Project

General

Profile

Activity

From 06/13/2024 to 07/12/2024

07/12/2024

11:37 PM Bug #15589: Saving an IPv6 gateway overrides the IPv4 gateway
Given that testing indicates this is resolved in the development snapshots, the issue is considered resolved unless i... Marcos M
11:24 PM Feature #12522 (Feedback): More GUI options for OpenVPN Client-Specific Overrides
The following new override options are now available in the GUI:
- Reset individual server options
- IPv4 Gateway
... Marcos M
11:09 PM Revision 2203dde0: Expose additional OpenVPN CSC options. Implement #12522
Adds the following override options:
- Reset individual server options
- IPv4 Gateway
- IPv6 Gateway
- Redirect IPv6 ... Marcos M
10:36 PM Revision a4cd7de1: kea: Introduce high availability support for both IPv4 and IPv6
Christian McDonald
03:33 PM pfSense Plus Bug #15616 (Not a Bug): GUI interface assignment input-check
This can happen just about anywhere in the GUI. It does not support concurrent modification. Marcos M
02:38 PM pfSense Plus Bug #15616 (Not a Bug): GUI interface assignment input-check
Under some circumstances it's possible to attempt an assignment of non-existing interface which will lead to a creati... Georgiy Tyutyunnik
01:59 PM Bug #8386: Virtual IPs not considered as part of interface net
Me again. So recently I bumped into this issue again. And apparently another user as well. So as IPv4 _is_ added as y... Stefan Kooman
01:57 PM pfSense Packages Bug #13043: OSPF over Wireguard interface doesn't populate neighbors after reboot
Hi,
i want to confirm the issue, too. I can reproduce the bug within both installations of my HA setup... Using Wi... Tjabo T.
12:01 PM pfSense Packages Feature #9044: Add SoftEther
Hi evryone,
If can be useful, I'm starting to add a SoftEther package for pfSense: https://github.com/STeXE89/Free... STeXE89 STeXE89
10:28 AM Bug #15615 (Closed): Bump SSHD to >= 9.8
The version of OpenSSH in 2.7.2 is:
OpenSSH_9.4, OpenSSL 3.0.12 24 Oct 2023
This is vulnerable to the recently di... Simon Giotta
08:14 AM pfSense Packages Bug #15614: Squid 6.6 Package should have NO_TLSv1 and NO_TLSv1_1 feature flags set on directive pls_outgoing_options
www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc
Line 1233 needs feature flags added Jonathan Lee
08:13 AM pfSense Packages Bug #15614 (Duplicate): Squid 6.6 Package should have NO_TLSv1 and NO_TLSv1_1 feature flags set on directive pls_outgoing_options
$sslproxy_options = "NO_SSLv3, NO_TLSv1, NO_TLSv1_1";
This variable is also used with
tls_outgoing_options
... Jonathan Lee

07/11/2024

09:33 PM Revision 7d3d0166: Config access regression when toggling filter rules
Marcos M
01:24 PM pfSense Packages Feature #15541: CRON: option to enable/disable task
In the cron configuration file (/etc/crontab), the task would be commented with # when disabled, and when activated, ... Fabio Rafael Kochhann
06:53 AM pfSense Plus Bug #15316: OpenVPN Clients with Gateway Group Interface on DHCP Exits on Error 1
The problem is specific to the OpenVPN client setup. Azamat, can you confirm that you tested with it? Danilo Zrenjanin
01:55 AM pfSense Packages Bug #15274: HAProxy Configuration Changes Require pfSense Reboot to Take Effect
Also discussed here.
https://forum.netgate.com/topic/178348/haproxy-backend-port-changes-are-not-applied
workarou... Brendon Baumgartner

07/10/2024

08:48 PM Bug #15601: Routes with IPv6 Address as Next Hop for IPv4 Destination Causes Kernel Panic
Note that these IPs like to be one instruction off. The __rw_wunlock_hard is just prior and it operates on the child ... Mateusz Guzik
03:23 PM Bug #15601: Routes with IPv6 Address as Next Hop for IPv4 Destination Causes Kernel Panic
Jim Pingle wrote in #note-2:
> How exactly is someone making that sort of entry? It can't be made in the GUI via sta... Kris Phillips
06:16 PM pfSense Plus Bug #15262: Captive Portal Has High CPU Interrupts With Large Number of Users
Customer in ticket 2947838007 is reportedly running into this issue as well. Kris Phillips
05:46 PM pfSense Plus Bug #15611 (Closed): Latest 24.08-DEV update (24.08.a.20240710.0600) reorders interfaces
This is a known issue and will be resolved in later dev builds. Marcos M
08:58 AM pfSense Plus Bug #15611 (Closed): Latest 24.08-DEV update (24.08.a.20240710.0600) reorders interfaces
Tested twice on 24.08-DEVELOPMENT (built on Wed Jul 10 6:00:00 UTC 2024) on KVM and on 2100
After upgrade from pre... Azamat Khakimyanov
04:12 PM Bug #15612: Captive Portal with big number of passththrough MAC addresses is causing webgui gateway timeouts, Error 50x, and HA-sync XMLRPC Error
addition:
- even excluding captive portal from xmlrpc ha sync does not fix the problem.
- I can also export the ca... Thomas Hohm
04:07 PM Bug #15612: Captive Portal with big number of passththrough MAC addresses is causing webgui gateway timeouts, Error 50x, and HA-sync XMLRPC Error
Sorry, submitted by accident without details, here are the details to it:
The problematic behaviours:
1. Editin... Thomas Hohm
03:51 PM Bug #15612 (New): Captive Portal with big number of passththrough MAC addresses is causing webgui gateway timeouts, Error 50x, and HA-sync XMLRPC Error

Forum discussion:
https://forum.netgate.com/topic/188936/captive-portal-with-big-number-of-passththrough-ma... Thomas Hohm
12:00 PM Bug #15328 (Resolved): Changes in Kea DHCP interface pools may invalidate lease database content
Tested on 23.09.1 and on 24.08-DEVELOPMENT (built on Fri Jul 5 6:00:00 UTC 2024)
I was able to reproduce this issu... Azamat Khakimyanov
08:39 AM pfSense Packages Bug #15610 (New): OSPF with "Redistribute Default" enabled and "Always Redistribute" disabled does not react to WAN link down events
OSPF with "Redistribute Default" *enabled* and "Always Redistribute" *disabled* does not stop redistributing the defa... Patrick Clara
03:05 AM Bug #15589: Saving an IPv6 gateway overrides the IPv4 gateway
What does the feedback status indicate? R W

