Activity

30 days up to

User

Subprojects

Activity

From 02/10/2024 to 03/10/2024

03/10/2024

11:40 PM pfSense Docs Correction #15329 (New): Poor description of VLAN basics: The definition of Parent Interface on page https://docs.netgate.com/pfsense/en/latest/vlan/terminology.html has a Not... Tom Lane
11:09 PM Bug #15328 (Resolved): Changes in Kea DHCP interface pools may invalidate lease database content: I set up a couple of DHCP pools for VLANs on a new Netgate 4200 (running pfsense+ 23.09.1), which is replacing an Edg... Tom Lane
01:03 PM pfSense Docs Todo #15327: Feedback on Services — DNS Resolver — Domain Overrides: remove the "a" in sentance Ian M
01:03 PM pfSense Docs Todo #15327 (Closed): Feedback on Services — DNS Resolver — Domain Overrides: *Page:* https://docs.netgate.com/pfsense/en/latest/services/dns/resolver-domain-overrides.html
*Feedback:* Website... Ian M
05:06 AM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Above patch didn't seem to make a difference with respect to the VTI tunnel that sticks in pending when monitoring is... Jordan G
01:52 AM Feature #15326 (New): Use alias to define 1:1 NAT mapping: I made some single-entry host aliases, which I find I can use in most firewall rules, but not in creating 1:1 NAT map... Tom Lane
01:35 AM pfSense Packages Bug #13409 (Pull Request Review): Copy button for Optional pre-shared key for this tunnel works in HTTPS mode only: Still an issue on... Christopher Cope
01:07 AM Feature #15307: Multiple Monitor IPs: Duplicate of https://redmine.pfsense.org/issues/4354 Kris Phillips
01:03 AM pfSense Packages Bug #14995 (Resolved): SID Management List Actions download leads to 502 Bad Gateway: Closing this one out as Resolved since this has been merged and the package is available. Kris Phillips
12:59 AM pfSense Packages Bug #15250: Potential XSS in HAProxy GUI when editing frontend listener actions or backend pool ACL actions.: Updated 0.63_3 package is available in 24.03 repos, but has not yet been merged into 23.09.1. Package 0.63_2 is stil... Kris Phillips
12:47 AM pfSense Packages Bug #14934 (Resolved): haproxy-devel: "Warning: process cannot be trusted anymore!" since pfSense Plus Upgrade to: Testing this on 23.09.1, I'm not able to reproduce this. Since 23.09.1 is release and 23.05.X is no longer supported... Kris Phillips
12:37 AM Bug #15287: hw.ix.unsupported_sfp=1 parameter for ix driver not working: This is likely an upstream FreeBSD issue, as we simply pull this functionality from there.
As a workaround, you ... Kris Phillips
12:33 AM Feature #14121 (Duplicate): Add ability to batch import IPs into an *existing* alias: Christopher Cope

03/09/2024

09:10 PM pfSense Packages Regression #14452: Prometheus node_exporter generates errors with the default config: The FreeBSD repos contain a newer version of node_exporter: node_exporter-1.6.1_2
I downloaded this pkg copied it to... Craig Coonrad
09:02 PM pfSense Packages Feature #12711: Add InfluxDB V2 support: *pfSense* : 23.09.1-RELEASE
*Telegraf* : 0.9_6
Telegraf can be configured to provide influxdb v2 metrics. Under ... Craig Coonrad
08:05 AM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table: At the moment I cannot switch to the CE version. When will it be implemented in the free version? Michele D'A.
03:08 AM pfSense Docs New Content #15325 (New): Tailscale documents: adding documents to explain how to setup Tailscale. Alhusein Zawi

03/08/2024

09:42 PM Feature #15324: Allow specifying cloudflare host id for dyndns: PR: https://github.com/pfsense/pfsense/pull/4674 Flole Systems
09:41 PM Feature #15324 (New): Allow specifying cloudflare host id for dyndns: This can save a HTTP request when updating the entry, and may be used to update multiple entries with the same name b... Flole Systems
09:33 PM Feature #15323: Display server description when WOL is sent using mac url or power-on button: Github commit:
https://github.com/pfsense/pfsense/pull/4673
And a patch file for current pfsense 2.7.2 Phil Wardt
09:31 PM Feature #15323 (Pull Request Review): Display server description when WOL is sent using mac url or power-on button: When we use the send WOL to all devices link, the description of servers is properly printed
However, when we send W... Phil Wardt
08:58 PM Feature #15322 (Resolved): 50x and 404 error handling to GUI web server configuration: If there is a PHP error early enough in the output of a page it ends up returning a 500 error with a blank page. We s... Jim Pingle
08:46 PM Bug #14917: Mulicast traffic on a detached interface causes a panic: Jim Pingle wrote in #note-7:
> The original issue here is rare and difficult to reproduce, only affecting a small nu... Daniel Ben-Zvi
08:45 PM Feature #15321 (Resolved): Kea DHCP Custom Configuration Support (IPv4 and IPv6): adding customs options to KEA DHCP Alhusein Zawi
07:41 PM Revision eb0e751c: Password validation for user manager. Issue #15266: Jim Pingle
06:50 PM pfSense Packages Bug #15182 (Confirmed): Changing backend port - status remains down: I can confirm this behaviour. ... Danilo Zrenjanin
06:37 PM Bug #15317 (Confirmed): IPsec widget does not show mobile clients with IP addresses assigned from RADIUS: This is because the way the widget handles the "Mobile" tab it relies on the output of @swanctl --list-pools@ which o... Jim Pingle
05:00 PM Bug #12673 (Feedback): Firewall Logs Dashboard Widget is slow and may fail to update: The PR was creating a new file instead of updating the existing one and had some whitespace/formatting issues but I c... Jim Pingle
04:58 PM Revision 1586f580: Log widget fast update changes. Fixes #12673: Submitted-By: LouisAtGH @ GitHub Jim Pingle
04:40 PM Bug #15318 (Resolved): Users with Deny Config Write privilege can trigger some QinQ interface operations: Jim Pingle
01:40 PM Bug #15318: Users with Deny Config Write privilege can trigger some QinQ interface operations: tested on
Version 24.03-BETA (amd64)
built on Fri Mar 8 4:44:00 UTC 2024
FreeBSD 15.0-CURRENT
patch seems to b... Georgiy Tyutyunnik
03:24 PM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Try this patch: https://github.com/pfsense/pfsense/commit/338d722a3dcd5703d6d56fe2727490ca0ed33cad Christian McDonald
06:00 AM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Reply to what Chris Linstruth wrote in #note-7:
I am aware of the transitions due to replies, except that was not ... Hal Prewitt
05:35 AM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Reply to what Danilo Zrenjanin wrote in #note-6:
(1) Nothing surprising your 20 times worked. I too, saw many succes... Hal Prewitt
03:15 AM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Mr. Prewitt and I had a phone session today and spent a significant amount of time gathering information about the sy... Chris W
10:15 AM pfSense Docs New Content #15315: m2dev adjustment when adding an SSD drive into SG-3100: I had a customer whose SG-3100 couldn't boot from SSD until we changed m2dev to 1.
Prior to the change, the system... Danilo Zrenjanin
03:13 AM pfSense Plus Regression #15320: XMLRPC Sync Trigger on CARP Maintenance Mode Causes webConfigurator Hangs on VIPs: Customer ticket 2453691225 is an example of this issue. Kris Phillips
03:13 AM pfSense Plus Regression #15320 (New): XMLRPC Sync Trigger on CARP Maintenance Mode Causes webConfigurator Hangs on VIPs: When syncing a large configuration file with a large number of Virtual IPs, XMLRPC Sync can cause the webConfigurator... Kris Phillips
02:32 AM Revision 338d722a: status_interfaces.php: make sure "{}" is expanded by PHP and not be sh: Christian McDonald
12:54 AM pfSense Packages Bug #15319: TailScale widget shows wrong status (green instead of red): Open a feature request for a Tailscale widget.
This issue as reported is not a bug, this is just how pfSense servic... Christian McDonald
12:49 AM pfSense Packages Bug #15319: TailScale widget shows wrong status (green instead of red): Not a bug?!
It’s useless if it actually does not reflect the real TS status 😕 Yuri Weinstein
12:45 AM pfSense Packages Bug #15319 (Not a Bug): TailScale widget shows wrong status (green instead of red): The service status checks if the tailscaled process is running, not if it's actually logged in and connected. This is... Christian McDonald

03/07/2024

09:40 PM Revision b8f80775: pkg_mgr_install.php: ensure pkg_switch_repo reads latest config: Christian McDonald
08:42 PM Revision e1faff49: Password management changes. Part of issue #15266: * Add function to determine if a given password is valid for use.
* Revise the self-service password change page to b... Jim Pingle
08:38 PM pfSense Packages Bug #15319 (Not a Bug): TailScale widget shows wrong status (green instead of red): Please see this thread for details: https://forum.netgate.com/topic/177265/tailscale-is-not-online-problem?_=17098346... Yuri Weinstein
07:15 PM Bug #15318 (Feedback): Users with Deny Config Write privilege can trigger some QinQ interface operations: Applied in changeset commit:68ed289190a383795194d3499728a0f6023f8a52. Jim Pingle
06:40 PM Bug #15318 (Resolved): Users with Deny Config Write privilege can trigger some QinQ interface operations: Similar to the VLAN issue, users that cannot write config options can create QinQ interfaces at the OS level:... Steve Wheeler
07:05 PM Revision 68ed2891: Ensure RO user cannot trigger QinQ operations. Fixes #15318: Jim Pingle
06:42 PM Bug #15282 (Resolved): Users with Deny Config Write privilege can trigger some VLAN interface operations: QinQ separated to a new ticket: https://redmine.pfsense.org/issues/15318 Steve Wheeler
06:34 PM Bug #15282 (In Progress): Users with Deny Config Write privilege can trigger some VLAN interface operations: A user with deny config write can no longer create VLANs in current snapshots but can still create QinQ interfaces:
... Steve Wheeler
05:26 PM Bug #15282 (Resolved): Users with Deny Config Write privilege can trigger some VLAN interface operations: Looks good on the current snapshot. Trying to create, save, or delete a VLAN as a user with that privilege displays a... Jim Pingle
04:22 PM Bug #14919 (Resolved): OpenVPN forms invalid ``route`` statements for empty local networks: Can't reproduce it on a current snapshot now, so it appears the fix is working as expected.
Worth noting this affe... Jim Pingle
04:13 PM Bug #15263 (Resolved): PHP error display formatting issues: Everything appears to be working properly on the latest snapshot.
Jim Pingle
04:07 PM Bug #15288 (Resolved): ``loader.conf`` may be missing ``loader_conf_files`` so ``loader.conf.lua`` may not be parsed: The expected line now is always present. It's added back when it's missing, and if someone removes it, it gets added ... Jim Pingle
04:05 PM Regression #14488 (Resolved): Extensions directory is not set in ``rc.php_ini_setup``: It's present and working on the current snapshot.
Jim Pingle
02:32 PM Bug #15054 (Resolved): Permissions on tmpfs RAM disk for ``/var`` are too lenient: Permissions are as expected on the latest build.
Jim Pingle
02:17 PM Bug #15317 (Confirmed): IPsec widget does not show mobile clients with IP addresses assigned from RADIUS: The front page IPsec widget does not show mobile clients on the Mobile tab when connected clients get an IP assigned ... Christopher de Haas
12:36 AM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding: Tecsys is requesting an update on this bug report. Kris Phillips

