Activity

30 days up to

User

Subprojects

Activity

From 02/25/2024 to 03/25/2024

03/25/2024

08:54 PM Revision 2f30e7a9: register_all_installed_packages: introduce option: Christian McDonald
08:54 PM Bug #15341 (Closed): PHP errors in ``xmlrpc.php`` during configuration synchronization concerning OpenVPN: This is part of a general change currently in progress. Marcos M
06:50 PM Bug #15118 (Feedback): DHCPv6 settings page "DDNS Reverse" check box not showing current state: Applied in changeset commit:31742a256444b808f646ab805b53987ff95d9207. Jim Pingle
06:41 PM Revision 31742a25: Reflect config value of ddnsreverse for DHCPv6. Fixes #15118: Jim Pingle
06:28 PM Bug #14977 (Closed): Kea fails to restart due to race between process termination and startup: I can't reproduce this at all on current snapshots. I've killed the process and left the old file in place, killed it... Jim Pingle
06:25 PM Bug #14991 (Feedback): Kea does not allow FQDNs for NTP servers but input validation does not prevent them from being added: Applied in changeset commit:216df8ac250e2fe705c90f07c2a5e1811e7011e9. Jim Pingle
06:15 PM Revision 216df8ac: Disallow hostnames in Kea NTP. Fixes #14991: * If they are in the config.xml data already, do not write them into
the Kea configuration.
* Do not allow the user... Jim Pingle
06:00 PM Bug #15032 (Feedback): Kea DHCP sends wrong bootloader file for UEFI: Applied in changeset commit:d027f903cfad356af6cad7a3cf49253a5e5dbc31. Jim Pingle
05:50 PM Bug #14996 (Feedback): Kea DHCP PHP error from WINS server value: Applied in changeset commit:faf9f096448c3d18ba291901e391270036ab47c7. Jim Pingle
05:45 PM Bug #14936 (Feedback): ``radvd`` service shows as stopped in services list when it should be disabled and hidden from that list: Applied in changeset commit:0cd692b7265415410fcaf79575089da58f49739c. Jim Pingle
05:44 PM Revision d027f903: Fix order of Kea boot files. Fixes #15032: Jim Pingle
05:43 PM Revision faf9f096: Fix variable typo. Fixes #14996: Jim Pingle
05:34 PM Revision 0cd692b7: Fix an radvd service status edge case. Fixes #14936: Jim Pingle
04:13 PM pfSense Plus Regression #15337 (Feedback): pfSense-boot pkg fails install in UFS: IIRC this is fixed now, or at least needs re-tested on current snaps. Jim Pingle
01:07 PM pfSense Plus Todo #15266: Prevent usage of the default password in User Manager accounts: Danilo Zrenjanin wrote in #note-14:
> > * Plus: Setup wizard requires the user to change the password and will no... Jim Pingle
01:03 PM pfSense Docs Correction #15359 (Closed): Wireguard Overview: remove word: Fixed, thanks! Jim Pingle
01:00 PM Regression #14930 (Feedback): Clean installation using Auto (ZFS) + MBR (BIOS) does not boot: Jim Pingle
12:24 PM Todo #15358 (Rejected): Correct description in “System Information” widget: There is no need to use both forms everywhere. The string is already long enough as it is without adding to it. Jim Pingle
12:18 PM Bug #14942 (Resolved): DNS Resolver host overrides ignore all aliases if first entry has a domain set but no hostname: Jim Pingle
11:56 AM Bug #13624: Only one alias in local network of OpenVPN Server works in 2.6.0: Kris Phillips wrote in #note-8:
> Reproduced this with a customer. The root of the issue appears to be that OpenVPN... Sean Huggans
04:48 AM Bug #13624: Only one alias in local network of OpenVPN Server works in 2.6.0: Re-upload of image provided by Kris with additional information redacted. Craig Coonrad
09:20 AM Bug #15361 (Resolved): Network and broadcast address input validation is incorrectly applied to IPv6 VIPs: There is no network address in IPv6, nor broadcasts like IPv4
When adding / editing an IP alias and putting there an... Mathis Cavalli

03/24/2024

11:55 PM Regression #14930: Clean installation using Auto (ZFS) + MBR (BIOS) does not boot: This fix is in pfSense Plus currently, and will be in the next release of CE. Upstream will likely be deprecating and... Christian McDonald
07:14 PM Bug #14942: DNS Resolver host overrides ignore all aliases if first entry has a domain set but no hostname: Can confirm the patch is working correctly on 23.09.1 dylan mendez
12:41 PM Bug #14977: Kea fails to restart due to race between process termination and startup: I just experienced exactly this same problem:
DHCP4_CONFIG_LOAD_FAIL configuration error using file: /usr/local/et... Suriname Clubcard
02:18 AM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Just tested this on 24.03. Added a new VTI, added the interface, and checked the Status --> Gateways page. Gateway ... Kris Phillips
02:07 AM Bug #15346: Port Forward Add Unassociated Filter Rule Not Working: I can also confirm this behavior on the March 22nd builds of 24.03. Associated and None work fine. Kris Phillips
02:06 AM Bug #15360 (Duplicate): pcap & Tailscale interface: https://redmine.pfsense.org/issues/15145 Christopher Cope
01:41 AM Bug #15360 (Duplicate): pcap & Tailscale interface: Tailscale is listed in PCAP as unassigned interface.
when I click on start it works for a sec then stop. Alhusein Zawi
02:01 AM Bug #15341 (Pull Request Review): PHP errors in ``xmlrpc.php`` during configuration synchronization concerning OpenVPN: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1146 Christopher Cope

03/23/2024

08:03 PM Bug #15147 (Closed): Cannot configure dual stack IPsec tunnel to accept connections from any remote address on both address families: note was added
24.03.b.20240322.1708
Alhusein Zawi
07:55 PM pfSense Packages Bug #13654: Wireguard does not fail back failover WAN setup.: Tested/confirmed on 4100 hardware, pfSense Plus 23.09.1.
Dual ISP in gateway group with tier 1/2.
Wireguard traffic... Craig Coonrad
07:38 PM pfSense Docs Correction #15359 (Closed): Wireguard Overview: remove word: URL: https://docs.netgate.com/pfsense/en/latest/vpn/wireguard/index.html#wireguard-overview
> WireGuard instances ... Craig Coonrad
06:04 PM Todo #15358 (Rejected): Correct description in “System Information” widget: Brilliant pfSense DevTeam!
WHERE
“ *System Information”* widget
in block “*System*”
ISSUE
change
“*Netgate ... Sergei Shablovsky
05:42 PM pfSense Plus Bug #13320 (Resolved): IP aliases with a CARP VIP parent are not available as VIP choices for gateway groups: Tested against 23.09.1.
It works as expected. I was able to choose Alias VIP (nested under CARP VIP IP) in the Vir... Danilo Zrenjanin
05:40 PM Bug #13624: Only one alias in local network of OpenVPN Server works in 2.6.0: Reproduced this with a customer. The root of the issue appears to be that OpenVPN is sometimes passing the NAME of t... Kris Phillips
03:42 PM pfSense Packages Bug #11614: ACME certificate renewal/creation fails with multiple DNS providers: 3 years later and I ran into the same issue and the fix is actually extremely simple.
The logic in the function <c... Sherif Fanous
03:09 PM Bug #14933: Traffic Graph widget displays bandwidth usage values which are half the actual usage amount: To apply the patch successfully, the *path strip = 0* must be set. Danilo Zrenjanin
01:14 PM pfSense Plus Todo #15266: Prevent usage of the default password in User Manager accounts: Jim Pingle wrote in #note-10:
> This is now in and complete.
>
> tl;dr: Passwords are now a little more strict on bo... Danilo Zrenjanin
06:27 AM Bug #14942: DNS Resolver host overrides ignore all aliases if first entry has a domain set but no hostname: The patch fixed the behavior. I think the issue can be marked as resolved.
tested on ... Lev Prokofev
06:12 AM Bug #15032: Kea DHCP sends wrong bootloader file for UEFI: I can confirm this behavior on 23.09.1.
The patch makes it work for both legacy and UEFI boot. Lev Prokofev
05:41 AM Bug #15346: Port Forward Add Unassociated Filter Rule Not Working: Can confirm this behavior on 24.03 BETA... Lev Prokofev
12:08 AM pfSense Packages Todo #15270 (Closed): ENUMER STUN: That feed isn't enabled by default and we don't maintain it. The pfBlockerNG developer includes the ability to one-cl... Chris W

03/22/2024

10:35 PM Bug #14371: Firewall does not respond to UDP traceroute requests over IPsec: I am seeing a similar behavior on wireguard tunnels as well. You can see the incoming request in the pcap but no answ... Johannes Rohde
10:05 PM Bug #15357 (Not a Bug): Password policy script remains running after it succeeds in another shell session: It's not a bug. It isn't constantly checking to see if it's changed in the background. User can hit ^C to break out o... Jim Pingle
09:21 PM Bug #15357 (Not a Bug): Password policy script remains running after it succeeds in another shell session: After upgrading/install, @/usr/local/bin/usermgrpasswd@ is triggered, prompting a password change on the serial conso... Marcos M
03:30 PM pfSense Packages Todo #15281 (Confirmed): Upgrade Tailscale to 1.6.0: This is not currently available in the 24.03-BETA. We're still on 1.56. Kris Phillips
02:50 PM Bug #14933: Traffic Graph widget displays bandwidth usage values which are half the actual usage amount: I can confirm that the patch works fine on 23.09.1. Danilo Zrenjanin

03/21/2024

08:55 PM Todo #15256: Upgrade Unbound to >= 1.19.1: Updated to 1.19.3 Marcos M
08:27 PM Bug #15353: Crashes Every ~8-12 Hours in New 2.7.2 Install with Unbound, Suricata, and pfBlockerNG: Thanks for the feedback, this was my first post here. I have more logs if necessary.
I disabled virtualization in ... Devin Dawson
04:00 PM Bug #15353: Crashes Every ~8-12 Hours in New 2.7.2 Install with Unbound, Suricata, and pfBlockerNG: I see quite a few posts on the forum around recent instability. I myself is currently facing the issue with high syst... Mike Moore
06:41 AM Bug #15353 (New): Crashes Every ~8-12 Hours in New 2.7.2 Install with Unbound, Suricata, and pfBlockerNG: After reading some FreeBSD posts, it appears that this bug is potentially triggered by high CPU load. This occurs for... Devin Dawson
07:04 PM pfSense Plus Bug #15356 (Not a Bug): Traffic Graph Widget shows traffic of VLAN-if additionally in no-VLAN-if: This is expected. Traffic tagged with the VLAN still has to pass the parent interface. If it was not shown there the ... Steve Wheeler
06:36 PM pfSense Plus Bug #15356 (Not a Bug): Traffic Graph Widget shows traffic of VLAN-if additionally in no-VLAN-if: !clipboard-202403211934-zwlja.png!
!clipboard-202403211935-dvmgs.png!
See LAN and Medien. Traffic flows to Medien... Thomas Völker
06:53 PM Revision cba5bb65: Update the code for consistency.: No functional changes. Luiz Souza
06:43 PM Revision c379cdf4: Run the pfSense-repoc with the new file names style.: Luiz Souza
06:03 PM pfSense Packages Bug #15334 (Resolved): Interface Description not updated properly when add/creating new interface in Snort: PR merged, thanks! Jim Pingle
06:02 PM pfSense Packages Bug #15351 (Resolved): Snort does not honor user-specified PHP memory limit setting if user specifies a value greater than 384 MB: PR merged, thanks! Jim Pingle
06:02 PM pfSense Packages Bug #15333 (Resolved): Interface Description not updated properly when add/creating new interface in Suricata: PR merged, thanks! Jim Pingle
06:02 PM pfSense Packages Bug #15350 (Resolved): Suricata does not honor user-specified PHP memory limit setting if user specifies a value greater than 512 MB: PR merged, thanks! Jim Pingle
06:00 PM pfSense Packages Feature #15355 (New): Logging Verbosity Change via patch for miniupnpd: Please see https://forum.netgate.com/post/1158297
For those that wish to ingest miniupnpd (UPNP) firewall and nat ... Jeff Lewis
04:55 PM Bug #15354 (Duplicate): Interface Throughput Limitation on Intel(R) Ethernet Connection E823-C for SFP Network Card: https://redmine.pfsense.org/issues/15174 Steve Wheeler
04:26 PM Bug #15354 (Duplicate): Interface Throughput Limitation on Intel(R) Ethernet Connection E823-C for SFP Network Card: In the current stable version of pfSense, 2.7.2 CE, a significant limitation in interface throughput has been ident... Samuel Trnka

