Project

General

Profile

Activity

From 09/11/2024 to 10/10/2024

10/10/2024

10:35 PM Revision fad8d3c0: Refactor system_alias_info_popup()
It now supports any alias name. Additionally check for html characters. Marcos M
09:53 PM Feature #15774 (Duplicate): Add user-accessible system aliases
Probably best to use the existing issue for this: #1979 Jim Pingle
09:46 PM Feature #15774 (Duplicate): Add user-accessible system aliases
There are a number of pf table names (aka "system aliases") reserved for system use:
https://github.com/pfsense/pfse... Marcos M
09:20 PM Revision 839ae1c2: Refactor get_alias_list()
It now uses CSVs for multiple types instead of an array. Marcos M
07:34 PM pfSense Packages Bug #15773 (Incomplete): Lightsquid stoped gererating reports after upgrade do pfSense 2.7.2
After upgrading pfSense to version 2.7.2, the Lightsquid package stopped generating daily reports.
The Lightsquid ve... Suporte Suporte
07:22 PM Bug #15723 (Resolved): ``unbound-checkconf`` fails with python mode enabled
patch fixes the issue
tested and reproduced on
24.08-DEVELOPMENT (amd64)
built on Fri Aug 23 8:00:00 CEST 2024
Fr... Georgiy Tyutyunnik
07:08 PM Feature #15562: Add support for OpenID
+1, we are implementing OIDC across the board and pfsense's lack of support is a notable omission. Ross Tajvar
06:50 PM pfSense Packages Bug #15715 (Resolved): Tailscale fails to start
Christian McDonald
06:01 PM pfSense Packages Bug #15715: Tailscale fails to start
reproduced on:
24.08-DEVELOPMENT (amd64)
built on Fri Aug 23 8:00:00 CEST 2024
FreeBSD 15.0-CURRENT
fixed in:
24... Georgiy Tyutyunnik
06:46 PM Bug #15518 (Feedback): Kea does not send configured TFTP server name
Christian McDonald
06:33 PM pfSense Packages Bug #15771: RPKI cannot be configured
Fix committed, new package should be available on Plus when it finishes building.
 Jim Pingle
06:30 PM Bug #15552 (Feedback): NTP option "DNS Resolution" has no effect when using NTP pool hostnames
Applied in changeset commit:26a06fbad188a772f862c830d3918fb5588a2002. Jim Pingle
06:24 PM Revision 26a06fba: Fix NTP DNS resolution option for pools. Fixes #15552
Jim Pingle
06:10 PM Todo #15483 (Feedback): Update Unbound to 1.22.0
Latest snapshots contain @unbound-1.21.1@ Jim Pingle
06:05 PM Bug #14977: Kea fails to restart due to race between process termination and startup
Without some way to reliably reproduce the conditions in which this happens I'm hesitant to blindly commit something ... Jim Pingle
05:59 PM Regression #15094 (Feedback): Updates fail against an authenticated upstream proxy
Has this been tested lately? The relevant commits to fix this have been in our pkg port for a couple months now.
T... Jim Pingle
05:47 PM Bug #15657 (Feedback): State table entries printed on ``diag_dump_states.php`` may contain an unexpected interface
This was merged a couple months ago Jim Pingle
05:26 PM Bug #15081: Upgrade fails due to undersized EFI filesystem
This is still an issue but I'm not sure what, if anything, we could do about it at this stage beyond warning like we ... Jim Pingle
04:51 PM Bug #15083 (Resolved): Installing to ZFS mirror does not format or populate EFI partition on additional disks
Using the latest Netgate installer, a freshly installed mirror contains the appropriate EFI partition contents on bot... Jim Pingle
04:33 PM Bug #15084 (Resolved): Upgrading an EFI system installed to ZFS mirror does not upgrade EFI loader on additional disks
Not seeing that issue from my last comment anymore.
This also appears to be OK in general. I installed an old vers... Jim Pingle
04:23 PM pfSense Packages Bug #13405: Wireguard: The webgui becomes excessively slow to respond with a large number of peers
Thanks for the fix here. This solved my issue. I only have 10 peers and it does take some considerable time to load b... Mike Moore
03:13 PM pfSense Packages Bug #13405: Wireguard: The webgui becomes excessively slow to respond with a large number of peers
I also have a 24.03 pfsense that I tested on and only added 24 peers on and experience the delay. On that test machin... Clayton Dirkschneider
03:10 PM Feature #15651 (Resolved): Kea DNS Resolver (Unbound) Integration (IPv4 and IPv6)
Christian McDonald
03:10 PM Bug #15495 (Closed): Upgrade fails on upstream bectl bug
I haven't heard any reports of this (beyond this one). Christian McDonald
03:08 PM Regression #14410 (Resolved): Behavior of ``earlyshellcmd`` changed, ``ngeth`` interfaces cannot be initiated early enough to pass assignment check
Christian McDonald
02:44 PM Revision 7961830d: Merge pull request #4695 from Self-Hosting-Group/remove-interface
Marcos M
12:29 PM Bug #15772 (Resolved): Captive Portal zones can fail to start due to ID conflict
There seems to be a bug inside services_captiveportal.php which allows, under specific circumstances, the creation of... Paul Kutzer
09:14 AM Bug #15770: Limiter Limits Whole Gateway instead of Single IP
Hello Marius,
Kindly provide detailed information regarding your setup. We require clear, step-by-step instruction... Danilo Zrenjanin
12:00 AM Revision 81ca1f72: UPnP IGD & PCP: Improve descriptions
Self-Hosting-Group

10/09/2024

08:29 PM pfSense Packages Bug #15771: RPKI cannot be configured
The customer that was hitting this issue confirmed that the above patch fixed the issue for him. Christopher Cope
04:36 PM pfSense Packages Bug #15771 (Feedback): RPKI cannot be configured
There are a couple problems here.
Issue #1: The check to see if RPKI is enabled isn't right so it's not defining t... Jim Pingle
01:13 AM Revision f810afab: Merge pull request #4702 from S33G/hotfix/correct-author
Marcos M

10/08/2024

11:04 PM pfSense Packages Feature #9141: FRR xmlrpc
Any updates? Mike Moore
11:03 PM pfSense Packages Bug #15771: RPKI cannot be configured
Confirmed as well.
There are a couple of modules in FRR (pfsense) that arent working
RPKI and AgentX
I think the... Mike Moore
10:37 PM pfSense Packages Bug #15771 (Resolved): RPKI cannot be configured
Customer concerned that enabling/changing RPKI is not working.
When the RPKI configuration is changed, the changes... Chris Linstruth
09:00 PM Revision 3e314680: Improve error message for duplicated aliases
C J
05:14 PM Bug #15750 (Resolved): Hostnames for ISC DHCP leases are not removed from Unbound when switching to Kea
This was solved by removing the reference to the old leases file from unbound.conf.
After switching to Kea from I... Steve Wheeler
03:26 PM Todo #14888: Exclude non-release branches from general update checks
The update check will now only process release branches. Marcos M
03:25 PM pfSense Packages Regression #14850 (Resolved): Unreadable alerts file results in PHP error
Marcos M
02:33 PM Bug #15770 (Incomplete): Limiter Limits Whole Gateway instead of Single IP
When Using an Trafic Limiter in combination with an gateway Group the limiter limits the whole gateway instead of the... Marius Hentschke

