Activity

30 days up to

User

Subprojects

Activity

From 11/17/2024 to 12/16/2024

12/16/2024

09:40 PM Bug #15930 (Incomplete): Mobile IPsec clients can't connect after gateway failover: I'm not able to reproduce this. After the gateway failover, the IPsec logs show that the service loads with the corre... Marcos M
09:22 PM Revision 9e4d4242: Determine the correct AF when DDNS uses a gateway group: Marcos M
08:00 PM Regression #15936 (Feedback): Tracking information for firewall rules is not shown when editing the rule: Applied in changeset commit:a39fdd6047708a830331c1a935de0784d7feea95. Marcos M
07:50 PM Regression #15936 (Resolved): Tracking information for firewall rules is not shown when editing the rule: In the edit firewall rule page, the following info is missing: Tracking ID, Created, Updated. Marcos M
07:52 PM Revision a39fdd60: Show rule tracking info. Fix #15936: Marcos M
07:41 PM Bug #15935 (Resolved): Incorrect rule may be opened for editing after rule order has changed: Reproducing this has been inconsistent. Once reproduced, I've been able to trigger the issue repeatedly. After applyi... Marcos M
07:40 PM Bug #15935 (Feedback): Incorrect rule may be opened for editing after rule order has changed: Applied in changeset commit:2470d8fb789854d2bfa7623f423b77c7f0c9b861. Marcos M
07:31 PM Bug #15935 (Resolved): Incorrect rule may be opened for editing after rule order has changed: It's possible for rules to be saved in an unordered state. In such a case, opening a rule to edit without first refre... Marcos M
07:32 PM Revision 2470d8fb: Sort filter rules after changes. Fix #15935: When rules are added/removed, they should also be re-sorted. Marcos M
04:24 PM Feature #15934 (New): Kea Lease Reclamation and Affinity Options (IPv4 and IPv6): The lease allocation and reclamation behavior in Kea is more aggressive than that in ISC DHCP. As a consequence, user... Jim Pingle
01:27 PM Bug #15931 (Duplicate): Mobile IPsec clients do not receive IP addresses from the virtual pools assigned to individual clients.: Almost certainly a duplicate of #12549 (or a config issue) Jim Pingle
01:25 PM Bug #15927 (Feedback): Potential XSS in AutoConfigBackup backup list on ``services_acb.php``: Still need to wait for feedback from the original reporter to be sure it's solved on their side before completely clo... Jim Pingle
12:45 PM pfSense Packages Bug #15933 (Closed): pfBlockerNG crashes after updating to latest version on 12/16/2024: Upgraded pfBlockerNG this morning and the dashboard displays a crash. Go into the the crash report and there is a PH... Shawn Masters

12/15/2024

10:33 PM pfSense Packages Bug #15932 (Duplicate): HAProxy entries disappear after saving with MIM enabled: After testing I am running into an issue with HAproxy adding more than 1 ACL and backend to a frontend. It seems like... Chad High
08:45 PM Bug #15912: Errors on the console when starting/stopping services: This is 100% reproducible on my 4100. It is running both dnsmasq and unbound. Tried on PVE VM with both enabled and u... Craig Coonrad
07:20 PM pfSense Plus Feature #15854: Lost Captive Portal User Logins when DHCP Leases are Cleared: This issue does not solely occur due to Clearing of Leases through the GUI, it also occurs through normal lease expir... Dale Harron
05:48 AM Bug #15874: Users with Deny Config Write privilege can trigger logging operations: dylan mendez wrote in #note-7:
> Testing this, it seems that you can restart ALL services as long as you have the We... Jim Pingle
05:04 AM Bug #15874: Users with Deny Config Write privilege can trigger logging operations: Testing this, it seems that you can restart ALL services as long as you have the WebCfg - Status: Services permission... dylan mendez
03:19 AM pfSense Packages Feature #15548 (Resolved): Add packages for Zabbix 7.0 Agent and Proxy: Verified version 7 packages are on 24.11. Marking as Resolved. Kris Phillips
03:18 AM pfSense Packages Todo #15806 (Duplicate): Add WAN export interface for wiregaurd: Duplicate here: https://redmine.pfsense.org/issues/15177 Kris Phillips
03:16 AM pfSense Packages Regression #15731 (Confirmed): HAProxy widget shows age and ID in hex: I can confirm this is an issue. Tested on 24.11 with the latest HAProxy package. Kris Phillips
03:14 AM pfSense Packages Bug #15917 (Incomplete): In OpenVPN export package, the option Automagic Multi-WAN IPs (port forward targets) does not working as expected: I tested this and am unable to recreate this problem on 25.03. Please provide specific steps to reproduce. Kris Phillips
01:38 AM Bug #15927 (Closed): Potential XSS in AutoConfigBackup backup list on ``services_acb.php``: Tested on... Christopher Cope

