Project

General

Profile

Activity

From 12/06/2023 to 01/04/2024

01/04/2024

09:52 PM Revision 0b3052b3: Clarify function use and description
Marcos M
08:01 PM Bug #15137 (Closed): wireguard
This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Marcos M
03:17 PM Bug #15137 (Closed): wireguard
Each time I get wireguard to work. I run a speed test and pfsense Crash hard. I have to install pfsense all over..
... Mftic Mftic
07:55 PM Bug #15140 (Incomplete): Remote syslog servers on dynamically routed networks are being sent out default GW after reboot when using source IP of "lan"
OK, it's best to track that down for this report (possibly discuss further in the forums). The overall "state" issue ... Marcos M
07:25 PM Bug #15140: Remote syslog servers on dynamically routed networks are being sent out default GW after reboot when using source IP of "lan"
Marcos M wrote in #note-2:
> > While it does prevent the traffic from exiting the WAN interface, the syslog messages... James Blanton
07:06 PM Bug #15140: Remote syslog servers on dynamically routed networks are being sent out default GW after reboot when using source IP of "lan"
> While it does prevent the traffic from exiting the WAN interface, the syslog messages are still not being routed pr... Marcos M
05:04 PM Bug #15140: Remote syslog servers on dynamically routed networks are being sent out default GW after reboot when using source IP of "lan"
Pull request: https://github.com/pfsense/pfsense/pull/4665 James Blanton
04:48 PM Bug #15140 (Incomplete): Remote syslog servers on dynamically routed networks are being sent out default GW after reboot when using source IP of "lan"
Syslogd is started before any packages are started, including the FRR package. If any remote syslog servers are on a ... James Blanton
04:45 PM Feature #14765 (Rejected): DHCPv6 is limited to DUID and unable to consider IAID
Unfortunately this is not supported on ISC DHCPv6, and I've not yet seen a way to handle this on Kea.
https://kb.isc.... Marcos M
04:43 PM Bug #15127 (Feedback): ``check_dnsavailable()`` failing even when DNS is available
Fixed in commit:11b04370dda80cfe9abed42192faa51f21d30eb0. Marcos M
04:41 PM Bug #15139 (Resolved): Local DNS resolution behavior does not add an IPv6 nameserver
Fixed in commit:89cc24a60c601954e86d4acfc52f5356afecd069.... Marcos M
04:36 PM Bug #15139 (Resolved): Local DNS resolution behavior does not add an IPv6 nameserver
Under @System > General Setup@, the "local" DNS Resolution behavior only adds an IPv4 localhost - IPv6 is missing. Th... Marcos M
04:38 PM Revision 11b04370: Refactor system DNS check. Fix #15127
Marcos M
04:38 PM Revision 89cc24a6: Add IPv6 localhost nameserver to /etc/resolv.conf. Fix #15139
Marcos M
03:27 PM pfSense Docs Todo #15138 (Rejected): Feedback on Virtual Private Networks — OpenVPN — Assigning OpenVPN Interfaces
Please post on the forum if you have questions or problems following the documentation. The line in question is refer... Jim Pingle
03:18 PM pfSense Docs Todo #15138 (Rejected): Feedback on Virtual Private Networks — OpenVPN — Assigning OpenVPN Interfaces
*Page:* https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/assign.html
*Feedback:*
this line: Navigate to V... Rick Lunt
03:11 PM pfSense Docs Todo #15136 (Rejected): Feedback on pfSense® software Configuration Recipes — Routing Internet Traffic Through A Site-To-Site OpenVPN Tunnel
Your assumption is incorrect. The only places that "OpenVPN interface" appear in the linked document are after the do... Jim Pingle
02:57 PM pfSense Docs Todo #15136 (Rejected): Feedback on pfSense® software Configuration Recipes — Routing Internet Traffic Through A Site-To-Site OpenVPN Tunnel
*Page:* https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-s2s-route-internet-traffic.html
*Feedback:*
... Rick Lunt
12:38 PM Bug #15117: Shortcut bar on DHCPv6 leases (``status_dhcpv6_leases.php``) navigates to DHCPv4 destinations, not DHCPv6
Rewording subject for the release notes since this affected everything on the shortcut bar on that page, not just the... Jim Pingle
07:29 AM Bug #15117 (Resolved): Shortcut bar on DHCPv6 leases (``status_dhcpv6_leases.php``) navigates to DHCPv4 destinations, not DHCPv6
The patch fixes it.
I am marking this ticket as resolved. Danilo Zrenjanin
12:35 PM pfSense Plus Bug #14824: OpenVPN instance on IPv6 PPPoE interface does not always start automatically
Jan 4 13:00:00 openvpn 21642 Exiting due to fatal error
Jan 4 13:00:00 openvpn 21642 FreeBSD ifconfig failed: ... Łukasz Rojczyk
08:51 AM pfSense Packages Bug #15100: Tailscale IPv6 Exit Node uses first LAN interface when WAN is set to Only Request Prefix
This, or the broader issue of exit node gateway affects me with IPv4.
The seeming lack of configuration ability to s... C C

01/03/2024

11:17 PM pfSense Packages Bug #15132: bind-tools 9.18 pkg moved dnssec-* tools from sbin to bin
I'm working on the fix. The docs say to bump the version number in the makefile.
"When updating a package is it i... Stuart Wyatt
04:12 AM pfSense Packages Bug #15132 (New): bind-tools 9.18 pkg moved dnssec-* tools from sbin to bin
In bind.inc, the path to dnssec-keygen and dnssec-dsfromkey are hard coded to the /user/local/sbin/ directory. In bin... Stuart Wyatt
07:35 PM Bug #15135 (Feedback): Potential local file include vulnerability via DNS Resolver Python Module Script include mechanism
Applied in changeset commit:12cbb18a93c1f78e05806b6d3c90511e8967f43f. Jim Pingle
07:22 PM Bug #15135 (Resolved): Potential local file include vulnerability via DNS Resolver Python Module Script include mechanism
When the DNS Resolver Python Module function is enabled and a Python Module Script is present, the system also looks ... Jim Pingle
07:25 PM Revision 12cbb18a: Improve validation of DNS Resolver Python script. Fixes #15135
Jim Pingle
06:37 PM Bug #15084: Upgrading an EFI system installed to ZFS mirror does not upgrade EFI loader on additional disks
There was some change here recently as now this triggers a failure on upgrade for existing mirrors.
The second dis... Jim Pingle
03:23 PM pfSense Plus Bug #15097: Upgrade to 23.09.1 is not offered for 23.05.1
I had this issue on appliances while upgrading to 23.09 two branches back, where new version check was always failing... Clément PAPPALARDO
03:18 PM Bug #15133 (New): PHP error with OpenVPN server certificate verification if the certificate has multiple ``CN`` attributes
OK, good to know that worked.
We can fix the PHP error in the future but you may hit other issues with that sort o... Jim Pingle
03:14 PM Bug #15133: PHP error with OpenVPN server certificate verification if the certificate has multiple ``CN`` attributes
ok, it makes sense.
I recreated the certificate for this appliance (you were right, there was 2 CN), and now VPN S... Clément PAPPALARDO
02:33 PM Bug #15133: PHP error with OpenVPN server certificate verification if the certificate has multiple ``CN`` attributes
The error you are seeing is not relevant to the tunnel network and so on that's just a coincidence, the bulk of the s... Jim Pingle
02:20 PM Bug #15133: PHP error with OpenVPN server certificate verification if the certificate has multiple ``CN`` attributes
I have 2 WAN, I tried switching WAN source for this VPN server, not ok
I deleted vpn server and recreated it (same va... Clément PAPPALARDO
01:57 PM Bug #15133: PHP error with OpenVPN server certificate verification if the certificate has multiple ``CN`` attributes
I don't think so. I'm using it on 3 same other appliance without problems. My CA is a Windows CA imported.
On this A... Clément PAPPALARDO
01:46 PM Bug #15133 (Feedback): PHP error with OpenVPN server certificate verification if the certificate has multiple ``CN`` attributes
Is there something unusual about your server certificate? Was it created on pfSense or imported from elsewhere?
Th... Jim Pingle
09:46 AM Bug #15133: PHP error with OpenVPN server certificate verification if the certificate has multiple ``CN`` attributes
(but users cant connect without certificate verification) Clément PAPPALARDO
09:40 AM Bug #15133 (Resolved): PHP error with OpenVPN server certificate verification if the certificate has multiple ``CN`` attributes
... Clément PAPPALARDO
11:03 AM Bug #15134 (Incomplete): Post upgrade to 2.7.2 - Change in alias name stops all traffic
After installing the last 2.7.2 release, when we edited an Alias name - that rule stopped working, and all traffic wa... Rajko B
09:48 AM Bug #15130: Kea will not start with identical MAC address filters on multiple interfaces
Tested on:
23.09.1-RELEASE (amd64)
built on Wed Dec 20 18:27:00 UTC 2023
FreeBSD 14.0-CURRENT
I can confirm thi... aleksei prokofiev
06:26 AM Revision a68f7a3d: Update the years in the Copyright notice.
Luiz Souza