07/09/2024

11:22 PM Bug #15589 (Feedback): Saving an IPv6 gateway overrides the IPv4 gateway
Marcos M
09:20 PM Bug #15589: Saving an IPv6 gateway overrides the IPv4 gateway
Tested against pfSense Plus 24.08.a.20240702.0600. Added an IPv6 Static IP with IPv6 gateway on the primary WAN. It w... dylan mendez
07:54 PM Bug #15606 (Resolved): Data transfer problems when using interface-bound states with automatic floating states for IPsec rules
Marcos M
03:00 PM Bug #15606 (Feedback): Data transfer problems when using interface-bound states with automatic floating states for IPsec rules
Applied in changeset commit:3b3be7348bdf0f75d474a6aec938d8143e90c8bf. Marcos M
01:23 AM Bug #15606: Data transfer problems when using interface-bound states with automatic floating states for IPsec rules
Tested Marcos' patch successfully <thumbs up>... Craig Coonrad
12:26 AM Bug #15606 (Ready To Test): Data transfer problems when using interface-bound states with automatic floating states for IPsec rules
This seems to happen because of the bogus state that's created initially on the VTI, e.g.:... Marcos M
07:42 PM Revision 112a26f4: static routes: enable autotrim on `destination network`
Christian McDonald
05:41 PM Feature #15609 (Resolved): Allow filtering packet captures by system-defined protocols
The packet capture interface does not allow filtering by protocol 'gre' directly:... Steve Wheeler
05:34 PM pfSense Packages Bug #15313: Zabbix server 6.4.12 requires Zabbix proxies to be version 6.4.12
That's great to hear!
Will updated Zabbix packages be released for 24.03? Andrew Almond
07:17 AM pfSense Packages Bug #15313: Zabbix server 6.4.12 requires Zabbix proxies to be version 6.4.12
Checked on the last dev 24.08 and Zabbix use zabbix64-proxy-6.4.16 version
24.08-DEVELOPMENT (amd64)
built on Tue ... aleksei prokofiev
12:32 PM pfSense Packages Feature #14633: Cleanup states on dynamic routing changes
Tested on latest 24.08-DEVELOPMENT (built on Fri Jul 5 6:00:00 UTC 2024)
I deployed 2 pfSenses, created Routed IPs... Azamat Khakimyanov
12:16 PM pfSense Packages Bug #15385 (Resolved): PHP crash when exporting Apple profile, while IPsec P1 authentication method set to "Mutual Certificate"
Jim Pingle
07:12 AM pfSense Packages Bug #15385: PHP crash when exporting Apple profile, while IPsec P1 authentication method set to "Mutual Certificate"
Tested on ipsec-profile-wizard version 1.2.3 on
24.08-DEVELOPMENT (amd64)
built on Tue Jul 2 9:00:00 MSK 2024
Free... aleksei prokofiev
09:30 AM pfSense Packages Todo #15281: Upgrade Tailscale to 1.6.0
aleksei prokofiev wrote in #note-8:
> Checked on last dev build and tailscale-1.68.1 presented
> 24.08-DEVELOPMENT ... Elvis Impersonator
07:35 AM pfSense Packages Todo #15281: Upgrade Tailscale to 1.6.0
Checked on last dev build and tailscale-1.68.1 presented
24.08-DEVELOPMENT (amd64)
built on Tue Jul 2 9:00:00 MSK 2... aleksei prokofiev
07:47 AM pfSense Packages Regression #15159: XMLRPC Replication Target required even if not using it
I can confirm the same on the last dev build and pfBlockerNG 3.2.0_13
24.08.a.20240702.0600
24.08-DEVELOPMENT (amd... aleksei prokofiev
06:54 AM pfSense Packages Bug #14861: PHP error when pings are enabled but no ping hosts are defined
I can confirm that enabling ping monitor option without specify host IP caused crash. Disabling the option or specify... aleksei prokofiev
04:48 AM pfSense Plus Feature #15608 (New): Gateway failback timer
When using multi-wan failover, the timing from Tier2 to Tier1 (and vice versa) can be dizzying.
There should be a se... John Carson
12:25 AM Revision 3b3be734: Use floating states on IPsec VTI. Fix #15606
Marcos M

07/08/2024

05:31 PM pfSense Plus Bug #15595: ``pftop`` core dump with ICMP states
Potentially related to:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=277093 Marcos M
03:02 PM Bug #15601 (In Progress): Routes with IPv6 Address as Next Hop for IPv4 Destination Causes Kernel Panic
Jim Pingle
02:53 PM Bug #15601: Routes with IPv6 Address as Next Hop for IPv4 Destination Causes Kernel Panic
I've proposed this upstream: https://reviews.freebsd.org/D45913 and copied the original author of the relevant code. Kristof Provost
02:46 PM Bug #15601: Routes with IPv6 Address as Next Hop for IPv4 Destination Causes Kernel Panic
Jim Pingle wrote in #note-2:
> How exactly is someone making that sort of entry? It can't be made in the GUI via sta... Kristof Provost
02:44 PM Bug #15601: Routes with IPv6 Address as Next Hop for IPv4 Destination Causes Kernel Panic
The relevant bits from the (private) crash dump is this:... Kristof Provost
12:31 PM Bug #15601 (Feedback): Routes with IPv6 Address as Next Hop for IPv4 Destination Causes Kernel Panic
How exactly is someone making that sort of entry? It can't be made in the GUI via static routes, input validation rej... Jim Pingle
12:48 PM pfSense Docs Correction #15607 (Closed): pfSense Plus for Amazon AWS -- linked page leads to 404
Fixed: https://gitlab.netgate.com/docs/pfsense-platforms/-/commit/585cb1b254445352841a1870ad27df96ac6f7589 Jim Pingle
12:40 PM pfSense Docs Todo #15603 (Rejected): Update "Download Installation Media" for Netgate Installer
I'm already working on this, no need for another issue, plus it's a duplicate of 15587.
 Jim Pingle
12:37 PM Bug #15602 (Rejected): Dashboard interface widget does not use consistent capitalization or formatting for BASE-T designations
The widget merely passes through the values displayed by the operating system, it does not format things on its own.
... Jim Pingle
12:31 PM pfSense Packages Feature #14321 (Closed): Add UPS information to LCDproc screen
Jim Pingle
08:29 AM pfSense Plus Bug #15316: OpenVPN Clients with Gateway Group Interface on DHCP Exits on Error 1
I tested on 23.05, 23.09.1 and 24.03 and I wasn't able to reproduce this issue.
With Failover group as an Interfac... Azamat Khakimyanov

07/07/2024

08:40 PM pfSense Docs Correction #15607 (Closed): pfSense Plus for Amazon AWS -- linked page leads to 404
doc: https://docs.netgate.com/pfsense/en/latest/solutions/aws-vpn-appliance/index.html
> This AMI can be run in ... Craig Coonrad
08:23 PM pfSense Plus Bug #15595: ``pftop`` core dump with ICMP states
I wasn't able to trigger this by logging in. One thing I did notice is I've only seen this on amd64, nothing from my ... Craig Coonrad
08:14 PM Bug #15606 (Resolved): Data transfer problems when using interface-bound states with automatic floating states for IPsec rules
Version: 24.03-RELEASE (amd64)
Platform: PVE/KVM
Test environment:... Craig Coonrad
05:36 PM pfSense Packages Feature #12711: Add InfluxDB V2 support
Hi Marcos M
> Please open a new redmine (or follow up on the forum) with reproducible steps.
If I configure Tel... Marc Walter
03:44 PM Bug #15605: Status > Monitoring VTI graphs show incorrect traffic
Note that the Status > Traffic graphs appear to be correct. Chris Linstruth
03:40 PM Bug #15605 (New): Status > Monitoring VTI graphs show incorrect traffic
While testing #15604 I noticed that the Status > Monitoring graphs do not correctly display VTI traffic.
These are... Chris Linstruth
03:07 PM Bug #15604: Equal cost multipath over IPsec VTI outbound routing only utilizing one path
Attaching state screenshot. Chris Linstruth
02:53 PM Bug #15604 (New): Equal cost multipath over IPsec VTI outbound routing only utilizing one path
A pair of ECMP tunnels was created between a tnsr node and a pfSense node.
BGP peering was established over both p... Chris Linstruth

