Project

General

Profile

Activity

From 09/25/2024 to 10/24/2024

10/24/2024

09:28 PM pfSense Docs Todo #15796 (New): Feeback on Client Routing and Gateway Considerations
https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/client-routing.html
Outbound NAT is not listed as an option w... Andrew Almond
09:17 PM pfSense Docs Correction #15678: Update IPsec documentation
I've also learned this the hard way - it's especially disruptive when changing the Mobile IPsec tunnel and everyone g... Andrew Almond
07:27 PM Revision 25a0f534: Decrease the number of config requests when deleting filter rules
Marcos M
05:52 PM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding
The customer agreed to test the newer version of the driver. I created a version for 24.03 specifically for them to d... Mateusz Guzik
05:45 PM Bug #12056 (Pull Request Review): Filterlog says "Unknown Option %u"
It does look like a bug. For reference:
https://github.com/pfsense/FreeBSD-ports/pull/1229 Marcos M
05:31 PM Bug #12056: Filterlog says "Unknown Option %u"
Mhm, you really think this is a feature request and not a bug? Florian Apolloner
03:37 PM Revision dcc4d84d: Only import the Netgate Installer settings when trigger_initial_wizard is set.
Remove the references to 'trigger_virt_setup' since it is not used on CE. Luiz Souza
11:22 AM pfSense Packages Bug #15744 (Resolved): Suricata LOGS MGMT feature shows ``enabled`` by default on a green-field install when it should instead default to ``disabled``
latest suricata version (7.0.7_4) has this fix implemented
tested on
24.11-ALPHA (amd64)
built on Fri Oct 18 8:00:... Georgiy Tyutyunnik

10/23/2024

10:44 PM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding
T2.medium is 2C haswell/broadwell and non-ENA
T3.medium is 2C skylake/canyon lake but has ENA
both get 24 CPU credit... Jim Thompson
06:40 PM Regression #15768 (Resolved): OpenVPN Windows Client fails to connect
Fixed with commit:f57bd4ddb0110f5be5486fe00a8336398270e67d. Marcos M
06:27 PM Revision f57bd4dd: Fix OpenVPN CSO options upgrade
Previous config versions set these options in the config but only
considered them enabled if their value is 'yes'. Th... Marcos M
05:17 PM Bug #15601 (Feedback): Routes with IPv6 Address as Next Hop for IPv4 Destination Causes Kernel Panic
Jim Pingle
05:00 PM Bug #15601: Routes with IPv6 Address as Next Hop for IPv4 Destination Causes Kernel Panic
The customer was shipped with 2 kernels. First added some debug and another added a workaround for the suspected issu... Mateusz Guzik
01:43 AM Bug #15795 (Resolved): Removing a route from the High Availability primary node does not remove the entry from the routing table on the secondary node
Version: 24.03-RELEASE
Platform: PVE, 6100
Example:
Primary (netstat -nr)... Craig Coonrad
12:46 AM Bug #15353: Crashes Every ~8-12 Hours in New 2.7.2 Install with Unbound, Suricata, and pfBlockerNG
I wanted to update and say we see a similar issue with a router locking up randomly. Weirdly, it is mainly affecting ... Steven Brown

10/22/2024

11:36 PM pfSense Packages Bug #13214 (Resolved): AttributeError: 'NoneType' object has no attribute 'text'
Marcos M
11:33 PM pfSense Packages Feature #13063 (Resolved): Improve modem support
Marcos M
08:36 PM Todo #15780: Speed up MBUF Usage command in system information widget
Updated the code.
More info on github. GChuf 6
07:16 PM Feature #15221: Make System Tunables table sortable
Created a PR here:
https://github.com/pfsense/pfsense/pull/4709 GChuf 6
05:01 PM Todo #15779 (Resolved): Update Dynamic DNS API URL for porkbun.com
Marcos M
04:04 AM Todo #15779: Update Dynamic DNS API URL for porkbun.com
Emanuel Persson wrote:
> Got a email today from Porkbun regarding their URL change for API from "porkbun.com" to "ap... Nita Vesa
04:57 PM Revision 4bd35ebb: Merge pull request #4708 from WereCatf/porkbun_update
Marcos M
04:47 PM pfSense Packages Bug #13811 (Closed): Youtube content getting filtered on Squid when none is Selected
Marcos M
02:19 PM pfSense Packages Bug #13811: Youtube content getting filtered on Squid when none is Selected
@Marcos M
This was merged in https://github.com/pfsense/FreeBSD-ports/commit/bd93b039663782e42721656ed50653086e611... Jonathan Lee
06:55 AM pfSense Packages Bug #13811: Youtube content getting filtered on Squid when none is Selected
Can close this as this is now resolved in https://github.com/pfsense/FreeBSD-ports/commit/bd93b039663782e42721656ed50... Maharsh Patel
02:16 PM pfSense Packages Bug #15381: Update deprecated options
https://redmine.pfsense.org/issues/13811
@Maharsh Patel
I think you mean this one. Jonathan Lee
06:56 AM pfSense Packages Bug #15381: Update deprecated options
Can you also close this issue as well this is now no longer valid: https://redmine.pfsense.org/issues/15381 Maharsh Patel
01:46 PM Feature #2479: Allow reordering of the traffic graphs on the dashboard
Mike Moore wrote in #note-4:
> 12 years open for this ticket?!?
PRs accepted Christian McDonald
01:20 PM Feature #2479: Allow reordering of the traffic graphs on the dashboard
12 years open for this ticket?!? Mike Moore
12:06 PM Feature #2479: Allow reordering of the traffic graphs on the dashboard
I will add myself to the list too. Jürgen Echter
12:58 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy
Any estimate on when this will be available? We use the proxy on several units, and I really need to get these upgrad... Justin w
08:52 AM Bug #15757: Incorrect dashboard column spacing when using five columns
Issue is due to code in index.php:... GChuf 6
03:30 AM Revision b4258a0d: DynDNS: change Porkbun to use api.porkbun.com instead of porkbun.com
Changes the dynDNS provider 'Porkbun' to use the domain `api.porkbun.com`
instead of `porkbun.com` as accessing the A... Nita Vesa

10/21/2024

10:52 PM pfSense Packages Bug #15381: Update deprecated options
Thanks for looking at this, and the YouTube issue. Jonathan Lee
10:27 PM pfSense Packages Bug #15381 (Closed): Update deprecated options
I've merged the above comments into one to help with readability.
The proposed changes from the posted PRs are sim... Marcos M
07:39 PM Todo #15781 (Resolved): Remove deprecated HTTP/1.0 Pragma header
Marcos M
07:30 PM Revision 4045b7ab: Merge pull request #4704 from GChuf/removePragmaHeader
Marcos M
07:23 PM Bug #15729 (Resolved): Session cookie warnings
The treegrid cookies for the Disk and ZFS widgets have been removed. With the widget-specific cookies removed, treegr... Marcos M
07:08 PM Revision 03186e6d: Merge pull request #4705 from GChuf/disksCookies
Marcos M
05:19 PM Feature #15794 (New): RFC 3527 option for DHCP Relay
Certain DHCP server relay scenarios can benefit from using RFC 3527 behavior for the gateway IP address in a relayed ... Jim Pingle
03:23 PM pfSense Plus Bug #15262: Captive Portal Has High CPU Interrupts With Large Number of Users
Any Update ? Aytek A.