01/02/2024

08:50 PM Bug #15117 (Feedback): Shortcut bar on DHCPv6 leases (``status_dhcpv6_leases.php``) navigates to DHCPv4 destinations, not DHCPv6
Applied in changeset commit:3d95bdde7fbd926bd7ed7d3ac716f42727a15ca2. Jim Pingle
02:04 PM Bug #15117: Shortcut bar on DHCPv6 leases (``status_dhcpv6_leases.php``) navigates to DHCPv4 destinations, not DHCPv6
It's incorrect for me as well, the shortcut section on the page is set to @dhcp@ when it should be @dhcp6@:
source... Jim Pingle
08:43 PM Revision 3d95bdde: Correct DHCPv6 lease shortcut section. Fixes #15117
Jim Pingle
06:41 PM pfSense Packages Bug #15131: OpenVPN client export issues with iPhone and IPV6 connections
https://forums.openvpn.net/viewtopic.php?p=119902 (lists fix)
https://forums.openvpn.net/viewtopic.php?p=119904 (my ... Jonathan Lee
06:38 PM pfSense Packages Bug #15131 (Confirmed): OpenVPN client export issues with iPhone and IPV6 connections
I have researched and found an issue within the OpenVPN's client export config file for iPhones (OpenVPN Connect (iOS... Jonathan Lee
05:49 PM Bug #15130 (Resolved): Kea will not start with identical MAC address filters on multiple interfaces
Steps to duplicate:
Enter identical MAC address filters on two interfaces. kea will no longer start:
Jan 2 17:4... Chris Linstruth
05:04 PM pfSense Packages Todo #15119 (Feedback): Update nut-devel version and update startup script
Merged into devel branches, should be in snapshots for testing tomorrow. Jim Pingle
03:48 PM pfSense Plus Bug #15097: Upgrade to 23.09.1 is not offered for 23.05.1
Marcos M wrote in #note-4:
> The issue is due to a missing @.default@ file, e.g. @/usr/local/etc/pfSense/pkg/repos/pf... Tom L
02:06 PM Bug #15129 (Duplicate): Arp table not displaying hostname
Duplicate of #15127 (same root cause) Jim Pingle
01:49 PM Bug #15127: ``check_dnsavailable()`` failing even when DNS is available
This affects a lot more than just ACB. It affects DHCP lease display, ARP display, NDP display, update checks, and po... Jim Pingle
01:33 PM pfSense Plus Regression #14964 (Not a Bug): SG-3100: iscsi support removed from 23.09 kernel
At this point things removed from 3100 are unlikely to return as they were probably removed due to problems with armv... Jim Pingle

01/01/2024

01:55 PM Bug #15129: Arp table not displaying hostname
So I applied this patch https://redmine.pfsense.org/issues/15127 and now hostnames are back..
See the above thread... JohnPoz _
01:30 PM pfSense Packages Bug #14058: Update vendor=on triggers installation failure
I just ran into this with arpwatch on 23.09.1... JohnPoz _
12:10 AM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table
Basically someone (likely me) just needs to start producing test builds at various points in time between a known goo... Christian McDonald
12:02 AM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table
Christian McDonald wrote in #note-17:
> If someone can provide me with two versions as closely related in time as po... Zachary Cohen

12/31/2023

11:07 PM Bug #15129: Arp table not displaying hostname
Probably more fallout from Netlink. I will look. Christian McDonald
10:44 PM Bug #15129: Arp table not displaying hostname
Thread https://forum.netgate.com/topic/185231/no-hostnames-under-diagnostics-arp JohnPoz _
10:43 PM Bug #15129 (Duplicate): Arp table not displaying hostname
So I recall about a year ago this was happening in the ndp table.. But now seems in the arp table same sort of proble... JohnPoz _
09:19 PM pfSense Docs Correction #15128 (Closed): Note that a WireGuard peer must have "Dynamic" unset to see Endpoint options
*Page:* https://docs.netgate.com/pfsense/en/latest/recipes/wireguard-s2s.html
*Feedback:* The Peer Configuration s... Phil Duby
08:12 PM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table
If someone can provide me with two versions as closely related in time as possible along with a reproducer I can bise... Christian McDonald
07:20 AM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table
Boycee . wrote in #note-11:
> The issue I opened (#15105) was a decided to be a duplicate of this one. Just pasting... Zachary Cohen
05:19 AM Bug #15117: Shortcut bar on DHCPv6 leases (``status_dhcpv6_leases.php``) navigates to DHCPv4 destinations, not DHCPv6
It is, indeed, the related settings link. on my system, this is a link to
https://<fqdn>/services_dhcp.php - it sho... David Cornejo
01:26 AM Bug #15117: Shortcut bar on DHCPv6 leases (``status_dhcpv6_leases.php``) navigates to DHCPv4 destinations, not DHCPv6
I'm not able to confirm this. Going to Status --> DHCPv6 Leases --> Related Settings link at the top goes to the DHC... Kris Phillips
04:40 AM Bug #15127: ``check_dnsavailable()`` failing even when DNS is available
verified prior condition and that ACB restore entries were once again present following application of the patch above Jordan G
12:43 AM pfSense Plus Bug #15126: SG-1100 pfSense+ recovery results in non aligned disk slices
David Burns wrote:
> Currently preparing for an upgrade of SG-1100 remote worker fleet.
>
> However after install... Kris Phillips
12:20 AM Bug #15122: PHP errors in LDAP server prevent it from falling back to Local Database
Merged https://gitlab.netgate.com/pfSense/pfSense/-/commit/c48e3d87347538a6ef3e8b7542bdd498176343dd Christopher Cope

12/30/2023

10:45 PM Bug #15122 (Feedback): PHP errors in LDAP server prevent it from falling back to Local Database
Marcos M
12:30 AM Bug #15122 (Pull Request Review): PHP errors in LDAP server prevent it from falling back to Local Database
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1115 Christopher Cope
10:44 PM Revision c48e3d87: Bail earlier if the LDAP connection fails. Fix #15122
Christopher Cope
10:33 PM Bug #15127 (Assigned): ``check_dnsavailable()`` failing even when DNS is available
Marcos M
10:14 PM Bug #15127: ``check_dnsavailable()`` failing even when DNS is available
The attached workaround patch may be applied using the "System Patches package":https://docs.netgate.com/pfsense/en/l... Marcos M
08:31 PM Bug #15127 (Resolved): ``check_dnsavailable()`` failing even when DNS is available
In the file /usr/local/www/services_acb.php there is a call on line 233 to "check_dnsavailable" which queries against... Kris Phillips
05:17 AM Bug #14605: Dynamic DNS uses the default gateway interface instead of the specified interface
Good afternoon. I can confirm that there is an error, but for some reason netgate does not want to investigate it (if... Stepan Afonin

12/29/2023

07:48 PM pfSense Plus Bug #15097 (Resolved): Upgrade to 23.09.1 is not offered for 23.05.1
The system link does exist:... Marcos M
06:35 PM Revision 4bd55d9a: Remove broken input validation
This input validation was originally done in a function that effectively
ignored any input errors. When it was taken ... Marcos M
11:25 AM pfSense Plus Bug #14005: SFP Interfaces not available with Traffic Shaper in v23.01
For info; I have updated the Netgates to version 23.09.1 and the problem still exists. The interfaces Clx0 and clx1 (... Brendon Flint
11:23 AM Bug #15124 (Resolved): IPsec VTI is not created correctly when using a Phase 2 remote type of ``Network``
The patch fixes it. The IPsec interface gets IP address and the gateway as expected with no error logs.
I am mark... Danilo Zrenjanin
03:11 AM pfSense Plus Bug #15126 (Resolved): SG-1100 pfSense+ recovery results in non aligned disk slices
Currently preparing for an upgrade of SG-1100 remote worker fleet.
However after installing the latest SG-1100 rec... David Burns
12:50 AM Bug #6167: IPsec IPComp not working
Some basic testing on 23.09.1 shows it works for policy-based tunnels, but not for route-based tunnels (VTI). Here's ... Marcos M
12:12 AM pfSense Docs Todo #15125 (Closed): Feedback on Services — DHCPv4
*Page:* https://docs.netgate.com/pfsense/en/latest/services/dhcp/relay.html
*Feedback:*
The note here which menti... Ethan Word

12/28/2023

10:45 PM Revision e0b7afa9: pfSense-boot: Ensure freebsd efi directory exists
Reid Linnemann
10:31 PM Bug #15087: IPsec Keep Alive does not update the gateway status
Regarding #note-3, see #15124. Marcos M
10:29 PM Bug #15124 (Feedback): IPsec VTI is not created correctly when using a Phase 2 remote type of ``Network``
Fixed in commit:8e83f722c70bc6bd4a7e4275f8ddc3ac3fe5efc5. Marcos M
10:19 PM Bug #15124 (Resolved): IPsec VTI is not created correctly when using a Phase 2 remote type of ``Network``
The @Remote Network@ field in the IPsec Phase 2 configuration allows for the @Network@ type with VTI mode. This resul... Marcos M
10:27 PM Revision 8e83f722: Strip the prefix size from the VTI remote address. Fix #15124
Marcos M
09:13 PM Bug #15066: PHP allocation failure in pfsense-utils.inc
Happened again. No idea why. Again, no use of the dashboard at the time.
Crash report begins. Anonymous machine i... Alex Rosenberg
08:15 PM Bug #9453: Reconfiguring a parent LAGG interface breaks its VLANs
Mike Moore wrote in #note-10:
> Could the fix resolve https://redmine.pfsense.org/issues/14659 or https://redmine.p... Marcos M
07:32 PM Bug #9453: Reconfiguring a parent LAGG interface breaks its VLANs
Could the fix resolve https://redmine.pfsense.org/issues/14659 or https://redmine.pfsense.org/issues/14483 Mike Moore
02:00 PM Revision 7bb1c10a: pfSenseHelpers.js: improve usepost interface. See comment.
Christian McDonald
09:27 AM Bug #15110: pfSense hangs when rebooting
The TAC ticket number for reference is:
2157407569 Danilo Zrenjanin
09:26 AM Bug #15110: pfSense hangs when rebooting
The drives used in testing:
Trancent ts128Gmte452 and SK hynix.
!clipboard-202312281024-brq7o.png!
The behav... Danilo Zrenjanin
08:25 AM Bug #15110: pfSense hangs when rebooting
Installing the SSD drive in another port did not resolve the issue. It behaved in the same way. Danilo Zrenjanin
12:38 AM Bug #15122 (Resolved): PHP errors in LDAP server prevent it from falling back to Local Database

The following error can be hit when attempting to login with a misconfigured LDAP server, which prevents the code... Christopher Cope

