Activity

30 days up to

User

Subprojects

Activity

From 10/28/2024 to 11/26/2024

11/26/2024

11:47 PM Bug #15874 (Resolved): Users with Deny Config Write privilege can trigger logging operations: A user with the deny_config_write privilege set and access to the log settings page can still trigger the syslog daem... Steve Wheeler
11:24 PM pfSense Packages Bug #15872 (Feedback): PHP error when accessing mail reports: Fixed with c49098e2900a9211de44dc0b9937235ce9d638a2. The "diff":https://github.com/pfsense/FreeBSD-ports/commit/c4909... Marcos M
11:20 PM pfSense Packages Bug #15872 (Resolved): PHP error when accessing mail reports: ... Marcos M
11:23 PM Bug #15873 (Resolved): PHP error when a user is denied access to the dashboard: When logging in as a user who doesn't have access to the dashboard the following is logged:... Steve Wheeler
06:44 PM pfSense Plus Regression #15871 (Resolved): Azure: User credentials entered during new VM deployments are not applied to the system: Fixed with ports commit da0f905e27963dd88ee17b874eb9e9f05a8ad41a. Marcos M
06:42 PM pfSense Plus Regression #15871 (Resolved): Azure: User credentials entered during new VM deployments are not applied to the system: The user/password entered during VM deployment in Azure does not work. Marcos M
06:41 PM pfSense Packages Bug #14489: FRR needs delayed startup: I had the same issue so I wrote a system patch to sleep for 30 seconds at the beginning of frr.inc. It's janky, but i... Andrew Collings
06:22 PM Bug #13542 (Closed): Boot delay caused when OpenVPN config uses alias list that relies on DNS: In more recent versions, there are checks for the availability of DNS before requests are sent which should help with... Marcos M
05:33 PM pfSense Plus Bug #15870 (New): Azure: VM backups fail: Running a backup against an instance in Azure fails after eventually timing out (>5hrs!).
No obvious reason for th... Marcos M
05:30 PM pfSense Plus Todo #15869 (New): Azure: Use a random password for the admin account after resetting the configuration: After resetting the configuration, the pfSense default credentials are used. Instead, generate a random password for ... Marcos M
05:24 PM pfSense Plus Todo #15867 (New): Azure: Use a random admin password when deploying with SSH key as login: When deploying the pfSense Plus image in Azure you can choose to allow logins using the generated SSH key pair. If th... Marcos M
05:15 PM pfSense Plus Todo #15866 (Needs Patch): Update Azure agent: The currently-used Azure agent is @2.8.0.11_1@:
https://www.freshports.org/sysutils/azure-agent
The current lates... Marcos M
04:54 PM Todo #15865 (Feedback): Make the UPnP IGD & PCP STUN port optional: https://github.com/pfsense/pfsense/pull/4717 Marcos M
04:54 PM Todo #15865 (Resolved): Make the UPnP IGD & PCP STUN port optional: The service does not require a STUN port to be specified - make it optional. Marcos M
04:52 PM Todo #15864 (Resolved): Update UPnP IGD & PCP GUI text: https://github.com/pfsense/pfsense/pull/4689
https://github.com/pfsense/pfsense/pull/4695
https://github.com/pfsens... Marcos M
04:36 PM Todo #15864 (Resolved): Update UPnP IGD & PCP GUI text: Update the text regarding the "UPnP" service to use more accurate and clearer terms. Marcos M
04:48 PM Revision c3dc4126: Merge pull request #4717 from Self-Hosting-Group/igd-pcp-finalisation: https://redmine.pfsense.org/issues/15864
Followup to:
7961830d30b89605b26732350335f5a9498ff5ba
9bc580f00f691b2c3de5f... Marcos M
04:29 PM Revision d1c8a7d6: Avoid potential name collision in CSRF: Jim Pingle
03:40 PM Bug #15831 (Resolved): Kernel Panic when IGMPProxy gets CIDR Removed: Jim Pingle
03:40 PM Bug #15601 (Resolved): Routes with IPv6 Address as Next Hop for IPv4 Destination Causes Kernel Panic: Jim Pingle
03:40 PM Regression #15094 (Resolved): Updates fail against an authenticated upstream proxy: Jim Pingle
03:40 PM Bug #14977 (Resolved): Kea fails to restart due to race between process termination and startup: Jim Pingle
03:28 PM pfSense Plus Regression #15494: Reinstall Packages button reports another instance of ``pfSense-upgrade`` is running: Tested on
24.11-RELEASE (amd64)
built on Fri Nov 22 4:34:00 UTC 2024
FreeBSD 15.0-CURRENT
Issue persists aleksei prokofiev

11/25/2024

09:18 PM Todo #15863 (Resolved): Update nginx HTTP2 syntax: nginx is logging a deprecation notice for the current HTTP2 syntax:... Jim Pingle
08:46 PM Feature #15862 (New): Suppress multiple backups during config default: During the config default process, triggered from the console menu, webgui or hardware reset button, non-default pack... Steve Wheeler
08:04 PM Bug #15844: Dashboard ``widgetkey`` values are not validated on save or load, can lead to configuration corruption or other problems: MR updated with validation for remaining widgets that utilize @widgetkey@. Also included validation for some settings... Jim Pingle
01:19 PM pfSense Packages Regression #14452 (Resolved): Prometheus node_exporter generates errors with the default config: Jim Pingle
12:00 AM Revision bf313265: UPnP IGD & PCP: No need to enter STUN port and update example servers: (#4717) Self-Hosting-Group
12:00 AM Revision 210a89aa: UPnP IGD & PCP: Simplify UI and finalise wording and descriptions update: (#4717) Self-Hosting-Group

11/24/2024

12:46 PM Bug #15746: IPv6 is not deprecated on PPPoE Periodic Reset: Same issue here as well. Unfortunately most consumer isps are handing out dynamic prefixes…There is actually an optio... Johannes Rohde
04:03 AM pfSense Packages Feature #15532: Update NUT status widget: tested on 24.11 (built on Wed Nov 20 11:41:00 CST 2024) using nut v2.8.2_4, metrics seem consistent when comparing wi... Jordan G
02:57 AM Bug #15861: Assign Interface IP and Restart GUI Console Menu Items Present PID Errors: Restart GUI is also producing a similar error:
Restarting webConfigurator...pkill: Cannot get process list (kvm_ge... Kris Phillips
02:46 AM Bug #15861: Assign Interface IP and Restart GUI Console Menu Items Present PID Errors: After a factory default and then switching to the Kea backend from ISC, the original error about "No such file or dir... Kris Phillips
02:44 AM Bug #15861: Assign Interface IP and Restart GUI Console Menu Items Present PID Errors: Testing with the ISC Backend, it produces a different error:
DHCPD...pkill: Cannot get process list (kvm_getprocs:... Kris Phillips
02:39 AM Bug #15861: Assign Interface IP and Restart GUI Console Menu Items Present PID Errors: Tested post-reboot and with a factory defaulted firewall. Same results. Kris Phillips
02:27 AM Bug #15861 (Duplicate): Assign Interface IP and Restart GUI Console Menu Items Present PID Errors: When attempting to set the DHCP scope for the LAN interface from the Console Menu using option 2, there is always an ... Kris Phillips
01:53 AM Bug #15584: Redacting description at Interfaces=>LAGGs section cause LAGG interface rebuild.: present in 24.11.r.20241112.1813, it would also appear that just changing and saving the description line (for only t... Jordan G