12/14/2024

08:18 PM Feature #14067: Per-instance options to control Dynamic DNS client Check IP Service behavior: tested with NOIP.com
+Automatic/Always use the check IP service+ provides the public IP address
+never use the... Alhusein Zawi
07:36 PM Bug #15931 (Duplicate): Mobile IPsec clients do not receive IP addresses from the virtual pools assigned to individual clients.: I configured a separate Virtual Address Pool within the VPN/IPsec/Pre-Shared Keys settings. Despite this configuratio... Danilo Zrenjanin
07:22 PM Bug #15930 (Not a Bug): Mobile IPsec clients can't connect after gateway failover: If a gateway group is defined and selected as the Interface in the IPsec setup, connections will function properly wh... Danilo Zrenjanin
04:34 PM Feature #2358 (In Progress): NAT64 support: NAT64 support in pf is in progress.
Related GUI changes:
* commit:b5cea7d74fbad6362acc7252aa3e14dd33b85cfe
* commit:... Marcos M
03:45 PM pfSense Plus Feature #14017: Ability to remove all packages before upgardes with saved configuration: I meant more when a new update is being installed, before it has a check box that removes all packages beforehand and... Yuri Weinstein
02:47 PM Bug #15912: Errors on the console when starting/stopping services: I'm not seeing this on 24.11 nor 25.03.
I did see a similar error come through on boot on 25.03, before any commands... Christopher Cope

12/13/2024

07:07 PM Feature #15929: Unbound QUIC / HTTPS support: edit: looking at the https, its only via http/2 so wouldn't offer any meaningful gains.
dns over quic would though mrpops2ko .
07:04 PM Feature #15929 (New): Unbound QUIC / HTTPS support: ever since 1.222.0 of unbound it has supported DNS over QUIC https://unbound.docs.nlnetlabs.nl/en/latest/topics/priva... mrpops2ko .
04:36 PM Feature #15776: System Aliases for various reserved networks: This looks good but I can't help wondering if we should have "46" variants with all of the IPv4 and IPv6 addresses to... Jim Pingle
01:11 PM Feature #15776: System Aliases for various reserved networks: feature works correctly after change applied as a patch
aliases are created and populated
tested on:
24.11-RELEASE... Georgiy Tyutyunnik
04:08 PM Bug #15856 (Resolved): OpenVPN Status Page and Dashboard Widget use input values without validation: Original reporter responded back that the last round of fixes corrected the problem, so this can be closed now. Jim Pingle
02:23 PM Bug #15856: OpenVPN Status Page and Dashboard Widget use input values without validation: I'm still waiting to hear back from the original reporter to see if it fixed it for them, too, so keeping this open yet. Jim Pingle
12:29 PM Bug #15856: OpenVPN Status Page and Dashboard Widget use input values without validation: Fix working, tested on 24.03
Before fix:... Lev Prokofev
04:07 PM Bug #15844: Dashboard ``widgetkey`` values are not validated on save or load, can lead to configuration corruption or other problems: Original reporter responded back that the last round of fixes corrected the problem.
Will leave open for an intern... Jim Pingle
01:01 PM Feature #15323: Display server description when WOL is sent using mac url or power-on button: While that method offers protection, it's still putting too much trust in user-supplied data to get passed around. Lo... Jim Pingle
08:10 AM Feature #15323: Display server description when WOL is sent using mac url or power-on button: Jim Pingle wrote in #note-8:
> Both could be on the same PR since they're for the same issue, but the PR needs work ... Phil Wardt
11:26 AM Bug #15924: SCTP states not purged causing subsequent SCTP INIT to be blocked: The issue is in SCTP state handling added in FreeBSD D42393 - https://reviews-dev.freebsd.org/D42393
The SCTP ABORT ... Oliver Thomas
06:33 AM Bug #15926: Captive Portal does not function with MAC filtering disabled: Looks like the fix working, tested on 24.11... Lev Prokofev
06:18 AM Bug #15912: Errors on the console when starting/stopping services: Can't reproduce it on 24.11 ... Lev Prokofev
04:09 AM pfSense Packages Feature #14838: Full support for AdBlock-style lists: [ I'm currently lost in a wood full of RedMine & Github tabs :) ]
Would anyone be so kind to provide an *update*... Bojack Robot

