56 PM Todo #14672: Prevent weak SHA1 certificates from being used with GUI and Captive Portal: Note this is for both the certificate itself using SHA1 *or* if the CA is using SHA1. Neither one can use it. Jim Pingle
07:14 PM Todo #14672 (Resolved): Prevent weak SHA1 certificates from being used with GUI and Captive Portal: The @nginx@ daemon for the GUI fails to run with a SHA1 certificate on dev snapshots using OpenSSL 3.0
The daemon ... Jim Pingle
07:43 PM Feature #14667: Improve SCTP support in ``filterlog``: PRs merged. The filterlog port change was missing a Makefile version bump but I took care of that. Should be in the n... Jim Pingle
07:30 PM Feature #14667 (Feedback): Improve SCTP support in ``filterlog``: Applied in changeset commit:d9601d99bbeb1d941484d777d8d3fbe1839a2faa. Kristof Provost
05:16 PM Feature #14667 (Pull Request Review): Improve SCTP support in ``filterlog``: Jim Pingle
04:58 PM Feature #14667: Improve SCTP support in ``filterlog``: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1060
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/... Kristof Provost
07:22 PM Revision d9601d99: syslog: filterlog now exports port numbers for SCTP. Implements #14667: Kristof Provost
05:17 PM pfSense Packages Bug #14671: LCDproc package does not automatically restart after upgrade: I don't believe it has anything to do with the configuration, but some sort of timing issue on when the package is st... Jim Pingle
04:03 PM pfSense Packages Bug #14671 (New): LCDproc package does not automatically restart after upgrade: When upgrading LCDproc, the lcdproc daemon does not automatically restart.
One must re-save the LCDproc service se... Elvis Impersonator
02:11 PM pfSense Packages Feature #14653: Update to LCPROC NTP Screen: I've noticed that as well sometimes but haven't yet been able to track it down. That would belong in its own separate... Jim Pingle
02:08 PM pfSense Packages Feature #14653: Update to LCPROC NTP Screen: @jimp
23.05.1 I think there might a lingering bug with the package installer for LCDProc
After updating, LCDProc... Elvis Impersonator
01:33 PM pfSense Packages Feature #14653: Update to LCPROC NTP Screen: Elvis Impersonator wrote in #note-3:
> @jimp will it take a few days before the updated package is released?
It ... Jim Pingle
01:24 PM Revision 21a588f7: Unset DPCRE2/SPCRE2 options for haproxy-devel: Fix build failure:
====> You cannot select multiple options from the PCRE radio
=====> Only one of th... Kristof Provost
01:21 PM pfSense Packages Bug #14670 (Feedback): net-snmp does not ignore /var/unbound/dev: PR merged Jim Pingle
01:16 PM pfSense Packages Bug #14670: net-snmp does not ignore /var/unbound/dev: PR: https://github.com/pfsense/FreeBSD-ports/pull/1283 Jim Pingle
01:15 PM Feature #14402 (Resolved): Dynamic DNS support for Porkbun: Jim Pingle
06:35 AM Feature #14402: Dynamic DNS support for Porkbun: Work as expected, tested on ... Lev Prokofev
01:15 PM pfSense Packages Regression #14445 (Feedback): HAProxy PHP error /usr/local/www/haproxy/haproxy_global.php:138: PR merged -- also the same edit was made to the -devel package.
Jim Pingle
10:18 AM Bug #8686: IPsec VTI: Assigned interface firewall rules are never parsed: Could the ipsec interface be enabled for inclusion to an interface group when the advanced ipsec filter mode is set t... beermount beermount
07:00 AM Bug #14628: PPPoE Interface Panic: Hi, it was reported again yesterday and the dump looks the same as mentioned earlier. I tried to check the system log... Faisal Mahmood

08/08/2023

11:42 PM pfSense Plus Bug #14586: Adding an IP Alias VIP using a unicast CARP VIP as its parent changes the CARP VIP to multicast at the OS level: I'm happy to test the fix in my environment if you'd like; I'd just need a diff/patch to apply if the official fix is... James George
04:13 PM pfSense Plus Bug #14586: Adding an IP Alias VIP using a unicast CARP VIP as its parent changes the CARP VIP to multicast at the OS level: Updating subject for release notes. Jim Pingle
04:09 PM pfSense Plus Bug #14586 (Feedback): Adding an IP Alias VIP using a unicast CARP VIP as its parent changes the CARP VIP to multicast at the OS level: Fixed in eab8453f Reid Linnemann
10:34 PM pfSense Packages Feature #14653: Update to LCPROC NTP Screen: @jimp will it take a few days before the updated package is released? Elvis Impersonator
08:41 PM pfSense Packages Bug #14670 (Resolved): net-snmp does not ignore /var/unbound/dev: Net-snmp has ignoreDisk directives for devfs mount points /dev and /var/dhcpd/dev, but is missing an ignoreDIsk direc... Denny Page
08:34 PM Regression #14525: PHP error in ``status_ipsec.php`` after removing active IPsec tunnel configuration: Another instance of this (v23.05):... Craig Coonrad
07:50 PM Bug #14648 (Feedback): Values obtained from ``sysctl`` are sometimes unexpectedly empty, leading to PHP and other math errors: Applied in changeset commit:054c25418f28bd0afeb1e4a3f07075db76f8f61b. Jim Pingle
07:42 PM Bug #14648: Values obtained from ``sysctl`` are sometimes unexpectedly empty, leading to PHP and other math errors: I never could reproduce the error condition but I added several safety belts to ensure the values are sane coming out... Jim Pingle
07:42 PM pfSense Packages Feature #13138: DNS over HTTPS/TLS Blocking should be removed from SafeSearch: The block list [if done by IP] offers the option to create an ALIAS which is more flexible then sink holing. I would ... Mike Moore
07:39 PM Revision 054c2541: Add safety belts around memory size checks. Fixes #14648: * Add safety checks when fetching the memory size
* Also ensure the state table size is sane if the memory check fails Jim Pingle
07:31 PM pfSense Packages Bug #14668: FRR BGP route is not making into kernel route table after WireGuard's peer change is applied: Ive ran into a similar issue as well. The routes will appear in FRR but you check the pfsense route table the routes ... Mike Moore
04:22 PM pfSense Packages Bug #14668 (New): FRR BGP route is not making into kernel route table after WireGuard's peer change is applied: I was able to reproduce this behavior in clear PfSense 2.7 setup with frr 1.3_1 and WireGuard 0.2.0_2, not sure which... Oleksii Tucha
07:27 PM pfSense Packages Feature #14669 (New): pfblocker log rotation on schedule: Allow the option to set logroate option (daily,weekly,monthly)
Im using pfBlocker stats to fill in a report and beca... Mike Moore
03:43 PM Bug #14356: URL scheme is not properly validated in some cases: Updating for release notes. Jim Pingle
03:41 PM Regression #14039: Limiters have no effect on upload traffic passed by policy routing rules: Updating subject for release notes. Jim Pingle
03:40 PM Bug #14497: Kernel panic when using traffic shaping on a PPPoE interface: Updating subject for release notes. Jim Pingle
03:36 PM Feature #14666: Option to add automatic pass rules for IGMP Proxy which allow IP options: I'd suggest a (default on, because it's basically required for it to work anyway) checkbox to create automagic rules ... Kristof Provost
02:49 PM Feature #14666 (New): Option to add automatic pass rules for IGMP Proxy which allow IP options: Users frequently get tripped up by IGMP not receiving traffic because by default, firewall rules do not allow packets... Jim Pingle
03:29 PM Feature #14667 (Resolved): Improve SCTP support in ``filterlog``: FreeBSD 14.x includes more support for SCTP in the OS and in PF. There is a separate issue underway for allowing port... Jim Pingle
03:22 PM Regression #14377 (Closed): Cannot add a QinQ interface to a bridge: Looks good in todays snapshot:... Steve Wheeler
02:15 PM Regression #14377: Cannot add a QinQ interface to a bridge: Doesn't appear to be specific to Plus Jim Pingle
03:05 PM Regression #14615 (Resolved): PHP crash during bootup with gateway monitoring enabled with custom monitor IP: Christian McDonald
03:03 PM Regression #14615: PHP crash during bootup with gateway monitoring enabled with custom monitor IP: Excluding from release notes since this wasn't a problem in a release, only during development. Jim Pingle
03:04 PM Bug #14619: Rule separators are ordered incorrectly after removing rules in certain positions: Updating subject for release notes. Jim Pingle
03:02 PM Feature #14457: Support receiving ``EAPOL`` frames on VLAN ``0`` in ``wpa_supplicant``: Updating subject for release notes. Jim Pingle
02:59 PM Regression #14370: Console and system log may contain unnecessary Netlink debug messages from IPsec: Updating subject for release notes. Jim Pingle
02:58 PM Bug #13088: Rapidly clicking certain options on OpenVPN Client Overrides can cause hide/show field behavior to invert: Updating subject for release notes. Jim Pingle
02:50 PM Bug #14301: Input validation error when saving IGMP Proxy settings: I also created a feature request for an option to handle the firewall rules we discussed: #14666 Jim Pingle
02:40 PM Bug #14301: Input validation error when saving IGMP Proxy settings: I made a dedicated issue for the VirtIO problem at #14665 Jim Pingle
02:22 PM Bug #14301: Input validation error when saving IGMP Proxy settings: The virtio issue did turn out to be a virtio problem. It doesn't allow IFF_ALLMULTI to be set (on systems where the h... Kristof Provost
12:35 PM Bug #14301 (Feedback): Input validation error when saving IGMP Proxy settings: Applied in changeset commit:a38aa6d7ffd121727eae9f0d5229b4121928e1f5. Kristof Provost
02:42 PM Bug #13277 (Duplicate): IGMP Proxy webConfigurator Page Always Produces Error: Duplicate of #14301 -- This one was first, but the fix is already committed and noted on #14301 Jim Pingle
02:39 PM Bug #14665 (Resolved): IGMP Proxy cannot start on VirtIO (``vtnet``) interfaces: Moved this over from #14301
From Kristof:
> I'm investigating another issue, which I suspect to be limited to ... Jim Pingle
02:36 PM Bug #12079: Kernel panic when running IGMP Proxy: Sleeping thread owns a non-sleepable lock: Updating subject for release notes. Jim Pingle
02:34 PM Bug #14524: Cannot select IP Alias VIP with CARP VIP parent in Virtual IP drop-down on Gateway Groups: Updating subject for release notes. Jim Pingle
02:31 PM Feature #14402: Dynamic DNS support for Porkbun: Updating subject for release notes. Jim Pingle
02:31 PM Bug #14637: PHP shell script ``pfanchordrill`` shows duplicate anchor content: Updating subject for release notes. Jim Pingle
02:28 PM Bug #14598: Link to view Captive Portal custom HTML page content does not work: Updating subject for release notes. Jim Pingle
02:28 PM Bug #14574: Firewall rules are not displayed properly when they reference a URL table alias and its file does not exist: Updating subject for release notes. Jim Pingle
02:21 PM Regression #14374: Static ARP entries are not configured at boot: Updating subject for release notes. Jim Pingle
02:21 PM Bug #13068: Firewall rules fail to load when a URL table alias file does not exist: Updating subject for release notes. Jim Pingle
02:17 PM pfSense Plus Bug #13348: Error when deleting ZFS Boot Environment created from duplicate of non-default entry: Updating subject for release notes. Jim Pingle
01:35 PM Bug #14660: Sticky Connections do not work properly when multiple connections have the same Gateway IP: Jim Pingle wrote in #note-1:
> That isn't a supported case. pf has no way to differentiate between two identical gat... Lucas Tam
12:24 PM Bug #14660 (Rejected): Sticky Connections do not work properly when multiple connections have the same Gateway IP: That isn't a supported case. pf has no way to differentiate between two identical gateways in this case and there isn... Jim Pingle
08:01 AM Bug #14660 (Rejected): Sticky Connections do not work properly when multiple connections have the same Gateway IP: I have set up a multi-WAN configuration that involves multiple PPPoE connections to my Internet service provider. Eac... Lucas Tam
01:15 PM Bug #14661 (New): ``dpinger`` can unintentionally choose an IPv6 VIP for a monitoring source: Jim Pingle
01:00 PM Bug #14661: ``dpinger`` can unintentionally choose an IPv6 VIP for a monitoring source: In that screenshot you can see that dpinger is using the CARP IP on a IPv6 gateway.
And this happens with all IPv6 g... Hannes Scherbichler
12:23 PM Bug #14661 (Feedback): ``dpinger`` can unintentionally choose an IPv6 VIP for a monitoring source: I can't reproduce this here, @dpinger@ is using the interface IPv6 address as expected. In the @dpinger@ command line... Jim Pingle
11:38 AM Bug #14661 (Closed): ``dpinger`` can unintentionally choose an IPv6 VIP for a monitoring source: Hello,
We have a pfSense cluster running with CARP and IPv6.
We noticed, that dpinger uses the CARP IP address as... Hannes Scherbichler
12:26 PM Revision a38aa6d7: igmpproxy: Do not display an error when saving changes. Fixes #14301: Kristof Provost