10/07/2024

07:33 PM Feature #13422 (Duplicate): Add a 'type' field to the DHCPv6 server Additional BOOTP/DHCP Options
Covered by #15321 Jim Pingle
07:16 PM Bug #15755 (Closed): Mobile IPsec sends incorrect DNS attribute IDs
Looks good on a current snapshot, the config has the right values and the client appears to be receiving and processi... Jim Pingle
06:42 PM pfSense Plus Bug #15769 (New): IPsec DNS gateway changes causes all tunnel restarts
Following issue is troubleshooted and outlined in the forum post
https://forum.netgate.com/topic/190426/frr-seeing... Mike Moore
04:00 PM Todo #15705 (Feedback): Clarify console menu option 0 description
Applied in changeset commit:898df056052d0d793d7eb894ed70ca992972b293. Liam Riley
03:37 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy
Any update on when Zabbix 7.0 packages will be available for 24.03 or 24.08? Andrew Almond
03:36 PM pfSense Packages Bug #15313: Zabbix server 6.4.12 requires Zabbix proxies to be version 6.4.12
Is there any update on whether Zabbix packages >=6.4.13 will be released for 24.03? Andrew Almond
03:26 PM Feature #14483: Conditionally reconfigure IPsec VTI interfaces only when necessary while applying IPsec changes
Adding a new forum post to this as to document a new behavior seen
https://forum.netgate.com/topic/190426/frr-seei... Mike Moore
03:21 PM Revision c48865bc: Improve error message for duplicated aliases
Marcos M
03:16 PM Revision 02b8bbee: Merge pull request #4696 from lriley2020/edit-menu
Marcos M
01:24 AM Regression #15768 (Resolved): OpenVPN Windows Client fails to connect
Version 24.08.a.20240925.0600
1) OpenVPN server in Subnet Mode ... dylan mendez

10/06/2024

09:42 PM Revision 898df056: Clarify console menu option 0 description. Implement #15705
Liam Riley
01:36 PM Bug #15767 (Resolved): Clicking the picture widget image downloads the image with an invalid filename instead of showing it inline
I use the picture widget on the dashboard to show a map of the network, of course the widget is too small so I click ... Manuel Carrera
01:32 PM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound

uh uh uh !!
MUST HAVE THIS FIX !
Please please please provide patch, or a URL for the snapshot mentioned. I w... Michael Damsgaard
09:11 AM Bug #15752: Montly kernel panic
Thank you for the response. There doesn't seem to be a memtest included, so the best option is to use the bootable me... Sebastian Wagner
01:51 AM Bug #15752 (Incomplete): Montly kernel panic
Have you tested the RAM on your appliance to verify this isn't a memory issue? Page faults are typically an issue wi... Kris Phillips
08:24 AM pfSense Packages Bug #15644: Snort Status icon disappears
Tested on 24.03 and Snort 4.1.6_17
I can confirm that. aleksei prokofiev
08:15 AM pfSense Packages Bug #15760: Typo in Snort Important Preproc Information
Tested on 24.03 the same typo
!clipboard-202410061115-tywac.png!
 aleksei prokofiev
03:48 AM Bug #15750: Hostnames for ISC DHCP leases are not removed from Unbound when switching to Kea
after changing to kea, the entries in /var/unbound/dhcpleases_entries.conf are still present
build 24.08.a.2024100... Jordan G
03:19 AM Feature #5080 (Resolved): Settings tab for global Kea DHCP server options

setting tab is added .
24.08-DEVELOPMENT (amd64)
built on Thu Oct 3 19:31:00 PDT 2024
FreeBSD 15.0-CURRENT Alhusein Zawi
02:38 AM pfSense Plus Regression #15494: Reinstall Packages button reports another instance of ``pfSense-upgrade`` is running
still present in build 24.08.a.20241004.0231 Jordan G
01:55 AM pfSense Plus Bug #15566 (Confirmed): Update Intel microcode pacakge
Verified that the outdated microcode package is still present in 24.03. All 24.08 dev snapshots have the updated pac... Kris Phillips
01:52 AM pfSense Plus Bug #15693 (Incomplete): Bug #13423 still present in 24.03-RELEASE version
Marking as Incomplete until we have that information. Kris Phillips
01:46 AM pfSense Plus Bug #15639 (Resolved): Automatic boot verification shows negative timer
No longer seeing this as well when testing. Closing as Resolved. Kris Phillips
01:13 AM Feature #14208: Automatic Split-DNS for 1:1 NAT
Is there anything specific keeping this from being merged? Yehuda Katz

10/05/2024

09:03 PM Bug #15624 (Resolved): Skip Packages option for Configuration Backups fails with large configurations
Not seeing this in... Christopher Cope
08:39 PM Bug #15757 (Confirmed): Incorrect dashboard column spacing when using five columns
I'm also seeing this on... Christopher Cope
05:43 PM Bug #15633: Limiters applied to OpenVPN interface do not apply for download traffic
Tested on 24.03
Some comments about OpenVPN + Limiters:
1. with 'Allow any any' firewall rule on the "OpenVPN" de... Azamat Khakimyanov
03:51 AM Bug #15098: Wireguard crashes on boot if PPPoE is the default gateway
Can confirm that I also have this issue
System :
2.7.2-RELEASE (amd64)
built on Fri Dec 8 15:55:00 EST 2023
FreeBSD... Remi Roy
12:40 AM Bug #15729 (Feedback): Session cookie warnings
Applied in changeset commit:61e5c10b7a3ae5a32db123668ada6fdcc67e7a00. GChuf 6
12:26 AM Revision b0dbe23b: Merge pull request #4700 from GChuf/sameSiteCookiesAttribute
Marcos M