03/20/2024

11:54 PM Revision 3c6be688: Instrument the upgrade JSON data with more information about errors and failures.: Now, with the proper return code, instead of presenting no data to the user when
the pfSense-upgrade is busy (running... Luiz Souza
11:51 PM Revision 1e0c40e5: Add the support to the new pfSense-repoc repository files style.: Keeps the support to the old style, so both versions of pfSense-repoc are supported. Luiz Souza
09:18 PM pfSense Plus Feature #13227: Group-based Mobile IPsec Virtual Address Pool assignment via RADIUS: Tue Madsen wrote in #note-11:
> This a fabulous ♥️ Unfortunately I’m away for a couple of weeks right now, so I won’... Reid Linnemann
08:45 PM pfSense Plus Feature #13227 (Resolved): Group-based Mobile IPsec Virtual Address Pool assignment via RADIUS: This is working as expected. Note that strongswan's @eap-radius@ plugin only supports specifying a single group for a... Marcos M
05:14 PM pfSense Plus Feature #13227: Group-based Mobile IPsec Virtual Address Pool assignment via RADIUS: This a fabulous ♥️ Unfortunately I’m away for a couple of weeks right now, so I won’t be able to participate in betat... Tue Madsen
03:13 PM pfSense Plus Feature #13227 (Feedback): Group-based Mobile IPsec Virtual Address Pool assignment via RADIUS: Reid Linnemann
08:52 PM pfSense Docs New Content #15352 (New): Mobile IPsec Group Virtual Address Pools: Document the feature introduced with:
https://redmine.pfsense.org/issues/13227
Note that strongswan's @eap-radius... Marcos M
07:55 PM Feature #15322 (Feedback): 50x and 404 error handling to GUI web server configuration: Applied in changeset commit:6667cd717f7f5c038b1a439f322c71ef2427fa2d. Jim Pingle
07:48 PM Revision 6667cd71: Catch/handle some HTTP errors. Implements #15322: * Catch 50x errors, even from PHP FPM, so users don't end up with a
blank white screen if an error happens too earl... Jim Pingle
07:12 PM pfSense Packages Bug #15334: Interface Description not updated properly when add/creating new interface in Snort: A pull request has been submitted against the RELENG_2_7_2 branch of pfSense CE to correct this issue: https://github... Bill Meeks
07:12 PM pfSense Packages Bug #15351: Snort does not honor user-specified PHP memory limit setting if user specifies a value greater than 384 MB: A pull request has been submitted against the RELENG_2_7_2 branch of pfSense CE to correct this issue: https://github... Bill Meeks
06:46 PM pfSense Packages Bug #15351 (Resolved): Snort does not honor user-specified PHP memory limit setting if user specifies a value greater than 384 MB: Recently pfSense added a new PHP Memory Limit parameter in the *Advanced Settings* tab under the SYSTEM menu. Prior t... Bill Meeks
06:32 PM pfSense Packages Bug #15333: Interface Description not updated properly when add/creating new interface in Suricata: A pull request containing the fix for this issue has been posted against the RELENG_2_7_2 pfSense CE branch here: htt... Bill Meeks
06:31 PM pfSense Packages Bug #15350: Suricata does not honor user-specified PHP memory limit setting if user specifies a value greater than 512 MB: A pull request containing the fix for this issue has been posted against the RELENG_2_7_2 pfSense CE branch here: htt... Bill Meeks
02:18 PM pfSense Packages Bug #15350 (Resolved): Suricata does not honor user-specified PHP memory limit setting if user specifies a value greater than 512 MB: Recently pfSense added a new PHP Memory Limit parameter in the *Advanced Settings* tab under the SYSTEM menu. Prior t... Bill Meeks
03:53 PM Bug #15343: DHCP host names for Windows 10/11 hosts have "." at the end: It's there in the Kea IPv6 lease database but the status page code trims it so it's not shown in the GUI. Just a mino... Jim Pingle
03:29 PM Bug #15343: DHCP host names for Windows 10/11 hosts have "." at the end: DHCPv6 is not adding the "." to the hostnames for Windows 10 / 11 hosts. It's behaving differently than DHCPv4. If DH... Daryl Morse
03:38 PM Bug #12833: GUI Service Log Filling Up with Cruft: In Status / System Logs / Settings, there is the setting "Web Server Log".
I take this setting literally, that if ... Daryl Morse
03:12 PM pfSense Plus Bug #15316 (Confirmed): OpenVPN Clients with Gateway Group Interface on DHCP Exits on Error 1: I was able to replicate this behavior. The OpenVPN client doesn't failover to the next gateway in the gateway group. ... Danilo Zrenjanin
01:51 PM Bug #15110: pfSense hangs when rebooting: The 256 GB WD NVMe SSD performs without any issues when used with the Netgate 6100. Danilo Zrenjanin
01:47 PM Bug #15110: pfSense hangs when rebooting: Another user encountered the same issue with their Netgate 6100 device after installing the Transcend TS256GMTE460T N... Danilo Zrenjanin
09:53 AM Bug #15181 (Resolved): PHP error in ``interfaces_qinq_edit.php`` when creating a QinQ interface: Thank you for confirming, Jens!
I am closing this ticket as resolved. Danilo Zrenjanin

03/19/2024

08:18 PM Revision 63fe1588: Correct empty resolver alias handling. Fixes #14942: Jim Pingle
08:15 PM Bug #14942 (Feedback): DNS Resolver host overrides ignore all aliases if first entry has a domain set but no hostname: Applied in changeset commit:0ea1a9918e4baf00f563a180f801f00b581aebcf. Jim Pingle
08:09 PM Revision 0ea1a991: Adjust unbound host alias validation. Fixes #14942: Jim Pingle
03:18 PM Bug #15343 (Not a Bug): DHCP host names for Windows 10/11 hosts have "." at the end: That is how the clients are sending their own hostname. It's that way in the lease database, and Kea is just recordin... Jim Pingle
02:57 PM pfSense Docs Correction #15345 (Resolved): Advanced options -- fix typo: Fixed, thanks! Jim Pingle
02:56 PM Bug #15347 (Not a Bug): OpenVPN Multiple WAN Asymmetric Routing: The RADIUS authentication is a separate request that is unrelated to the incoming VPN connection at a packet level. I... Jim Pingle
02:48 PM pfSense Docs Correction #15344 (Resolved): Interface Bound States -- fix typo: Fixed, thanks! Jim Pingle
02:32 PM Feature #15348: Block out PSK when viewing Phase 1 IPsec configuration: "It would also render the button to generate a PSK useless without a way to see/copy it."
Is render and copy to cl... Mike Moore
02:30 PM Feature #15348: Block out PSK when viewing Phase 1 IPsec configuration: "If we do anything like this, it will need to have a visibility toggle and/or a button to copy the value to the clipb... Mike Moore
12:34 PM Feature #15348: Block out PSK when viewing Phase 1 IPsec configuration: If we do anything like this, it will need to have a visibility toggle and/or a button to copy the value to the clipbo... Jim Pingle
12:26 PM Bug #15349 (Not a Bug): 1:1 NAT rule for subnet always uses full subnet range: The "/24" in your text appears to be a typo or confusion on your part. The rules it forms use the whole *_/28_* which... Jim Pingle
07:11 AM Bug #13624: Only one alias in local network of OpenVPN Server works in 2.6.0: The same behaviour on 23.09.1 aleksei prokofiev

03/18/2024

11:20 PM Feature #4165: Allow for security zones when defining interfaces and firewall rules.: Marcos M wrote in #note-7:
> Though there's plenty of related documentation and resources already, it'd be helpful t... Ryan S
08:37 PM Bug #15349 (Not a Bug): 1:1 NAT rule for subnet always uses full subnet range: Creating a 1:1 NAT rule for something like @10.0.0.5/28 -> 10.1.0.7/28@ will actually create the proper rules for the... Yehuda Katz
08:22 PM Feature #14208: Automatic Split-DNS for 1:1 NAT: I unfortunately haven't finished my dissertation, but I took a break to work on this. PR is significantly expanded, s... Yehuda Katz
04:22 PM pfSense Plus Feature #13227: Group-based Mobile IPsec Virtual Address Pool assignment via RADIUS: I started down the path of including this using the key identifier and using the identifier as the 'groups' value ins... Reid Linnemann
02:31 PM Feature #15348 (New): Block out PSK when viewing Phase 1 IPsec configuration: When filling out a PSK in the phase 1 proposal section, the PSK really should be entered in obfuscated with the optio... Mike Moore

03/17/2024

06:50 PM Bug #14854 (Resolved): Packets are passed through dummynet twice when using ``route-to`` leading to half the expected bandwidth: https://reviews.freebsd.org/D44365
A fix has been merged; I tested limiting with and without floating rules, as well... Marcos M
06:21 PM pfSense Packages Todo #14073: Shalla block list is offline but still available in pfBlocker: Kris we know what the issue is but how does it get cleaned up?
Seems like something someone internal can push the m... Mike Moore
02:53 AM pfSense Packages Todo #14073: Shalla block list is offline but still available in pfBlocker: This still affects 23.09.1 and 24.03's builds of pfBlockerNG as of today. This source should be removed as soon as p... Kris Phillips
05:08 PM Bug #15343: DHCP host names for Windows 10/11 hosts have "." at the end: The hosts with yellow highlighting are windows 10/11. The others are IoT or mobile. Daryl Morse
02:52 PM Bug #15181: PHP error in ``interfaces_qinq_edit.php`` when creating a QinQ interface: Danilo Zrenjanin wrote in #note-8:
> Can you apply the patch and see if it fixes that in your environment?
I can ... Jens Becker
02:58 AM pfSense Packages Bug #15296: WAN Interface cannot added to ntopng if offline-packet loss: Sergei Shablovsky wrote in #note-1:
> Sergei Shablovsky wrote:
> >
> >
> > But LAN interfaces ALL would be ADDED as... Kris Phillips
01:05 AM Revision d46d5302: pfSense-boot: now just a distribution package, eliminate post-install script: Christian McDonald