10/20/2024

10:14 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy
Andrew Almond wrote:
> Zabbix 7.0 has been released. https://www.zabbix.com/rn/rn7.0.0
>
> This might be a good oppo... Wesley Sena
01:33 AM Bug #15752: Montly kernel panic
Sebastian Wagner wrote in #note-2:
> Thank you for the response. There doesn't seem to be a memtest included, so the... Jordan G
01:17 AM pfSense Plus Bug #14401: Changing from Switchport to Discrete Interface in VGA/Serial Console Breaks Port Status Monitoring
Kris Phillips wrote in #note-4:
>
> Jordan,
>
> Did you test moving from a switchport with a switchport number ... Jordan G

10/19/2024

08:11 PM Bug #15725 (Resolved): Dashboard widgets refresh at unintended intervals
Tested on... Christopher Cope
07:56 PM Bug #15373 (Resolved): Firewall Logs Dashboard widget update interval does not behave as expected
Tested on... Christopher Cope
02:38 AM Bug #15732: miniupnpd stops responding after a few minutes
It's been over a month and there is absolutely no response from the netgate or superuser community on this, probably ... Chris F

10/18/2024

11:43 PM Bug #15791: No default route after boot
Fixed with commit:d34e5ee278dfed1f0cd85b5c6d09562352989bab Marcos M
11:43 PM Bug #15791 (Resolved): No default route after boot
Marcos M
03:51 PM Bug #15791 (Resolved): No default route after boot
Some systems / configurations can end up with no default route after boot-up is complete.
Most systems that hit th... Steve Wheeler
10:47 PM Revision 6bf58d65: Fix PHP error when saving PPP settings without an interfaces selected
Marcos M
10:22 PM pfSense Docs Todo #15792: Feedback on pfSense® software Configuration Recipes — Accessing a CPE/Modem from Inside the Firewall
In my example vmx0 is the parent NIC for the PPPoE connection and you can see I have also been able to assign vmx0 as... Steve Wheeler
10:09 PM pfSense Docs Todo #15792: Feedback on pfSense® software Configuration Recipes — Accessing a CPE/Modem from Inside the Firewall
Hi Steve -- Does vtnet0 show up under "Available network ports:"?
Please see my system:
!clipboard-202410181808... Christopher Moriarty
10:05 PM pfSense Docs Todo #15792 (Not a Bug): Feedback on pfSense® software Configuration Recipes — Accessing a CPE/Modem from Inside the Firewall
I can't replicate that on any version. I'm able to assign the parent interface separately without errors in every cas... Steve Wheeler
07:44 PM pfSense Docs Todo #15792 (Not a Bug): Feedback on pfSense® software Configuration Recipes — Accessing a CPE/Modem from Inside the Firewall
*Page:* https://docs.netgate.com/pfsense/en/latest/recipes/modem-access.html#configure-a-new-interface
*Feedback... Christopher Moriarty
07:33 PM Bug #15657 (Resolved): State table entries printed on ``diag_dump_states.php`` may contain an unexpected interface
Georgiy Tyutyunnik
07:32 PM Bug #15657: State table entries printed on ``diag_dump_states.php`` may contain an unexpected interface
tested, reproduced on
24.03-RELEASE (amd64)
built on Wed Aug 21 17:32:00 CEST 2024
FreeBSD 15.0-CURRENT
curren... Georgiy Tyutyunnik
06:24 PM pfSense Packages Bug #15771 (Resolved): RPKI cannot be configured
Marcos M
05:01 PM Bug #14933 (Resolved): Traffic Graph widget displays bandwidth usage values which are half the actual usage amount
fix works in
24.11-ALPHA (amd64)
built on Fri Oct 18 8:00:00 CEST 2024
FreeBSD 15.0-CURRENT Georgiy Tyutyunnik
04:30 PM Bug #15565 (Resolved): System proxy credentials with certain characters may fail to authenticate
fixed, tested in
24.11-ALPHA (amd64)
built on Fri Oct 18 8:00:00 CEST 2024
FreeBSD 15.0-CURRENT Georgiy Tyutyunnik
04:23 PM Revision d34e5ee2: Configure routes after DHCP WAN during boot. Fix #15791
Marcos M
02:18 PM Revision be54a703: pfSense-Installer: Import the network settings from the Netgate Installer.
Read a JSON file with the Netgate Installer settings on the first boot and set
up the LAN and WAN.
Ticket: #13129 Luiz Souza
12:32 PM Todo #15483 (Resolved): Update Unbound to 1.22.0
Latest snapshots contain unbound-1.21.1 - confirmed Georgiy Tyutyunnik
11:56 AM Bug #15789 (Not a Bug): Adding IPv4 hostnames using the DNS Forwarder catches A record requests to the host's FQDN but not AAAA record requests
That is not a bug, it's a configurable behavior. It depends on the value of the system domain local zone type.
See... Jim Pingle
03:01 AM Bug #15789 (Not a Bug): Adding IPv4 hostnames using the DNS Forwarder catches A record requests to the host's FQDN but not AAAA record requests
I have an IPv4-only VLAN that is adding hostnames to DNS using the features available under the DNS Forwarder tab.
... Nathan Ladwig
06:35 AM Bug #15518 (Resolved): Kea does not send configured TFTP server name
The issue appears to be fixed in 24.11. I successfully boot devices using legacy and EFI PXE. I marked it as resolved... Lev Prokofev

10/17/2024

07:30 PM pfSense Packages Todo #15788: add drop-internet-community support
According to official instructions, you need to add the drop-internet-community parameter to filter the bgp community yon Liu
07:29 PM pfSense Packages Todo #15788 (New): add drop-internet-community support

根据官方的指示需要添加 drop-internet-community 参数进行过滤bgp community
bgp community-list standard drop-internet-community seq ... yon Liu
07:24 PM pfSense Packages Bug #15749: BGP advertising all routes and ignoring networks statements.

There is an option no bgp network import-check. When you do not add this option parameter, it will check the local ... yon Liu
07:16 PM pfSense Packages Bug #15771: RPKI cannot be configured
Does it need to add service startup options, because in Linux system it needs to be added in daemons file ?
bgpd_o... yon Liu
07:12 PM Todo #15787 (New): Add ECC certificates support
https://letsencrypt.org/
https://letsencrypt.org/certificates/
It fully supports ECC certificates. I got an ECC c... yon Liu
12:43 PM Bug #15786 (Duplicate): Kea DHCP - Failed to initialize Kea server - Failed to convert string to address
Duplicate of #14991 Jim Pingle
12:38 PM Bug #15786 (Duplicate): Kea DHCP - Failed to initialize Kea server - Failed to convert string to address
System|Advanced|Networking:
When you switch from ISC DHCP to Kea DHCP, the configuration is migrated. Unfortunately,... Willy Tenner
06:00 AM pfSense Packages Todo #15785 (New): upgrade to frr10
FreeBSD has released the frr 10 major version update, please follow up and upgrade to the latest version.
https://... yon Liu

10/16/2024

06:38 PM Todo #15782 (Resolved): Use minified nvd3 vendor files
Marcos M
06:25 PM Todo #15782 (Feedback): Use minified nvd3 vendor files
Applied in changeset commit:94fa4e28e1c7b97469748930c6ea2a47d7cf9cdd. Marcos M
06:12 PM Revision 94fa4e28: Use minified nvd3 vendor files. Implement #15782
Marcos M
06:12 PM Revision fda3be28: Add minified nvd3 vendor files
Marcos M
05:25 PM Todo #14190 (Duplicate): Update nvd3 (web ui dependency) to 1.8.6
Marcos M
11:38 AM pfSense Packages Feature #15498: Add speedtest-cli to packages
Although i understand the reason to reject the request, i do think there is no need to be more Catholic then the Pope... Leon Straathof
10:30 AM Feature #11302: WireGuard XMLRPC sync
We are also very interested in adding synchronisation of tunnels and peers settings, as doing it manually is not comf... Vitalii Moisieiev

10/15/2024

06:44 PM Revision b8f18410: Remove unnecessary config_init_path() calls
Marcos M
06:36 PM Revision 4440238c: Reduce config fetches when displaying filter logs
Marcos M
04:55 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy
Arvid Johansson wrote in #note-2:
> Any update?
Any Update? Pablo Fernando Schutz
12:56 PM pfSense Plus Bug #15783 (Rejected): NTP server broken
I cannot reproduce any problem with the NTP client on 24.03 with a default install. It is properly synchronizing with... Jim Pingle
11:23 AM pfSense Plus Bug #15783 (Rejected): NTP server broken
System Netgate 1100
Serial: NTG2309000948
Netgate Device ID: de164b1be6d099b1117e
BIOS Vendor: U-Boot
Version: 20... Terje Rosenlund
11:50 AM Feature #15784 (New): Poor contrast between enabled and disabled firewall rules
!{width: 640px;}.clipboard-202410151242-5immj.png!
h1. The Issue
As you can see in the image I have some rules ... Jon Brown
11:45 AM Bug #15708: The filterdns service won't start
I've reproduced this locally, and got this error message:
> filterdns: could not start host thread for www744.sigs... Kristof Provost
11:39 AM Bug #14977: Kea fails to restart due to race between process termination and startup
I switched back to ISC on my systems affected by this issue.
 robi robi
08:20 AM Feature #8173: dhcp6c - RAW Options
Hello,
I confirm some ISP actually require to send specific raw options to be able to get an IPv6. 4 solutions to re... eeee cccc