11/20/2024

09:12 PM pfSense Packages Bug #15845: UPS Settings doesn't display the full list of availabale drivers: Modbus is very new to NUT. I expect your UPS supports USB HID, potentially in addition to Modbus. I would recommend ... Denny Page
08:57 PM pfSense Packages Bug #15845: UPS Settings doesn't display the full list of availabale drivers: Denny Page wrote in #note-2:
> I looked into this a bit... What is the model number of your UPS?
>
> Also, does i... Eric Wright
08:46 PM pfSense Packages Bug #15845: UPS Settings doesn't display the full list of availabale drivers: I looked into this a bit... What is the model number of your UPS?
Also, does it have a USB port as well as the ser... Denny Page
08:55 PM pfSense Packages Bug #15857 (New): FRR BGP generates an invalid config when peer group with a space in its name is used: When creating a peer group by going to Services > FRR BGP > Neighbors > Add and entering a name to create a peer grou... Andrew Collings
07:18 PM Revision 3c383268: Add specialnet flag for VIP aliases only: Marcos M
06:18 PM Bug #15856: OpenVPN Status Page and Dashboard Widget use input values without validation: Attaching a small POC Python script. Edit and adjust the URL, and credentials, target page, and port to match the set... Jim Pingle
06:15 PM Bug #15856 (Resolved): OpenVPN Status Page and Dashboard Widget use input values without validation: When performing operations using the OpenVPN status page (@/status_openvpn.php@) or the Dashboard widget (@/widgets/w... Jim Pingle
01:17 AM Todo #15855 (Rejected): Upgrade openvpn to the latest version: Plus 24.11 RC already includes 2.6.12. Jim Pingle
01:05 AM Todo #15855 (Rejected): Upgrade openvpn to the latest version: Because the latest version fixes many problems, please upgrade to the latest version as soon as possible
https://w... yon Liu
01:09 AM Bug #15831: Kernel Panic when IGMPProxy gets CIDR Removed: A decision was made to ship this with 24.11 after all, so I think we can consider the matter closed :) Mateusz Guzik

11/19/2024

09:49 PM pfSense Plus Feature #15854 (New): Lost Captive Portal User Logins when DHCP Leases are Cleared: When DHCP Leases are cleared, Captive Portal User Logins may cease to be functional due to a change from the IP used ... Dale Harron
08:08 PM pfSense Packages Feature #15853 (Resolved): Add mDNS Bridge (mdns-bridge) package: mDNS Bridge is intended as an alternative to Avahi reflection for sharing Multicast DNS across network interfaces.
... Denny Page
07:50 PM pfSense Packages Bug #15845: UPS Settings doesn't display the full list of availabale drivers: I will look at adding app_modbus in the next version. Denny Page
07:20 PM pfSense Packages Bug #15749 (Not a Bug): BGP advertising all routes and ignoring networks statements.: I don't believe there is a bug, at least not with pfSense or the GUI package. The stated behavior looks to be intenti... Marcos M
07:13 PM Bug #15850: DHCP not always giving gateway: Audio Images IT wrote in #note-4:
> Marcos M wrote in #note-2:
> > Would you be able to test this on 24.11-RC using... Audio Images IT
07:12 PM Bug #15850: DHCP not always giving gateway: Marcos M wrote in #note-2:
> Would you be able to test this on 24.11-RC using Kea (enabled on the page System > Adva... Audio Images IT
04:27 PM Bug #15850: DHCP not always giving gateway: I haven't seen this happen before and I'm not quite sure what would make it happen either. Unless the client itself i... Jim Pingle
04:08 PM pfSense Docs New Content #15812: Recipe for OpenVPN Site-to-Site SSL/TLS with DCO: Some revisions: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/24ad7f4a8e8ee6722defb55b3300eaf7f80f22aa Jim Pingle
04:07 PM pfSense Plus Bug #15849 (Duplicate): KEA is not appending the DNS Domain suffix as ISC did: This was all overhauled in Plus 24.11 and is already addressed -- see #15651
Try the 24.11 RC and it should all wo... Jim Pingle
08:52 AM pfSense Plus Bug #15851: openvpn DCO mode Failed to open tun/tap interface: I am setting up a new dco openvpn tunnel.The same configuration works fine on Ubuntu 24.04. So I think the problem is... yon Liu
04:00 AM pfSense Plus Bug #15851 (Rejected): openvpn DCO mode Failed to open tun/tap interface: That appears to be a settings issue. Post on the forum with the server and client settings for assistance. Also, if t... Jim Pingle
03:56 AM pfSense Plus Bug #15851 (Rejected): openvpn DCO mode Failed to open tun/tap interface: openvpn can't create interface when I use DCO mode. p2p tunnel,For privacy reasons, the IP has been changed
... yon Liu
04:05 AM Bug #15852 (New): Alias Nesting Only Shows IP and Network Alias Types On Initial Creation: Hopefully the title makes some sense, but I will give this as much context as I can.
Firstly, according to the do... Ethan Word

11/18/2024

11:47 PM Bug #15850: DHCP not always giving gateway: Would you be able to test this on 24.11-RC using Kea (enabled on the page System > Advanced > Networking)? Marcos M
11:40 PM Bug #15850: DHCP not always giving gateway: I have access to Netgate 4100 and 4200 routers, so I can try on those routers, but since it has been observed on thre... Audio Images IT
11:31 PM Bug #15850 (New): DHCP not always giving gateway: I've noticed that if when using VLANs on the LAN interface, a DHCP server is configured with the default gateway (i.e... Audio Images IT
11:06 PM pfSense Plus Bug #15849 (Duplicate): KEA is not appending the DNS Domain suffix as ISC did: I've set a domain for my router (home.me). The URL for my router is "sg-router.home.me", and my self-signed keys used... Dennis Adler
09:01 PM pfSense Docs New Content #15812 (Feedback): Recipe for OpenVPN Site-to-Site SSL/TLS with DCO: First draft: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/75479978e950cfc595d556612c44651455c2b086
https:... Jim Pingle
07:35 PM Revision f865f055: Exclude Tailscale group from specialnets. Implement #15848: Marcos M
07:10 PM Revision 65818681: Clarify the notice given when rules are skipped: Marcos M
06:57 PM Revision de17c931: Config access regression when editing system tunables. Fix NG#18003: Marcos M
06:28 PM Todo #15848 (Feedback): Exclude the WireGuard and Tailscale interface group system aliases from rules: Done with commit:d0605a76e751dbdb83e89856a9342a8813285d32 and commit:f865f0550d932b297a818bf601baf7b79907c3ad. Marcos M
06:25 PM Todo #15848 (Resolved): Exclude the WireGuard and Tailscale interface group system aliases from rules: The WireGuard and Tailscale interface groups are special. Unlike interface groups in the config which are made up of ... Marcos M
06:26 PM Revision d0605a76: Exclude WireGuard group from specialnets. Implement #15848: Marcos M
03:26 PM Bug #15847 (Confirmed): Kea DHCP lease utilization stats incorrect for delegated prefix pools: Leases from delegated prefix pools (i.e. track interfaces) are not counted for lease utilization stats. Christian McDonald
01:45 PM Bug #15831 (Feedback): Kernel Panic when IGMPProxy gets CIDR Removed: Jim Pingle
01:44 PM Bug #15831: Kernel Panic when IGMPProxy gets CIDR Removed: Fixes got merged to devel-main and plus-devel-main and will be part of the future releases.
However, they wont be ... Mateusz Guzik
02:48 AM Bug #15839 (Rejected): ``diag_packet_capture.php`` uses ``viewdetail`` and ``viewtype`` values in command execution without validation or encoding: Jim Pingle
02:13 AM Bug #15839: ``diag_packet_capture.php`` uses ``viewdetail`` and ``viewtype`` values in command execution without validation or encoding: In the future, I will report new security concerns through the link.
As you mentioned, arbitrary inputs are repl... James Kim

11/17/2024

12:20 PM Feature #15846: Ability to set OpenVPN client service start type to Manual so the service state survives a reboot: pfSense Community Version
2.7.2-RELEASE (amd64)
built on Wed Dec 6 20:10:00 GMT 2023
FreeBSD 14.0-CURRENT Jon Brown
11:57 AM Feature #15846 (New): Ability to set OpenVPN client service start type to Manual so the service state survives a reboot: h1. Background / My Setup
* My VPN provider allows me 10 connections.
* I have 10 OpenVPN clients setup to use my... Jon Brown
10:43 AM Bug #15598: Input validation for duplicate remote gateways does not work when using the duplicate P1 button: Tested on 24.03 and can not reproduce. Always I've got error.
"The following input errors were detected:
The remote... aleksei prokofiev
03:54 AM Bug #15767: Clicking the picture widget image downloads the image with an invalid filename instead of showing it inline: running 24.11.r.20241112.1813 clicking the picture results in downloading widget_image.png and shows the correct image Jordan G
02:45 AM Feature #15801: Gateway of a disabled interface cannot be configured in System > Routing: also happening with 24.11.r.20241112.1813 Jordan G
12:34 AM pfSense Packages Bug #15749: BGP advertising all routes and ignoring networks statements.: Jesus Christ…you didn’t read the redmine…
Ehhh…alright man.
I’ll follow up Glen Shok.
Incredible…. Mike Moore
12:31 AM pfSense Packages Bug #15749: BGP advertising all routes and ignoring networks statements.: ... Chris Linstruth

