Activity

30 days up to

User

Subprojects

Activity

From 06/22/2024 to 07/21/2024

07/21/2024

02:21 PM pfSense Packages Bug #14489: FRR needs delayed startup: Spike R.D. wrote:
> Hi,
>
> FRR is currently started before completing Wireguard tunnels initialization:
>
> [... Tjabo T.
12:21 PM Feature #12522: More GUI options for OpenVPN Client-Specific Overrides: Attached a new patch for pfsense 2.7.2 release
It implements the latest proposed changed on github commit
https://g... Phil Wardt
06:45 AM Bug #13996: Limiters using the fq_pie scheduler no longer pass any traffic.: I can reproduce the issue on pfSense CE 2.7.2 and pfSense+ 24.8-DEVELOPMENT (on VM and Hardware), and on FreeBSD 14 a... Thomas Kupper
02:28 AM pfSense Packages Regression #15064: Statis menu entry for APCUPSD leads to settings page, not status: Tested on 24.08 snapshots and this issue is still present. Kris Phillips
02:27 AM Regression #15439: Incorrect icon on collapsed dashboard widgets: Tested on
24.08-DEVELOPMENT (amd64)
built on Thu Jul 18 6:00:00 UTC 2024
FreeBSD 15.0-CURRENT
Still present o... Kris Phillips

07/20/2024

11:58 PM Regression #15634: SSH Fails to Start on snapshots: dylan mendez wrote in #note-1:
> Cannot replicate this on 24.08.a.20240702.0600.
>
> I can enable/disable the SSH... Christopher Cope
11:24 PM Regression #15634: SSH Fails to Start on snapshots: Cannot replicate this on 24.08.a.20240702.0600.
I can enable/disable the SSH service both from Status - Services a... dylan mendez
10:03 PM Regression #15634 (Closed): SSH Fails to Start on snapshots: Navigating to System --> Advanced --> Admin Access and attempting to enable the SSH Daemon results in a page refresh ... Kris Phillips
10:53 PM Bug #15633: Limiters applied to OpenVPN interface do not apply for download traffic: Unable to replicate this on pfSense Plus 23.08 devel.
Setup: OpenVPN Server with a firewall rule with Limiters In/... dylan mendez
07:09 PM Bug #15633 (Resolved): Limiters applied to OpenVPN interface do not apply for download traffic: There is an issue appeared after recent pfsense updates (which ?)
Limiters applied to shape traffic on OpenVPN (conf... Phil Wardt
05:58 PM pfSense Plus Feature #15632 (Rejected): Feature Request: IPv6 EUI-64 support: Hello fellow Redmine community members
I can’t seem to find a way to enable EUI-64 on pfSense plus.
Is there a ... Jonathan Lee
02:13 PM Bug #15178 (Feedback): ACB (autoconfig backup) restore always returns could not decrypt despite proper password: I couldn't reproduce this issue on:... Danilo Zrenjanin
08:29 AM Feature #12522: More GUI options for OpenVPN Client-Specific Overrides: Your last commit https://github.com/pfsense/pfsense/commit/012e36e6b87cf63743e644179a15e67f38d94f77
still has issues... Phil Wardt
02:17 AM Regression #15631 (New): OpenVPN - ECC with Secp256k elliptic curve not working: Hi, I am with a VPN providor that uses ECC with Secp256k elliptic curve encryption, this used to work fine, but a... Andrew McCann

07/19/2024

09:13 PM Revision 012e36e6: Additional revisions to OpenVPN CSC. Fix #12522: Fix the keep_minimal checkbox being unchecked on page load, and
move it below the remove_options list. Add more remov... Marcos M
09:12 PM Bug #15630 (Not a Bug): When parsing openvpn.inc file, boot process is halted if error: This isn't something we'd normally check for explicitly. There have been a various config changes that could affect t... Marcos M
08:02 PM Bug #15630 (Not a Bug): When parsing openvpn.inc file, boot process is halted if error: I was working on patching openvpn.inc file on a running system
On previous versions, an error in the source would no... Phil Wardt
07:28 PM Feature #12522: More GUI options for OpenVPN Client-Specific Overrides: Ok, there were issues with your current patch:
- the state of keep_minimal was not saved
- the push-remove options we... Phil Wardt
02:00 PM Feature #12522: More GUI options for OpenVPN Client-Specific Overrides: I am testing deepling and options do not work as intended
Please hold and I will give deeper feedback Phil Wardt
05:11 PM Revision b1024c96: Fix missing word: Jim Pingle
03:31 PM pfSense Plus Feature #12832: 6100 configurable Blinking Blue LED: Or this?? checks gateway..
@#!/bin/sh
echo 0 > /dev/led/blue_0
echo 0 > /dev/led/blue_1
echo 0 > /dev/led/blue_2
... Jonathan Lee
03:25 PM Revision 259fecc9: Fix UPnP priv metadata: Jim Pingle
03:25 PM Revision fa36708b: Correct UPnP page metadata: Jim Pingle
02:50 PM Revision 9ea35e06: Fixup some privdefs and run privilege script.: Jim Pingle

07/18/2024

08:36 PM pfSense Packages Todo #12717: Squid 5.x Branch: Squid is now recently updated to 6.6 as of 2024 and has many security enhancements. Jonathan Lee
08:34 PM pfSense Packages Documentation #14842: Update Squid troubleshooting: Squids http_port tproxy directive spoofs the IP addresses. This can be used in place of intercept to further increase... Jonathan Lee
06:13 PM Feature #12522: More GUI options for OpenVPN Client-Specific Overrides: I can propose the changes if you want Phil Wardt
08:24 AM Feature #12522: More GUI options for OpenVPN Client-Specific Overrides: Phil Wardt wrote in #note-23:
> The new commit looks fine to me except a few small points:
> 1- can you change the ... Phil Wardt
05:42 PM Regression #14026: HA node with CARP VIP in backup state is unable to ping the active node using that CARP VIP address: The fix seems to work for IPv4 but not IPv6. With IPv6 the secondary still can't ping the CARP VIP, both for GUA and ... Jim Pingle
05:22 PM Regression #14026 (Resolved): HA node with CARP VIP in backup state is unable to ping the active node using that CARP VIP address: The upcoming pfSense software release includes the upstream patch and the ping works as expected there. Marcos M
03:24 PM Regression #14026: HA node with CARP VIP in backup state is unable to ping the active node using that CARP VIP address: Marcos - similar to IPsec VTI and the strict policy, should we carve out an exception for this? Mike Moore
05:24 PM pfSense Plus Feature #15629 (New): DHCP status :Leases pagination/search: I'm considering a situation where dhcp would be handling lots of reservations, something in the vicinity of 300.000.
... net blues
04:04 PM pfSense Packages Feature #15628 (New): Feature request: Squid 6.6 TPROXY directive GUI option: Hello fellow redmine community members.
In the older release of squid in 5.8 we could enable tproxy by just chan... Jonathan Lee
03:52 PM pfSense Packages Bug #15410: cache_object://URL Scheme is removed in Squid-6: Researching with Squid Email support in Squid 6.6
On 2024-07-18 00:55, Jonathan Lee wrote:
curl http://localho... Jonathan Lee
03:41 PM pfSense Packages Feature #15626: Feature Request: Squid 6.6 Rock cache directory: While researching per Squid support emails.
On 2024-07-18 00:33, Jonathan Lee wrote:
What would be the correct ... Jonathan Lee
02:12 AM pfSense Packages Feature #15626 (New): Feature Request: Squid 6.6 Rock cache directory: Hello fellow Redmine members,
I researched and found a cache file system is missing from php GUI options.
This ... Jonathan Lee
03:11 PM pfSense Packages Feature #15627 (Rejected): Make the links open in a new tab: We've considered this in the past and ultimately decided not to go that route. If you force them to a new window you ... Jim Pingle
07:20 AM pfSense Packages Feature #15627 (Rejected): Make the links open in a new tab: Can the links to redmine and the various other assets be made to open in a new tab i.e.... Jon Brown
11:20 AM Bug #15361 (Resolved): Network and broadcast address input validation is incorrectly applied to IPv6 VIPs: Tested against:... Danilo Zrenjanin
08:48 AM pfSense Packages Todo #15281: Upgrade Tailscale to 1.6.0: R W wrote in #note-13:
> So I feel like the approach to manually including a tailscale release with each pfSense bui... Matt Keys
12:40 AM pfSense Packages Todo #15281: Upgrade Tailscale to 1.6.0: So I feel like the approach to manually including a tailscale release with each pfSense build isn't going to work to ... R W