07/06/2024

11:24 PM Bug #15602: Dashboard interface widget does not use consistent capitalization or formatting for BASE-T designations
I can confirm this behavior. To add to it, 10 Gigabit links show "10Gbase" with a lower case b and upper case G, so ... Kris Phillips
10:27 PM Bug #15602 (Rejected): Dashboard interface widget does not use consistent capitalization or formatting for BASE-T designations
Capitalization and formatting between 1000 and 2500 BASE-T designations is not consistent in the dashboard interface ... Jordan G
10:40 PM pfSense Docs Todo #15603 (Rejected): Update "Download Installation Media" for Netgate Installer
This section states "Customers who have purchased firewalls pre-loaded with pfSense® Plus software from the Netgate S... Kris Phillips
10:09 PM pfSense Packages Bug #14398: ONBATT Status Missing in apcupsd.widget.php
issue is still present on 24.03 w/ apcupsd v0.3.92_2 Jordan G
08:46 PM pfSense Packages Feature #14321: Add UPS information to LCDproc screen

APCUPSD and NUT have been added to LCDproc , they show up after installing packages.
Alhusein Zawi
03:11 PM Bug #15601 (Resolved): Routes with IPv6 Address as Next Hop for IPv4 Destination Causes Kernel Panic
If an entry is able to be made that adds a route for IPv4 traffic to be sent to an IPv6 destination, this can cause a... Kris Phillips
11:31 AM Bug #12905: Add VLAN Re-assignment to Import Interface Mismatch Wizard
re: ticket 2923731480 I isolated the issue of lost connectivity to the fact checking the preserve switch settings doe... Dale Harron
08:17 AM Bug #15589 (Confirmed): Saving an IPv6 gateway overrides the IPv4 gateway
Danilo Zrenjanin
08:16 AM Bug #15589: Saving an IPv6 gateway overrides the IPv4 gateway
Tested against:... Danilo Zrenjanin
05:52 AM Bug #15598: Input validation for duplicate remote gateways does not work when using the duplicate P1 button
I can confirm this behavior exists on 23.01 and above. Lev Prokofev

07/05/2024

04:34 PM pfSense Plus Bug #15595: ``pftop`` core dump with ICMP states
Seeing this on my 24.03 VM too. In my case it seems to always happen very shortly after logging in to the GUI. It doe... Chris W
02:32 PM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding
Good morning everyone,
To assist with resolving the issue, I would like to inform you that, after updating the ins... Marcos Cosac
01:25 PM pfSense Packages Feature #15600 (Closed): pfBlocker Widget - make the failed downloads windows expandable
Christopher Cope
11:31 AM pfSense Packages Feature #15600: pfBlocker Widget - make the failed downloads windows expandable
!clipboard-202407051231-rroh6.png!
 Jon Brown
11:30 AM pfSense Packages Feature #15600: pfBlocker Widget - make the failed downloads windows expandable
ignore me and close this issue. Jon Brown
11:29 AM pfSense Packages Feature #15600: pfBlocker Widget - make the failed downloads windows expandable
The setting you mention expands the whole widget. I just want to expand the failed downloads so I can read them. than... Jon Brown
11:23 AM pfSense Packages Feature #15600: pfBlocker Widget - make the failed downloads windows expandable
Click on the wrench icon in the widget header. BBcan177 .
02:59 AM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online
This happens for me as well on 2.7.2 CE, usually restarting the gateway service on the gateways page fixes it. The in... Jonathan Bondhus
12:00 AM Revision ada8c696: UPnP IGD & PCP: Simplify service wording
and change menu/title to `UPnP IGD & PCP` as newer PCP is supported Self-Hosting-Group
12:00 AM Revision 6c40eb67: Revert "Update text references to UPnP protocols"
This reverts commit 429312ff683b5762d0cb6eca69c474121a9dfca1. Self-Hosting-Group

07/04/2024

11:45 PM Bug #12905: Add VLAN Re-assignment to Import Interface Mismatch Wizard
Customer in ticket 2923731480 is inquiring about this improvement due to complications with config portability amongs... Kris Phillips
07:03 PM Bug #15565: System proxy credentials with certain characters may fail to authenticate
patch fixes the issues
tested on:
Version 24.03-RELEASE (amd64)
built on Mon May 13 12:17:00 UTC 2024
FreeBSD 15.... Georgiy Tyutyunnik
05:59 PM Revision 587f690b: Fix config access regressions
Marcos M
04:51 PM Todo #15590: Add input validation for duplicate 1-1 NAT rules
earlier versions (up to 22.05) also don't create duplicate 1-1 NAT rules
seems like pf was operating under the same ... Georgiy Tyutyunnik
03:58 PM Bug #15287: hw.ix.unsupported_sfp=1 parameter for ix driver not working
Customer in ticket 2922636846 is running into this. Kris Phillips
03:42 PM Revision 6fa43ab9: services_unbound.php: fix typo
Add the missing ','. Kristof Provost
12:47 PM pfSense Packages Regression #15469: RRD Graphs height is smaller than expected
Tested against:... Danilo Zrenjanin
11:48 AM pfSense Packages Feature #15600 (Closed): pfBlocker Widget - make the failed downloads windows expandable
Currently on the widget you only get a couple of lines to read the fails, can the failed window be made so a user can... Jon Brown
11:46 AM pfSense Packages Feature #15599 (New): pfBlockerNG widget dates - Change to better format
In the pfblockerNG widget the dates are shown in American format and these are hard to read if you do not live in USA... Jon Brown
01:58 AM pfSense Packages Regression #15158: XMLRPC Timeout won't save if over 150
Still able to replicate this on 24.08.a.20240702.0600 pfBlocker version 3.2.0_13 dylan mendez
12:50 AM pfSense Packages Bug #14406: Squid Proxy version 0.4.46 Missing Error subfolder and files for "en" or "en-usa" and all other languages.
Can we reopen this please Jonathan Lee
12:50 AM pfSense Packages Bug #14406: Squid Proxy version 0.4.46 Missing Error subfolder and files for "en" or "en-usa" and all other languages.
This issue is still present in Squid 6.6
ln -s /usr/local/etc/squid/errors/templates /usr/local/etc/squid/errors/... Jonathan Lee

07/03/2024

04:52 PM pfSense Plus Bug #15499: Manually verifying the boot environment makes config changes
Still seeing this in current snapshots: 24.08.a.20240703.0600 Steve Wheeler
03:58 PM Revision ceb3d750: Introduce `class` tag to field markup in pkg xml spec.
Christian McDonald
03:20 PM Bug #15598 (Resolved): Input validation for duplicate remote gateways does not work when using the duplicate P1 button
Steps to duplicate
1) Create a P1
2) Duplicate the P1 created in Step 1 but change the Interface, keep the same R... dylan mendez
02:56 PM pfSense Plus Bug #15597 (New): Panic during upgrade may leave a ZFS Boot Environment in an unusual state
I had a VM panic mid-upgrade between development snapshots (From mid-may to now) and after the device rebooted, it le... Jim Pingle
11:57 AM pfSense Packages Regression #15596 (Rejected): follow up to closed tailscale issue 14987....
If you need assistance solving a problem, please post on the forum: https://forum.netgate.com/ Jim Pingle
07:46 AM pfSense Packages Regression #15596 (Rejected): follow up to closed tailscale issue 14987....
Hi I have followed the "fix" here.... https://redmine.pfsense.org/issues/14987
this my outbound config ....
!cl... Harry Smith
01:47 AM pfSense Plus Bug #15595 (Resolved): ``pftop`` core dump with ICMP states
Reviewing status outputs for 24.03. I began to notice frequent pftop core dumps (signal 10 and 11). These are display... Craig Coonrad