11/16/2024

10:31 PM Bug #15834 (Resolved): Package menus with the same name but different sections do not get removed: Installing and removing squid on... Christopher Cope
04:54 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: Justin w wrote in #note-10:
> Any estimate on when this will be available? We use the proxy on several units, and I ... Justin w
12:38 AM pfSense Packages Bug #15845 (Resolved): UPS Settings doesn't display the full list of availabale drivers: If I got to to the UPS Settings tab in the UI and select UPS Type "Local Serial", it doesn't display all the drivers ... Eric Wright

11/15/2024

08:32 PM pfSense Docs New Content #15812 (In Progress): Recipe for OpenVPN Site-to-Site SSL/TLS with DCO: I went through and tested a few scenarios and made some notes, and made sure it worked with static routing in OpenVPN... Jim Pingle
08:24 PM Bug #15844 (Resolved): Dashboard ``widgetkey`` values are not validated on save or load, can lead to configuration corruption or other problems: Many dashboard widgets allow multiple instances and use a "widgetkey" parameter to distinguish between these instance... Jim Pingle
05:06 PM Feature #15843 (New): Allow log disable for APIPA auto rule: Scenario:
Policy-based IPsec
Remote side sending APIPA pings
Blocks result in log spam
No way to suppress witho... Chris Linstruth
04:48 PM Bug #15842 (Resolved): Kea HA does not list TLS certificates: Fixed with commit:d5deb8b08000154b8e1ada3367b9c10fb58f2b72. Marcos M
04:31 PM Bug #15842 (Resolved): Kea HA does not list TLS certificates: Some server and client certificates may not have their type set explicitly in config.xml. These certificates do not g... Marcos M
04:46 PM pfSense Plus Bug #15841: System>Advanced>Miscellaneous: I wish there was a way to warn users for this particular situation as I could not find on Netgate docs or anywhere el... Jonathan Lee
04:24 PM pfSense Plus Bug #15841 (Rejected): System>Advanced>Miscellaneous: We have already considered that and decided it was best to leave it up to the user. There are use cases where both mi... Jim Pingle
04:18 PM pfSense Plus Bug #15841 (Rejected): System>Advanced>Miscellaneous: Hello Fellow Redmine Community Members,
I have recently learned with trail and error and help of Kristof Provost t... Jonathan Lee
04:32 PM Revision d5deb8b0: List Kea HA TLS certificates without a type. Fix #15842: Marcos M
02:41 PM Bug #15839 (Feedback): ``diag_packet_capture.php`` uses ``viewdetail`` and ``viewtype`` values in command execution without validation or encoding: In the future, please submit security concerns privately via the process documented at https://www.netgate.com/securi... Jim Pingle
02:28 AM Bug #15839: ``diag_packet_capture.php`` uses ``viewdetail`` and ``viewtype`` values in command execution without validation or encoding: Category is not Authentication, Packet Capture is proper. James Kim
02:25 AM Bug #15839 (Rejected): ``diag_packet_capture.php`` uses ``viewdetail`` and ``viewtype`` values in command execution without validation or encoding: I. Problem Description
A potential authenticated arbitrary command execution vulnerability was found in
diag_pack... James Kim
11:48 AM pfSense Packages Bug #15840 (New): zabbix-proxy does not handle certificate renewal.: So I updated a CA that was about to expire a month and a half ago (September 2024) on a pfsense host.
When a CA c... npr .

11/14/2024

10:34 PM Feature #15828 (Resolved): Kea DHCP lease database RAM disk support (IPv4 and IPv6): This works for both IPv4/6. Marcos M
08:32 PM Bug #15448: ``miniupnpd`` lacks IGDv2 support: Searching around, it looks like compatibility is still enough of a potential issue that this is not worth switching o... Marcos M
06:56 PM Bug #14687 (Closed): Error in boot messages about missing ``/boot/loader.conf.d`` directory: This can be reopened if there are additional reports or if it can be reproduced in recent versions. Marcos M
06:48 PM Bug #15830 (Resolved): ``process_alias_urltable()`` can fail to create an archive of a URL table alias when RAM disks are enabled: Confirmed resolved:
https://forum.netgate.com/post/1191393 Marcos M
06:21 PM Todo #15838 (Pull Request Review): Make enabling swap optional: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/495
https://gitlab.netgate.com/pfSense/pfSense/-/merge_r... Marcos M
05:27 PM Todo #15838 (Pull Request Review): Make enabling swap optional: The decision between storage device wear and system stability in OOM situations should be left to the user.
Disabl... Marcos M
04:47 PM Feature #14952 (Rejected): Firewall Alias Import: Not worth the technical debt at this point when this situation is best handled with URL aliases.
I will leave the ... Marcos M
02:56 PM Revision cba5b1ce: Fix config warning message trace: Marcos M
06:19 AM Bug #15831: Kernel Panic when IGMPProxy gets CIDR Removed: Marcos M wrote in #note-1:
> The following contains a potential fix:
>
> # Download the following file: https://n... André L.

11/13/2024

10:44 PM Bug #15831 (Confirmed): Kernel Panic when IGMPProxy gets CIDR Removed: The following contains a potential fix:
# Download the following file: https://nc.netgate.com/nextcloud/s/tW7HEEBT... Marcos M
06:48 PM Revision c4a5597e: Regression in setup wizard when setting checkbox values. Fix NG#17960: Followup to 5731f17e082d5c0924771a8689303fcfdbd3880f Marcos M
02:32 PM pfSense Packages Feature #15837 (Rejected): Clean up GUI elements related to SNMP AgentX: Jim Pingle
02:25 PM pfSense Packages Feature #15837 (Rejected): Clean up GUI elements related to SNMP AgentX: As a follow up to Feature #15835 request
I understand the reasoning to not remove the module completely BUT at the... Mike Moore

11/12/2024

11:13 PM pfSense Docs Todo #15836 (Resolved): Update MIM docs: LGTM. Marcos M
08:42 PM pfSense Docs Todo #15836 (Feedback): Update MIM docs: This should cover all that and then some:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/c318481b82316deef50d... Jim Pingle
05:04 PM pfSense Docs Todo #15836 (Resolved): Update MIM docs: https://docs.netgate.com/pfsense/en/latest/mim/design.html
* @The controller host must have a static IP address, the... Marcos M
05:40 PM Feature #15828 (Feedback): Kea DHCP lease database RAM disk support (IPv4 and IPv6): Applied in changeset commit:7dd538967633eaefc359fe1a5b228a73ea9a1a06. Christian McDonald
05:34 PM Revision 7dd53896: kea: backup and restore lease db when using ramdisks. Fixes #15828: Christian McDonald
03:55 PM Regression #15832 (Resolved): DDNS always resolves the public address using the default gateway: Looks good on current snapshots. Jim Pingle
01:56 PM pfSense Packages Feature #15835 (Rejected): Clean up GUI elements related to SNMP AgentX: The upstream FreeBSD PR is still open, as is the Redmine issue here. Looks like the FRR one should still be open but ... Jim Pingle
02:50 AM pfSense Packages Feature #15835 (Rejected): Clean up GUI elements related to SNMP AgentX: The purpose of this redmine is to start the process of cleaning up the GUI PHP elements in FRR
Under BGP / Modules... Mike Moore
01:42 PM Regression #15833 (Resolved): Default Check IP Service enable/disable status not reflected on Check IP Service List: Latest build is good. Enabling/disabling the default Check IP service shows the expected formatting and icon change now. Jim Pingle
02:53 AM pfSense Packages Bug #15749: BGP advertising all routes and ignoring networks statements.: I am not redistrbuting connected/local/kernel.
I would assume the route table would only contain directly connecte... Mike Moore