12/12/2024

11:20 PM Bug #13662 (Feedback): Setting a limiter queue length greater than 100 prevents the limiter from loading: Applied in changeset commit:f79dfc8c6b8d51a7781f9fe886eb69e5bd9dde62. Marcos M
11:10 PM Bug #13662 (In Progress): Setting a limiter queue length greater than 100 prevents the limiter from loading: Marcos M
11:11 PM Revision f79dfc8c: Check subqueues when determining pipe slot limit. Fix #13662: Marcos M
10:55 PM Bug #13158 (Feedback): Input validation error when applying limiter changes: Applied in changeset commit:6a3384e056a1d1552a1ac5aad1e8ea15346a5a63. Marcos M
10:46 PM Bug #13158 (In Progress): Input validation error when applying limiter changes: Marcos M
10:45 PM Revision 6a3384e0: Don't clobber the pipe name. Fix #13158: Marcos M
09:40 PM Bug #15926 (Feedback): Captive Portal does not function with MAC filtering disabled: Applied in changeset commit:cab4d222d76f9edf95bf51dba64fae52d862a60a. Marcos M
08:56 PM Bug #15926 (In Progress): Captive Portal does not function with MAC filtering disabled: Marcos M
06:29 PM Bug #15926: Captive Portal does not function with MAC filtering disabled: confirmed, tested on:
24.11-RELEASE (amd64)
built on Wed Nov 27 19:22:00 CET 2024
FreeBSD 15.0-CURRENT Georgiy Tyutyunnik
01:58 PM Bug #15926 (Resolved): Captive Portal does not function with MAC filtering disabled: Since 24.11, no cpzoneid_X_auth rules are created for captive portal sessions after successful authentication if MAC ... Paul Kutzer
09:40 PM Feature #15776 (Feedback): System Aliases for various reserved networks: Applied in changeset commit:4d7be13979570ea0071ce6e95e976588ee1e2dc8.
Related: commit:1f9680c002c56b183cb6665bbba55b... Marcos M
09:32 PM Feature #15776 (In Progress): System Aliases for various reserved networks: Marcos M
09:32 PM Revision cab4d222: Config access regession when disabling CP MAC filtering. Fix #15926: Marcos M
08:54 PM pfSense Plus Regression #15928: OpenVPN DCO clients fail to reconect: Also of note is that clients without DCO enabled reconnect OK. Steve Wheeler
08:54 PM pfSense Plus Regression #15928 (Resolved): OpenVPN DCO clients fail to reconect: OpenVPN clients with DCO enabled fail to reconnect if the server is restarted in 25.03 dev snapshots:... Steve Wheeler
08:54 PM Revision 1f9680c0: Add config upgrade support for new system aliases: Marcos M
08:54 PM Revision 4d7be139: Define additional system aliases. Implement #15776: Marcos M
06:02 PM pfSense Plus Bug #15903: After 24.03 -> 24.11 upgrade system goes into spontaneous reboots: I submitted a TAC ticket 17473553014
@cwalsh Yuri Weinstein
05:30 PM Bug #15927 (Feedback): Potential XSS in AutoConfigBackup backup list on ``services_acb.php``: Applied in changeset commit:84d8eddf87607e0f9dcc313bcaad4db67e4f3750. Jim Pingle
05:21 PM Bug #15927 (Resolved): Potential XSS in AutoConfigBackup backup list on ``services_acb.php``: The page at ``services_acb.php`` displays the "reason" string when listing backup entries from the server without enc... Jim Pingle
05:23 PM Revision 84d8eddf: Ensure ACB entry reasons are encoded. Fixes #15927: Jim Pingle
02:25 PM Bug #15925 (Confirmed): DNS Resolver option for Query Name Minimization cannot be disabled: The default for that one must have changed upstream. As it is now, it's always on and can't be disabled.
We may al... Jim Pingle
12:12 AM Bug #15925 (Resolved): DNS Resolver option for Query Name Minimization cannot be disabled: In the pfSense DNS Resolver / Advanced Settings there is a setting for Query Name Minimisation which in the pfSense U... David Burns
11:11 AM pfSense Plus Feature #15854: Lost Captive Portal User Logins when DHCP Leases are Cleared: In order to fully support the assumption that it is the MAC address that authorizes the device through the captive po... Dale Harron
12:53 AM pfSense Plus Feature #15854: Lost Captive Portal User Logins when DHCP Leases are Cleared: I see in the RFC8910-Dec10.php file that there is a stupid commenting error, you have to remove the /*... */ from lin... Dale Harron
11:10 AM Feature #15904: Add native support for Captive Portal API (RFC8908): In order to fully support the assumption that it is the MAC address that authorizes the device through the captive po... Dale Harron
12:55 AM Feature #15904: Add native support for Captive Portal API (RFC8908): I see in the index-Dec10.php file that there is a stupid commenting error, you have to remove the /*... */ from lines... Dale Harron