03/06/2024

09:20 PM Bug #12673: Firewall Logs Dashboard Widget is slow and may fail to update: Seems to apply and work as expected against a 2.8 snapshot. Steve Wheeler
09:12 PM Bug #12673 (In Progress): Firewall Logs Dashboard Widget is slow and may fail to update: Yes it's here: https://github.com/pfsense/pfsense/pull/4672 Steve Wheeler
08:45 PM Bug #12673: Firewall Logs Dashboard Widget is slow and may fail to update: Bug #12673: Firewall Logs Widget fails to update. Can someone confirm that my pull request is received? Louis B
08:40 PM Bug #15282 (Feedback): Users with Deny Config Write privilege can trigger some VLAN interface operations: Applied in changeset commit:d3929b79ff7c3f0cdf1ba3179efea05037a18d00. Jim Pingle
08:30 PM Revision d3929b79: Ensure RO user cannot trigger VLAN operations. Fixes #15282: While here, fix a problem that prevented a VLAN delete operation that
failed from displaying errors. Jim Pingle
08:25 PM Bug #15054 (Feedback): Permissions on tmpfs RAM disk for ``/var`` are too lenient: Applied in changeset commit:7d87d7cbce1bf6f0c8a44888c640e2c29393a9cb. Jim Pingle
08:18 PM Bug #15054: Permissions on tmpfs RAM disk for ``/var`` are too lenient: I just pushed a commit that fixes this. It uses @1777@ for @tmp@ only and @1755@ for anything else (currently only @v... Jim Pingle
08:15 PM Revision 7d87d7cb: Fix tmpfs RAM disk mount permissions. Fixes #15054: Jim Pingle
08:05 PM pfSense Plus Bug #15316: OpenVPN Clients with Gateway Group Interface on DHCP Exits on Error 1: Mar 6 11:27:55 pfSense openvpn[89316]: [us8788.nordvpn.com] Inactivity timeout (--ping-restart), restarting
Mar 6 ... George Phillips
05:08 PM pfSense Plus Bug #15316 (Resolved): OpenVPN Clients with Gateway Group Interface on DHCP Exits on Error 1: By default with DHCP gateways, they are not populated into the config as <gateway_item>, but can be present in a <gat... Kris Phillips
07:55 PM Bug #14919 (Feedback): OpenVPN forms invalid ``route`` statements for empty local networks: Applied in changeset commit:587dcb6ae708d144023879b509a1da9dd5dd0723. Jim Pingle
07:49 PM Revision 587dcb6a: Don't make OpenVPN routes for empty nets. Fixes #14919: Jim Pingle
07:35 PM Bug #15288 (Feedback): ``loader.conf`` may be missing ``loader_conf_files`` so ``loader.conf.lua`` may not be parsed: Applied in changeset commit:05e905406b1200fdff8ceedf41f69928b13aeb58. Jim Pingle
07:24 PM Revision 05e90540: Ensure loader.conf.lua is referenced. Fixes #15288: Jim Pingle
06:09 PM pfSense Docs New Content #15315 (Rejected): m2dev adjustment when adding an SSD drive into SG-3100: See https://redmine.netgate.com/issues/11219 Jim Pingle
04:17 PM pfSense Docs New Content #15315 (Rejected): m2dev adjustment when adding an SSD drive into SG-3100: After adding an SSD drive, it may be necessary to adjust the m2dev setting to either 1 or 0. It would be beneficial t... Danilo Zrenjanin
05:30 PM Revision 44f72862: Correct typo. Fixes #14488: Jim Pingle
05:30 PM Regression #14488 (Feedback): Extensions directory is not set in ``rc.php_ini_setup``: Applied in changeset commit:903c1898973f3524e50ac44306838ccc6ed3558e. Jim Pingle
05:20 PM Regression #14488: Extensions directory is not set in ``rc.php_ini_setup``: Yes, it does need a change for PHP 8.3. Commit pushed and should show up momentarily. Jim Pingle
05:20 PM Revision 903c1898: Fix PHP extension dir for PHP 8.3. Fixes #14488: Jim Pingle
05:10 PM Bug #15263 (Feedback): PHP error display formatting issues: Applied in changeset commit:e7d7547c11291f04213eaf38eea12b11f434630f. Jim Pingle
02:20 PM Bug #15263 (In Progress): PHP error display formatting issues: This change seems to have broken the "error locator" on @diag_command.php@. If you deliberately try to run broken cod... Jim Pingle
05:05 PM Revision e7d7547c: More PHP error handling changes. Fixes #15263: * Clean up outdated code/comments
* Change how error messages are formed in different contexts
* Allow warnings to be... Jim Pingle
02:18 PM Feature #14953 (Resolved): Add Kea information to ``status.php``: Looks good on current snapshots. The configs are included if they are present and are different than the default samp... Jim Pingle
02:02 PM Feature #7943 (Resolved): Overflow scrolling for top navigation drop-down menus in Fixed mode: It's much better on the current snap (with that merge included). No longer double scrolls the menu when it's in the d... Jim Pingle
02:02 PM Feature #10271 (Resolved): Large number of VLAN/LANs make "Interfaces" menu hard to access: It's much better on the current snap (with that merge included). No longer double scrolls the menu when it's in the d... Jim Pingle
02:01 PM Feature #15314: Filtering in sockets: It's not clear which page you are talking about specifically -- **Diagnostics > Sockets** perhaps (@diag_sockets.php@... Jim Pingle
01:59 PM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: I had the same experience. Down the link and it goes Pending. Up the link and it transitions to Online after enough r... Chris Linstruth
09:42 AM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Hal Prewitt wrote in #note-5:
> Yes, sometimes reconnecting the port will clear Pending but not always. Appears the... Danilo Zrenjanin
12:47 AM pfSense Plus Feature #13227: Group-based Mobile IPsec Virtual Address Pool assignment via RADIUS: we're looking at sneaking this in for 24.03 Jim Thompson

03/05/2024

11:20 PM Feature #15314 (New): Filtering in sockets: Brilliant pfSense DevTeam!
Filtering in sockets - would be *VERY USABLE when determining state and functionality o... Sergei Shablovsky
10:56 PM Bug #15304: After update to latest stable (23.09.1), cert issuance was issuing blank certs, and a signing request not working.: Pete Ziu wrote in #note-3:
> Kris Phillips wrote in #note-1:
> > Tested on 23.09.1 and unable to recreate this issu... Pete Ziu
10:49 PM Bug #15304: After update to latest stable (23.09.1), cert issuance was issuing blank certs, and a signing request not working.: Kris Phillips wrote in #note-1:
> Tested on 23.09.1 and unable to recreate this issue. CAs and Certificates, when a... Pete Ziu
10:25 PM Bug #15067 (Feedback): Secondary node attempts to delete the ``admins`` group when synchronizing accounts via XMLRPC: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1142
commit:f9f395f54d33ae524ece49b9ce75d381602f809c
Th... Marcos M
10:21 PM Revision f9f395f5: Use correct option when removing groups. Fix #15067: While there, add comments for clarity. Marcos M
09:01 PM pfSense Packages Bug #15312 (Resolved): Unable to load rules page with no categories selected: PR merged, thanks! Jim Pingle
05:09 PM pfSense Packages Bug #15312: Unable to load rules page with no categories selected: A pull request against the RELENG_2_7_2 branch of pfSense CE to correct this bug has been posted here: https://githu... Bill Meeks
03:09 PM pfSense Packages Bug #15312 (Resolved): Unable to load rules page with no categories selected: details here: https://forum.netgate.com/topic/186537/unable-to-load-rules-page-if-no-category-is-selected/4?_=170965... Mike Moore
08:16 PM Regression #15112 (Resolved): ``status_interfaces.php`` is missing several values for SFP modules: Looks good on a current snapshot.
!clipboard-202403051514-kljnr.png!... Jim Pingle
08:15 PM Feature #14953 (Feedback): Add Kea information to ``status.php``: Applied in changeset commit:328919e8e81b9b4a3b36f5c2c39339c43e5a572f. Jim Pingle
07:37 PM Feature #14953 (In Progress): Add Kea information to ``status.php``: File is there but I noticed that if someone has never used Kea the stock config files are there and are identical to ... Jim Pingle
08:11 PM Bug #15301 (Resolved): Setup Wizard WAN configuration form field problem: This is fine now, I've gone through the wizard a few times on the latest snapshot without a problem. Jim Pingle
08:10 PM Regression #14488 (New): Extensions directory is not set in ``rc.php_ini_setup``: The change here hardcoded checks for php81 and php82, but we are now on php83. Does this need another adjustment?
... Jim Pingle
08:07 PM Bug #13498 (Resolved): Newer variant models within the PC Engines APU2 platform are not recognized, causing garbled early serial console output: Jim Pingle
08:07 PM Todo #15256 (Resolved): Upgrade Unbound to >= 1.19.1: Latest snapshots have Unbound 1.19.1 Jim Pingle
06:02 PM Todo #15256 (Feedback): Upgrade Unbound to >= 1.19.1: Done for 23.09.1, 24.03 and 2.7.2. Brad Davis
08:06 PM Revision 328919e8: Suppress Kea status info w/sample confs. Fixes #14953: Jim Pingle
07:53 PM pfSense Packages Bug #15313 (Resolved): Zabbix server 6.4.12 requires Zabbix proxies to be version 6.4.12: There seems to be a bug/change with Zabbix server and Zabbix proxy where both need to be running 6.4.12.
If the vers... Andrew Almond
07:45 PM Feature #7943 (Feedback): Overflow scrolling for top navigation drop-down menus in Fixed mode: Applied in changeset commit:9b37bb0fcf2de99089e67aa619b3cb366abd4641. Marcos M
07:23 PM Feature #7943 (Pull Request Review): Overflow scrolling for top navigation drop-down menus in Fixed mode: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1141 Marcos M
07:37 PM Feature #15297 (Resolved): Add EFI boot information to ``status.php``: Both commands are in output as expected now. Jim Pingle
07:36 PM Feature #15298 (Resolved): Add ``loader.conf.lua`` contents to ``status.php``: File is in output as expected now. Jim Pingle
07:36 PM Bug #15310 (Resolved): Errors in ``status.php`` IPsec sections when IPsec is not configured: No errors on latest build. Sections are present when the config/files are present, sections are omitted when the file... Jim Pingle
07:18 PM Revision 9b37bb0f: Don't add overflow scroll to static navigation menu. Fix #7943: Restores old behavior to the static navigation menu. Marcos M
06:15 PM Bug #15299 (Feedback): Old auto-added MAC addresses are not pruned for non-concurrent Captive Portal sessions: Applied in changeset commit:8bfe17dae7ab15b7af802f69dbb7c421d098d38c. Marcos M
05:43 PM Bug #15299 (Pull Request Review): Old auto-added MAC addresses are not pruned for non-concurrent Captive Portal sessions: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1140 Marcos M
05:35 PM Revision 8bfe17da: Prune old Captive Portal sessions for autoadded MAC. Fix #15299: Use the correct function to delete passthrumac entries. Remove the pipe
check since it's already handled by the funct... Marcos M
04:00 PM Feature #15257 (Feedback): Support using a mask to block MAC addresses in Captive Portal: Applied in changeset commit:22fe3bd762bd5acd9b5180bab44532889899f754. Marcos M
03:13 PM Revision a8edbe41: Improve input validation for Captive Portal MAC masks: Now rejects decimal masks and masks of size 0. Marcos M
02:53 PM Revision 22fe3bd7: Support blocking MAC addresses with a mask. Implement #15257: The Captive Portal allows for blocking specific MAC addresses without
using pf rules so a message can be displayed to... Marcos M
01:36 PM Bug #15122: PHP errors in LDAP server prevent it from falling back to Local Database: No need to put a manual patch file on here that's already in the public Git repo. The diff is already linked on the "... Jim Pingle
01:33 PM Bug #15311 (Rejected): Gateway showing incorrect IP: Post on the forum for help tracking this down, there doesn't appear to be any way for it to be missing one digit ther... Jim Pingle
06:12 AM Bug #15311 (Rejected): Gateway showing incorrect IP: The gateway IP shows the incorrect IP and is missing the last digit. It should be 73.11.164.15 Luis Elortondo