10/04/2024

08:33 PM pfSense Plus Feature #15766 (New): Restore previous queries
I want to request a new feature or an addition to an existing feature.
When one expands the advanced filter accord... Alexander Snyder
07:35 PM Revision 61e5c10b: Add samesite attribute to cookies. Implement #15729
GChuf 6
07:08 PM Bug #1819 (Duplicate): DNS Resolver Not Registering DHCP Server Specified Domain Name
This is implemented as a part of #15651 -- Kea DHCP DNS Registration respects the domain name on DHCP settings as wel... Jim Pingle
06:54 PM Feature #15261 (Not a Bug): comcast DHCP issues
Jim Pingle
06:33 PM Revision 8b32975d: Adjust widget refresh intervals
Now that the refresh interval works as expected, decrease the refresh
frequency to more closely match the previous be... Marcos M
05:40 PM Bug #5413 (Resolved): Reduce disruptions when changing DNS records from DHCP leases in Unbound
This has been working well in snapshots. Records are updated on-the-go, no restarts. Jim Pingle
05:38 PM Feature #15437 (Feedback): Use natural sorting when sorting interfaces
Marcos M
05:09 PM Feature #15437 (Pull Request Review): Use natural sorting when sorting interfaces
Marcos M
05:36 PM Regression #12581: Non Link-Local IPv6 CARP address does not get advertised to endpoints with RADVD
To add one thing I didn't see noted above, you can and should be making a *Link-Local* IPv6 CARP address for these pu... Jim Pingle
05:30 PM Bug #14933 (Feedback): Traffic Graph widget displays bandwidth usage values which are half the actual usage amount
Applied in changeset commit:3ebe5bc73331be9ca9aa9867867257e0942aca6d. Marcos M
05:20 PM Bug #14933 (Waiting on Merge): Traffic Graph widget displays bandwidth usage values which are half the actual usage amount
Marcos M
05:26 PM Feature #5080: Settings tab for global Kea DHCP server options
We did add a settings tab, but it's Kea-specific, so note that in the title so it's more clear in the release notes. Jim Pingle
05:23 PM Revision 3ebe5bc7: Display correct bandwidth usage. Fix #14933
Marcos M
05:06 PM Revision 7455432c: Merge pull request #4683 from FloFaber/improve_alphabetic_interface_sorting
Marcos M
04:55 PM Feature #10000 (Feedback): Enable ``@`` support for Azure in Dynamic DNS
Applied in changeset commit:33626a940a92ba93c6f21c6241603c41a8e07bbd. Marcos M
04:47 PM Feature #10000 (In Progress): Enable ``@`` support for Azure in Dynamic DNS
Marcos M
04:55 PM Feature #14289 (Feedback): Enable ``@`` support for name.com in Dynamic DNS
Applied in changeset commit:60a5fd09e14bf64aca79efd9a27a42164e872c90. Marcos M
04:49 PM Feature #14289 (In Progress): Enable ``@`` support for name.com in Dynamic DNS
Marcos M
04:47 PM Feature #15593 (Duplicate): Enable ``@`` support for Azure in Dynamic DNS
Marcos M
04:46 PM Revision 33626a94: Allow apex records for Azure DDNS. Implement #10000
Marcos M
04:45 PM Revision 60a5fd09: Allow apex records for name.com DDNS. Implement #14289
Marcos M
04:32 PM Revision 88e4113b: Improve code readability for DDNS checks
Marcos M
04:00 PM Bug #15490 (Feedback): Sanitize RFC 2136 Dynamic DNS update keys in ``status.php`` output
Applied in changeset commit:2d9db4c6bfe1e437eb8f074dae79817728533761. Jim Pingle
03:42 PM Revision 2d9db4c6: Sanitize RFC2136 key data in status output. Fixes #15490
Jim Pingle
03:39 PM Todo #15705 (Pull Request Review): Clarify console menu option 0 description
Marcos M
03:35 PM Bug #15725 (Feedback): Dashboard widgets refresh at unintended intervals
Applied in changeset commit:ee615d9d982e94fdb9f5a88207f53990e6e86c1d. GChuf 6
03:35 PM Todo #15728 (Feedback): Improve Thermal Sensors Dashboard widget refresh code
Applied in changeset commit:b0cd23ab5e2d218f2af54739dd483cf21f6e8c5a. GChuf 6
03:35 PM Bug #15373 (Feedback): Firewall Logs Dashboard widget update interval does not behave as expected
Applied in changeset commit:3d89c2dbe73fb081833700c49fec7004b120cd6a. GChuf 6
03:26 PM Revision 8c0b5014: Merge pull request #4699 from GChuf/logWidgetFix
Marcos M
03:25 PM Revision 62f646f3: Merge pull request #4698 from GChuf/thermalSensorWidgetImprovement
Marcos M
03:22 PM Revision 042b7347: Merge pull request #4697 from GChuf/WidgetRefreshRework
Marcos M
02:46 PM Bug #15702 (Resolved): IPv4 DHCP client responses may be routed unexpectedly out unrelated WANs
Seems to be behaving on current snapshots on everything in my lab. It's also in the most recent public snapshot, and ... Jim Pingle
02:44 PM Todo #13508: Uncouple RAM Disk size from available kernel memory
Since the only real affected platform is EOL and this doesn't seem to be a widespread issue, it isn't a priority. If ... Jim Pingle
08:22 AM Revision ee615d9d: Refresh widgets at specified intervals. Fix #15725
GChuf 6
08:00 AM Revision 87d75fe7: Remove old code references in thermal widget
Originally removed in https://redmine.pfsense.org/issues/5369 GChuf 6
08:00 AM Revision b0cd23ab: Improve thermal widget refresh code. Implement #15728
Only replace values instead of entire DOM elements. GChuf 6
07:47 AM Revision 108cb5f2: Display seconds in firewall log widget
GChuf 6
07:46 AM Revision 3d89c2db: Respect user-specified interval for log widget. Fix #15373
GChuf 6

10/03/2024

11:23 PM Regression #15762 (Resolved): Captive Portal concurrent login setting does not work
Fixed in commit:c3939d63ad846097e0111faf75b1dc9a632b9a94. Marcos M
11:17 PM Regression #15762 (Resolved): Captive Portal concurrent login setting does not work
When set to @Last login@, the user is able to have multiple active sessions. Marcos M
11:20 PM Revision c3939d63: Config access regression. Fix #15762
Marcos M
08:36 PM Feature #15761 (New): Tailscale failover

Tailscale does not support fail-over, it would be helpful if it runs automatically on backup server in case primary... Alhusein Zawi
07:43 PM Feature #15321: Kea DHCP Custom Configuration Support (IPv4 and IPv6)
After a lot of experimentation and help from Marcos, I discovered it is important to know if the option is already de... Dale Harron
04:32 PM Todo #15728 (Pull Request Review): Improve Thermal Sensors Dashboard widget refresh code
Marcos M
02:14 PM Bug #15751 (Resolved): Declining to reset the admin account via the console menu still prompts to change the password
Jim Pingle
02:02 PM Bug #15751: Declining to reset the admin account via the console menu still prompts to change the password
reproduced on Sept 28 build, it is fixed in the latest
tested on
24.08-DEVELOPMENT (amd64)
built on Wed Oct 2 16:1... Georgiy Tyutyunnik
01:03 PM Bug #15754: log file size growing despite settings
I understand. Thank you for your effort. Tomas B.
12:54 PM Bug #15754 (Not a Bug): log file size growing despite settings
OK, there does not appear to be a bug in how the settings themselves are handled. Your configuration is broken. Eithe... Jim Pingle
06:46 AM Bug #15754: log file size growing despite settings
Hi
this is what it contains.
!clipboard-202410030846-hynuo.png!
 Tomas B.
07:58 AM pfSense Packages Bug #15758: openVPN client exporting for another user and fails to work with ldap.
Finally, there's one more file that should be changed; /usr/local/pkg/... npr .
03:45 AM Bug #12708: Alias with non-resolving FQDN entry breaks underlying PF table
Hello, just meet this issue again on pfsense CE 2.7.2-RELEASE (amd64) Enoch Lau
01:49 AM pfSense Packages Bug #15760 (Resolved): Typo in Snort Important Preproc Information
Hello,
I am letting you know that there is a typo,
located in the Important Preprocessor Information message.
I ... Matthew Zscherpel

10/02/2024

04:37 PM Bug #15759 (New): CVE-2024-43102 umtx Kernel panic or Use-After-Free
Tracking for this vulnerability:
https://www.freebsd.org/security/advisories/FreeBSD-SA-24:14.umtx.asc
Should be ... Kris Phillips
04:02 PM Revision fb79f9b0: kea: fix service restart shortcut
Christian McDonald
02:50 PM pfSense Packages Bug #15758: openVPN client exporting for another user and fails to work with ldap.
This only solves the display issue: there's still another issue where, in this scenario (both local database and anot... npr .
10:02 AM pfSense Packages Bug #15758 (New): openVPN client exporting for another user and fails to work with ldap.
When a second user database is configured for the VPN, for example ldap, then the client export utility will no longe... npr .