12/11/2024

08:21 PM pfSense Plus Feature #15854: Lost Captive Portal User Logins when DHCP Leases are Cleared: See Redmine #15904 Built-in Captive Portal Support for RFC8910, DHCP option 114 in Kea.
Note: this is a Kea upgrad... Dale Harron
08:17 PM Todo #14888 (Resolved): Exclude non-release branches from general update checks: The opt-in option can be left to a separate feature request. The dashboard widget will now only check for updates aga... Marcos M
08:15 PM Feature #14067 (Feedback): Per-instance options to control Dynamic DNS client Check IP Service behavior: Applied in changeset commit:cca427857f26a2e169ece028d4503a1c974766b3. Marcos M
08:07 PM Bug #14605 (Feedback): Dynamic DNS uses the default gateway interface instead of the specified interface: Marcos M
08:05 PM Revision cca42785: Allow choosing when to use Check IP service in DDNS. Implement #14067: Marcos M
06:01 PM Revision faf5a0e5: NAT64 GUI improvements: - Add NAT64 to the firewall rule advanced options indicator.
- Automatically add the destination for NAT64 rules.
- D... Marcos M
04:50 PM Revision f515b460: Revert "Clarify NAT64 checkbox description": This reverts commit c257b5eead8804f509203a3e4fb60d8e0f45cb5a. Marcos M
04:31 PM Feature #2479: Allow reordering of the traffic graphs on the dashboard: I'd also like to see the ability to reorder/group interfaces on the Dashboard. Particularly on the Traffic Graph widget. Paul L
02:20 PM Feature #15323: Display server description when WOL is sent using mac url or power-on button: Both could be on the same PR since they're for the same issue, but the PR needs work anyhow -- I left a comment on th... Jim Pingle
05:23 AM Feature #15323: Display server description when WOL is sent using mac url or power-on button: I just noticed that the widget needs also a patch to display server description when wol is sent using the widget.
S... Phil Wardt
02:12 PM Bug #15923 (Rejected): After restoring the backup, PHP produce the errors.: What version is this on? There is nothing at the line in question that could trigger that error on the latest release... Jim Pingle
07:24 AM Bug #15923 (Rejected): After restoring the backup, PHP produce the errors.: PHP ERROR: Type: 1, File: /etc/inc/upgrade_config.inc, Line: 5444, Message: Uncaught TypeError: Cannot access offset ... Zeeshan Paracha
12:58 PM Bug #15924 (Resolved): SCTP states not purged causing subsequent SCTP INIT to be blocked: The current code transitions the state to CLOSING upon receiving an ABORT.
The firewall state should instead trans... Danilo Zrenjanin
10:39 AM Feature #15904: Add native support for Captive Portal API (RFC8908): Support for Kea requires handling the Reclamation and reassignment of IPs which has changed dramatically from that im... Dale Harron
08:28 AM Bug #15043: IGMP proxy works intermittently: Can the kernel please be reuploaded for 2.7.2? as that link provided is dead and there is still no CE release since t... Chris Collins
07:23 AM Bug #15572: Disabling DNSSEC should also disable Harden DNSSEC Data: I have a different view, and I actually patched my local install to reflect this.
In Unbound if you enable feature... Chris Collins
12:01 AM Revision c257b5ee: Clarify NAT64 checkbox description: Marcos M

12/10/2024

10:30 PM Revision 6143fb5f: Improve input validation for NAT64: Clarify message and automatically disable NAT as needed. Marcos M
09:54 PM Revision b5cea7d7: Add NAT64 support for firewall rules: Add initial GUI support for NAT64. The NAT64 source can be set to:
- Automatic (default): Use the rule's gateway or g... Marcos M
07:56 PM pfSense Docs Correction #15883 (Closed): Voucher sync settings have moved: Not only did they move, how they operate completely changed (and the option names changed).
All up-to-date now: ht... Jim Pingle
07:44 PM Feature #15922 (New): Allow using dhcp mappings in host aliases for any service: Host aliases that contain hosts resolvable via dhcp mappings or host overrides are not populated until Unbound starts... Steve Wheeler
07:38 PM pfSense Docs Correction #15894 (Closed): Update config version for pfSense+ 24.11: Fixed and deployed: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/cbbc2816f5717136509341ae3012bf900b7e0ac8 Jim Pingle
07:28 PM Feature #15652: Kea DHCPv6 Prefix Delegation Support (IPv6 Only): Will need to hook into Kea run_script support that was added for Unbound integration to install/deinstall routes as I... Christian McDonald
05:39 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: Maurice Detmers wrote in #note-36:
> I can also confirm that this works for me on PFSense 24.11.
>
> For the comm... Andrew Almond
05:38 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: Jim Pingle wrote in #note-28:
> Andrew Almond wrote in #note-27:
> > PR 4719 isn't listed in https://redmine.pfsens... Andrew Almond
02:10 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: I can also confirm that this works for me on PFSense 24.11.
For the community edition, is this also automatically ... Maurice Detmers
12:29 AM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: Both the agent and proxy are working for me on 24.11 now. Andrew Almond
04:52 PM Bug #15908 (Resolved): Users with Deny Config Write privilege can change their own password: Jim Pingle
04:50 PM Feature #15818 (Resolved): Certificate Authorities created in the GUI do not have the Basic Constraints extension marked critical: Newly created CAs now have the basic constraints marked critical:... Jim Pingle
04:45 PM Bug #15767 (Resolved): Clicking the picture widget image downloads the image with an invalid filename instead of showing it inline: Image now opens up in a new tab displayed in the browser on both Firefox and Chrome. Right Click/Save Image As offers... Jim Pingle
04:40 PM Todo #15863 (Resolved): Update nginx HTTP2 syntax: New syntax is in the configuration, no errors in the log.
Jim Pingle
04:37 PM Bug #11268 (Resolved): Cookie named ``id`` prevents some forms from being loaded or saved properly: This was fixed by commit:738f647c453a8995c6b411f91efb66c17a0d6c11 -- I could replicate it before that change but I ca... Jim Pingle
04:18 PM Feature #15654 (Resolved): Kea Static ARP Support (IPv4 only): This appears to be working as expected. When static ARP is checked on an interface, the interface gets the static ARP... Jim Pingle
01:47 AM Bug #15914: PHP error when a queue is added with the same name as a limiter: I think you nailed it Jordan.
I was able to create the queue when it wasn't named the same as the limiter. Once it... Richard Ball