08/07/2023

11:49 PM Feature #3288 (In Progress): Support interface macros in Outbound NAT rules: Marcos M
09:24 PM pfSense Packages Bug #14659 (New): vlan (add/modify/delete) with pfblockerNG installed - all interfaces flap: Hard to say if this is a bug per se but its a reproducible problem.
1. create a LAGG with assigned VLANs and those... Mike Moore
09:19 PM pfSense Docs Todo #14658 (Resolved): Update firewall/NAT rule source/destination field references: The firewall/NAT rule source/destination fields have been updated:
https://github.com/pfsense/pfsense/commit/feefe2c... Marcos M
09:01 PM Bug #14301: Input validation error when saving IGMP Proxy settings: Note that that's mostly only a cosmetic problem. It does actually start igmpproxy.
I'm investigating another issue, ... Kristof Provost
08:12 PM Bug #14301 (Pull Request Review): Input validation error when saving IGMP Proxy settings: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1058 Marcos M
08:25 PM Bug #14657 (Rejected): PHP Fatal error: Allowed memory size of 536870912 bytes exhausted (tried to allocate 4096 bytes) in /usr/local/www/diag_command.php on line 174: That is not a package created or maintained by Netgate. Contact its author for assistance. Jim Pingle
08:20 PM Bug #14657 (Rejected): PHP Fatal error: Allowed memory size of 536870912 bytes exhausted (tried to allocate 4096 bytes) in /usr/local/www/diag_command.php on line 174: Hi, I executed this command via the GUI
curl https://updates.sunnyvalley.io/getzenarmor | sh
and then this one... e ok
07:21 PM pfSense Docs Todo #14656 (Resolved): Feedback on Interface Types and Configuration — LAGG (Link Aggregation): *Page:* https://docs.netgate.com/pfsense/en/latest/interfaces/lagg.html
*Feedback:* New to this so sorry if I'm ju... Anthony Celata
07:21 PM Bug #13068 (Resolved): Firewall rules fail to load when a URL table alias file does not exist: Marcos M
07:15 PM Bug #14637 (Feedback): PHP shell script ``pfanchordrill`` shows duplicate anchor content: Applied in changeset commit:68f5fc1bd5d2583317ab6e38f833070c2d1174cd. Marcos M
07:15 PM Bug #6799 (Feedback): Negating ``<interface> net`` when a VIP exists on the interface results in unintended behavior: Applied in changeset commit:85c4a8de0016bc4d192b60fd384af56aa4ba1376. Marcos M
07:13 PM pfSense Packages Bug #14654 (Resolved): Can't select BFD Peer for BGP Neighbor in GUI, Route Maps are shown instead: Jim Pingle
06:55 PM pfSense Packages Bug #14654: Can't select BFD Peer for BGP Neighbor in GUI, Route Maps are shown instead: Jim Pingle wrote in #note-4:
> Corrected packages are building now.
Updated, configured and checked on 2.7 - work... Oleksii Tucha
05:44 PM pfSense Packages Bug #14654 (Feedback): Can't select BFD Peer for BGP Neighbor in GUI, Route Maps are shown instead: It doesn't appear that I introduced an error in the behavior of the function that gathers BFD peers but I did spot an... Jim Pingle
12:52 PM pfSense Packages Bug #14654: Can't select BFD Peer for BGP Neighbor in GUI, Route Maps are shown instead: I probably made an error when updating all the FRR code for the new config access functions. I'll look into it today.
Jim Pingle
07:12 PM Bug #13423 (Resolved): IPv6 neighbor discovery protocol (NDP) fails in some cases: Seems to be solid here after several days in a row and several interface events. Gateways are still showing green thr... Jim Pingle
07:08 PM Revision 68f5fc1b: Avoid displaying duplicate anchors with pfanchordrill. Fix #14637: Marcos M
07:06 PM Revision 85c4a8de: Use pf macros for <interface> subnets. Fix #6799: This changes the behavior of '<if> subnet' in generated firewall/NAT
rules. The previous behavior expands '<if> subne... Marcos M
06:20 PM Bug #14646: OpenVPN can select the wrong interface IP address when multiple addresses are present: In my testing here, the behavior is correct when that is set to a failover group.
@get_interface_ip(<group name>)@... Jim Pingle
06:09 PM pfSense Packages Feature #14653 (Feedback): Update to LCPROC NTP Screen: PR merged Jim Pingle
05:38 PM Revision 7e01141a: Don't restrict the outbound NAT target list: The target_type list was changed in abc9d914 to restrict the displayed
selection options depending on the interface. ... Marcos M
05:35 PM Feature #14650 (Resolved): Change default match modifier from "all of" to "any of": Marcos M
03:55 PM Feature #14650 (Feedback): Change default match modifier from "all of" to "any of": Applied in changeset commit:54756f9f683282ca8e850de61f9929a9f011cda1. Marcos M
04:48 PM pfSense Plus Bug #14586: Adding an IP Alias VIP using a unicast CARP VIP as its parent changes the CARP VIP to multicast at the OS level: I've got a similar patch incoming, and this should be included in the System Patches as well I think. Reid Linnemann
03:48 PM Revision 54756f9f: Change the default match for Port and MAC in the packet capture GUI. Implement #14650: Marcos M
03:39 PM pfSense Packages Bug #14496: FATAL ERROR: /usr/local/etc/snort/snort_11005_mvneta1/snort.conf(405) Please activate arpspoof before trying to use arpspoof_detect_host.: This error has returned for some reason Jonathan Lee
03:02 PM Bug #14651: pfSense 2.7.0 Release has PPPoE bug. Unable to even make connection. LCP: Down Event and Link: Down event with no explanation: Marcos M wrote in #note-1:
> Please continue to discuss the issue in the forum. Once steps to reproduce the issue on... Cin Lung Chen
01:35 PM Bug #14648: Values obtained from ``sysctl`` are sometimes unexpectedly empty, leading to PHP and other math errors: Yeah that's what I figured but what I can't figure out is why it would ever come back blank for that OID. I can't mak... Jim Pingle
01:32 PM Bug #14648: Values obtained from ``sysctl`` are sometimes unexpectedly empty, leading to PHP and other math errors: @var_dump(""/1000);@ produces the same error
the empty string does not cleanly cast automatically to an int.
@g... Christian McDonald
01:11 PM Bug #14648: Values obtained from ``sysctl`` are sometimes unexpectedly empty, leading to PHP and other math errors: I doubt it is related to hardware at all, but maybe a timing issue with reading those values from sysctl. It may be h... Jim Pingle
10:55 AM Bug #14648: Values obtained from ``sysctl`` are sometimes unexpectedly empty, leading to PHP and other math errors: I also get similar error:... Michael Clews
12:46 PM Bug #7589 (Resolved): ``diag_edit.php`` warning is not cleared after picking non-directory to load: Jim Pingle
12:14 PM Regression #14377 (Feedback): Cannot add a QinQ interface to a bridge: Kristof Provost
11:38 AM Bug #12079: Kernel panic when running IGMP Proxy: Sleeping thread owns a non-sleepable lock: This is the relevant commit: https://github.com/pfsense/FreeBSD-src/commit/f10efe9d5708cf2f385f17f6ed13909d84cea737
... Kristof Provost
04:41 AM Feature #12077: Allow stick-connections per gateway group: Yes, this would be useful in my scenario where I have 3 x 1Gbe PPPoE links and I only want my browser clients to be s... Lucas Tam
04:38 AM Feature #290: Add Multi-WAN awareness to UPnP: Same, interested, all packages should have multi-wan awareness? Lucas Tam

08/06/2023

03:25 PM Bug #14655: NAT behind a WAN rule" and "!WAN rule": Im wanting about different NATs with the same ports Andre Lopez Araujo
03:24 PM Bug #14655 (Confirmed): NAT behind a WAN rule" and "!WAN rule": Good morning,
I just set up a DMZ NAT for everything that is not a WAN Net, but when creating another NAT with the... Andre Lopez Araujo
09:14 AM pfSense Packages Feature #14652: FRR OSPF6 not working over wireguard: Correct, I am relying on neighbor discovery. But even if I wanted to define a static neighbor, there would not be any... beermount beermount
04:12 AM Bug #14646: OpenVPN can select the wrong interface IP address when multiple addresses are present: Wasn't sure if this applied to clients and servers. After applying changeset via system_patches I rebooted upstream g... Jordan G
03:02 AM pfSense Packages Regression #14445: HAProxy PHP error /usr/local/www/haproxy/haproxy_global.php:138: Please see this pull request: https://github.com/pfsense/FreeBSD-ports/pull/1282 Alex Neihaus

08/05/2023

11:13 PM pfSense Packages Bug #14654: Can't select BFD Peer for BGP Neighbor in GUI, Route Maps are shown instead: confirmed.
BFD option(in BGP Neighbors) does not list BFD peers , it shows Route Map lists.
tested on 2.7 and... Alhusein Zawi
09:24 PM pfSense Packages Bug #14654: Can't select BFD Peer for BGP Neighbor in GUI, Route Maps are shown instead: FRR package version is 1.3, if that does matter.
It was working in FRR 1.1.1_7 (which is still installed in my 2.6 i... Oleksii Tucha
09:21 PM pfSense Packages Bug #14654 (Resolved): Can't select BFD Peer for BGP Neighbor in GUI, Route Maps are shown instead: To reproduce:
1. Install FRR
2. Create Route Map
3. Try to select a BFD Peer for BGP Neighbor
!bfd.png!
The se... Oleksii Tucha
11:10 PM pfSense Packages Bug #12899: Suricata doesn't honor Pass List: This has proven to be a very hard bug to find and fix. The problem is random. I have thus far been unable to reproduc... Bill Meeks
10:45 PM pfSense Packages Bug #14644: Zeek PHP error after upgrade to CE 2.7.0: Do any issues occur with the package post-upgrade or is just the upgrade PHP errors the only issue? Kris Phillips
10:44 PM pfSense Packages Feature #14652: FRR OSPF6 not working over wireguard: Hello,
Are you relying on neighbor discovery or do you have neighbors manually programmed in across the link? Typ... Kris Phillips
12:55 PM pfSense Packages Feature #14652: FRR OSPF6 not working over wireguard: Also see https://redmine.pfsense.org/issues/12760 beermount beermount
10:53 AM pfSense Packages Feature #14652 (New): FRR OSPF6 not working over wireguard: FRR OSPF6 is unable to form neighborship without adding link-local alias to wireguard interface.
Unless i perform:... beermount beermount
10:20 PM pfSense Packages Feature #14653: Update to LCPROC NTP Screen: Update LCDPROC NTP Screen
* Add time zone
* Improved selection between GPS and PPS
* Add stability parameter for P... Elvis Impersonator
03:01 PM pfSense Packages Feature #14653 (Feedback): Update to LCPROC NTP Screen: Update to LCDPROC NTP Screen
* Add time zone
* Add local PPS stability pps
https://github.com/pfsense/FreeBSD-po... Elvis Impersonator
10:01 PM pfSense Packages Bug #14287 (Feedback): pfBlockerNG does not uninstall cleanly when using RAM disks: I'm seeing this on 23.05.1 pfBlockerNG 3.2.0_5 across multiple devices. Perhaps you need an existing pfBlockerNG sect... Jordan G
08:45 AM pfSense Packages Bug #14287 (Resolved): pfBlockerNG does not uninstall cleanly when using RAM disks: No PHP errors on 23.05.1 when deleting 3.2.0_5 package with unchecked "keep config"... Lev Prokofev
04:33 PM Bug #6799: Negating ``<interface> net`` when a VIP exists on the interface results in unintended behavior: Tested and reproduced. Also tested with patch applied.
Steps to reproduce:
1. Create a LAN rule with Source ... Kris Phillips
03:33 PM Bug #14651 (Incomplete): pfSense 2.7.0 Release has PPPoE bug. Unable to even make connection. LCP: Down Event and Link: Down event with no explanation: Please continue to discuss the issue in the forum. Once steps to reproduce the issue on other systems (or specific de... Marcos M
09:22 AM Bug #14651 (Incomplete): pfSense 2.7.0 Release has PPPoE bug. Unable to even make connection. LCP: Down Event and Link: Down event with no explanation: Sorry if this is wrong, I am frustrated and would love to be pointed to the right direction. I made a post in the for... Cin Lung Chen
12:50 PM Bug #7589: ``diag_edit.php`` warning is not cleared after picking non-directory to load: Patch clear the warning after you click browse.
Tested on ... Lev Prokofev
09:41 AM pfSense Packages Regression #14189: pfBlocker-NG: HA-Sync is not working: the typo fix patch from the forum thread does fix the Sync functional for pfBlockerNG
tested on
Version 23.05.1-RE... Georgiy Tyutyunnik
09:36 AM Bug #14646: OpenVPN can select the wrong interface IP address when multiple addresses are present: wasn't able to reproduce the original issue as it's stated in the ticket.
However, found a somewhat linked issue:
I... Georgiy Tyutyunnik
05:52 AM Bug #14631: ACL on DNS Resolver is not updated list after IPs changed on interfaces: Can confirm, adding the IP on interfaces doesn't trigger the unbound to reload the config, and the new subnet is not ... Lev Prokofev