11/11/2024

08:22 PM Bug #15834 (Feedback): Package menus with the same name but different sections do not get removed: Fixed with commit:4392192ef139dcd8a4bf24b7ce63f20d045fae58. Marcos M
08:18 PM Bug #15834 (Resolved): Package menus with the same name but different sections do not get removed: Reported on forum:
https://forum.netgate.com/topic/190878/status-squid-proxy-server
If there are two package menu... Marcos M
08:18 PM Revision 4392192e: Allow removing package menus with different sections. Fix #15834: A package may have multiple menus with the same name but
different sections. Marcos M
07:19 PM Regression #15833 (Feedback): Default Check IP Service enable/disable status not reflected on Check IP Service List: Fixed with commit:61c70a6e2c1d5e61193540d978f97676b4de334d. Marcos M
07:15 PM Regression #15833 (In Progress): Default Check IP Service enable/disable status not reflected on Check IP Service List: Marcos M
06:07 PM Regression #15833 (Resolved): Default Check IP Service enable/disable status not reflected on Check IP Service List: The Check IP Service list at @services_checkip.php@ does not reflect the status of the default service in the configu... Jim Pingle
07:19 PM Regression #15832 (Feedback): DDNS always resolves the public address using the default gateway: Fixed with commit:60ec37078eb9ed203a004f58e1eb94a7db6913fb.
This seems to be a regression in curl. More details:
htt... Marcos M
05:26 PM Regression #15832 (Resolved): DDNS always resolves the public address using the default gateway: Reported on forum:
https://forum.netgate.com/topic/190842
To test:
* Create two DDNS entries, one set to WAN1 an... Marcos M
07:16 PM Revision 61c70a6e: Config access regression with default check IP service. Fix #15833: Marcos M
07:07 PM Revision 60ec3707: Work around regression when specifying the DDNS source address. Fix #15832: More details: https://github.com/curl/curl/issues/15553 Marcos M
05:11 PM Revision 5731f17e: Regression in setup wizard when setting checkbox values. Fix NG#17960: Marcos M
04:12 PM Bug #15481 (Resolved): File descriptor leak in ``bsnmpd``: Patch has been in for a while and there have been public builds since. No further reports and no reports of other reg... Jim Pingle
04:11 PM Bug #15413 (Resolved): Kernel panic in HA nodes when under high load: Patch has been in for a while and there have been public builds since. No further reports and no reports of other reg... Jim Pingle
04:09 PM pfSense Packages Bug #15726 (Resolved): Apcupsd dashboard widget warning/critical values are not digits or units as expected: Jim Pingle
04:08 PM Bug #15778 (Closed): Interface group members are not validated on load/save on ``interfaces_groups_edit.php``, and are printed without encoding on ``interfaces_groups.php``: Seems to be working properly on save and load in current builds.
Jim Pingle
03:24 PM Bug #15552 (Resolved): NTP option "DNS Resolution" has no effect when using NTP pool hostnames: Jim Pingle
03:22 PM Bug #15490 (Resolved): Sanitize RFC 2136 Dynamic DNS update keys in ``status.php`` output: Status output @config.xml@ has the key data redacted on current builds:... Jim Pingle
03:17 PM Feature #13520 (Closed): Improve Thermal Sensors Dashboard widget readability: The parts that were implemented appear to be OK, other parts can be moved to separate issues as needed if they are st... Jim Pingle
09:12 AM Bug #15831 (Resolved): Kernel Panic when IGMPProxy gets CIDR Removed: Hi there,
Today there was a kernel panic which can be reproduced by the following steps:
1. Setup IGMP Proxy with... André L.

11/09/2024

08:30 PM pfSense Packages Feature #10377: Allow usage of TOTP (Google-Authenticator) without PIN: I would like to add my vote for this feature.
I use Google Authenticator and Microsoft Authenticator for services ... Mario Giannini
07:49 PM pfSense Packages Bug #15749: BGP advertising all routes and ignoring networks statements.: are the following enabled on 65520 peer?
redistribute connected
redistribute static
redistribute kernel
... Alhusein Zawi
07:15 PM Feature #15801: Gateway of a disabled interface cannot be configured in System > Routing: can confirm this behavior when using the steps outlined on 24.03 and 24.11.b.20241031.0600 Jordan G
07:04 PM pfSense Packages Bug #15726: Apcupsd dashboard widget warning/critical values are not digits or units as expected: testing on 24.11.b.20241109.1400 amd64 apcupsd package version 0.3.92_6
clearing the values for display thresholds... Jordan G
06:54 PM Feature #15437 (Resolved): Use natural sorting when sorting interfaces: Looks good on... Christopher Cope
06:53 PM pfSense Packages Bug #15496: Traffic Totals: empty Data Summary: Status Traffic Totals package is working on my setup(s) when testing with 24.03 and 24.11.b.20241109.1400 on package ... Jordan G
06:45 PM Bug #15711 (Resolved): Special characters in the ACB configuration change description can cause PHP errors: Tested on... Christopher Cope
03:18 PM Bug #15825: KEA server ignores DHCPREQUEST containing an invalid FQDN: One last note on this DHCP server migration.
The packet capture in the 2.7.2 distribution correctly shows options ... Serge Caron
09:13 AM pfSense Packages Bug #15716 (Confirmed): FRR BFD echo mode is not working: I can confirm this behavior, tested on 24.03 and 24.11Beta FRR 2.0.2_6 and 2.0.2_5
Peer1... Lev Prokofev
09:04 AM Bug #15752: Montly kernel panic: Thank you! We applied the workaround and wait for the update. In case you don't hear from us anymore, it worked :) Sebastian Wagner
08:30 AM pfSense Packages Feature #15829 (Confirmed): wrong BGP community list name can silently stop FRR from running: I can confirm this behavior tested on... Lev Prokofev
12:20 AM Bug #15830 (Feedback): ``process_alias_urltable()`` can fail to create an archive of a URL table alias when RAM disks are enabled: Applied in changeset commit:11bafcfbb53885bbb4f8cd2300c28ab89cb81af2. Reid Linnemann
12:03 AM Bug #15830 (Resolved): ``process_alias_urltable()`` can fail to create an archive of a URL table alias when RAM disks are enabled: When processing an alias url table, if memory disks are being used the function will attempt to write a gzipped archi... Reid Linnemann
12:11 AM Revision 11bafcfb: process_alias_urltable(): create RAM_Disk_Store if needed. Fixes #15830: Several rcscripts using /cf/conf/RAM_Disk_Store will test and create this
directory if needed, however the process_al... Reid Linnemann

11/08/2024

07:00 PM Todo #15779: Update Dynamic DNS API URL for porkbun.com: Patch for testing on 24.03, path strip count = 2... Adrien Carlyle
06:58 PM pfSense Packages Bug #15821: pfSense-pkg-acme needs to be updated to use api.porkbun.com instead of porkbun.com: Patch for testing with 24.03, path strip count = 4, ... Adrien Carlyle
06:47 PM Bug #15825: KEA server ignores DHCPREQUEST containing an invalid FQDN: Looking at the 2.8.0 roadmap, I still have a chance to see a resolution in the next six months ;-)
Kind regards,
Serge Caron
06:41 PM Bug #15825: KEA server ignores DHCPREQUEST containing an invalid FQDN: ah good catch Christian McDonald
06:40 PM Bug #15825: KEA server ignores DHCPREQUEST containing an invalid FQDN: The @lenient-option-parsing@ option won't help on CE 2.7.2 since it's on Kea 2.4.0, you'd need to be on the Plus 24.1... Jim Pingle
06:31 PM Bug #15825: KEA server ignores DHCPREQUEST containing an invalid FQDN: Still no joy ;-(
See parse error in screen capture "Unexpected_token.jpg".
jq installation is picture perfect. ... Serge Caron
04:06 PM Bug #15825: KEA server ignores DHCPREQUEST containing an invalid FQDN: doh, you're absolutely correct. textproc/jq is not pre-installed on 2.7.2
@pkg install -y jq@ and try again :) Christian McDonald
06:28 PM Bug #15772 (Resolved): Captive Portal zones can fail to start due to ID conflict: reproduced on 24.08 Oct 10
fixed in the latest BETA
tested on:
24.11-BETA (amd64)
built on Fri Nov 8 7:00:00 CET ... Georgiy Tyutyunnik
05:08 PM Bug #15752 (Duplicate): Montly kernel panic: This is a known issue in both CE and 24.03, I've reclassified this as a duplicate and linked the parent task. The par... Reid Linnemann
03:45 PM pfSense Packages Bug #15824 (Resolved): Build options on haproxy29 package do not match previous versions: Current builds have the correct options now:... Jim Pingle
11:31 AM pfSense Plus Bug #15396 (Resolved): BE upgrade process deferred pkg install can cause significant delays: Georgiy Tyutyunnik
11:18 AM pfSense Packages Feature #15829 (Confirmed): wrong BGP community list name can silently stop FRR from running: FRR supports numbered BGP communitiy lists from 1 to 500, 1-99 as Standard and 100-500 for Expanded.
If you create a... Georgiy Tyutyunnik