10/14/2024

09:12 PM Todo #15782: Use minified nvd3 vendor files
Additionally - the minified files now produce a "source map error" in the browser console:... GChuf 6
08:57 PM Todo #15782: Use minified nvd3 vendor files
This issue can be closed now as v1.8.6 is already included: https://redmine.pfsense.org/issues/14190 GChuf 6
08:44 PM Todo #15782 (Resolved): Use minified nvd3 vendor files
PR: https://github.com/pfsense/pfsense/pull/4707
Creating another issue as suggested.
I wasn't sure if the PR/iss... GChuf 6
07:42 PM Revision 35c1ebd0: Also show system aliases when listing all aliases
Marcos M
07:39 PM Revision 80cf7a33: Improve system alias descriptions
Marcos M
07:16 PM pfSense Plus Regression #15424: Image label file is incorrect.
Moving this ahead but since the installer image is decoupled from pfSense releases this isn't necessarily tied to a g... Jim Pingle
07:11 PM pfSense Plus Regression #15424: Image label file is incorrect.
This is still incorrect in current 24.11 images. There both memstick images show with the file named:... Steve Wheeler
06:17 PM Revision cbf54e55: Silence alias errors with ruleset generation while booting
Dynamically-configured system aliases can be set up late in the boot
process. Silence related alerts during ruleset g... Marcos M
03:18 PM Feature #1979 (Resolved): Allow user-defined rules to utilize built-in system aliases
Jim Pingle
03:16 PM Todo #13537: Update vendor files
It might be something to look at in the future, but it would have to be pulled in directly from an upstream source an... Jim Pingle
03:13 PM Todo #15781 (Pull Request Review): Remove deprecated HTTP/1.0 Pragma header
Jim Pingle
03:11 PM Todo #15780: Speed up MBUF Usage command in system information widget
See my comments on the PR for an alternate method since the one used isn't viable as-is. Jim Pingle
02:55 PM Bug #15778 (Feedback): Interface group members are not validated on load/save on ``interfaces_groups_edit.php``, and are printed without encoding on ``interfaces_groups.php``
Applied in changeset commit:9a843098cf3f28c27c3e615c4c788c84bd29df6f. Jim Pingle
02:43 PM Bug #15778 (Confirmed): Interface group members are not validated on load/save on ``interfaces_groups_edit.php``, and are printed without encoding on ``interfaces_groups.php``
In the future, please submit security concerns privately via the process documented at https://www.netgate.com/securi... Jim Pingle
02:44 PM Revision 9a843098: Interface group member validation/encoding. Fixes #15778
Jim Pingle
11:51 AM Bug #12199: ipsec pre-shared keys are stored in cleartext
Hi Jim. Is there a chance to hide passwords from the Pre-shared keys page (/vpn_ipsec_keys.php)? I'd suggest to add c... Alex Kolesnik

10/13/2024

03:57 PM Feature #1979: Allow user-defined rules to utilize built-in system aliases
This looks good on the latest build.
!clipboard-202410130957-wlooi.png!
 dylan mendez
10:10 AM Bug #15767: Clicking the picture widget image downloads the image with an invalid filename instead of showing it inline
I should also add that I have the "System Patches" package and applied all recommended system patches, I have no othe... Manuel Carrera
09:59 AM Bug #15767: Clicking the picture widget image downloads the image with an invalid filename instead of showing it inline
dylan mendez wrote in #note-1:
> What browser are you using? What pfSense version? I'm unable to replicate on 24.03 ... Manuel Carrera
12:54 AM Todo #15705 (Resolved): Clarify console menu option 0 description
Looks good on... Christopher Cope

10/12/2024

11:59 PM Bug #15767: Clicking the picture widget image downloads the image with an invalid filename instead of showing it inline
What browser are you using? What pfSense version? I'm unable to replicate on 24.03 Chrome and Firefox dylan mendez
09:31 PM Feature #1979: Allow user-defined rules to utilize built-in system aliases
That issue along with some others from other feedback has been fixed for the next build. Marcos M
06:22 PM Feature #1979: Allow user-defined rules to utilize built-in system aliases
Tested against:... Danilo Zrenjanin
09:14 PM Feature #15437: Use natural sorting when sorting interfaces
after enabling "Sort Alphabetically"
LAN
VLAN1
VLAN12
VLAN120
VLAN24
VlAN240
WAN
24.11-ALPHA (amd64)
bui... Alhusein Zawi
09:14 PM Revision bd00203a: Fix rule generation and display for system aliases
This is a followup to 52e512c0555d9f5a91732907e524364358d3f70c
- Update system alias comments and descriptions.
- Imp... Marcos M
08:57 PM Bug #15729: Session cookie warnings
disks.widget.php has some additional cookie code that is causing the warning.
Since the cookies seem to be handled i... GChuf 6
02:06 PM Bug #15729 (Confirmed): Session cookie warnings
Tested on... Christopher Cope
08:54 PM Revision ec0d9221: Remove additional cookie config from disks.widget.php
GChuf 6
08:35 PM Todo #13537: Update vendor files
Would you consider replacing nv.d3.js file with a minified version?
Currently, on my dashboard, this is the biggest ... GChuf 6
08:26 PM Revision 45777c10: Remove deprecated pragma header. Implement #15781
This removes adding pragma header which is now deprecated. Cache control is used instead. GChuf 6
08:24 PM Todo #15781 (Resolved): Remove deprecated HTTP/1.0 Pragma header
PR: https://github.com/pfsense/pfsense/pull/4704
This removes deprecated "Pragma" header. "Cache control" is used ... GChuf 6
08:17 PM Todo #15780 (Pull Request Review): Speed up MBUF Usage command in system information widget
PR: https://github.com/pfsense/pfsense/pull/4703
Possibly linked to: https://redmine.pfsense.org/issues/6614
... GChuf 6
06:44 PM Todo #15779 (Resolved): Update Dynamic DNS API URL for porkbun.com
Got a email today from Porkbun regarding their URL change for API from "porkbun.com" to "api.porkbun.com". Deadline 2... Emanuel Persson
05:24 PM Bug #15708: The filterdns service won't start
Was able to recreate this with a customer. Was working fine on 23.09.1, but once they upgraded to 24.03 they were no... Kris Phillips
06:42 AM Bug #15778 (Closed): Interface group members are not validated on load/save on ``interfaces_groups_edit.php``, and are printed without encoding on ``interfaces_groups.php``
When submitting interface group members on @interfaces_groups_edit.php@ the member list is not validated before it is... zhao mouren