08/04/2023

09:55 PM Feature #14650 (Pull Request Review): Change default match modifier from "all of" to "any of": The default match selection for @PORT NUMBER@ and @HOST MAC ADDRESS@ has been changed to @any of@; this is the more c... Marcos M
06:31 PM Feature #14650 (Resolved): Change default match modifier from "all of" to "any of": It makes more sense to default the match Christian McDonald
08:09 PM Feature #14620: Support running DHCPv4 Server and DHCPv4 Relay at the same time on different interfaces: We will need to re-test this, as the previous attempt ended up breaking DHCPv6 completely.
More work is needed to su... Christian McDonald
06:24 PM Feature #13377: Option to configure a custom value for the PHP memory limit: Jonathan Lee wrote in #note-15:
> Thanks for the reply,
>
> just to confirm the is the Path Strip Count 2 for you... Christopher Cope
06:04 PM Feature #13377: Option to configure a custom value for the PHP memory limit: Thanks for the reply,
just to confirm the is the Path Strip Count 2 for your patch?
!clipboard-202308041104-h72... Jonathan Lee
05:30 PM Feature #13377: Option to configure a custom value for the PHP memory limit: Jonathan Lee wrote in #note-10:
> Could this also be adapted to use a disk swap? That way it could have an option to... Christopher Cope
05:28 PM Feature #13377: Option to configure a custom value for the PHP memory limit: Jonathan Lee wrote in #note-12:
> I added your patch set this to 512mb and I am still getting that snort error for a... Christopher Cope
04:33 PM Feature #13377: Option to configure a custom value for the PHP memory limit: I added your patch set this to 512mb and I am still getting that snort error for active rules
Crash report begins.... Jonathan Lee
03:57 PM Feature #13377: Option to configure a custom value for the PHP memory limit: is the Path Strip Count 2 for the patch? Jonathan Lee
03:42 PM Feature #13377: Option to configure a custom value for the PHP memory limit: Could this also be adapted to use a disk swap? That way it could have an option to use and allocate fixed disk storag... Jonathan Lee
06:07 PM Regression #14649: PHP error with One.com Dynamic DNS provider: https://redmine.pfsense.org/issues/14558
Could DoH support help with this? Jonathan Lee
03:52 PM Regression #14649: PHP error with One.com Dynamic DNS provider: confirmed and reproduced on:
Version 2.7.0-RELEASE (amd64)
built on Wed Jun 28 03:53:34 UTC 2023
FreeBSD 14.0-CURR... Georgiy Tyutyunnik
01:05 PM Regression #14649 (Resolved): PHP error with One.com Dynamic DNS provider: Tested on ... Lev Prokofev
06:00 PM pfSense Packages Bug #14498: php errors when looking at snort active rules: [04-Aug-2023 09:30:42 US/Pacific] PHP Fatal error: str_ireplace(): Cannot use output buffering in output buffering d... Jonathan Lee
04:36 PM pfSense Packages Bug #14498: php errors when looking at snort active rules: @Christopher Cope
I have tested your patch attached here. Strip level 2
set to 512mb
Hover I am still getting... Jonathan Lee
03:37 PM pfSense Packages Bug #14498: php errors when looking at snort active rules: Amazing, thanks for sharing I appreciate you. Jonathan Lee
04:37 PM pfSense Packages Feature #13575 (In Progress): Update to frr 9.0.1: This appears to be functioning OK for the most part but it isn't building with the SNMP option enabled yet. There is ... Jim Pingle
03:16 PM pfSense Packages Bug #12899: Suricata doesn't honor Pass List: I've also experienced this for quite awhile. I created an alias for a vendor and added all IP addresses and ranges kn... tasty ratz
06:23 AM pfSense Packages Feature #14032: Neighbor Discovery Proxy (NDproxy): NDProxy is the only way we have been able to get IPv6 working for our company network, and that have been possible on... Filippo Tessarotto

08/03/2023

10:05 PM pfSense Packages Regression #14189: pfBlocker-NG: HA-Sync is not working: Related: "Sync to configured backup server" option does not allow to Save without an IP address in the target below.
... dylan mendez
08:09 PM pfSense Packages Regression #14189: pfBlocker-NG: HA-Sync is not working: Patch to fix the typo was posted at https://forum.netgate.com/post/1108304 Steve Y
08:57 PM pfSense Packages Feature #13575 (Feedback): Update to frr 9.0.1: Merged https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/350 Marcos M
07:49 PM pfSense Packages Feature #14625: Add NTP Screens to LCDPROC: The installed packages Widget did not show there was a new package. Package manage did, but that was when it failed.... Elvis Impersonator
07:35 PM pfSense Packages Feature #14625: Add NTP Screens to LCDPROC: Probably best to move it to the forum then, there may be something that needs fixed on your system, but it's not a ge... Jim Pingle
07:34 PM pfSense Packages Feature #14625: Add NTP Screens to LCDPROC: checked branch and it set correctly
Elvis Impersonator
07:31 PM pfSense Packages Feature #14625: Add NTP Screens to LCDPROC: No issues installing or upgrading it here. Make sure the update branch is set to the appropriate version that matches... Jim Pingle
07:15 PM pfSense Packages Feature #14625: Add NTP Screens to LCDPROC: @jimp
new LCDPROC package will not install
WARNING: Current pkg repository has a new PHP major
version. pfSens... Elvis Impersonator
06:36 PM pfSense Packages Feature #14625 (Feedback): Add NTP Screens to LCDPROC: Merged in LCDProc package version 0.11.5 Jim Pingle
06:38 PM Feature #14448 (Resolved): Support interface groups in firewall rule source/destination fields: Marcos M
03:43 PM pfSense Docs New Content #14647: Add a note for ixgbe linking at NBase-T: N.B. They will need to check the current value and add the desired value to it. Support varies by NIC/Chip/SFP/etc. S... Jim Pingle
03:22 PM pfSense Docs New Content #14647: Add a note for ixgbe linking at NBase-T: The sysctl that needs to be set is: dev.ix.X.advertise_speed
So for example set dev.ix.3.advertise_speed=0x1b to a... Steve Wheeler
12:39 PM Bug #14648: Values obtained from ``sysctl`` are sometimes unexpectedly empty, leading to PHP and other math errors: Normally I'd say we could just change the lines there to cast to @int@ but I'm curious why it fails to automatically ... Jim Pingle
11:18 AM Bug #14648 (Feedback): Values obtained from ``sysctl`` are sometimes unexpectedly empty, leading to PHP and other math errors: In 23.05.1:... Steve Wheeler
11:31 AM pfSense Packages Feature #9141: FRR xmlrpc: In simple setups like mine I believe having the same BGP configuration on both Primary and Secondary members is what ... Adrian Dascalu

08/02/2023

11:26 PM Feature #14640 (Pull Request Review): Extend support for SCTP in firewall and NAT rules: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1056 Marcos M
10:01 PM pfSense Docs New Content #14647 (Resolved): Add a note for ixgbe linking at NBase-T: The ixgbe driver in 23.01/2.7 recognises link speeds of 2.5G and 5G and can be set to use them as fixed speeds.
How... Steve Wheeler
07:25 PM Bug #14646 (Feedback): OpenVPN can select the wrong interface IP address when multiple addresses are present: Applied in changeset commit:340aa54839a5b3a8fb74b66919511cebb307bb57. Jim Pingle
07:14 PM Bug #14646 (Resolved): OpenVPN can select the wrong interface IP address when multiple addresses are present: If there are multiple IP addresses and VIPs on an interface, OpenVPN can unintentionally select the wrong address.
... Jim Pingle
07:14 PM Revision 340aa548: Correct OpenVPN if IP addr code. Fixes #14646: Jim Pingle
06:28 PM pfSense Packages Bug #14645 (Resolved): Snort interface "External Net" (EXTERNAL_NET) custom IP list should have negation when expanded: Hello,
I'm not really good with Snort but all my search results confirm that it is common to have @EXTERNAL_NET@ c... Dzmitry Kazei
05:52 PM Revision e4bba4ab: "OpenVPN clients" is not a valid rule src/dst, remove it.: Marcos M
04:59 PM Revision 35abdef2: Revert "services_dhcp_relay.php: introduce proper shortcut section for dhcrelay": This reverts commit 834bb946dd952f1d7a59e131d6b265cc82b7837d. Christian McDonald
04:58 PM Revision f137d9cd: Revert "services_dhcp.php: cleanup warning notice when DHCP relay is enabled": This reverts commit 564905382d696ef80b45e7552f4fdc502a7d2053. Christian McDonald
04:29 PM Revision e9995ff3: Revert "services_dhcp.php: just hide relay-enabled interfaces": This reverts commit 7a1d5e27022fb7183e8a7b17b5514169cbd7ecc7. Christian McDonald
04:28 PM Revision 3fa4d6fe: Revert "dhcp: support simultaneous v4 dhcpd and dhcrelay, Implements #14620": This reverts commit e9577ebfd7852646a66697a3bde41b712687a4ca. Christian McDonald
01:17 PM Bug #14634: The default gateway icon is not updated when the default gateway is changed to none: This looks likely to be the same cause as this: https://redmine.pfsense.org/issues/14171#note-3
The command used f... Steve Wheeler
12:01 PM pfSense Packages Bug #14644 (Not a Bug): Zeek PHP error after upgrade to CE 2.7.0: First login after upgrading to 2.7.0, a couple of PHP error notices are shown, one of them related to Zeek:
@PHP E... e 1/1
12:00 PM pfSense Packages Bug #14643 (Not a Bug): Suricata PHP error after upgrade to CE 2.7.0: First login after upgrading to 2.7.0, a couple of PHP error notices are shown, one of them related to Suricata:
@P... e 1/1
04:16 AM Bug #12079: Kernel panic when running IGMP Proxy: Sleeping thread owns a non-sleepable lock: Awesome Kristof, I'll be happy to test it.
Could you briefly explain how to apply the patch?
I'm on CE 2.7.0 and ... Arturo de Vries

08/01/2023

10:47 PM Feature #14640 (In Progress): Extend support for SCTP in firewall and NAT rules: Marcos M
06:29 PM Feature #14640 (Resolved): Extend support for SCTP in firewall and NAT rules: As of 47d0c1fe7d3279e9d38df75cf0c359b1fbc26d5e (on devel-main) pf has improved SCTP support. It can now filter on SCT... Kristof Provost
10:21 PM pfSense Packages Feature #13575: Update to frr 9.0.1: Tested in 23.09 by running:... Marcos M
08:06 PM pfSense Packages Feature #14642 (New): nfsen-nfdump intergration: Can we get nfdump/nfsen package integrated within pfsense? Have sflow send data to nfsen. The built-in collector woul... Mike Moore
07:29 PM Todo #1521: Multipath Routing GUI Support: See also: #9545, #14641 Jim Pingle
07:28 PM Todo #1521: Multipath Routing GUI Support: As of Plus 23.05.1 and CE 2.7.0, the OS supports multipath routing (i.e. ECMP).
However, outside of FRR, there isn... Jim Pingle
07:29 PM Feature #9545: Enable Multipath Routing in the Kernel: See also: #1521, #14641 Jim Pingle
06:44 PM Feature #9545 (Resolved): Enable Multipath Routing in the Kernel: From our local testing here on Plus (23.05.1, 23.09 snaps) and CE (2.7.0, 2.8.0 snaps), with both static and BGP it a... Jim Pingle
07:28 PM pfSense Docs New Content #14641: Add content about multipath routing: See also: #1521, #9545 Jim Pingle
07:07 PM pfSense Docs New Content #14641 (Resolved): Add content about multipath routing: Now that the OS supports multipath routing it should be covered in the docs were appropriate.
See #9545 for notes/... Jim Pingle
07:25 PM pfSense Packages Feature #14625: Add NTP Screens to LCDPROC: Round 3
https://github.com/pfsense/FreeBSD-ports/pull/1278
Elvis Impersonator
06:52 PM Revision c76dadcc: Add Next Hop info to status output: Jim Pingle
04:11 PM Regression #14431: Sending IPv6 traffic on a disabled interface can trigger a kernel panic: Is Tailscale also in play here? I've trying and failing to reproduce this again. No matter what I try to do, I simply... Kristof Provost
03:20 PM Bug #14577: OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``: Until the referenced functionality is added upstream, floating client support will need to be disabled if avpair rule... Marcos M
02:28 PM Bug #14577: OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``: I have to disagree that they are a cosmetic issue.
This issue was originally discovered via the following:
1. A n... Michael Mercier
11:21 AM pfSense Docs Correction #14639 (Resolved): Multiple email address notification: https://docs.netgate.com/pfsense/en/latest/config/advanced-notifications.html#smtp-e-mail
Please add a note about ... Mike Moore
04:54 AM pfSense Packages Bug #14638 (Closed): Upgrading from Tailscale 0.1.3.1 to 0.1.4 does not start tailscale after upgrading: After upgrading Tailscale from 0.1.3.1 to 0.1.4, Tailscale was not running according to the status page.
I was abl... R W