12/27/2023

09:37 PM pfSense Packages Bug #15120 (Not a Bug): Suricata upgrade/install adds default rulesets
Marcos M
09:21 PM pfSense Packages Bug #15120: Suricata upgrade/install adds default rulesets
Suricata upstream periodically adds new built-in rules with upgrades. The new QUIC rules are one recent example, but ... Bill Meeks
08:12 PM pfSense Packages Bug #15120 (Not a Bug): Suricata upgrade/install adds default rulesets
We had traditionally disabled stream-events.rules because of false positives. I have noticed a couple times lately it... Steve Y
09:35 PM Bug #9453 (Feedback): Reconfiguring a parent LAGG interface breaks its VLANs
Fixed in commit:88674cdb01ba38adc71f12be73e0305bb6f57ccd. Marcos M
09:14 PM Revision 563d3c76: Remove unnecessary sleep when configuring unbound
Marcos M
09:10 PM Revision 88674cdb: Reconfigure VLANs after recreating LAGG interfaces. Fix #9453
Marcos M
08:00 PM pfSense Packages Todo #15119: Update nut-devel version and update startup script
The startup script change is contained in PR https://github.com/pfsense/FreeBSD-ports/pull/1340.
The nut-devel upd... Denny Page
07:48 PM pfSense Packages Todo #15119 (Resolved): Update nut-devel version and update startup script
* Update nut startup script to avoid ups failure notifications on nut restart following interface changes.
* Updat... Denny Page
01:53 PM Bug #15087: IPsec Keep Alive does not update the gateway status
If I select Type Network /30, the IPsec interface never gets the IP address. It gets only the gateway.
!clipboard-20... Danilo Zrenjanin
01:49 PM Bug #15118: DHCPv6 settings page "DDNS Reverse" check box not showing current state
Can replicate on 24.03 ... Lev Prokofev
12:41 PM Bug #15118 (Confirmed): DHCPv6 settings page "DDNS Reverse" check box not showing current state
I can replicate this behaviour on:... Danilo Zrenjanin
12:43 PM Bug #15117 (Confirmed): Shortcut bar on DHCPv6 leases (``status_dhcpv6_leases.php``) navigates to DHCPv4 destinations, not DHCPv6
I can confirm this behavior on:... Danilo Zrenjanin
09:09 AM Bug #14919: OpenVPN forms invalid ``route`` statements for empty local networks
Tested against:... Danilo Zrenjanin

12/26/2023

09:45 PM Bug #15043: IGMP proxy works intermittently
It would make a lot of us happy if the kernel patch was made available as a separate download.
There was a downloada... Arturo de Vries
09:40 PM Bug #15116: Kea not working with UEFI HTTPBoot URL configured
There's some information here:
https://kea.readthedocs.io/en/kea-2.0.0/arm/dhcp4-srv.html#reserving-next-server-serv... Jason Montleon
08:25 PM Bug #15116: Kea not working with UEFI HTTPBoot URL configured
With Wireshark I was able to see that ISC DHCP sets the bootp boot file name and option 60 to HTTPClient. With Kea ne... Jason Montleon
07:06 PM Bug #15116 (New): Kea not working with UEFI HTTPBoot URL configured
I have configured and successfully use http boot to occasionally boot libvirt vms by checking off `Enable Network Boo... Jason Montleon
08:35 PM Bug #15118 (Resolved): DHCPv6 settings page "DDNS Reverse" check box not showing current state
If you select the DDNS Reverse checkbox and then save and then apply the changes, the checkbox clears.
It seems li... David Cornejo
08:30 PM Bug #15117 (Resolved): Shortcut bar on DHCPv6 leases (``status_dhcpv6_leases.php``) navigates to DHCPv4 destinations, not DHCPv6
The link to the DHCPv6 settings on the status page takes you to the settings for DHCP (v4)
 David Cornejo
06:14 AM pfSense Packages Bug #15115 (Closed): NUT Package Functionality
I read online that updating the OS version from 2.7 to 2.7.2 should fix some security bugs and I have also followed t... Adam Di Vizio
05:44 AM pfSense Packages Bug #14951: Tripplite Smart1500LCD UPS
I read online that updating the OS version from 2.7 to 2.7.2 should fix some security bugs and I have followed the in... Adam Di Vizio

12/25/2023

07:38 PM pfSense Packages Bug #13421: Stunnel certificate does not refresh
Tested, had to add 2 lines to /usr/local/etc/stunnel at the begining so now it looks like:... A Schnee

12/24/2023

05:20 PM Bug #9453: Reconfiguring a parent LAGG interface breaks its VLANs
There have been various bug reports related to this issue which seem to share the same root cause - a fix is in progr... Marcos M
05:18 PM Bug #9453 (In Progress): Reconfiguring a parent LAGG interface breaks its VLANs
Marcos M
05:14 PM Bug #13473 (Duplicate): No IPv6 address acquired after reboot/dhcp6c not starting
Marcos M
05:12 PM Bug #14083 (Duplicate): Adding MSS and MTU values on a LAGG VLAN interface breaks connectivity
Marcos M
05:10 PM Bug #14603 (Duplicate): LAGG VLAN Interfaces report parent no longer exists
Marcos M
05:07 PM Bug #13344 (Duplicate): Vlan loses parent interface when changing LAGG mtu to jumbo frames
Marcos M
05:06 PM Bug #12926 (Duplicate): Changing LAGG type on CARP interfaces makes VIPs go to an "init" State
Marcos M
05:05 PM Bug #11953 (Ready To Test): XG-1541 crashes when igmpproxy is enabled and network interfaces status change
This needs to be tested against a current pfSense version, preferably a dev snapshot. For reference, this looks like ... Marcos M
08:33 AM Bug #15098: Wireguard crashes on boot if PPPoE is the default gateway
checked the logs and this seems to be repeating endlessly:
Dec 24 09:17:01 php_wg 89853 /usr/local/pkg/wireguard/inc... Oskar Stroka
03:58 AM Feature #14952 (Pull Request Review): Firewall Alias Import
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1114 Christopher Cope
12:03 AM pfSense Packages Bug #15027 (Confirmed): Bind DNS Server cannot reorder zones
Chris W
12:02 AM pfSense Packages Bug #15027: Bind DNS Server cannot reorder zones
Can confirm with Bind 9.17 on pfSense Plus 23.09.1.
To reproduce:
1. Create two zones.
2. On the Zones tab, drag... Chris W

12/23/2023

09:32 PM Bug #14261: Trim white space in a DHCP Leases page search field
Applied in changeset commit:8c2615a322f4c7ae04d97efb16159904b0503160. Christopher Cope
09:20 PM pfSense Plus Regression #14964: SG-3100: iscsi support removed from 23.09 kernel
I would imagine that the reason it wasn't mentioned in the release notes is because iSCSI support isn't officially su... Kris Phillips
09:18 PM pfSense Plus Bug #14824: OpenVPN instance on IPv6 PPPoE interface does not always start automatically
Łukasz Rojczyk wrote in #note-12:
> is there any progress yet or will it never work properly ???
>
> Dec 18 10:19... Kris Phillips
09:16 PM pfSense Plus Bug #15097: Upgrade to 23.09.1 is not offered for 23.05.1
Danilo Zrenjanin wrote in #note-2:
> Yeah, I can confirm this behavior on Netgate 6100.
>
> [...]
>
> The reco... Kris Phillips
09:15 PM Bug #15087: IPsec Keep Alive does not update the gateway status
Tried this and it doesn't even need to be a FQDN. The Gateway status page of any VTI with a /30 will almost always s... Kris Phillips
07:23 PM Bug #15087: IPsec Keep Alive does not update the gateway status
I tried to replicate that behavior. I set FQDN for the Remote Gateway setup on both sides. Phase 2 in VTI mode. The g... Danilo Zrenjanin
09:13 PM Bug #15110: pfSense hangs when rebooting
Danilo Zrenjanin wrote in #note-3:
> The clean installation procedure on the 3rd party SSD went smoothly, but the is... Kris Phillips
07:36 AM Bug #15110: pfSense hangs when rebooting
The clean installation procedure on the 3rd party SSD went smoothly, but the issue persisted with no other side effects. Danilo Zrenjanin
04:21 PM pfSense Packages Feature #9833: ACME: add ability to use custom ACME server
+1 also
there is a FreeBSD port of step-ca
https://www.freshports.org/security/step-certificates/ Max Budnick
12:47 PM Bug #15098: Wireguard crashes on boot if PPPoE is the default gateway
I couldn't replicate this behavior on the following system:... Danilo Zrenjanin

12/22/2023

10:57 PM Feature #15114 (New): Allow mounting of multiple ZFS pools at boot
Current pfSense versions will only mount the default ZFS pool at boot. Since pfSense does not use the FreeBSD RC syst... Steve Wheeler
09:55 PM Revision 7cdf9713: Only backup kernel on UFS systems
Christian McDonald
08:26 PM pfSense Docs Todo #15113 (Closed): Update Image Verification Document to tell people to not sha256sum the .sha256 file, but instead just view the contents
Documentation is here:
https://docs.netgate.com/pfsense/en/latest/install/download-installer-image.html#verifying-th... Kris Phillips
06:04 PM Regression #15112 (Resolved): ``status_interfaces.php`` is missing several values for SFP modules
I am not seeing the SFP module status in pfSense 23.09.1 that was implemented previously. Reference https://redmine.p... Chad Wagner
05:17 PM Bug #15110: pfSense hangs when rebooting
Note this was after adding a 3rd party SSD. Steve Wheeler
01:44 PM Feature #8861: Show SFP module details on ``status_interfaces.php``
Chad Wagner wrote in #note-17:
> Is there a reason I would not be seeing the same on my 6100 with 23.09.1? I just sw... Jim Pingle
06:08 AM Feature #8861: Show SFP module details on ``status_interfaces.php``
Is there a reason I would not be seeing the same on my 6100 with 23.09.1? I just switched from SFP+ DACs to 10GTek SF... Chad Wagner
01:39 PM Bug #15111 (Rejected): LAN ipv4 route can't via WAN route out.
There is not nearly enough information here to say there is a bug rather than something wrong in your setup/environme... Jim Pingle
12:53 AM Bug #15111 (Rejected): LAN ipv4 route can't via WAN route out.
The LAN network ipv4 can't route out VIA ISP wan, LAN lose route yon Liu
11:11 AM pfSense Plus Bug #15097 (Confirmed): Upgrade to 23.09.1 is not offered for 23.05.1
Yeah, I can confirm this behavior on Netgate 6100.... Danilo Zrenjanin