10/11/2024

07:06 PM Bug #15777 (Resolved): ``resizewin`` occasionally gets fed a spurious line feed over certain serial console+client combinations
This issue is for tracking purposes only so it gets an entry in the release notes. It was on the internal Redmine as ... Jim Pingle
06:54 PM Revision 3fd54641: Reserved table names are lower-case
Update related comments while there. Marcos M
06:51 PM pfSense Packages Bug #15773: Lightsquid stoped gererating reports after upgrade do pfSense 2.7.2
After I realized the problem and tried several recovery methods, the system started working again the next day, but i... Suporte Suporte
05:19 PM Revision 294957aa: Bump config version
Marcos M
05:19 PM Revision 7f75451f: Introduce function to detect and resolve conflicting aliase names
Marcos M
04:10 PM Feature #1979: Allow user-defined rules to utilize built-in system aliases
I moved the additional new system alias definition part to a new issue: #15776 Jim Pingle
03:40 PM Feature #1979: Allow user-defined rules to utilize built-in system aliases
The current system aliases such as @bogons@ can now be used in the GUI. Additional ones (such as the given examples) ... Marcos M
07:10 AM Feature #1979 (Feedback): Allow user-defined rules to utilize built-in system aliases
Applied in changeset commit:52e512c0555d9f5a91732907e524364358d3f70c. Marcos M
04:07 PM Feature #15776 (Resolved): System Aliases for various reserved networks
#1979 added a System Aliases facility users can utilize to make rules with the built-in system aliases, and it would ... Jim Pingle
03:27 PM pfSense Packages Feature #15548 (In Progress): Add packages for Zabbix 7.0 Agent and Proxy
Christian McDonald
02:31 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy
Can anyone give some insights on why it takes more than half a year to get a new zabbix version in PFSense?
When I ta... Maurice Detmers
12:58 PM pfSense Packages Bug #15775 (New): Freeradius + LDAP authentification conditions
Probably I missed this part in the GUI, however, it looks like it was really not implemented.
If you going to authe... Lev Prokofev
07:02 AM Revision 52e512c0: Expose system aliases to the GUI. Implement #1979
Marcos M
12:06 AM Bug #15772 (Confirmed): Captive Portal zones can fail to start due to ID conflict
I am able to reproduce this on... Christopher Cope

10/10/2024

10:35 PM Revision fad8d3c0: Refactor system_alias_info_popup()
It now supports any alias name. Additionally check for html characters. Marcos M
09:53 PM Feature #15774 (Duplicate): Add user-accessible system aliases
Probably best to use the existing issue for this: #1979 Jim Pingle
09:46 PM Feature #15774 (Duplicate): Add user-accessible system aliases
There are a number of pf table names (aka "system aliases") reserved for system use:
https://github.com/pfsense/pfse... Marcos M
09:20 PM Revision 839ae1c2: Refactor get_alias_list()
It now uses CSVs for multiple types instead of an array. Marcos M
07:34 PM pfSense Packages Bug #15773 (Incomplete): Lightsquid stoped gererating reports after upgrade do pfSense 2.7.2
After upgrading pfSense to version 2.7.2, the Lightsquid package stopped generating daily reports.
The Lightsquid ve... Suporte Suporte
07:22 PM Bug #15723 (Resolved): ``unbound-checkconf`` fails with python mode enabled
patch fixes the issue
tested and reproduced on
24.08-DEVELOPMENT (amd64)
built on Fri Aug 23 8:00:00 CEST 2024
Fr... Georgiy Tyutyunnik
07:08 PM Feature #15562: Add support for OpenID
+1, we are implementing OIDC across the board and pfsense's lack of support is a notable omission. Ross Tajvar
06:50 PM pfSense Packages Bug #15715 (Resolved): Tailscale fails to start
Christian McDonald
06:01 PM pfSense Packages Bug #15715: Tailscale fails to start
reproduced on:
24.08-DEVELOPMENT (amd64)
built on Fri Aug 23 8:00:00 CEST 2024
FreeBSD 15.0-CURRENT
fixed in:
24... Georgiy Tyutyunnik
06:46 PM Bug #15518 (Feedback): Kea does not send configured TFTP server name
Christian McDonald
06:33 PM pfSense Packages Bug #15771: RPKI cannot be configured
Fix committed, new package should be available on Plus when it finishes building.
 Jim Pingle
06:30 PM Bug #15552 (Feedback): NTP option "DNS Resolution" has no effect when using NTP pool hostnames
Applied in changeset commit:26a06fbad188a772f862c830d3918fb5588a2002. Jim Pingle
06:24 PM Revision 26a06fba: Fix NTP DNS resolution option for pools. Fixes #15552
Jim Pingle
06:10 PM Todo #15483 (Feedback): Update Unbound to 1.22.0
Latest snapshots contain @unbound-1.21.1@ Jim Pingle
06:05 PM Bug #14977: Kea fails to restart due to race between process termination and startup
Without some way to reliably reproduce the conditions in which this happens I'm hesitant to blindly commit something ... Jim Pingle
05:59 PM Regression #15094 (Feedback): Updates fail against an authenticated upstream proxy
Has this been tested lately? The relevant commits to fix this have been in our pkg port for a couple months now.
T... Jim Pingle
05:47 PM Bug #15657 (Feedback): State table entries printed on ``diag_dump_states.php`` may contain an unexpected interface
This was merged a couple months ago Jim Pingle
05:26 PM Bug #15081: Upgrade fails due to undersized EFI filesystem
This is still an issue but I'm not sure what, if anything, we could do about it at this stage beyond warning like we ... Jim Pingle
04:51 PM Bug #15083 (Resolved): Installing to ZFS mirror does not format or populate EFI partition on additional disks
Using the latest Netgate installer, a freshly installed mirror contains the appropriate EFI partition contents on bot... Jim Pingle
04:33 PM Bug #15084 (Resolved): Upgrading an EFI system installed to ZFS mirror does not upgrade EFI loader on additional disks
Not seeing that issue from my last comment anymore.
This also appears to be OK in general. I installed an old vers... Jim Pingle
04:23 PM pfSense Packages Bug #13405: Wireguard: The webgui becomes excessively slow to respond with a large number of peers
Thanks for the fix here. This solved my issue. I only have 10 peers and it does take some considerable time to load b... Mike Moore
03:13 PM pfSense Packages Bug #13405: Wireguard: The webgui becomes excessively slow to respond with a large number of peers
I also have a 24.03 pfsense that I tested on and only added 24 peers on and experience the delay. On that test machin... Clayton Dirkschneider
03:10 PM Feature #15651 (Resolved): Kea DNS Resolver (Unbound) Integration (IPv4 and IPv6)
Christian McDonald
03:10 PM Bug #15495 (Closed): Upgrade fails on upstream bectl bug
I haven't heard any reports of this (beyond this one). Christian McDonald
03:08 PM Regression #14410 (Resolved): Behavior of ``earlyshellcmd`` changed, ``ngeth`` interfaces cannot be initiated early enough to pass assignment check
Christian McDonald
02:44 PM Revision 7961830d: Merge pull request #4695 from Self-Hosting-Group/remove-interface
Marcos M
12:29 PM Bug #15772 (Resolved): Captive Portal zones can fail to start due to ID conflict
There seems to be a bug inside services_captiveportal.php which allows, under specific circumstances, the creation of... Paul Kutzer
09:14 AM Bug #15770: Limiter Limits Whole Gateway instead of Single IP
Hello Marius,
Kindly provide detailed information regarding your setup. We require clear, step-by-step instruction... Danilo Zrenjanin
12:00 AM Revision 81ca1f72: UPnP IGD & PCP: Improve descriptions
Self-Hosting-Group

10/09/2024

08:29 PM pfSense Packages Bug #15771: RPKI cannot be configured
The customer that was hitting this issue confirmed that the above patch fixed the issue for him. Christopher Cope
04:36 PM pfSense Packages Bug #15771 (Feedback): RPKI cannot be configured
There are a couple problems here.
Issue #1: The check to see if RPKI is enabled isn't right so it's not defining t... Jim Pingle
01:13 AM Revision f810afab: Merge pull request #4702 from S33G/hotfix/correct-author
Marcos M

10/08/2024

11:04 PM pfSense Packages Feature #9141: FRR xmlrpc
Any updates? Mike Moore
11:03 PM pfSense Packages Bug #15771: RPKI cannot be configured
Confirmed as well.
There are a couple of modules in FRR (pfsense) that arent working
RPKI and AgentX
I think the... Mike Moore
10:37 PM pfSense Packages Bug #15771 (Resolved): RPKI cannot be configured
Customer concerned that enabling/changing RPKI is not working.
When the RPKI configuration is changed, the changes... Chris Linstruth
09:00 PM Revision 3e314680: Improve error message for duplicated aliases
C J
05:14 PM Bug #15750 (Resolved): Hostnames for ISC DHCP leases are not removed from Unbound when switching to Kea
This was solved by removing the reference to the old leases file from unbound.conf.
After switching to Kea from I... Steve Wheeler
03:26 PM Todo #14888: Exclude non-release branches from general update checks
The update check will now only process release branches. Marcos M
03:25 PM pfSense Packages Regression #14850 (Resolved): Unreadable alerts file results in PHP error
Marcos M
02:33 PM Bug #15770 (Incomplete): Limiter Limits Whole Gateway instead of Single IP
When Using an Trafic Limiter in combination with an gateway Group the limiter limits the whole gateway instead of the... Marius Hentschke