07/31/2023

08:41 PM Bug #14577 (Needs Patch): OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``: The duplicate rules listed with @pfanchordrill@ are a cosmetic issue - see #14637.
As for the files that aren't be... Marcos M
08:33 PM Bug #14637 (Pull Request Review): PHP shell script ``pfanchordrill`` shows duplicate anchor content: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1054
For future reference, @pfctl -vsA@ loops through L3... Marcos M
08:31 PM Bug #14637 (Resolved): PHP shell script ``pfanchordrill`` shows duplicate anchor content: ... Marcos M
07:55 PM Regression #14635 (Feedback): "Legacy" strength PKCS#12 Export needs ``-legacy`` provider parameter on OpenSSL command: Applied in changeset commit:9b9eaaeaa6cfa87c1320687836496d316aac61ef. Jim Pingle
07:47 PM Regression #14635: "Legacy" strength PKCS#12 Export needs ``-legacy`` provider parameter on OpenSSL command: Export package issue: #14636 Jim Pingle
07:44 PM Regression #14635 (Resolved): "Legacy" strength PKCS#12 Export needs ``-legacy`` provider parameter on OpenSSL command: On current dev snapshots with OpenSSL 3.0, the "Legacy" strength PKCS#12 export (RC2-40+SHA1) is unsupported by defau... Jim Pingle
07:48 PM Revision 9b9eaaea: Allow legacy PKCS#12 export to function (for now). Fixes #14635: Jim Pingle
07:47 PM pfSense Packages Regression #14636 (Resolved): "Legacy" strength PKCS#12 Export needs ``-legacy`` provider parameter on OpenSSL command: See #14635 for details.
The export package will need a change similar to that one from #14635 but it will need to ... Jim Pingle
07:30 PM Bug #14634 (Confirmed): The default gateway icon is not updated when the default gateway is changed to none: Link to the discussion in question: https://forum.netgate.com/topic/180684/bug-in-default-gateway-selection
As des... Fabiano B. Franco
07:19 PM Feature #9545: Enable Multipath Routing in the Kernel: Jim Pingle wrote in #note-16:
> Turns out it's already enabled in the current builds. FRR without the "multipath" op... Chris Baker
06:54 PM Bug #13423 (Feedback): IPv6 neighbor discovery protocol (NDP) fails in some cases: Lets wait until we get more real-world testing to call it completely resolved. Jim Pingle
06:53 PM Bug #13423 (Resolved): IPv6 neighbor discovery protocol (NDP) fails in some cases: I was able to reliably reproduce this before, and can no longer reproduce it with the fix. Marcos M
06:50 PM Bug #13423: IPv6 neighbor discovery protocol (NDP) fails in some cases: I upgraded my edge to a dev snap with the fix and so far, so good. Everything across the board is green in my lab for... Jim Pingle
06:39 PM Bug #14619 (Resolved): Rule separators are ordered incorrectly after removing rules in certain positions: Original issue is now fixed, and all test cases referenced in the attachments of #9887 pass as well; separators in th... Marcos M
05:40 PM Bug #14619 (Feedback): Rule separators are ordered incorrectly after removing rules in certain positions: Applied in changeset commit:8a12728da23fc7cb654cec4a97670ef2b6dfb239. Marcos M
06:00 PM Regression #14616: dpinger does not start after renewing DHCP: Kris Phillips wrote in #note-1:
> Hello,
>
> Is there no default route defined when you go to Diagnostics --> Rou... Maternal Pause
03:12 PM Regression #14616: dpinger does not start after renewing DHCP: You can edit the "/conf/config.xml" file under "<system>" and add a new line with "<route-debug></route-debug>" to ge... Kyouko M
05:45 PM Feature #14448 (Feedback): Support interface groups in firewall rule source/destination fields: Applied in changeset commit:9fbd5798a3d76b36e6cc37debc5a37d382977a78. Marcos M
05:32 PM Revision abc9d914: Refactor translation target for outbound NAT: Marcos M
05:32 PM Revision feefe2c3: Refactor display of special networks: Marcos M
05:32 PM Revision 9fbd5798: Allow use of interface groups in firewall rule source/destination fields. Implement #14448: Marcos M
05:32 PM Revision ccf3b257: Refactor usage of special networks: Pre-requisite for easier implementation of interface group in firewall rules. Marcos M
05:30 PM Revision 8a12728d: Use the correct index when saving rule separators. Fix #14619: Also fix displaying rule separators with an out of range index. Marcos M
04:46 PM pfSense Packages Feature #14625: Add NTP Screens to LCDPROC: Tested files attached Elvis Impersonator
04:44 PM pfSense Packages Feature #14625: Add NTP Screens to LCDPROC: Updated PR
https://github.com/pfsense/FreeBSD-ports/pull/1277 Elvis Impersonator
02:53 PM pfSense Packages Feature #14625 (Pull Request Review): Add NTP Screens to LCDPROC: Jim Pingle
04:08 PM pfSense Packages Feature #14633: Cleanup states on dynamic routing changes: The scripting hook described at https://docs.frrouting.org/en/latest/scripting.html seems promising. If nothing else ... Jim Pingle
03:59 PM pfSense Packages Feature #14633: Cleanup states on dynamic routing changes: This is specific to FRR, so I moved it to the FRR package.
Base system routing changes of this nature are already ... Jim Pingle
03:57 PM pfSense Packages Feature #14633 (Feedback): Cleanup states on dynamic routing changes: Currently, with FRR, dynamic routing changes does not cleanup old firewall states causing traffic to flow incorrectly... Christopher de Haas
03:46 PM Regression #14502: DHCPv6 Prefix Delegation (PD) not installing routes: For another confirmation point, I upgraded my edge to 23.09 dev snapshots and dhcpleases6 is running and I have route... Jim Pingle
03:43 PM pfSense Packages Feature #14629: Add option control LCDProc ``syslog`` behavior: Worth noting that the old hardcoded default was level 3. When I added the option I made the new default level 2 to al... Jim Pingle
03:18 PM pfSense Packages Feature #14629 (Feedback): Add option control LCDProc ``syslog`` behavior: Added in LCDProc package v0.11.4_2 which is building now and will be available shortly.
Jim Pingle
03:28 PM Revision 7a1d5e27: services_dhcp.php: just hide relay-enabled interfaces: Christian McDonald
02:36 PM pfSense Packages Bug #14627: FRR prefix list creation failure: The validation could use some work but it's not completely broken as-is, it can be worked around.
If you enter the... Jim Pingle
02:25 PM Bug #14261: Trim white space in a DHCP Leases page search field: I'm not sure I agree this is a problem exactly as stated. Sometimes I may want to search for a specific string that s... Jim Pingle
01:52 PM Bug #14622 (Not a Bug): Special characters can cause the CDATA tags to be stripped during HA Sync: I can't duplicate this as stated in any case. I can create a user with a full name of "Tést" and it synchronizes with... Jim Pingle
10:56 AM Bug #14622: Special characters can cause the CDATA tags to be stripped during HA Sync: Upon further testing we found the following:
Accented characters (or an apostrophe for that matter too) present in... Udo Llorens
10:20 AM Bug #14622: Special characters can cause the CDATA tags to be stripped during HA Sync: Tested on... Udo Llorens
01:43 PM pfSense Packages Feature #14630: FRR script hook for clearing states on routing changes: If such extensions were possible those would require developing new features to accommodate them, adding the new func... Jim Pingle
01:32 PM pfSense Packages Feature #14630: FRR script hook for clearing states on routing changes: Hi Jim,
Thanks for responding to this quickly, and thanks for the floating-rule idea. I get that it can help mitigat... Christopher de Haas
12:34 PM pfSense Packages Feature #14630 (Not a Bug): FRR script hook for clearing states on routing changes: There is no event or mechanism by which that situation could be identified and acted upon.
If it were a built-in W... Jim Pingle
05:55 AM pfSense Packages Feature #14630 (New): FRR script hook for clearing states on routing changes: I have been chasing an issue of dropped traffic, and finally found the issue. A client is repeatedly sending traffic ... Christopher de Haas
12:48 PM Bug #14624 (Not a Bug): DNS Lookup tool doesn't respect 'DNS Resolution Behavior: Use local, ignore remote' when DoT is configured: That page uses several different techniques to function and some do not use the local resolver directly. For example,... Jim Pingle
12:29 PM pfSense Packages Feature #14632 (Rejected): Add flock pacakage to pfsense repository: There isn't nearly enough information here. Do you mean the @sysutils/flock@ port from FreeBSD? Or something else?
... Jim Pingle
11:50 AM pfSense Packages Feature #14632 (Rejected): Add flock pacakage to pfsense repository: i would like to use flock with cron jobs
Thanks Richard Horvath
12:24 PM Bug #14628: PPPoE Interface Panic: Looking at the end of the message buffer there were a lot of interface link transitions up/down on a PPPoE interface ... Jim Pingle
12:15 PM pfSense Packages Bug #14484 (Resolved): lldpd php error on saving with no interface selected: Jim Pingle
12:14 PM Bug #14626: Multi-WAN IPsec does not fail over when preferred WAN loses link: Thomas Simon wrote in #note-3:
> Hi Kris. thanks for the quick response. Yes, attempting. However on the failed WAN ... Jim Pingle
07:53 AM pfSense Packages Feature #14468: pass along ntopng professional license key: Hi, I thought I was the only one with this issue. I need to install my NTOPNG Pro license on Ver 23.05.1 but even if ... Russ Reynolds
06:48 AM Bug #14631 (Duplicate): ACL on DNS Resolver is not updated list after IPs changed on interfaces: ACL on DNS Resolver is not updated list after IPs changed on interfaces.
How to repruduce:
1. Create new interface
... aleksei prokofiev

07/30/2023

10:36 PM Bug #14604: Bugs in dhclient implementation according to RFC 2131: I will look at this, as I’m currently doing a lot of DHCP work at the moment.
(We are also looking at moving to dh... Christian McDonald
09:27 PM Bug #14604: Bugs in dhclient implementation according to RFC 2131: Reported upstream in https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=272827, turns out dhclient needs some updating... Nazar Mokrynskyi
07:53 PM Bug #14626: Multi-WAN IPsec does not fail over when preferred WAN loses link: Kris Phillips wrote in #note-2:
> Thomas Simon wrote in #note-1:
> > Thomas Simon wrote:
> > > Hi
> > >
> > > I have... Thomas Simon
12:02 AM Bug #14626: Multi-WAN IPsec does not fail over when preferred WAN loses link: Thomas Simon wrote in #note-1:
> Thomas Simon wrote:
> > Hi
> >
> > I have a site to site to vpn over ipsec betw... Kris Phillips
12:41 PM pfSense Packages Feature #14629: Add option control LCDProc ``syslog`` behavior: Another options might be to allow changing the log level
ReportLevel=3
ReportLevel = LEVEL
Sets the reporting lev... Elvis Impersonator
11:06 AM pfSense Packages Feature #14629 (Resolved): Add option control LCDProc ``syslog`` behavior: Currently there is no way via the package config GUI to disable messages getting written to the /var/log/system.log.... Elvis Impersonator
10:48 AM pfSense Packages Bug #14572: Unused DNSBL files may not be removed: Hi,
this is stable branch.
Jove Too
01:17 AM pfSense Packages Bug #14572: Unused DNSBL files may not be removed: Hello,
Is this with the devel or stable branch of pfBlockerNG? Kris Phillips
06:59 AM Bug #14628 (New): PPPoE Interface Panic: Hi,
I recently upgraded from 2.7 CE to 23.05 Plus version for my home network. But it keeps crashing after 2,3 day... Faisal Mahmood
02:02 AM pfSense Packages Bug #14287 (Feedback): pfBlockerNG does not uninstall cleanly when using RAM disks: I'm no longer able to recreate this in 23.05.1. If someone else can also confirm no more issues, we can mark this as... Kris Phillips
01:59 AM pfSense Packages Feature #14447 (In Progress): Update haproxy from 2.6 to 2.8 lts: HAProxy 2.8.1 is in the stable package in 23.09 of Plus.
Current version in 23.05.1 is 2.2.29. Kris Phillips
12:04 AM Regression #14616: dpinger does not start after renewing DHCP: Hello,
Is there no default route defined when you go to Diagnostics --> Routes? Kris Phillips