07/02/2024

10:23 PM Bug #15537 (Resolved): Separator positions are incorrect when copying interface group rules
Marcos M
06:20 PM Bug #15537 (Feedback): Separator positions are incorrect when copying interface group rules
Applied in changeset commit:e0a827cffc54a4cddaab4109a82d2f3418050123. Marcos M
07:58 PM pfSense Packages Bug #15594 (Pull Request Review): ERROR when IP are with " " at the start or end of address
Brilliant pfSense DevTeam!
BUG
---------
*ERROR when IP are with " " at the start or end of IP's address.*
Mess... Sergei Shablovsky
06:10 PM Revision e0a827cf: Handle case difference when shifting rule separators. Fix #15537
Interface groups use the case-sensitive interface description as the
"friendly" name. Since the interface argument is... Marcos M
03:41 PM Revision cb418bda: Fix vertical text alignment on Unbound `Display Custom Options` button
Christian McDonald
01:55 PM Feature #15593: Enable ``@`` support for Azure in Dynamic DNS
Some providers allow that function, others do not, and some providers didn't in the past and do support it now. So un... Jim Pingle
09:14 AM Feature #15593 (Duplicate): Enable ``@`` support for Azure in Dynamic DNS
For apex domains, it is needed to set hostname as @ for Azure DNS zones. The web configurator interface is complainin... Luca Piccirillo
08:54 AM Regression #15592 (New): Sequential ordering of servers used by DNS Forwarder changed in a way that prevents custom options to apply first
Since the change in #12902 the sequence of DNS servers loaded by dnsmasq changed.
Before the change: no-resolv was... Luca Piccirillo

07/01/2024

10:04 PM pfSense Plus Regression #15591 (New): Panic booting the debug kernel with ZFS
When trying to boot the debug kernel in 24.03 with ZFS:... Steve Wheeler
02:54 PM Todo #15590 (Confirmed): Add input validation for duplicate 1-1 NAT rules
I also tested this and saw the same behavior. Generated ruleset has two binat lines with different external addresses... Jim Pingle
02:42 PM Todo #15590 (Confirmed): Add input validation for duplicate 1-1 NAT rules
If two 1-1 NAT rules are present with overlapping external or internal IPs, pf NAT ruleset doesn't load the 2nd rule ... Georgiy Tyutyunnik
01:10 PM Todo #15586 (Resolved): Query for SMART data only on root disk devices
Jim Pingle
01:09 PM Regression #15578 (Resolved): Saving an existing certificate authority creates a duplicate
Jim Pingle
01:02 PM Bug #15588 (Duplicate): The picking of CA in the LDAP config is inconsistent.
Seems to be one we already have an issue open for: #15060 Jim Pingle
06:00 AM Bug #15589: Saving an IPv6 gateway overrides the IPv4 gateway
Forgot to add that after adding the IPv6 gateway, the Default column was suddenly blank for our IPv4 gateway with our... R W
05:57 AM Bug #15589 (Resolved): Saving an IPv6 gateway overrides the IPv4 gateway
When adding IPv6 to our network, we discovered that when you add a Static IPv6 address (coming from None) on the Inte... R W

06/30/2024

04:26 PM Regression #15578: Saving an existing certificate authority creates a duplicate
Patch also removed the duplicate certs previously created.
Seems fixed. dylan mendez
01:53 AM Regression #15578: Saving an existing certificate authority creates a duplicate
Tested this in the latest 24.08 build. No longer able to recreate this issue. Seems Resolved. Kris Phillips
02:44 AM pfSense Packages Feature #15585: Add OpenVPN Option for manually MTU setting
Thanks for considering this. I was researching this after I was testing the VPN to home NAS connection across the Uni... Jonathan Lee
02:02 AM pfSense Packages Feature #15585: Add OpenVPN Option for manually MTU setting
Christopher Cope wrote in #note-4:
> Jonathan Lee wrote in #note-3:
> > So the Users on the forum didn’t need to se... Kris Phillips
02:16 AM pfSense Packages Feature #15393: Return to the ga version of NUT
Thanks Kris. Can you look at #15532 as well please? Thanks! Denny Page
01:56 AM pfSense Packages Feature #15393 (Resolved): Return to the ga version of NUT
Package is now present with 2.8.2 in the repos for 24.08. Marking as Resolved. Kris Phillips
02:08 AM pfSense Plus Bug #15571: Loader.lua errors on VM when smbios.planar.product is not present
Testing this on the same KVM environment, I'm no longer seeing this. It's possible that some other changes to the lo... Kris Phillips
01:59 AM pfSense Plus Bug #14401: Changing from Switchport to Discrete Interface in VGA/Serial Console Breaks Port Status Monitoring
Jordan G wrote in #note-3:
> 7100 on 24.03, reassigning WAN or LAN to ix0/1 from the console appears correctly adjus... Kris Phillips
01:49 AM Todo #15586: Query for SMART data only on root disk devices
Tested on latest 24.08 build. Both the diagnostics page and status widget for SMART only shows ada0 for my tests. C... Kris Phillips

06/29/2024

09:50 PM Bug #14083: Adding MSS and MTU values on a LAGG VLAN interface breaks connectivity
Patch is working as tested on 41/61/7100 hardware Jordan G
09:48 PM Bug #9453: Reconfiguring a parent LAGG interface breaks its VLANs
The patch from https://redmine.pfsense.org/issues/14083 works to prevent the connectivity issues experienced as a res... Jordan G
07:42 PM pfSense Docs Todo #12756: Add information on correct MTU to use with WireGuard
I've seen multiple statements that the Wireguard default MTU is 1420. However I can't find that specified in any WG d... Craig Coonrad
07:24 PM pfSense Plus Bug #15581 (Closed): OpenVPN wizard generates PHP error
Tracked in NG#16837. Marcos M
05:23 AM pfSense Plus Bug #15581: OpenVPN wizard generates PHP error
I can confirm this behavior ... Lev Prokofev
07:21 PM Revision f2f4b7cc: Config access regression in OpenVPN wizard
Marcos M
06:10 PM Bug #15373 (Confirmed): Firewall Logs Dashboard widget update interval does not behave as expected
Tested against:... Danilo Zrenjanin
05:12 PM Bug #15584 (Confirmed): Redacting description at Interfaces=>LAGGs section cause LAGG interface rebuild.
Tested against:
@24.03-RELEASE (amd64)
built on Mon May 13 15:17:00 MSK 2024
FreeBSD 15.0-CURRENT@
Yes, I can c... Danilo Zrenjanin
04:28 PM Bug #15098: Wireguard crashes on boot if PPPoE is the default gateway
I have the same issue, which I think is related to PPPoE.
At the moment, I created a bash script that is running eve... Claudio Scavazza
04:18 PM Bug #15588: The picking of CA in the LDAP config is inconsistent.
Even after restarting PHP and GUI, the behavior was inconsistent, I set the wrong cert (R3), saved, restarted PHP and... Lev Prokofev
01:04 PM Bug #15588: The picking of CA in the LDAP config is inconsistent.
As mentioned in the troubleshooting section, you may need to restart PHP and the GUI for the changes to take effect.
... Christopher Cope
10:03 AM Bug #15588 (Duplicate): The picking of CA in the LDAP config is inconsistent.
It appears that the picking of the CA is inconsistent, I have various CAs, and only one is valid for the communicatio... Lev Prokofev