12/09/2024

09:13 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: The devel branch is for development snapshots, the 24.11 packages are built from a 24.11 branch (on a different git r... Jim Pingle
09:11 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: Jim Pingle wrote in #note-32:
> I forgot to pick one commit to a specific branch, but it should be OK now if you uni... Maurice Detmers
08:26 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: I forgot to pick one commit to a specific branch, but it should be OK now if you uninstall and reinstall that package. Jim Pingle
08:04 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: Jim Pingle wrote in #note-29:
> I updated the options for Zabbix 7 ports (and cleaned up some older ones), and bumped... Maurice Detmers
07:18 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: Jim Pingle wrote in #note-29:
> I updated the options for Zabbix 7 ports (and cleaned up some older ones), and bumpe... Maurice Detmers
07:13 PM pfSense Packages Feature #15548 (Feedback): Add packages for Zabbix 7.0 Agent and Proxy: I updated the options for Zabbix 7 ports (and cleaned up some older ones), and bumped the package version, it should ... Jim Pingle
07:12 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: Andrew Almond wrote in #note-27:
> PR 4719 isn't listed in https://redmine.pfsense.org/projects/pfsense/issues?query... Jim Pingle
05:34 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: PR 4719 isn't listed in https://redmine.pfsense.org/projects/pfsense/issues?query_id=143&sort=updated_on%3Adesc%2Cid%... Andrew Almond
08:57 PM Feature #15652 (In Progress): Kea DHCPv6 Prefix Delegation Support (IPv6 Only): The client gets delegated a prefix, but there is no routing information in the table afterward. The prefix delegated ... Jim Pingle
06:57 PM Revision b0a13438: Update and make zabbix options consistent. Issue #15548: Jim Pingle
05:20 PM pfSense Docs Todo #15918 (Rejected): New cellular compatibility for TP-Link M7350: "Modems reported to work as Ethernet devices" is exactly what you describe in your second scenario. @ue0@ is an "Ethe... Jim Pingle
05:18 PM pfSense Docs Todo #15918 (Rejected): New cellular compatibility for TP-Link M7350: Hi,
I'm new to this; just trying to be helpful, so sorry if I am doing something wrong!
But here:
https://docs... Alan Ingram
05:03 PM pfSense Packages Bug #15917 (Rejected): In OpenVPN export package, the option Automagic Multi-WAN IPs (port forward targets) does not working as expected: When use Multi WAN setup with OpenVPN server and port forward with localhost, and export config with select option Au... aleksei prokofiev
04:49 PM pfSense Packages Bug #15916: pfBlockerNG dnsbl daemon not able to start in CARP mode: I can replicate this issue on 25.01-devel as well with known good HA sync setup. Worth mentioning the CARP VIP appear... dylan mendez
04:46 PM pfSense Packages Bug #15916 (New): pfBlockerNG dnsbl daemon not able to start in CARP mode: pfBlockerNG dnsbl daemon not able to start in CARP mode:
CARP is created as disabled on update after applying the co... Georgiy Tyutyunnik
03:35 PM Bug #15767 (Feedback): Clicking the picture widget image downloads the image with an invalid filename instead of showing it inline: Applied in changeset commit:f7e934bbac273d3557edaa0c1b1c9fd0cc1b69b7. Jim Pingle
03:24 PM Bug #15767 (In Progress): Clicking the picture widget image downloads the image with an invalid filename instead of showing it inline: Download was the intent of the previous commit (and mentioned in the description), but I can see how showing it inlin... Jim Pingle
03:25 PM Revision f7e934bb: Send picture widget image inline. Fixes #15767: Jim Pingle
02:18 PM pfSense Docs Todo #15915 (Rejected): Feedback on pfSense® software Configuration Recipes — WireGuard VPN Client Configuration Example: You shouldn't need to set that on the LAN.
The recipe already covers this by setting an appropriate MTU on the Wir... Jim Pingle
08:06 AM pfSense Docs Todo #15915 (Rejected): Feedback on pfSense® software Configuration Recipes — WireGuard VPN Client Configuration Example: *Page:* https://docs.netgate.com/pfsense/en/latest/recipes/wireguard-client.html
*Feedback:*
Hello
I have b... Diego Rueda
02:15 PM pfSense Plus Regression #15899 (Incomplete): LAGG LACP - adding a member stops DHCP from working: We can mark it incomplete for now. If you can figure out what contributing factor in your setup is triggering the beh... Jim Pingle
02:14 PM Bug #15873 (Resolved): PHP error when a user is denied access to the dashboard: Jim Pingle
02:11 PM Feature #15913 (Rejected): Patcket capture GUI: custom field for tcpdump command line options: If someone knows tcpdump that well, they can use the shell.
This would be very difficult to validate without accid... Jim Pingle
02:06 PM Bug #15910 (Not a Bug): Incorrect navigation path to the Configuration History tab in the GUI.: Currently on Plus the intent is for it to be under the *Diagnostics* menu, and it is accessible there on Plus due to ... Jim Pingle
01:59 PM Bug #15874: Users with Deny Config Write privilege can trigger logging operations: Lev Prokofev wrote in #note-4:
> After applying the patch I get a butch of php strings in logs after login using an ... Jim Pingle