03/04/2024

11:46 PM Bug #15291: Error on Traffic Shaper 0% Bandwidth: Pavan, please let us know what the result or rebuilding is since this upgrade was from 2.4 pfSense version, it might ... dylan mendez
10:45 PM Feature #15257 (Pull Request Review): Support using a mask to block MAC addresses in Captive Portal: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1139 Marcos M
08:55 PM Regression #15112 (Feedback): ``status_interfaces.php`` is missing several values for SFP modules: Applied in changeset commit:a088d550a14074457c669d174a0237018a0bb4b1. Jim Pingle
08:48 PM Revision a088d550: Fix some SFP module info fields. Fixes #15112: Text format changed slightly in ifconfig, so regex patterns had to be
changed to match Jim Pingle
08:25 PM Feature #15233 (Feedback): Recognize QAT 4xxx devices in System Information Widget: Applied in changeset commit:fb78d2981f0d98872bcecfed0f654901fcc9b330. Jim Pingle
08:17 PM Feature #15233: Recognize QAT 4xxx devices in System Information Widget: Thanks for testing! I'll commit that diff momentarily. Jim Pingle
08:15 PM Feature #15233: Recognize QAT 4xxx devices in System Information Widget: Jim Pingle wrote in #note-1:
> I don't have the hardware to check this but based off the IDs in the source, this dif... Brian Dahlquist
06:04 PM Feature #15233: Recognize QAT 4xxx devices in System Information Widget: I don't have the hardware to check this but based off the IDs in the source, this diff should do it.
If someone can ... Jim Pingle
08:19 PM Bug #14648: Values obtained from ``sysctl`` are sometimes unexpectedly empty, leading to PHP and other math errors: Still no great leads on this and we still can't reproduce it reliably. Will continue investigating.
Jim Pingle
08:17 PM Revision fb78d298: Add hardware IDs for 4xxx QAT. Implements #15233: Jim Pingle
08:14 PM Bug #14687: Error in boot messages about missing ``/boot/loader.conf.d`` directory: The directory is there even on a completely fresh install. I'm not sure what, if anything, we need to do here. Jim Pingle
08:11 PM Bug #15083: Installing to ZFS mirror does not format or populate EFI partition on additional disks: I think this is one Reid was working on and may already be fixed. Jim Pingle
08:08 PM Regression #14431 (Feedback): Sending IPv6 traffic on a disabled interface can trigger a kernel panic: Based on the last messages this should be in snapshots just needs testing/confirmation (or closing if we can't reprod... Jim Pingle
06:55 PM Bug #15147 (Feedback): Cannot configure dual stack IPsec tunnel to accept connections from any remote address on both address families: Applied in changeset commit:d53185888b7588c85a33ccfc14447335045fe5b7. Jim Pingle
06:42 PM Bug #15147 (In Progress): Cannot configure dual stack IPsec tunnel to accept connections from any remote address on both address families: The suggested note addition isn't accurate, only tunnels of the same address family as the remote gateway are allowed... Jim Pingle
06:50 PM Todo #15053 (Closed): Update PHP to 8.3.x: PHP 8.3.1 has been in snapshots and working for a while now. Jim Pingle
06:48 PM Revision d5318588: Fix IPsec Dual Stack w/any remote. Fixes #15147: Jim Pingle
06:30 PM Bug #15310 (Feedback): Errors in ``status.php`` IPsec sections when IPsec is not configured: Applied in changeset commit:a46b65d808bc7ae7b17eb4079f255147ef38d44d. Jim Pingle
06:18 PM Bug #15310 (Resolved): Errors in ``status.php`` IPsec sections when IPsec is not configured: If IPsec is not configured, the IPsec-related sections in status.php contain only error messages and not useful infor... Jim Pingle
06:25 PM Feature #14953 (Feedback): Add Kea information to ``status.php``: Applied in changeset commit:b73a6caae4980a87f8f5137430b26b733f99db19. Jim Pingle
05:50 PM Feature #14953 (In Progress): Add Kea information to ``status.php``: Jim Pingle
06:21 PM Revision a46b65d8: status.php: Omit IPsec if inactive. Fixes #15310: Jim Pingle
06:16 PM Revision b73a6caa: Add Kea info to status.php. Implements #14953: While here, change ISC DHCP info header to include "ISC" and only
include those sections if the config files exist. Jim Pingle
06:06 PM pfSense Plus Feature #15039 (Closed): GUI to configure Packet Flow Data (``pflow``) export: This has been working perfectly here, no other reports of errors/problems. Jim Pingle
05:52 PM Feature #14208: Automatic Split-DNS for 1:1 NAT: I will hopefully finish my PhD dissertation in the next few weeks and I plan to come back to this after that.
(The s... Yehuda Katz
05:31 PM Bug #15309 (Rejected): When using IP Alias conflicts with CARP: That is a configuration issue, not a bug. This site is not for support or diagnostic discussion.
For assistance in... Jim Pingle
05:24 PM Bug #15309 (Rejected): When using IP Alias conflicts with CARP: The use case is when I have multiple IP addresses on the same interface.
On this case I set each node an IP:
Prim: ... Stéfano Costa
05:13 PM Bug #15299: Old auto-added MAC addresses are not pruned for non-concurrent Captive Portal sessions: Jim Pingle wrote in #note-3:
> Looks like it may be related to pass-through MACs when noconcurrentlogins is set alon... Roddy Roddy
03:25 PM Bug #15299: Old auto-added MAC addresses are not pruned for non-concurrent Captive Portal sessions: Looks like it may be related to pass-through MACs when noconcurrentlogins is set along with per-user limits.
@capt... Jim Pingle
11:47 AM Bug #15299: Old auto-added MAC addresses are not pruned for non-concurrent Captive Portal sessions: Jim Pingle wrote in #note-1:
> Did the error happen in the background or did it happen when you made an action of so... Roddy Roddy
03:49 PM Feature #15308 (New): DHCPv6 deny option for static client mappings: DHCPv4 has a mac deny list, could similar functionality be developed for DHCPv6 using static client mappings and DHCP... Saku Seppälä
01:31 PM Bug #15304 (Rejected): After update to latest stable (23.09.1), cert issuance was issuing blank certs, and a signing request not working.: I can't replicate anything like this either. Last time someone reported a problem like this, they were trying to gene... Jim Pingle
01:25 PM Bug #15143 (Not a Bug): Telegram notification of DynDNS update spoiles IP address: The notification sends the FQDN (hostname) not the URL. Custom dynamic DNS types don't have a hostname field, however... Jim Pingle
01:11 PM Feature #15307 (Duplicate): Multiple Monitor IPs: The ability to enter multiple IPs in "Monitor IP".
We experienced an incident where "1.1.1.1" from Cloudflare had p... Thijs Vanbrabant
08:49 AM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Yes, sometimes reconnecting the port will clear Pending but not always. Appears there are many ways to get into Pend... Hal Prewitt
07:55 AM pfSense Docs New Content #15230: Gateway status Pending: This Pending Status is a design error and needs to be removed. WANs/Gateways are either Online, Offline, or Warning ... Hal Prewitt
05:58 AM pfSense Docs New Content #15230: Gateway status Pending: A serious bug. Appears there are many ways to get into Pending and be stuck. Spent hours trying every config change c... Hal Prewitt
01:29 AM Feature #8794: NTP authentication support: I've added a checkbox for each time server called "Authenticated" so that NTP authentication can be enabled/disabled ... Matthew Ray