07/17/2024

11:39 PM Regression #14026: HA node with CARP VIP in backup state is unable to ping the active node using that CARP VIP address: I have also experienced this bug in 2.7.2.
For reference, I found this bug report in FreeBSD, with a proposed patc... Steven Brown
11:29 PM Bug #15625 (Duplicate): IPv6 prefix rotation by ISP causes complete service disruption: Whats the issue?
If my ISP hands out a new GUA, the WAN interface only gets an additional new SLAAC or DHCPv6 inte... Jan-Jonas Sämann
06:35 PM Bug #15624 (Feedback): Skip Packages option for Configuration Backups fails with large configurations: Applied in changeset commit:0d2ada69f07a4cba5e99430d1d24c4ecc9abc713. Marcos M
03:00 PM Bug #15624 (Confirmed): Skip Packages option for Configuration Backups fails with large configurations: Still seeing this in 24.08.a.20240717.0600 and 24.03.
Testing with
file:///home/steve/Pictures/Screenshot%20fro... Steve Wheeler
08:42 AM Bug #15624: Skip Packages option for Configuration Backups fails with large configurations: Tested on 24.08.a.20240702.0600, and can not reproduce the issue. All works if I upload file less 1Mb. If I try uploa... aleksei prokofiev
06:26 PM Revision 0d2ada69: Handle large sections when skipping package config. Fix #15624: Using regex to remove the 'installedpackages' config section may fail
depending on the size of the string being parse... Marcos M
05:20 PM Bug #15561: wireguardd stop command exits with error: Tested on 24.03 (KVM) and on latest 24.08-DEVELOPMENT (built on Tue Jul 2 6:00:00 UTC 2024)
on both 24.03 and on 2... Azamat Khakimyanov
05:07 PM Feature #12522 (Feedback): More GUI options for OpenVPN Client-Specific Overrides: Marcos M
05:04 PM Feature #12522: More GUI options for OpenVPN Client-Specific Overrides: Thanks! We don't want to remove the ability to reset all options (including topology). The "keep minimal" option is t... Marcos M
02:47 PM Feature #12522 (In Progress): More GUI options for OpenVPN Client-Specific Overrides: Marcos M
02:14 PM Feature #12522: More GUI options for OpenVPN Client-Specific Overrides: Thank you for taking the lead with this as I did not have much time left
I checked the code and applied a patch for ... Phil Wardt
05:03 PM Revision 3ec78353: Push correct OpenVPN CSC options. Fix #12522: While there, include override/remove options for inactivity. Marcos M
04:33 PM Feature #15575: Kea High Availability Support (IPv4 and IPv6): I removed the bit I had noted there about RA, it's working OK if you pick a CARP VIP for the "RA Interface" in the RA... Jim Pingle
04:11 PM Feature #15575: Kea High Availability Support (IPv4 and IPv6): A couple more notes after using it more:
* The Enabled Interfaces list on the Kea settings tab is prone to error and... Jim Pingle

07/13/2024

09:08 PM pfSense Packages Todo #15281: Upgrade Tailscale to 1.6.0: Elvis Impersonator wrote in #note-11:
> I guess pfSense CE 2.7.2 and 2.8.0 are not important to Netgate. Thanks for... Christopher Cope
08:36 PM pfSense Packages Todo #15281: Upgrade Tailscale to 1.6.0: I guess pfSense CE 2.7.2 and 2.8.0 are not important to Netgate. Thanks for letting us know us know the future of CE... Elvis Impersonator
07:38 PM pfSense Packages Todo #15281 (Resolved): Upgrade Tailscale to 1.6.0: Yes, 1.68.1 is already available in the 24.08-DEVELOPMENT release. ... Danilo Zrenjanin
08:48 PM pfSense Packages Feature #15619 (New): Upgrade CE to Tailscale 1.68.2: Currently available Tailscale package has known security vulnerabilities.
https://tailscale.com/security-bulletins... Elvis Impersonator
08:09 PM Regression #11819: MAC address OEM information missing from ARP table: Jim Pingle wrote:
> The MAC OEM information usually displayed after MAC addresses is missing from the ARP table disp... tasty ratz
07:22 PM pfSense Plus Bug #15617: GRE tunnel state after parent interface down/up events: I couldn't replicate that behavior. I tried turning the parent interface from the GUI and disconnecting the cable. In... Danilo Zrenjanin
06:08 AM pfSense Plus Bug #15617: GRE tunnel state after parent interface down/up events: disabled interface is opt9 (gre0)
syslog specifically for the related events attached Georgiy Tyutyunnik
06:02 AM pfSense Plus Bug #15617 (New): GRE tunnel state after parent interface down/up events: disabled GRE tunnels initiate connect and get p2p connectivity when assigned interface is disabled, but parent interf... Georgiy Tyutyunnik
07:01 PM Bug #15211 (Closed): tcpdump run with BIOS hardware clock set, but no on environment system time: tcpdump is supposed to respect the system timezone when showing timestamps, but this was not happening in FreeBSD. It... Marcos M
05:18 PM Bug #15589: Saving an IPv6 gateway overrides the IPv4 gateway: The patch fixes it.
This ticket can be resolved. Danilo Zrenjanin
04:30 PM Bug #15589 (Feedback): Saving an IPv6 gateway overrides the IPv4 gateway: Applied in changeset commit:fd69a6b325c2ad40d0cd5c559000e0970099d9d6. Marcos M
04:18 PM Bug #15589 (In Progress): Saving an IPv6 gateway overrides the IPv4 gateway: Marcos M
04:17 PM Bug #15589 (Confirmed): Saving an IPv6 gateway overrides the IPv4 gateway: Marcos M
10:04 AM Bug #15589: Saving an IPv6 gateway overrides the IPv4 gateway: I still can reproduce it on:... Danilo Zrenjanin
04:36 PM Bug #15615 (Closed): Bump SSHD to >= 9.8: This has already been fixed in recent snapshots, and a patch is available in the System Patches package to work aroun... Marcos M
04:11 PM Revision fd69a6b3: Correctly save IPv6 gateway. Fix #15589: Marcos M
03:40 PM Bug #15361 (Feedback): Network and broadcast address input validation is incorrectly applied to IPv6 VIPs: Applied in changeset pfsense:commit:e48574e28f90b56fb08506c02da7d1e860e69b31. Marcos M
01:37 PM Bug #15361: Network and broadcast address input validation is incorrectly applied to IPv6 VIPs: I've tested and got the same results in the:... Danilo Zrenjanin
03:37 PM pfSense Packages Bug #15618 (Incomplete): HAproxy causes system panic: There's not enough information to investigate further. There should be a compressed file containing the backtrace alo... Marcos M
12:09 PM pfSense Packages Bug #15618 (Duplicate): HAproxy causes system panic: Crash report begins. Anonymous machine information:
amd64
15.0-CURRENT
FreeBSD 15.0-CURRENT #0 plus-RELENG_24_0... Amin Sadeghi
03:31 PM Revision e48574e2: Remove network/broadcast input validation for IPv6 VIPs. Fix #15361: Marcos M
01:44 PM pfSense Packages Bug #9204: ospfd: GRE tunnels became unnumbered since 2.4.4: It appears from the upstream discussion that this patch can cause other issues, so applying it is likely to break exi... Christopher Cope
12:51 PM pfSense Packages Bug #9204: ospfd: GRE tunnels became unnumbered since 2.4.4: Here we are 5 years later. Still not fixed.
But the code has been updated a bit. pfSense+ 24.03 still contains... Dave Rand
01:02 PM pfSense Plus Bug #15316 (Resolved): OpenVPN Clients with Gateway Group Interface on DHCP Exits on Error 1: After conducting thorough tests, I could not reproduce the issue on 24.03.
Additionally, even when the tier 1 gat... Danilo Zrenjanin
12:41 AM Feature #15575 (Feedback): Kea High Availability Support (IPv4 and IPv6): Merged: https://github.com/pfsense/pfsense/commit/a4cd7de16d18baaac7a900959f5a9c9ece547cb4 Christian McDonald