06/28/2024

10:58 PM Revision 7f34387a: Additional support for repo name in config
Marcos M
02:59 PM pfSense Packages Feature #15585: Add OpenVPN Option for manually MTU setting
Jonathan Lee wrote in #note-3:
> So the Users on the forum didn’t need to set custom settings for OpenVPN configurat... Christopher Cope
05:44 AM pfSense Packages Feature #15585: Add OpenVPN Option for manually MTU setting
So the Users on the forum didn’t need to set custom settings for OpenVPN configuration export system? The way I under... Jonathan Lee
09:46 AM Bug #15110: pfSense hangs when rebooting

#2694043009 The latest test shows _Khelp module "ertt" can't unload until its refcount drops from 5 to 0._
<... Lev Prokofev
12:22 AM Bug #15110: pfSense hangs when rebooting
#2694043009 A 4100 using a Transcend TS128GMTE452T, but doesn't show the same "can't unload" message. This instead lo... Chris W

06/27/2024

11:23 PM pfSense Packages Feature #15585: Add OpenVPN Option for manually MTU setting
Jonathan Lee wrote in #note-1:
> It would be nice to have this as a non custom option a GUI based option for users.
... Christopher Cope
10:54 PM pfSense Packages Feature #15585: Add OpenVPN Option for manually MTU setting
It would be nice to have this as a non custom option a GUI based option for users. Jonathan Lee
10:53 PM pfSense Packages Feature #15585 (New): Add OpenVPN Option for manually MTU setting
Ref:
https://forum.netgate.com/topic/148161/how-to-change-mtu-mssfix-values-for-openvpn-in-pfsense
I started to r... Jonathan Lee
11:15 PM Todo #15586 (Feedback): Query for SMART data only on root disk devices
Applied in changeset commit:37043243eeecd35a0e9a2b7ae64dd1a9aab97ebc. Marcos M
11:06 PM Todo #15586 (Resolved): Query for SMART data only on root disk devices
The drive list for querying SMART data contains "sub-devices". Only "root" devices should be queried.
For example,... Marcos M
11:09 PM Revision 37043243: Query for SMART data only on root disk devices. Fix #15586
Marcos M
07:27 PM Revision 8d784257: Fix vertical text alignment on `Display Advanced` buttons
Christian McDonald
04:17 PM Todo #15583: Add documentation for VPN to WAN leakage issue and recommended solution
Jim, could a link to https://docs.netgate.com/pfsense/en/latest/recipes/rfc1918-egress.html be added to the pages htt... Andrew Almond
12:58 PM Todo #15583 (Rejected): Add documentation for VPN to WAN leakage issue and recommended solution
This already exists: https://docs.netgate.com/pfsense/en/latest/recipes/rfc1918-egress.html Jim Pingle
04:11 PM Feature #15582: Add option to automatically create rules to block VPN networks from existing via WAN interfaces
Jim, thanks for the explanation. Now, I understand the complexity of this issue better.
The simplest improvement w... Andrew Almond
01:06 PM Feature #15582: Add option to automatically create rules to block VPN networks from existing via WAN interfaces
I thought we already had an issue for this open but I'm not seeing one. We've talked about doing this before, but it'... Jim Pingle
09:08 AM Bug #15584 (Confirmed): Redacting description at Interfaces=>LAGGs section cause LAGG interface rebuild.
If you decide to change the description for existed LAGG interface at Interfaces=>LAGGs it will cause the link down/u... Lev Prokofev
06:58 AM Regression #15578: Saving an existing certificate authority creates a duplicate
The patch fixes the issue.
I tested the patch against:
@24.08-DEVELOPMENT (amd64)
built on Tue Jun 25 6:00:00 U... Danilo Zrenjanin

06/26/2024

11:09 PM Revision 417ee25e: Config access regression in wireless interfaces
Marcos M
10:26 PM Revision eafb47d3: Config access regression in interface groups
Marcos M
09:10 PM Feature #15582: Add option to automatically create rules to block VPN networks from existing via WAN interfaces
Ok it's great that it's already documented.
However, I've read the documentation a lot (particularly the VPN setup... Andrew Almond
08:55 PM Feature #15582: Add option to automatically create rules to block VPN networks from existing via WAN interfaces
The issue is documented, as well as the workarounds, in the online documentation: https://docs.netgate.com/pfsense/en... Christopher Cope
08:39 PM Feature #15582 (New): Add option to automatically create rules to block VPN networks from existing via WAN interfaces
It's a known issue that traffic intended for VPN networks can be sent out the WAN interfaces if the VPN tunnel is dow... Andrew Almond
08:43 PM Todo #15583 (Rejected): Add documentation for VPN to WAN leakage issue and recommended solution
https://redmine.pfsense.org/issues/15582
VPN networks can be sent out the WAN interfaces if the VPN tunnel is down... Andrew Almond
08:13 PM Revision e2a6b6b5: Add scrolling when dislaying overflow columns for NTP status
Marcos M
06:51 PM pfSense Packages Bug #15574: Stunnel: Error resolving "r11.o.lencr.org": Address family for nodename not supported (EAI_ADDRFAMILY)
Hi, I went through several rounds of testing and I beleive that this is a bug somewhere in pfsense, stunnel.
Curr... A Schnee
05:59 PM pfSense Packages Bug #15457 (Resolved): HAproxy disable zero copy forwarding
Jim Pingle
05:56 PM pfSense Packages Bug #15457: HAproxy disable zero copy forwarding
The forum comments indicate that the new version, 2.9.7, addresses the issue that was raised in this Redmine. We can ... Danilo Zrenjanin
05:33 PM pfSense Plus Bug #15581 (Closed): OpenVPN wizard generates PHP error
The system throws a PHP error after defining an OpenVPN server using the wizard on a stock configuration.
Tested ... Danilo Zrenjanin
05:20 PM Bug #15328: Changes in Kea DHCP interface pools may invalidate lease database content
Applied in changeset commit:f774120b7dbf9811f574c056193d6b45246fa986. Christian McDonald
05:14 PM Bug #15328: Changes in Kea DHCP interface pools may invalidate lease database content
I believe I've got this sorted out now.
Fix will be included in the next build. Christian McDonald
05:14 PM Bug #15328 (Feedback): Changes in Kea DHCP interface pools may invalidate lease database content
Christian McDonald
05:11 PM Revision f774120b: kea: enable lease sanity checks to ensure data consistency. Fix: #15328
Christian McDonald
04:45 PM Regression #15578 (Feedback): Saving an existing certificate authority creates a duplicate
Applied in changeset commit:980546213d010e8c57d750671e41015dbd0a992e. Marcos M
04:31 PM Regression #15578 (In Progress): Saving an existing certificate authority creates a duplicate
Marcos M
12:10 PM Regression #15578 (Confirmed): Saving an existing certificate authority creates a duplicate
Jim Pingle
08:13 AM Regression #15578: Saving an existing certificate authority creates a duplicate
I can confirm this behavior
!clipboard-202406261114-v0r5a.png!
 Lev Prokofev
04:35 PM Revision 98054621: Config access regression in CAs. Fix #15578
Marcos M
03:19 PM pfSense Packages Bug #13405: Wireguard: The webgui becomes excessively slow to respond with a large number of peers
Hello,
any updates?
I notice that the culprit is this line:
https://github.com/pfsense/FreeBSD-ports/blob/08d3... Federico Foschini
03:12 PM pfSense Packages Bug #15580 (New): Squidguard ACL order issue
If you edit either Target Categories or Group ACL entries they are put on top of the list after saving the entry.
... Jonathan Lee
12:31 PM pfSense Packages Regression #15540: Cannot create new System Patches package custom entry on Plus 24.08/CE 2.8.0 Snapshots
The fetch button is working properly here as well on the same system where it failed previously, so that issue does a... Jim Pingle
08:08 AM pfSense Packages Regression #15540 (Resolved): Cannot create new System Patches package custom entry on Plus 24.08/CE 2.8.0 Snapshots
Tested against:... Danilo Zrenjanin
01:39 AM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding
Re: comment #38, I requested a before and after `ps -Hauxf` from the user.
Another case came in HS# 2879061611. No... Craig Coonrad