12/21/2023

09:55 PM Feature #14165: Option to allow the DNS Forwarder to ignore system DNS servers
Pull request filed: https://github.com/pfsense/pfsense/pull/4664 Orion Poplawski
07:33 PM pfSense Packages Feature #14999: Feature Request: Update Squid Package to Version 6.5 this was released on updated Nov 6
Pretty Please ...
Maybe a Christmas package.. Jonathan Lee
07:22 PM pfSense Plus Bug #14515: Ethernet rule Action field hint text lists "reject" option which is not compatible with Ethernet rules

Christian McDonald wrote in #note-1:
> Thanks.
>
> pf(4) only supports pass/block action semantics for L2 rul... Jonathan Lee
07:20 PM pfSense Plus Bug #14515: Ethernet rule Action field hint text lists "reject" option which is not compatible with Ethernet rules
Do you still have this commit ID I do not think it shows up. I can't fetch 7cdf5ed172bbb98aa62e9a4ef534866ba1d63ef8 Jonathan Lee
06:59 PM Todo #15106: Remove ``Time`` column from OS Boot logs
Works great!!! Jonathan Lee
06:41 PM Todo #15106: Remove ``Time`` column from OS Boot logs
Marcos M wrote in #note-3:
> Only the @Message@ column is shown now. This affects @userlog@ and @dmesg.boot@ (OS Boo... Jonathan Lee
06:57 PM Bug #15060 (Ready To Test): LDAP bind fails when authentication servers use different CA chains
The first parameter type changed in PHP 8.1:
> The ldap parameter expects an LDAP\Connection instance now; previousl... Marcos M
06:13 PM Bug #15043: IGMP proxy works intermittently
I agree completely. This is a very disruptive bug for those that use IPTV. You can simply not use it. I think this bu... Haraldinho D
06:05 PM Bug #15043: IGMP proxy works intermittently
That pretty much sucks.
So, we either have to wait for 2.8 final or install a snapshot/dev version to be able to use... Arturo de Vries
04:48 PM Bug #15043 (Feedback): IGMP proxy works intermittently
Marcos M
02:34 PM Bug #15043: IGMP proxy works intermittently
This requires a kernel change, so it'll be part of the next release. This issue cannot be fixed through the System_Pa... Kristof Provost
02:24 PM Bug #15043: IGMP proxy works intermittently
When/how will this lead to an installable patch? Haraldinho D
09:37 AM Bug #15043: IGMP proxy works intermittently
The relevant fixes have been merged to the devel-main and plus-devel-main branches, and are included in recent snapsh... Kristof Provost
07:18 AM Bug #15043: IGMP proxy works intermittently
Any news on an official patch yet? Haraldinho D
05:57 PM Bug #14989 (Closed): Typo in the Setup Wizard
Christian McDonald
05:56 PM Bug #14261 (Feedback): Trim white space in a DHCP Leases page search field
Christian McDonald
05:56 PM Revision 8c2615a3: Trim DHCP & DHCPv6 search strings. #14261
Christopher Cope
05:54 PM Revision a13da2b0: Fix typo in setup wizard. Fixes #14989
Christopher Cope
04:47 PM Revision 65b5c400: get_sysctl(): check return status and log failures, add retries. #14648
Reid Linnemann
04:46 PM Revision 273e932c: Update loader on ESPs without use of a label
Reid Linnemann
04:09 PM Bug #15110 (New): pfSense hangs when rebooting
Start the reboot from the GUI:... Danilo Zrenjanin
01:52 PM Regression #15109 (Not a Bug): Many missing files with pkg-static check -s -a after upgrading from 2.7.1 to 2.7.2
All of those are expected the way things work currently. As we work more toward a pkg base for everything more of tho... Jim Pingle
08:44 AM Regression #15109 (Not a Bug): Many missing files with pkg-static check -s -a after upgrading from 2.7.1 to 2.7.2
Many missing files after upgrading from 2.7.1 to 2.7.2 when using:
_pkg-static check -s -a_
*2.7.1 fresh install... Hine Ke
10:00 AM Bug #15108: ``pfctl`` is unable to retrieve state creator list in certain circumstances
I think I see how the 'No space left on device' error can happen if we have many creator ids.
It's already fixed, be... Kristof Provost
09:38 AM pfSense Packages Todo #14073: Shalla block list is offline but still available in pfBlocker
Mike Moore wrote in #note-3:
> Can we get this package cleaned up at least with the removal of the list.
> Its cau... OpIT GmbH

12/20/2023

07:29 PM pfSense Packages Regression #14452: Prometheus node_exporter generates errors with the default config
I'm still seeing this on CE 2.7.2 with node_exporter 0.18.1_3 (upstream node_exporter-1.6.1) installed. Note that the... Logan Marchione
07:08 PM pfSense Packages Bug #15080: Suricata process dying due to Hyperscan error - also may randomly segfault
PR merged, thanks! Jim Pingle
05:18 PM pfSense Packages Bug #15080: Suricata process dying due to Hyperscan error - also may randomly segfault
Additional update for this issue for a complete history:
Two additional heap memory buffer overflow bugs were rece... Bill Meeks
07:08 PM pfSense Packages Bug #14898: Suricata core dumps with signal 11
PR merged, thanks! Jim Pingle
05:19 PM pfSense Packages Bug #14898: Suricata core dumps with signal 11
Additional update for this issue for a complete history:
Two additional heap memory buffer overflow bugs were rece... Bill Meeks
06:29 PM Todo #15106: Remove ``Time`` column from OS Boot logs
@userlog@ has a timestamp it's just not being parsed out since it doesn't match the syslog format. Jim Pingle
06:22 PM Todo #15106 (Resolved): Remove ``Time`` column from OS Boot logs
Only the @Message@ column is shown now. This affects @userlog@ and @dmesg.boot@ (OS Boot) logs - sorting behavior rem... Marcos M
03:45 AM Todo #15106: Remove ``Time`` column from OS Boot logs
Thanks for the information. Should Status / System Logs / System / OS Boot have time column removed as it is mislead... Jonathan Lee
02:21 AM Todo #15106 (Not a Bug): Remove ``Time`` column from OS Boot logs
The kernel boot log has no timestamps, the message log buffer is dumped all at once into the log file by the kernel a... Jim Pingle
02:03 AM Todo #15106 (Resolved): Remove ``Time`` column from OS Boot logs
Hello and happy holidays. I just noticed that the OS Boot Logs under pfSense GUI show "Time" and "Message" columns ho... Jonathan Lee
06:19 PM Revision 08434feb: Show only the Message column for raw logs. Implement #15106
Marcos M
05:58 PM Bug #14631 (Duplicate): ACL on DNS Resolver is not updated list after IPs changed on interfaces
Marcos M
03:58 AM Bug #14631: ACL on DNS Resolver is not updated list after IPs changed on interfaces
https://docs.netgate.com/pfsense/en/latest/config/xml-configuration-file.html
Have you checked this file? You migh... Jonathan Lee
03:56 AM Bug #14631: ACL on DNS Resolver is not updated list after IPs changed on interfaces
Check your config.xml file and see what the setting for this.
If you are still having issues where it can't save ... Jonathan Lee
05:52 PM pfSense Plus Bug #15103 (Resolved): Netgate Crypto ID missing in 23.09.01 after fresh firmware
Thoth is no longer used - the error is from old code which has been cleaned up in dev snaps. This is being tracked wi... Marcos M
04:15 AM pfSense Plus Bug #15103: Netgate Crypto ID missing in 23.09.01 after fresh firmware
With 23.05.01
@AES-GCM,ChaCha20-Poly1305,AES-ICM,AES-XTS,SHA1,SHA256,SHA384,SHA512@
is shown for my model 21... Jonathan Lee
04:32 PM pfSense Plus Feature #12832: 6100 configurable Blinking Blue LED
Have you attempted to just manually set the GPIO settings with a cron job to a different color? Would that help or ma... Jonathan Lee
03:56 PM Revision 55251505: Remove TOTH. Fix NG#12636
Marcos M
03:53 PM Bug #15108 (Resolved): ``pfctl`` is unable to retrieve state creator list in certain circumstances
In certain cases @pfctl -sc@ is unable to obtain the list of state creators, and instead results in an error message ... Jim Pingle
03:32 PM Bug #15057 (Resolved): Router Advertisement daemon does not prioritize IPv6 GUA over ULA
Marcos M
02:04 PM Bug #15057: Router Advertisement daemon does not prioritize IPv6 GUA over ULA
It works !
get_interface_track6ip now returns the GUA as expected, and radvd config file is correct
Thank you Mathis Cavalli
12:37 AM Bug #15057 (Pull Request Review): Router Advertisement daemon does not prioritize IPv6 GUA over ULA
Thanks! I was able to reproduce and confirm the issue. Please test the following patch:
{{collapse... Marcos M
05:32 AM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table
Jonathan Lee wrote in #note-13:
> This could be also related
>
> https://redmine.pfsense.org/issues/15104
For... Denny Page
04:25 AM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table
This could, could also cause broadcast arp storms and VLAN hopping vulnerabilities. Prior versions had broken up the ... Jonathan Lee
04:23 AM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table
This could be also related
https://redmine.pfsense.org/issues/15104
I am having one broadcast domain now the p... Jonathan Lee
05:02 AM pfSense Packages Feature #15107 (New): An option to disable routes
When using Wireguard with FRR (dynamic routing) there needs to be an option to select 'Disable routes'
This will pre... Mike Moore
04:33 AM Feature #8794: NTP authentication support
https://github.com/pfsense/pfsense/pull/4658
User MatthewA1 has merged Marcos's requests as well as added the miss... Jonathan Lee
04:27 AM Regression #14987: ``Interface Address`` is no longer an option for outbound NAT targets
Does this cause issues with layer 2 experimental rules? They are MAC address or interface based. Jonathan Lee
04:12 AM pfSense Plus Bug #13206: SG-3100 LED GPIO hangs
Have you attempted to just manually set the GPIO settings with a cron job to a different color? Would that help or ma... Jonathan Lee
03:51 AM pfSense Plus Bug #13497: unbound process looks like stuck periodically
Post this in the forum it could be you are not using the correct settings and ACL's for unbound. Jonathan Lee
02:19 AM pfSense Plus Feature #14291: Support for cryptographic acceleration using the Multi-Buffer Crypto for IPsec Library (IPsec-MB, IIMB)
crypto id/ping-auth has nothing to do with cryptographic acceleration, it's not relevant to this issue in any way. Jim Pingle
02:12 AM pfSense Plus Feature #14291: Support for cryptographic acceleration using the Multi-Buffer Crypto for IPsec Library (IPsec-MB, IIMB)
Old post however I wanted to bring more attention to CryptoID loss of ping-auth when fresh firmware is installed.
... Jonathan Lee
12:31 AM Revision c32312a3: Handle IPv6 GUA and ULA in get_interface_track6ip(). Fix #15057
Marcos M