03/16/2024

11:57 PM Bug #15346 (Confirmed): Port Forward Add Unassociated Filter Rule Not Working: I'm able to confirm this behavior on... Christopher Cope
09:51 PM Bug #15346 (Confirmed): Port Forward Add Unassociated Filter Rule Not Working: Upon creating a port forward entry on pfSense Plus 23.09.1 and choosing the "Add unassociated filter rule" option und... Timo M
10:59 PM pfSense Plus Todo #15266: Prevent usage of the default password in User Manager accounts: That build doesn't have all of the final changes, it has to be a build from the 15th or later, which hasn't been succ... Jim Pingle
09:28 PM pfSense Plus Todo #15266: Prevent usage of the default password in User Manager accounts: Upon updating to build 24.03.b.20240314.0323 and logging in, you are immediately taken to password reset (if it was s... Jordan G
10:48 PM pfSense Docs Correction #15344: Interface Bound States -- fix typo: Craig Coonrad wrote:
> URL: https://docs.netgate.com/pfsense/en/latest/config/advanced-firewall-nat.html#interface-b... Ted Quade
07:40 PM pfSense Docs Correction #15344 (Resolved): Interface Bound States -- fix typo: URL: https://docs.netgate.com/pfsense/en/latest/config/advanced-firewall-nat.html#interface-bound-states
> If a pa... Craig Coonrad
10:45 PM Bug #15110: pfSense hangs when rebooting: Same issue. Factory Netgate 6100. No add-ons or changes. 23.09.1
Have NOT changed the internal storage. Factory ever... Jacques Paquin
10:15 PM Bug #15347: OpenVPN Multiple WAN Asymmetric Routing: Forgot to mention, I see this behavior on pfSense Plus 23.09.1. Timo M
10:12 PM Bug #15347 (Not a Bug): OpenVPN Multiple WAN Asymmetric Routing: Using OpenVPN in multi-wan / failover environment (a OpenVPN interface has been created and is used by the OpenVPN se... Timo M
09:43 PM pfSense Packages Bug #15333 (Confirmed): Interface Description not updated properly when add/creating new interface in Suricata: Similar behavior as seen with Snort (#15334). Differences are:
- When you change the dropdown selection of an inte... Chris W
07:46 PM pfSense Docs Correction #15345 (Resolved): Advanced options -- fix typo: URL: https://docs.netgate.com/pfsense/en/latest/config/advanced-firewall-nat.html#advanced-options
> Tip: While th... Craig Coonrad
06:42 PM Bug #15343: DHCP host names for Windows 10/11 hosts have "." at the end: Hello Daryl,
Can you please provide a screenshot or additional context for this? There isn't enough information i... Kris Phillips
05:53 PM pfSense Packages Bug #15334 (Confirmed): Interface Description not updated properly when add/creating new interface in Snort: To be clear, what you're looking for is to select any interface in Snort (and Suricata) and have the Description form... Chris W

03/15/2024

10:07 PM Feature #9293: Custom message text for the login screen: I agree with this. This is a blocker for me right now.
Is HTML custom code not permissible? 5years request for somet... Mike Moore
05:17 PM Feature #9293: Custom message text for the login screen: This is getting to be more a requirement for US Government Agencies, as security adherence to NIST, DOD and DHS Secur... Mark Williams
05:24 PM pfSense Docs Todo #15342 (Feedback): Document differences due to password security changes: This should cover everything:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/ea224d9c2b209c09c4a1ddc61767ec... Jim Pingle
04:21 PM pfSense Docs Todo #15342 (Closed): Document differences due to password security changes: In #15266 significant changes were made in how passwords are handled. These changes need to be documented.
There i... Jim Pingle
05:13 PM Regression #15339 (Resolved): Firewall logs widget cannot have multiple instances: Jim Pingle
05:11 PM Regression #15339: Firewall logs widget cannot have multiple instances: tested on
24.03-BETA (amd64)
built on Thu Mar 14 3:23:00 UTC 2024
FreeBSD 15.0-CURRENT
patch fixes the issue su... Georgiy Tyutyunnik
02:00 PM Regression #15339 (Feedback): Firewall logs widget cannot have multiple instances: Applied in changeset commit:0d42f78fba1830d383ff626644fa0d7769dd9bde. Jim Pingle
05:08 PM Bug #12747: Restarting the logging daemon during rotation also restarts ``sshguard``, leading to frequent log messages: The original bug was reported against 2.6.0, but the problem has carried over to 2.7.x.
These messages are only on... Daryl Morse
04:50 PM Bug #15343 (Not a Bug): DHCP host names for Windows 10/11 hosts have "." at the end: Since changing to Kea DHCP, DHCP host names for Windows 10 and Windows 11 hosts are being created with a "." at the e... Daryl Morse
03:35 PM Bug #15341 (Closed): PHP errors in ``xmlrpc.php`` during configuration synchronization concerning OpenVPN: ... Christopher Cope
03:24 PM pfSense Plus Feature #15295: State Filter Rule ID needs clarification: I've run into the same issue, and it's confusing. Andrew Almond
03:21 PM pfSense Plus Feature #15306: Change Gateway Status from Pending to Unavailable: "Unavailable" would be a helpful change. Andrew Almond
03:21 PM Revision 210eb1d6: Add self-service user pw mgr to menu/tab. Issue #15266: No need to hide this since it's convenient and works well.
While here, make all tab arrays in the user manager consi... Jim Pingle
03:18 PM pfSense Packages Bug #15313: Zabbix server 6.4.12 requires Zabbix proxies to be version 6.4.12: Zabbix has now added a note to the upgrade notes and release notes that warns of the issue with 6.4.12:
https://www.... Andrew Almond
02:52 PM pfSense Packages Feature #15340 (New): provide the ability to deactivate actions in Gui: When using the webUI to push changes there are times when i need to deactivate a portion of the config. For example, ... Mike Moore
01:54 PM Revision 0d42f78f: Fix FW log multiple instance bug. Fixes #15339: Move the mdiff function into pfsense-utils.inc and also rename it so its
purpose is more clear. Jim Pingle
01:41 PM pfSense Docs Correction #15286 (Rejected): Wireguard Remote Access Config Recipe Typo: The example you quoted is the configuration that goes on the _client_ side, not the server side. The client shouldn't... Jim Pingle
01:19 PM pfSense Docs Correction #15336 (Closed): MSS clamping, minor correction.: Fixed the typo Jim Pingle
07:22 AM pfSense Packages Bug #14460 (Resolved): PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/pkg/haproxy/haproxy.inc:2158: I am closing this case because it appears to be more of a configuration issue rather than a bug. Danilo Zrenjanin
07:11 AM Bug #15181: PHP error in ``interfaces_qinq_edit.php`` when creating a QinQ interface: I couldn't replicate this either.
@Jens Becker
Can you apply the patch and see if it fixes that in your environm... Danilo Zrenjanin

03/14/2024

09:13 PM pfSense Packages Bug #15313 (Confirmed): Zabbix server 6.4.12 requires Zabbix proxies to be version 6.4.12: Chris W
08:42 PM pfSense Plus Regression #15337: pfSense-boot pkg fails install in UFS: Assigned to Christian as he has changes in the works to move all of this boot code management into pfSense-upgrade an... Reid Linnemann
03:40 PM pfSense Plus Regression #15337: pfSense-boot pkg fails install in UFS: The regex to capture the root disk dev is insufficient, as the root partition can show up as a label as well as a par... Reid Linnemann
08:06 PM Regression #15339 (Resolved): Firewall logs widget cannot have multiple instances: Adding more than one instance of the new logs widget to the dashboard generates an error:... Steve Wheeler
07:12 PM Feature #15257 (Resolved): Support using a mask to block MAC addresses in Captive Portal: Jim Pingle
06:43 PM Feature #15257: Support using a mask to block MAC addresses in Captive Portal: Tested on
23.09.1-RELEASE (amd64)
built on Tue Mar 5 21:00:00 UTC 2024
FreeBSD 14.0-CURRENT
patch fixes the issue Georgiy Tyutyunnik
07:04 PM pfSense Plus Todo #15266 (Feedback): Prevent usage of the default password in User Manager accounts: This is now in and complete.
tl;dr: Passwords are now a little more strict on both Plus and CE. Plus forces password... Jim Pingle
12:52 PM pfSense Plus Todo #15266: Prevent usage of the default password in User Manager accounts: That part looks good. The setup wizard doesn't allow the default password to be defined.
!clipboard-202403141351-... Danilo Zrenjanin
05:41 PM Revision 89b92719: Add password check mode to usermgrpasswd. Issue #15266: Jim Pingle
05:23 PM Revision 97c86b9e: Console password reset changes. Issue #15266: * Correct menu description as this is the admin user manager account and
it is not specific to the GUI.
* Clean up ... Jim Pingle
04:55 PM Regression #15338: AWS net driver if_ena.ko is missing: Jim Pingle wrote in #note-1:
> CE is not intended for use on cloud providers. Use the existing AMI for pfSense Plus ... Marco Fortina
04:36 PM Regression #15338 (Not a Bug): AWS net driver if_ena.ko is missing: CE is not intended for use on cloud providers. Use the existing AMI for pfSense Plus to run it on AWS.
Jim Pingle
04:22 PM Regression #15338 (Not a Bug): AWS net driver if_ena.ko is missing: Hello folks,
starting from release 2.7.0, AWS network driver if_ena.ko is not present in the /boot/kernel/ folder.... Marco Fortina
01:35 PM pfSense Packages Bug #15100: Tailscale IPv6 Exit Node uses first LAN interface when WAN is set to Only Request Prefix: There is a feature request:
https://redmine.pfsense.org/issues/15177 Danilo Zrenjanin
01:14 PM Revision d5f7ea56: More accurate priv check for warning. Issue #15266: Jim Pingle
06:04 AM Bug #15332: Kea fails to start if DHCP pool configuration contains default lease time or max lease time: I can confirm this behavior, tested on 23.09.1. It happens because that can't set default-lease-time or max-lease-tim... Lev Prokofev

03/13/2024

10:05 PM pfSense Plus Regression #15337 (Resolved): pfSense-boot pkg fails install in UFS: Upgrading UFS installs to the current 24.03 snapshot fails when running the POST-INSTALL script inb the pfSense upgra... Steve Wheeler
08:13 PM pfSense Docs Correction #15336 (Closed): MSS clamping, minor correction.: URL: https://docs.netgate.com/pfsense/en/latest/config/advanced-firewall-nat.html#mss-clamping
Text:
> This is ... Craig Coonrad
06:44 PM Revision 16d4106b: Improve user password warning boxes. Issue #15266: - Show warnings for user accounts as well as admin
- Try to send the user to the self-service password
manager page... Jim Pingle
01:10 AM pfSense Docs Todo #15335 (Rejected): Feedback on Packages — ACME package — ACME Package Settings — Certificate Settings: It's correct as it is. It's not an "ACME account key"
ACME (meaning the package) is using the account key. Jim Pingle