10/01/2024

07:38 PM Revision 32fd7d34: Clarify error log when omitting gateway from ruleset
Marcos M
05:45 PM Bug #15754: log file size growing despite settings
Nothing there looks out of sorts.
Check in @/etc/crontab@ and see if you have a line there for newsyslog. It shoul... Jim Pingle
07:21 AM Bug #15754: log file size growing despite settings
Hello.
Providing the info you asked for:
!clipboard-202410010919-ea5w6.png!
!clipboard-202410010919-hxfwh.png!
!c... Tomas B.
04:42 PM pfSense Packages Regression #14189: pfBlocker-NG: HA-Sync is not working
Per https://forum.netgate.com/topic/179060/pfblockerng-sync-not-working/57, still an issue in 3.2.0_17. Steve Y
01:28 PM Bug #15757 (Confirmed): Incorrect dashboard column spacing when using five columns
Setting the dashboard to use 5 columns incorrectly shows spacing for 6 comlumns though the 6th cannot be used.
For... Steve Wheeler

09/30/2024

11:55 PM Bug #15755 (Feedback): Mobile IPsec sends incorrect DNS attribute IDs
Applied in changeset commit:49890f9591cb1eba17a9317c7db29ad0ab6d06ad. Anonymous
09:14 PM Bug #15755: Mobile IPsec sends incorrect DNS attribute IDs
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1169 Steve Wheeler
09:02 PM Bug #15755 (Closed): Mobile IPsec sends incorrect DNS attribute IDs
The IPsec Mobile additional configuration attributes for DNS domain and Split DNS to pass to clients are generated wi... Steve Wheeler
11:45 PM Revision 49890f95: Correct Mobile IPSec Attribute IDs. Fix #15755
Steve Wheeler
11:43 PM Bug #7420 (Closed): ipsec status freezing
Marcos M
09:52 PM pfSense Packages Bug #15756 (Confirmed): NTOPNG db sits in ramdisk on pfsense, filling it up and crashing pfsense
Environment:
OS name: PFSENSE
OS version: 2.7.2-RELEASE
Architecture: amd64
ntopng version/revision: ntopng Com... cody wasser
07:41 PM Feature #15321: Kea DHCP Custom Configuration Support (IPv4 and IPv6)
I'm providing a patch here to experiment with custom options for DHCP4; no support will be provided for this.
{{colla... Marcos M
02:35 PM Bug #15754: log file size growing despite settings
What version are you seeing this problem on?
I've been trying to replicate it on a lab system but I can't make it ... Jim Pingle
02:31 PM Bug #15754: log file size growing despite settings
Sadly, result was the same again. Tomas B.
01:46 PM Bug #15754: log file size growing despite settings
So the outcome was the same. I will do next round of testing. I will set rotation count manually to 7 in firewall sub... Tomas B.
01:17 PM Bug #15754 (Feedback): log file size growing despite settings
OK, let us know if that started it rotating again. And be sure to check the setting on the Firewall log tab as well t... Jim Pingle
01:05 PM Bug #15754: log file size growing despite settings
OK. So i set the default system settings on 7. I can see it everywhere else. And I restarted logging service. Tomas B.
12:50 PM Bug #15754: log file size growing despite settings
Maybe it's the way your theme or the browser is rendering those settings. There have been cases where the dark theme ... Jim Pingle
12:42 PM Bug #15754: log file size growing despite settings
Hi Jim
without my intervention its there. So it seems that the configuration did not accepted it.
!clipboard-202409... Tomas B.
12:30 PM Bug #15754: log file size growing despite settings
You have "Log Retention Count" set to @0@, which might be the problem. Don't change it on the tab in your screenshot,... Jim Pingle
11:10 AM Bug #15754: log file size growing despite settings
At one point, it was so big it filled the whole SSD and crashed the whole system. Tomas B.
11:08 AM Bug #15754 (Not a Bug): log file size growing despite settings
Hi all
I have a problem with log file for firewall.
Despite these settings, log file keeps growing and growing.
... Tomas B.
02:25 PM Bug #15751 (Feedback): Declining to reset the admin account via the console menu still prompts to change the password
Applied in changeset commit:f66f5022e57722214b33423626bdb3af9b08bf55. Jim Pingle
02:01 PM Bug #15751: Declining to reset the admin account via the console menu still prompts to change the password
Not plus specific.
You can still hit ctrl-c to break out of the password reset until this is corrected.
 Jim Pingle
02:16 PM Revision f66f5022: Fix admin reset password conditions. Fixes #15751
Jim Pingle
01:10 PM Bug #15676: OpenVPN not rendering alises in "IPv4 Local network" setting.
I haven't any space in local networks or inside any alias' definition. You can see that in the config file on my prev... Matteo Capuano
12:40 PM Bug #15753: WAN uptime ppp shows no uptime / ppp-uptime.sh shows - for uptime
Jim Pingle wrote in #note-2:
> What version are you running where you're seeing that behavior?
pfSense Plus
24.... Manuel M.
12:22 PM Bug #15753: WAN uptime ppp shows no uptime / ppp-uptime.sh shows - for uptime
What version are you running where you're seeing that behavior? Jim Pingle
07:49 AM Bug #15753: WAN uptime ppp shows no uptime / ppp-uptime.sh shows - for uptime
After the PPP connection is re-established, it shows the time accurately. I think the necessary entries in the log fi... Manuel M.
07:45 AM Bug #15753 (New): WAN uptime ppp shows no uptime / ppp-uptime.sh shows - for uptime
The WAN uptime on the dashboard shows '-'. The ppp-uptime.sh script shows '-42087' for uptime. I believe this happens... Manuel M.

09/29/2024

10:26 AM Bug #15752 (Duplicate): Montly kernel panic
In a regular interval, every month, we experience a kernel panic. As the appliance is connected via a USB console cab... Sebastian Wagner
12:58 AM Bug #15624: Skip Packages option for Configuration Backups fails with large configurations
unable to reproduce the above issue in 24.08.a.20240928.0054 Jordan G
12:46 AM Bug #15676: OpenVPN not rendering alises in "IPv4 Local network" setting.
I'm seeing this on 24.03 only the config doesn't populate the alias when a space precedes the entry used in local net... Jordan G

09/28/2024

07:07 PM Bug #15751 (Confirmed): Declining to reset the admin account via the console menu still prompts to change the password
I can confirm the same behavior. It is likely related to the code changes requiring a non-default password. Christopher Cope
05:33 PM Bug #15751 (Resolved): Declining to reset the admin account via the console menu still prompts to change the password
When it asks @Proceed?@ and you press @n@, it proceeds anyway.
I see this on the Sept 28 dev build and 24.03, but ... Chris W