12/08/2024

04:10 PM pfSense Plus Bug #15903: After 24.03 -> 24.11 upgrade system goes into spontaneous reboots: @cwalsh OK will do
For clarification when you say "take a status archive as soon as possible after it comes back up"... Yuri Weinstein
10:59 AM pfSense Plus Regression #15899: LAGG LACP - adding a member stops DHCP from working: Hello Jordan, thanks for testing.
It must be something particular to my setup then.
Since both of you couldn't re... Marcelo Cury
04:40 AM pfSense Plus Regression #15899: LAGG LACP - adding a member stops DHCP from working: Also unable to replicate so far with my 4100, adding/removing an interface to my existing LACP LAGG did not effect KE... Jordan G
06:33 AM Bug #15767: Clicking the picture widget image downloads the image with an invalid filename instead of showing it inline: Tested on 24.11 with patch applied. In Chrome it just download png file but not open in browser.
24.11-RELEASE (amd6... aleksei prokofiev
05:09 AM Bug #15912: Errors on the console when starting/stopping services: I receive the following trying to use those commands from the shell (option 8) or php shell (option 12) ... Jordan G
12:37 AM Bug #15912 (Resolved): Errors on the console when starting/stopping services: platform: NG4100
version: 24.11-RELEASE
This showed up after upgrading to 24.11.
restarting unbound or dnsmasq... Craig Coonrad
04:10 AM Bug #15873: PHP error when a user is denied access to the dashboard: no errors appear
25.01-DEVELOPMENT (amd64)
built on Fri Dec 6 13:32:00 PST 2024
FreeBSD 15.0-CURRENT Alhusein Zawi
04:06 AM Bug #15914: PHP error when a queue is added with the same name as a limiter: I was able to recreate this on accident, it seems naming the child queue the same as the parent limiter sets off one ... Jordan G
02:36 AM Bug #15914: PHP error when a queue is added with the same name as a limiter: I'm not able to induce this on 24.11. I can add and remove queues and limiters as much as I'd expect.
Does this ha... Chris W
01:23 AM Bug #15914: PHP error when a queue is added with the same name as a limiter: Issue appears when creating a queue for a second limiter.
!clipboard-202412071723-m6jpq.png!
Richard Ball
01:17 AM Bug #15914 (Resolved): PHP error when a queue is added with the same name as a limiter: [07-Dec-2024 17:03:55 US/Pacific] PHP Fatal error: Uncaught Error: Call to a member function addGlobal() on null in ... Richard Ball
12:56 AM Feature #15913 (Rejected): Patcket capture GUI: custom field for tcpdump command line options: It would be nice if the packet capture page contained a checkbox and field for custom tcpdump settings.
For insta... Craig Coonrad
12:39 AM Bug #15861: Assign Interface IP and Restart GUI Console Menu Items Present PID Errors: #15912 results in the same error.... Craig Coonrad