06/25/2024

09:53 PM Feature #15579 (New): Authenticated NTP Improvements
Per discussions in #8794, "PR #4658":https://github.com/pfsense/pfsense/pull/4658, and "this forum discussion":https:... Matthew Ray
09:45 PM Regression #15578 (Resolved): Saving an existing certificate authority creates a duplicate
Steps to reproduce on version 24.08.a.20240624.0600
On version 24.03 this is not a problem.
1) Create two certi... dylan mendez
06:40 PM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding
Okay, so the issue is believed to be associated with an increase in thread count. That's new information. It would be... Kristof Provost
06:08 PM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding
Re: https://redmine.pfsense.org/issues/15196#note-35
User has a script in place that kicks off a reboot when the d... Craig Coonrad
05:42 PM pfSense Docs Todo #15577 (Closed): Implement group tabs
Done for both pfSense and TNSR product manuals.
There were no multiple tab groups on the same page in the main doc... Jim Pingle
05:07 PM pfSense Docs Todo #15577 (Closed): Implement group tabs
Using this as an example:
https://docs.netgate.com/pfsense/en/latest/solutions/netgate-4200/connect-to-console.htm... Chris Linstruth
02:16 PM Bug #15328 (In Progress): Changes in Kea DHCP interface pools may invalidate lease database content
The fix for this will be included in the next significant update to Kea integration, which is still planned for 24.08. Christian McDonald
12:11 PM Bug #15576 (Rejected): FreeRadius3 cannot be installed
Those versions are all older and unsupported, problem reports are only acceptable against the latest releases of pfSe... Jim Pingle
04:45 AM Bug #15576 (Rejected): FreeRadius3 cannot be installed
Hi all,
I have just installed PFSense 2.6.0 on a server and I tried to download and install FreeRadius3 from the A... Vasilis Stefanou

06/24/2024

09:26 PM pfSense Packages Bug #14523 (Resolved): PHP error when using an unsupported alias type in Advanced Rule Settings
Typo is now fixed. Marcos M
08:59 PM Feature #15575 (Resolved): Kea High Availability Support (IPv4 and IPv6)
Christian McDonald
07:52 PM pfSense Packages Todo #15281: Upgrade Tailscale to 1.6.0
Matt Keys wrote in #note-6:
> I reported a TS routing issue here 3 months ago: https://redmine.pfsense.org/issues/14... Elvis Impersonator
11:01 AM pfSense Packages Todo #15281: Upgrade Tailscale to 1.6.0
Elvis Impersonator wrote in #note-5:
> So I updated CE 2.7.2 to tailscale 1.68.1
> Seems to be working.
I repo... Matt Keys
07:23 PM pfSense Packages Feature #14453: Expand prefix list entry window
https://forum.netgate.com/topic/188850/gui-frr?_=1719256774819
Is it possible to get this rendered correctly on pf... Mike Moore
02:48 PM pfSense Packages Bug #15574: Stunnel: Error resolving "r11.o.lencr.org": Address family for nodename not supported (EAI_ADDRFAMILY)
Thank you for the quick reply.
I opened this bug after doing a full clean install of pfsense 2.7.2 and experienced t... A Schnee
02:10 PM pfSense Packages Bug #15574 (Not a Bug): Stunnel: Error resolving "r11.o.lencr.org": Address family for nodename not supported (EAI_ADDRFAMILY)
Seems more like a local cert issue than a bug in stunnel. The usual way to fix such things is to delete the stale CA ... Jim Pingle
02:06 PM pfSense Packages Bug #15574 (Not a Bug): Stunnel: Error resolving "r11.o.lencr.org": Address family for nodename not supported (EAI_ADDRFAMILY)
I have an issue with the stunnel package in pfsense 2.7.2. Since my certificate renewed a few days ago, I cannot conn... A Schnee
12:32 PM Feature #15570: More Colors for Seperators in Firewall rules
The current implementation of separators is tied to the default bootstrap colors for info/success/danger/warning so i... Jim Pingle

06/23/2024

08:37 PM Bug #15098: Wireguard crashes on boot if PPPoE is the default gateway
Tested it with a fresh install, sadly it still keeps happening to me, but only after a reboot.
Wireguard will start... Oskar Stroka
10:45 AM pfSense Packages Feature #15573 (New): Enable tmpfs when ramdisk is used.
The Telegraf package config disables tmpfs which prevents the ramdisks /var and /log to be monitored.... Sebastian mzb
08:38 AM Bug #15518: Kea does not send configured TFTP server name
It seems that I experienced the same issue: wiht kea DCHP cannot netboot raspberry pi. Switched back to ISC DHCP for ... A Schnee
08:07 AM Bug #15572 (Rejected): Disabling DNSSEC should also disable Harden DNSSEC Data
Tested on 24.03
After disabling DNSSEC when I tried to change DNS Resolver Advanced Settings (change logging level... Azamat Khakimyanov
03:34 AM pfSense Plus Feature #14387: Offline config mode
Testing on version 24.03 I have not noticed any improvements from last versions when booting up a WAN interface witho... dylan mendez
03:17 AM pfSense Plus Bug #15545: traffic shaper (Limiter) causes kernel panic -> random reboot
Created a Limiter on both 24.03 and 24.08. Unable to recreate any panic. Per Jim's reply, please provide a crash dump. Kris Phillips
03:13 AM Bug #15404: Captive Portal logo fails to load after authenticated redirect
Tested on 24.08 6-21-2024 snapshot. Issue appears to still be present. Kris Phillips
12:49 AM Bug #13687: Cannot add limiters named ``new``
I can replicate this on CE 2.7.2 and 24.03-RELEASE
!clipboard-202406221846-blbfy.png!
 dylan mendez
12:16 AM pfSense Packages Bug #14523: PHP error when using an unsupported alias type in Advanced Rule Settings
The patch is working on:... Christopher Cope