07/29/2023

10:13 PM Bug #14261 (Pull Request Review): Trim white space in a DHCP Leases page search field: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1053 Christopher Cope
07:46 PM Feature #14620: Support running DHCPv4 Server and DHCPv4 Relay at the same time on different interfaces: DHCPv4 Relay is available on interface that does not run DHCP .
2.8.0.a.20230728.0600 Alhusein Zawi
06:03 PM pfSense Packages Bug #14484: lldpd php error on saving with no interface selected: confirmed, now working with lldpd 0.9.11_2 Jordan G
12:30 PM pfSense Packages Bug #14484: lldpd php error on saving with no interface selected: Tested on 23.05.1 and 2.7.0 ... aleksei prokofiev
04:53 PM pfSense Packages Bug #14627: FRR prefix list creation failure: The same behavior is on FRR v1.2_3 Lev Prokofev
04:40 PM pfSense Packages Bug #14627 (New): FRR prefix list creation failure: If you try to create a Prefix List with multiple Prefix List Entries and you check the checkbox Any in the last row, ... Danilo Zrenjanin
03:23 PM Bug #14626: Multi-WAN IPsec does not fail over when preferred WAN loses link: Thomas Simon wrote:
> Hi
>
> I have a site to site to vpn over ipsec between HO and a branch office. Now i have g... Thomas Simon
03:20 PM Bug #14626 (Resolved): Multi-WAN IPsec does not fail over when preferred WAN loses link: Hi
I have a site to site to vpn over ipsec between HO and a branch office. Now i have got added one more WAN conne... Thomas Simon
03:03 PM pfSense Packages Feature #14625 (Feedback): Add NTP Screens to LCDPROC: updated the lcdproc_client.php and lcdproc_screens.php to include NTP screen
https://github.com/pfsense/FreeBSD-po... Elvis Impersonator
08:25 AM pfSense Packages Bug #14275 (Resolved): Deleting a route map that is assigned to an active neighbor causes crash: Tested against FRR Package v1.3.
It's fixed.
I am marking this ticket resolved. Danilo Zrenjanin
08:00 AM pfSense Packages Regression #14561 (Resolved): FRR errors accessing Global Settings after deleting BGP neighbor: Tested against FRR Package v1.3.
It's fixed.
I am marking this ticket resolved. Danilo Zrenjanin
07:56 AM pfSense Packages Bug #14562 (Resolved): PHP error when trying to run OSPF and BGP in the same time: Tested against FRR Package v1.3. It's fixed.
I am marking this ticket resolved. Danilo Zrenjanin
04:58 AM pfSense Packages Regression #14494 (Resolved): FRR,PHP errors when deleting AS-path: No more errors with the 1.3 package, marked it resolved. Lev Prokofev
04:53 AM pfSense Packages Regression #14493 (Resolved): FRR,PHP errors when deleting neighbor: No more errors, with the 1.3 package, marked it resolved. Lev Prokofev

07/28/2023

11:00 PM Bug #14624: DNS Lookup tool doesn't respect 'DNS Resolution Behavior: Use local, ignore remote' when DoT is configured: Will also say that I'm unsure if this is of significance or just due to my lack of understanding on what the GUI is a... Chris W
11:00 PM Bug #14624 (Not a Bug): DNS Lookup tool doesn't respect 'DNS Resolution Behavior: Use local, ignore remote' when DoT is configured: When DoT is configured according to https://docs.netgate.com/pfsense/en/latest/recipes/dns-over-tls.html, the DNS Loo... Chris W
10:17 PM Regression #14623 (Resolved): Primary interface address is incorrectly set to the last address on the interface: The fixes for #11545 seem to have introduced another regresssion when finding the primary interface address.
My WA... Ajay Easter
09:30 PM Bug #14622 (Not a Bug): Special characters can cause the CDATA tags to be stripped during HA Sync: Tested on... Christopher Cope
08:46 PM pfSense Packages Bug #14606 (Resolved): Deleting Last BFD Profile in FRR Package Causes PHP Fatal Error: Jim Pingle
08:30 PM pfSense Packages Bug #14606: Deleting Last BFD Profile in FRR Package Causes PHP Fatal Error: Jim Pingle wrote in #note-4:
> Fixed in FRR Package v1.3, which is building now and will be available shortly.
I ... Bill Hughes
05:44 PM pfSense Packages Bug #14606 (Feedback): Deleting Last BFD Profile in FRR Package Causes PHP Fatal Error: Fixed in FRR Package v1.3, which is building now and will be available shortly. Jim Pingle
05:46 PM pfSense Packages Bug #14275 (Feedback): Deleting a route map that is assigned to an active neighbor causes crash: This should be fixed in FRR Package v1.3, which is building now and will be available shortly. Jim Pingle
05:44 PM pfSense Packages Regression #14493 (Feedback): FRR,PHP errors when deleting neighbor: Fixed in FRR Package v1.3, which is building now and will be available shortly. Jim Pingle
05:44 PM pfSense Packages Regression #14494 (Feedback): FRR,PHP errors when deleting AS-path: Fixed in FRR Package v1.3, which is building now and will be available shortly. Jim Pingle
05:44 PM pfSense Packages Regression #14561 (Feedback): FRR errors accessing Global Settings after deleting BGP neighbor: Fixed in FRR Package v1.3, which is building now and will be available shortly. Jim Pingle
05:44 PM pfSense Packages Bug #14562 (Feedback): PHP error when trying to run OSPF and BGP in the same time: Fixed in FRR Package v1.3, which is building now and will be available shortly. Jim Pingle
04:56 PM Bug #14619 (Pull Request Review): Rule separators are ordered incorrectly after removing rules in certain positions: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1052 Marcos M
04:56 PM Bug #14621 (Pull Request Review): Rule separators are hidden when their index is greater than the number of rules: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1052 Marcos M
04:55 PM Bug #14621 (Resolved): Rule separators are hidden when their index is greater than the number of rules: When the rule separator index is greater than the number of rules on the page, it is not displayed. Marcos M
04:50 PM Todo #12762 (Feedback): Clarify that the IPsec keep alive check option ignores Child SA Start Action: Applied in changeset commit:56f0a8361c1a73266a93a20b0a3a7566ebfe164a. Marcos M
04:42 PM Revision 56f0a836: Clarify IPsec Keep Alive description. Fix #12762: Marcos M
03:53 PM Feature #14448: Support interface groups in firewall rule source/destination fields: tested on:
Version 2.7.0-RELEASE (amd64)
built on Wed Jun 28 03:53:34 UTC 2023
FreeBSD 14.0-CURRENT
Version 2... Georgiy Tyutyunnik
01:11 PM Bug #14216: ntopng causes OpenVPN server errors 'error - IP packet with unknown IP version=15 seen' when OpenVPN server interface is selected: I can not reproduce it. Tested on 2.7.0 ... aleksei prokofiev
11:45 AM Bug #12079 (Feedback): Kernel panic when running IGMP Proxy: Sleeping thread owns a non-sleepable lock: I've committed that patch and picked it to our branches. It'll be part of the next snapshot build. Kristof Provost
02:41 AM Bug #14083: Adding MSS and MTU values on a LAGG VLAN interface breaks connectivity: Tested this on the Netgate 3100 and it appears to be isolated to only the 7100. Setting an MTU on LAN while using or... Kris Phillips

07/27/2023

10:41 PM Bug #14619 (In Progress): Rule separators are ordered incorrectly after removing rules in certain positions: Marcos M
05:44 PM Bug #14619: Rule separators are ordered incorrectly after removing rules in certain positions: There were some recent changes made here in #9887 that fixed some other scenarios Jim Pingle
05:39 PM Bug #14619 (Resolved): Rule separators are ordered incorrectly after removing rules in certain positions: Steps to reproduce:
# Create three rules, and a separator between the second and third rule.
# Select the first two... Marcos M
10:31 PM Bug #14617 (Closed): Package updates fail over IPv6: Closing - this is now resolved. We identified the issue which is being tracked internally, thank you for reporting it. Marcos M
06:22 PM Bug #14617 (Confirmed): Package updates fail over IPv6: Tested on 2.7. The fetch does fall back to IPv4, but it does take several minutes for IPv6 to time out:... Marcos M
03:30 PM Bug #14617 (Closed): Package updates fail over IPv6: Hello,
As of right now, the host that pfSense connects to check upgrades (pkg00-atx.netgate.com [2610:160:11:18::2... Spike R.D.
09:30 PM Feature #14620 (Feedback): Support running DHCPv4 Server and DHCPv4 Relay at the same time on different interfaces: Applied in changeset commit:e9577ebfd7852646a66697a3bde41b712687a4ca. Christian McDonald
08:35 PM Feature #14620: Support running DHCPv4 Server and DHCPv4 Relay at the same time on different interfaces: This also introduces shortcut service status specific to dhcrelay Christian McDonald
08:34 PM Feature #14620: Support running DHCPv4 Server and DHCPv4 Relay at the same time on different interfaces: !clipboard-202307271633-rlqtx.png! Christian McDonald
08:27 PM Feature #14620 (Assigned): Support running DHCPv4 Server and DHCPv4 Relay at the same time on different interfaces: Christian McDonald
09:24 PM Revision e9577ebf: dhcp: support simultaneous v4 dhcpd and dhcrelay, Implements #14620: Christian McDonald
08:12 PM Regression #14502 (Resolved): DHCPv6 Prefix Delegation (PD) not installing routes: Christian McDonald
11:30 AM Regression #14502: DHCPv6 Prefix Delegation (PD) not installing routes: tested on
Version 2.7.0-RELEASE (amd64)
built on Wed Jun 28 03:53:34 UTC 2023
FreeBSD 14.0-CURRENT
Version 23.... Georgiy Tyutyunnik
08:00 PM Revision 30b8b63a: Disable frr 8 build options for the moment.: SNMP is broken, MULTIPATH may be unnecessary. Jim Pingle
05:55 PM Bug #14083: Adding MSS and MTU values on a LAGG VLAN interface breaks connectivity: Other behavior notes:
If you run an ifconfig lagg0 from shell, the lagg will show up and both of the ix interfaces... Kris Phillips
05:43 PM Bug #14083: Adding MSS and MTU values on a LAGG VLAN interface breaks connectivity: Just ran into this with another customer running 23.05.1 on a 7100. Adding an <mtu> value to any interface on the sw... Kris Phillips
05:27 PM Feature #14448: Support interface groups in firewall rule source/destination fields: Tested on ... Lev Prokofev
05:20 PM Feature #9545 (Feedback): Enable Multipath Routing in the Kernel: Turns out it's already enabled in the current builds. FRR without the "multipath" option allows 16 duplicate routes, ... Jim Pingle
04:50 PM Todo #12762 (Pull Request Review): Clarify that the IPsec keep alive check option ignores Child SA Start Action: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1051 Marcos M
04:39 PM Bug #14618 (Rejected): vpn routing: There isn't enough detail there to claim this is a bug and not a problem in your configuration. It may have worked in... Jim Pingle
04:37 PM Bug #14618 (Rejected): vpn routing: Pfsense 2.7.0. automatic add route on vpn is bugged, the os add only first ovpnc.
I downgrade to 2.6.0 with the sa... Pier Federico Flamigni
02:23 PM pfSense Plus Regression #14171: High Availability Setup with Gateway to secondary pfSense not working - No Internet: I tested this behavior in a default install, I hope it wasn't bad form to open another ticket, but I wanted to separa... Maternal Pause
02:12 PM Regression #14616 (Resolved): dpinger does not start after renewing DHCP: Default install on 2.7
WAN is on VLAN 201 of vtnet0 (vtnet0.201) vtnet0 is not assigned.
LAN on vtnet1
Creat... Maternal Pause
12:20 PM Bug #12079: Kernel panic when running IGMP Proxy: Sleeping thread owns a non-sleepable lock: I believe this should also mitigate the problem: https://reviews.freebsd.org/D41209
The LOR occurs only, at least ... Kristof Provost
12:52 AM Feature #946: Allow aliases to be used to define IPsec phase 2 networks: It would be great if this could get integrated Jason Kolter
12:52 AM Bug #6799 (Pull Request Review): Negating ``<interface> net`` when a VIP exists on the interface results in unintended behavior: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1050 Marcos M