03/03/2024

06:11 AM pfSense Plus Feature #15280: Boot Environments 2.0: while this offers great functionality it needs to be heavily documented and possibly warrants a system message as the... Jordan G
05:35 AM pfSense Docs New Content #15230: Gateway status Pending: I can confirm this as well but am unable to get the gateway to come out of pending despite it being functional regard... Jordan G
01:25 AM pfSense Plus Feature #15306 (New): Change Gateway Status from Pending to Unavailable: Per customer statement and request, gateway statuses of "Pending" are confusing as a state for gateways that do not e... Kris Phillips
01:22 AM pfSense Plus Feature #15305 (New): Gateway Status Changes to Pending Do Not Trigger Gateway Log Event or Gateway Notifications: When a gateway transitions from an Online state to a Pending state, there is no logged event in the Gateway monitorin... Kris Phillips

03/02/2024

10:49 PM Bug #15304: After update to latest stable (23.09.1), cert issuance was issuing blank certs, and a signing request not working.: Tested on 23.09.1 and unable to recreate this issue. CAs and Certificates, when attempting to create and issue them ... Kris Phillips
06:10 PM Bug #15304 (Rejected): After update to latest stable (23.09.1), cert issuance was issuing blank certs, and a signing request not working.: My pfsense instance is a negate appliance on version:
23.09.1-RELEASE (amd64)
built on Wed Feb 28 16:16:00 UTC 20... Pete Ziu
10:36 PM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Hal Prewitt wrote in #note-3:
> Using Pending when there is no physical link is confusing and I would say is an inco... Kris Phillips
08:37 PM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Using Pending when there is no physical link is confusing and I would say is an incorrect reporting of the actual sta... Hal Prewitt
07:34 PM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Hal Prewitt wrote in #note-1:
> I have seen cases where restarting dpinger fails to clear the Pending status and whe... Kris Phillips
07:23 PM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: I have seen cases where restarting dpinger fails to clear the Pending status and where it should have worked. Dpinger... Hal Prewitt
05:07 PM pfSense Plus Bug #15303 (Confirmed): dpinger service does not always switch from Pending to Online: There are several situations where dpinger will not detect a gateway that is available when it should, forcing a rest... Kris Phillips
05:14 PM pfSense Docs New Content #15230: Gateway status Pending: Created related redmine for various scenarios where dpinger does not recovery properly here: https://redmine.pfsense.... Kris Phillips
09:05 AM Bug #15143: Telegram notification of DynDNS update spoiles IP address: Is there any patch or recommendation how to fix this problem for 2.7.2-RELEASE? Really annoying thing! Alexei Mezin
08:58 AM Bug #15143: Telegram notification of DynDNS update spoiles IP address: Can't replicate it on 24.03
!clipboard-202403021255-ifihp.png!
!clipboard-202403021256-xxszg.png!
Lev Prokofev
07:26 AM Bug #15165: Early boot hangs on pfSense CE: Thanks for the update, but for people that use CE we need to figure the way to make work, we cannot wait for upstream... Peter Moreno
12:17 AM Revision e0034642: Use getter/setters for config access in gwlb.inc: Marcos M

03/01/2024

11:22 PM Bug #15181 (Feedback): PHP error in ``interfaces_qinq_edit.php`` when creating a QinQ interface: Fixed in commit:600f240e48091fe3ee4ba83d6fc4c93892669329. Marcos M
10:59 PM Revision 600f240e: qinq: remove incorrect config access: Kristof Provost
10:46 PM Todo #15173 (Resolved): Add global option to set default PF State Policy (if-bound vs floating): Marcos M
10:45 PM Todo #15220 (Resolved): Handle ``route-to`` and ``reply-to`` states when using the ``if-bound`` state policy: I cannot reproduce the issue with the fix in place. Marcos M
07:32 PM Todo #15220 (Feedback): Handle ``route-to`` and ``reply-to`` states when using the ``if-bound`` state policy: I've merged a pf change that fixed reply-to with if-bound states. It should mean that the above merge request is no l... Kristof Provost
10:20 PM Bug #15165 (Needs Patch): Early boot hangs on pfSense CE: The root issue here is a flaw in the FreeBSD boot loader that results in the trampoline page tables getting clobbered... Marcos M
07:55 PM Todo #15302 (Feedback): Error handling in the Setup Wizard is very user-unfriendly: Applied in changeset commit:32a632b13106ed9b3327db8740c9d940feed7090. Jim Pingle
07:17 PM Todo #15302 (Resolved): Error handling in the Setup Wizard is very user-unfriendly: If a user hits an error in the setup wizard in most cases it dumps the error to the screen and tells the user to go b... Jim Pingle
07:45 PM Revision 32a632b1: Improve Setup Wizard error handling. Fixes #15302: While here, clean up some misc PHP syntax I spotted along the way.
Also made sure all error messages are wrapped in ... Jim Pingle
07:37 PM Revision 7129aba0: Fixup wizard pw to reduce diff against issue #15266: Jim Pingle
07:35 PM Bug #15301 (Feedback): Setup Wizard WAN configuration form field problem: Applied in changeset commit:53dfecd045665701fa4a7f08885f6b86363b1fa0. Jim Pingle
07:15 PM Bug #15301 (In Progress): Setup Wizard WAN configuration form field problem: There is another issue here that is preventing it from working 100% correctly. The form field changed from "selectedt... Jim Pingle
06:55 PM Bug #15301 (Feedback): Setup Wizard WAN configuration form field problem: Applied in changeset commit:01ea8e052a66563d1a71425407b941323e921680. Jim Pingle
06:43 PM Bug #15301 (In Progress): Setup Wizard WAN configuration form field problem: I have a fix in the works, testing it now.
Jim Pingle
06:32 PM Bug #15301 (Resolved): Setup Wizard WAN configuration form field problem: The "Configure WAN Interface" step of the wizard (4 of 9) is broken. The drop-down selector that changes the type is ... Jim Pingle
07:26 PM Revision 53dfecd0: Fix setup wizard WAN form field name. Fixes #15301: Jim Pingle
06:45 PM Revision 01ea8e05: Update setup wizard WAN JavaScript. Fixes #15301: Jim Pingle
06:21 PM pfSense Plus Todo #15266 (In Progress): Prevent usage of the default password in User Manager accounts: Partial progress: Setup wizard changes are done.
https://gitlab.netgate.com/pfSense/factory/-/commit/e79b4b2278983... Jim Pingle
02:45 PM pfSense Packages Feature #15300 (New): allow changing the value of "forward" key: Currently, if a Zone Type is Forward, the resulting config contains "forward only;" setting and that cannot be change... Alex Kolesnik
02:31 PM Bug #15110: pfSense hangs when rebooting: Another customer having this issue on a 5100 with a SHARKSPEED SSD M.2 2242 128GB. 2423567446 Christopher Cope
02:21 PM Bug #15299: Old auto-added MAC addresses are not pruned for non-concurrent Captive Portal sessions: Did the error happen in the background or did it happen when you made an action of some sort in the GUI?
If it hap... Jim Pingle

02/29/2024

11:25 PM Bug #15299 (Resolved): Old auto-added MAC addresses are not pruned for non-concurrent Captive Portal sessions: Hi guys! Could anyone help me to fix this issue, please?
Crash report begins. Anonymous machine information:
... Roddy Roddy
09:37 PM Bug #14854 (Confirmed): Packets are passed through dummynet twice when using ``route-to`` leading to half the expected bandwidth: Marcos M
08:57 PM Bug #14854 (Not a Bug): Packets are passed through dummynet twice when using ``route-to`` leading to half the expected bandwidth: Indeed using a download limiter on "pass in route-to" rules results in lower bandwidth limits than what is configured... Marcos M
08:37 PM Revision c4704b9d: Update old fontawesome class reference: Marcos M
07:35 PM pfSense Packages Feature #15198: System_Patches package should advertize on the dashboard, or send notifications, if there are recommended patches available: Well, it will show ALL installed packages, not just those that need updating.
And since most people don't want to sh... Nazar Mokrynskyi
05:20 PM Feature #15298 (Feedback): Add ``loader.conf.lua`` contents to ``status.php``: Applied in changeset commit:607a638bcd0d216e8b4c96bcbafb8e4493f28e28. Jim Pingle
05:10 PM Feature #15298 (Resolved): Add ``loader.conf.lua`` contents to ``status.php``: We have started to populate and use @/boot/loader.conf.lua@ now so we should include its contents in @status.php@ as ... Jim Pingle
05:15 PM Feature #15297 (Feedback): Add EFI boot information to ``status.php``: Applied in changeset commit:36ab2068780232607b860196359e2a502a585878. Jim Pingle
05:06 PM Feature #15297 (Resolved): Add EFI boot information to ``status.php``: To help diagnose EFI boot issues it would help to have the output of both the regular and verbose output of @efibootm... Jim Pingle
05:13 PM Revision 607a638b: Add loader.conf.lua to status.php. Implements #15298: Jim Pingle
05:08 PM Revision 36ab2068: Add EFI boot info to status.php. Implements #15297: Jim Pingle
11:44 AM Bug #12673: Firewall Logs Dashboard Widget is slow and may fail to update: I just created a pull request ^Updated much faster log.widget Bug #12673 #4672^
I left debug statements in the co... Louis B
09:12 AM pfSense Packages Bug #15296: WAN Interface cannot added to ntopng if offline-packet loss: Sergei Shablovsky wrote:
>
>
> But LAN interfaces ALL would be ADDED as well even some of them are not connected... Sergei Shablovsky
06:58 AM pfSense Packages Bug #15296 (New): WAN Interface cannot added to ntopng if offline-packet loss: Brilliant pfSense DevTeam !
In multi-WAN pfSense configuration WAN interfaces that pfSense decide in “Offline, Pac... Sergei Shablovsky
09:04 AM Bug #15291: Error on Traffic Shaper 0% Bandwidth: dylan mendez wrote in #note-1:
> Hello,
>
> You need to add a value to bandwidth in the parent interface.
> I wo... Pavan K
03:41 AM Bug #15291: Error on Traffic Shaper 0% Bandwidth: Hello,
You need to add a value to bandwidth in the parent interface.
I would recommend you to re create the queue... dylan mendez
03:44 AM Bug #15228: User manger fails to display certificate option for a new user in case of input error: I can replicate this in 23.09.1 dylan mendez
01:45 AM Bug #14290: ICMPv6 Path MTU Discovery breaks with NPT: I can confirm I have repeated the same test against 24.03.a.20240228.0600 and yes it does work, I do now see ICMP6 p... John S