09/27/2024

09:44 PM pfSense Plus Bug #15741: Firewall Logs reporting high volume of rule (@0) entries on OpenVPN interface
If rules are being added via an external service, it may be from there as well. Check the anchor rules by running @pf... Marcos M
09:02 PM Revision b1360be3: Clean up diffs
Marcos M
08:06 PM Revision d16bf0a3: dhcp: ensure $pconfig is never null or not an array
Christian McDonald
08:03 PM Bug #15750 (Feedback): Hostnames for ISC DHCP leases are not removed from Unbound when switching to Kea
Christian McDonald
02:47 PM Bug #15750 (Resolved): Hostnames for ISC DHCP leases are not removed from Unbound when switching to Kea
When switching to Kea from ISC and dhcp lease registration is enabled the existing lease file (/var/unbound/dhcplease... Steve Wheeler
06:55 PM Revision 14486826: rc.bootup: support deferred package installation scripts
Christian McDonald
03:59 PM pfSense Packages Bug #15749: BGP advertising all routes and ignoring networks statements.
This is actually an issue with how FRR is presenting the announcements of routes.
It is showing that i am sending 19 ... Mike Moore
03:16 PM pfSense Docs New Content #15748 (Closed): Packet Flow Data
The redirects for pflow pages are already defined in the repository, but the redirects aren't getting updated on the ... Jim Pingle
12:39 PM pfSense Plus Bug #15740: NAT uses unknown IP address
There was a recent IP address change on the PPPoE interface to 78.131.44.xx, but the state was again kept using the p... David G
07:54 AM Bug #15676: OpenVPN not rendering alises in "IPv4 Local network" setting.
Hi, were you able to reproduce this issue? Matteo Capuano
03:18 AM pfSense Packages Feature #9833: ACME: add ability to use custom ACME server
+1 more Keith Swalin

09/26/2024

11:49 PM pfSense Packages Bug #15749 (Not a Bug): BGP advertising all routes and ignoring networks statements.
BGP is advertising ALL routes and does not respect the 'network x.x.x.x' statement within the configuration.
How thi... Mike Moore
08:35 PM pfSense Docs New Content #15748 (Closed): Packet Flow Data

Firewall> Packet Flow Data does not have a help link.
Alhusein Zawi
08:07 PM Revision 1c978a25: kea: filter self-signed certs from TLS options
Christian McDonald
07:54 PM Revision 6a610786: Print motd-passwd when it exists
Renato Botelho
07:54 PM Revision 9974d8f7: Add package hooks plugin_xmlrpc_send plugin_xmlrpc_recv, and plugin_xmlrpc_post_recv
Reid Linnemann
07:54 PM Revision 4061910c: Repeat optimization made for product_name
Renato Botelho
07:54 PM Revision 1f024511: Save the product name on /etc/product_name at /etc/rc.banner.
This way we do not need to run PHP again on rc.initial to read the product name.
This file is only written if /etc i... Luiz Souza
07:39 PM pfSense Plus Bug #15741: Firewall Logs reporting high volume of rule (@0) entries on OpenVPN interface
Today, I did make changes to a OVPN client and there are a great amount of entries with @4 now.
I did find the lis... Jeff Kuehl
06:44 PM Revision 3f872bd0: ip_range_to_address_array() 32-bit ARM fix. Issue NG #5445
(cherry picked from commit a6ee0ff91086ba153cfd485dc8fb6d72f918d78b)
(cherry picked from commit 0f5485a49ed4da33bf48f... Viktor Gurov
06:26 PM Revision 2b0dd320: Identify Azure more accurately.
Gen2 smbios info is indistinguishable between Azure and Hyper-V Jim Pingle
06:00 PM Revision 119b5342: Initialize the PHP settings a little bit earlier so PHP is ready for pfSense-upgrade.
Fixes #13726 in more detail (and for 22.05.1). Luiz Souza
06:00 PM Revision bb49910f: ddb.conf: fix script length issue
We need to re-arrange things a little to avoid the maximum script length of
128 bytes.
While here also re-order the ... Kristof Provost
05:51 PM Feature #13468 (Duplicate): FW-rule-groups, would be very, very helpfull
Duplicate of #1937 Jim Pingle
05:51 PM Feature #15747 (Duplicate): Ability to use rule tags to organize rules into groups
Duplicate of #1937 Jim Pingle
05:30 PM Feature #15747 (Duplicate): Ability to use rule tags to organize rules into groups
There is no native rule group grouping functionality so the rules are organized and displayed as a single one-dimensi... Mike Moore
05:25 PM pfSense Plus Bug #15712 (Duplicate): Experimental ethernet rules, order broken when adding rule on other interface tab
IIRC that's expected (as it gets "unbroken"). I'll close this out for now as a duplicate. Feel free to report back if... Marcos M
04:56 PM pfSense Plus Bug #15712: Experimental ethernet rules, order broken when adding rule on other interface tab
Right after the update, the order got messed up a bit again, but currently I cannot reproduce it. Vladimir Suhhanov
04:54 PM Revision 3fc66fe7: Don't unnecessarily remove the config cache
Removing the cache is no longer necessary; the behavior remains the
same without removing the config cache. Marcos M

09/25/2024

11:43 PM pfSense Plus Bug #15740: NAT uses unknown IP address
Can you provide a status output of your firewall here?
https://nc.netgate.com/nextcloud/s/qpLyFbyx2cwokH8
https:/... dylan mendez
09:04 PM Revision d2898b25: Add safety check for alias ID
Marcos M
08:55 PM pfSense Plus Regression #15742 (Not a Bug): Cannot add alias with name "Test"
Aliases and assigned interfaces, including groups, use pf tables for the filter ruleset. As the error message implies... Marcos M
08:32 PM pfSense Plus Bug #15741: Firewall Logs reporting high volume of rule (@0) entries on OpenVPN interface
It may not be the description, but the rule number. You can cross-reference the rule and state with @pfctl -vvss@ and... Marcos M
07:39 PM pfSense Plus Bug #15741: Firewall Logs reporting high volume of rule (@0) entries on OpenVPN interface
I’ll check the rules.debug file for (@) but that’s the only ID / number each line gives me. I don’t think I explicitl... Jeff Kuehl
07:16 PM pfSense Plus Bug #15741 (Incomplete): Firewall Logs reporting high volume of rule (@0) entries on OpenVPN interface
The exact rule can be found using the rule identifier and/or rule number on the state, or checking the generated rule... Marcos M
07:07 PM pfSense Plus Bug #15712: Experimental ethernet rules, order broken when adding rule on other interface tab
A new 24.08 snapshot is available. Please test there if you are able to reproduce this issue. Marcos M
06:36 PM pfSense Packages Bug #15744: Suricata LOGS MGMT feature shows ``enabled`` by default on a green-field install when it should instead default to ``disabled``
https://github.com/pfsense/FreeBSD-ports/commit/97083dc3e251c6663afc9ffc02218f7dc2dde6d6 Marcos M
06:35 PM pfSense Packages Bug #15744 (Feedback): Suricata LOGS MGMT feature shows ``enabled`` by default on a green-field install when it should instead default to ``disabled``
Marcos M
06:31 PM pfSense Docs Todo #12756 (Closed): Add information on correct MTU to use with WireGuard
Info added to docs: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/bb768f6155ab4351d7e124c9225b6915b9029217 Jim Pingle
06:09 PM pfSense Docs Correction #15128 (Closed): Note that a WireGuard peer must have "Dynamic" unset to see Endpoint options
There were a couple other instances where this wasn't noted in other WG recipes. Now they all mention unchecked Dynam... Jim Pingle
05:58 PM pfSense Docs Todo #15553 (Duplicate): Feedback on pfSense® software Configuration Recipes — WireGuard Site-to-Site VPN Configuration Example
Duplicate of #12756 Jim Pingle
05:50 PM pfSense Docs Correction #15445 (Duplicate): Possible mistake in "WireGuard Site-to-Multisite VPN Configuration Example"
This was fixed in #15515 which is a duplicate of this one. Jim Pingle
03:41 PM Bug #14434: PPPoE WAN interface with VIPs causes continuous interface restarting
Steve Wheeler wrote in #note-8:
> This appears to be fixed in 24.03. At least in my test setup. Can anyone who was s... Jon Gerdes
03:15 PM pfSense Docs Todo #14298 (Closed): Add documentation for vendor-class-identifier
Closing this for now, it can be reopened if/when the feature is actually implemented. Jim Pingle
03:13 PM pfSense Docs New Content #14239 (Closed): Feedback on Packages — Nut package
Added, thanks!
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/f49555c871f053cf5922d98fbc6423b1a20a68f8 Jim Pingle
03:00 PM pfSense Docs New Content #15475 (Rejected): Connect to console index page on ddocs
This is already well covered in the docs, both ways.
From the net installer doc it mentions connecting to the consol... Jim Pingle
02:56 PM pfSense Docs Todo #15521 (Closed): Add alert to use single quotes as escape characters when decrypting config.xml using OpenSSL on command line
Added warning:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/10b61dff0c11786dc2924694fad4ce6c5a0d5409 Jim Pingle
02:40 PM pfSense Docs New Content #12237 (Duplicate): Add information on ``ifqmaxlen`` to Hardware Tuning and Troubleshooting
#10311 is already a docs ticket so now this is a duplicate. Jim Pingle
02:10 PM pfSense Docs New Content #12804 (Closed): Add documentation for Slack notifications
These were added a while ago. Jim Pingle
02:09 PM pfSense Docs New Content #12402 (Rejected): Add recipe for configuring Telegram to receive notifications from pfSense software
Jim Pingle
02:04 PM pfSense Docs Todo #13108 (Rejected): ZFS filesystem implications
It's been a couple years and this hasn't really been an issue. If people start hitting it regularly we can work it in... Jim Pingle
02:03 PM pfSense Docs Todo #14455 (Closed): Clarify console prompt step during firmware installation
This was covered by the changes for the new installer. Jim Pingle
01:43 PM pfSense Docs Todo #15660 (Closed): Update Bandwidth usage section
Updated darkstat capabilities and also fixed its menu location which was wrong in two places.
https://gitlab.netga... Jim Pingle
01:35 PM pfSense Docs Correction #15672 (Closed): Design Considerations - Design Style
Fixed, thanks!
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/9be96a5918809cf6fa9e1795c198025fac05cdea Jim Pingle
01:27 PM pfSense Docs Correction #15721 (Closed): Feedback on System Monitoring — Monitoring Bandwidth Usage
Fixed, thanks!
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/f836872d7978e42c7d1c8ec340f03d41b25c8be6 Jim Pingle
03:47 AM Revision 81057112: Add check for empty interface
Callers may call get_real_interface() with an empty interface;
bail early if so. Marcos M