12/19/2023

07:24 PM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table
Thank you for confirming. The 24.03 dev snaps for plus are now available, testing on that would be appreciated (the B... Marcos M
02:49 PM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table
The issue I opened (#15105) was a decided to be a duplicate of this one. Just pasting in the detail I added. Person... Boycee .
06:33 PM Feature #4728: Expose ``nopool`` server option in the OpenVPN Server GUI
This can be accomplished with the custom options setting, e.g.:... Marcos M
05:59 PM Feature #9156 (Duplicate): OpenVPN: Add tickbox for 'nopool' directive
Marcos M
05:46 PM pfSense Packages Bug #15086 (Rejected): openvpn-client-export 1.9.2 | Viscosity Bundle | ECDSA cert missing key
I can't replicate this. I created a fresh EC cert using that curve and all export formats contain the certificate and... Jim Pingle
05:41 PM Bug #15060: LDAP bind fails when authentication servers use different CA chains
I have a similar problem. If you use one server and another with the same CA-Chain you do not have a problem.
If you... Ph. T
05:02 PM Bug #15102 (Closed): System - Update - System Update - Branch misspells deprecated as depreciated.
Fixed by Kris Molinari Jim Pingle
02:16 PM Regression #15105: Static ARP entries "converted" to expiring ARP
Jim Pingle wrote in #note-2:
> It's still almost certainly a duplicate of #14970 and doesn't need its own entry - add... Boycee .
02:04 PM Regression #15105 (Duplicate): Static ARP entries "converted" to expiring ARP
It's still almost certainly a duplicate of #14970 and doesn't need its own entry - add your observations there. Jim Pingle
01:52 PM Regression #15105: Static ARP entries "converted" to expiring ARP
Forgot to add there is already an issue opened for the "cosmetic" issue with display in ARP diagnostics page I mentio... Boycee .
01:47 PM Regression #15105 (Duplicate): Static ARP entries "converted" to expiring ARP
I believe there was a static ARP issue introduced with 2.7.0 (https://redmine.pfsense.org/issues/14374). However, th... Boycee .
05:42 AM pfSense Plus Bug #15104: Layer 2 experimental Firewall/Rules/Ethernet: new broadcast domain issues
Thanks happy holidays. I enjoyed the experimental layer 2 broadcast storm puzzles that took me way back to old CCNA c... Jonathan Lee
05:40 AM pfSense Plus Bug #15104: Layer 2 experimental Firewall/Rules/Ethernet: new broadcast domain issues
Also you can see traffic on the experimental layer 2 firewall rules between the interfaces that is the main concern h... Jonathan Lee
05:23 AM pfSense Plus Bug #15104: Layer 2 experimental Firewall/Rules/Ethernet: new broadcast domain issues
I will be moving back to 23.05.01 it's layer 2 abilities were more secure within the broadcast domains. Jonathan Lee
05:21 AM pfSense Plus Bug #15104: Layer 2 experimental Firewall/Rules/Ethernet: new broadcast domain issues
Please see photo. Also when a client has a static entry for the firewall on a secure side "Firewall's LAN(WLAN)" and ... Jonathan Lee
01:18 AM pfSense Plus Bug #15103: Netgate Crypto ID missing in 23.09.01 after fresh firmware
ping-auth -s no longer populates it for you so its empty, how does this effect OpenVPN users? Jonathan Lee
01:17 AM pfSense Plus Bug #15103: Netgate Crypto ID missing in 23.09.01 after fresh firmware
It still works the thorth folder is empty.
I fixed it by transferring the folder over from an older SSD
 Jonathan Lee
12:56 AM pfSense Plus Bug #15103 (Confirmed): Netgate Crypto ID missing in 23.09.01 after fresh firmware
Also see: https://redmine.netgate.com/issues/12636
The CryptoID is shown as expected if the /etc/thoth/thothid is ... Steve Wheeler

12/18/2023

10:48 PM pfSense Plus Bug #15104 (New): Layer 2 experimental Firewall/Rules/Ethernet: new broadcast domain issues
Layer 2 broadcast domain in 23.05.01 would separate compex card from the LAN RJ45 ports. It no longer separates the l... Jonathan Lee
10:39 PM pfSense Plus Bug #15103 (Resolved): Netgate Crypto ID missing in 23.09.01 after fresh firmware
Hello I noticed this after fresh firmware install on a SG-2100
@ The command '/usr/local/sbin/ping-auth -s > /etc/... Jonathan Lee
06:28 PM Bug #15102 (Closed): System - Update - System Update - Branch misspells deprecated as depreciated.
Suggest changing depreciated to deprecated. David Benner
06:11 PM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table
Unfortunately yes. This is still happening in 23.09.1
If I am not mistaken it started happening two or three release... Johan Belmans
05:48 PM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table
Is this still happening on 23.09.1? Marcos M
04:34 PM pfSense Plus Feature #15101 (Rejected): Warning about using Kea DHCP for HA env
Kea does not support HA yet, and that has been warned about in the release notes. We aim to have support in the next ... Jim Pingle
04:29 PM pfSense Plus Feature #15101 (Rejected): Warning about using Kea DHCP for HA env
Using Kea DHCP for HA environment can and will lead to issues with ARPs if you are using dynamic leases. Nice to have... Bartłomiej Bujak
03:25 PM Bug #13413: Some messages presented to users contain relative links to pages which may be invalid when triggered from certain packages
Moving projects/rewording since this isn't specific to any one package, it just happens to affect packages which put ... Jim Pingle
01:17 PM pfSense Packages Feature #15099 (Closed): ACME: please update GUI to include recently added DNSapi providers.
This happens during any update we do, no need for a separate issue to track it. Jim Pingle
01:08 PM Bug #14434: PPPoE WAN interface with VIPs causes continuous interface restarting
Still present in 23.09.1 Steve Wheeler
09:25 AM pfSense Plus Bug #14824: OpenVPN instance on IPv6 PPPoE interface does not always start automatically
is there any progress yet or will it never work properly ???
Dec 18 10:19:00 openvpn 15608 Exiting due to fatal... Łukasz Rojczyk

12/17/2023

04:17 PM Feature #12521: Add the BBR2, QUIC, RACK Congestion Control (CC) protocols
hao zhang wrote in #note-3:
> https://man.freebsd.org/cgi/man.cgi?query=tcp_bbr&apropos=0&sektion=0&manpath=FreeBSD+... Sergei Shablovsky
03:11 AM pfSense Plus Bug #15097: Upgrade to 23.09.1 is not offered for 23.05.1
Can confirm that this seems to consistently happen basically every time someone upgrades from 23.01 to 23.05.1. Kris Phillips
03:04 AM pfSense Packages Bug #15100 (New): Tailscale IPv6 Exit Node uses first LAN interface when WAN is set to Only Request Prefix
When Tailscale on pfSense Plus is being used as an exit node for IPv6 connectivity and the WAN interface is set to "O... Kris Phillips
02:58 AM pfSense Packages Feature #14453: Expand prefix list entry window
Any update on this?
The workaround is to go into the pfsense shell, go into the FRR cli <vtysh> and examine the pref... Mike Moore

12/16/2023

10:51 PM Bug #13413 (Pull Request Review): Some messages presented to users contain relative links to pages which may be invalid when triggered from certain packages
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1111
I wasn't able to reproduce the error with Wiregua... Christopher Cope
08:29 PM Bug #15067 (Confirmed): Secondary node attempts to delete the ``admins`` group when synchronizing accounts via XMLRPC
After applying the fix, the errors are no longer present with the admins group, but assigning / removing any other gr... Christopher Cope
02:49 PM pfSense Packages Feature #15099 (Closed): ACME: please update GUI to include recently added DNSapi providers.
Please update GUI to include DNS API providers like DnsExit.com that was recently added to acme.sh.
https://github... Michael C
11:35 AM Bug #15057: Router Advertisement daemon does not prioritize IPv6 GUA over ULA
I rolled back my change to get_interface_track6ip to show you what it returns with the original code... Mathis Cavalli
07:05 AM Bug #14691: Separators get shifted when copying firewall rules between interfaces
old separators Jonathan Lee
07:05 AM Bug #14691: Separators get shifted when copying firewall rules between interfaces
@ <separator>
<wan></wan>
<lan></lan>
<opt1></opt1>
<floatingrules></floatingrules>
... Jonathan Lee
06:30 AM Bug #14619: Rule separators are ordered incorrectly after removing rules in certain positions
I still have issues with this in 23.05.01 and they all show up again in 23.09.01
I stopped using separators howev... Jonathan Lee