02/28/2024

11:38 PM pfSense Plus Feature #15295 (New): State Filter Rule ID needs clarification: Not sure if this is a feature request but this isn't a bug.
See the forum post for details - https://forum.netgate... Mike Moore
04:17 PM pfSense Packages Bug #15222 (Resolved): HTTP_Inspect Preprocessor Engine: wrong legend on parameters: PR merged, thanks! Jim Pingle
04:17 PM pfSense Packages Feature #15260 (Resolved): Snort IPS False Positives and Preprocessor Rules Misconfiguration: PR merged, thanks! Jim Pingle
03:20 PM pfSense Packages Todo #15294: Naming “Custom Name” of Interface the same as “Interface” on pfSense in “Interface assignment”: I mean “INT_OFFICE_LAN” *would be much usable and informative* than “igb5” Sergei Shablovsky
03:18 PM pfSense Packages Todo #15294 (Rejected): Naming “Custom Name” of Interface the same as “Interface” on pfSense in “Interface assignment”: Brilliant pfSense DevTeam !
Naming “Custom Name” of Interface in ntopng “Interface - Details” the same as “Interfa... Sergei Shablovsky
01:46 PM Bug #12673: Firewall Logs Dashboard Widget is slow and may fail to update: Please update firewall log widget, with attached code
Steve,
- It is probably not complex, but never the less, W... Louis B

02/27/2024

10:10 PM pfSense Plus Feature #13227: Group-based Mobile IPsec Virtual Address Pool assignment via RADIUS: @Netgate - is there zero chance of this simple but VERY usefull feature to surface in pfSense? Some of your people ha... Tue Madsen
06:17 PM Bug #14290: ICMPv6 Path MTU Discovery breaks with NPT: I've managed to reproduce (what I believe is) your problem in a test case, and the expected fix also fixes that.
Tha... Kristof Provost
10:32 AM Bug #14290: ICMPv6 Path MTU Discovery breaks with NPT: So those backtraces are functionally identical. That would suggest that the reason you're not getting the icmp error ... Kristof Provost
03:17 PM Feature #15293: Set LEVEL OF IMPORTANCE for Pushover notifications: cronjob parser automatically find the depends and sending notifications with an *APPROPRIATE LEVEL*.
For example: ... Sergei Shablovsky
03:00 PM Feature #15293: Set LEVEL OF IMPORTANCE for Pushover notifications: P.S.
In this case not necessarily need to make options in System/Advanced/Notification/Pushover WebGUI for depends b... Sergei Shablovsky
02:50 PM Feature #15293 (New): Set LEVEL OF IMPORTANCE for Pushover notifications: Brilliant pfSense Dev Team!
Pushover service (like an all notifications services nowadays) HAS SEVERAL NOTIFICATIO... Sergei Shablovsky
02:11 PM Bug #15290: speedtest-cli returning 403 Forbidden: Alex Rosenberg wrote:
> The speedtest-cli tool is currently returning 403 Forbidden for all queries for me. When it ... Sergei Shablovsky
02:04 PM Bug #15290: speedtest-cli returning 403 Forbidden: Jim Pingle wrote in #note-1:
> Speed tests from the firewall itself are not generally useful, so we discourage the p... Sergei Shablovsky
10:03 AM Bug #14854: Packets are passed through dummynet twice when using ``route-to`` leading to half the expected bandwidth: Greetings,
The current state of the Multi-WAN limiter functionality has been unfortunately problematic for quite som... Marco Goetze
09:02 AM pfSense Packages Bug #14676: Listening Port option in the Tailscale configurator is not respected: The same behaviour on
23.09.1-RELEASE (amd64)
built on Tue Jan 30 15:33:00 MST 2024
FreeBSD 14.0-CURRENT
If us... aleksei prokofiev

02/26/2024

09:11 PM Bug #14290: ICMPv6 Path MTU Discovery breaks with NPT: traceroute -6 --mtu -I 2001:4860:4860::8844 which did return a packet too big response, gave:... John S
06:41 PM Bug #14290: ICMPv6 Path MTU Discovery breaks with NPT: To be clear: I'd expect things to just work if both of your WANs have the same MTU, and maybe not if they don't.
Y... Kristof Provost
05:00 PM Bug #14290: ICMPv6 Path MTU Discovery breaks with NPT: Ok thank you, ah it doesn't seem to be working in my setup.
No I'm not running the traceroute on pfsense, I'm runn... John S
10:52 AM Bug #14290: ICMPv6 Path MTU Discovery breaks with NPT: Yes, the fix is included in that snapshot build.
I had a theory about why it might not be working for you, but it ... Kristof Provost
08:55 PM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table: Michele D'Alessio wrote in #note-26:
> Christian McDonald wrote in #note-25:
> > We pulled in a patch that might fi... Christian McDonald
08:55 PM Regression #14970 (Feedback): Static ARP assignments lose ``permanent`` flag in ARP table: Christian McDonald
08:53 PM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table: Christian McDonald wrote in #note-25:
> We pulled in a patch that might fix this. Check out the latest 24.03 develop... Michele D'A.
02:00 PM Bug #15290 (Rejected): speedtest-cli returning 403 Forbidden: I can't reproduce this on a current CE or Plus install. Probably a temporary upstream issue or something with your ar... Jim Pingle
01:49 PM pfSense Packages Feature #12658 (Closed): Adding prometheus metrics to darkstat: Jim Pingle
03:41 AM pfSense Packages Feature #12658: Adding prometheus metrics to darkstat: I think we can close this out:... Karim Elatov
01:46 PM Bug #15289 (Not a Bug): Dashboard show's some data twice every interval: Jim Pingle
12:45 PM Bug #10980: ``/etc/rc.local`` script content is executed at login instead of during boot sequence: Jordan G wrote in #note-5:
> confirm startup scripts added (as described here - https://docs.netgate.com/pfsense/en/... alzee bum
09:51 AM pfSense Packages Bug #15292 (Duplicate): Certificate renewal with 'dns_inwx.sh' not working: Error add txt for domain:_acme-challenge.foo.bar: Hello,
we use Acme-package to obtain a wildcard certificate for our domain. It has always worked well.
Lately, t... Lorenzo Marroccoli
09:35 AM Bug #15291 (New): Error on Traffic Shaper 0% Bandwidth: Link to post on pfSense Forum:
https://forum.netgate.com/topic/186137/error-on-traffic-shaper-0-bandwidth?_=1708915... Pavan K
07:32 AM Bug #15165: Early boot hangs on pfSense CE: I have tested and works, I add just 20 seconds but is a value that we can adjust, but looks like we found the patch u... Peter Moreno

02/25/2024

09:24 PM Bug #15290 (Rejected): speedtest-cli returning 403 Forbidden: The speedtest-cli tool is currently returning 403 Forbidden for all queries for me. When it does work, it is often li... Alex Rosenberg
07:08 PM pfSense Packages Bug #15274: HAProxy Configuration Changes Require pfSense Reboot to Take Effect: Kris Phillips wrote in #note-2:
> Tested this on 23.09.1 with HAProxy 0.63_2. I'm not able to reproduce this. Chan... Zachary Cohen
03:37 AM pfSense Packages Bug #15274 (Incomplete): HAProxy Configuration Changes Require pfSense Reboot to Take Effect: Tested this on 23.09.1 with HAProxy 0.63_2. I'm not able to reproduce this. Changing any frontend or backend settin... Kris Phillips
09:57 AM Bug #15289: Dashboard show's some data twice every interval: Oh dear....
I just found out that this user's had their Chrome/Google browser and settings set to translate English ... Guido Glaus
09:38 AM Bug #15289: Dashboard show's some data twice every interval: See attached recording (same on 2.7.2) Guido Glaus
08:49 AM Bug #15289: Dashboard show's some data twice every interval: Hello Chris,
I added the time zone in case it is taken into account somewhere. Guido Glaus
03:31 AM Bug #15289: Dashboard show's some data twice every interval: Hello Guido,
So, to clarify, the time is first presented in English and then reloads shortly after in the localiza... Kris Phillips
04:01 AM pfSense Plus Feature #15284: Specify a Device parameter for Pushover Notifications: Or even better - just add an input field for *Custom Options* where the user can input _any_ of the optional paramete... Michael Klein
03:43 AM Bug #15282: Users with Deny Config Write privilege can trigger some VLAN interface operations: Tested this on 24.03 builds from Feb 23rd. Can confirm this issue is present. Kris Phillips
01:19 AM pfSense Packages Bug #15222: HTTP_Inspect Preprocessor Engine: wrong legend on parameters: This fix for this bug has been posted as part of this pull request: https://github.com/pfsense/FreeBSD-ports/pull/134... Bill Meeks
01:18 AM pfSense Packages Feature #15260: Snort IPS False Positives and Preprocessor Rules Misconfiguration: The fix for this feature request/bug fix has been posted as part of this pull request: https://github.com/pfsense/Fre... Bill Meeks
12:05 AM Todo #15265 (Resolved): Remove ``jquery-treegrid`` unit testing files: Files are removed on... Christopher Cope

02/24/2024

07:58 PM Bug #15289 (Not a Bug): Dashboard show's some data twice every interval: Connected trough a "slow" Anydesk connection to a pfsense 2.6 or 2.7.2 Router with timezone set to Europe/Zurich and ... Guido Glaus

02/23/2024

08:09 PM Bug #14290: ICMPv6 Path MTU Discovery breaks with NPT: May I ask if this is included in 24.03-DEVELOPMENT (amd64)? As I have tested again on the latest build 24.03.a.202402... John S
06:38 PM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table: We pulled in a patch that might fix this. Check out the latest 24.03 development snapshots. Christian McDonald
06:22 PM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table: Is there a workaround? Michele D'A.
05:24 PM pfSense Packages Bug #15008 (Resolved): SID MGMT list action to download a single conf file leads to a 502 Bad Gateway error: Jim Pingle
05:03 PM pfSense Packages Bug #15008: SID MGMT list action to download a single conf file leads to a 502 Bad Gateway error: This issue has been resolved. Please mark this issue RESOLVED.
Thanks, Bill Bill Meeks
04:25 PM Bug #15288 (Resolved): ``loader.conf`` may be missing ``loader_conf_files`` so ``loader.conf.lua`` may not be parsed: In some situations @/boot/loader.conf@ is missing the line which tells the loader to read @loader.conf.lua@:... Jim Pingle
03:27 PM pfSense Packages Bug #15048: Snort large memory consumption when updating: You state _"Snort since the last updates uses a lot of memory when updating..."_ . What updates specifically? Updates... Bill Meeks
09:29 AM Bug #15287 (New): hw.ix.unsupported_sfp=1 parameter for ix driver not working: When using ix driver with an Intel 82599ES chipset the driver seem not to support anymore the hw.ix.unsupported_sfp=1... Eric Chaubert