09/24/2024

07:22 PM Bug #15746 (New): IPv6 is not deprecated on PPPoE Periodic Reset
Hi,
corresponding forum post: https://forum.netgate.com/topic/190058/ipv6-addresses-not-deprecated-on-pppoe-periodic... anon user
05:57 PM pfSense Packages Bug #15744 (In Progress): Suricata LOGS MGMT feature shows ``enabled`` by default on a green-field install when it should instead default to ``disabled``
Marcos M
03:25 PM Feature #15745 (New): Add User Manager Setting to control Remote Authentication fallback behavior
Currently pfSense software ensures an administrator always maintains access to the installation by treating any remot... Jim Pingle

09/23/2024

06:15 PM Bug #15702 (Feedback): IPv4 DHCP client responses may be routed unexpectedly out unrelated WANs
Applied in changeset commit:a039ec6ad853ef1673cc986127542a51d884f5a0. Jim Pingle
06:11 PM Bug #15702: IPv4 DHCP client responses may be routed unexpectedly out unrelated WANs
All indications are that the latest revision of the workaround is operating OK in lab testing, both internally and fr... Jim Pingle
06:08 PM Revision a039ec6a: Tighten DHCP client rules. Fixes #15702
Jim Pingle
03:53 PM Bug #15722 (Resolved): Unbound configuration file contains Localhost address in forwarding mode with TLS enabled
Marcos M
02:26 PM pfSense Packages Bug #15744 (Resolved): Suricata LOGS MGMT feature shows ``enabled`` by default on a green-field install when it should instead default to ``disabled``
There is a PHP code logic error when testing the value of the "enable_log_mgmt" config parameter in the Suricata pack... Bill Meeks

09/22/2024

08:40 PM Bug #15711: Special characters in the ACB configuration change description can cause PHP errors
Device being tested previously made backup in ACB with illegal character in the description, now in 24.08.a.20240920.... Jordan G
05:58 PM Bug #15722: Unbound configuration file contains Localhost address in forwarding mode with TLS enabled
in 24.08.a.20240920.1508 with forwarding and TLS enabled in services>dns resolver and resolution set to use local, fa... Jordan G
04:55 PM pfSense Plus Regression #15742: Cannot add alias with name "Test"
seeing the same as Danilo just when clicking +add on the firewall>alias page
tested on 24.08.a.20240920.1508 Jordan G

09/21/2024

06:40 PM Bug #15665: Download Limit Issue
The described behavior may happen if the interface where the limiters are applied has a default gateway (e.g., an Ope... Danilo Zrenjanin
05:05 PM Feature #14483: Conditionally reconfigure IPsec VTI interfaces only when necessary while applying IPsec changes
Tested on the 24.08-DEVELOPMENT (built on Mon Sep 16)
Tested OSPF between 2 peers when each of these peers has Mul... Azamat Khakimyanov
02:23 PM pfSense Plus Regression #15742 (Confirmed): Cannot add alias with name "Test"
I could create an Alias with the name test. But a lot of warrning logs appeared in the syslog file. ... Danilo Zrenjanin
01:57 AM pfSense Plus Regression #15742 (Not a Bug): Cannot add alias with name "Test"
The following input errors were detected:
Sorry, an interface group with this name already exists.
There ... dylan mendez
12:36 AM pfSense Plus Bug #15740: NAT uses unknown IP address
Hi Dylan
They are not bridged, but separate interfaces.
192.168.0.1/24 - igb1
10.10.3.254/24 - VLAN 3 on igb1
... David G
12:31 AM pfSense Plus Bug #15740: NAT uses unknown IP address
We need more information.
Are these two networks bridged? 192.168.0.0/24 and 10.10.3.0/24?
 dylan mendez