12/15/2023

11:08 PM Bug #15057 (Incomplete): Router Advertisement daemon does not prioritize IPv6 GUA over ULA
Marcos M
10:59 PM Regression #14987 (Not a Bug): ``Interface Address`` is no longer an option for outbound NAT targets
The "Interface Address" selection is no longer available due to general changes to the outbound NAT pages which bring... Marcos M
08:29 AM Regression #14987: ``Interface Address`` is no longer an option for outbound NAT targets
I've tested on 23.09.1. Indeed, there is no Tailscale address from the drop-down menu in the translation section.
... Danilo Zrenjanin
10:55 PM Bug #15098: Wireguard crashes on boot if PPPoE is the default gateway
restarting the gateway service also solves it.
Edit: Also happens with an DHCP interface as default gateway Oskar Stroka
10:38 PM Bug #15098: Wireguard crashes on boot if PPPoE is the default gateway
changing a static route, even disabling and re-enabling one, allows wireguard to be enabled again Oskar Stroka
08:06 PM Bug #15098 (New): Wireguard crashes on boot if PPPoE is the default gateway
This only seems to happen after a fresh boot, and only if any PPPoE connection is the default gateway.
Even the ser... Oskar Stroka
08:51 PM Bug #14967 (Resolved): Cannot disable Router Advertisements when the interface IPv6 configuration is set to ``None``
Marcos M
08:50 PM Bug #15096 (Resolved): Interface subnet aliases do not contain IPv6 VIPs
Marcos M
05:22 PM Bug #15096: Interface subnet aliases do not contain IPv6 VIPs
Works like a charm! cheers! gwab ber
04:58 PM Bug #15096: Interface subnet aliases do not contain IPv6 VIPs
Patch working great, thanks. Bob Dig
04:50 PM Bug #15096: Interface subnet aliases do not contain IPv6 VIPs
Patch is woring, table now contain the IPV6 alias IP
tested on ... Lev Prokofev
04:20 PM Bug #15096: Interface subnet aliases do not contain IPv6 VIPs
Applied in changeset commit:1c4ca20d3d5910f126f11221f23e1fa21197f225. Marcos M
04:14 PM Bug #15096 (Feedback): Interface subnet aliases do not contain IPv6 VIPs
Fixed in commit 1c4ca20d3d5910f126f11221f23e1fa21197f225. Marcos M
12:01 PM Bug #15096: Interface subnet aliases do not contain IPv6 VIPs
I fixed it temporarely by adding separate allow rule for the ULA. gwab ber
11:58 AM Bug #15096: Interface subnet aliases do not contain IPv6 VIPs
I just looked, created gua and ula on one of my interfaces - and while the gua is shown, the ula is missing.
I cre... JohnPoz _
11:22 AM Bug #15096 (Resolved): Interface subnet aliases do not contain IPv6 VIPs
While the tables _NETWORK not reflecting any IPv6 ULA as VIP at all, an ULA IPv6 connection from LAN is working while... Bob Dig
07:24 PM pfSense Docs Todo #15095 (Closed): Feedback on Installing and Upgrading — Upgrade Guide — Upgrading High Availability Clusters
You are correct, that bit isn't relevant anymore. I've removed it, the updated version will be online in a few minute... Jim Pingle
06:29 PM pfSense Plus Bug #15097 (Resolved): Upgrade to 23.09.1 is not offered for 23.05.1
Since the release of 23.09.1, devices that upgrade to 23.05.1 from a previous version are unable to upgrade to 23.09.... Kris Phillips
04:12 PM Revision 1c4ca20d: Include IPv6 VIPs in system subnet aliases. Fix #15096
Marcos M
11:42 AM Bug #15041: Icmp payload default of 0 can give issues as this is not a official supported value as monitoring of a gateway.
I understand that the value already can be edited, and that the default payload is 1 instead of zero does not change ... Leon Straathof

12/14/2023

07:23 PM Feature #6362 (New): Allow specifying the client identifier hardware type
From what I've gathered so far, this is not a bug. RFC2132 states:... Marcos M
05:40 PM Feature #6362: Allow specifying the client identifier hardware type
Carlo Tognetti wrote in #note-4:
> Still present in rel. 2.7.1
> The bug have been persisting on all releases in th... Kris Phillips
05:27 PM pfSense Docs Todo #15095 (Closed): Feedback on Installing and Upgrading — Upgrade Guide — Upgrading High Availability Clusters
*Page:* https://docs.netgate.com/pfsense/en/latest/install/upgrade-guide-ha.html
*Feedback:*
I believe this is in... Steve Y
04:39 PM Regression #15094 (Resolved): Updates fail against an authenticated upstream proxy
When an upstream authenticated proxy is defined pkg commands fail, appearing to use the defined proxy but not send lo... Steve Wheeler
01:34 PM Bug #15092 (Not a Bug): OPT*_NETWORK tables are showing in Diagnostics - Tables
The page lists all PF tables, and those are now handled as PF tables. Hiding them would be counterintuitive as users ... Jim Pingle
10:52 AM Bug #15092 (Not a Bug): OPT*_NETWORK tables are showing in Diagnostics - Tables
After upgrading to 2.7.2 (or 2.7.1, not sure exactly when it started) a lot of "subnets of this interface" objects ap... Oleksii Tucha
01:31 PM Bug #15093 (Duplicate): Unable to install update 2.7.2 due to EFI error
Duplicate of #15081 Jim Pingle
11:59 AM Bug #15093 (Duplicate): Unable to install update 2.7.2 due to EFI error
Hi there,
I'm trying to install v2.7.2 on out PFSense Firewall, unforunately #15007 seems to have introduced a pr... Lukas Fülling
10:56 AM Bug #15081: Upgrade fails due to undersized EFI filesystem
Do old efifat images match well-known hashes? If so, look for a partition matching the hash (maybe a bunch of differe... Luca Piccirillo
10:44 AM pfSense Packages Feature #15091 (New): FRR, add the ability to change the order of BGP neighbours
Hi!
I currently have over 20 bgp peers, and it's getting awkward to add new peers to an existing group as they app... Oleksii Tucha

12/13/2023

09:10 PM Regression #15074: ISO fails to boot UEFI
Jim Pingle wrote in #note-1:
> Also note that adding a serial port to the VM hardware in Proxmox VE works around the... Phil Duby
06:52 PM pfSense Packages Feature #9833: ACME: add ability to use custom ACME server
+1 also. Stephen Nelson
03:57 PM Bug #15043: IGMP proxy works intermittently
Hi Kristof, there have been quite some igmpproxy regressions in the past releases. I’m always anxious when applying a... Haraldinho D
01:17 PM Bug #15043: IGMP proxy works intermittently
Okay, thanks for confirming.
The relevant fixes are:
https://reviews.freebsd.org/D43031
https://reviews.freebsd.... Kristof Provost
01:49 PM Feature #15090 (New): Improve feedback from config recovery during install
When you run the recover config option during an install there is little to no feedback to the user. It's not clear w... Steve Wheeler
07:51 AM Regression #15005 (Resolved): Auto Config Backup times are incorrect
Yep, I can confirm it's working as expected on 23.09.1.
I am marking this ticket resolved. Danilo Zrenjanin
12:54 AM Regression #15005 (Feedback): Auto Config Backup times are incorrect
The ACB server is now using the expected timezone. Backups report the correct time.
Tested: 23.09.1 Steve Wheeler

12/12/2023

10:46 PM Feature #15089: Support LuaDNS provider
I've opened a pull request in Github; https://github.com/pfsense/pfsense/pull/4663 Aaron Sierra
10:44 PM Feature #15089 (Resolved): Support LuaDNS provider
"LuaDNS":https://luadns.com is supported by the *acme* package, so it would be nice if it were also supported as a Dy... Aaron Sierra
09:52 PM Bug #15057: Router Advertisement daemon does not prioritize IPv6 GUA over ULA
I'm not able to replicate this on 23.09 (should be the same as 2.7.1 for this issue). Regardless of whether the ULA c... Marcos M
07:43 PM pfSense Packages Bug #15088 (Confirmed): BIND does not start after a config restore
Steps:
# Fresh install of pfSense+ 23.09.1
# Install bind package
# Restore a config backup with bind configuratio... Marcos M
07:36 PM Bug #15043: IGMP proxy works intermittently
Kristof Provost wrote in #note-18:
> I believe I've found the reason we don't send an igmp leave when we should, alo... Rai Wol
06:45 PM Bug #15043: IGMP proxy works intermittently
!clipboard-202312121942-zfdcl.png!
Seems to work like a charm!! No more streams that stop and it also shows in the... Haraldinho D
06:16 PM Bug #15043: IGMP proxy works intermittently
I believe I've found the reason we don't send an igmp leave when we should, along with the cleanup improvements for M... Kristof Provost
09:49 AM Bug #15043: IGMP proxy works intermittently
Kristof, I sent logs on rc.newwanip occurrence per email. Haraldinho D
09:27 AM Bug #15043: IGMP proxy works intermittently
It's also not clear to me why igmpproxy shuts down.
The only thing I can think of right now is that there's a new ... Kristof Provost
09:09 AM Bug #15043: IGMP proxy works intermittently
Haraldinho D wrote in #note-14:
> I have pfSense+ 23.09.1, not 2.7.2, so probably this patch is not for me... Can yo... Kristof Provost
07:22 PM Feature #15073 (Rejected): FEATURE REQUEST: Ability at assign authenticated NTP settings under User manager separate from just NTP settings to hide keys
I don't think the benefit of this is worth the effort and technical debt. Marcos M
05:22 PM Bug #15087 (New): IPsec Keep Alive does not update the gateway status
If the IPsec gateway status is pending (e.g. on a VTI after bootup when the remote peer is an FQDN), the keep alive c... Marcos M
01:22 PM pfSense Packages Bug #15086 (Rejected): openvpn-client-export 1.9.2 | Viscosity Bundle | ECDSA cert missing key
Export VPN cert/settings as viscosity bundle do not include the key.key if the cert is ECDSA / secp521r1.
If the c... slu -
09:16 AM pfSense Packages Bug #14668: FRR BGP route is not making into kernel route table after WireGuard's peer change is applied
CE 2.7.2, FRR 2.0.2_1 (frr9-9.0.2), WireGuard 0.2.1 - still the same. Oleksii Tucha
09:10 AM pfSense Packages Feature #14878: Integrated syslog support
Unfortunately I cannot code myself, so I have to ask for changes in detail instead. I think the solution should be ma... Tue Madsen
06:01 AM Feature #8794: NTP authentication support
Just to confirm Marcos M, I could not use NTP authentication direct for NIST.GOV without the two part key entry, with... Jonathan Lee
01:10 AM Feature #8794: NTP authentication support
Some general notes:
* The authentication key is only supported with the @peer@ and @server@ types according to the "m... Marcos M
04:43 AM Regression #14987: ``Interface Address`` is no longer an option for outbound NAT targets
I am running 23.09.1. The Tailscale address is still missing from the pull-down menu in the translation section. In t... Chad Wagner
04:28 AM Regression #14987: ``Interface Address`` is no longer an option for outbound NAT targets
UPDATE:
I see the Tailscale interface has now been added back in 23.09.1
Please update the ticket to let us know ... Mike Moore
04:25 AM Regression #14987: ``Interface Address`` is no longer an option for outbound NAT targets
I second this issue. Is there a workaround.
If you are using tailscale to set a Site2Site VPN then traffic leaving t... Mike Moore
02:22 AM Regression #14987: ``Interface Address`` is no longer an option for outbound NAT targets
Is there a workaround until this gets fixed? Chad Wagner