02/22/2024

11:05 PM Bug #15110: pfSense hangs when rebooting: Customer reported this issue utilizing a Dogfish 2242 M.2 SSD. Model SSDMCEAC060B3A. Customer ticket 2396258146. Kris Phillips
10:02 PM Bug #15165: Early boot hangs on pfSense CE: Make sense what u say.
I will try your steps, on which OS version are you running HyperV?
Thanks. Peter Moreno
09:20 PM Bug #15165: Early boot hangs on pfSense CE: I too have Hyper-V and have reoccurring boot hang issues.
Today, had a hang and went to boot, which froze. Turned... Terry Barnes
07:00 PM pfSense Docs Correction #15286 (Rejected): Wireguard Remote Access Config Recipe Typo: The split-tunnel configuration example here is incorrect:
https://docs.netgate.com/pfsense/en/latest/recipes/wiregua... Kris Phillips
05:54 PM Feature #14483: Conditionally reconfigure IPsec VTI interfaces only when necessary while applying IPsec changes: No time for this release, hopefully the next. Jim Pingle
05:53 PM Bug #15285 (Duplicate): Adding interfaces breaks FRR routing over IPsec: Pretty certain this is a duplicate of #14483 (or at least solving that would also solve this, or seems likely to) Jim Pingle
05:26 PM Bug #15285 (Duplicate): Adding interfaces breaks FRR routing over IPsec: When adding a new interface quite a few things happen which I believe are by design on pfSense but noticed something ... Mike Moore
01:44 PM Bug #14661 (Closed): ``dpinger`` can unintentionally choose an IPv6 VIP for a monitoring source: Jim Pingle
07:59 AM Bug #14661: ``dpinger`` can unintentionally choose an IPv6 VIP for a monitoring source: Seems to be resolved in 2.7.2 Hannes Scherbichler
03:14 AM pfSense Plus Feature #15284 (New): Specify a Device parameter for Pushover Notifications: Hello,
Can you please add the ability to specify a DEVICE parameter for Pushover notifications so that a notificat... Michael Klein
01:37 AM Feature #15283: MANUALS VIDGET in a Dashboard: Jim Pingle wrote in #note-1:
> There is already a help link to relevant documentation on every page.
>
> There is... Sergei Shablovsky
01:30 AM Feature #15283 (Rejected): MANUALS VIDGET in a Dashboard: There is already a help link to relevant documentation on every page.
There is already a notes widget if someone w... Jim Pingle
01:28 AM Feature #15283 (Rejected): MANUALS VIDGET in a Dashboard: Brilliant pfSense DevTeam!
Would be great to adding Dashboard “MANUALS” vidget that display a link (several links)... Sergei Shablovsky
01:34 AM pfSense Docs New Content #15278: Switch from IPv4 to IPv6 + Add IPv6 capability to exist IPv4-only configuration: Better FROM USER PERSPECTIVE no to surfing on hundreds of pages of whole Docs, but reading one document with step-by-... Sergei Shablovsky
01:32 AM pfSense Docs New Content #15278: Switch from IPv4 to IPv6 + Add IPv6 capability to exist IPv4-only configuration: Jim Pingle wrote in #note-1:
> We already add IPv6 content where we can over time, but the current state of ISPs/ser... Sergei Shablovsky

02/21/2024

11:48 PM Bug #15282 (Resolved): Users with Deny Config Write privilege can trigger some VLAN interface operations: A user with the Deny Connfig Write privilege set but access to the interfaces config pages can try to create VLANs an... Steve Wheeler
10:49 PM Bug #15110: pfSense hangs when rebooting: Another user having this issue on a 5100. 2396258146 Christopher Cope
09:09 PM Feature #14802: Re-enable multiqueue support for virtio NIC: The issue is discussed in this forum thread https://forum.netgate.com/topic/138174/pfsense-vtnet-lack-of-queues. Howe... Christopher de Haas
08:49 PM pfSense Packages Todo #15281 (Resolved): Upgrade Tailscale to 1.6.0: Plus 24.03 has tailscale-1.56.1 available in the Package Manager. Would be great to pull in 1.6.0 if possible. Chris W
08:11 PM pfSense Plus Feature #15280: Boot Environments 2.0: !clipboard-202402211511-mlhlp.png!
Christian McDonald
07:59 PM pfSense Plus Feature #15280 (Closed): Boot Environments 2.0: Changes:
* Configuration History is now a separate page and is no longer part of Backup & Restore.
* Configuratio... Christian McDonald
04:37 PM Bug #15171: Removing an IPsec Phase 1 entry can either remove the wrong Phase 2 entries or leave orphaned Phase 2 entries in the configuration: Reproduced the same issue in PLUS version 23.09.1 and the issue persisted.
Follow the video of the BUG simulatio... DBACORP DBACORP
03:48 PM pfSense Docs New Content #15278 (Rejected): Switch from IPv4 to IPv6 + Add IPv6 capability to exist IPv4-only configuration: We already add IPv6 content where we can over time, but the current state of ISPs/servers (especially in the US, wher... Jim Pingle
04:29 AM pfSense Docs New Content #15278 (Rejected): Switch from IPv4 to IPv6 + Add IPv6 capability to exist IPv4-only configuration: Dear Brilliant pfSense DevTeam!
REASON
- most of all network equipment (from home teapot and fridge to servers, r... Sergei Shablovsky
03:45 PM Feature #15276: Support JSON content for URL type firewall aliases: Not a bug, it's a feature request.
Not sure how viable it would be as there isn't really a standard for that and w... Jim Pingle
03:23 AM Feature #15276 (New): Support JSON content for URL type firewall aliases: Brilliant pfSense DevTeam!
WHERE
In Firewall / Aliases, URLs tab(selector)
CASE
JSON need to be allowed in “U... Sergei Shablovsky
03:43 PM Bug #15275 (Needs Patch): 56 GbE on Mellanox ConnectX-3 cards not functioning properly: That would be up to FreeBSD to add support for those cards/modes - If you try them on a stock FreeBSD 14 installation... Jim Pingle
03:34 PM Bug #15279 (Duplicate): When deleting phase 1 ipsec removes phase 2 of the other VPN's in the GUI and loses communication: Duplicate of #15171 Jim Pingle
03:31 PM Bug #15279 (Duplicate): When deleting phase 1 ipsec removes phase 2 of the other VPN's in the GUI and loses communication: Good morning,
Discovering a BUG in IPSEC version 23.09.1 and 23.09 in both AWS and AZURE in summer PLUS,... DBACORP DBACORP
01:55 PM pfSense Packages Feature #9141: FRR xmlrpc: No progress here obviously, just wanted to add that in the mean time I'm using a workaround: every time i change some... Adrian Dascalu
11:25 AM Regression #14078 (Confirmed): Traffic graph shows half actual throughput when switching back to the graph: We are waiting for the pull request:
https://redmine.pfsense.org/issues/14933 Danilo Zrenjanin
11:24 AM Bug #14933 (Confirmed): Traffic Graph widget displays bandwidth usage values which are half the actual usage amount: Danilo Zrenjanin
11:16 AM Bug #14933: Traffic Graph widget displays bandwidth usage values which are half the actual usage amount: I was able to replicate the issue using Safari on macOS.
Tests conducted against:... Danilo Zrenjanin
09:48 AM Feature #12564: add column to show that an Alias is in use by or not: khaled osama wrote:
> can you add column to show that an Alias is in used or not
> and it is clickable to show wher... Conny Molin
08:04 AM pfSense Plus Bug #14005: SFP Interfaces not available with Traffic Shaper in v23.01: It has been 7 months since the last reply. Is this problem to be looked at or not? At the moment I cannot use the tra... Brendon Flint
03:59 AM Todo #15277 (New): Allow mixed source (URL (IPs), URL Table (IPs), Host(s) and Network(s) IN OND ALIAS: Dear Brilliant pfSense DevTeam!
WHERE
in Firewall / Aliases
ARGUMENT
From firewall and user perspective ther... Sergei Shablovsky
03:28 AM Feature #15022: Allow overriding text scrolling during package install/uninstall: Yes, that way you can review what versions of package dependencies installed and or got adapted if something goes wro... Jonathan Lee
02:11 AM Feature #15022: Allow overriding text scrolling during package install/uninstall: Jonathan Lee wrote in #note-2:
> It will only allow you to look back one page after it completes the install. It is ... Christian McDonald

02/20/2024

11:49 PM Bug #15275 (Needs Patch): 56 GbE on Mellanox ConnectX-3 cards not functioning properly: x86 server, pfSense 2.7.2, Mellanox ConnectX-3 NIC
Connecting to Mellanox 6036G switch over original Mellanox DAC ... Piotr Oleszkiewicz
11:44 PM pfSense Packages Feature #12918: pfBlockerNG-devel changes from xmlrpc sync do not take effect immediately: did anyone figure out how to manually fix this my editing the code ? Israel Goldstein
09:54 PM pfSense Packages Bug #15274: HAProxy Configuration Changes Require pfSense Reboot to Take Effect: Zachary Cohen wrote:
> As originally reported here (https://forum.netgate.com/topic/172972/haproxy-config-changes-not... Zachary Cohen
09:51 PM pfSense Packages Bug #15274 (New): HAProxy Configuration Changes Require pfSense Reboot to Take Effect: As originally reported here (https://forum.netgate.com/topic/172972/haproxy-config-changes-not-loaded-pfsense-restart... Zachary Cohen
09:53 PM pfSense Packages Bug #15182: Changing backend port - status remains down: Potentially related to #15274 Zachary Cohen
09:01 PM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding: User is reporting this issue manifests in relation to CPU spikes.
> Also I want to point that I have a procedure t... Craig Coonrad
07:47 PM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table: It seems like an interim fix would be to build arp with "WITHOUT_NETLINK" defined. Denny Page
05:37 PM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table: Looks like this might have gotten some attention upstream, will track.
https://reviews.freebsd.org/D43983 Christian McDonald
06:50 PM pfSense Plus Todo #15266: Prevent usage of the default password in User Manager accounts: Moving this so it only gets applied to Plus, since Plus is the only version for appliances where those restrictions h... Jim Pingle
03:03 PM Bug #15269 (Duplicate): DHCP static ARP entries are not static: Duplicate of #14970 Jim Pingle
02:56 PM Bug #15268 (Not a Bug): Network Prefix Translation (NPt) not properly translating the prefix for unsolicited inbound connections: You cannot map multiple internal prefixes to the same external prefix. As you see only the first one will work proper... Jim Pingle
02:53 PM Bug #15043 (Resolved): IGMP proxy works intermittently: Jim Pingle
01:12 PM Feature #15273 (New): Adding ICS Stork as service for BIND and KEA DHCP: Brilliant pfSense DevTeam!
Please add
ISC Stork for BIND and KEA services state monitoring
https://gitlab.isc.... Sergei Shablovsky
07:41 AM Todo #15271: Add information about group keys to Pushover notification settings: Better to USE THE SAME DEFINITION as in SaaS (Pushover) and certain section of pfSense settings that directly belongs... Sergei Shablovsky
07:06 AM Todo #15271: Add information about group keys to Pushover notification settings: Because the Pushover web interface not clear about that. Especially for newbies… Sergei Shablovsky
07:04 AM Todo #15271 (New): Add information about group keys to Pushover notification settings: Brilliant pfSense DevTeam!
Please Correct “User key” description in System/Advanced/Notification/Pushover
from... Sergei Shablovsky
07:41 AM pfSense Docs New Content #15272: Add information about Pushover group key behavior: Better to USE THE SAME DEFINITION as in SaaS (Pushover) and certain section of pfSense settings that directly belongs... Sergei Shablovsky
07:38 AM pfSense Docs New Content #15272: Add information about Pushover group key behavior: Because all 3 objects are different:
- Pushover account user;
- Applications;
- Delivery Groups;
And may be SEV... Sergei Shablovsky
07:35 AM pfSense Docs New Content #15272 (New): Add information about Pushover group key behavior: in Note
from
Using the Pushover API requires a Pushover account user key and API key (Pushover Registration).
... Sergei Shablovsky