03/12/2024

11:58 PM pfSense Docs Todo #15335 (Rejected): Feedback on Packages — ACME package — ACME Package Settings — Certificate Settings: *Page:* https://docs.netgate.com/pfsense/en/latest/packages/acme/settings-certs.html
*Feedback:* Acme Account page... Ian M
07:48 PM Revision 0fed7e35: Use pw validation function in wizard. Issue #15266: Jim Pingle
07:31 PM Revision b5698fbf: Centralize password hints. Issue #15266: Reduces repetition and makes it easier to maintain. Jim Pingle
07:16 PM Revision c13d8a49: Fix local auth type match. Issue #15266: Jim Pingle
06:58 PM Revision 2eac2107: User Manager shell scripts. Issue #15266: * usermgrwhoami prints info about the current user from the user manager
database.
* usermgrpasswd allows root/admi... Jim Pingle
03:37 PM pfSense Packages Bug #15334 (Resolved): Interface Description not updated properly when add/creating new interface in Snort: *Brilliant pfSense DevTeam!*
*WHERE*
in *Services / Suricata* package
on *Interfaces*
*ISSUE*
Interface ... Sergei Shablovsky
03:30 PM pfSense Packages Bug #15333 (Resolved): Interface Description not updated properly when add/creating new interface in Suricata: *Brilliant pfSense DevTeam!*
*WHERE*
in *Services / Suricata* package
on *Interfaces*
*ISSUE*
Interface *De... Sergei Shablovsky
01:17 PM Bug #15332 (Resolved): Kea fails to start if DHCP pool configuration contains default lease time or max lease time: If the config has additioan DHCP pool with extra parametrs configured, such default-lease-time or max-lease-time, the... aleksei prokofiev
01:06 PM pfSense Packages Bug #14556: Tailscale dropping routes from FIB: Chris Linstruth wrote:
> Attempted to duplicate this by adding a tailnet to 4 pfSense nodes with routes and two devic... Matt Keys
03:05 AM pfSense Packages Regression #15158: XMLRPC Timeout won't save if over 150: I was able to replicate this on 24.03.b.20240311.0600, pfBlockerNG 3.2.0_8 dylan mendez

03/11/2024

06:10 PM Revision 6b940cff: Set a stricter nginx header timeout.: Jim Pingle
05:50 PM Bug #15157: PHP error when generating a notification after detecting a malformed configuration: I have a similar stack trace for an issue that is maybe not completely the same.
After upgrading to version 2.7.2-... Robbe Van der Gucht
05:04 PM Bug #15328: Changes in Kea DHCP interface pools may invalidate lease database content: Tom Lane wrote:
> I'm not sure if there will be any outright conflicts as the remaining clients try to renew their ... Tom Lane
04:52 PM Feature #15331 (New): Client (service) for CloudFlare WARP/WAR+: *On now CloudFlare in fact for a couple of years are fastest and reliable proxy and SDN for most users.*
(Sometimes ... Sergei Shablovsky
03:53 PM pfSense Packages Feature #15243: CARP causes tinc termination: I have only one tincd process (which is in no way related to any VIP managed by CARP) and it is "stopped" (i.e. event... Michael Lipp
02:39 PM pfSense Packages Feature #15243: CARP causes tinc termination: By "kills tinc" it means tinc stops functioning completely or just on the CARP interface?
If you have the Local IP... dylan mendez
12:58 PM pfSense Packages Bug #15250 (Resolved): Potential XSS in HAProxy GUI when editing frontend listener actions or backend pool ACL actions.: That is the latest version for 23.09.1. The version on dev snaps had already had a port revision bump for a change th... Jim Pingle
12:39 PM Feature #7671: Gateway Monitoring Via Custom Script or Telnet.: Another downright evil thing that Verizon FIOS does here in the US is: for suspended lines (if customer forgets to pa... → luckman212
12:24 PM Feature #15307 (Duplicate): Multiple Monitor IPs: Jim Pingle
12:23 PM pfSense Docs Todo #15327 (Closed): Feedback on Services — DNS Resolver — Domain Overrides: Fixed, thanks! Jim Pingle
04:48 AM pfSense Packages Feature #8547: fwknop Port Knocking Package: There are vpn technologies now using crypto based port knocking for just this reason. In my view it’s a reasonable fe... Robert Fulmer

03/10/2024

11:40 PM pfSense Docs Correction #15329 (New): Poor description of VLAN basics: The definition of Parent Interface on page https://docs.netgate.com/pfsense/en/latest/vlan/terminology.html has a Not... Tom Lane
11:09 PM Bug #15328 (Resolved): Changes in Kea DHCP interface pools may invalidate lease database content: I set up a couple of DHCP pools for VLANs on a new Netgate 4200 (running pfsense+ 23.09.1), which is replacing an Edg... Tom Lane
01:03 PM pfSense Docs Todo #15327: Feedback on Services — DNS Resolver — Domain Overrides: remove the "a" in sentance Ian M
01:03 PM pfSense Docs Todo #15327 (Closed): Feedback on Services — DNS Resolver — Domain Overrides: *Page:* https://docs.netgate.com/pfsense/en/latest/services/dns/resolver-domain-overrides.html
*Feedback:* Website... Ian M
05:06 AM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Above patch didn't seem to make a difference with respect to the VTI tunnel that sticks in pending when monitoring is... Jordan G
01:52 AM Feature #15326 (New): Use alias to define 1:1 NAT mapping: I made some single-entry host aliases, which I find I can use in most firewall rules, but not in creating 1:1 NAT map... Tom Lane
01:35 AM pfSense Packages Bug #13409 (Pull Request Review): Copy button for Optional pre-shared key for this tunnel works in HTTPS mode only: Still an issue on... Christopher Cope
01:07 AM Feature #15307: Multiple Monitor IPs: Duplicate of https://redmine.pfsense.org/issues/4354 Kris Phillips
01:03 AM pfSense Packages Bug #14995 (Resolved): SID Management List Actions download leads to 502 Bad Gateway: Closing this one out as Resolved since this has been merged and the package is available. Kris Phillips
12:59 AM pfSense Packages Bug #15250: Potential XSS in HAProxy GUI when editing frontend listener actions or backend pool ACL actions.: Updated 0.63_3 package is available in 24.03 repos, but has not yet been merged into 23.09.1. Package 0.63_2 is stil... Kris Phillips
12:47 AM pfSense Packages Bug #14934 (Resolved): haproxy-devel: "Warning: process cannot be trusted anymore!" since pfSense Plus Upgrade to: Testing this on 23.09.1, I'm not able to reproduce this. Since 23.09.1 is release and 23.05.X is no longer supported... Kris Phillips
12:37 AM Bug #15287: hw.ix.unsupported_sfp=1 parameter for ix driver not working: This is likely an upstream FreeBSD issue, as we simply pull this functionality from there.
As a workaround, you ... Kris Phillips
12:33 AM Feature #14121 (Duplicate): Add ability to batch import IPs into an *existing* alias: Christopher Cope

03/09/2024

09:10 PM pfSense Packages Regression #14452: Prometheus node_exporter generates errors with the default config: The FreeBSD repos contain a newer version of node_exporter: node_exporter-1.6.1_2
I downloaded this pkg copied it to... Craig Coonrad
09:02 PM pfSense Packages Feature #12711: Add InfluxDB V2 support: *pfSense* : 23.09.1-RELEASE
*Telegraf* : 0.9_6
Telegraf can be configured to provide influxdb v2 metrics. Under ... Craig Coonrad
08:05 AM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table: At the moment I cannot switch to the CE version. When will it be implemented in the free version? Michele D'A.
03:08 AM pfSense Docs New Content #15325 (New): Tailscale documents: adding documents to explain how to setup Tailscale. Alhusein Zawi

03/08/2024

09:42 PM Feature #15324: Allow specifying cloudflare host id for dyndns: PR: https://github.com/pfsense/pfsense/pull/4674 Flole Systems
09:41 PM Feature #15324 (New): Allow specifying cloudflare host id for dyndns: This can save a HTTP request when updating the entry, and may be used to update multiple entries with the same name b... Flole Systems
09:33 PM Feature #15323: Display server description when WOL is sent using mac url or power-on button: Github commit:
https://github.com/pfsense/pfsense/pull/4673
And a patch file for current pfsense 2.7.2 Phil Wardt
09:31 PM Feature #15323 (Pull Request Review): Display server description when WOL is sent using mac url or power-on button: When we use the send WOL to all devices link, the description of servers is properly printed
However, when we send W... Phil Wardt
08:58 PM Feature #15322 (Resolved): 50x and 404 error handling to GUI web server configuration: If there is a PHP error early enough in the output of a page it ends up returning a 500 error with a blank page. We s... Jim Pingle
08:46 PM Bug #14917: Mulicast traffic on a detached interface causes a panic: Jim Pingle wrote in #note-7:
> The original issue here is rare and difficult to reproduce, only affecting a small nu... Daniel Ben-Zvi
08:45 PM Feature #15321 (Resolved): Kea DHCP Custom Configuration Support (IPv4 and IPv6): adding customs options to KEA DHCP Alhusein Zawi
07:41 PM Revision eb0e751c: Password validation for user manager. Issue #15266: Jim Pingle
06:50 PM pfSense Packages Bug #15182 (Confirmed): Changing backend port - status remains down: I can confirm this behaviour. ... Danilo Zrenjanin
06:37 PM Bug #15317 (Confirmed): IPsec widget does not show mobile clients with IP addresses assigned from RADIUS: This is because the way the widget handles the "Mobile" tab it relies on the output of @swanctl --list-pools@ which o... Jim Pingle
05:00 PM Bug #12673 (Feedback): Firewall Logs Dashboard Widget is slow and may fail to update: The PR was creating a new file instead of updating the existing one and had some whitespace/formatting issues but I c... Jim Pingle
04:58 PM Revision 1586f580: Log widget fast update changes. Fixes #12673: Submitted-By: LouisAtGH @ GitHub Jim Pingle
04:40 PM Bug #15318 (Resolved): Users with Deny Config Write privilege can trigger some QinQ interface operations: Jim Pingle
01:40 PM Bug #15318: Users with Deny Config Write privilege can trigger some QinQ interface operations: tested on
Version 24.03-BETA (amd64)
built on Fri Mar 8 4:44:00 UTC 2024
FreeBSD 15.0-CURRENT
patch seems to b... Georgiy Tyutyunnik
03:24 PM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Try this patch: https://github.com/pfsense/pfsense/commit/338d722a3dcd5703d6d56fe2727490ca0ed33cad Christian McDonald
06:00 AM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Reply to what Chris Linstruth wrote in #note-7:
I am aware of the transitions due to replies, except that was not ... Hal Prewitt
05:35 AM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Reply to what Danilo Zrenjanin wrote in #note-6:
(1) Nothing surprising your 20 times worked. I too, saw many succes... Hal Prewitt
03:15 AM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Mr. Prewitt and I had a phone session today and spent a significant amount of time gathering information about the sy... Chris W
10:15 AM pfSense Docs New Content #15315: m2dev adjustment when adding an SSD drive into SG-3100: I had a customer whose SG-3100 couldn't boot from SSD until we changed m2dev to 1.
Prior to the change, the system... Danilo Zrenjanin
03:13 AM pfSense Plus Regression #15320: XMLRPC Sync Trigger on CARP Maintenance Mode Causes webConfigurator Hangs on VIPs: Customer ticket 2453691225 is an example of this issue. Kris Phillips
03:13 AM pfSense Plus Regression #15320 (New): XMLRPC Sync Trigger on CARP Maintenance Mode Causes webConfigurator Hangs on VIPs: When syncing a large configuration file with a large number of Virtual IPs, XMLRPC Sync can cause the webConfigurator... Kris Phillips
02:32 AM Revision 338d722a: status_interfaces.php: make sure "{}" is expanded by PHP and not be sh: Christian McDonald
12:54 AM pfSense Packages Bug #15319: TailScale widget shows wrong status (green instead of red): Open a feature request for a Tailscale widget.
This issue as reported is not a bug, this is just how pfSense servic... Christian McDonald
12:49 AM pfSense Packages Bug #15319: TailScale widget shows wrong status (green instead of red): Not a bug?!
It’s useless if it actually does not reflect the real TS status 😕 Yuri Weinstein
12:45 AM pfSense Packages Bug #15319 (Not a Bug): TailScale widget shows wrong status (green instead of red): The service status checks if the tailscaled process is running, not if it's actually logged in and connected. This is... Christian McDonald