06/22/2024

08:12 PM Bug #15534: pfSense’s installer not table to see ZFS-formatted internal drive
latest version of the installer is able to see drives that are part of a ZFS pool, trying to install to them will pre... Jordan G
07:42 PM pfSense Packages Todo #15281: Upgrade Tailscale to 1.6.0
1.68.1 is available with client security fixes
https://www.freshports.org/security/tailscale
https://pkgs.org/downlo... Elvis Impersonator
07:32 PM pfSense Plus Bug #15421: Netgate 3100 boot loader lacks Lua support but is trying to read loader.conf.lua
Jim Pingle wrote in #note-3:
> Kris Phillips wrote in #note-2:
> > Oddly, I'm getting a similar, but not the same e... Kris Phillips
07:32 PM pfSense Plus Bug #15571 (New): Loader.lua errors on VM when smbios.planar.product is not present
See attached screenshot when booting. It appears the syntax for loader.lua expects this value and errors without it,... Kris Phillips
06:58 PM Feature #15570 (New): More Colors for Seperators in Firewall rules
I wish to have more colors for the separators in the Firewall rules.
I have a very complex structure and a bunch ... Manuel M.
08:52 AM Bug #15551: New Kea DHCP breaks my PXE booting
It could be related to https://redmine.pfsense.org/issues/15518 Lev Prokofev
07:22 AM Feature #13293: Option to set auth-gen-token in OpenVPN GUI
I've just opened a feature request to add details about this feature to our docs.
https://redmine.pfsense.org/issue... Danilo Zrenjanin
07:18 AM pfSense Docs New Content #15569 (New): auth-gen-token
Please add the details below about this feature in the OpenVPN Custom Configuration Options documentation.
https://... Danilo Zrenjanin
05:19 AM pfSense Plus Bug #14531: Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.
This bug also affects SNMP. DCO enabled, Cacti graphs stopped populating. DCO disabled, traffic graphs.
24.03-RELE... Cody Gee

06/21/2024

08:53 PM pfSense Plus Feature #15568 (New): firewall rules tagging
I got this FR idea from Palo Alto firewalls.
There is a feature where you can create an alias (address groups) and a... Mike Moore
08:42 PM pfSense Packages Bug #15567 (New): Continent Alias Lost at Start of pfBlockerNG
I am using the pfblockerNG created continent aliases e.g. "pfB_Europe_v4" in my firewall rules.
Unfortunately they a... Sebastian mzb
06:27 PM Revision fcbf1499: Fix PHP error regression when listing system users
Marcos M
06:15 PM Bug #15518: Kea does not send configured TFTP server name
This is strange because as per Kea documentation:
> Note that either name or code is required; there is no need to... Christian McDonald
05:52 PM pfSense Plus Bug #15566 (Resolved): Update Intel microcode pacakge
Current version on 24.03:... Chris W
05:50 PM Feature #8794: NTP authentication support
Applied in changeset commit:abdf94d9b09a6378b771a210bd57df65ce038843. Marcos M
05:44 PM Feature #8794 (Feedback): NTP authentication support
Implemented with commit:abdf94d9b09a6378b771a210bd57df65ce038843. Marcos M
05:45 PM Bug #15565: System proxy credentials with certain characters may fail to authenticate
Applied in changeset commit:529683187672cabc7db6b1ada2a9a3c77c35b6a7. Marcos M
05:36 PM Bug #15565 (Feedback): System proxy credentials with certain characters may fail to authenticate
Fixed in commit:529683187672cabc7db6b1ada2a9a3c77c35b6a7 Marcos M
05:07 PM Bug #15565 (Resolved): System proxy credentials with certain characters may fail to authenticate
The system proxy password should be URL-encoded, otherwise auth requests may fail. Additionally, input validation sho... Marcos M
05:39 PM Revision abdf94d9: Merge pull request #4658 from MatthewA1/ntp-authentication-feature-8794
Add support for NTP authentication. Implement #8794
Initial implementation allows for one auth key between all servers. Marcos M
05:16 PM Revision 52968318: URL encode HTTP_PROXY username and password. Fix #15565
Also enclose the fields with CDATA in config Marcos M
03:44 PM pfSense Packages Regression #15540 (Feedback): Cannot create new System Patches package custom entry on Plus 24.08/CE 2.8.0 Snapshots
Fixed with commit:4026d8132d10ec4702b1de6850c49b7723ec04e2. Marcos M
02:42 PM pfSense Packages Regression #15540 (Confirmed): Cannot create new System Patches package custom entry on Plus 24.08/CE 2.8.0 Snapshots
Looks like the fetch action isn't storing anything in the patch entry, probably a similar issue to the problem creati... Jim Pingle
10:00 AM pfSense Packages Regression #15540: Cannot create new System Patches package custom entry on Plus 24.08/CE 2.8.0 Snapshots
I tested against the version which seems to have the patch applied:... Danilo Zrenjanin
03:21 PM pfSense Packages Todo #15563 (Resolved): Remove unsupported dh_file configuration in FreeRADIUS
Marcos M
03:14 PM pfSense Packages Todo #15563 (In Progress): Remove unsupported dh_file configuration in FreeRADIUS
FreeRADIUS fails to start now if the configuration contains dh_file:
> /usr/local/etc/raddb/mods-enabled/eap: dh_fil... Marcos M
12:44 PM pfSense Docs Todo #15564 (Rejected): docs.netgate.com website not reachable on ipv6, only ipv4.
This site isn't intended for that sort of problem report, but I've passed it along to our IT crew. Thanks! Jim Pingle
09:32 AM pfSense Docs Todo #15564 (Rejected): docs.netgate.com website not reachable on ipv6, only ipv4.
IP docs.netgate.com/2610:160:11:11::4 is pingable but when I try to connect via webbrowser over ipv6 to docs.netgate.... Terje Strand
09:16 AM Bug #15537 (Confirmed): Separator positions are incorrect when copying interface group rules
Tested against:... Danilo Zrenjanin

06/20/2024

08:38 PM Revision f57da1e9: Use the repo name when saving the branch selection
https://redmine.pfsense.org/issues/15560 Marcos M
08:38 PM Revision ebc8e942: Remove redundant system link step
This code regressed at some point, making $repo equal e.g.:
'/usr/local/etc/pfSense/pkg/repos/pfSense-repo-0000.conf/... Marcos M
08:20 PM pfSense Plus Feature #15412 (Resolved): Improve error feedback from pfSense-upgrade
Marcos M
05:13 PM pfSense Plus Bug #15538 (Resolved): RAM disks trigger boot failure warning when using ZFS
Fixed with commit:4c51991f916720c07d451d5282f4c097b2f8139f Marcos M
05:04 PM Bug #15516 (Resolved): Per-rule byte counter values lost across a filter reload
Marcos M
04:56 PM Bug #15516: Per-rule byte counter values lost across a filter reload
Looks good with the patched kernel:... Steve Wheeler
04:55 PM Bug #15516 (Feedback): Per-rule byte counter values lost across a filter reload
Fixed in https://gitlab.netgate.com/pfSense/FreeBSD-src/-/commit/5c71199c72c42a9836ed6f36521a7ff95e169e0b
Steve an... Mateusz Guzik
03:29 PM Revision 4c51991f: rc.embedded: ensure /var/run is available early
Christian McDonald