07/26/2023

07:48 PM pfSense Packages Bug #14491: FRR not starting with AgentX enabled: The FRR package is built with SNMP support but it doesn't appear to be loading the module somehow.
The vtysh CLI l... Jim Pingle
12:22 PM pfSense Packages Bug #14491: FRR not starting with AgentX enabled: Jim Pingle wrote in #note-3:
> For those hitting this error, do you have the NET-SNMP package installed and active?
... Yif Swery
12:12 PM pfSense Packages Bug #14491: FRR not starting with AgentX enabled: For those hitting this error, do you have the NET-SNMP package installed and active?
The AgentX integration is int... Jim Pingle
10:15 AM pfSense Packages Bug #14491 (Confirmed): FRR not starting with AgentX enabled: I can confirm this behavior.
Tested against:... Danilo Zrenjanin
07:44 PM Revision d2bda7c0: Set compile options for FRR 8: Jim Pingle
07:10 PM Bug #7589 (Feedback): ``diag_edit.php`` warning is not cleared after picking non-directory to load: Applied in changeset commit:8c2df62bbcd3d3f47048e9b9fededa6478a1ea14. Christopher Cope
07:04 PM Revision 8c2df62b: diag_edit.php Improvements. Fixes #7589: Christopher Cope
07:03 PM pfSense Packages Feature #14321 (Feedback): Add UPS information to LCDproc screen: I added screens for both APCUPSD and NUT to LCDProc. The option only appears (and will only work) when the correspond... Jim Pingle
06:06 PM Regression #14615 (Resolved): PHP crash during bootup with gateway monitoring enabled with custom monitor IP: https://github.com/freebsd/freebsd-src/commit/6422599e74db4bb8b47cead46760d96601d8396a Christian McDonald
04:25 PM Bug #14614 (Confirmed): Status/IPSec/Overview - sort IPSec list by description does not work: The order for sorting when using the clickable headers doesn't get honored when the table updates via AJAX. So once y... Jim Pingle
04:10 PM Bug #14614 (Confirmed): Status/IPSec/Overview - sort IPSec list by description does not work: The list page for Status/IPSec/Overview. When the description sort is selected, the list is still sorted by the ID. Y Chen
03:04 PM Bug #14613: Incorrect wireguard control panel status management: Meanwhile, in this state, although it shows that the peer is connected, it is not actually able to communicate hao zhang
02:59 PM Bug #14613 (New): Incorrect wireguard control panel status management: !clipboard-202307262256-rlh8k.png!
Wireguard can still be clicked on to start while in the boot state and is unrespo... hao zhang
02:53 PM pfSense Plus Bug #14586 (Confirmed): Adding an IP Alias VIP using a unicast CARP VIP as its parent changes the CARP VIP to multicast at the OS level: Ok, that was my bad. I've checked only the GUI status. After checking the ifconfig output, I realized that it reverts... Danilo Zrenjanin
08:10 AM pfSense Plus Bug #14586: Adding an IP Alias VIP using a unicast CARP VIP as its parent changes the CARP VIP to multicast at the OS level: I backed out my patch and rebooted. Looking at just LAN:... James George
07:42 AM pfSense Plus Bug #14586: Adding an IP Alias VIP using a unicast CARP VIP as its parent changes the CARP VIP to multicast at the OS level: Interesting, I'm definitely seeing this on 23.05.1 (just noticed I selected the wrong version in the bug - I'll fix t... James George
07:34 AM pfSense Plus Bug #14586: Adding an IP Alias VIP using a unicast CARP VIP as its parent changes the CARP VIP to multicast at the OS level: I've tested against:... Danilo Zrenjanin
12:33 PM pfSense Packages Bug #14484 (Feedback): lldpd php error on saving with no interface selected: I pushed a fix, it is building now and will be available shortly in lldpd pkg version 0.9.11_2 on Plus 23.05.1 and CE... Jim Pingle
06:41 AM pfSense Packages Bug #14484 (Confirmed): lldpd php error on saving with no interface selected: Lev Prokofev
06:41 AM pfSense Packages Bug #14484: lldpd php error on saving with no interface selected: I can reproduce it on 23.05.1, probably the "No interface selected" warning message is needed here.... Lev Prokofev
12:09 PM Bug #14600: 2.7.0 Installation error on Oracle Cloud Infrastrucutre (OCI): Nothing we can do about that, then. There must be something about that particular disk setup that isn't compatible, a... Jim Pingle
05:59 AM Bug #14600: 2.7.0 Installation error on Oracle Cloud Infrastrucutre (OCI): Hello Jim,
The screen it shows me is a little different from what the manual shows.
I attach it as pfSense_1.png.... Santiago Nunez
12:06 PM pfSense Plus Feature #14612 (Rejected): Show egress interface in firewall logs: The log entries have no concept of anything other than the interface which triggered the rule and trying to calculate... Jim Pingle
01:50 AM pfSense Plus Feature #14612 (Rejected): Show egress interface in firewall logs: As the subject states could we add egress interface within the firewall logs?
There is a column for ingress and anot... Mike Moore
09:29 AM pfSense Packages Bug #14199 (Resolved): ACME - Issue with corrupted cert: Perhaps this issue is related to the https://redmine.pfsense.org/issues/14592
I couldn't recreate any of the repo... Danilo Zrenjanin
08:09 AM Bug #14605: Dynamic DNS uses the default gateway interface instead of the specified interface: I followed the steps to reproduce the issue. However, in my case, the Dynamic DNS used the WAN2 as defined.
1. Conf... Danilo Zrenjanin
06:34 AM pfSense Packages Bug #14606 (Confirmed): Deleting Last BFD Profile in FRR Package Causes PHP Fatal Error: Lev Prokofev
06:34 AM pfSense Packages Bug #14606: Deleting Last BFD Profile in FRR Package Causes PHP Fatal Error: I can reproduce it on 23.05.1, error doesn't come if the BFD daemon is disabled, but occurs immediately when you enab... Lev Prokofev

07/25/2023

06:51 PM Revision 1daabcfd: Fix the installation of the pfSense base package with pkg -r.: Luiz Souza
06:10 PM pfSense Plus Feature #14611 (Rejected): tracking flows and added context: That's what ntop/softflowd/netflow in general are for. That sort of data storage and drill-down shouldn't be happenin... Jim Pingle
05:58 PM pfSense Plus Feature #14611 (Rejected): tracking flows and added context: pfSense does not have a cleaner way to track flows going through the firewall.
Seeing if a packet matches a rule i... Mike Moore
05:38 PM Bug #6167: IPsec IPComp not working: Renato Botelho wrote in #note-25:
> When it's fixed on FreeBSD we can import the fix and target it to a version
I... Ronald Antony
04:00 PM Feature #14610 (Closed): Add source address option to Check IP Services: Add a GUI option for Check IP Services to specify the source address - it should support gateway groups and VIPs.
... Marcos M
03:59 PM Bug #14605: Dynamic DNS uses the default gateway interface instead of the specified interface: This seems to be due to the Check IP Service using the default gateway which happens because the WANs are both RFC1918. Marcos M
03:22 PM Bug #14518: pfSense CrashLog on 2.7.0RC Upgrade: Hello Kris,
I have not been able to recreate the issue since the 1 time it occurred. The 1st machine I upgraded to... Matthew Drury
03:02 PM Bug #14609 (Resolved): Update check in GUI does not always honor the configured proxy settings: When checking for updates from **System > Update**, the function call to @update_repos()@ and @pfSense-repoc@ does no... Jim Pingle

07/24/2023

07:14 PM Bug #14577: OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``: Going back to the /tmp/<user> files.
I manually removed all the route (/tmp/<user>) files from the /tmp directory la... Michael Mercier
05:58 PM pfSense Docs Correction #14601 (Closed): Outdated mbuf reference in Squid Tuning doc: Outdated reference removed: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/de41f9b6a2bb9ac5cf4d7fffe9d10c4cd39... Jim Pingle
12:15 PM pfSense Docs Correction #14601: Outdated mbuf reference in Squid Tuning doc: That section should just be removed, it hasn't been relevant for years since the defaults were increased way beyond w... Jim Pingle
05:23 PM Bug #13423 (Feedback): IPv6 neighbor discovery protocol (NDP) fails in some cases: And that's been cherry-picked to our branches as well. Future snapshot builds will have the fix. Kristof Provost
03:47 PM Bug #13423: IPv6 neighbor discovery protocol (NDP) fails in some cases: I've pushed the fix upstream in https://cgit.freebsd.org/src/commit/?id=9c9a76dc6873427b14f6c84397dd60ea8e529d8d and ... Kristof Provost
03:46 PM Bug #13423 (Waiting on Merge): IPv6 neighbor discovery protocol (NDP) fails in some cases: Preliminary fix upstream: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=233683 Marcos M
03:55 PM Bug #6799 (In Progress): Negating ``<interface> net`` when a VIP exists on the interface results in unintended behavior: Marcos M
03:54 PM Feature #14448 (Pull Request Review): Support interface groups in firewall rule source/destination fields: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1048 Marcos M
01:12 PM Bug #14607 (Rejected): "Use remote DNS Servers, ingore local DNS" is not working properly: Can't reproduce it here, it's likely something in your setup or environment.
This site is not for support or diagn... Jim Pingle
12:51 PM Bug #14607: "Use remote DNS Servers, ingore local DNS" is not working properly: It's working fine only when disabling "DNS forwarder" and "DNS resolver" Evgeny Pankov
12:46 PM Bug #14607 (Rejected): "Use remote DNS Servers, ingore local DNS" is not working properly: Selecting "Use remote DNS Servers, ingore local DNS" takes no differ from "Use local DNS (127.0.0.1), fall back to re... Evgeny Pankov
12:05 PM Bug #14600 (Not a Bug): 2.7.0 Installation error on Oracle Cloud Infrastrucutre (OCI): Press space to select the disk for use, as described in the documentation:
https://docs.netgate.com/pfsense/en/lat... Jim Pingle
09:12 AM Regression #14569: ``bnxt(4)`` driver errors: Where do i get the 23.09 snapshot releases? David Ludvigsson
09:10 AM Regression #14569: ``bnxt(4)`` driver errors: I replaced the NICs to get online again, but ill try in a testbuild. David Ludvigsson
01:08 AM pfSense Packages Bug #14606 (Resolved): Deleting Last BFD Profile in FRR Package Causes PHP Fatal Error: To reproduce:
1. Enable BFD in FRR.
2. Create a BFD profile (only requires a profile name).
3. Delete the BFD pr... Bill Hughes

07/23/2023

08:21 PM Bug #14604: Bugs in dhclient implementation according to RFC 2131: Flole Systems wrote in #note-1:
> The ISPs understanding of the RFC is not correct. A client does not need to wait u... Nazar Mokrynskyi
08:16 PM Bug #14604: Bugs in dhclient implementation according to RFC 2131: The ISPs understanding of the RFC is not correct. A client does not need to wait up to 10 second for a response. Flole Systems
02:11 PM Bug #14604 (New): Bugs in dhclient implementation according to RFC 2131: I had issues with one of the ISPs on pfSense and after talking to their tech support and observing what is happening ... Nazar Mokrynskyi
07:55 PM Bug #14605 (Resolved): Dynamic DNS uses the default gateway interface instead of the specified interface: Steps:
# Configure a gateway group with WAN1 (tier 1) and WAN2 (tier 2), and set it as the default system gateway.
... Marcos M
09:32 AM pfSense Plus Regression #14171: High Availability Setup with Gateway to secondary pfSense not working - No Internet: I know it's not a bug but maybe this is affecting other areas since the FreeBSD route command (as of pfSense 2.7.0) b... Kyouko M
05:38 AM Bug #14603 (Duplicate): LAGG VLAN Interfaces report parent no longer exists: LAGG VLAN interfaces report parent interface no longer exists following the parent (LAGG0) being added under interfac... Jordan G
02:30 AM pfSense Plus Feature #14594: VDOM on pfsense: Kris Phillips wrote in #note-1:
> VDOM seems like a marketing rebrand for a VRF on Fortinet. TNSR currently has thi... Conor Dang
01:59 AM pfSense Plus Feature #14594: VDOM on pfsense: VDOM seems like a marketing rebrand for a VRF on Fortinet. TNSR currently has this, but pfSense Plus does not. Kris Phillips
02:04 AM pfSense Packages Bug #14504 (Incomplete): FTP_Client_Proxy package doesn't create firewall rule: Hello,
Do you mean it doesn't create a rule from the inside interface outbound for FTP traffic? If so, typically ... Kris Phillips
01:52 AM pfSense Plus Bug #14531: Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.: So I retested this today and now I'm seeing the same results with DCO enabled. The odd thing is that there is still ... Kris Phillips
01:48 AM Bug #14518: pfSense CrashLog on 2.7.0RC Upgrade: Hello Matthew,
Please test with the release of 2.7 and let us know if you're able to reproduce this issue. Kris Phillips
01:43 AM Bug #14600: 2.7.0 Installation error on Oracle Cloud Infrastrucutre (OCI): Santiago Nunez wrote in #note-1:
> should said: SPC-4 instead of 1:
>
> pass1: <ORACLE BlockVolume 1.0> Fixed Dir... Kris Phillips
01:27 AM pfSense Packages Bug #10502: LLDP spamming errors on Netgate XG-7100: still seeing this on 7100 running 23.05.1 lldpd 0.9.11_1 - set all protocol support to active, save... Jordan G
01:20 AM Bug #14473: Automatic gateway not updating after default deleted: it could be related to #12536 Alhusein Zawi
12:38 AM Bug #14473 (Confirmed): Automatic gateway not updating after default deleted: I can confirm this behavior on... Christopher Cope
12:55 AM pfSense Packages Bug #14498: php errors when looking at snort active rules: Jonathan Lee wrote in #note-16:
> @Christopher Cope
> I wanted to also take the time to message you and say I am so... Christopher Cope