03/07/2024

09:40 PM Revision b8f80775: pkg_mgr_install.php: ensure pkg_switch_repo reads latest config: Christian McDonald
08:42 PM Revision e1faff49: Password management changes. Part of issue #15266: * Add function to determine if a given password is valid for use.
* Revise the self-service password change page to b... Jim Pingle
08:38 PM pfSense Packages Bug #15319 (Not a Bug): TailScale widget shows wrong status (green instead of red): Please see this thread for details: https://forum.netgate.com/topic/177265/tailscale-is-not-online-problem?_=17098346... Yuri Weinstein
07:15 PM Bug #15318 (Feedback): Users with Deny Config Write privilege can trigger some QinQ interface operations: Applied in changeset commit:68ed289190a383795194d3499728a0f6023f8a52. Jim Pingle
06:40 PM Bug #15318 (Resolved): Users with Deny Config Write privilege can trigger some QinQ interface operations: Similar to the VLAN issue, users that cannot write config options can create QinQ interfaces at the OS level:... Steve Wheeler
07:05 PM Revision 68ed2891: Ensure RO user cannot trigger QinQ operations. Fixes #15318: Jim Pingle
06:42 PM Bug #15282 (Resolved): Users with Deny Config Write privilege can trigger some VLAN interface operations: QinQ separated to a new ticket: https://redmine.pfsense.org/issues/15318 Steve Wheeler
06:34 PM Bug #15282 (In Progress): Users with Deny Config Write privilege can trigger some VLAN interface operations: A user with deny config write can no longer create VLANs in current snapshots but can still create QinQ interfaces:
... Steve Wheeler
05:26 PM Bug #15282 (Resolved): Users with Deny Config Write privilege can trigger some VLAN interface operations: Looks good on the current snapshot. Trying to create, save, or delete a VLAN as a user with that privilege displays a... Jim Pingle
04:22 PM Bug #14919 (Resolved): OpenVPN forms invalid ``route`` statements for empty local networks: Can't reproduce it on a current snapshot now, so it appears the fix is working as expected.
Worth noting this affe... Jim Pingle
04:13 PM Bug #15263 (Resolved): PHP error display formatting issues: Everything appears to be working properly on the latest snapshot.
Jim Pingle
04:07 PM Bug #15288 (Resolved): ``loader.conf`` may be missing ``loader_conf_files`` so ``loader.conf.lua`` may not be parsed: The expected line now is always present. It's added back when it's missing, and if someone removes it, it gets added ... Jim Pingle
04:05 PM Regression #14488 (Resolved): Extensions directory is not set in ``rc.php_ini_setup``: It's present and working on the current snapshot.
Jim Pingle
02:32 PM Bug #15054 (Resolved): Permissions on tmpfs RAM disk for ``/var`` are too lenient: Permissions are as expected on the latest build.
Jim Pingle
02:17 PM Bug #15317 (Confirmed): IPsec widget does not show mobile clients with IP addresses assigned from RADIUS: The front page IPsec widget does not show mobile clients on the Mobile tab when connected clients get an IP assigned ... Christopher de Haas
12:36 AM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding: Tecsys is requesting an update on this bug report. Kris Phillips

03/06/2024

09:20 PM Bug #12673: Firewall Logs Dashboard Widget is slow and may fail to update: Seems to apply and work as expected against a 2.8 snapshot. Steve Wheeler
09:12 PM Bug #12673 (In Progress): Firewall Logs Dashboard Widget is slow and may fail to update: Yes it's here: https://github.com/pfsense/pfsense/pull/4672 Steve Wheeler
08:45 PM Bug #12673: Firewall Logs Dashboard Widget is slow and may fail to update: Bug #12673: Firewall Logs Widget fails to update. Can someone confirm that my pull request is received? Louis B
08:40 PM Bug #15282 (Feedback): Users with Deny Config Write privilege can trigger some VLAN interface operations: Applied in changeset commit:d3929b79ff7c3f0cdf1ba3179efea05037a18d00. Jim Pingle
08:30 PM Revision d3929b79: Ensure RO user cannot trigger VLAN operations. Fixes #15282: While here, fix a problem that prevented a VLAN delete operation that
failed from displaying errors. Jim Pingle
08:25 PM Bug #15054 (Feedback): Permissions on tmpfs RAM disk for ``/var`` are too lenient: Applied in changeset commit:7d87d7cbce1bf6f0c8a44888c640e2c29393a9cb. Jim Pingle
08:18 PM Bug #15054: Permissions on tmpfs RAM disk for ``/var`` are too lenient: I just pushed a commit that fixes this. It uses @1777@ for @tmp@ only and @1755@ for anything else (currently only @v... Jim Pingle
08:15 PM Revision 7d87d7cb: Fix tmpfs RAM disk mount permissions. Fixes #15054: Jim Pingle
08:05 PM pfSense Plus Bug #15316: OpenVPN Clients with Gateway Group Interface on DHCP Exits on Error 1: Mar 6 11:27:55 pfSense openvpn[89316]: [us8788.nordvpn.com] Inactivity timeout (--ping-restart), restarting
Mar 6 ... George Phillips
05:08 PM pfSense Plus Bug #15316 (Resolved): OpenVPN Clients with Gateway Group Interface on DHCP Exits on Error 1: By default with DHCP gateways, they are not populated into the config as <gateway_item>, but can be present in a <gat... Kris Phillips
07:55 PM Bug #14919 (Feedback): OpenVPN forms invalid ``route`` statements for empty local networks: Applied in changeset commit:587dcb6ae708d144023879b509a1da9dd5dd0723. Jim Pingle
07:49 PM Revision 587dcb6a: Don't make OpenVPN routes for empty nets. Fixes #14919: Jim Pingle
07:35 PM Bug #15288 (Feedback): ``loader.conf`` may be missing ``loader_conf_files`` so ``loader.conf.lua`` may not be parsed: Applied in changeset commit:05e905406b1200fdff8ceedf41f69928b13aeb58. Jim Pingle
07:24 PM Revision 05e90540: Ensure loader.conf.lua is referenced. Fixes #15288: Jim Pingle
06:09 PM pfSense Docs New Content #15315 (Rejected): m2dev adjustment when adding an SSD drive into SG-3100: See https://redmine.netgate.com/issues/11219 Jim Pingle
04:17 PM pfSense Docs New Content #15315 (Rejected): m2dev adjustment when adding an SSD drive into SG-3100: After adding an SSD drive, it may be necessary to adjust the m2dev setting to either 1 or 0. It would be beneficial t... Danilo Zrenjanin
05:30 PM Revision 44f72862: Correct typo. Fixes #14488: Jim Pingle
05:30 PM Regression #14488 (Feedback): Extensions directory is not set in ``rc.php_ini_setup``: Applied in changeset commit:903c1898973f3524e50ac44306838ccc6ed3558e. Jim Pingle
05:20 PM Regression #14488: Extensions directory is not set in ``rc.php_ini_setup``: Yes, it does need a change for PHP 8.3. Commit pushed and should show up momentarily. Jim Pingle
05:20 PM Revision 903c1898: Fix PHP extension dir for PHP 8.3. Fixes #14488: Jim Pingle
05:10 PM Bug #15263 (Feedback): PHP error display formatting issues: Applied in changeset commit:e7d7547c11291f04213eaf38eea12b11f434630f. Jim Pingle
02:20 PM Bug #15263 (In Progress): PHP error display formatting issues: This change seems to have broken the "error locator" on @diag_command.php@. If you deliberately try to run broken cod... Jim Pingle
05:05 PM Revision e7d7547c: More PHP error handling changes. Fixes #15263: * Clean up outdated code/comments
* Change how error messages are formed in different contexts
* Allow warnings to be... Jim Pingle
02:18 PM Feature #14953 (Resolved): Add Kea information to ``status.php``: Looks good on current snapshots. The configs are included if they are present and are different than the default samp... Jim Pingle
02:02 PM Feature #7943 (Resolved): Overflow scrolling for top navigation drop-down menus in Fixed mode: It's much better on the current snap (with that merge included). No longer double scrolls the menu when it's in the d... Jim Pingle
02:02 PM Feature #10271 (Resolved): Large number of VLAN/LANs make "Interfaces" menu hard to access: It's much better on the current snap (with that merge included). No longer double scrolls the menu when it's in the d... Jim Pingle
02:01 PM Feature #15314: Filtering in sockets: It's not clear which page you are talking about specifically -- **Diagnostics > Sockets** perhaps (@diag_sockets.php@... Jim Pingle
01:59 PM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: I had the same experience. Down the link and it goes Pending. Up the link and it transitions to Online after enough r... Chris Linstruth
09:42 AM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Hal Prewitt wrote in #note-5:
> Yes, sometimes reconnecting the port will clear Pending but not always. Appears the... Danilo Zrenjanin
12:47 AM pfSense Plus Feature #13227: Group-based Mobile IPsec Virtual Address Pool assignment via RADIUS: we're looking at sneaking this in for 24.03 Jim Thompson