12/11/2023

08:19 PM pfSense Packages Bug #11970: Netgate Firmware Upgrade Doesn't Work on XG-2758 (ADI/coreboot)
Jordan G wrote in #note-3:
> user reporting fw upgrade failing on 7100 @ 23.09.1 (ref # 2156023693)
>
> [...]
... Marcos M
08:02 PM Bug #15043: IGMP proxy works intermittently
I have pfSense+ 23.09.1, not 2.7.2, so probably this patch is not for me... Can you build one for 23.09.1? Haraldinho D
07:55 PM Bug #15043: IGMP proxy works intermittently
Kristof Provost wrote in #note-12:
> Backup your device, download the pkg file to it, "pkg install -U pfSense-kernel... Rai Wol
07:50 PM Bug #15043: IGMP proxy works intermittently
Backup your device, download the pkg file to it, "pkg install -U pfSense-kernel-pfSense-2.7.2.r.20231211.1745.pkg" an... Kristof Provost
07:41 PM Bug #15043: IGMP proxy works intermittently
Hey Kristof, I just sent you some additional logs + the netstat -gs output as well in your email. Happy to try the pa... Haraldinho D
07:08 PM Bug #15043: IGMP proxy works intermittently
Here's that patched kernel: https://nc.netgate.com/nextcloud/index.php/s/L9ERQHXbtygQHrt
Can someone try that one ... Kristof Provost
02:09 PM Bug #15043: IGMP proxy works intermittently
netstat -gs might be interesting too.
Looking at the igmpproxy log there appear to be two things going on. The fir... Kristof Provost
07:42 PM Feature #15085: Update /etc/rc.initial to reflect default root shell /bin/sh
I think this would benefit the user base because sh has many of the features of bash now and people are familiar with... Craig Coonrad
07:25 PM Feature #15085 (Rejected): Update /etc/rc.initial to reflect default root shell /bin/sh
We chose tcsh for a reason there. We weren't following FreeBSD. The previous default was csh, not tcsh. Jim Pingle
07:22 PM Feature #15085 (Rejected): Update /etc/rc.initial to reflect default root shell /bin/sh
/bin/sh is now the default root shell in FreeBSD (and pfSense.)... Craig Coonrad
06:54 PM Bug #15082: Upgrade fails due to unmounted EFI filesystem
It appears this isn't actually fixing what the users thought it was. By manually mounting the partition it caused the... Jim Pingle
02:10 PM Bug #15082 (Closed): Upgrade fails due to unmounted EFI filesystem
This may be related to #15081 but it's not definite.
Some upgrades have failed in pfSense-boot if the EFI partitio... Jim Pingle
06:25 PM pfSense Packages Bug #15033 (Resolved): Suricata rule lists can't be manually updated unless the ETOpen Emerging Threats list is enabled
PRs merged, thanks! Jim Pingle
06:24 PM pfSense Packages Bug #15080 (Resolved): Suricata process dying due to Hyperscan error - also may randomly segfault
PRs merged, thanks! Jim Pingle
06:24 PM pfSense Packages Bug #14898 (Resolved): Suricata core dumps with signal 11
PRs merged, thanks! Jim Pingle
05:59 PM pfSense Packages Regression #14189: pfBlocker-NG: HA-Sync is not working
comparing:
https://github.com/pfsense/FreeBSD-ports/blob/734989ab5809fe5c7bde23a240e717da656775ac/net/pfSense-pkg-pf... Steve Y
05:23 PM Bug #15083: Installing to ZFS mirror does not format or populate EFI partition on additional disks
Note that this is not specific to pfSense, the problem also exists in FreeBSD. There is a review in progress to addre... Jim Pingle
04:28 PM Bug #15083 (Resolved): Installing to ZFS mirror does not format or populate EFI partition on additional disks
Installing Plus 23.09.1 or CE 2.7.2 to a ZFS mirror does not format or populate the EFI partition on the additional d... Jim Pingle
05:19 PM Feature #15079: Remove spaces from filenames generated by status.php
Every file in the status output has one or more dashes except one: Config History.txt. This change makes that consist... Craig Coonrad
01:31 PM Feature #15079 (Rejected): Remove spaces from filenames generated by status.php
I don't see the value in this. Properly quoting filenames or escaping spaces is trivial in this day and age, and chan... Jim Pingle
04:56 PM Bug #15084 (Resolved): Upgrading an EFI system installed to ZFS mirror does not upgrade EFI loader on additional disks
When an EFI system installed to a ZFS mirror is upgraded, the EFI loader is only updated on the first disk of the mir... Jim Pingle
02:01 PM Bug #15081 (New): Upgrade fails due to undersized EFI filesystem
Some installations as recent as Plus 22.01 / CE 2.6.0 have EFI partitions that were created and/or populated by the o... Jim Pingle

12/10/2023

10:11 PM pfSense Packages Bug #11970: Netgate Firmware Upgrade Doesn't Work on XG-2758 (ADI/coreboot)
user reporting fw upgrade failing on 7100 @ 23.09.1 (ref # 2156023693)... Jordan G
06:38 PM pfSense Packages Bug #15033: Suricata rule lists can't be manually updated unless the ETOpen Emerging Threats list is enabled
A fix for this issue has been submitted via this pull request against the RELENG_2_7_2 branch: https://redmine.pfsens... Bill Meeks
04:38 PM Feature #6362: Allow specifying the client identifier hardware type
Still present in rel. 2.7.1
The bug have been persisting on all releases in the last 7 years.
While I'm grateful to... Carlo Tognetti
11:45 AM Bug #15043: IGMP proxy works intermittently
If required I can deliver data too. I also suffer from this issue, but as I don't watch a lot of linear TV, I have 23... Haraldinho D
10:49 AM pfSense Packages Feature #14878: Integrated syslog support
I completely agree. The lack of integrated SYSLOG support (independent of local pfBlockerNG logging) is a MAJOR drawb... Tue Madsen
04:55 AM pfSense Packages Bug #14898: Suricata core dumps with signal 11
Pull request 1333 for the RELENG_2_7_2 branch of FreeBSD-ports has been submitted to address this issue.
https://git... Bill Meeks
04:55 AM pfSense Packages Bug #14491: FRR not starting with AgentX enabled
Mike Moore wrote in #note-10:
> Found a use case for AgentX and ran into the frr start.
>
> Jim - i see the targe... Jim Pingle
04:52 AM pfSense Packages Bug #14491: FRR not starting with AgentX enabled
Found a use case for AgentX and ran into the frr start.
Jim - i see the target versions have been deleted. Does th... Mike Moore
04:50 AM pfSense Packages Bug #15080: Suricata process dying due to Hyperscan error - also may randomly segfault
Pull request 1333 for the RELENG_2_7_2 branch of FreeBSD-ports has been submitted to address this issue.
https://git... Bill Meeks
04:31 AM pfSense Packages Bug #15080 (Resolved): Suricata process dying due to Hyperscan error - also may randomly segfault
Several users on the Netgate Forum are reporting random issues with Suricata failing due to the following Hyperscan e... Bill Meeks
01:18 AM pfSense Packages Todo #14073: Shalla block list is offline but still available in pfBlocker
This is an issue on the pfSense Plus 23.09.X branch still. Kris Phillips
01:16 AM pfSense Packages Bug #13810 (Rejected): Squid options obsolete
Marking this as Rejected since Squid is being deprecated and removed in a future version of pfSense CE and Plus. Kris Phillips
01:14 AM pfSense Packages Feature #14447 (Resolved): Update haproxy from 2.6 to 2.8 lts
Marking this as resolved. pfSense Plus 23.09 and 23.09.1 both have haproxy 2.8.2 for the backend on stable. Kris Phillips
01:09 AM pfSense Plus Bug #15006: Upgrade Issue to 23.09 Results in Stuck Prompt Mid-upgrade
This seems to be present with 23.09.1 as well. Kris Phillips
12:38 AM Bug #14261: Trim white space in a DHCP Leases page search field
Updated merge request to reflect feedback and to only trim on values where a space doesn't make sense. Christopher Cope
12:01 AM Bug #14989 (Pull Request Review): Typo in the Setup Wizard
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1110 Christopher Cope