07/12/2024

11:37 PM Bug #15589: Saving an IPv6 gateway overrides the IPv4 gateway: Given that testing indicates this is resolved in the development snapshots, the issue is considered resolved unless i... Marcos M
11:24 PM Feature #12522 (Feedback): More GUI options for OpenVPN Client-Specific Overrides: The following new override options are now available in the GUI:
- Reset individual server options
- IPv4 Gateway
... Marcos M
11:09 PM Revision 2203dde0: Expose additional OpenVPN CSC options. Implement #12522: Adds the following override options:
- Reset individual server options
- IPv4 Gateway
- IPv6 Gateway
- Redirect IPv6 ... Marcos M
10:36 PM Revision a4cd7de1: kea: Introduce high availability support for both IPv4 and IPv6: Christian McDonald
03:33 PM pfSense Plus Bug #15616 (Not a Bug): GUI interface assignment input-check: This can happen just about anywhere in the GUI. It does not support concurrent modification. Marcos M
02:38 PM pfSense Plus Bug #15616 (Not a Bug): GUI interface assignment input-check: Under some circumstances it's possible to attempt an assignment of non-existing interface which will lead to a creati... Georgiy Tyutyunnik
01:59 PM Bug #8386: Virtual IPs not considered as part of interface net: Me again. So recently I bumped into this issue again. And apparently another user as well. So as IPv4 _is_ added as y... Stefan Kooman
01:57 PM pfSense Packages Bug #13043: OSPF over Wireguard interface doesn't populate neighbors after reboot: Hi,
i want to confirm the issue, too. I can reproduce the bug within both installations of my HA setup... Using Wi... Tjabo T.
12:01 PM pfSense Packages Feature #9044: Add SoftEther: Hi evryone,
If can be useful, I'm starting to add a SoftEther package for pfSense: https://github.com/STeXE89/Free... STeXE89 STeXE89
10:28 AM Bug #15615 (Closed): Bump SSHD to >= 9.8: The version of OpenSSH in 2.7.2 is:
OpenSSH_9.4, OpenSSL 3.0.12 24 Oct 2023
This is vulnerable to the recently di... Simon Giotta
08:14 AM pfSense Packages Bug #15614: Squid 6.6 Package should have NO_TLSv1 and NO_TLSv1_1 feature flags set on directive pls_outgoing_options: www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc
Line 1233 needs feature flags added Jonathan Lee
08:13 AM pfSense Packages Bug #15614 (Duplicate): Squid 6.6 Package should have NO_TLSv1 and NO_TLSv1_1 feature flags set on directive pls_outgoing_options: $sslproxy_options = "NO_SSLv3, NO_TLSv1, NO_TLSv1_1";
This variable is also used with
tls_outgoing_options
... Jonathan Lee

07/11/2024

09:33 PM Revision 7d3d0166: Config access regression when toggling filter rules: Marcos M
01:24 PM pfSense Packages Feature #15541: CRON: option to enable/disable task: In the cron configuration file (/etc/crontab), the task would be commented with # when disabled, and when activated, ... Fabio Rafael Kochhann
06:53 AM pfSense Plus Bug #15316: OpenVPN Clients with Gateway Group Interface on DHCP Exits on Error 1: The problem is specific to the OpenVPN client setup. Azamat, can you confirm that you tested with it? Danilo Zrenjanin
01:55 AM pfSense Packages Bug #15274: HAProxy Configuration Changes Require pfSense Reboot to Take Effect: Also discussed here.
https://forum.netgate.com/topic/178348/haproxy-backend-port-changes-are-not-applied
workarou... Brendon Baumgartner

07/10/2024

08:48 PM Bug #15601: Routes with IPv6 Address as Next Hop for IPv4 Destination Causes Kernel Panic: Note that these IPs like to be one instruction off. The __rw_wunlock_hard is just prior and it operates on the child ... Mateusz Guzik
03:23 PM Bug #15601: Routes with IPv6 Address as Next Hop for IPv4 Destination Causes Kernel Panic: Jim Pingle wrote in #note-2:
> How exactly is someone making that sort of entry? It can't be made in the GUI via sta... Kris Phillips
06:16 PM pfSense Plus Bug #15262: Captive Portal Has High CPU Interrupts With Large Number of Users: Customer in ticket 2947838007 is reportedly running into this issue as well. Kris Phillips
05:46 PM pfSense Plus Bug #15611 (Closed): Latest 24.08-DEV update (24.08.a.20240710.0600) reorders interfaces: This is a known issue and will be resolved in later dev builds. Marcos M
08:58 AM pfSense Plus Bug #15611 (Closed): Latest 24.08-DEV update (24.08.a.20240710.0600) reorders interfaces: Tested twice on 24.08-DEVELOPMENT (built on Wed Jul 10 6:00:00 UTC 2024) on KVM and on 2100
After upgrade from pre... Azamat Khakimyanov
04:12 PM Bug #15612: Captive Portal with big number of passththrough MAC addresses is causing webgui gateway timeouts, Error 50x, and HA-sync XMLRPC Error: addition:
- even excluding captive portal from xmlrpc ha sync does not fix the problem.
- I can also export the ca... Thomas Hohm
04:07 PM Bug #15612: Captive Portal with big number of passththrough MAC addresses is causing webgui gateway timeouts, Error 50x, and HA-sync XMLRPC Error: Sorry, submitted by accident without details, here are the details to it:
The problematic behaviours:
1. Editin... Thomas Hohm
03:51 PM Bug #15612 (New): Captive Portal with big number of passththrough MAC addresses is causing webgui gateway timeouts, Error 50x, and HA-sync XMLRPC Error: Forum discussion:
https://forum.netgate.com/topic/188936/captive-portal-with-big-number-of-passththrough-ma... Thomas Hohm
12:00 PM Bug #15328 (Resolved): Changes in Kea DHCP interface pools may invalidate lease database content: Tested on 23.09.1 and on 24.08-DEVELOPMENT (built on Fri Jul 5 6:00:00 UTC 2024)
I was able to reproduce this issu... Azamat Khakimyanov
08:39 AM pfSense Packages Bug #15610 (New): OSPF with "Redistribute Default" enabled and "Always Redistribute" disabled does not react to WAN link down events: OSPF with "Redistribute Default" *enabled* and "Always Redistribute" *disabled* does not stop redistributing the defa... Patrick Clara
03:05 AM Bug #15589: Saving an IPv6 gateway overrides the IPv4 gateway: What does the feedback status indicate? R W