11/07/2024

08:37 PM Bug #15825: KEA server ignores DHCPREQUEST containing an invalid FQDN: Hello Christian,
I have a second installation with the same Cummins generator. I reassigned the VLAN so that the l... Serge Caron
04:25 PM Bug #15825: KEA server ignores DHCPREQUEST containing an invalid FQDN: Serge Caron wrote in #note-3:
> Christian, the PCAP was provided to show the complete exchange, regardless of the DHC... Christian McDonald
04:08 PM Bug #15825: KEA server ignores DHCPREQUEST containing an invalid FQDN: Christian, the PCAP was provided to show the complete exchange, regardless of the DHCP server.
Look at the FQDN op... Serge Caron
04:03 PM Bug #15825: KEA server ignores DHCPREQUEST containing an invalid FQDN: Looks like @lenient-option-parsing@ might help this, could make that a global option maybe.
https://kea.readthedoc... Jim Pingle
03:59 PM Bug #15825: KEA server ignores DHCPREQUEST containing an invalid FQDN: The PCAP shows the complete DORA exchange, with a lease being offered to the client. It is possible that the client i... Christian McDonald
03:22 PM Bug #15825 (New): KEA server ignores DHCPREQUEST containing an invalid FQDN: The soon to be deprecated ISC DHCP server issues a warning regarding malformed FQDN names in the DHCP request:
Nov... Serge Caron
06:16 PM pfSense Docs Correction #15826 (Closed): Move 5100 to EOL appliance section: Moved on the platform docs for pfSense and TNSR, plus removed it from the shortcuts on the main docs landing page. Jim Pingle
04:05 PM pfSense Docs Correction #15826 (Closed): Move 5100 to EOL appliance section: Issue can be found here: https://docs.netgate.com/pfsense/en/latest/solutions/sg-5100/index.html Alex Zelinsky
05:17 PM Feature #15828 (Resolved): Kea DHCP lease database RAM disk support (IPv4 and IPv6): When Kea is enabled on a system that is also using a RAMdisk for /var the lease db is lost at reboot.
This causes ... Steve Wheeler
05:06 PM Feature #15827 (New): enable by default MSS for all IPsec VTI: According to netgate documenation, if using IPsec VTIs, you have to set the MSS value for each interface
https://d... Mike Moore
02:13 PM Revision bb0464b2: Introduce helper function for domain:port host address validation: Also update related validation functions to force numeric ports. Marcos M
02:10 PM Revision 34a07ce9: Support numeric-only port validation in is_port(): Marcos M
12:54 PM Revision 988a7694: Fix get_specialnet_interface() calls without the AF: Marcos M
12:58 AM Revision 7dcc8cea: Support additional specialnet types: Marcos M
12:58 AM Revision cfb660c5: Introduce helper functions for IP:Port validation: Marcos M

11/06/2024

07:24 PM Revision 1d9aa241: utils: use sig 0 to test for valid processes: Christian McDonald
07:23 PM Revision 93f8c02b: kea: remove socket lock file before service startup. #14977: Christian McDonald
07:21 PM Regression #15823 (Duplicate): Kea service is down and cannot be enabled after down event: Christian McDonald
01:41 PM Regression #15823: Kea service is down and cannot be enabled after down event: The file exists.
[24.11-BETA][root@pfSense.home.arpa]/root: ls -lah /var/run/kea4-ctrl-socket.lock
-rw------- 1 ro... Marcelo Cury
01:37 PM Regression #15823: Kea service is down and cannot be enabled after down event: The error here is the same as #14977 but that build should have the fix in it, unless something else is happening in ... Jim Pingle
12:29 PM Regression #15823 (Duplicate): Kea service is down and cannot be enabled after down event: Found KEA DHCP server down today, checked logs and noticed a down event.
Tried to enabled it again, and the same log... Marcelo Cury
05:50 PM Revision 316355fe: Fetch the latest config before processing the user config.: Followup to 211adbf491c0c5083159a48e515a9f608b37f435. Marcos M
04:58 PM Bug #15820 (Not a Bug): nologdefaultpass is not translated to logdefaultpass: In addition to the proposed change, this would require bumping the config version and adding upgrade code to handle p... Marcos M
12:35 AM Bug #15820: nologdefaultpass is not translated to logdefaultpass: PR: https://github.com/pfsense/pfsense/pull/4715 Anton Liashkevich
12:33 AM Bug #15820 (Not a Bug): nologdefaultpass is not translated to logdefaultpass: The parameter @nologdefaultpass@ is not being inverted to @logdefaultpass@ as expected, unlike @nologdefaultblock@ , ... Anton Liashkevich
04:41 PM Revision 211adbf4: Fix the unexpected config reset when the password is changed in the CLI.: Update the config cache before rewrite it to catch up with any changes made
in the GUI.
Ticket: #17926 Luiz Souza
04:21 PM Revision 05a43510: Fix short open tag: Jim Pingle
03:35 PM pfSense Packages Bug #15824 (Feedback): Build options on haproxy29 package do not match previous versions: Fixed with commit:bdaf00197af7211cbe9e1d79698ed7c79bccb8fc. Marcos M
03:30 PM pfSense Packages Bug #15824 (In Progress): Build options on haproxy29 package do not match previous versions: Marcos M
02:03 PM pfSense Packages Bug #15824 (Resolved): Build options on haproxy29 package do not match previous versions: The current haproxy package is using @haproxy29@ (@net/haproxy29@) instead of @net/haproxy@ but the options didn't ge... Jim Pingle
03:33 PM Revision bdaf0019: net/haproxy29: apply same build options. Fix #15824: Marcos M
03:13 PM Bug #15819 (Resolved): PHP error when creating intermediate certificates: Fixed with commit:92eea7fbef08749b36db2e8dd1d16bf26097d9d7. Marcos M
03:09 PM Bug #15819 (In Progress): PHP error when creating intermediate certificates: Marcos M
03:08 PM Revision 92eea7fb: Config access regression when saving intermediate CA. Fix #15819: Marcos M
01:49 PM Feature #15822 (Needs Patch): Please could the option to use "scramble obfuscate" be added into the OpenVPN module?: The @scramble@ options are not in OpenVPN officially, they are in custom third-party repos/builds like Tunnelblick.
... Jim Pingle
11:24 AM Feature #15822: Please could the option to use "scramble obfuscate" be added into the OpenVPN module?: When I add the line "scramble obfuscate "********""
I get the following error message "Options error: Unrecognized... Tom Cotton
11:17 AM Feature #15822 (Needs Patch): Please could the option to use "scramble obfuscate" be added into the OpenVPN module?: Please could the option to use "scramble obfuscate" be added into the OpenVPN module?
I can see that it's supporte... Tom Cotton
12:50 PM Bug #15746: IPv6 is not deprecated on PPPoE Periodic Reset: I have the same issue and could test any potential fix in my environment.
Issue in general: Invalid auto-configured ... Uwe Verwey
08:20 AM pfSense Packages Bug #15821 (Closed): pfSense-pkg-acme needs to be updated to use api.porkbun.com instead of porkbun.com: Porkbun recently made the decision to move their DNS API from porkbun.com to api.porkbun.com and the deadline for thi... Nita Vesa