03/05/2024

11:20 PM Feature #15314 (New): Filtering in sockets: Brilliant pfSense DevTeam!
Filtering in sockets - would be *VERY USABLE when determining state and functionality o... Sergei Shablovsky
10:56 PM Bug #15304: After update to latest stable (23.09.1), cert issuance was issuing blank certs, and a signing request not working.: Pete Ziu wrote in #note-3:
> Kris Phillips wrote in #note-1:
> > Tested on 23.09.1 and unable to recreate this issu... Pete Ziu
10:49 PM Bug #15304: After update to latest stable (23.09.1), cert issuance was issuing blank certs, and a signing request not working.: Kris Phillips wrote in #note-1:
> Tested on 23.09.1 and unable to recreate this issue. CAs and Certificates, when a... Pete Ziu
10:25 PM Bug #15067 (Feedback): Secondary node attempts to delete the ``admins`` group when synchronizing accounts via XMLRPC: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1142
commit:f9f395f54d33ae524ece49b9ce75d381602f809c
Th... Marcos M
10:21 PM Revision f9f395f5: Use correct option when removing groups. Fix #15067: While there, add comments for clarity. Marcos M
09:01 PM pfSense Packages Bug #15312 (Resolved): Unable to load rules page with no categories selected: PR merged, thanks! Jim Pingle
05:09 PM pfSense Packages Bug #15312: Unable to load rules page with no categories selected: A pull request against the RELENG_2_7_2 branch of pfSense CE to correct this bug has been posted here: https://githu... Bill Meeks
03:09 PM pfSense Packages Bug #15312 (Resolved): Unable to load rules page with no categories selected: details here: https://forum.netgate.com/topic/186537/unable-to-load-rules-page-if-no-category-is-selected/4?_=170965... Mike Moore
08:16 PM Regression #15112 (Resolved): ``status_interfaces.php`` is missing several values for SFP modules: Looks good on a current snapshot.
!clipboard-202403051514-kljnr.png!... Jim Pingle
08:15 PM Feature #14953 (Feedback): Add Kea information to ``status.php``: Applied in changeset commit:328919e8e81b9b4a3b36f5c2c39339c43e5a572f. Jim Pingle
07:37 PM Feature #14953 (In Progress): Add Kea information to ``status.php``: File is there but I noticed that if someone has never used Kea the stock config files are there and are identical to ... Jim Pingle
08:11 PM Bug #15301 (Resolved): Setup Wizard WAN configuration form field problem: This is fine now, I've gone through the wizard a few times on the latest snapshot without a problem. Jim Pingle
08:10 PM Regression #14488 (New): Extensions directory is not set in ``rc.php_ini_setup``: The change here hardcoded checks for php81 and php82, but we are now on php83. Does this need another adjustment?
... Jim Pingle
08:07 PM Bug #13498 (Resolved): Newer variant models within the PC Engines APU2 platform are not recognized, causing garbled early serial console output: Jim Pingle
08:07 PM Todo #15256 (Resolved): Upgrade Unbound to >= 1.19.1: Latest snapshots have Unbound 1.19.1 Jim Pingle
06:02 PM Todo #15256 (Feedback): Upgrade Unbound to >= 1.19.1: Done for 23.09.1, 24.03 and 2.7.2. Brad Davis
08:06 PM Revision 328919e8: Suppress Kea status info w/sample confs. Fixes #14953: Jim Pingle
07:53 PM pfSense Packages Bug #15313 (Resolved): Zabbix server 6.4.12 requires Zabbix proxies to be version 6.4.12: There seems to be a bug/change with Zabbix server and Zabbix proxy where both need to be running 6.4.12.
If the vers... Andrew Almond
07:45 PM Feature #7943 (Feedback): Overflow scrolling for top navigation drop-down menus in Fixed mode: Applied in changeset commit:9b37bb0fcf2de99089e67aa619b3cb366abd4641. Marcos M
07:23 PM Feature #7943 (Pull Request Review): Overflow scrolling for top navigation drop-down menus in Fixed mode: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1141 Marcos M
07:37 PM Feature #15297 (Resolved): Add EFI boot information to ``status.php``: Both commands are in output as expected now. Jim Pingle
07:36 PM Feature #15298 (Resolved): Add ``loader.conf.lua`` contents to ``status.php``: File is in output as expected now. Jim Pingle
07:36 PM Bug #15310 (Resolved): Errors in ``status.php`` IPsec sections when IPsec is not configured: No errors on latest build. Sections are present when the config/files are present, sections are omitted when the file... Jim Pingle
07:18 PM Revision 9b37bb0f: Don't add overflow scroll to static navigation menu. Fix #7943: Restores old behavior to the static navigation menu. Marcos M
06:15 PM Bug #15299 (Feedback): Old auto-added MAC addresses are not pruned for non-concurrent Captive Portal sessions: Applied in changeset commit:8bfe17dae7ab15b7af802f69dbb7c421d098d38c. Marcos M
05:43 PM Bug #15299 (Pull Request Review): Old auto-added MAC addresses are not pruned for non-concurrent Captive Portal sessions: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1140 Marcos M
05:35 PM Revision 8bfe17da: Prune old Captive Portal sessions for autoadded MAC. Fix #15299: Use the correct function to delete passthrumac entries. Remove the pipe
check since it's already handled by the funct... Marcos M
04:00 PM Feature #15257 (Feedback): Support using a mask to block MAC addresses in Captive Portal: Applied in changeset commit:22fe3bd762bd5acd9b5180bab44532889899f754. Marcos M
03:13 PM Revision a8edbe41: Improve input validation for Captive Portal MAC masks: Now rejects decimal masks and masks of size 0. Marcos M
02:53 PM Revision 22fe3bd7: Support blocking MAC addresses with a mask. Implement #15257: The Captive Portal allows for blocking specific MAC addresses without
using pf rules so a message can be displayed to... Marcos M
01:36 PM Bug #15122: PHP errors in LDAP server prevent it from falling back to Local Database: No need to put a manual patch file on here that's already in the public Git repo. The diff is already linked on the "... Jim Pingle
01:33 PM Bug #15311 (Rejected): Gateway showing incorrect IP: Post on the forum for help tracking this down, there doesn't appear to be any way for it to be missing one digit ther... Jim Pingle
06:12 AM Bug #15311 (Rejected): Gateway showing incorrect IP: The gateway IP shows the incorrect IP and is missing the last digit. It should be 73.11.164.15 Luis Elortondo

03/04/2024

11:46 PM Bug #15291: Error on Traffic Shaper 0% Bandwidth: Pavan, please let us know what the result or rebuilding is since this upgrade was from 2.4 pfSense version, it might ... dylan mendez
10:45 PM Feature #15257 (Pull Request Review): Support using a mask to block MAC addresses in Captive Portal: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1139 Marcos M
08:55 PM Regression #15112 (Feedback): ``status_interfaces.php`` is missing several values for SFP modules: Applied in changeset commit:a088d550a14074457c669d174a0237018a0bb4b1. Jim Pingle
08:48 PM Revision a088d550: Fix some SFP module info fields. Fixes #15112: Text format changed slightly in ifconfig, so regex patterns had to be
changed to match Jim Pingle
08:25 PM Feature #15233 (Feedback): Recognize QAT 4xxx devices in System Information Widget: Applied in changeset commit:fb78d2981f0d98872bcecfed0f654901fcc9b330. Jim Pingle
08:17 PM Feature #15233: Recognize QAT 4xxx devices in System Information Widget: Thanks for testing! I'll commit that diff momentarily. Jim Pingle
08:15 PM Feature #15233: Recognize QAT 4xxx devices in System Information Widget: Jim Pingle wrote in #note-1:
> I don't have the hardware to check this but based off the IDs in the source, this dif... Brian Dahlquist
06:04 PM Feature #15233: Recognize QAT 4xxx devices in System Information Widget: I don't have the hardware to check this but based off the IDs in the source, this diff should do it.
If someone can ... Jim Pingle
08:19 PM Bug #14648: Values obtained from ``sysctl`` are sometimes unexpectedly empty, leading to PHP and other math errors: Still no great leads on this and we still can't reproduce it reliably. Will continue investigating.
Jim Pingle
08:17 PM Revision fb78d298: Add hardware IDs for 4xxx QAT. Implements #15233: Jim Pingle
08:14 PM Bug #14687: Error in boot messages about missing ``/boot/loader.conf.d`` directory: The directory is there even on a completely fresh install. I'm not sure what, if anything, we need to do here. Jim Pingle
08:11 PM Bug #15083: Installing to ZFS mirror does not format or populate EFI partition on additional disks: I think this is one Reid was working on and may already be fixed. Jim Pingle
08:08 PM Regression #14431 (Feedback): Sending IPv6 traffic on a disabled interface can trigger a kernel panic: Based on the last messages this should be in snapshots just needs testing/confirmation (or closing if we can't reprod... Jim Pingle
06:55 PM Bug #15147 (Feedback): Cannot configure dual stack IPsec tunnel to accept connections from any remote address on both address families: Applied in changeset commit:d53185888b7588c85a33ccfc14447335045fe5b7. Jim Pingle
06:42 PM Bug #15147 (In Progress): Cannot configure dual stack IPsec tunnel to accept connections from any remote address on both address families: The suggested note addition isn't accurate, only tunnels of the same address family as the remote gateway are allowed... Jim Pingle
06:50 PM Todo #15053 (Closed): Update PHP to 8.3.x: PHP 8.3.1 has been in snapshots and working for a while now. Jim Pingle
06:48 PM Revision d5318588: Fix IPsec Dual Stack w/any remote. Fixes #15147: Jim Pingle
06:30 PM Bug #15310 (Feedback): Errors in ``status.php`` IPsec sections when IPsec is not configured: Applied in changeset commit:a46b65d808bc7ae7b17eb4079f255147ef38d44d. Jim Pingle
06:18 PM Bug #15310 (Resolved): Errors in ``status.php`` IPsec sections when IPsec is not configured: If IPsec is not configured, the IPsec-related sections in status.php contain only error messages and not useful infor... Jim Pingle
06:25 PM Feature #14953 (Feedback): Add Kea information to ``status.php``: Applied in changeset commit:b73a6caae4980a87f8f5137430b26b733f99db19. Jim Pingle
05:50 PM Feature #14953 (In Progress): Add Kea information to ``status.php``: Jim Pingle
06:21 PM Revision a46b65d8: status.php: Omit IPsec if inactive. Fixes #15310: Jim Pingle
06:16 PM Revision b73a6caa: Add Kea info to status.php. Implements #14953: While here, change ISC DHCP info header to include "ISC" and only
include those sections if the config files exist. Jim Pingle
06:06 PM pfSense Plus Feature #15039 (Closed): GUI to configure Packet Flow Data (``pflow``) export: This has been working perfectly here, no other reports of errors/problems. Jim Pingle
05:52 PM Feature #14208: Automatic Split-DNS for 1:1 NAT: I will hopefully finish my PhD dissertation in the next few weeks and I plan to come back to this after that.
(The s... Yehuda Katz
05:31 PM Bug #15309 (Rejected): When using IP Alias conflicts with CARP: That is a configuration issue, not a bug. This site is not for support or diagnostic discussion.
For assistance in... Jim Pingle
05:24 PM Bug #15309 (Rejected): When using IP Alias conflicts with CARP: The use case is when I have multiple IP addresses on the same interface.
On this case I set each node an IP:
Prim: ... Stéfano Costa
05:13 PM Bug #15299: Old auto-added MAC addresses are not pruned for non-concurrent Captive Portal sessions: Jim Pingle wrote in #note-3:
> Looks like it may be related to pass-through MACs when noconcurrentlogins is set alon... Roddy Roddy
03:25 PM Bug #15299: Old auto-added MAC addresses are not pruned for non-concurrent Captive Portal sessions: Looks like it may be related to pass-through MACs when noconcurrentlogins is set along with per-user limits.
@capt... Jim Pingle
11:47 AM Bug #15299: Old auto-added MAC addresses are not pruned for non-concurrent Captive Portal sessions: Jim Pingle wrote in #note-1:
> Did the error happen in the background or did it happen when you made an action of so... Roddy Roddy
03:49 PM Feature #15308 (New): DHCPv6 deny option for static client mappings: DHCPv4 has a mac deny list, could similar functionality be developed for DHCPv6 using static client mappings and DHCP... Saku Seppälä
01:31 PM Bug #15304 (Rejected): After update to latest stable (23.09.1), cert issuance was issuing blank certs, and a signing request not working.: I can't replicate anything like this either. Last time someone reported a problem like this, they were trying to gene... Jim Pingle
01:25 PM Bug #15143 (Not a Bug): Telegram notification of DynDNS update spoiles IP address: The notification sends the FQDN (hostname) not the URL. Custom dynamic DNS types don't have a hostname field, however... Jim Pingle
01:11 PM Feature #15307 (Duplicate): Multiple Monitor IPs: The ability to enter multiple IPs in "Monitor IP".
We experienced an incident where "1.1.1.1" from Cloudflare had p... Thijs Vanbrabant
08:49 AM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Yes, sometimes reconnecting the port will clear Pending but not always. Appears there are many ways to get into Pend... Hal Prewitt
07:55 AM pfSense Docs New Content #15230: Gateway status Pending: This Pending Status is a design error and needs to be removed. WANs/Gateways are either Online, Offline, or Warning ... Hal Prewitt
05:58 AM pfSense Docs New Content #15230: Gateway status Pending: A serious bug. Appears there are many ways to get into Pending and be stuck. Spent hours trying every config change c... Hal Prewitt
01:29 AM Feature #8794: NTP authentication support: I've added a checkbox for each time server called "Authenticated" so that NTP authentication can be enabled/disabled ... Matthew Ray