07/09/2024

11:22 PM Bug #15589 (Feedback): Saving an IPv6 gateway overrides the IPv4 gateway: Marcos M
09:20 PM Bug #15589: Saving an IPv6 gateway overrides the IPv4 gateway: Tested against pfSense Plus 24.08.a.20240702.0600. Added an IPv6 Static IP with IPv6 gateway on the primary WAN. It w... dylan mendez
07:54 PM Bug #15606 (Resolved): Data transfer problems when using interface-bound states with automatic floating states for IPsec rules: Marcos M
03:00 PM Bug #15606 (Feedback): Data transfer problems when using interface-bound states with automatic floating states for IPsec rules: Applied in changeset commit:3b3be7348bdf0f75d474a6aec938d8143e90c8bf. Marcos M
01:23 AM Bug #15606: Data transfer problems when using interface-bound states with automatic floating states for IPsec rules: Tested Marcos' patch successfully <thumbs up>... Craig Coonrad
12:26 AM Bug #15606 (Ready To Test): Data transfer problems when using interface-bound states with automatic floating states for IPsec rules: This seems to happen because of the bogus state that's created initially on the VTI, e.g.:... Marcos M
07:42 PM Revision 112a26f4: static routes: enable autotrim on `destination network`: Christian McDonald
05:41 PM Feature #15609 (Resolved): Allow filtering packet captures by system-defined protocols: The packet capture interface does not allow filtering by protocol 'gre' directly:... Steve Wheeler
05:34 PM pfSense Packages Bug #15313: Zabbix server 6.4.12 requires Zabbix proxies to be version 6.4.12: That's great to hear!
Will updated Zabbix packages be released for 24.03? Andrew Almond
07:17 AM pfSense Packages Bug #15313: Zabbix server 6.4.12 requires Zabbix proxies to be version 6.4.12: Checked on the last dev 24.08 and Zabbix use zabbix64-proxy-6.4.16 version
24.08-DEVELOPMENT (amd64)
built on Tue ... aleksei prokofiev
12:32 PM pfSense Packages Feature #14633: Cleanup states on dynamic routing changes: Tested on latest 24.08-DEVELOPMENT (built on Fri Jul 5 6:00:00 UTC 2024)
I deployed 2 pfSenses, created Routed IPs... Azamat Khakimyanov
12:16 PM pfSense Packages Bug #15385 (Resolved): PHP crash when exporting Apple profile, while IPsec P1 authentication method set to "Mutual Certificate": Jim Pingle
07:12 AM pfSense Packages Bug #15385: PHP crash when exporting Apple profile, while IPsec P1 authentication method set to "Mutual Certificate": Tested on ipsec-profile-wizard version 1.2.3 on
24.08-DEVELOPMENT (amd64)
built on Tue Jul 2 9:00:00 MSK 2024
Free... aleksei prokofiev
09:30 AM pfSense Packages Todo #15281: Upgrade Tailscale to 1.6.0: aleksei prokofiev wrote in #note-8:
> Checked on last dev build and tailscale-1.68.1 presented
> 24.08-DEVELOPMENT ... Elvis Impersonator
07:35 AM pfSense Packages Todo #15281: Upgrade Tailscale to 1.6.0: Checked on last dev build and tailscale-1.68.1 presented
24.08-DEVELOPMENT (amd64)
built on Tue Jul 2 9:00:00 MSK 2... aleksei prokofiev
07:47 AM pfSense Packages Regression #15159: XMLRPC Replication Target required even if not using it: I can confirm the same on the last dev build and pfBlockerNG 3.2.0_13
24.08.a.20240702.0600
24.08-DEVELOPMENT (amd... aleksei prokofiev
06:54 AM pfSense Packages Bug #14861: PHP error when pings are enabled but no ping hosts are defined: I can confirm that enabling ping monitor option without specify host IP caused crash. Disabling the option or specify... aleksei prokofiev
04:48 AM pfSense Plus Feature #15608 (New): Gateway failback timer: When using multi-wan failover, the timing from Tier2 to Tier1 (and vice versa) can be dizzying.
There should be a se... John Carson
12:25 AM Revision 3b3be734: Use floating states on IPsec VTI. Fix #15606: Marcos M

07/08/2024

05:31 PM pfSense Plus Bug #15595: ``pftop`` core dump with ICMP states: Potentially related to:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=277093 Marcos M
03:02 PM Bug #15601 (In Progress): Routes with IPv6 Address as Next Hop for IPv4 Destination Causes Kernel Panic: Jim Pingle
02:53 PM Bug #15601: Routes with IPv6 Address as Next Hop for IPv4 Destination Causes Kernel Panic: I've proposed this upstream: https://reviews.freebsd.org/D45913 and copied the original author of the relevant code. Kristof Provost
02:46 PM Bug #15601: Routes with IPv6 Address as Next Hop for IPv4 Destination Causes Kernel Panic: Jim Pingle wrote in #note-2:
> How exactly is someone making that sort of entry? It can't be made in the GUI via sta... Kristof Provost
02:44 PM Bug #15601: Routes with IPv6 Address as Next Hop for IPv4 Destination Causes Kernel Panic: The relevant bits from the (private) crash dump is this:... Kristof Provost
12:31 PM Bug #15601 (Feedback): Routes with IPv6 Address as Next Hop for IPv4 Destination Causes Kernel Panic: How exactly is someone making that sort of entry? It can't be made in the GUI via static routes, input validation rej... Jim Pingle
12:48 PM pfSense Docs Correction #15607 (Closed): pfSense Plus for Amazon AWS -- linked page leads to 404: Fixed: https://gitlab.netgate.com/docs/pfsense-platforms/-/commit/585cb1b254445352841a1870ad27df96ac6f7589 Jim Pingle
12:40 PM pfSense Docs Todo #15603 (Rejected): Update "Download Installation Media" for Netgate Installer: I'm already working on this, no need for another issue, plus it's a duplicate of 15587.
Jim Pingle
12:37 PM Bug #15602 (Rejected): Dashboard interface widget does not use consistent capitalization or formatting for BASE-T designations: The widget merely passes through the values displayed by the operating system, it does not format things on its own.
... Jim Pingle
12:31 PM pfSense Packages Feature #14321 (Closed): Add UPS information to LCDproc screen: Jim Pingle
08:29 AM pfSense Plus Bug #15316: OpenVPN Clients with Gateway Group Interface on DHCP Exits on Error 1: I tested on 23.05, 23.09.1 and 24.03 and I wasn't able to reproduce this issue.
With Failover group as an Interfac... Azamat Khakimyanov

07/07/2024

08:40 PM pfSense Docs Correction #15607 (Closed): pfSense Plus for Amazon AWS -- linked page leads to 404: doc: https://docs.netgate.com/pfsense/en/latest/solutions/aws-vpn-appliance/index.html
> This AMI can be run in ... Craig Coonrad
08:23 PM pfSense Plus Bug #15595: ``pftop`` core dump with ICMP states: I wasn't able to trigger this by logging in. One thing I did notice is I've only seen this on amd64, nothing from my ... Craig Coonrad
08:14 PM Bug #15606 (Resolved): Data transfer problems when using interface-bound states with automatic floating states for IPsec rules: Version: 24.03-RELEASE (amd64)
Platform: PVE/KVM
Test environment:... Craig Coonrad
05:36 PM pfSense Packages Feature #12711: Add InfluxDB V2 support: Hi Marcos M
> Please open a new redmine (or follow up on the forum) with reproducible steps.
If I configure Tel... Marc Walter
03:44 PM Bug #15605: Status > Monitoring VTI graphs show incorrect traffic: Note that the Status > Traffic graphs appear to be correct. Chris Linstruth
03:40 PM Bug #15605 (New): Status > Monitoring VTI graphs show incorrect traffic: While testing #15604 I noticed that the Status > Monitoring graphs do not correctly display VTI traffic.
These are... Chris Linstruth
03:07 PM Bug #15604: Equal cost multipath over IPsec VTI outbound routing only utilizing one path: Attaching state screenshot. Chris Linstruth
02:53 PM Bug #15604 (New): Equal cost multipath over IPsec VTI outbound routing only utilizing one path: A pair of ECMP tunnels was created between a tnsr node and a pfSense node.
BGP peering was established over both p... Chris Linstruth