02/19/2024

07:12 PM Bug #12673: Firewall Logs Dashboard Widget is slow and may fail to update: Doing so it pretty trivial. It requires almost no skill. (ask me how I know!).
Create github account.
Fork pfsense/... Steve Wheeler
06:51 PM Bug #12673: Firewall Logs Dashboard Widget is slow and may fail to update: My version of the log-widget is way faster (20 times!) than the actual version. With the same GUI and the same functi... Louis B
06:41 PM pfSense Packages Todo #15270 (Closed): ENUMER STUN: Hello,
Recently I reviewed my network activity and found lot of requests to the file http://enumer.org/public-stun... Oleg Khovayko
06:09 PM Feature #13468: FW-rule-groups, would be very, very helpfull: I discovered that interface groups, are IMHO not interface groups, but rule groups. However the GUI is not in line wi... Louis B
11:07 AM Bug #15269: DHCP static ARP entries are not static: On version 2.6.0 static arp mappings remain permanent. Michele D'A.
09:59 AM Bug #15269 (Duplicate): DHCP static ARP entries are not static: When I select the option in the DHCP server:
ARP Table Static Entry: Create an ARP Table Static Entry for this MAC... Michele D'A.

02/18/2024

11:57 PM Bug #14692: Mangled link-local addresses are being logged: Daryl Morse wrote:
> My system is logging discarded ping request messages from a link-local address, as is expected.... Daryl Morse
10:05 PM Feature #15022: Allow overriding text scrolling during package install/uninstall: It will only allow you to look back one page after it completes the install. It is like the scroll object repaints al... Jonathan Lee
07:19 PM Feature #15022: Allow overriding text scrolling during package install/uninstall: Hello Jonathan,
When the package finishes installing you should have no issues scrolling up. Let me know if this i... dylan mendez
03:34 PM pfSense Plus Feature #14976: Cleaner way to know if an interface failed: While out development team considers this, you can implement Remote Syslogs and filter all the logs through a third-p... dylan mendez
01:11 PM Bug #14996: Kea DHCP PHP error from WINS server value: Yep. I'll do it on Monday Christian McDonald
03:27 AM Bug #14996: Kea DHCP PHP error from WINS server value: Kris Phillips wrote in #note-3:
> Jared Hendrickson wrote in #note-2:
> > I opened a PR this morning that contains ... Kris Phillips
03:21 AM Bug #12764: VTI gateway status is pending after assigning the VTI interface: I can confirm this behavior. You can also simply restart the dpinger service to "kick" it out of this state.
VT... Kris Phillips
03:18 AM pfSense Docs New Content #15230 (Confirmed): Gateway status Pending: I can confirm this behavior. Typically restarting the dpinger service will correct this issue, but if you do a relea... Kris Phillips
03:12 AM pfSense Docs Todo #15267 (Rejected): Feedback on Releases — 2.7.2 New Features and Changes: The "New Features and Changes" document is for changes since the previous release, which is 2.7.1. The only change b... Kris Phillips
02:30 AM Bug #14991: Kea does not allow FQDNs for NTP servers but input validation does not prevent them from being added: Brilliant pfSense DevTeam!
Just confirm the same bug.
I reproduce the same environment and receive the same bug... Sergei Shablovsky
02:02 AM Bug #15012: NTP assigned to KEA DHCP Clients causes service to fail: Brilliant pfSense DevTeam!
Just confirm the same bug.
I reproduce the same environment and receive the same bug/beh... Sergei Shablovsky
12:16 AM Bug #15195 (Duplicate): PHP error if config contain <ppps></ppps> empty tag: https://redmine.pfsense.org/issues/14742 Christopher Cope

02/17/2024

11:58 PM Bug #15224 (Resolved): ``services_acb_settings.php`` does not fully validate value of ``frequency``, uses value without encoding: I can reproduce this on... Christopher Cope
10:56 PM Feature #15261: comcast DHCP issues: I have 4100 (ix) to Comcast cable modem. The only DHCP issue I encounter is if I move Comcast to another port. Comcas... Craig Coonrad
09:26 PM Bug #15268 (Not a Bug): Network Prefix Translation (NPt) not properly translating the prefix for unsolicited inbound connections: Unsolicited inbound traffic with the ISP prefix (external prefix) is always translated to the internal prefix specifi... machbot .
05:56 PM pfSense Docs Todo #15267 (Rejected): Feedback on Releases — 2.7.2 New Features and Changes: *Page:* https://docs.netgate.com/pfsense/en/latest/releases/2-7-2.html
*Feedback:*
I suggest the 2.7.2 release no... Steve Y
02:16 PM pfSense Plus Todo #15266: Prevent usage of the default password in User Manager accounts: Jim Pingle wrote in #note-2:
> Not only are there more and more stories about equipment being compromised due to def... Bill Meeks
02:15 PM Bug #15043: IGMP proxy works intermittently: This ticket can be closed and therefore included in the next release 2.8 or earlier (very important). Since the kerne... Martial G
01:14 AM Feature #15257 (Confirmed): Support using a mask to block MAC addresses in Captive Portal: I can duplicate this on 23.09.1. A MAC address block rule which includes a mask still allows authentication and then ... Chris W

02/16/2024

11:20 PM pfSense Plus Todo #15266: Prevent usage of the default password in User Manager accounts: Not only are there more and more stories about equipment being compromised due to default passwords and being wide op... Jim Pingle
10:22 PM pfSense Plus Todo #15266: Prevent usage of the default password in User Manager accounts: I would ask why make this change? I think the current warning is sufficient.
I would be okay with forcing a passwo... Bill Meeks
06:53 PM pfSense Plus Todo #15266 (Resolved): Prevent usage of the default password in User Manager accounts: Currently we detect in the GUI when the admin account is using the default password (@"pfsense"@) and print a warning... Jim Pingle
11:05 PM Bug #5849 (Closed): Routing fail on CARP IPsec: Closing this since it hasn't been reproduced and there have been many changes and fixes over the last 8 years in all ... Chris W
07:55 PM Bug #1819: DNS Resolver Not Registering DHCP Server Specified Domain Name: I'm a network engineer and I long ago gave up on trying to use the firewall for an authoritative DNS solution that do... Yousif Hassan
05:15 PM Todo #15265 (Feedback): Remove ``jquery-treegrid`` unit testing files: Applied in changeset commit:4e8f6cedd9c4b32b24ac3619f84e33a9a4708a29. Jim Pingle
05:07 PM Todo #15265 (Resolved): Remove ``jquery-treegrid`` unit testing files: We include the @jquery-treegrid@ library for use in the disks widget. That library includes unit testing files:
* ... Jim Pingle
05:07 PM Revision 4e8f6ced: Remove unnecessary treegrid files. Implements #15265: Jim Pingle
04:55 PM Bug #15264 (Feedback): ``crash_reporter.php`` displays PHP Error log without encoding: Applied in changeset commit:bde72e2d864ba57f2f14e0a4005104d942cdb11d. Jim Pingle
04:45 PM Bug #15264 (Resolved): ``crash_reporter.php`` displays PHP Error log without encoding: The section of @crash_reporter.php@ that displays the PHP error log is printing that log directly without encoding th... Jim Pingle
04:50 PM Bug #15263 (Feedback): PHP error display formatting issues: Applied in changeset commit:9d78a172ec6c9b959ac1f5b321637e5009320658. Jim Pingle
04:40 PM Bug #15263 (Resolved): PHP error display formatting issues: There are multiple issues with the formatting of PHP errors in the GUI, including:
* Error/stack trace is printed ... Jim Pingle
04:46 PM Revision bde72e2d: Encode PHP error log content before display. Fixes #15264: Jim Pingle
04:41 PM Revision 9d78a172: Correct PHP error display issues. Fixes #15263: Jim Pingle
02:32 PM Feature #15245 (Resolved): Show interface subnet details in a tooltip on the IPsec Phase 2 list: Jim Pingle
12:51 PM Feature #15245: Show interface subnet details in a tooltip on the IPsec Phase 2 list: tested, patch works correctly Georgiy Tyutyunnik
02:32 PM Feature #15234 (Resolved): Show details of system aliases in tooltip on firewall and NAT rule lists: Jim Pingle
02:12 PM Feature #15234: Show details of system aliases in tooltip on firewall and NAT rule lists: tested, patch works correctly Georgiy Tyutyunnik
11:20 AM Bug #13089 (Resolved): Some OpenVPN NetBIOS settings are kept even when NetBIOS is disabled: I was able to replicate the reported issue on the 23.09.1 pfSense Plus release.
After disabling NetBios, there we... Danilo Zrenjanin