12/07/2024

11:36 PM pfSense Packages Feature #12179: QEMU package: Tested this on 24.11-RELEASE. You still need to use ShellCMD to start the service and add the following to /etc/rc.c... Kris Phillips
11:28 PM pfSense Packages Bug #15313 (Resolved): Zabbix server 6.4.12 requires Zabbix proxies to be version 6.4.12: Verified the updated packages are in 24.11-RELEASE, which is the current stable.
Andrew Almond wrote in #note-9:
... Kris Phillips
11:26 PM pfSense Plus Bug #15566 (Resolved): Update Intel microcode pacakge: Latest package on 24.11 is:
cpu-microcode-intel-20240910 Intel CPU microcode updates
Closing this as Resolved. Kris Phillips
11:20 PM pfSense Packages Bug #15274 (New): HAProxy Configuration Changes Require pfSense Reboot to Take Effect: Moving this back to New status, as additional detail was provided. Will move to Confirmed or back to Incomplete if w... Kris Phillips
11:17 PM Regression #15885 (Resolved): Error when viewing ALTQ Traffic Shaper queue status: Tested on the latest 25.01 builds. Looks good. Closing as Resolved. Kris Phillips
11:15 PM Bug #15282 (Resolved): Users with Deny Config Write privilege can trigger some VLAN interface operations: Tested on latest 25.01 build. I can confirm the following message is not present:
The following input errors were... Kris Phillips
10:54 PM pfSense Docs New Content #15812 (Resolved): Recipe for OpenVPN Site-to-Site SSL/TLS with DCO: New documentation looks good. Provided it to a customer today, in fact.
Closing this one out. Thanks Jim! Kris Phillips
10:52 PM Bug #15911 (Confirmed): PHP error on save with very long configuration change descriptions: Issue confirmed on... Christopher Cope
10:28 PM Bug #15911 (Resolved): PHP error on save with very long configuration change descriptions: In the https shared haproxy frontend I have currently 58 lines of text / 2503 bytes in total in "Advanced pass thru" ... Pawel Piaskowy
10:26 PM Regression #15890 (Resolved): Unable to change DNS Forwarder domain overrides: Tested on... Christopher Cope
10:21 PM Bug #15876 (Resolved): Routing Advertisements daemon fails to start when configured with more than 3 RDNSS entries in a prefix: Fix is applied and working as expected on... Christopher Cope
08:00 PM Feature #15654: Kea Static ARP Support (IPv4 only): Static ARP enable/disable option was added. (kea DHCP) .
25.01-DEVELOPMENT (amd64)
built on Fri Dec 6 13:32:00 ... Alhusein Zawi
04:06 PM pfSense Plus Bug #15903 (Not a Bug): After 24.03 -> 24.11 upgrade system goes into spontaneous reboots: There's nothing here or in the forum thread which indicates this is a universal software bug in 24.11 instead of some... Chris W
04:01 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: Jim Pingle wrote in #note-20:
> The packages are now available on 24.11 for anyone who wants to try them.
I see t... Maurice Detmers
02:56 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: Jim Pingle wrote in #note-20:
> The packages are now available on 24.11 for anyone who wants to try them.
I get t... Jens Galsgaard
02:39 PM Bug #15015: Static routes not working: I have the issue where the static route is not being used as well. I'm using pfSense 2.7.2, it's a fresh enough insta... David L
02:28 PM Bug #15910 (Not a Bug): Incorrect navigation path to the Configuration History tab in the GUI.: Currently, the path to the Configuration History tab is *Diagnostics/Configuration History*.
!clipboard-202412071... Danilo Zrenjanin
06:37 AM Bug #15908: Users with Deny Config Write privilege can change their own password: I checked the patch on 24.11, the user with RO privileges is not able to change the password.... Lev Prokofev
04:33 AM Bug #15874: Users with Deny Config Write privilege can trigger logging operations: After applying the patch I get a butch of php strings in logs after login using an unprivileged user (Tested on 24.11... Lev Prokofev