07/06/2024

11:24 PM Bug #15602: Dashboard interface widget does not use consistent capitalization or formatting for BASE-T designations: I can confirm this behavior. To add to it, 10 Gigabit links show "10Gbase" with a lower case b and upper case G, so ... Kris Phillips
10:27 PM Bug #15602 (Rejected): Dashboard interface widget does not use consistent capitalization or formatting for BASE-T designations: Capitalization and formatting between 1000 and 2500 BASE-T designations is not consistent in the dashboard interface ... Jordan G
10:40 PM pfSense Docs Todo #15603 (Rejected): Update "Download Installation Media" for Netgate Installer: This section states "Customers who have purchased firewalls pre-loaded with pfSense® Plus software from the Netgate S... Kris Phillips
10:09 PM pfSense Packages Bug #14398: ONBATT Status Missing in apcupsd.widget.php: issue is still present on 24.03 w/ apcupsd v0.3.92_2 Jordan G
08:46 PM pfSense Packages Feature #14321: Add UPS information to LCDproc screen: APCUPSD and NUT have been added to LCDproc , they show up after installing packages.
Alhusein Zawi
03:11 PM Bug #15601 (Resolved): Routes with IPv6 Address as Next Hop for IPv4 Destination Causes Kernel Panic: If an entry is able to be made that adds a route for IPv4 traffic to be sent to an IPv6 destination, this can cause a... Kris Phillips
11:31 AM Bug #12905: Add VLAN Re-assignment to Import Interface Mismatch Wizard: re: ticket 2923731480 I isolated the issue of lost connectivity to the fact checking the preserve switch settings doe... Dale Harron
08:17 AM Bug #15589 (Confirmed): Saving an IPv6 gateway overrides the IPv4 gateway: Danilo Zrenjanin
08:16 AM Bug #15589: Saving an IPv6 gateway overrides the IPv4 gateway: Tested against:... Danilo Zrenjanin
05:52 AM Bug #15598: Input validation for duplicate remote gateways does not work when using the duplicate P1 button: I can confirm this behavior exists on 23.01 and above. Lev Prokofev

07/05/2024

04:34 PM pfSense Plus Bug #15595: ``pftop`` core dump with ICMP states: Seeing this on my 24.03 VM too. In my case it seems to always happen very shortly after logging in to the GUI. It doe... Chris W
02:32 PM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding: Good morning everyone,
To assist with resolving the issue, I would like to inform you that, after updating the ins... Marcos Cosac
01:25 PM pfSense Packages Feature #15600 (Closed): pfBlocker Widget - make the failed downloads windows expandable: Christopher Cope
11:31 AM pfSense Packages Feature #15600: pfBlocker Widget - make the failed downloads windows expandable: !clipboard-202407051231-rroh6.png!
Jon Brown
11:30 AM pfSense Packages Feature #15600: pfBlocker Widget - make the failed downloads windows expandable: ignore me and close this issue. Jon Brown
11:29 AM pfSense Packages Feature #15600: pfBlocker Widget - make the failed downloads windows expandable: The setting you mention expands the whole widget. I just want to expand the failed downloads so I can read them. than... Jon Brown
11:23 AM pfSense Packages Feature #15600: pfBlocker Widget - make the failed downloads windows expandable: Click on the wrench icon in the widget header. BBcan177 .
02:59 AM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online: This happens for me as well on 2.7.2 CE, usually restarting the gateway service on the gateways page fixes it. The in... Jonathan Bondhus
12:00 AM Revision ada8c696: UPnP IGD & PCP: Simplify service wording: and change menu/title to `UPnP IGD & PCP` as newer PCP is supported Self-Hosting-Group
12:00 AM Revision 6c40eb67: Revert "Update text references to UPnP protocols": This reverts commit 429312ff683b5762d0cb6eca69c474121a9dfca1. Self-Hosting-Group

07/04/2024

11:45 PM Bug #12905: Add VLAN Re-assignment to Import Interface Mismatch Wizard: Customer in ticket 2923731480 is inquiring about this improvement due to complications with config portability amongs... Kris Phillips
07:03 PM Bug #15565: System proxy credentials with certain characters may fail to authenticate: patch fixes the issues
tested on:
Version 24.03-RELEASE (amd64)
built on Mon May 13 12:17:00 UTC 2024
FreeBSD 15.... Georgiy Tyutyunnik
05:59 PM Revision 587f690b: Fix config access regressions: Marcos M
04:51 PM Todo #15590: Add input validation for duplicate 1-1 NAT rules: earlier versions (up to 22.05) also don't create duplicate 1-1 NAT rules
seems like pf was operating under the same ... Georgiy Tyutyunnik
03:58 PM Bug #15287: hw.ix.unsupported_sfp=1 parameter for ix driver not working: Customer in ticket 2922636846 is running into this. Kris Phillips
03:42 PM Revision 6fa43ab9: services_unbound.php: fix typo: Add the missing ','. Kristof Provost
12:47 PM pfSense Packages Regression #15469: RRD Graphs height is smaller than expected: Tested against:... Danilo Zrenjanin
11:48 AM pfSense Packages Feature #15600 (Closed): pfBlocker Widget - make the failed downloads windows expandable: Currently on the widget you only get a couple of lines to read the fails, can the failed window be made so a user can... Jon Brown
11:46 AM pfSense Packages Feature #15599 (New): pfBlockerNG widget dates - Change to better format: In the pfblockerNG widget the dates are shown in American format and these are hard to read if you do not live in USA... Jon Brown
01:58 AM pfSense Packages Regression #15158: XMLRPC Timeout won't save if over 150: Still able to replicate this on 24.08.a.20240702.0600 pfBlocker version 3.2.0_13 dylan mendez
12:50 AM pfSense Packages Bug #14406: Squid Proxy version 0.4.46 Missing Error subfolder and files for "en" or "en-usa" and all other languages.: Can we reopen this please Jonathan Lee
12:50 AM pfSense Packages Bug #14406: Squid Proxy version 0.4.46 Missing Error subfolder and files for "en" or "en-usa" and all other languages.: This issue is still present in Squid 6.6
ln -s /usr/local/etc/squid/errors/templates /usr/local/etc/squid/errors/... Jonathan Lee

07/03/2024

04:52 PM pfSense Plus Bug #15499: Manually verifying the boot environment makes config changes: Still seeing this in current snapshots: 24.08.a.20240703.0600 Steve Wheeler
03:58 PM Revision ceb3d750: Introduce `class` tag to field markup in pkg xml spec.: Christian McDonald
03:20 PM Bug #15598 (Resolved): Input validation for duplicate remote gateways does not work when using the duplicate P1 button: Steps to duplicate
1) Create a P1
2) Duplicate the P1 created in Step 1 but change the Interface, keep the same R... dylan mendez
02:56 PM pfSense Plus Bug #15597 (New): Panic during upgrade may leave a ZFS Boot Environment in an unusual state: I had a VM panic mid-upgrade between development snapshots (From mid-may to now) and after the device rebooted, it le... Jim Pingle
11:57 AM pfSense Packages Regression #15596 (Rejected): follow up to closed tailscale issue 14987....: If you need assistance solving a problem, please post on the forum: https://forum.netgate.com/ Jim Pingle
07:46 AM pfSense Packages Regression #15596 (Rejected): follow up to closed tailscale issue 14987....: Hi I have followed the "fix" here.... https://redmine.pfsense.org/issues/14987
this my outbound config ....
!cl... Harry Smith
01:47 AM pfSense Plus Bug #15595 (Resolved): ``pftop`` core dump with ICMP states: Reviewing status outputs for 24.03. I began to notice frequent pftop core dumps (signal 10 and 11). These are display... Craig Coonrad