11/05/2024

09:13 PM Bug #15819 (Resolved): PHP error when creating intermediate certificates: When creating an intermediate cert in 24.11-beta:... Steve Wheeler
07:10 PM Feature #15818: Certificate Authorities created in the GUI do not have the Basic Constraints extension marked critical: https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.9 Steve Wheeler
07:10 PM Feature #15818 (Resolved): Certificate Authorities created in the GUI do not have the Basic Constraints extension marked critical: CA certs created and exported from pfSense can fail verification because the Basic Constraints extension is not marke... Steve Wheeler
06:38 PM Revision a3106182: Fix config warning when saving a new outbound NAT rule: Marcos M
06:35 PM Revision 73a4ffcf: Only show the previous caller in config warning logs: Marcos M
05:16 PM Revision 2c20b114: Fix spacing in config warning logs: Marcos M
02:42 PM Revision 9ff21513: interface widget: Prevent name and icon from wrapping: Christian McDonald
02:31 PM pfSense Docs Correction #15817 (Closed): AWS password restrictions: Added: https://gitlab.netgate.com/docs/pfsense-platforms/-/commit/10ea22406d60d59fe8ac5430397bb0b6db51cf6d Jim Pingle
12:19 PM pfSense Plus Bug #15396: BE upgrade process deferred pkg install can cause significant delays: fixed in the new versions, reproduced on 23.09.1 -> 24.03,
can't reproduce on 24.03 -> 24.11 BETA
24.11-BETA (amd64... Georgiy Tyutyunnik

11/04/2024

11:06 PM pfSense Docs Correction #15817 (Closed): AWS password restrictions: When configuring an admin password in AWS before deployment the password cannot contain the characters : or =
Thos... Steve Wheeler
07:57 PM pfSense Docs Todo #15816 (Rejected): Feedback on pfSense® software Configuration Recipes — L2TP/IPsec Remote Access VPN Configuration Example: Those settings would break it worse than it already is by prohibiting L2TP from using IPsec, so it wouldn't be encryp... Jim Pingle
07:51 PM pfSense Docs Todo #15816 (Rejected): Feedback on pfSense® software Configuration Recipes — L2TP/IPsec Remote Access VPN Configuration Example: *Page:* https://docs.netgate.com/pfsense/en/latest/recipes/l2tp-ipsec.html
*Feedback:*
create L2TP for Windows ... Artist Gusev
05:44 PM pfSense Packages Bug #15726: Apcupsd dashboard widget warning/critical values are not digits or units as expected: Fixed with https://github.com/pfsense/FreeBSD-ports/commit/72eae841d1731a9be084608d8b83d7d5927ea456 Marcos M
05:19 PM Regression #15810 (Resolved): ntpd can fail to start when unbindable addresses exist: Patch works.
For reference:
https://bugs.ntp.org/show_bug.cgi?id=3928 Marcos M
04:51 PM Regression #15810: ntpd can fail to start when unbindable addresses exist: Patch is in our trees Christian McDonald
04:51 PM Regression #15810 (Feedback): ntpd can fail to start when unbindable addresses exist: Christian McDonald
03:43 PM Regression #15815 (Resolved): PHP error when no WOL entries are defined: Fixed with commit:c495a353b364eaf5ee8da18d846ecd80cae170ea. Marcos M
03:36 PM Regression #15815 (Resolved): PHP error when no WOL entries are defined: ... Marcos M
03:38 PM Revision c495a353: Config access regression. Fix #15815: Marcos M
01:45 PM pfSense Docs New Content #15812: Recipe for OpenVPN Site-to-Site SSL/TLS with DCO: The existing recipes are OK, what's missing is a new/separate example dedicated to DCO.
Jim Pingle
01:27 PM Bug #15679: Multicast with intel NIC: Emre K wrote in #note-4:
> Why is this "closed" with "needs patch"? Or it is me who is weird and don't understand th... Jim Pingle
12:50 PM Feature #6626: Support for IPv6 firewall entries with dynamic delegated prefix and static host address: Jan-Jonas Sämann wrote in #note-44:
> In addition to the previous commit, which introduced the basic ability to auto... Bastian Mäuser

11/03/2024

06:39 PM pfSense Docs Todo #15811 (Closed): Feedback on Troubleshooting — Troubleshooting Boot Issues: The installer supports PPPoE. If you believe you've found a bug with DHCP, detailed steps to reproduce it would be he... Marcos M
04:23 PM pfSense Docs Todo #15811: Feedback on Troubleshooting — Troubleshooting Boot Issues: Btw, I was on it about six hours.
And the reaseon for starting this whole thing was another error, the first of fo... Sascha Borer
04:16 PM pfSense Docs Todo #15811: Feedback on Troubleshooting — Troubleshooting Boot Issues: I was tired, Netgate! Sascha Borer
12:46 PM Bug #15752: Montly kernel panic: We were able to perform a first test now:... Sebastian Wagner
11:28 AM Feature #15813: Include alternative TCP stack: Ok, the release after that would still help a lot. Andreas Dekiert
02:13 AM pfSense Packages Bug #15749: BGP advertising all routes and ignoring networks statements.: Here is a set up that i have.
Device: SG-1100
Software: 24.03-RELEASE
Networks local to SG-1100: 192.168.70.0/24, 172... Mike Moore
12:39 AM pfSense Packages Bug #15726: Apcupsd dashboard widget warning/critical values are not digits or units as expected: running 24.11.b.20241031.0600 build on amd64
System with no backup device connected, apcupsd widget's options are ... Jordan G

11/02/2024

10:40 PM Feature #14067 (In Progress): Per-instance options to control Dynamic DNS client Check IP Service behavior: Marcos M
10:36 PM Bug #14605 (Pull Request Review): Dynamic DNS uses the default gateway interface instead of the specified interface: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1172 Marcos M
10:31 PM Feature #11177 (Pull Request Review): Improve Dynamic DNS client IPv6 support: There is essentially no support for IPv6 requests in the current DDNS service implementation, hence it won't work for... Marcos M
10:17 PM Feature #14610 (Closed): Add source address option to Check IP Services: Closing this since it's best to leave the source selection to DDNS where it's already implemented. Doing it for the C... Marcos M
10:13 PM Feature #13901 (Closed): Update default DDNS check IP service to support IPv6: Closing this since it's easy enough to add others and DDNS doesn't correctly use IPv6 from Check IP services anyway. Marcos M
08:07 PM pfSense Packages Bug #15749: BGP advertising all routes and ignoring networks statements.: only listed networks (in Network Distribution) were advertised in my lab.
Please provide more details about yo... Alhusein Zawi
01:58 PM Feature #15813: Include alternative TCP stack: It's too late for 24.11, though we can look into it after this release. Marcos M
08:01 AM Feature #15813 (Duplicate): Include alternative TCP stack: After extensive research I found out why a Netgate XG1537 is unable to saturate a fiber WAN link. It turns out this i... Andreas Dekiert
01:52 PM pfSense Plus Bug #15006 (Closed): Upgrade Issue to 23.09 Results in Stuck Prompt Mid-upgrade: I'm closing this since it seems this has not been an issue for 24.03. It can be reopened if needed. Marcos M
09:11 AM Bug #15814: Firewall State Policy of Interface Bound States doesn't work with WAN-Type WireGuard-Interface: Edit: SNAT is disabled between the two Peers in this S2S-VPN. Bob Dig
09:05 AM Bug #15814 (New): Firewall State Policy of Interface Bound States doesn't work with WAN-Type WireGuard-Interface: A port-forward coming in to a WAN-Type WireGuard-Interface from one fully patched pfSense CE 2.7.2 to another isn't w... Bob Dig
05:01 AM pfSense Docs Todo #15811: Feedback on Troubleshooting — Troubleshooting Boot Issues: Netgear??
Mike Moore
04:21 AM Bug #15679: Multicast with intel NIC: Why is this "closed" with "needs patch"? Or it is me who is weird and don't understand the workflow. Emre K