09/20/2024

11:14 PM Revision e4d661f7: Avoid config access with unknown userid
Marcos M
10:32 PM pfSense Plus Bug #15741 (Incomplete): Firewall Logs reporting high volume of rule (@0) entries on OpenVPN interface
I found I am receiving numerous of these "(@0)" listings on any OpenVpn tunnel, which seems to be every piece of traf... Jeff Kuehl
10:14 PM pfSense Plus Bug #15740 (Not a Bug): NAT uses unknown IP address
The SIP phone, communicating through pfSense, stops working from time to time.
Checking the state table it shows t... David G
09:21 PM Bug #15739: User manager /Radius Auth/Local DB used after Access-Reject
Hi again Jim,
Unfortunately,what is described in this behaviour is in security terms called an horizontal privileg... Eric Nguyen
08:08 PM Bug #15739: User manager /Radius Auth/Local DB used after Access-Reject
Then the docs can be amended to reflect the actual, intended behavior.
 Jim Pingle
08:07 PM Bug #15739: User manager /Radius Auth/Local DB used after Access-Reject
Intented is:
"If the RADIUS or LDAP server is unreachable , the authentication will fall back to Local Database ev... Eric Nguyen
08:04 PM Bug #15739: User manager /Radius Auth/Local DB used after Access-Reject
It's not a security issue, it is intended behavior. Jim Pingle
07:57 PM Bug #15739: User manager /Radius Auth/Local DB used after Access-Reject
So I will take it with netgate security. Please can you delete this ticket?
Thanks,
Eric Eric Nguyen
07:03 PM Bug #15739: User manager /Radius Auth/Local DB used after Access-Reject
No, I read it correctly. That is the expected behavior. You cannot reliably determine the difference between a broken... Jim Pingle
06:51 PM Bug #15739: User manager /Radius Auth/Local DB used after Access-Reject
Hello Jim,
You have have misread the ticket the Radius server is is fully functional....
What happens is you logi... Eric Nguyen
01:41 PM Bug #15739 (Not a Bug): User manager /Radius Auth/Local DB used after Access-Reject
That is by design to prevent a non-functional auth server from locking an admin out of the firewall locally. Jim Pingle
01:38 PM Bug #15739 (Not a Bug): User manager /Radius Auth/Local DB used after Access-Reject
The user manager is set to use RADIUS for Authentication. There is UserA local with password 123 and UserA in Radius ... Eric Nguyen
03:33 PM Revision 9f9a9100: Handle empty variable
Callers of these functions may send null variabes; bail early if so. Marcos M
12:28 PM Bug #15738 (Rejected): xml parsing: whitespace causes errors.
*Overview*
Modifying the insignificant whitespace in config.xml can lead to an error that may brick a pfSense fire... npr .

09/19/2024

11:09 PM pfSense Plus Bug #15737: Xen NICs Don't Properly Report Speed
pfSense does not appear to pick up any link speed/capabilities from the xn NIC.
ifconfig:... Craig Coonrad
10:50 PM pfSense Plus Bug #15737 (New): Xen NICs Don't Properly Report Speed
When using xn Xen interfaces in pfSense Plus, the speed will always be reported in SNMP as 10 Megabit, regardless of ... Kris Phillips
09:46 PM pfSense Docs Todo #15736 (New): Feedback on pfSense® software Configuration Recipes — IPsec Remote Access VPN Example Using IKEv2 with EAP-RADIUS
Authenticating against Microsoft NPS server may fail if NTLMv1 has been disabled, which is a common security best pra... Andrew Almond
09:06 PM Bug #15735: Kea fails to give out leases after changing DHCP scope
It's still almost certainly a duplicate, unless you can reproduce it on 24.08 snapshots. Jim Pingle
09:05 PM Bug #15735 (Duplicate): Kea fails to give out leases after changing DHCP scope
Duplicate of #15328 which is already fixed in 24.08 Jim Pingle
08:57 PM Bug #15735 (Duplicate): Kea fails to give out leases after changing DHCP scope
Netgate 4100 running 24.03
Kea DHCP on LAN interface with subnet 192.168.1.0/24
DHCP range was reduced from 192.168... Andrew Almond
03:43 PM Bug #15734 (New): Syslog priority levels shouldn't default to ERR
Too much syslog output from pfSense is emitted as priority ERR when it's not. I believe this is due the the presence,... Nic Bernstein
12:38 PM Bug #15665: Download Limit Issue
I couldn't reproduce this behavior either.
Please disable any floating rules, if applicable, and then test again.... Danilo Zrenjanin
02:47 AM Bug #15732: miniupnpd stops responding after a few minutes
Steve Wheeler wrote in #note-3:
> Not able to replicate that. Do you have more details to reproduce?
>
> pfSense ... Chris F

09/18/2024

11:31 PM Bug #15732: miniupnpd stops responding after a few minutes
Not able to replicate that. Do you have more details to reproduce?
pfSense version and upnp config at least.
A foru... Steve Wheeler
10:56 PM Bug #15732: miniupnpd stops responding after a few minutes
Jim Pingle wrote in #note-1:
> That looks more like a configuration issue (e.g. firewall rules not passing the traff... Chris F
01:05 PM Bug #15732 (Rejected): miniupnpd stops responding after a few minutes
That looks more like a configuration issue (e.g. firewall rules not passing the traffic), and not a bug in the servic... Jim Pingle
03:13 PM pfSense Plus Bug #14531: Traffic Graph widget doesn't show traffic counts for OpenVPN interfaces since 23.05.1 upgrade.
The issue persists in the 24.03
The traffic graph widget doesn't show traffic counts for the OpenVPN interface whe... Danilo Zrenjanin
02:44 PM pfSense Packages Bug #15733 (Resolved): Changing the account key name does not update respective certificates
*Package:*
acme 0.8_1
*Problem:*
Renaming an account key name (as seen in the tab "Account keys"), does not corr... Guy van der Werf

09/17/2024

09:49 PM Bug #15732 (Rejected): miniupnpd stops responding after a few minutes
After restarting the UPnP service, I can type the following from my workstation `upnpc -r 1234 TCP` and I get the res... Chris F
07:58 PM pfSense Packages Regression #15731 (Confirmed): HAProxy widget shows age and ID in hex
The HAProxy dashboard widget incorrectly shows connected client age and ID in hexadecimal:
!Screenshot%20from%202024... Steve Wheeler
07:07 PM pfSense Packages Bug #13405: Wireguard: The webgui becomes excessively slow to respond with a large number of peers
I can confirm that this is happening on 2.7.0 as well. We have over 900 peers and adding a new peer is painfully slow... Clayton Dirkschneider
10:17 AM pfSense Packages Bug #15730 (New): DNSBL custom_list not working
The DNSBL -> DNSBL Group -> DNSBL Custom_List part is not working. I added some test domains it's not really blocking... Manuel M.
09:17 AM pfSense Packages Bug #14711: pfBlocker ASN to IP Address option doesn't work
Dear,
please i hope find you well and am facing same issue for ASN error not cature the ips
can you help me ?
... mohamed safwat

09/16/2024

08:57 PM Bug #15729 (Resolved): Session cookie warnings
PR: https://github.com/pfsense/pfsense/pull/4700
Firefox outputs warnings in the console about the cookies not hav... GChuf 6
08:37 PM Bug #15373: Firewall Logs Dashboard widget update interval does not behave as expected
I was also able to reproduce the problem.
From what I can tell you're reading the code correctly Jim ...
I think th... GChuf 6
06:28 PM Feature #15651: Kea DNS Resolver (Unbound) Integration (IPv4 and IPv6)
I can restart Unbound and still resolve DHCP clients on a standalone system or HA primary, so that part looks good.
... Jim Pingle
05:29 PM Bug #15702: IPv4 DHCP client responses may be routed unexpectedly out unrelated WANs
Updated description + diff based on further testing. Jim Pingle
02:25 PM pfSense Docs Todo #15727 (Closed): Typo in BGP docs - BGP Tab configuration
Fixed, thanks! Jim Pingle
10:25 AM pfSense Packages Bug #15720: Zabbix Proxy only allows selecting RSA certificates
I found out the same thing; The following diff to /usr/local/pkg/zabbix-proxy.inc should fix things; ... npr .