07/02/2024

10:23 PM Bug #15537 (Resolved): Separator positions are incorrect when copying interface group rules: Marcos M
06:20 PM Bug #15537 (Feedback): Separator positions are incorrect when copying interface group rules: Applied in changeset commit:e0a827cffc54a4cddaab4109a82d2f3418050123. Marcos M
07:58 PM pfSense Packages Bug #15594 (Pull Request Review): ERROR when IP are with " " at the start or end of address: Brilliant pfSense DevTeam!
BUG
---------
*ERROR when IP are with " " at the start or end of IP's address.*
Mess... Sergei Shablovsky
06:10 PM Revision e0a827cf: Handle case difference when shifting rule separators. Fix #15537: Interface groups use the case-sensitive interface description as the
"friendly" name. Since the interface argument is... Marcos M
03:41 PM Revision cb418bda: Fix vertical text alignment on Unbound `Display Custom Options` button: Christian McDonald
01:55 PM Feature #15593: Enable ``@`` support for Azure in Dynamic DNS: Some providers allow that function, others do not, and some providers didn't in the past and do support it now. So un... Jim Pingle
09:14 AM Feature #15593 (Duplicate): Enable ``@`` support for Azure in Dynamic DNS: For apex domains, it is needed to set hostname as @ for Azure DNS zones. The web configurator interface is complainin... Luca Piccirillo
08:54 AM Regression #15592 (New): Sequential ordering of servers used by DNS Forwarder changed in a way that prevents custom options to apply first: Since the change in #12902 the sequence of DNS servers loaded by dnsmasq changed.
Before the change: no-resolv was... Luca Piccirillo

07/01/2024

10:04 PM pfSense Plus Regression #15591 (New): Panic booting the debug kernel with ZFS: When trying to boot the debug kernel in 24.03 with ZFS:... Steve Wheeler
02:54 PM Todo #15590 (Confirmed): Add input validation for duplicate 1-1 NAT rules: I also tested this and saw the same behavior. Generated ruleset has two binat lines with different external addresses... Jim Pingle
02:42 PM Todo #15590 (Confirmed): Add input validation for duplicate 1-1 NAT rules: If two 1-1 NAT rules are present with overlapping external or internal IPs, pf NAT ruleset doesn't load the 2nd rule ... Georgiy Tyutyunnik
01:10 PM Todo #15586 (Resolved): Query for SMART data only on root disk devices: Jim Pingle
01:09 PM Regression #15578 (Resolved): Saving an existing certificate authority creates a duplicate: Jim Pingle
01:02 PM Bug #15588 (Duplicate): The picking of CA in the LDAP config is inconsistent.: Seems to be one we already have an issue open for: #15060 Jim Pingle
06:00 AM Bug #15589: Saving an IPv6 gateway overrides the IPv4 gateway: Forgot to add that after adding the IPv6 gateway, the Default column was suddenly blank for our IPv4 gateway with our... R W
05:57 AM Bug #15589 (Resolved): Saving an IPv6 gateway overrides the IPv4 gateway: When adding IPv6 to our network, we discovered that when you add a Static IPv6 address (coming from None) on the Inte... R W

06/30/2024

04:26 PM Regression #15578: Saving an existing certificate authority creates a duplicate: Patch also removed the duplicate certs previously created.
Seems fixed. dylan mendez
01:53 AM Regression #15578: Saving an existing certificate authority creates a duplicate: Tested this in the latest 24.08 build. No longer able to recreate this issue. Seems Resolved. Kris Phillips
02:44 AM pfSense Packages Feature #15585: Add OpenVPN Option for manually MTU setting: Thanks for considering this. I was researching this after I was testing the VPN to home NAS connection across the Uni... Jonathan Lee
02:02 AM pfSense Packages Feature #15585: Add OpenVPN Option for manually MTU setting: Christopher Cope wrote in #note-4:
> Jonathan Lee wrote in #note-3:
> > So the Users on the forum didn’t need to se... Kris Phillips
02:16 AM pfSense Packages Feature #15393: Return to the ga version of NUT: Thanks Kris. Can you look at #15532 as well please? Thanks! Denny Page
01:56 AM pfSense Packages Feature #15393 (Resolved): Return to the ga version of NUT: Package is now present with 2.8.2 in the repos for 24.08. Marking as Resolved. Kris Phillips
02:08 AM pfSense Plus Bug #15571: Loader.lua errors on VM when smbios.planar.product is not present: Testing this on the same KVM environment, I'm no longer seeing this. It's possible that some other changes to the lo... Kris Phillips
01:59 AM pfSense Plus Bug #14401: Changing from Switchport to Discrete Interface in VGA/Serial Console Breaks Port Status Monitoring: Jordan G wrote in #note-3:
> 7100 on 24.03, reassigning WAN or LAN to ix0/1 from the console appears correctly adjus... Kris Phillips
01:49 AM Todo #15586: Query for SMART data only on root disk devices: Tested on latest 24.08 build. Both the diagnostics page and status widget for SMART only shows ada0 for my tests. C... Kris Phillips

06/29/2024

09:50 PM Bug #14083: Adding MSS and MTU values on a LAGG VLAN interface breaks connectivity: Patch is working as tested on 41/61/7100 hardware Jordan G
09:48 PM Bug #9453: Reconfiguring a parent LAGG interface breaks its VLANs: The patch from https://redmine.pfsense.org/issues/14083 works to prevent the connectivity issues experienced as a res... Jordan G
07:42 PM pfSense Docs Todo #12756: Add information on correct MTU to use with WireGuard: I've seen multiple statements that the Wireguard default MTU is 1420. However I can't find that specified in any WG d... Craig Coonrad
07:24 PM pfSense Plus Bug #15581 (Closed): OpenVPN wizard generates PHP error: Tracked in NG#16837. Marcos M
05:23 AM pfSense Plus Bug #15581: OpenVPN wizard generates PHP error: I can confirm this behavior ... Lev Prokofev
07:21 PM Revision f2f4b7cc: Config access regression in OpenVPN wizard: Marcos M
06:10 PM Bug #15373 (Confirmed): Firewall Logs Dashboard widget update interval does not behave as expected: Tested against:... Danilo Zrenjanin
05:12 PM Bug #15584 (Confirmed): Redacting description at Interfaces=>LAGGs section cause LAGG interface rebuild.: Tested against:
@24.03-RELEASE (amd64)
built on Mon May 13 15:17:00 MSK 2024
FreeBSD 15.0-CURRENT@
Yes, I can c... Danilo Zrenjanin
04:28 PM Bug #15098: Wireguard crashes on boot if PPPoE is the default gateway: I have the same issue, which I think is related to PPPoE.
At the moment, I created a bash script that is running eve... Claudio Scavazza
04:18 PM Bug #15588: The picking of CA in the LDAP config is inconsistent.: Even after restarting PHP and GUI, the behavior was inconsistent, I set the wrong cert (R3), saved, restarted PHP and... Lev Prokofev
01:04 PM Bug #15588: The picking of CA in the LDAP config is inconsistent.: As mentioned in the troubleshooting section, you may need to restart PHP and the GUI for the changes to take effect.
... Christopher Cope
10:03 AM Bug #15588 (Duplicate): The picking of CA in the LDAP config is inconsistent.: It appears that the picking of the CA is inconsistent, I have various CAs, and only one is valid for the communicatio... Lev Prokofev

06/28/2024

10:58 PM Revision 7f34387a: Additional support for repo name in config: Marcos M
02:59 PM pfSense Packages Feature #15585: Add OpenVPN Option for manually MTU setting: Jonathan Lee wrote in #note-3:
> So the Users on the forum didn’t need to set custom settings for OpenVPN configurat... Christopher Cope
05:44 AM pfSense Packages Feature #15585: Add OpenVPN Option for manually MTU setting: So the Users on the forum didn’t need to set custom settings for OpenVPN configuration export system? The way I under... Jonathan Lee
09:46 AM Bug #15110: pfSense hangs when rebooting: #2694043009 The latest test shows _Khelp module "ertt" can't unload until its refcount drops from 5 to 0._
<... Lev Prokofev
12:22 AM Bug #15110: pfSense hangs when rebooting: #2694043009 A 4100 using a Transcend TS128GMTE452T, but doesn't show the same "can't unload" message. This instead lo... Chris W