02/15/2024

10:14 PM pfSense Docs Todo #15259: Feedback on pfSense® software Configuration Recipes — OpenVPN Site-to-Site Configuration Example with SSL/TLS: One strategy to consider - In the future I humbly suggest you state that "I close this report pending additional inf... Michael McNamara
07:33 PM pfSense Plus Bug #15262 (Confirmed): Captive Portal Has High CPU Interrupts With Large Number of Users: When 700+ Captive Portal users are in use, CPU interrupts will cause high load averages to occur. This can lead to c... Kris Phillips
07:01 PM pfSense Packages Feature #15260: Snort IPS False Positives and Preprocessor Rules Misconfiguration: Roberto@ IT and General wrote in #note-3:
> Hello Bill,
>
> The more general writeup about why rules are in specific... Bill Meeks
05:44 PM pfSense Packages Feature #15260: Snort IPS False Positives and Preprocessor Rules Misconfiguration: Hello Bill,
Thank you very much for your comment. I didn't perceive your message as an attempt to be argumentative... Roberto@ IT and General
03:02 PM pfSense Packages Feature #15260: Snort IPS False Positives and Preprocessor Rules Misconfiguration: I am the volunteer package maintainer for Snort on pfSense. The method you described above for removing rules (disabl... Bill Meeks
11:31 AM pfSense Packages Feature #15260: Snort IPS False Positives and Preprocessor Rules Misconfiguration: Above, there is a list of the preprocessor rules and decoder rules that should be enabled/disabled for each of the th... Roberto@ IT and General
11:15 AM pfSense Packages Feature #15260 (Resolved): Snort IPS False Positives and Preprocessor Rules Misconfiguration: Greetings to all from IT And General.
I would like to point out an issue that we are experiencing with the Snort p... Roberto@ IT and General
03:50 PM pfSense Packages Bug #15190 (Resolved): PHP error from RRD Graphs when resolution is null: It works fine on today's release:
I will close this ticket as resolved. Danilo Zrenjanin
01:09 PM Feature #15261 (Not a Bug): comcast DHCP issues: User reports issues with Comcast connection.
WANs intermittently stop from being able to communicate past the Comcas... Georgiy Tyutyunnik
11:17 AM Bug #15248 (Resolved): Removing a gateway group used as the default gateway results in no default route: Tested against:... Danilo Zrenjanin
10:40 AM Bug #15252 (Resolved): Egress states remain when killing states for scheduled rules: Tested against:... Danilo Zrenjanin
05:49 AM pfSense Plus Bug #14968: Google LDAP fail to bind: I suspect it is related to issue #15060, I didn't test with only one LDAP backend configured. Lev Prokofev

02/14/2024

10:37 PM pfSense Docs Todo #15259: Feedback on pfSense® software Configuration Recipes — OpenVPN Site-to-Site Configuration Example with SSL/TLS: Thanks for accepting my feedback on how I made your system work despite the documents leading me astray! Michael McNamara
10:24 PM pfSense Docs Todo #15259: Feedback on pfSense® software Configuration Recipes — OpenVPN Site-to-Site Configuration Example with SSL/TLS: I tested both Plus and CE. If it didn't work, you must have configured it improperly. Jim Pingle
10:23 PM pfSense Docs Todo #15259: Feedback on pfSense® software Configuration Recipes — OpenVPN Site-to-Site Configuration Example with SSL/TLS: I don't need assistance, instead I am reporting that it fails if I just follow the guidelines on the base page.
If... Michael McNamara
09:56 PM pfSense Docs Todo #15259 (Rejected): Feedback on pfSense® software Configuration Recipes — OpenVPN Site-to-Site Configuration Example with SSL/TLS: I'm not sure what you did wrong, but it is absolutely sufficient. I just re-tested that entire set of instructions in... Jim Pingle
09:41 PM pfSense Docs Todo #15259 (Rejected): Feedback on pfSense® software Configuration Recipes — OpenVPN Site-to-Site Configuration Example with SSL/TLS: *Page:* https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-s2s-tls.html
*Text:*
Select the server insta... Michael McNamara
06:01 PM Todo #15258 (Resolved): Update Gandi LiveDNS service with API changes: In August 2023 Gandi changed how authentication works with their API. Now you need to use Personal Access Tokens and ... Matthew Drury
04:23 PM Feature #15257 (Resolved): Support using a mask to block MAC addresses in Captive Portal: Blocking a MAC address in pfSense when using a mask is not working. However, if you use the pass option and specify t... Gordon Bennett
04:16 PM Bug #14933: Traffic Graph widget displays bandwidth usage values which are half the actual usage amount: I can still reproduce this in 23.09.1 dylan mendez
04:12 PM Bug #15015: Static routes not working: The pictures are no longer there, can you please re upload. dylan mendez
08:54 AM pfSense Packages Bug #14409: pfBlockerNG Cron Redundantly Updates pfSense Configuration When DNSBL is Disabled Due to Faulty Virtual IP Count: > I've come up with a patch that sets @$vip_count@ to @0@ if DNSBL is disabled. This causes the Virtual IP counts to ... Sima Xi
05:41 AM Bug #15110: pfSense hangs when rebooting: Another one TAC ticket with the same issue
2336421939 aleksei prokofiev
05:41 AM Bug #15110: pfSense hangs when rebooting: same issue here. 6100, 23.09.1
onboard mmc died, added a WD SN520 NVME SSD.
same console output M O
01:44 AM Feature #12746: IPoE feature for WAN interface: As far as I know, a significant portion of the supply in the Japanese market is using IPoE mode, and currently, almos... Tianyi SUN

02/13/2024

04:33 PM Feature #10843: Allow user manager settings to specify multiple authentication servers: I've been thinking about this a bit lately since we've added something similar in the upcoming TNSR release.
Like ... Jim Pingle
04:16 PM Feature #10843: Allow user manager settings to specify multiple authentication servers: This feature should also include the ability to define specific failover behavior if the configured authentication se... Chris Linstruth
02:29 PM Bug #8087: Provide Calling-Station-ID to RADIUS backed VPN connections: Welp, even "my" last hack stopped working somewhere along the pfSense stable upgrade path, currently on "23.09.1-RELE... Brandon Verkada
01:49 PM Todo #15256 (Resolved): Upgrade Unbound to >= 1.19.1: Unbound 1.19.1 fixes two DoS/CPU exhaustion issues in DNSSEC validation:
https://nlnetlabs.nl/downloads/unbound/CV... Jim Pingle
12:02 PM Bug #14434: PPPoE WAN interface with VIPs causes continuous interface restarting: Steve Wheeler wrote in #note-4:
> Still present in 23.09.1
I can also confirm it is still present is the latest s... Adam French

02/12/2024

04:33 PM pfSense Docs Correction #15255 (Closed): New docs typo: Fixed, thanks!
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/1a9cc91ad99c7e662d45ad85fc6a9ce324bde7bf Jim Pingle
04:18 PM pfSense Docs Correction #15255 (Closed): New docs typo: Typo in new docs (Gateway Settings):
http://stage-feature-mm-gateway_recovery.docs.netgate.com/pfsense/en/latest/rou... William Wrathbone
04:13 PM pfSense Docs Correction #15253 (Closed): New docs typo: Fixed and deployed last week: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/2448141188ae72159faaac282a641c1f4... Jim Pingle
03:48 PM pfSense Docs Correction #15253 (Closed): New docs typo: Typo in new docs for gateway recovery:
http://stage-feature-mm-gateway_recovery.docs.netgate.com/pfsense/en/latest/r... William Wrathbone
04:13 PM pfSense Docs Correction #15254 (Closed): Docs typo: Fixed and deployed (along with some other typos):
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/2dd28e37b2... Jim Pingle
03:49 PM pfSense Docs Correction #15254 (Closed): Docs typo: https://docs.netgate.com/pfsense/en/latest/multiwan/considerations.html
(probably should be "...to the DNS forwarder... William Wrathbone
02:32 PM pfSense Packages Bug #15190 (Feedback): PHP error from RRD Graphs when resolution is null: MR merged. Jim Pingle

02/11/2024

04:23 PM Bug #15248: Removing a gateway group used as the default gateway results in no default route: Confirmed
!clipboard-202402111023-shtvn.png!
dylan mendez

02/10/2024

11:36 PM pfSense Packages Bug #15190 (Pull Request Review): PHP error from RRD Graphs when resolution is null: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/387 Christopher Cope
11:23 PM Revision 2aea75df: Change "IP family" to "address family": Marcos M
10:56 PM Bug #12942 (Resolved): Code to kill states for old gateway when reconnecting an interface is incorrect: Marcos M
10:53 PM Feature #855 (Resolved): Ability to selectively kill states on gateway recovery: This has been working well in 24.03 snapshots. Documentation is available at:
https://docs.netgate.com/pfsense/en/lat... Marcos M
10:17 PM Bug #13226 (Resolved): Disconnecting a user from Captive Portal may allow previously established connections to continue: Marcos M
10:15 PM Feature #11556 (Resolved): Kill states using the pre-NAT address: I separated that issue into its own report: https://redmine.pfsense.org/issues/15252 Marcos M
10:10 PM Bug #15252 (Feedback): Egress states remain when killing states for scheduled rules: Applied in changeset commit:c489213a62b68902bd673f782d59b3888d2bd6da. Marcos M
10:00 PM Bug #15252 (Resolved): Egress states remain when killing states for scheduled rules: When a schedule expires and states are killed, the opposite state (e.g. on the WAN side) remains.
Reported here: h... Marcos M
10:02 PM Revision c489213a: Kill matching opposite states when schedules expire. Fix #15252: Marcos M
06:57 PM Feature #15251 (New): Show network preview in rules page: For common networks (LAN, WAN, OPT, etc), it would be nice if you could show a preview of the network that's selected... Jon Moeller
01:02 PM pfSense Plus Regression #14828: QAT is not being used by some daemons: Post 23.09 iss there intent to expand QAT capabilities beyond the set currently used by pfSense, including 'user-spac... Rob A

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

03/10/2024

03/09/2024

03/08/2024

03/07/2024

03/06/2024

03/05/2024

03/04/2024

03/03/2024

03/02/2024

03/01/2024

02/29/2024

02/28/2024

02/27/2024

02/26/2024

02/25/2024

02/24/2024

02/23/2024

02/22/2024

02/21/2024

02/20/2024

02/19/2024

02/18/2024

02/17/2024

02/16/2024

02/15/2024

02/14/2024

02/13/2024

02/12/2024

02/11/2024

02/10/2024