06/19/2024

09:09 PM pfSense Packages Bug #15131 (Confirmed): OpenVPN client export issues with iPhone and IPV6 connections
I was able to replicate this on 24.03, removing the 4 at the end of udp4 allowed the config from the export package t... Jordan G
08:53 PM pfSense Packages Todo #15563 (Resolved): Remove unsupported dh_file configuration in FreeRADIUS
According to "FreeRADIUS":https://github.com/FreeRADIUS/freeradius-server/blob/db3d1924d9a2e8d37c43872932621f69cfdbb0... Markus *
07:53 AM Bug #12922: Classless static routes received on DHCP WAN can override chosen default gateway
The issue still exists in 2.7.2, the patch from David works. Oleksii Tucha

06/18/2024

11:52 PM Feature #15562 (New): Add support for OpenID
The idea have been discussed in the forum 2 years ago and the author said he would create a feature request about it.... Jacques Bourdeau
06:20 PM Bug #15561 (New): wireguardd stop command exits with error
Version: 24.03-RELEASE
Platform: KVM Guest
pfSense reboot (diag_reboot.php) calls ... Craig Coonrad
08:54 AM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding
Craig Coonrad wrote in #note-34:
> dtrace submitted based on: https://redmine.pfsense.org/issues/15196#note-21
> HS... Kristof Provost

06/17/2024

05:17 PM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding
dtrace submitted based on: https://redmine.pfsense.org/issues/15196#note-21
HS# 2755313440... Craig Coonrad
12:31 PM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding
`can't allocate llinfo` is logged by arpresolve_full(), when lltable_alloc_entry() returns NULL. lltable_alloc_entry(... Kristof Provost
02:24 PM Feature #13293: Option to set auth-gen-token in OpenVPN GUI
!clipboard-202406171622-03s2h.png!
Just add "auth-gen-token;" to custom options during the server configuration. Gianni Binomio
02:14 PM Regression #15556 (Closed): Net installer fails (24.06-beta-6) to set vlan tag for PPPoE
Luiz Souza
01:05 PM Revision 5cac5bc4: Revert "Add dns/powerdns to poudriere_bulk"
This reverts commit f30a1955ce187e3b66d15dce6f4270aee606bd71. Christian McDonald
12:42 PM pfSense Docs Correction #15559 (Closed): Typo in "Contact with Netgate Servers"
Fixed, thanks! Jim Pingle
12:21 PM Feature #15371 (Duplicate): Add MAP-E support
Jim Pingle
10:54 AM pfSense Packages Regression #11634 (Resolved): bind hangs when pfsense is reconnecting as an openvpn client to a TUN openvpn server
I was able to reproduce this issue on 2.5.0 CE (Bind 9.16_10).
With active and working Bind, so I was able to reso... Azamat Khakimyanov
08:24 AM Feature #7781: Please Enable Rule Separators on Manual Outbound NAT
Can someone handle this feature request?
Without separators, managing complex configurations becomes really hard. Gianni Binomio

06/16/2024

08:44 AM Bug #15536: still generate XMLRPC Error even after checkbox Synchronize states is set to OFF
Jim Pingle wrote in #note-1:
> State synchronization is an entirely separate protocol from XMLRPC configuration sync... Sergei Shablovsky
08:42 AM Feature #10467: Email alert functionality for system health
tasty ratz wrote:
> Email alerting is not well documented and not very inclusive.
>
> I recently experienced an i... Sergei Shablovsky
08:35 AM Feature #14558: Feature Request: GUI options to Unbound Resolver's new DoH abilities
+ upvote for this!
Using DoT/DoH already are the standard nowadays (at the first because most used browsers Safar... Sergei Shablovsky
01:17 AM Feature #11901: Add MAP-T/MAP-E support to pfSense
Many components of MAP-E are in FreeBSD now. See for an example: https://github.com/pfsense/FreeBSD-src/commit/2aa21... Kris Phillips
01:12 AM Feature #15371: Add MAP-E support
This should be closed as a duplicate and comments added to the original redmine. Creating duplicates intentionally i... Kris Phillips

06/15/2024

02:56 PM pfSense Docs Correction #15559: Typo in "Contact with Netgate Servers"

(I'm really just testing the bug reporting process but I thought I'd share this one typo I happened upon.) Nick Weber
02:54 PM pfSense Docs Correction #15559 (Closed): Typo in "Contact with Netgate Servers"

https://docs.netgate.com/pfsense/en/latest/general/netgate-servers.html
The first paragraph of this page contain... Nick Weber
06:20 AM Regression #15556: Net installer fails (24.06-beta-6) to set vlan tag for PPPoE
It is fixed in pfSense-plus-installer-24.06-BETA7-amd64-latest.img the issue can be marked as resolved. Lev Prokofev

06/14/2024

10:36 PM Bug #15133 (Resolved): PHP error with OpenVPN server certificate verification if the certificate has multiple ``CN`` attributes
Marcos M
05:29 PM Bug #15133: PHP error with OpenVPN server certificate verification if the certificate has multiple ``CN`` attributes
reproduced on 23.09, 24.03
tested on
24.08-DEVELOPMENT (amd64)
built on Fri Jun 14 9:02:00 +03 2024
FreeBSD 15... Georgiy Tyutyunnik
04:13 PM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding
Kristof Provost wrote in #note-31:
> Are the users affected by `kernel: arpresolve: can't allocate llinfo` running a... Christopher Cope
03:27 PM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding
Are the users affected by `kernel: arpresolve: can't allocate llinfo` running a routing daemon (openbgpd, frr, ...)?
... Kristof Provost
01:43 PM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding
Kristof Provost wrote in #note-29:
> Was there a `kernel: arpresolve: can't allocate llinfo ` in HS# 2828658261?
> ... Christopher Cope
07:39 AM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding
Was there a `kernel: arpresolve: can't allocate llinfo ` in HS# 2828658261?
What sort of connection issues is it see... Kristof Provost
01:14 AM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding
A fresh deployment of 24.03 on a t3.small. HS# 2828658261. No unusual CPU load.... Chris W
01:49 PM Bug #15557 (New): Dynamic DNS Cloudflare update fails with UNKNOWN ERROR, because get_failover_interface returns an interface without configured IP
Dynamic DNS service configured for Cloudflare DNS fails when WAN IP is configured with DHCP on bridge0 (vtnet0 + vtne... Theo Logan
07:54 AM Regression #15556 (Closed): Net installer fails (24.06-beta-6) to set vlan tag for PPPoE
It was working before on pfSense-plus-installer-24.10-DEVELOPMENT-amd64-20240531-0600.img but now on pfSense-plus-ins... Lev Prokofev
04:18 AM Bug #15555: Coredumps not functional for non-root processes.
Thanks for reviewing this. Jonathan Lee

06/13/2024

05:05 PM Revision f30a1955: Add dns/powerdns to poudriere_bulk
Christian McDonald
01:37 PM Bug #15555: Coredumps not functional for non-root processes.
This is not a Squid specific issue. Services/processes running as non-root users fail to create a core file. Steve Wheeler
02:50 AM Bug #15555 (New): Coredumps not functional for non-root processes.
Jun 12 19:02:08 kernel pid 80887 (squid), jid 0, uid 0: exited on signal 6 (no core dump - bad address)
Jun 12 19... Jonathan Lee
11:57 AM pfSense Plus Feature #11920: SAML Authentication for pfSense (VPN and webConfigurator)
That would be great, I'm changing my LOCAL AD to Microsoft Entra ID and I now need to authenticate my VPN with it. Wagner Ferreira
05:50 AM Feature #4632: Support for Multipath TCP (MPTCP)
+1
 z z
 

Also available in: Atom