06/27/2024

11:23 PM pfSense Packages Feature #15585: Add OpenVPN Option for manually MTU setting: Jonathan Lee wrote in #note-1:
> It would be nice to have this as a non custom option a GUI based option for users.
... Christopher Cope
10:54 PM pfSense Packages Feature #15585: Add OpenVPN Option for manually MTU setting: It would be nice to have this as a non custom option a GUI based option for users. Jonathan Lee
10:53 PM pfSense Packages Feature #15585 (New): Add OpenVPN Option for manually MTU setting: Ref:
https://forum.netgate.com/topic/148161/how-to-change-mtu-mssfix-values-for-openvpn-in-pfsense
I started to r... Jonathan Lee
11:15 PM Todo #15586 (Feedback): Query for SMART data only on root disk devices: Applied in changeset commit:37043243eeecd35a0e9a2b7ae64dd1a9aab97ebc. Marcos M
11:06 PM Todo #15586 (Resolved): Query for SMART data only on root disk devices: The drive list for querying SMART data contains "sub-devices". Only "root" devices should be queried.
For example,... Marcos M
11:09 PM Revision 37043243: Query for SMART data only on root disk devices. Fix #15586: Marcos M
07:27 PM Revision 8d784257: Fix vertical text alignment on `Display Advanced` buttons: Christian McDonald
04:17 PM Todo #15583: Add documentation for VPN to WAN leakage issue and recommended solution: Jim, could a link to https://docs.netgate.com/pfsense/en/latest/recipes/rfc1918-egress.html be added to the pages htt... Andrew Almond
12:58 PM Todo #15583 (Rejected): Add documentation for VPN to WAN leakage issue and recommended solution: This already exists: https://docs.netgate.com/pfsense/en/latest/recipes/rfc1918-egress.html Jim Pingle
04:11 PM Feature #15582: Add option to automatically create rules to block VPN networks from existing via WAN interfaces: Jim, thanks for the explanation. Now, I understand the complexity of this issue better.
The simplest improvement w... Andrew Almond
01:06 PM Feature #15582: Add option to automatically create rules to block VPN networks from existing via WAN interfaces: I thought we already had an issue for this open but I'm not seeing one. We've talked about doing this before, but it'... Jim Pingle
09:08 AM Bug #15584 (Confirmed): Redacting description at Interfaces=>LAGGs section cause LAGG interface rebuild.: If you decide to change the description for existed LAGG interface at Interfaces=>LAGGs it will cause the link down/u... Lev Prokofev
06:58 AM Regression #15578: Saving an existing certificate authority creates a duplicate: The patch fixes the issue.
I tested the patch against:
@24.08-DEVELOPMENT (amd64)
built on Tue Jun 25 6:00:00 U... Danilo Zrenjanin

06/26/2024

11:09 PM Revision 417ee25e: Config access regression in wireless interfaces: Marcos M
10:26 PM Revision eafb47d3: Config access regression in interface groups: Marcos M
09:10 PM Feature #15582: Add option to automatically create rules to block VPN networks from existing via WAN interfaces: Ok it's great that it's already documented.
However, I've read the documentation a lot (particularly the VPN setup... Andrew Almond
08:55 PM Feature #15582: Add option to automatically create rules to block VPN networks from existing via WAN interfaces: The issue is documented, as well as the workarounds, in the online documentation: https://docs.netgate.com/pfsense/en... Christopher Cope
08:39 PM Feature #15582 (New): Add option to automatically create rules to block VPN networks from existing via WAN interfaces: It's a known issue that traffic intended for VPN networks can be sent out the WAN interfaces if the VPN tunnel is dow... Andrew Almond
08:43 PM Todo #15583 (Rejected): Add documentation for VPN to WAN leakage issue and recommended solution: https://redmine.pfsense.org/issues/15582
VPN networks can be sent out the WAN interfaces if the VPN tunnel is down... Andrew Almond
08:13 PM Revision e2a6b6b5: Add scrolling when dislaying overflow columns for NTP status: Marcos M
06:51 PM pfSense Packages Bug #15574: Stunnel: Error resolving "r11.o.lencr.org": Address family for nodename not supported (EAI_ADDRFAMILY): Hi, I went through several rounds of testing and I beleive that this is a bug somewhere in pfsense, stunnel.
Curr... A Schnee
05:59 PM pfSense Packages Bug #15457 (Resolved): HAproxy disable zero copy forwarding: Jim Pingle
05:56 PM pfSense Packages Bug #15457: HAproxy disable zero copy forwarding: The forum comments indicate that the new version, 2.9.7, addresses the issue that was raised in this Redmine. We can ... Danilo Zrenjanin
05:33 PM pfSense Plus Bug #15581 (Closed): OpenVPN wizard generates PHP error: The system throws a PHP error after defining an OpenVPN server using the wizard on a stock configuration.
Tested ... Danilo Zrenjanin
05:20 PM Bug #15328: Changes in Kea DHCP interface pools may invalidate lease database content: Applied in changeset commit:f774120b7dbf9811f574c056193d6b45246fa986. Christian McDonald
05:14 PM Bug #15328: Changes in Kea DHCP interface pools may invalidate lease database content: I believe I've got this sorted out now.
Fix will be included in the next build. Christian McDonald
05:14 PM Bug #15328 (Feedback): Changes in Kea DHCP interface pools may invalidate lease database content: Christian McDonald
05:11 PM Revision f774120b: kea: enable lease sanity checks to ensure data consistency. Fix: #15328: Christian McDonald
04:45 PM Regression #15578 (Feedback): Saving an existing certificate authority creates a duplicate: Applied in changeset commit:980546213d010e8c57d750671e41015dbd0a992e. Marcos M
04:31 PM Regression #15578 (In Progress): Saving an existing certificate authority creates a duplicate: Marcos M
12:10 PM Regression #15578 (Confirmed): Saving an existing certificate authority creates a duplicate: Jim Pingle
08:13 AM Regression #15578: Saving an existing certificate authority creates a duplicate: I can confirm this behavior
!clipboard-202406261114-v0r5a.png!
Lev Prokofev
04:35 PM Revision 98054621: Config access regression in CAs. Fix #15578: Marcos M
03:19 PM pfSense Packages Bug #13405: Wireguard: The webgui becomes excessively slow to respond with a large number of peers: Hello,
any updates?
I notice that the culprit is this line:
https://github.com/pfsense/FreeBSD-ports/blob/08d3... Federico Foschini
03:12 PM pfSense Packages Bug #15580 (New): Squidguard ACL order issue: If you edit either Target Categories or Group ACL entries they are put on top of the list after saving the entry.
... Jonathan Lee
12:31 PM pfSense Packages Regression #15540: Cannot create new System Patches package custom entry on Plus 24.08/CE 2.8.0 Snapshots: The fetch button is working properly here as well on the same system where it failed previously, so that issue does a... Jim Pingle
08:08 AM pfSense Packages Regression #15540 (Resolved): Cannot create new System Patches package custom entry on Plus 24.08/CE 2.8.0 Snapshots: Tested against:... Danilo Zrenjanin
01:39 AM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding: Re: comment #38, I requested a before and after `ps -Hauxf` from the user.
Another case came in HS# 2879061611. No... Craig Coonrad