07/22/2023

12:09 PM pfSense Packages Bug #14592 (Resolved): Issues with ACME Private Key handling: Danilo Zrenjanin
12:09 PM pfSense Packages Bug #14592: Issues with ACME Private Key handling: I couldn't reproduce any of the listed issues on the 0.7.5 Acme package.
I am marking this case resolved. Danilo Zrenjanin
10:59 AM pfSense Packages Bug #14596 (Confirmed): FreeRADIUS falsely shows its default is to save data during package reinstall: I can confirm this behavior.
Tested on:... Danilo Zrenjanin
07:22 AM Bug #14598 (Resolved): Link to view Captive Portal custom HTML page content does not work: The patch fixes it.
I am marking this ticket resolved. Danilo Zrenjanin
06:57 AM pfSense Packages Feature #14602: squidguard log search: Not sure if its possible to do with the package but if multiple categories are selected and the action is blocked, th... Mike Moore
06:52 AM pfSense Packages Feature #14602 (New): squidguard log search: Package > SquidGuard > Logs
The ability to search through the logs in the GUI. Right now there is no ability to do... Mike Moore
05:33 AM pfSense Docs Correction #14601 (Closed): Outdated mbuf reference in Squid Tuning doc: Performance Tweaks - https://docs.netgate.com/pfsense/en/latest/packages/cache-proxy/tune.html#performance-tweaks
... Mike Moore
12:41 AM Bug #14600: 2.7.0 Installation error on Oracle Cloud Infrastrucutre (OCI): should said: SPC-4 instead of 1:
pass1: <ORACLE BlockVolume 1.0> Fixed Direct Access SPC-4 SCSI device
... Santiago Nunez
12:35 AM Bug #14600 (Not a Bug): 2.7.0 Installation error on Oracle Cloud Infrastrucutre (OCI): I'm following this instructions to install pfSense 2.7.0 on Oracle Cloud Infrastructure
https://docs.oracle.com/en/l... Santiago Nunez

07/21/2023

07:47 PM pfSense Packages Bug #14571: PHP Error prevents LCDProc client from working properly due to empty VIP tags in config.xml: For the record, I now have an LCD with buttons and the fix I committed last week did correct the errors. Jim Pingle
07:14 PM Bug #14577: OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``: I've replicated the issue with the rules/anchors which I'll be looking at. The route file itself (/tmp/<User>) is alw... Marcos M
04:49 PM Bug #14577: OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``: As for the route files (e.g. /tmp/user100) I see the following:
1. When some users login, the file is removed duri... Michael Mercier
04:36 PM Bug #14577: OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``: Logs from when I do the steps above:... Michael Mercier
06:36 PM Bug #14290: ICMPv6 Path MTU Discovery breaks with NPT: I can confirm I also have this exact same issue on 23.05.1-RELEASE. However, It's not just when GIF tunnels are used... John S
06:17 PM Revision a30510e8: poudriere_bulk: re-add dhcpleases6 so we build it again. Fixes #14502: Christian McDonald
06:09 PM Regression #14502: DHCPv6 Prefix Delegation (PD) not installing routes: Georgiy Tyutyunnik wrote in #note-5:
> applied the patch to no effect, no routes were added for delegated prefixes
... Christian McDonald
06:05 PM Regression #14502: DHCPv6 Prefix Delegation (PD) not installing routes: applied the patch to no effect, no routes were added for delegated prefixes
tested on:
Version 2.7.0-RELEASE (amd64... Georgiy Tyutyunnik
05:45 PM pfSense Docs Correction #14599 (Rejected): Change Interface Names in TNSR Remote Office With Existing IPsec Hub to Something Else: When you search for something like "port forward" in our documentation, rather than bringing up the NAT page, it brin... Kris Phillips
02:55 PM Bug #14598 (Feedback): Link to view Captive Portal custom HTML page content does not work: Applied in changeset commit:d536506909c89b5f42e6bf1c63cf02e723b0fb72. Jim Pingle
02:38 PM Bug #14598: Link to view Captive Portal custom HTML page content does not work: Jim,
yep, I can confirm: This fix works fine!
Best,
Volker Volker Werbus
12:58 PM Bug #14598: Link to view Captive Portal custom HTML page content does not work: Looks like the regex at source:src/usr/local/www/services_captiveportal.php#L73 isn't quite right. It won't match @vi... Jim Pingle
08:17 AM Bug #14598 (Resolved): Link to view Captive Portal custom HTML page content does not work: Hi PFSense developers,
we run about 200+ locations and recently updated around 50% of the locations to 2.7.0
We... Volker Werbus
02:44 PM Revision d5365069: Fix Captive Portal view HTML link param. Fixes #14598: The way the code regex matches the parameter it needs the extra bit on
the end so it both matches the regex and gets ... Jim Pingle
02:31 PM pfSense Packages Bug #14596: FreeRADIUS falsely shows its default is to save data during package reinstall: Stated differently, it is not possible to restore FreeRADIUS settings unless one has at some point clicked the Save b... Steve Y
03:24 AM pfSense Packages Bug #14596 (Duplicate): FreeRADIUS falsely shows its default is to save data during package reinstall: forum thread: https://forum.netgate.com/topic/181594/restore-missing-freeradius-config
A new install of FreeRADIUS... Steve Y
02:09 PM Bug #14386: ``openvpn.auth-user.php`` gets stuck at 100% CPU usage when RADIUS authentication times out: I just checked my 23.05 box and I see 5 of these runaways. I guess we'll need to update to 23.05.1 to test that... Orion Poplawski
11:12 AM Bug #14386: ``openvpn.auth-user.php`` gets stuck at 100% CPU usage when RADIUS authentication times out: Can not reproduce on 23.05.1
23.05.1-RELEASE (amd64)
built on Wed Jun 28 03:57:27 UTC 2023
FreeBSD 14.0-CURRENT aleksei prokofiev
02:03 PM pfSense Packages Bug #14315 (Resolved): Routes are not exposed on Tailscale when an empty route entry exists in the GUI: Christian McDonald
11:57 AM pfSense Packages Bug #14315: Routes are not exposed on Tailscale when an empty route entry exists in the GUI: Tested on 23.05.1 and CE 2.7.0, looks like it has been fixed, I could not reproduce.
23.05.1-RELEASE (amd64)
built ... aleksei prokofiev
12:53 PM Bug #14597: Captive Portal: Allowed IPs are not working when config is inherited from earlier versions: Hi Jim,
I already did.
The difference is the entry <dir>both</dir> is missing at the allowed IP. Looks like 2.6... Volker Werbus
12:41 PM Bug #14597: Captive Portal: Allowed IPs are not working when config is inherited from earlier versions: Can you compare the @config.xml@ contents from an older entry with a new entry to see what the difference is in the r... Jim Pingle
08:13 AM Bug #14597 (New): Captive Portal: Allowed IPs are not working when config is inherited from earlier versions: Hi PFSense developers,
we are running 200+ locations with PFSense, varoius hardware, various versions. We did a ma... Volker Werbus
12:39 PM Feature #14595 (Rejected): Enable use of aliases: Those are two wildly different use cases and shouldn't be lumped into a single feature request.
Also doing so woul... Jim Pingle
11:31 AM Bug #14325: Captive Portal incorrectly allows leading zeroes on voucher roll numbers: Checked, I confirm this behavior on 23.05.1 as well.
23.05.1-RELEASE (amd64)
built on Wed Jun 28 03:57:27 UTC 2023
... aleksei prokofiev
06:35 AM Regression #14500: PHP Error when viewing Traffic Graphs in ``iftop`` mode: Can't reproduce the issue on 23.05.1 and on 23.09-DEVELOPMENT (amd64)
built on Wed Jul 19 20:12:23 UTC 2023 Lev Prokofev

07/20/2023

10:51 PM Feature #14595 (Rejected): Enable use of aliases: If possible, it’d be useful to have the ability to use aliases for DNS servers in both ‘General Setup’ and in ‘Servic... James Chambers
05:55 PM Feature #14402: Dynamic DNS support for Porkbun: PR merged, thanks! Jim Pingle
05:40 PM Feature #14402 (Feedback): Dynamic DNS support for Porkbun: Applied in changeset commit:d9d91d5df28c235baba4bfe3cc7c792037df35c2. Nita Vesa
05:32 PM Revision d9d91d5d: Add dynamic DNS support for Porkbun DNS, closes #14402: Signed-off-by: Nita Vesa <nita.vesa@elektrik.link> Nita Vesa
04:43 PM Revision 834bb946: services_dhcp_relay.php: introduce proper shortcut section for dhcrelay: Christian McDonald
04:08 PM pfSense Packages Feature #14529: eBPFShield: https://github.com/generic-ebpf/generic-ebpf
should do the job adds kernel/user space tools
Generic eBPF run... Michael Lawrence
01:54 PM Revision 56490538: services_dhcp.php: cleanup warning notice when DHCP relay is enabled: Christian McDonald
12:53 PM Bug #14590: OpenVPN server crashes when client closes connection: me me wrote in #note-2:
> > This site is not for support or diagnostic discussion.
>
> I did not ask for support.... Jim Pingle
06:38 AM Bug #14590: OpenVPN server crashes when client closes connection: > This site is not for support or diagnostic discussion.
I did not ask for support.
> If an actionable bug can ... me me
12:52 PM pfSense Packages Bug #14560 (Resolved): NRPE does not function properly on Plus 23.09 / CE 2.7.0: Jim Pingle
07:01 AM pfSense Packages Bug #14560: NRPE does not function properly on Plus 23.09 / CE 2.7.0: Tested package 4.1 on ... Lev Prokofev
09:12 AM pfSense Packages Bug #14554: PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string: I do have some customizations in unbound, but they're not connected with dhcp (private-domain, local-zone, forward-zo... Alex Kolesnik
08:51 AM pfSense Packages Bug #14554: PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string: I set up DHCP Static Mappings in the DHCP server but couldn't replicate the issue with a fresh pfBlocker installation... Danilo Zrenjanin
09:01 AM pfSense Plus Bug #14531: Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.: Can confirm if DCO is not active, the widget shows the correct graphs Lev Prokofev
07:01 AM pfSense Plus Bug #14531: Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.: The sole distinction lies in whether the DCO option was activated or deactivated on the server. ... Danilo Zrenjanin
06:59 AM pfSense Plus Bug #14531: Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.: I tested again on a VM hosted on ProxMox with the factory default config file and the OpenVPN configured through the ... Danilo Zrenjanin
08:52 AM pfSense Packages Regression #14561: FRR errors accessing Global Settings after deleting BGP neighbor: I can confirm this behavior.
This seems to be a duplicate of https://redmine.pfsense.org/issues/14493
Danilo Zrenjanin
08:12 AM pfSense Packages Bug #14553 (Resolved): Call to undefined function sync_package_filer(): Tested on the:... Danilo Zrenjanin
02:38 AM Bug #14593: Build.sh script failing while trying to rename the new php-pfSense-module: (Correction) The file is *builder_common.sh* not the build.sh Fabricio Guzzy
12:42 AM Bug #14593 (New): Build.sh script failing while trying to rename the new php-pfSense-module: Up to Version 2.6.0, the build.sh script could successfully rename the php-pfsense-module to be used with a different... Fabricio Guzzy
12:58 AM pfSense Plus Feature #14594 (New): VDOM on pfsense: I do not see this feature in any of the open requests but having a similar functionality to VDOM (virtual domain) on ... Conor Dang

07/19/2023

07:16 PM pfSense Packages Bug #14592 (Feedback): Issues with ACME Private Key handling: Commit: https://github.com/pfsense/FreeBSD-ports/commit/2b3c7e925fed1d53763e6d2eee5e5ab2289b4116
Packages are buil... Jim Pingle
06:40 PM pfSense Packages Bug #14592 (Resolved): Issues with ACME Private Key handling: There are some problems with private key handling in the ACME package that appear to have been ongoing for a while.
... Jim Pingle
07:12 PM Bug #14591: Restoring with different interfaces (partially?) applies changes before reboot: That does sound very similar but only one of my cases was using VLANs (restore from 4860 to a very temporary 2100 wit... Steve Y
07:01 PM Bug #14591: Restoring with different interfaces (partially?) applies changes before reboot: You are correct that this is unlikely to affect only plus. I've set it to pfSense. Steve was looking into this a bit ... Jim Pingle
05:27 PM Bug #14591: Restoring with different interfaces (partially?) applies changes before reboot: typo: deletes or adds _an_ interface Steve Y
05:26 PM Bug #14591 (New): Restoring with different interfaces (partially?) applies changes before reboot: Initial forum topic: https://forum.netgate.com/topic/181356/restore-issues-apply-changes-button-missing-save-does-not... Steve Y
05:05 PM Regression #14502: DHCPv6 Prefix Delegation (PD) not installing routes: Applied in changeset commit:892d939ee0473992abece201ed3d5d2bfdfd276f. Christian McDonald
05:00 PM Regression #14502 (Feedback): DHCPv6 Prefix Delegation (PD) not installing routes: Christian McDonald
05:01 PM Regression #14534 (Resolved): Cavium ``qlnxe`` / ``if_qlnxe`` driver is not present: Christian McDonald
04:59 PM Revision 892d939e: Restore and continue to support dhcpleases6 until Kea migration is complete. Fixes #14502: Christian McDonald
03:23 PM Bug #14450 (Closed): 23.05 fails to boot on Hyper-V after VM power off, workaround: Marcos M
03:00 PM pfSense Packages Bug #14585 (Closed): Fatal error editing acme certificates: Looking at the PHP code blocks you showed above, something must not have updated in your setup. Lines were added to i... Jim Pingle
12:58 PM Bug #14590 (Rejected): OpenVPN server crashes when client closes connection: This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
12:56 PM Bug #14590 (Rejected): OpenVPN server crashes when client closes connection: I have a OpenVPN server running on interface WAN2 which has a single OpenVPN client connecting to it.
The OpenVPN se... me me
12:52 PM pfSense Packages Feature #10462 (Resolved): CPU Temp Screen: Jim Pingle
12:51 PM pfSense Packages Feature #10462: CPU Temp Screen: Works well! Thank you very much! odo maitre
12:44 PM pfSense Packages Feature #10462 (Feedback): CPU Temp Screen: I didn't merge the original PR since other work on the package caused conflicts and made a lot of the changes unneces... Jim Pingle
12:51 PM pfSense Packages Bug #11509 (Closed): LCD package - not starting at boot - stop and start in Status Window not possible: This report is quite old and the package has had significant work done to it since then. Please try it again on pfSen... Jim Pingle
12:46 PM pfSense Packages Feature #14321: Add UPS information to LCDproc screen: It should be OK to add that in, but it would need to be made conditional. By that I mean the option for the screen sh... Jim Pingle
12:42 PM pfSense Packages Bug #14571 (Resolved): PHP Error prevents LCDProc client from working properly due to empty VIP tags in config.xml: The error as originally stated in this issue is solved. If you still have problems starting LCDProc, please post a ne... Jim Pingle
12:38 PM Bug #14589 (Rejected): Error in auto generated Gateways: I cannot reproduce the problem as stated. A disconnected and assigned client has an empty/undefined gateway and once ... Jim Pingle
06:30 AM Bug #14589 (Rejected): Error in auto generated Gateways: 2.7.0: When using an OpenVPN-Client and assigning an interface to it, an ipv4 gateway is auto generated with gateway ... Chris Fokkenrood
02:26 AM pfSense Packages Feature #14588 (Resolved): Add FRR diagnostic status output plugin: Since FRR is a package and the status output does not generate information for packages, it would be really helpful f... Chris Linstruth