03/03/2024

06:11 AM pfSense Plus Feature #15280: Boot Environments 2.0: while this offers great functionality it needs to be heavily documented and possibly warrants a system message as the... Jordan G
05:35 AM pfSense Docs New Content #15230: Gateway status Pending: I can confirm this as well but am unable to get the gateway to come out of pending despite it being functional regard... Jordan G
01:25 AM pfSense Plus Feature #15306 (New): Change Gateway Status from Pending to Unavailable: Per customer statement and request, gateway statuses of "Pending" are confusing as a state for gateways that do not e... Kris Phillips
01:22 AM pfSense Plus Feature #15305 (New): Gateway Status Changes to Pending Do Not Trigger Gateway Log Event or Gateway Notifications: When a gateway transitions from an Online state to a Pending state, there is no logged event in the Gateway monitorin... Kris Phillips

03/02/2024

10:49 PM Bug #15304: After update to latest stable (23.09.1), cert issuance was issuing blank certs, and a signing request not working.: Tested on 23.09.1 and unable to recreate this issue. CAs and Certificates, when attempting to create and issue them ... Kris Phillips
06:10 PM Bug #15304 (Rejected): After update to latest stable (23.09.1), cert issuance was issuing blank certs, and a signing request not working.: My pfsense instance is a negate appliance on version:
23.09.1-RELEASE (amd64)
built on Wed Feb 28 16:16:00 UTC 20... Pete Ziu
10:36 PM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Hal Prewitt wrote in #note-3:
> Using Pending when there is no physical link is confusing and I would say is an inco... Kris Phillips
08:37 PM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Using Pending when there is no physical link is confusing and I would say is an incorrect reporting of the actual sta... Hal Prewitt
07:34 PM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: Hal Prewitt wrote in #note-1:
> I have seen cases where restarting dpinger fails to clear the Pending status and whe... Kris Phillips
07:23 PM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: I have seen cases where restarting dpinger fails to clear the Pending status and where it should have worked. Dpinger... Hal Prewitt
05:07 PM pfSense Plus Bug #15303 (Confirmed): dpinger service does not always switch from Pending to Online: There are several situations where dpinger will not detect a gateway that is available when it should, forcing a rest... Kris Phillips
05:14 PM pfSense Docs New Content #15230: Gateway status Pending: Created related redmine for various scenarios where dpinger does not recovery properly here: https://redmine.pfsense.... Kris Phillips
09:05 AM Bug #15143: Telegram notification of DynDNS update spoiles IP address: Is there any patch or recommendation how to fix this problem for 2.7.2-RELEASE? Really annoying thing! Alexei Mezin
08:58 AM Bug #15143: Telegram notification of DynDNS update spoiles IP address: Can't replicate it on 24.03
!clipboard-202403021255-ifihp.png!
!clipboard-202403021256-xxszg.png!
Lev Prokofev
07:26 AM Bug #15165: Early boot hangs on pfSense CE: Thanks for the update, but for people that use CE we need to figure the way to make work, we cannot wait for upstream... Peter Moreno
12:17 AM Revision e0034642: Use getter/setters for config access in gwlb.inc: Marcos M

03/01/2024

11:22 PM Bug #15181 (Feedback): PHP error in ``interfaces_qinq_edit.php`` when creating a QinQ interface: Fixed in commit:600f240e48091fe3ee4ba83d6fc4c93892669329. Marcos M
10:59 PM Revision 600f240e: qinq: remove incorrect config access: Kristof Provost
10:46 PM Todo #15173 (Resolved): Add global option to set default PF State Policy (if-bound vs floating): Marcos M
10:45 PM Todo #15220 (Resolved): Handle ``route-to`` and ``reply-to`` states when using the ``if-bound`` state policy: I cannot reproduce the issue with the fix in place. Marcos M
07:32 PM Todo #15220 (Feedback): Handle ``route-to`` and ``reply-to`` states when using the ``if-bound`` state policy: I've merged a pf change that fixed reply-to with if-bound states. It should mean that the above merge request is no l... Kristof Provost
10:20 PM Bug #15165 (Needs Patch): Early boot hangs on pfSense CE: The root issue here is a flaw in the FreeBSD boot loader that results in the trampoline page tables getting clobbered... Marcos M
07:55 PM Todo #15302 (Feedback): Error handling in the Setup Wizard is very user-unfriendly: Applied in changeset commit:32a632b13106ed9b3327db8740c9d940feed7090. Jim Pingle
07:17 PM Todo #15302 (Resolved): Error handling in the Setup Wizard is very user-unfriendly: If a user hits an error in the setup wizard in most cases it dumps the error to the screen and tells the user to go b... Jim Pingle
07:45 PM Revision 32a632b1: Improve Setup Wizard error handling. Fixes #15302: While here, clean up some misc PHP syntax I spotted along the way.
Also made sure all error messages are wrapped in ... Jim Pingle
07:37 PM Revision 7129aba0: Fixup wizard pw to reduce diff against issue #15266: Jim Pingle
07:35 PM Bug #15301 (Feedback): Setup Wizard WAN configuration form field problem: Applied in changeset commit:53dfecd045665701fa4a7f08885f6b86363b1fa0. Jim Pingle
07:15 PM Bug #15301 (In Progress): Setup Wizard WAN configuration form field problem: There is another issue here that is preventing it from working 100% correctly. The form field changed from "selectedt... Jim Pingle
06:55 PM Bug #15301 (Feedback): Setup Wizard WAN configuration form field problem: Applied in changeset commit:01ea8e052a66563d1a71425407b941323e921680. Jim Pingle
06:43 PM Bug #15301 (In Progress): Setup Wizard WAN configuration form field problem: I have a fix in the works, testing it now.
Jim Pingle
06:32 PM Bug #15301 (Resolved): Setup Wizard WAN configuration form field problem: The "Configure WAN Interface" step of the wizard (4 of 9) is broken. The drop-down selector that changes the type is ... Jim Pingle
07:26 PM Revision 53dfecd0: Fix setup wizard WAN form field name. Fixes #15301: Jim Pingle
06:45 PM Revision 01ea8e05: Update setup wizard WAN JavaScript. Fixes #15301: Jim Pingle
06:21 PM pfSense Plus Todo #15266 (In Progress): Prevent usage of the default password in User Manager accounts: Partial progress: Setup wizard changes are done.
https://gitlab.netgate.com/pfSense/factory/-/commit/e79b4b2278983... Jim Pingle
02:45 PM pfSense Packages Feature #15300 (New): allow changing the value of "forward" key: Currently, if a Zone Type is Forward, the resulting config contains "forward only;" setting and that cannot be change... Alex Kolesnik
02:31 PM Bug #15110: pfSense hangs when rebooting: Another customer having this issue on a 5100 with a SHARKSPEED SSD M.2 2242 128GB. 2423567446 Christopher Cope
02:21 PM Bug #15299: Old auto-added MAC addresses are not pruned for non-concurrent Captive Portal sessions: Did the error happen in the background or did it happen when you made an action of some sort in the GUI?
If it hap... Jim Pingle

02/29/2024

11:25 PM Bug #15299 (Resolved): Old auto-added MAC addresses are not pruned for non-concurrent Captive Portal sessions: Hi guys! Could anyone help me to fix this issue, please?
Crash report begins. Anonymous machine information:
... Roddy Roddy
09:37 PM Bug #14854 (Confirmed): Packets are passed through dummynet twice when using ``route-to`` leading to half the expected bandwidth: Marcos M
08:57 PM Bug #14854 (Not a Bug): Packets are passed through dummynet twice when using ``route-to`` leading to half the expected bandwidth: Indeed using a download limiter on "pass in route-to" rules results in lower bandwidth limits than what is configured... Marcos M
08:37 PM Revision c4704b9d: Update old fontawesome class reference: Marcos M
07:35 PM pfSense Packages Feature #15198: System_Patches package should advertize on the dashboard, or send notifications, if there are recommended patches available: Well, it will show ALL installed packages, not just those that need updating.
And since most people don't want to sh... Nazar Mokrynskyi
05:20 PM Feature #15298 (Feedback): Add ``loader.conf.lua`` contents to ``status.php``: Applied in changeset commit:607a638bcd0d216e8b4c96bcbafb8e4493f28e28. Jim Pingle
05:10 PM Feature #15298 (Resolved): Add ``loader.conf.lua`` contents to ``status.php``: We have started to populate and use @/boot/loader.conf.lua@ now so we should include its contents in @status.php@ as ... Jim Pingle
05:15 PM Feature #15297 (Feedback): Add EFI boot information to ``status.php``: Applied in changeset commit:36ab2068780232607b860196359e2a502a585878. Jim Pingle
05:06 PM Feature #15297 (Resolved): Add EFI boot information to ``status.php``: To help diagnose EFI boot issues it would help to have the output of both the regular and verbose output of @efibootm... Jim Pingle
05:13 PM Revision 607a638b: Add loader.conf.lua to status.php. Implements #15298: Jim Pingle
05:08 PM Revision 36ab2068: Add EFI boot info to status.php. Implements #15297: Jim Pingle
11:44 AM Bug #12673: Firewall Logs Dashboard Widget is slow and may fail to update: I just created a pull request ^Updated much faster log.widget Bug #12673 #4672^
I left debug statements in the co... Louis B
09:12 AM pfSense Packages Bug #15296: WAN Interface cannot added to ntopng if offline-packet loss: Sergei Shablovsky wrote:
>
>
> But LAN interfaces ALL would be ADDED as well even some of them are not connected... Sergei Shablovsky
06:58 AM pfSense Packages Bug #15296 (New): WAN Interface cannot added to ntopng if offline-packet loss: Brilliant pfSense DevTeam !
In multi-WAN pfSense configuration WAN interfaces that pfSense decide in “Offline, Pac... Sergei Shablovsky
09:04 AM Bug #15291: Error on Traffic Shaper 0% Bandwidth: dylan mendez wrote in #note-1:
> Hello,
>
> You need to add a value to bandwidth in the parent interface.
> I wo... Pavan K
03:41 AM Bug #15291: Error on Traffic Shaper 0% Bandwidth: Hello,
You need to add a value to bandwidth in the parent interface.
I would recommend you to re create the queue... dylan mendez
03:44 AM Bug #15228: User manger fails to display certificate option for a new user in case of input error: I can replicate this in 23.09.1 dylan mendez
01:45 AM Bug #14290: ICMPv6 Path MTU Discovery breaks with NPT: I can confirm I have repeated the same test against 24.03.a.20240228.0600 and yes it does work, I do now see ICMP6 p... John S