06/25/2024

09:53 PM Feature #15579 (New): Authenticated NTP Improvements: Per discussions in #8794, "PR #4658":https://github.com/pfsense/pfsense/pull/4658, and "this forum discussion":https:... Matthew Ray
09:45 PM Regression #15578 (Resolved): Saving an existing certificate authority creates a duplicate: Steps to reproduce on version 24.08.a.20240624.0600
On version 24.03 this is not a problem.
1) Create two certi... dylan mendez
06:40 PM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding: Okay, so the issue is believed to be associated with an increase in thread count. That's new information. It would be... Kristof Provost
06:08 PM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding: Re: https://redmine.pfsense.org/issues/15196#note-35
User has a script in place that kicks off a reboot when the d... Craig Coonrad
05:42 PM pfSense Docs Todo #15577 (Closed): Implement group tabs: Done for both pfSense and TNSR product manuals.
There were no multiple tab groups on the same page in the main doc... Jim Pingle
05:07 PM pfSense Docs Todo #15577 (Closed): Implement group tabs: Using this as an example:
https://docs.netgate.com/pfsense/en/latest/solutions/netgate-4200/connect-to-console.htm... Chris Linstruth
02:16 PM Bug #15328 (In Progress): Changes in Kea DHCP interface pools may invalidate lease database content: The fix for this will be included in the next significant update to Kea integration, which is still planned for 24.08. Christian McDonald
12:11 PM Bug #15576 (Rejected): FreeRadius3 cannot be installed: Those versions are all older and unsupported, problem reports are only acceptable against the latest releases of pfSe... Jim Pingle
04:45 AM Bug #15576 (Rejected): FreeRadius3 cannot be installed: Hi all,
I have just installed PFSense 2.6.0 on a server and I tried to download and install FreeRadius3 from the A... Vasilis Stefanou

06/24/2024

09:26 PM pfSense Packages Bug #14523 (Resolved): PHP error when using an unsupported alias type in Advanced Rule Settings: Typo is now fixed. Marcos M
08:59 PM Feature #15575 (Resolved): Kea High Availability Support (IPv4 and IPv6): Christian McDonald
07:52 PM pfSense Packages Todo #15281: Upgrade Tailscale to 1.6.0: Matt Keys wrote in #note-6:
> I reported a TS routing issue here 3 months ago: https://redmine.pfsense.org/issues/14... Elvis Impersonator
11:01 AM pfSense Packages Todo #15281: Upgrade Tailscale to 1.6.0: Elvis Impersonator wrote in #note-5:
> So I updated CE 2.7.2 to tailscale 1.68.1
> Seems to be working.
I repo... Matt Keys
07:23 PM pfSense Packages Feature #14453: Expand prefix list entry window: https://forum.netgate.com/topic/188850/gui-frr?_=1719256774819
Is it possible to get this rendered correctly on pf... Mike Moore
02:48 PM pfSense Packages Bug #15574: Stunnel: Error resolving "r11.o.lencr.org": Address family for nodename not supported (EAI_ADDRFAMILY): Thank you for the quick reply.
I opened this bug after doing a full clean install of pfsense 2.7.2 and experienced t... A Schnee
02:10 PM pfSense Packages Bug #15574 (Not a Bug): Stunnel: Error resolving "r11.o.lencr.org": Address family for nodename not supported (EAI_ADDRFAMILY): Seems more like a local cert issue than a bug in stunnel. The usual way to fix such things is to delete the stale CA ... Jim Pingle
02:06 PM pfSense Packages Bug #15574 (Not a Bug): Stunnel: Error resolving "r11.o.lencr.org": Address family for nodename not supported (EAI_ADDRFAMILY): I have an issue with the stunnel package in pfsense 2.7.2. Since my certificate renewed a few days ago, I cannot conn... A Schnee
12:32 PM Feature #15570: More Colors for Seperators in Firewall rules: The current implementation of separators is tied to the default bootstrap colors for info/success/danger/warning so i... Jim Pingle

06/23/2024

08:37 PM Bug #15098: Wireguard crashes on boot if PPPoE is the default gateway: Tested it with a fresh install, sadly it still keeps happening to me, but only after a reboot.
Wireguard will start... Oskar Stroka
10:45 AM pfSense Packages Feature #15573 (New): Enable tmpfs when ramdisk is used.: The Telegraf package config disables tmpfs which prevents the ramdisks /var and /log to be monitored.... Sebastian mzb
08:38 AM Bug #15518: Kea does not send configured TFTP server name: It seems that I experienced the same issue: wiht kea DCHP cannot netboot raspberry pi. Switched back to ISC DHCP for ... A Schnee
08:07 AM Bug #15572 (Rejected): Disabling DNSSEC should also disable Harden DNSSEC Data: Tested on 24.03
After disabling DNSSEC when I tried to change DNS Resolver Advanced Settings (change logging level... Azamat Khakimyanov
03:34 AM pfSense Plus Feature #14387: Offline config mode: Testing on version 24.03 I have not noticed any improvements from last versions when booting up a WAN interface witho... dylan mendez
03:17 AM pfSense Plus Bug #15545: traffic shaper (Limiter) causes kernel panic -> random reboot: Created a Limiter on both 24.03 and 24.08. Unable to recreate any panic. Per Jim's reply, please provide a crash dump. Kris Phillips
03:13 AM Bug #15404: Captive Portal logo fails to load after authenticated redirect: Tested on 24.08 6-21-2024 snapshot. Issue appears to still be present. Kris Phillips
12:49 AM Bug #13687: Cannot add limiters named ``new``: I can replicate this on CE 2.7.2 and 24.03-RELEASE
!clipboard-202406221846-blbfy.png!
dylan mendez
12:16 AM pfSense Packages Bug #14523: PHP error when using an unsupported alias type in Advanced Rule Settings: The patch is working on:... Christopher Cope

06/22/2024

08:12 PM Bug #15534: pfSense’s installer not table to see ZFS-formatted internal drive: latest version of the installer is able to see drives that are part of a ZFS pool, trying to install to them will pre... Jordan G
07:42 PM pfSense Packages Todo #15281: Upgrade Tailscale to 1.6.0: 1.68.1 is available with client security fixes
https://www.freshports.org/security/tailscale
https://pkgs.org/downlo... Elvis Impersonator
07:32 PM pfSense Plus Bug #15421: Netgate 3100 boot loader lacks Lua support but is trying to read loader.conf.lua: Jim Pingle wrote in #note-3:
> Kris Phillips wrote in #note-2:
> > Oddly, I'm getting a similar, but not the same e... Kris Phillips
07:32 PM pfSense Plus Bug #15571 (New): Loader.lua errors on VM when smbios.planar.product is not present: See attached screenshot when booting. It appears the syntax for loader.lua expects this value and errors without it,... Kris Phillips
06:58 PM Feature #15570 (New): More Colors for Seperators in Firewall rules: I wish to have more colors for the separators in the Firewall rules.
I have a very complex structure and a bunch ... Manuel M.
08:52 AM Bug #15551: New Kea DHCP breaks my PXE booting: It could be related to https://redmine.pfsense.org/issues/15518 Lev Prokofev
07:22 AM Feature #13293: Option to set auth-gen-token in OpenVPN GUI: I've just opened a feature request to add details about this feature to our docs.
https://redmine.pfsense.org/issue... Danilo Zrenjanin
07:18 AM pfSense Docs New Content #15569 (New): auth-gen-token: Please add the details below about this feature in the OpenVPN Custom Configuration Options documentation.
https://... Danilo Zrenjanin
05:19 AM pfSense Plus Bug #14531: Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.: This bug also affects SNMP. DCO enabled, Cacti graphs stopped populating. DCO disabled, traffic graphs.
24.03-RELE... Cody Gee

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

07/21/2024

07/20/2024

07/19/2024

07/18/2024

07/17/2024

07/16/2024

07/15/2024

07/14/2024

07/13/2024

07/12/2024

07/11/2024

07/10/2024

07/09/2024

07/08/2024

07/07/2024

07/06/2024

07/05/2024

07/04/2024

07/03/2024

07/02/2024

07/01/2024

06/30/2024

06/29/2024

06/28/2024

06/27/2024

06/26/2024

06/25/2024

06/24/2024

06/23/2024

06/22/2024