11/01/2024

10:10 PM Revision 282d4a80: pfSense-Installer: Fix the issue when only the WAN settings are present.: During the configuration import, if only the WAN settings are present, remove
the LAN settings from the configuration... Luiz Souza
09:53 PM pfSense Docs New Content #15812 (Resolved): Recipe for OpenVPN Site-to-Site SSL/TLS with DCO: Currently, we have two S2S OpenVPN examples in our docs:
We have this one, which is a Site-to-Multi-site example:
... Kris Phillips
07:30 PM pfSense Docs Todo #15811 (Closed): Feedback on Troubleshooting — Troubleshooting Boot Issues: *Page:* https://docs.netgate.com/pfsense/en/latest/troubleshooting/boot-issues.html
*Feedback:*
That's a big "N... Sascha Borer
07:25 PM Regression #15810 (Resolved): ntpd can fail to start when unbindable addresses exist: When IP addresses exist on the system that ntpd cannot bind to it can fail to start and core dump.
For example an ... Steve Wheeler
05:22 PM Bug #15809 (New): UFS upgrades do not create new log files: Upgrading UFS systems to versions that require additional log files does not create them until a second reboot has ha... Steve Wheeler
12:34 PM pfSense Packages Bug #15733 (Resolved): Changing the account key name does not update respective certificates: reproduced on:
2.7.2-RELEASE (amd64)
built on Mon Mar 4 19:53:00 UTC 2024
FreeBSD 14.0-CURRENT
tested on, fixed... Georgiy Tyutyunnik
09:31 AM Feature #15808 (Resolved): PREF64 support in Router Advertisements: Please implement RFC8781 Discovering PREF64 in Router Advertisements (IPv6-Mostly Networks) to support IPv6-Mostly Ne... Bart Schapendonk
09:28 AM Feature #15807 (New): RFC8925 IPv6-Only Preferred Option for DHCPv4 (IPv6-Mostly Networks): Please implement RFC8925 IPv6-Only Preferred Option for DHCPv4 to support IPv6-Mostly Networks
- This is just the ... Bart Schapendonk
08:47 AM Bug #15685 (Resolved): Mobile IPsec does not automatically switch to failover gateway: Tested against the latest dev release.
The issue is fixed.
I am closing this ticket as resolved. Danilo Zrenjanin
12:47 AM Revision d376ac6a: Gateways with monitoring disabled may use incorrect address family: When return_gateways_status() processes gateways that have monitoring
disabled, the source IP used is always IPv4 reg... Marcos M
12:47 AM Revision 055fc19e: Gateways with monitoring disabled may be treated as down: When return_gateways_status() is called with $byname=false, gateways
that have monitoring disabled will be returned a... Marcos M

10/31/2024

09:09 PM pfSense Packages Todo #15806 (Duplicate): Add WAN export interface for wiregaurd: Can I choose the network interface like openvpn so that I can choose the WAN exit? yon Liu
08:45 PM pfSense Plus Bug #15740: NAT uses unknown IP address: The dignostic files have been uploaded on the link provided. David G
08:44 PM pfSense Plus Bug #15740: NAT uses unknown IP address: I provided all the information Dylan requested. Why did you change the status to Incomplete? David G
05:33 PM pfSense Plus Bug #15196 (Not a Bug): AWS ena interfaces can become unstable/stop responding: This is not a bug and presents regardless of OS. It's part of the behavior of T3 instance sizes. If an instance excee... Jim Pingle
04:31 PM Feature #15805: DHCP IPv4 and IPv6 KeaMA migration assistant and KeaMA Lease Migration tool: With migration to Kea DHCP eventually coming to being eminent and open-source versions of Kea missing various hooks/f... Jonathan Smolka
04:24 PM Feature #15805 (New): DHCP IPv4 and IPv6 KeaMA migration assistant and KeaMA Lease Migration tool: With migration to Kea DHCP eventually coming to being eminent and open-source versions of Kea missing various hooks/f... Jonathan Smolka
04:22 PM Bug #15795 (Resolved): Removing a route from the High Availability primary node does not remove the entry from the routing table on the secondary node: The issue was resolved by applying the second patch subsequent to the first one.
I am closing this ticket as resol... Danilo Zrenjanin
04:19 PM Bug #15795: Removing a route from the High Availability primary node does not remove the entry from the routing table on the secondary node: Fixed with commit:05f941f3901ac32cd2bc06c7fb63954be2c44c4b. Marcos M
02:13 PM Bug #15795: Removing a route from the High Availability primary node does not remove the entry from the routing table on the secondary node: I applied the patch to the HA pair operating on the latest development release. However, the issue remains unresolved... Danilo Zrenjanin
04:19 PM pfSense Packages Bug #15804: pfBlockerNG devel ASN list can hang GUI: It's probably a duplicate of https://redmine.pfsense.org/issues/12822 Danilo Zrenjanin
03:24 PM pfSense Packages Bug #15804 (New): pfBlockerNG devel ASN list can hang GUI: in some cases while working with ASN format IP lists in pfBlockerNG devel 3.2.1_19 GUI can hang on the preview list o... Georgiy Tyutyunnik
03:17 PM pfSense Packages Bug #15649 (Resolved): pfBlockerNG can't operate ASN-based Aliases: tested on
24.11-BETA (amd64)
built on Thu Oct 31 7:00:00 CET 2024
FreeBSD 15.0-CURRENT
pfblockerng devel 3.2.1_19 Georgiy Tyutyunnik
03:16 PM pfSense Packages Bug #15649: pfBlockerNG can't operate ASN-based Aliases: ASN-format lists now populate correctly with help of ipinfo token
Georgiy Tyutyunnik
03:00 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: Hello,
We also would like to know the estimate, this would be really helpful. J R
02:56 PM Revision 05f941f3: Apply removed route changes with all routes removed.: Followup to e2eb3e16e9ef63a375718dcc06b54a9765266244 Marcos M
12:51 PM pfSense Plus Bug #15472: potential bug with the ath driver: Does this still happen with the newer drivers in 24.03? That crash is in 23.05.1. Steve Wheeler
01:19 AM pfSense Plus Bug #15472: potential bug with the ath driver: I actually could not resolve this issue even with a new 2nd Compex card installed, the same thing occurred it would g... Jonathan Lee
01:06 AM Feature #8794: NTP authentication support: @Marcos Thank you!!! Jonathan Lee
12:51 AM Feature #8794 (Resolved): NTP authentication support: Marcos M
01:01 AM pfSense Packages Bug #14390: Squid: SECURITY ALERT: Host header forgery detected: Hello, fellow Redmine community members, the Squid-users email system has stated most/almost all of the security vuln... Jonathan Lee
12:50 AM Feature #12522 (Resolved): More GUI options for OpenVPN Client-Specific Overrides: Marcos M
12:49 AM Bug #12938 (Needs Patch): Incorrect warning from ``radvd`` about ``AdvRDNSSLifetime`` value: Marcos M
12:46 AM Bug #15700 (Resolved): Package navigation menus can be duplicated when reinstalling the package: Marcos M
12:46 AM pfSense Packages Feature #15528 (Resolved): Add fix for #15430 to pfSense+ 24.03: Marcos M
12:44 AM Feature #10000 (Resolved): Enable ``@`` support for Azure in Dynamic DNS: Marcos M
12:44 AM Feature #14289 (Resolved): Enable ``@`` support for name.com in Dynamic DNS: Marcos M
12:43 AM Bug #14708 (Resolved): PHP error when the system fails to create an interface: Marcos M
12:41 AM pfSense Packages Bug #14861 (Resolved): PHP error when pings are enabled but no ping hosts are defined: Marcos M
12:36 AM pfSense Plus Bug #15638 (Resolved): BE verification fails after logging in before the boot process finishes: Marcos M
12:33 AM Bug #15684 (Resolved): Panic in ``tcp_m_copym`` with selective ACK enabled: Marcos M
12:30 AM Bug #15685 (Feedback): Mobile IPsec does not automatically switch to failover gateway: Applied in changeset commit:c1edb3ff97b20224858795ce3ef872a1cc9d4f53. Marcos M
12:21 AM Revision c1edb3ff: Reload mobile IPsec on gateway failover. Fix #15685: Marcos M