12/09/2023

10:41 PM Regression #14930: Clean installation using Auto (ZFS) + MBR (BIOS) does not boot
Christian McDonald wrote in #note-2:
> Yes, I proposed a fix for this upstream. I’ll poke the right people again
... Boycee .
07:39 PM Feature #15079 (Rejected): Remove spaces from filenames generated by status.php
This eases filename expansion on the command line, and simplifies iterating over the files with commands or scripts. ... Craig Coonrad
06:59 PM Bug #14634: The default gateway icon is not updated when the default gateway is changed to none
The icon stays for me, when the default route is set to none. The changes were already applied and even after a reboo... Christopher Cope
03:37 PM Feature #15078 (New): Display all available updates on the dashboard
The available update information in the System Info widget should display all available upgrades.
Currently a devi... Steve Wheeler
10:38 AM Bug #15069 (Resolved): Extra space in ``pkg`` configuration file ``FreeBSD.conf``
Tested the patch.
It removes the extra space.
Marking this case resolved. Danilo Zrenjanin
09:49 AM Bug #15043: IGMP proxy works intermittently
I've ran the test.
The logs are included during my test time.
Also the netstat results are included.
Hope this ... Remie van de Zande
09:14 AM Todo #13268 (Resolved): Dynamically adjust the interface name maximum width in the login banner
Tested the patch on the 23.09.1
It looks good.
I am marking this case resolved. Danilo Zrenjanin
07:41 AM Bug #15071: Applying interface changes may not update default ACLs for the DNS Resolver
Tested the patch on ... Lev Prokofev
07:38 AM Bug #15071 (Resolved): Applying interface changes may not update default ACLs for the DNS Resolver
Tested the patch on 23.09.
The patch fixes all reported misbehavior.
I am marking this ticket reslvoed. Danilo Zrenjanin

12/08/2023

10:25 PM Regression #15076 (Feedback): DHCP leases may not be restored from older configuration backups
Applied in changeset commit:192dba691e8441b7794482c3a196bed3422ee6ce. Marcos M
10:17 PM Regression #15076 (Pull Request Review): DHCP leases may not be restored from older configuration backups
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1109 Marcos M
05:29 PM Regression #15076 (Resolved): DHCP leases may not be restored from older configuration backups
I noticed a '{' folder in /usr/local/www/ .
Drilling down, I find this file: "/usr/local/www/{/var/dhcpd/var/db/dh... Matthew Fearnley
09:55 PM Revision 192dba69: Handle backuppath entries with multiple paths. Fix #15076
Marcos M
07:58 PM Bug #15042: Potential TCP connection denial of service attack from spoofed RST packets processed by PF
This has been announced by FreeBSD as "FreeBSD-SA-23:17.pf":https://www.freebsd.org/security/advisories/FreeBSD-SA-23... Jim Pingle
07:10 PM Bug #15067 (Feedback): Secondary node attempts to delete the ``admins`` group when synchronizing accounts via XMLRPC
Applied in changeset commit:3e0facb20fa46a13bf7b70d6ddb1970b00485eb2. Marcos M
06:59 PM Revision 3e0facb2: Fix off-by-one error when checking for system uid/gid. Fix #15067
Marcos M
06:38 PM Bug #15077 (Duplicate): Uncaught TypeError: Illegal offset type in /usr/local/www/interfaces.php:1996
Duplicate of #14949 -- already fixed in patches, and also in 23.09.1/2.7.2
 Jim Pingle
06:29 PM Bug #15077 (Duplicate): Uncaught TypeError: Illegal offset type in /usr/local/www/interfaces.php:1996
After configuring the switch in my Netgate 2100 to put connector 4 of the LAN ports onto VLAN 4084,
I added a new in... John Messenger
06:29 PM Bug #15071 (Feedback): Applying interface changes may not update default ACLs for the DNS Resolver
Fixed in fbc8d7d04dc5f7cbec65381b81dc5f4eed06a714. Marcos M
06:19 PM Revision fbc8d7d0: Check "all" when restarting unbound based on interface. Fix #15071
Marcos M
04:37 PM pfSense Packages Todo #15058 (Feedback): Remove Zabbix 4 Agent and Proxy
Zabbix 4 is EoL upstream Brad Davis
04:34 PM pfSense Packages Bug #14913 (Feedback): [Security] Zabbix packages need updating bec. of recent critical security CVEs
Done in 23.09.1 and 2.7.2 Brad Davis
04:33 PM Revision c0f95035: Retire Zabbix 4 now that they are EoL
Brad Davis
03:46 PM Revision b8c13d95: Use the correct fontawesome icon prefix
Marcos M

12/07/2023

10:42 PM pfSense Docs Correction #15075: Changing MSS for IPsec
Also the other popular VPN - OpenVPN - has their own way of changing MTU and MSS which should be added to the same do... Mike Moore
10:40 PM pfSense Docs Correction #15075 (Closed): Changing MSS for IPsec
The documentation states to change MSS for IPsec: https://docs.netgate.com/pfsense/en/latest/troubleshooting/low-thro... Mike Moore
06:52 PM pfSense Packages Feature #15072: [pfBlockerNG] RFE: Add ability to disable reverse DNS lookup for log entries
I've filed some initial work here: https://github.com/pfsense/FreeBSD-ports/pull/1331 Orion Poplawski
12:12 AM pfSense Packages Feature #15072 (New): [pfBlockerNG] RFE: Add ability to disable reverse DNS lookup for log entries
Currently pfBlockerNG logs the result of a reverse DNS lookup for a block IP address to ip_block.log and unified.log.... Orion Poplawski
06:03 PM Bug #13707: Unbound not binding to LAN on startup when explicitly set
I would like to help tshoot this issue but not here. Forums
As already stated this isnt the place for this and loggi... Mike Moore
04:03 PM Bug #13707: Unbound not binding to LAN on startup when explicitly set
I am seeing this same issue on a typical setup with a Netgate 4100 (pfSense 23.09) and a Comcast Business modem with ... Anthony Gentile
05:55 PM Bug #15067 (Confirmed): Secondary node attempts to delete the ``admins`` group when synchronizing accounts via XMLRPC
A few notes after confirming this happens for me as well:
* The secondary node does have an @admins@ group in @/et... Jim Pingle
05:44 PM Regression #15074: ISO fails to boot UEFI
Also note that adding a serial port to the VM hardware in Proxmox VE works around the issue. VMs with a serial port p... Jim Pingle
04:41 PM Regression #15074 (New): ISO fails to boot UEFI
In some cases the ISO image can fail to boot past the EFI framebuffer output when booted as UEFI.
It does not happ... Steve Wheeler
02:47 PM Bug #14929 (Resolved): ``choparp`` service is not stopped after deleting Proxy ARP type Virtual IP addresses
I couldn't replicate the issue in 23.09.
I am marking this ticket as resolved. Danilo Zrenjanin
01:11 PM Bug #15043: IGMP proxy works intermittently
MRT_DEL_MFC; Errno(49) is interesting. error 49 is EADDRNOTAVAIL, which can only be returned (for MRT_DEL_MFC at lea... Kristof Provost
12:20 AM Feature #15073 (Rejected): FEATURE REQUEST: Ability at assign authenticated NTP settings under User manager separate from just NTP settings to hide keys
A good patch has been developed by A1Mathew
https://forum.netgate.com/topic/162746/authenicated-ntp/28
https:/... Jonathan Lee

12/06/2023

08:09 PM Revision 5060f7cf: Promote to 2.7.2-RELEASE
Brad Davis
05:38 PM Bug #15071: Applying interface changes may not update default ACLs for the DNS Resolver
Steve Wheeler wrote in #note-1:
> Resaving the Unbound config in the gui correctly creates the ACL file with the new... Jim Pingle
05:22 PM Bug #15071: Applying interface changes may not update default ACLs for the DNS Resolver
Resaving the Unbound config in the gui correctly creates the ACL file with the new subnet.
It appears to not be tr... Steve Wheeler
05:19 PM Bug #15071 (Resolved): Applying interface changes may not update default ACLs for the DNS Resolver
To reproduce:
1. Base install of pfSense Plus 23.09 with 1 LAN and 1 WAN
2. Activate an OPT interface and give it... George Phillips
02:10 PM Bug #15069 (Feedback): Extra space in ``pkg`` configuration file ``FreeBSD.conf``
Applied in changeset commit:ea161f3bbb1748807e9829e995b8485d42a046e9. Jim Pingle
02:04 PM Revision ea161f3b: Remove bonus space. Fixes #15069
Jim Pingle
05:22 AM pfSense Plus Feature #15070: Script to fix: ld-elf.so.1: Shared object "libssl.so.30" not found, required by "pfSense-repoc" error when downgrading boot environments
WARNING: DTB version is 6.4 while kernel expects 5.13, please update the DTB in the ESP
is also displayed when dow... Jonathan Lee
05:14 AM pfSense Plus Feature #15070 (New): Script to fix: ld-elf.so.1: Shared object "libssl.so.30" not found, required by "pfSense-repoc" error when downgrading boot environments
When using boot environments to move system back a version to last stable version users can no longer check for updat... Jonathan Lee
05:20 AM Feature #13377: Option to configure a custom value for the PHP memory limit
What is recommended for SG-2100MAX with 23.05.01 in use I can't remember I was using 128 I think but you guys are sho... Jonathan Lee
04:42 AM pfSense Packages Todo #15058: Remove Zabbix 4 Agent and Proxy
Is there a reason for it to be removed?
 Jonathan Lee
04:35 AM Feature #8794: NTP authentication support
Thanks Matthew and Lamar I have confirmed this works as expected with GUI entry in pfSense Plus also patch needs to s... Jonathan Lee
 

Also available in: Atom