02/28/2024

11:38 PM pfSense Plus Feature #15295 (New): State Filter Rule ID needs clarification: Not sure if this is a feature request but this isn't a bug.
See the forum post for details - https://forum.netgate... Mike Moore
04:17 PM pfSense Packages Bug #15222 (Resolved): HTTP_Inspect Preprocessor Engine: wrong legend on parameters: PR merged, thanks! Jim Pingle
04:17 PM pfSense Packages Feature #15260 (Resolved): Snort IPS False Positives and Preprocessor Rules Misconfiguration: PR merged, thanks! Jim Pingle
03:20 PM pfSense Packages Todo #15294: Naming “Custom Name” of Interface the same as “Interface” on pfSense in “Interface assignment”: I mean “INT_OFFICE_LAN” *would be much usable and informative* than “igb5” Sergei Shablovsky
03:18 PM pfSense Packages Todo #15294 (Rejected): Naming “Custom Name” of Interface the same as “Interface” on pfSense in “Interface assignment”: Brilliant pfSense DevTeam !
Naming “Custom Name” of Interface in ntopng “Interface - Details” the same as “Interfa... Sergei Shablovsky
01:46 PM Bug #12673: Firewall Logs Dashboard Widget is slow and may fail to update: Please update firewall log widget, with attached code
Steve,
- It is probably not complex, but never the less, W... Louis B

02/27/2024

10:10 PM pfSense Plus Feature #13227: Group-based Mobile IPsec Virtual Address Pool assignment via RADIUS: @Netgate - is there zero chance of this simple but VERY usefull feature to surface in pfSense? Some of your people ha... Tue Madsen
06:17 PM Bug #14290: ICMPv6 Path MTU Discovery breaks with NPT: I've managed to reproduce (what I believe is) your problem in a test case, and the expected fix also fixes that.
Tha... Kristof Provost
10:32 AM Bug #14290: ICMPv6 Path MTU Discovery breaks with NPT: So those backtraces are functionally identical. That would suggest that the reason you're not getting the icmp error ... Kristof Provost
03:17 PM Feature #15293: Set LEVEL OF IMPORTANCE for Pushover notifications: cronjob parser automatically find the depends and sending notifications with an *APPROPRIATE LEVEL*.
For example: ... Sergei Shablovsky
03:00 PM Feature #15293: Set LEVEL OF IMPORTANCE for Pushover notifications: P.S.
In this case not necessarily need to make options in System/Advanced/Notification/Pushover WebGUI for depends b... Sergei Shablovsky
02:50 PM Feature #15293 (New): Set LEVEL OF IMPORTANCE for Pushover notifications: Brilliant pfSense Dev Team!
Pushover service (like an all notifications services nowadays) HAS SEVERAL NOTIFICATIO... Sergei Shablovsky
02:11 PM Bug #15290: speedtest-cli returning 403 Forbidden: Alex Rosenberg wrote:
> The speedtest-cli tool is currently returning 403 Forbidden for all queries for me. When it ... Sergei Shablovsky
02:04 PM Bug #15290: speedtest-cli returning 403 Forbidden: Jim Pingle wrote in #note-1:
> Speed tests from the firewall itself are not generally useful, so we discourage the p... Sergei Shablovsky
10:03 AM Bug #14854: Packets are passed through dummynet twice when using ``route-to`` leading to half the expected bandwidth: Greetings,
The current state of the Multi-WAN limiter functionality has been unfortunately problematic for quite som... Marco Goetze
09:02 AM pfSense Packages Bug #14676: Listening Port option in the Tailscale configurator is not respected: The same behaviour on
23.09.1-RELEASE (amd64)
built on Tue Jan 30 15:33:00 MST 2024
FreeBSD 14.0-CURRENT
If us... aleksei prokofiev

02/26/2024

09:11 PM Bug #14290: ICMPv6 Path MTU Discovery breaks with NPT: traceroute -6 --mtu -I 2001:4860:4860::8844 which did return a packet too big response, gave:... John S
06:41 PM Bug #14290: ICMPv6 Path MTU Discovery breaks with NPT: To be clear: I'd expect things to just work if both of your WANs have the same MTU, and maybe not if they don't.
Y... Kristof Provost
05:00 PM Bug #14290: ICMPv6 Path MTU Discovery breaks with NPT: Ok thank you, ah it doesn't seem to be working in my setup.
No I'm not running the traceroute on pfsense, I'm runn... John S
10:52 AM Bug #14290: ICMPv6 Path MTU Discovery breaks with NPT: Yes, the fix is included in that snapshot build.
I had a theory about why it might not be working for you, but it ... Kristof Provost
08:55 PM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table: Michele D'Alessio wrote in #note-26:
> Christian McDonald wrote in #note-25:
> > We pulled in a patch that might fi... Christian McDonald
08:55 PM Regression #14970 (Feedback): Static ARP assignments lose ``permanent`` flag in ARP table: Christian McDonald
08:53 PM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table: Christian McDonald wrote in #note-25:
> We pulled in a patch that might fix this. Check out the latest 24.03 develop... Michele D'A.
02:00 PM Bug #15290 (Rejected): speedtest-cli returning 403 Forbidden: I can't reproduce this on a current CE or Plus install. Probably a temporary upstream issue or something with your ar... Jim Pingle
01:49 PM pfSense Packages Feature #12658 (Closed): Adding prometheus metrics to darkstat: Jim Pingle
03:41 AM pfSense Packages Feature #12658: Adding prometheus metrics to darkstat: I think we can close this out:... Karim Elatov
01:46 PM Bug #15289 (Not a Bug): Dashboard show's some data twice every interval: Jim Pingle
12:45 PM Bug #10980: ``/etc/rc.local`` script content is executed at login instead of during boot sequence: Jordan G wrote in #note-5:
> confirm startup scripts added (as described here - https://docs.netgate.com/pfsense/en/... alzee bum
09:51 AM pfSense Packages Bug #15292 (Duplicate): Certificate renewal with 'dns_inwx.sh' not working: Error add txt for domain:_acme-challenge.foo.bar: Hello,
we use Acme-package to obtain a wildcard certificate for our domain. It has always worked well.
Lately, t... Lorenzo Marroccoli
09:35 AM Bug #15291 (New): Error on Traffic Shaper 0% Bandwidth: Link to post on pfSense Forum:
https://forum.netgate.com/topic/186137/error-on-traffic-shaper-0-bandwidth?_=1708915... Pavan K
07:32 AM Bug #15165: Early boot hangs on pfSense CE: I have tested and works, I add just 20 seconds but is a value that we can adjust, but looks like we found the patch u... Peter Moreno

02/25/2024

09:24 PM Bug #15290 (Rejected): speedtest-cli returning 403 Forbidden: The speedtest-cli tool is currently returning 403 Forbidden for all queries for me. When it does work, it is often li... Alex Rosenberg
07:08 PM pfSense Packages Bug #15274: HAProxy Configuration Changes Require pfSense Reboot to Take Effect: Kris Phillips wrote in #note-2:
> Tested this on 23.09.1 with HAProxy 0.63_2. I'm not able to reproduce this. Chan... Zachary Cohen
03:37 AM pfSense Packages Bug #15274 (Incomplete): HAProxy Configuration Changes Require pfSense Reboot to Take Effect: Tested this on 23.09.1 with HAProxy 0.63_2. I'm not able to reproduce this. Changing any frontend or backend settin... Kris Phillips
09:57 AM Bug #15289: Dashboard show's some data twice every interval: Oh dear....
I just found out that this user's had their Chrome/Google browser and settings set to translate English ... Guido Glaus
09:38 AM Bug #15289: Dashboard show's some data twice every interval: See attached recording (same on 2.7.2) Guido Glaus
08:49 AM Bug #15289: Dashboard show's some data twice every interval: Hello Chris,
I added the time zone in case it is taken into account somewhere. Guido Glaus
03:31 AM Bug #15289: Dashboard show's some data twice every interval: Hello Guido,
So, to clarify, the time is first presented in English and then reloads shortly after in the localiza... Kris Phillips
04:01 AM pfSense Plus Feature #15284: Specify a Device parameter for Pushover Notifications: Or even better - just add an input field for *Custom Options* where the user can input _any_ of the optional paramete... Michael Klein
03:43 AM Bug #15282: Users with Deny Config Write privilege can trigger some VLAN interface operations: Tested this on 24.03 builds from Feb 23rd. Can confirm this issue is present. Kris Phillips
01:19 AM pfSense Packages Bug #15222: HTTP_Inspect Preprocessor Engine: wrong legend on parameters: This fix for this bug has been posted as part of this pull request: https://github.com/pfsense/FreeBSD-ports/pull/134... Bill Meeks
01:18 AM pfSense Packages Feature #15260: Snort IPS False Positives and Preprocessor Rules Misconfiguration: The fix for this feature request/bug fix has been posted as part of this pull request: https://github.com/pfsense/Fre... Bill Meeks
12:05 AM Todo #15265 (Resolved): Remove ``jquery-treegrid`` unit testing files: Files are removed on... Christopher Cope

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

03/25/2024

03/24/2024

03/23/2024

03/22/2024

03/21/2024

03/20/2024

03/19/2024

03/18/2024

03/17/2024

03/16/2024

03/15/2024

03/14/2024

03/13/2024

03/12/2024

03/11/2024

03/10/2024

03/09/2024

03/08/2024

03/07/2024

03/06/2024

03/05/2024

03/04/2024

03/03/2024

03/02/2024

03/01/2024

02/29/2024

02/28/2024

02/27/2024

02/26/2024

02/25/2024