10/07/2024

07:33 PM Feature #13422 (Duplicate): Add a 'type' field to the DHCPv6 server Additional BOOTP/DHCP Options
Covered by #15321 Jim Pingle
07:16 PM Bug #15755 (Closed): Mobile IPsec sends incorrect DNS attribute IDs
Looks good on a current snapshot, the config has the right values and the client appears to be receiving and processi... Jim Pingle
06:42 PM pfSense Plus Bug #15769 (New): IPsec DNS gateway changes causes all tunnel restarts
Following issue is troubleshooted and outlined in the forum post
https://forum.netgate.com/topic/190426/frr-seeing... Mike Moore
04:00 PM Todo #15705 (Feedback): Clarify console menu option 0 description
Applied in changeset commit:898df056052d0d793d7eb894ed70ca992972b293. Liam Riley
03:37 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy
Any update on when Zabbix 7.0 packages will be available for 24.03 or 24.08? Andrew Almond
03:36 PM pfSense Packages Bug #15313: Zabbix server 6.4.12 requires Zabbix proxies to be version 6.4.12
Is there any update on whether Zabbix packages >=6.4.13 will be released for 24.03? Andrew Almond
03:26 PM Feature #14483: Conditionally reconfigure IPsec VTI interfaces only when necessary while applying IPsec changes
Adding a new forum post to this as to document a new behavior seen
https://forum.netgate.com/topic/190426/frr-seei... Mike Moore
03:21 PM Revision c48865bc: Improve error message for duplicated aliases
Marcos M
03:16 PM Revision 02b8bbee: Merge pull request #4696 from lriley2020/edit-menu
Marcos M
01:24 AM Regression #15768 (Resolved): OpenVPN Windows Client fails to connect
Version 24.08.a.20240925.0600
1) OpenVPN server in Subnet Mode ... dylan mendez

10/06/2024

09:42 PM Revision 898df056: Clarify console menu option 0 description. Implement #15705
Liam Riley
01:36 PM Bug #15767 (Resolved): Clicking the picture widget image downloads the image with an invalid filename instead of showing it inline
I use the picture widget on the dashboard to show a map of the network, of course the widget is too small so I click ... Manuel Carrera
01:32 PM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound

uh uh uh !!
MUST HAVE THIS FIX !
Please please please provide patch, or a URL for the snapshot mentioned. I w... Michael Damsgaard
09:11 AM Bug #15752: Montly kernel panic
Thank you for the response. There doesn't seem to be a memtest included, so the best option is to use the bootable me... Sebastian Wagner
01:51 AM Bug #15752 (Incomplete): Montly kernel panic
Have you tested the RAM on your appliance to verify this isn't a memory issue? Page faults are typically an issue wi... Kris Phillips
08:24 AM pfSense Packages Bug #15644: Snort Status icon disappears
Tested on 24.03 and Snort 4.1.6_17
I can confirm that. aleksei prokofiev
08:15 AM pfSense Packages Bug #15760: Typo in Snort Important Preproc Information
Tested on 24.03 the same typo
!clipboard-202410061115-tywac.png!
 aleksei prokofiev
03:48 AM Bug #15750: Hostnames for ISC DHCP leases are not removed from Unbound when switching to Kea
after changing to kea, the entries in /var/unbound/dhcpleases_entries.conf are still present
build 24.08.a.2024100... Jordan G
03:19 AM Feature #5080 (Resolved): Settings tab for global Kea DHCP server options

setting tab is added .
24.08-DEVELOPMENT (amd64)
built on Thu Oct 3 19:31:00 PDT 2024
FreeBSD 15.0-CURRENT Alhusein Zawi
02:38 AM pfSense Plus Regression #15494: Reinstall Packages button reports another instance of ``pfSense-upgrade`` is running
still present in build 24.08.a.20241004.0231 Jordan G
01:55 AM pfSense Plus Bug #15566 (Confirmed): Update Intel microcode pacakge
Verified that the outdated microcode package is still present in 24.03. All 24.08 dev snapshots have the updated pac... Kris Phillips
01:52 AM pfSense Plus Bug #15693 (Incomplete): Bug #13423 still present in 24.03-RELEASE version
Marking as Incomplete until we have that information. Kris Phillips
01:46 AM pfSense Plus Bug #15639 (Resolved): Automatic boot verification shows negative timer
No longer seeing this as well when testing. Closing as Resolved. Kris Phillips
01:13 AM Feature #14208: Automatic Split-DNS for 1:1 NAT
Is there anything specific keeping this from being merged? Yehuda Katz

10/05/2024

09:03 PM Bug #15624 (Resolved): Skip Packages option for Configuration Backups fails with large configurations
Not seeing this in... Christopher Cope
08:39 PM Bug #15757 (Confirmed): Incorrect dashboard column spacing when using five columns
I'm also seeing this on... Christopher Cope
05:43 PM Bug #15633: Limiters applied to OpenVPN interface do not apply for download traffic
Tested on 24.03
Some comments about OpenVPN + Limiters:
1. with 'Allow any any' firewall rule on the "OpenVPN" de... Azamat Khakimyanov
03:51 AM Bug #15098: Wireguard crashes on boot if PPPoE is the default gateway
Can confirm that I also have this issue
System :
2.7.2-RELEASE (amd64)
built on Fri Dec 8 15:55:00 EST 2023
FreeBSD... Remi Roy
12:40 AM Bug #15729 (Feedback): Session cookie warnings
Applied in changeset commit:61e5c10b7a3ae5a32db123668ada6fdcc67e7a00. GChuf 6
12:26 AM Revision b0dbe23b: Merge pull request #4700 from GChuf/sameSiteCookiesAttribute
Marcos M