07/18/2023

07:15 PM pfSense Packages Bug #14585: Fatal error editing acme certificates: I just edited config.xml and added actions to my items.
It worked. I immediately got access to those items in pfS... Phil Tull
05:32 PM pfSense Packages Bug #14585: Fatal error editing acme certificates: Thanks. I'm going to try this tonight.
Perfect. Phil Tull
05:01 PM pfSense Packages Bug #14585: Fatal error editing acme certificates: Phil Tull wrote in #note-6:
> ok one more question please.
> Is it possible for me to edit the live config.xml and ... Jim Pingle
04:59 PM pfSense Packages Bug #14585: Fatal error editing acme certificates: ok one more question please.
Is it possible for me to edit the live config.xml and put in the actions (presumable to... Phil Tull
04:53 PM pfSense Packages Bug #14585: Fatal error editing acme certificates: Phil Tull wrote in #note-4:
> I'm considering your suggestion to reinstall acme.
In this case I doubt it would ma... Jim Pingle
04:15 PM pfSense Packages Bug #14585: Fatal error editing acme certificates: I'm considering your suggestion to reinstall acme.
Would that require me to rebuild all my acme settings?
I wonder ... Phil Tull
04:10 PM pfSense Packages Bug #14585 (New): Fatal error editing acme certificates: OK, you mean no actions defined in the list in the cert entry -- I thought you meant they showed no action icons in t... Jim Pingle
03:41 PM pfSense Packages Bug #14585: Fatal error editing acme certificates: Yes, I'm in the config.xml and it looks perfectly normal to me. I'll attach an example entry.
Consider this...
<p... Phil Tull
02:42 PM pfSense Packages Bug #14585 (Feedback): Fatal error editing acme certificates: Sounds like you have a corrupted/incomplete certificate entry in the configuration that is leading to the errors, but... Jim Pingle
01:22 AM pfSense Packages Bug #14585 (Closed): Fatal error editing acme certificates: After updating pfSense from 2.6.0 to 2.7.0, cannot manage acme certificates IF the certificate has NO actions.
Acme ... Phil Tull
04:55 PM Bug #14587: Firewall Log Sort By Time: Brian Shell wrote in #note-2:
> Setting the logging to RFC-5424 does indeed work around the issue, thank you. I don... Jim Pingle
04:22 PM Bug #14587: Firewall Log Sort By Time: Setting the logging to RFC-5424 does indeed work around the issue, thank you. I don't have the programming skills to... Brian Shell
03:24 PM Bug #14587: Firewall Log Sort By Time: The sortable table code is usually smart enough to pick up on date fields but apparently not in this case. When the l... Jim Pingle
03:14 PM Bug #14587 (New): Firewall Log Sort By Time: When viewing the System Logs > Firewall, and trying to sort by Time with newest first, it appears the sort is working... Brian Shell
03:14 PM Bug #14579: PHP error in ``handle_wireless_post()`` when toggling some wireless interface options: The same could happen on CE, not just Plus. There are several places there for that and other settings nearby which c... Jim Pingle
03:09 PM pfSense Plus Feature #14582 (Not a Bug): Interfaces/Interface Assignments wireless MAC missing: That is intentional. Those are not wireless interfaces directly, but virtual "clones" of a wireless interface (VAPs).... Jim Pingle
03:07 PM pfSense Docs Todo #14580 (Closed): Feedback on Installing and Upgrading — Prepare Installation Media: I added a warning on https://docs.netgate.com/pfsense/en/latest/install/download-installer-image.html in two places -... Jim Pingle
02:45 PM pfSense Packages Bug #14553 (Feedback): Call to undefined function sync_package_filer(): Request merged. Jim Pingle
02:36 PM pfSense Packages Feature #14583: Add LiveKit package: In my opinion, I don't believe this package, essentially being a video conference server, is a good fit for running o... Jim Pingle
02:36 PM Bug #14576: "Convert interface definitions" option is not respected when bulk copying rules: I had apply the patch, now I can see the difference.
Fixed, thanks guys!!! Peter Moreno
01:03 PM Bug #14576: "Convert interface definitions" option is not respected when bulk copying rules: Peter Moreno wrote in #note-3:
> How to apply the patch to 2.7-Release?
> Regards!!
You can install the "System ... Jim Pingle
03:32 AM Bug #14576: "Convert interface definitions" option is not respected when bulk copying rules: How to apply the patch to 2.7-Release?
Regards!! Peter Moreno
01:00 PM Bug #14584 (Rejected): Report a Bug.: We cannot accept bug reports against past versions, only against the current release, which is either Plus 23.05.1 or... Jim Pingle
12:58 PM pfSense Packages Feature #14101 (Resolved): Add Zabbix 6.4 packages: Jim Pingle
12:57 PM pfSense Plus Bug #14531: Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.: There is likely some other configuration factor contributing here then, such as tun/tap, subnet size, topology, etc. ... Jim Pingle
12:55 PM Todo #14581 (Resolved): CE 2.7.0 release branch missing on GitHub repository: Jim Pingle
10:30 AM Todo #14581: CE 2.7.0 release branch missing on GitHub repository: Noah Jacobson wrote:
> pfSense CE 2.7.0 has been released however there is no branch for it on the public GitHub. Th... Noah Jacobson
12:22 PM Bug #14577: OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``: I have been able to reproduce the issue, some details below.
My OpenVPN server has the @Allow connected clients to... Michael Mercier
05:30 AM pfSense Plus Bug #14586 (Resolved): Adding an IP Alias VIP using a unicast CARP VIP as its parent changes the CARP VIP to multicast at the OS level: Adding IP Alias to a unicast CARP VIP results in the CARP VIP being reconfigured to multicast. Reapplying (i.e. savin... James George

07/17/2023

08:27 PM Revision d605ac4d: dhcpd: re-add devfs to dhcpd chroot (BPF needs it): Christian McDonald
08:16 PM Revision 7ddc0080: dhcpd: remove unnecessary paths from dhcpd chroot: Christian McDonald
07:22 PM Feature #14483: Conditionally reconfigure IPsec VTI interfaces only when necessary while applying IPsec changes: Just wanted to follow up to say that my testing has observed similar findings as well. Apologies for the late reply.... Mike Moore
05:56 PM Bug #14584 (Rejected): Report a Bug.: https://forum.netgate.com/topic/181585/report-a-bug
Hello everyone, thank you for accepting me I did a clean insta... e ok
04:39 PM pfSense Packages Bug #14571: PHP Error prevents LCDProc client from working properly due to empty VIP tags in config.xml: Soren Pedersen wrote in #note-7:
> @Jim Pringle:
>
> I installed the updated version of LCDProc on PFsense 2.7.0 ... Jim Pingle
04:33 PM pfSense Packages Bug #14571: PHP Error prevents LCDProc client from working properly due to empty VIP tags in config.xml: @Jim Pringle:
I installed the updated version of LCDProc on PFsense 2.7.0 and the service still refuses to start. Re... Soren Pedersen
03:32 PM Bug #14574 (Resolved): Firewall rules are not displayed properly when they reference a URL table alias and its file does not exist: Marcos M
03:14 PM pfSense Packages Feature #14583: Add LiveKit package: PR link => https://github.com/pfsense/FreeBSD-ports/pull/1273 Andrés Manelli
01:00 PM pfSense Packages Feature #14583 (Pull Request Review): Add LiveKit package: This is to add the LiveKit server as a pfSense package and configuration UI.
I created a pull request in GitHub wi... Andrés Manelli
02:45 PM pfSense Packages Regression #14445: HAProxy PHP error /usr/local/www/haproxy/haproxy_global.php:138: I'm experiencing this regression on CE 2.7 when trying to de-activate HA Proxy. If I then refresh the browser, I am a... Alex Neihaus
09:37 AM Revision dc57795c: Unset DPCRE2/SPCRE2 options for haproxy-devel: Fix build failure:
====> You cannot select multiple options from the PCRE radio
=====> Only one of th... Kristof Provost
08:06 AM pfSense Plus Bug #14005: SFP Interfaces not available with Traffic Shaper in v23.01: Hi Chris, Yes, I was booting between different snapshots v22.05 and then 23.01. The Netgates have been updated to 23.... Brendon Flint
02:27 AM pfSense Packages Bug #14532: Error is logged every time a domain in the DNSBL is temporarily unlocked or re-locked: After doing some more testing on this, I also get the results you reported, i.e., nothing gets logged to py_errors.lo... Derek Fong
02:06 AM pfSense Plus Feature #14582 (Not a Bug): Interfaces/Interface Assignments wireless MAC missing: hello fellow redmine members,
I noticed that wireless interfaces do not list their mac address. Please see attached. Jonathan Lee

07/16/2023

11:47 PM Todo #14581 (Resolved): CE 2.7.0 release branch missing on GitHub repository: pfSense CE 2.7.0 has been released however there is no branch for it on the public GitHub. The @master@ branch has al... Noah Jacobson
11:45 AM pfSense Plus Bug #13348 (Resolved): Error when deleting ZFS Boot Environment created from duplicate of non-default entry: Christian McDonald
02:45 AM pfSense Plus Bug #13348: Error when deleting ZFS Boot Environment created from duplicate of non-default entry: Tested on July 10th builds of 23.09. Following Marcos' steps, I'm not able to reproduce this bug, so looking fixed. Kris Phillips
05:41 AM pfSense Docs Todo #14580 (Closed): Feedback on Installing and Upgrading — Prepare Installation Media: *Page:* https://docs.netgate.com/pfsense/en/latest/install/prepare-installer-media.html
*Feedback:* for verifying ... Eric Kurman
02:37 AM pfSense Plus Bug #14531: Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.: I tested this with AES-128-GCM and DCO enabled and the Status --> Traffic Graphs still show traffic normally for me. ... Kris Phillips
02:27 AM Regression #14569: ``bnxt(4)`` driver errors: Hello,
Are you able to test this in the 23.09 snapshots to see if this issue is resolved? Kris Phillips
02:20 AM Bug #14579: PHP error in ``handle_wireless_post()`` when toggling some wireless interface options: Tested this on 23.09 DEVELOPMENT builds. I'm not able to reproduce this, so either something else is needed to recre... Kris Phillips
02:04 AM pfSense Packages Bug #14562: PHP error when trying to run OSPF and BGP in the same time: is there a specific configuration in OSPF/BGP? Alhusein Zawi
12:39 AM pfSense Packages Bug #14553 (Pull Request Review): Call to undefined function sync_package_filer(): Thank you for the bug report. I have tested and confirmed the issue. A merge request is created so this fix will be a... Christopher Cope

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

08/14/2023

08/13/2023

08/12/2023

08/11/2023

08/10/2023

08/09/2023

08/08/2023

08/07/2023

08/06/2023

08/05/2023

08/04/2023

08/03/2023

08/02/2023

08/01/2023

07/31/2023

07/30/2023

07/29/2023

07/28/2023

07/27/2023

07/26/2023

07/25/2023

07/24/2023

07/23/2023

07/22/2023

07/21/2023

07/20/2023

07/19/2023

07/18/2023

07/17/2023

07/16/2023