09/15/2024

11:58 PM Bug #14977: Kea fails to restart due to race between process termination and startup
This issue has impacted me on numerous occasions, only when the service is killed in an unclean fashion.
I also ca... Zachary Cohen
02:09 PM Todo #15728 (Resolved): Improve Thermal Sensors Dashboard widget refresh code
Thermal sensor refresh logic is flawed, resulting in "building" of html and initial variables every time the widget r... GChuf 6
02:12 AM pfSense Plus Bug #15639: Automatic boot verification shows negative timer
haven't seen any boot verification messages, still good in 24.08.a.20240913.1746 Jordan G
02:12 AM Bug #15404: Captive Portal logo fails to load after authenticated redirect
Tested this as well. Seems resolved. Kris Phillips
01:25 AM pfSense Docs Todo #15727 (Closed): Typo in BGP docs - BGP Tab configuration
https://docs.netgate.com/pfsense/en/latest/packages/frr/bgp/config-bgp.html#network-distribution
There is a typo i... Marcelo Cury
12:18 AM pfSense Packages Bug #15726 (Resolved): Apcupsd dashboard widget warning/critical values are not digits or units as expected
Attempting to change the warning and critical thresholds for load, temp, charge and battery age in the Apcupsd widget... Jordan G

09/14/2024

10:57 PM Bug #15725: Dashboard widgets refresh at unintended intervals
I've also tested what happens if only 1 widget is active on the master branch - in my case the system informartion ("... GChuf 6
10:47 PM Bug #15725 (Resolved): Dashboard widgets refresh at unintended intervals
Here's the PR:
https://github.com/pfsense/pfsense/pull/4697
Current problem:
the widget system does not work as ... GChuf 6
10:49 PM Feature #13520: Improve Thermal Sensors Dashboard widget readability
Thank you - I've created another PR for the widget refresh, and I'll put optimizations in yet another PR.
You can cl... GChuf 6
09:20 PM Bug #15633: Limiters applied to OpenVPN interface do not apply for download traffic
@Azamat
Why close the bug report when you recon that limiters don't work at all on assigned vpn interfaces? And your... Phil Wardt
08:27 PM Bug #15633 (Resolved): Limiters applied to OpenVPN interface do not apply for download traffic
Tested on 24.03 and on 24.08-DEVELOPMENT (built on Fri Sep 13 17:46:00 UTC 2024)
IN and OUT Limiters work correctl... Azamat Khakimyanov

09/13/2024

08:45 PM Feature #15651: Kea DNS Resolver (Unbound) Integration (IPv4 and IPv6)
> * -Lease entries synchronized from HA primary to secondary are not added to Unbound on secondary-
> * -Lease entri... Christian McDonald
07:03 PM Bug #15679 (Needs Patch): Multicast with intel NIC
Marcos M
04:39 PM Bug #15679: Multicast with intel NIC
I am also hitting the same issue and it is pretty brutal for me with pfsense crashing.
pfsense plus 24.03 Emre K
06:49 PM Revision d46c8560: Fix input validation for gateway
Marcos M

09/12/2024

09:33 PM Feature #15724 (Rejected): allow .local
The @.local@ TLD is reserved for mDNS, it shouldn't be used in regular DNS. Unbound doesn't do anything special with it. Jim Pingle
09:10 PM Feature #15724 (Rejected): allow .local

pfsense is not resolving names if the domain was .local .
adding feature to allow .local will help if there was ... Alhusein Zawi
08:08 PM Bug #15723 (Feedback): ``unbound-checkconf`` fails with python mode enabled
Fixed in commit:d3c309afe8c0680a632bd1c1c4115234548a3d56. Marcos M
07:38 PM Bug #15723 (Resolved): ``unbound-checkconf`` fails with python mode enabled
With unbound python mode enabled, the config check always fails:... Marcos M
08:00 PM Revision d3c309af: Set the working directory before checking unbound config. Fix #15723
Marcos M
06:25 PM Bug #15722 (Feedback): Unbound configuration file contains Localhost address in forwarding mode with TLS enabled
Applied in changeset commit:aaa7cb6da6c75ee2ea6a0daebcc3cb72e81f9ede. Marcos M
06:18 PM Bug #15722 (In Progress): Unbound configuration file contains Localhost address in forwarding mode with TLS enabled
Marcos M
06:18 PM Bug #15722 (Resolved): Unbound configuration file contains Localhost address in forwarding mode with TLS enabled
Enabling forwarding mode and TLS in DNS Resolver results in the following:... Marcos M
06:19 PM Revision aaa7cb6d: Improve localhost DNS checks. Fix #15722
Marcos M
05:21 PM pfSense Docs Correction #15721 (Closed): Feedback on System Monitoring — Monitoring Bandwidth Usage
*Page:* https://docs.netgate.com/pfsense/en/latest/monitoring/graphs/bandwidth-usage.html
*Feedback:* For Bandwidt... Craig Leres
05:18 PM Bug #15719 (Resolved): GUI logout messages do not use the ``auth`` log facility
Marcos M
05:01 PM Bug #15719: GUI logout messages do not use the ``auth`` log facility
Tested commit:609a1e17657273c6d09c8795398be4b39df8d361.
Success. Logout messages sent to auth facility for local and... Craig Coonrad
04:40 PM Bug #15719: GUI logout messages do not use the ``auth`` log facility
Fixed in commit:609a1e17657273c6d09c8795398be4b39df8d361. Marcos M
04:39 PM Bug #15719 (Feedback): GUI logout messages do not use the ``auth`` log facility
Marcos M
04:07 PM Bug #15719 (In Progress): GUI logout messages do not use the ``auth`` log facility
Marcos M
04:38 PM Revision 609a1e17: Include GUI logout in auth log. Fix #15719
User logouts do not need to be as loud as user logins. Include
them in the auth log but make them quiet for the console. Marcos M
04:27 PM Feature #13520: Improve Thermal Sensors Dashboard widget readability
I agree it's slow. My only advice is to keep the commits focused; the more detail/explanation about why a change is m... Marcos M
02:07 PM Feature #13520: Improve Thermal Sensors Dashboard widget readability
First of all thank you for looking at the PR and your commits. I agree with all the changes you've made to my commits... GChuf 6
03:50 PM pfSense Docs Todo #15342 (Closed): Document differences due to password security changes
Jim Pingle
12:41 PM pfSense Packages Bug #15720: Zabbix Proxy only allows selecting RSA certificates
The package code appears to limit selection to RSA certificate types only, so it wouldn't allow selecting ECDSA certi... Jim Pingle
11:41 AM pfSense Packages Bug #15720 (New): Zabbix Proxy only allows selecting RSA certificates
Depending on currently unknown details, some certificates, while present on the pfSense host, are not selectable for ... npr .

09/11/2024

06:51 PM Revision b3b1f351: Allow adding package menus with different sections
A package may have multiple menus with the same name but
different sections. Marcos M
06:49 PM Bug #15719: GUI logout messages do not use the ``auth`` log facility
Additional info. This applies to local logging as well.
multiple login/logouts. Only login appears in auth.log
... Craig Coonrad
05:15 PM Bug #15719 (Resolved): GUI logout messages do not use the ``auth`` log facility
Version: 24.03-RELEASE
Platform tested: 2100,4100,QEMU
Login (messages come in correctly on the auth facility)
... Craig Coonrad
09:40 AM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy
Any update? Arvid Johansson
 

Also available in: Atom