10/30/2024

11:47 PM pfSense Packages Feature #15674 (Resolved): Support custom IP and Port variables for interfaces: Marcos M
11:46 PM Bug #15704 (Resolved): Automatic EDNS value may be lower than expected: Marcos M
11:45 PM Bug #15708: The filterdns service won't start: This limitation is documented here:
https://docs.netgate.com/pfsense/en/latest/troubleshooting/filterdns-thread-erro... Marcos M
11:39 PM Bug #15711 (Feedback): Special characters in the ACB configuration change description can cause PHP errors: Marcos M
11:35 PM Revision f0c5b768: Fix parsing for ACB change reason. Fix #15711: Fix it by delimiting on the last occurrence of the delimiter. Marcos M
10:00 PM Todo #15728 (Resolved): Improve Thermal Sensors Dashboard widget refresh code: Marcos M
09:59 PM Bug #15738 (Rejected): xml parsing: whitespace causes errors.: There are long-term plans that can help with the root issue here, but manual modification of the configuration file i... Marcos M
09:51 PM pfSense Plus Bug #15740 (Incomplete): NAT uses unknown IP address: Marcos M
09:23 PM pfSense Packages Bug #15760 (Resolved): Typo in Snort Important Preproc Information: Fixed with d837e531ca20823dcc96b5c7b67769bda8d73633. Marcos M
08:51 PM Bug #15770 (Incomplete): Limiter Limits Whole Gateway instead of Single IP: Marcos M
08:50 PM Bug #15772: Captive Portal zones can fail to start due to ID conflict: Applied in changeset commit:d23f3e6ce5b59b14a47c4159b3b1a71f9a9f9535. Marcos M
08:49 PM Bug #15772 (Feedback): Captive Portal zones can fail to start due to ID conflict: Should be fixed with commit:d23f3e6ce5b59b14a47c4159b3b1a71f9a9f9535. Marcos M
08:42 PM Revision d23f3e6c: Always use the highest existing zone ID when creating a new one. Fix #15772: Marcos M
07:59 PM pfSense Packages Bug #15773 (Incomplete): Lightsquid stoped gererating reports after upgrade do pfSense 2.7.2: Marcos M
07:54 PM Bug #15802 (Resolved): Dynamic DNS attempts to resolve entries with disabled interfaces: This is working on 24.11.
The commit ID can be used to apply it - see:
https://docs.netgate.com/pfsense/en/latest... Marcos M
05:18 PM Bug #15795 (Feedback): Removing a route from the High Availability primary node does not remove the entry from the routing table on the secondary node: Fixed with commit:e2eb3e16e9ef63a375718dcc06b54a9765266244. Marcos M
05:13 PM Bug #15795 (In Progress): Removing a route from the High Availability primary node does not remove the entry from the routing table on the secondary node: Marcos M
05:12 PM Revision e2eb3e16: Apply removed route changes to secondary HA node. Fix #15795: Marcos M
05:09 PM Revision 23db45f6: Specify the interface when applying static route changes during OpenVPN reloads: Marcos M
08:57 AM pfSense Packages Feature #8547: fwknop Port Knocking Package: Upvote as well Alex Kolesnik

10/29/2024

09:49 PM Feature #2358: NAT64 support: An 11 year old feature request........outstanding. Mike Moore
09:38 PM Feature #2358: NAT64 support: Upvote / Bump Can we get a status on this? Scott Howard
08:26 PM Bug #15802: Dynamic DNS attempts to resolve entries with disabled interfaces: Thanks Marcos!
Is this available as a system patch to test on 24.03 or do I need to wait for 24.11 to be released? Andrew Almond
07:49 PM Bug #14977 (Feedback): Kea fails to restart due to race between process termination and startup: I think(tm) we have a fix for this. Christian McDonald
07:30 PM Revision 04225f6f: dhcp: give dhcp daemons a chance to shutdown before restarting: Christian McDonald
07:03 PM Revision 31316310: Revert "pfSense-rc: Relocate the removal of /var/run/booting to the very end": This reverts commit 21063272df73ef90bb060449a7baca83b2a8f5ed. Christian McDonald
05:57 PM Revision 5f98a46f: Replace lingering /var/run/booting checks with `is_platform_booting`: Christian McDonald
11:45 AM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: Hello,
Could you please let us know the estimate ?
Thank you
Aytek A.

10/28/2024

08:55 PM Bug #15802 (Feedback): Dynamic DNS attempts to resolve entries with disabled interfaces: The GUI issue can be left to:
https://redmine.pfsense.org/issues/15803
I've pushed commit:e6597954c11c9481a806cc89d8... Marcos M
07:48 PM Bug #15802: Dynamic DNS attempts to resolve entries with disabled interfaces: Opened this as a separate redmine as suggested by Marcos M. https://redmine.pfsense.org/issues/15800#note-1 Andrew Almond
07:47 PM Bug #15802 (Resolved): Dynamic DNS attempts to resolve entries with disabled interfaces: When Dynamic DNS has an entry that refers to a disabled interface, Dynamic DNS still tries to look up the IP address ... Andrew Almond
08:53 PM Revision e6597954: Skip DDNS on disabled interfaces. Fix #15802: Marcos M
08:32 PM pfSense Packages Bug #15726 (Feedback): Apcupsd dashboard widget warning/critical values are not digits or units as expected: Fixed with https://github.com/pfsense/FreeBSD-ports/commit/0d1ede3a2837252bbe753b05df3efef209b5524c Marcos M
08:13 PM pfSense Packages Bug #15726 (In Progress): Apcupsd dashboard widget warning/critical values are not digits or units as expected: Marcos M
08:30 PM pfSense Packages Bug #15733 (Feedback): Changing the account key name does not update respective certificates: Fixed with https://github.com/pfsense/FreeBSD-ports/commit/465a958caba162c61d6f315b1c354955668a44b9 Marcos M
07:50 PM pfSense Packages Bug #15733 (In Progress): Changing the account key name does not update respective certificates: Marcos M
08:29 PM pfSense Plus Bug #15396: BE upgrade process deferred pkg install can cause significant delays: Snort and Suricata have been updated to work around this issue:
* https://github.com/pfsense/FreeBSD-ports/commit/57... Marcos M
07:57 PM Feature #15803 (New): Inconsistent handling of disabled interfaces and gateways in the GUI: In several areas of the GUI, disabled interfaces are hidden/not selectable (such as DynamicDNS and Gateway Groups). H... Andrew Almond
07:40 PM Feature #15801 (New): Gateway of a disabled interface cannot be configured in System > Routing: Scenario: An interface and gateway are configured, and the gateway is added to a gateway group. The interface is then... Andrew Almond
06:59 PM Bug #15800 (Not a Bug): Gateway of a disabled interface cannot be configured in System > Routing or Dynamic DNS: > The system log will contain messages similar to:
Those are informational and expected.
> Attempting to disable wit... Marcos M
05:36 PM Bug #15800 (Not a Bug): Gateway of a disabled interface cannot be configured in System > Routing or Dynamic DNS: Scenario: An interface and gateway are configured, and the gateway is added to a gateway group. The interface is then... Andrew Almond
01:19 PM pfSense Docs Todo #15797 (Closed): Feedback on pfSense® software Configuration Recipes — Configuring DNS over TLS: The SAN list on their certificate will match any of the following hostnames:... Jim Pingle
01:08 PM Bug #15552: NTP option "DNS Resolution" has no effect when using NTP pool hostnames: Jordan G wrote in #note-5:
> the info/tip below NTP's DNS resolution option currently states it has no affect on poo... Jim Pingle
01:07 PM Revision 5ae3f264: Fix NTP pool DNS note. Fixes 15552: Jim Pingle
11:08 AM Todo #15799: Remove unnecessary functions.inc.php and functions.php imports in widget files: Connected to https://redmine.pfsense.org/issues/7385 GChuf 6
11:05 AM Todo #15799 (Rejected): Remove unnecessary functions.inc.php and functions.php imports in widget files: PR: https://github.com/pfsense/pfsense/pull/4712
functions.inc file is deprecated and should not be included everywh... GChuf 6
10:17 AM Todo #15798 (Rejected): Remove shellCommand dependency: PR: https://github.com/pfsense/pfsense/pull/4711
The dependency is only used in 1 file: src/usr/local/pfSense/incl... GChuf 6

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

11/26/2024

11/25/2024

11/24/2024

11/23/2024

11/22/2024

11/21/2024

11/20/2024

11/19/2024

11/18/2024

11/17/2024

11/16/2024

11/15/2024

11/14/2024

11/13/2024

11/12/2024

11/11/2024

11/09/2024

11/08/2024

11/07/2024

11/06/2024

11/05/2024

11/04/2024

11/03/2024

11/02/2024

11/01/2024

10/31/2024

10/30/2024

10/29/2024

10/28/2024