10/04/2024

08:33 PM pfSense Plus Feature #15766 (New): Restore previous queries
I want to request a new feature or an addition to an existing feature.
When one expands the advanced filter accord... Alexander Snyder
07:35 PM Revision 61e5c10b: Add samesite attribute to cookies. Implement #15729
GChuf 6
07:08 PM Bug #1819 (Duplicate): DNS Resolver Not Registering DHCP Server Specified Domain Name
This is implemented as a part of #15651 -- Kea DHCP DNS Registration respects the domain name on DHCP settings as wel... Jim Pingle
06:54 PM Feature #15261 (Not a Bug): comcast DHCP issues
Jim Pingle
06:33 PM Revision 8b32975d: Adjust widget refresh intervals
Now that the refresh interval works as expected, decrease the refresh
frequency to more closely match the previous be... Marcos M
05:40 PM Bug #5413 (Resolved): Reduce disruptions when changing DNS records from DHCP leases in Unbound
This has been working well in snapshots. Records are updated on-the-go, no restarts. Jim Pingle
05:38 PM Feature #15437 (Feedback): Use natural sorting when sorting interfaces
Marcos M
05:09 PM Feature #15437 (Pull Request Review): Use natural sorting when sorting interfaces
Marcos M
05:36 PM Regression #12581: Non Link-Local IPv6 CARP address does not get advertised to endpoints with RADVD
To add one thing I didn't see noted above, you can and should be making a *Link-Local* IPv6 CARP address for these pu... Jim Pingle
05:30 PM Bug #14933 (Feedback): Traffic Graph widget displays bandwidth usage values which are half the actual usage amount
Applied in changeset commit:3ebe5bc73331be9ca9aa9867867257e0942aca6d. Marcos M
05:20 PM Bug #14933 (Waiting on Merge): Traffic Graph widget displays bandwidth usage values which are half the actual usage amount
Marcos M
05:26 PM Feature #5080: Settings tab for global Kea DHCP server options
We did add a settings tab, but it's Kea-specific, so note that in the title so it's more clear in the release notes. Jim Pingle
05:23 PM Revision 3ebe5bc7: Display correct bandwidth usage. Fix #14933
Marcos M
05:06 PM Revision 7455432c: Merge pull request #4683 from FloFaber/improve_alphabetic_interface_sorting
Marcos M
04:55 PM Feature #10000 (Feedback): Enable ``@`` support for Azure in Dynamic DNS
Applied in changeset commit:33626a940a92ba93c6f21c6241603c41a8e07bbd. Marcos M
04:47 PM Feature #10000 (In Progress): Enable ``@`` support for Azure in Dynamic DNS
Marcos M
04:55 PM Feature #14289 (Feedback): Enable ``@`` support for name.com in Dynamic DNS
Applied in changeset commit:60a5fd09e14bf64aca79efd9a27a42164e872c90. Marcos M
04:49 PM Feature #14289 (In Progress): Enable ``@`` support for name.com in Dynamic DNS
Marcos M
04:47 PM Feature #15593 (Duplicate): Enable ``@`` support for Azure in Dynamic DNS
Marcos M
04:46 PM Revision 33626a94: Allow apex records for Azure DDNS. Implement #10000
Marcos M
04:45 PM Revision 60a5fd09: Allow apex records for name.com DDNS. Implement #14289
Marcos M
04:32 PM Revision 88e4113b: Improve code readability for DDNS checks
Marcos M
04:00 PM Bug #15490 (Feedback): Sanitize RFC 2136 Dynamic DNS update keys in ``status.php`` output
Applied in changeset commit:2d9db4c6bfe1e437eb8f074dae79817728533761. Jim Pingle
03:42 PM Revision 2d9db4c6: Sanitize RFC2136 key data in status output. Fixes #15490
Jim Pingle
03:39 PM Todo #15705 (Pull Request Review): Clarify console menu option 0 description
Marcos M
03:35 PM Bug #15725 (Feedback): Dashboard widgets refresh at unintended intervals
Applied in changeset commit:ee615d9d982e94fdb9f5a88207f53990e6e86c1d. GChuf 6
03:35 PM Todo #15728 (Feedback): Improve Thermal Sensors Dashboard widget refresh code
Applied in changeset commit:b0cd23ab5e2d218f2af54739dd483cf21f6e8c5a. GChuf 6
03:35 PM Bug #15373 (Feedback): Firewall Logs Dashboard widget update interval does not behave as expected
Applied in changeset commit:3d89c2dbe73fb081833700c49fec7004b120cd6a. GChuf 6
03:26 PM Revision 8c0b5014: Merge pull request #4699 from GChuf/logWidgetFix
Marcos M
03:25 PM Revision 62f646f3: Merge pull request #4698 from GChuf/thermalSensorWidgetImprovement
Marcos M
03:22 PM Revision 042b7347: Merge pull request #4697 from GChuf/WidgetRefreshRework
Marcos M
02:46 PM Bug #15702 (Resolved): IPv4 DHCP client responses may be routed unexpectedly out unrelated WANs
Seems to be behaving on current snapshots on everything in my lab. It's also in the most recent public snapshot, and ... Jim Pingle
02:44 PM Todo #13508: Uncouple RAM Disk size from available kernel memory
Since the only real affected platform is EOL and this doesn't seem to be a widespread issue, it isn't a priority. If ... Jim Pingle
08:22 AM Revision ee615d9d: Refresh widgets at specified intervals. Fix #15725
GChuf 6
08:00 AM Revision 87d75fe7: Remove old code references in thermal widget
Originally removed in https://redmine.pfsense.org/issues/5369 GChuf 6
08:00 AM Revision b0cd23ab: Improve thermal widget refresh code. Implement #15728
Only replace values instead of entire DOM elements. GChuf 6
07:47 AM Revision 108cb5f2: Display seconds in firewall log widget
GChuf 6
07:46 AM Revision 3d89c2db: Respect user-specified interval for log widget. Fix #15373
GChuf 6

10/03/2024

11:23 PM Regression #15762 (Resolved): Captive Portal concurrent login setting does not work
Fixed in commit:c3939d63ad846097e0111faf75b1dc9a632b9a94. Marcos M
11:17 PM Regression #15762 (Resolved): Captive Portal concurrent login setting does not work
When set to @Last login@, the user is able to have multiple active sessions. Marcos M
11:20 PM Revision c3939d63: Config access regression. Fix #15762
Marcos M
08:36 PM Feature #15761 (New): Tailscale failover

Tailscale does not support fail-over, it would be helpful if it runs automatically on backup server in case primary... Alhusein Zawi
07:43 PM Feature #15321: Kea DHCP Custom Configuration Support (IPv4 and IPv6)
After a lot of experimentation and help from Marcos, I discovered it is important to know if the option is already de... Dale Harron
04:32 PM Todo #15728 (Pull Request Review): Improve Thermal Sensors Dashboard widget refresh code
Marcos M
02:14 PM Bug #15751 (Resolved): Declining to reset the admin account via the console menu still prompts to change the password
Jim Pingle
02:02 PM Bug #15751: Declining to reset the admin account via the console menu still prompts to change the password
reproduced on Sept 28 build, it is fixed in the latest
tested on
24.08-DEVELOPMENT (amd64)
built on Wed Oct 2 16:1... Georgiy Tyutyunnik
01:03 PM Bug #15754: log file size growing despite settings
I understand. Thank you for your effort. Tomas B.
12:54 PM Bug #15754 (Not a Bug): log file size growing despite settings
OK, there does not appear to be a bug in how the settings themselves are handled. Your configuration is broken. Eithe... Jim Pingle
06:46 AM Bug #15754: log file size growing despite settings
Hi
this is what it contains.
!clipboard-202410030846-hynuo.png!
 Tomas B.
07:58 AM pfSense Packages Bug #15758: openVPN client exporting for another user and fails to work with ldap.
Finally, there's one more file that should be changed; /usr/local/pkg/... npr .
03:45 AM Bug #12708: Alias with non-resolving FQDN entry breaks underlying PF table
Hello, just meet this issue again on pfsense CE 2.7.2-RELEASE (amd64) Enoch Lau
01:49 AM pfSense Packages Bug #15760 (Resolved): Typo in Snort Important Preproc Information
Hello,
I am letting you know that there is a typo,
located in the Important Preprocessor Information message.
I ... Matthew Zscherpel

10/02/2024

04:37 PM Bug #15759 (New): CVE-2024-43102 umtx Kernel panic or Use-After-Free
Tracking for this vulnerability:
https://www.freebsd.org/security/advisories/FreeBSD-SA-24:14.umtx.asc
Should be ... Kris Phillips
04:02 PM Revision fb79f9b0: kea: fix service restart shortcut
Christian McDonald
02:50 PM pfSense Packages Bug #15758: openVPN client exporting for another user and fails to work with ldap.
This only solves the display issue: there's still another issue where, in this scenario (both local database and anot... npr .
10:02 AM pfSense Packages Bug #15758 (New): openVPN client exporting for another user and fails to work with ldap.
When a second user database is configured for the VPN, for example ldap, then the client export utility will no longe... npr .

10/01/2024

07:38 PM Revision 32fd7d34: Clarify error log when omitting gateway from ruleset
Marcos M
05:45 PM Bug #15754: log file size growing despite settings
Nothing there looks out of sorts.
Check in @/etc/crontab@ and see if you have a line there for newsyslog. It shoul... Jim Pingle
07:21 AM Bug #15754: log file size growing despite settings
Hello.
Providing the info you asked for:
!clipboard-202410010919-ea5w6.png!
!clipboard-202410010919-hxfwh.png!
!c... Tomas B.
04:42 PM pfSense Packages Regression #14189: pfBlocker-NG: HA-Sync is not working
Per https://forum.netgate.com/topic/179060/pfblockerng-sync-not-working/57, still an issue in 3.2.0_17. Steve Y
01:28 PM Bug #15757 (Confirmed): Incorrect dashboard column spacing when using five columns
Setting the dashboard to use 5 columns incorrectly shows spacing for 6 comlumns though the 6th cannot be used.
For... Steve Wheeler

09/30/2024

11:55 PM Bug #15755 (Feedback): Mobile IPsec sends incorrect DNS attribute IDs
Applied in changeset commit:49890f9591cb1eba17a9317c7db29ad0ab6d06ad. Anonymous
09:14 PM Bug #15755: Mobile IPsec sends incorrect DNS attribute IDs
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1169 Steve Wheeler
09:02 PM Bug #15755 (Closed): Mobile IPsec sends incorrect DNS attribute IDs
The IPsec Mobile additional configuration attributes for DNS domain and Split DNS to pass to clients are generated wi... Steve Wheeler
11:45 PM Revision 49890f95: Correct Mobile IPSec Attribute IDs. Fix #15755
Steve Wheeler
11:43 PM Bug #7420 (Closed): ipsec status freezing
Marcos M
09:52 PM pfSense Packages Bug #15756 (Confirmed): NTOPNG db sits in ramdisk on pfsense, filling it up and crashing pfsense
Environment:
OS name: PFSENSE
OS version: 2.7.2-RELEASE
Architecture: amd64
ntopng version/revision: ntopng Com... cody wasser
07:41 PM Feature #15321: Kea DHCP Custom Configuration Support (IPv4 and IPv6)
I'm providing a patch here to experiment with custom options for DHCP4; no support will be provided for this.
{{colla... Marcos M
02:35 PM Bug #15754: log file size growing despite settings
What version are you seeing this problem on?
I've been trying to replicate it on a lab system but I can't make it ... Jim Pingle
02:31 PM Bug #15754: log file size growing despite settings
Sadly, result was the same again. Tomas B.
01:46 PM Bug #15754: log file size growing despite settings
So the outcome was the same. I will do next round of testing. I will set rotation count manually to 7 in firewall sub... Tomas B.
01:17 PM Bug #15754 (Feedback): log file size growing despite settings
OK, let us know if that started it rotating again. And be sure to check the setting on the Firewall log tab as well t... Jim Pingle
01:05 PM Bug #15754: log file size growing despite settings
OK. So i set the default system settings on 7. I can see it everywhere else. And I restarted logging service. Tomas B.
12:50 PM Bug #15754: log file size growing despite settings
Maybe it's the way your theme or the browser is rendering those settings. There have been cases where the dark theme ... Jim Pingle
12:42 PM Bug #15754: log file size growing despite settings
Hi Jim
without my intervention its there. So it seems that the configuration did not accepted it.
!clipboard-202409... Tomas B.
12:30 PM Bug #15754: log file size growing despite settings
You have "Log Retention Count" set to @0@, which might be the problem. Don't change it on the tab in your screenshot,... Jim Pingle
11:10 AM Bug #15754: log file size growing despite settings
At one point, it was so big it filled the whole SSD and crashed the whole system. Tomas B.
11:08 AM Bug #15754 (Not a Bug): log file size growing despite settings
Hi all
I have a problem with log file for firewall.
Despite these settings, log file keeps growing and growing.
... Tomas B.
02:25 PM Bug #15751 (Feedback): Declining to reset the admin account via the console menu still prompts to change the password
Applied in changeset commit:f66f5022e57722214b33423626bdb3af9b08bf55. Jim Pingle
02:01 PM Bug #15751: Declining to reset the admin account via the console menu still prompts to change the password
Not plus specific.
You can still hit ctrl-c to break out of the password reset until this is corrected.
 Jim Pingle
02:16 PM Revision f66f5022: Fix admin reset password conditions. Fixes #15751
Jim Pingle
01:10 PM Bug #15676: OpenVPN not rendering alises in "IPv4 Local network" setting.
I haven't any space in local networks or inside any alias' definition. You can see that in the config file on my prev... Matteo Capuano
12:40 PM Bug #15753: WAN uptime ppp shows no uptime / ppp-uptime.sh shows - for uptime
Jim Pingle wrote in #note-2:
> What version are you running where you're seeing that behavior?
pfSense Plus
24.... Manuel M.
12:22 PM Bug #15753: WAN uptime ppp shows no uptime / ppp-uptime.sh shows - for uptime
What version are you running where you're seeing that behavior? Jim Pingle
07:49 AM Bug #15753: WAN uptime ppp shows no uptime / ppp-uptime.sh shows - for uptime
After the PPP connection is re-established, it shows the time accurately. I think the necessary entries in the log fi... Manuel M.
07:45 AM Bug #15753 (New): WAN uptime ppp shows no uptime / ppp-uptime.sh shows - for uptime
The WAN uptime on the dashboard shows '-'. The ppp-uptime.sh script shows '-42087' for uptime. I believe this happens... Manuel M.

09/29/2024

10:26 AM Bug #15752 (Duplicate): Montly kernel panic
In a regular interval, every month, we experience a kernel panic. As the appliance is connected via a USB console cab... Sebastian Wagner
12:58 AM Bug #15624: Skip Packages option for Configuration Backups fails with large configurations
unable to reproduce the above issue in 24.08.a.20240928.0054 Jordan G
12:46 AM Bug #15676: OpenVPN not rendering alises in "IPv4 Local network" setting.
I'm seeing this on 24.03 only the config doesn't populate the alias when a space precedes the entry used in local net... Jordan G

09/28/2024

07:07 PM Bug #15751 (Confirmed): Declining to reset the admin account via the console menu still prompts to change the password
I can confirm the same behavior. It is likely related to the code changes requiring a non-default password. Christopher Cope
05:33 PM Bug #15751 (Resolved): Declining to reset the admin account via the console menu still prompts to change the password
When it asks @Proceed?@ and you press @n@, it proceeds anyway.
I see this on the Sept 28 dev build and 24.03, but ... Chris W

09/27/2024

09:44 PM pfSense Plus Bug #15741: Firewall Logs reporting high volume of rule (@0) entries on OpenVPN interface
If rules are being added via an external service, it may be from there as well. Check the anchor rules by running @pf... Marcos M
09:02 PM Revision b1360be3: Clean up diffs
Marcos M
08:06 PM Revision d16bf0a3: dhcp: ensure $pconfig is never null or not an array
Christian McDonald
08:03 PM Bug #15750 (Feedback): Hostnames for ISC DHCP leases are not removed from Unbound when switching to Kea
Christian McDonald
02:47 PM Bug #15750 (Resolved): Hostnames for ISC DHCP leases are not removed from Unbound when switching to Kea
When switching to Kea from ISC and dhcp lease registration is enabled the existing lease file (/var/unbound/dhcplease... Steve Wheeler
06:55 PM Revision 14486826: rc.bootup: support deferred package installation scripts
Christian McDonald
03:59 PM pfSense Packages Bug #15749: BGP advertising all routes and ignoring networks statements.
This is actually an issue with how FRR is presenting the announcements of routes.
It is showing that i am sending 19 ... Mike Moore
03:16 PM pfSense Docs New Content #15748 (Closed): Packet Flow Data
The redirects for pflow pages are already defined in the repository, but the redirects aren't getting updated on the ... Jim Pingle
12:39 PM pfSense Plus Bug #15740: NAT uses unknown IP address
There was a recent IP address change on the PPPoE interface to 78.131.44.xx, but the state was again kept using the p... David G
07:54 AM Bug #15676: OpenVPN not rendering alises in "IPv4 Local network" setting.
Hi, were you able to reproduce this issue? Matteo Capuano
03:18 AM pfSense Packages Feature #9833: ACME: add ability to use custom ACME server
+1 more Keith Swalin

09/26/2024

11:49 PM pfSense Packages Bug #15749 (Not a Bug): BGP advertising all routes and ignoring networks statements.
BGP is advertising ALL routes and does not respect the 'network x.x.x.x' statement within the configuration.
How thi... Mike Moore
08:35 PM pfSense Docs New Content #15748 (Closed): Packet Flow Data

Firewall> Packet Flow Data does not have a help link.
Alhusein Zawi
08:07 PM Revision 1c978a25: kea: filter self-signed certs from TLS options
Christian McDonald
07:54 PM Revision 6a610786: Print motd-passwd when it exists
Renato Botelho
07:54 PM Revision 9974d8f7: Add package hooks plugin_xmlrpc_send plugin_xmlrpc_recv, and plugin_xmlrpc_post_recv
Reid Linnemann
07:54 PM Revision 4061910c: Repeat optimization made for product_name
Renato Botelho
07:54 PM Revision 1f024511: Save the product name on /etc/product_name at /etc/rc.banner.
This way we do not need to run PHP again on rc.initial to read the product name.
This file is only written if /etc i... Luiz Souza
07:39 PM pfSense Plus Bug #15741: Firewall Logs reporting high volume of rule (@0) entries on OpenVPN interface
Today, I did make changes to a OVPN client and there are a great amount of entries with @4 now.
I did find the lis... Jeff Kuehl
06:44 PM Revision 3f872bd0: ip_range_to_address_array() 32-bit ARM fix. Issue NG #5445
(cherry picked from commit a6ee0ff91086ba153cfd485dc8fb6d72f918d78b)
(cherry picked from commit 0f5485a49ed4da33bf48f... Viktor Gurov
06:26 PM Revision 2b0dd320: Identify Azure more accurately.
Gen2 smbios info is indistinguishable between Azure and Hyper-V Jim Pingle
06:00 PM Revision 119b5342: Initialize the PHP settings a little bit earlier so PHP is ready for pfSense-upgrade.
Fixes #13726 in more detail (and for 22.05.1). Luiz Souza
06:00 PM Revision bb49910f: ddb.conf: fix script length issue
We need to re-arrange things a little to avoid the maximum script length of
128 bytes.
While here also re-order the ... Kristof Provost
05:51 PM Feature #13468 (Duplicate): FW-rule-groups, would be very, very helpfull
Duplicate of #1937 Jim Pingle
05:51 PM Feature #15747 (Duplicate): Ability to use rule tags to organize rules into groups
Duplicate of #1937 Jim Pingle
05:30 PM Feature #15747 (Duplicate): Ability to use rule tags to organize rules into groups
There is no native rule group grouping functionality so the rules are organized and displayed as a single one-dimensi... Mike Moore
05:25 PM pfSense Plus Bug #15712 (Duplicate): Experimental ethernet rules, order broken when adding rule on other interface tab
IIRC that's expected (as it gets "unbroken"). I'll close this out for now as a duplicate. Feel free to report back if... Marcos M
04:56 PM pfSense Plus Bug #15712: Experimental ethernet rules, order broken when adding rule on other interface tab
Right after the update, the order got messed up a bit again, but currently I cannot reproduce it. Vladimir Suhhanov
04:54 PM Revision 3fc66fe7: Don't unnecessarily remove the config cache
Removing the cache is no longer necessary; the behavior remains the
same without removing the config cache. Marcos M

09/25/2024

11:43 PM pfSense Plus Bug #15740: NAT uses unknown IP address
Can you provide a status output of your firewall here?
https://nc.netgate.com/nextcloud/s/qpLyFbyx2cwokH8
https:/... dylan mendez
09:04 PM Revision d2898b25: Add safety check for alias ID
Marcos M
08:55 PM pfSense Plus Regression #15742 (Not a Bug): Cannot add alias with name "Test"
Aliases and assigned interfaces, including groups, use pf tables for the filter ruleset. As the error message implies... Marcos M
08:32 PM pfSense Plus Bug #15741: Firewall Logs reporting high volume of rule (@0) entries on OpenVPN interface
It may not be the description, but the rule number. You can cross-reference the rule and state with @pfctl -vvss@ and... Marcos M
07:39 PM pfSense Plus Bug #15741: Firewall Logs reporting high volume of rule (@0) entries on OpenVPN interface
I’ll check the rules.debug file for (@) but that’s the only ID / number each line gives me. I don’t think I explicitl... Jeff Kuehl
07:16 PM pfSense Plus Bug #15741 (Incomplete): Firewall Logs reporting high volume of rule (@0) entries on OpenVPN interface
The exact rule can be found using the rule identifier and/or rule number on the state, or checking the generated rule... Marcos M
07:07 PM pfSense Plus Bug #15712: Experimental ethernet rules, order broken when adding rule on other interface tab
A new 24.08 snapshot is available. Please test there if you are able to reproduce this issue. Marcos M
06:36 PM pfSense Packages Bug #15744: Suricata LOGS MGMT feature shows ``enabled`` by default on a green-field install when it should instead default to ``disabled``
https://github.com/pfsense/FreeBSD-ports/commit/97083dc3e251c6663afc9ffc02218f7dc2dde6d6 Marcos M
06:35 PM pfSense Packages Bug #15744 (Feedback): Suricata LOGS MGMT feature shows ``enabled`` by default on a green-field install when it should instead default to ``disabled``
Marcos M
06:31 PM pfSense Docs Todo #12756 (Closed): Add information on correct MTU to use with WireGuard
Info added to docs: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/bb768f6155ab4351d7e124c9225b6915b9029217 Jim Pingle
06:09 PM pfSense Docs Correction #15128 (Closed): Note that a WireGuard peer must have "Dynamic" unset to see Endpoint options
There were a couple other instances where this wasn't noted in other WG recipes. Now they all mention unchecked Dynam... Jim Pingle
05:58 PM pfSense Docs Todo #15553 (Duplicate): Feedback on pfSense® software Configuration Recipes — WireGuard Site-to-Site VPN Configuration Example
Duplicate of #12756 Jim Pingle
05:50 PM pfSense Docs Correction #15445 (Duplicate): Possible mistake in "WireGuard Site-to-Multisite VPN Configuration Example"
This was fixed in #15515 which is a duplicate of this one. Jim Pingle
03:41 PM Bug #14434: PPPoE WAN interface with VIPs causes continuous interface restarting
Steve Wheeler wrote in #note-8:
> This appears to be fixed in 24.03. At least in my test setup. Can anyone who was s... Jon Gerdes
03:15 PM pfSense Docs Todo #14298 (Closed): Add documentation for vendor-class-identifier
Closing this for now, it can be reopened if/when the feature is actually implemented. Jim Pingle
03:13 PM pfSense Docs New Content #14239 (Closed): Feedback on Packages — Nut package
Added, thanks!
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/f49555c871f053cf5922d98fbc6423b1a20a68f8 Jim Pingle
03:00 PM pfSense Docs New Content #15475 (Rejected): Connect to console index page on ddocs
This is already well covered in the docs, both ways.
From the net installer doc it mentions connecting to the consol... Jim Pingle
02:56 PM pfSense Docs Todo #15521 (Closed): Add alert to use single quotes as escape characters when decrypting config.xml using OpenSSL on command line
Added warning:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/10b61dff0c11786dc2924694fad4ce6c5a0d5409 Jim Pingle
02:40 PM pfSense Docs New Content #12237 (Duplicate): Add information on ``ifqmaxlen`` to Hardware Tuning and Troubleshooting
#10311 is already a docs ticket so now this is a duplicate. Jim Pingle
02:10 PM pfSense Docs New Content #12804 (Closed): Add documentation for Slack notifications
These were added a while ago. Jim Pingle
02:09 PM pfSense Docs New Content #12402 (Rejected): Add recipe for configuring Telegram to receive notifications from pfSense software
Jim Pingle
02:04 PM pfSense Docs Todo #13108 (Rejected): ZFS filesystem implications
It's been a couple years and this hasn't really been an issue. If people start hitting it regularly we can work it in... Jim Pingle
02:03 PM pfSense Docs Todo #14455 (Closed): Clarify console prompt step during firmware installation
This was covered by the changes for the new installer. Jim Pingle
01:43 PM pfSense Docs Todo #15660 (Closed): Update Bandwidth usage section
Updated darkstat capabilities and also fixed its menu location which was wrong in two places.
https://gitlab.netga... Jim Pingle
01:35 PM pfSense Docs Correction #15672 (Closed): Design Considerations - Design Style
Fixed, thanks!
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/9be96a5918809cf6fa9e1795c198025fac05cdea Jim Pingle
01:27 PM pfSense Docs Correction #15721 (Closed): Feedback on System Monitoring — Monitoring Bandwidth Usage
Fixed, thanks!
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/f836872d7978e42c7d1c8ec340f03d41b25c8be6 Jim Pingle
03:47 AM Revision 81057112: Add check for empty interface
Callers may call get_real_interface() with an empty interface;
bail early if so. Marcos M
 

Also available in: Atom