12/06/2024

09:13 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: Jim Pingle wrote in #note-20:
> The packages are now available on 24.11 for anyone who wants to try them.
Is it p... Maurice Detmers
08:40 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: Jim Pingle wrote in #note-20:
> The packages are now available on 24.11 for anyone who wants to try them.
I have ... Maurice Detmers
08:20 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: Maurice Detmers wrote in #note-21:
> Jim Pingle wrote in #note-19:
> > CE 2.7.2 won't work since the ports themselv... Jim Pingle
08:17 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: Jim Pingle wrote in #note-19:
> CE 2.7.2 won't work since the ports themselves aren't in that branch of the tree, bu... Maurice Detmers
08:01 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: The packages are now available on 24.11 for anyone who wants to try them. Jim Pingle
07:49 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: CE 2.7.2 won't work since the ports themselves aren't in that branch of the tree, but 24.11 should work and it's buil... Jim Pingle
07:19 PM pfSense Packages Feature #15548 (Closed): Add packages for Zabbix 7.0 Agent and Proxy: Brad reviewed the PR and said it looked OK, so I merged it and picked it back to 24.11 and CE 2.7.2. Should know shor... Jim Pingle
08:55 PM Feature #15652: Kea DHCPv6 Prefix Delegation Support (IPv6 Only): Applied in changeset commit:c2a0fbc02c4945c54ff675687d2d206852b12e20. Christian McDonald
08:50 PM Feature #15652 (Feedback): Kea DHCPv6 Prefix Delegation Support (IPv6 Only): https://gitlab.netgate.com/pfSense/factory/-/commit/c2a0fbc02c4945c54ff675687d2d206852b12e20 Christian McDonald
08:48 PM Revision c2a0fbc0: kea: add initial DHCP-PD support. Implements #15652: Christian McDonald
07:45 PM Revision ec956d34: Revert "Build Zabbix 7. Issue #15548": This reverts commit 60f2688450ae917c86db17847845c8db9b451cf0. Jim Pingle
07:31 PM Revision 60f26884: Build Zabbix 7. Issue #15548: (cherry picked from commit feaa6c57bfa7718d497aea628e4375d490959112) Jim Pingle
07:28 PM Revision feaa6c57: Build Zabbix 7. Issue #15548: Jim Pingle
07:15 PM Feature #15818 (Feedback): Certificate Authorities created in the GUI do not have the Basic Constraints extension marked critical: Applied in changeset commit:cf7dde5a357685b84688dc4b52a0dee57e0af381. Jim Pingle
07:10 PM Feature #15818: Certificate Authorities created in the GUI do not have the Basic Constraints extension marked critical: At one point we had disabled this because certain clients didn't like that being marked as critical, but that note wa... Jim Pingle
01:55 PM Feature #15818 (In Progress): Certificate Authorities created in the GUI do not have the Basic Constraints extension marked critical: Jim Pingle
07:13 PM pfSense Packages Regression #15909: tailscale interface assignment prevents the upgrade from 24.03 to 24.11: I don't think this is a regression. Assigning the tailscale interface is not a valid setup, though we don't do anythi... Christian McDonald
07:10 PM pfSense Packages Regression #15909 (New): tailscale interface assignment prevents the upgrade from 24.03 to 24.11: If you have an assigned tailscale interface, the upgrade to 24.11 won't finish and unit will be stuck on console prom... Georgiy Tyutyunnik
07:09 PM Revision cf7dde5a: Mark CA basic constraints as critical. Fixes #15818: Jim Pingle
05:50 PM Bug #15908 (Feedback): Users with Deny Config Write privilege can change their own password: Applied in changeset commit:a4d40f3e5852a3b8cd9ae19460cfe0d8429d32ea. Marcos M
05:38 PM Bug #15908 (Resolved): Users with Deny Config Write privilege can change their own password: A user with read-only privilege and access to @System > User Password Manager@ is able to change its own password. Marcos M
05:50 PM Bug #15318 (Feedback): Users with Deny Config Write privilege can trigger some QinQ interface operations: Applied in changeset commit:a4d40f3e5852a3b8cd9ae19460cfe0d8429d32ea. Marcos M
05:42 PM Bug #15318 (In Progress): Users with Deny Config Write privilege can trigger some QinQ interface operations: This is still an issue in 24.11. A commit that went in shortly after the fix caused a regression. Marcos M
05:50 PM Bug #15282 (Feedback): Users with Deny Config Write privilege can trigger some VLAN interface operations: Applied in changeset commit:a4d40f3e5852a3b8cd9ae19460cfe0d8429d32ea. Marcos M
05:42 PM Bug #15282 (In Progress): Users with Deny Config Write privilege can trigger some VLAN interface operations: This is still an issue in 24.11. A commit that went in shortly after the fix caused a regression. Marcos M
05:38 PM Revision a4d40f3e: Pass correct argument when checking for RO user privilege: Fix #15282
Fix #15318
Fix #15908 Marcos M
05:10 PM Bug #15873 (Feedback): PHP error when a user is denied access to the dashboard: Applied in changeset commit:1d33b166a44318f893766f55b8d092f70be6380b. Jim Pingle
01:56 PM Bug #15873: PHP error when a user is denied access to the dashboard: We've seen that before in certain cases when a session was started but not closed, probably because of how the client... Jim Pingle
05:00 PM Revision 1d33b166: Close PHP session when exiting early. Fixes #15873: Jim Pingle
05:00 PM Bug #15874 (Feedback): Users with Deny Config Write privilege can trigger logging operations: Applied in changeset commit:8aa54e0d780114713015dd7e970e6541dfc40378. Jim Pingle
03:47 PM Bug #15874 (In Progress): Users with Deny Config Write privilege can trigger logging operations: Jim Pingle
04:52 PM Revision 8aa54e0d: Ensure RO user can't trigger log changes. Fixes #15874: Jim Pingle
03:30 PM Bug #15907 (Feedback): PHP error in Captive Portal with undefined zone interface list: Applied in changeset commit:64075a4359d070c300e09a94c2cf1f4854ce649b. Jim Pingle
03:23 PM Bug #15907: PHP error in Captive Portal with undefined zone interface list: ... Jim Pingle
02:35 PM Bug #15907 (Resolved): PHP error in Captive Portal with undefined zone interface list: Following the upgrade to version 24.11, the captive portal intermittently displays PHP error messages. However, produ... Danilo Zrenjanin
03:24 PM Revision 64075a43: Fix Captive Portal PHP error. Fixes #15907: Jim Pingle
12:48 PM Bug #15906 (Not a Bug): IPv6 delegated prefix changes upstream do not immediately update track6 interfaces: After an IPv6 prefix and IP change on the WAN interface the LAN interface IPs and delegated IPv6 prefixes don’t get u... Uwe Verwey
12:30 PM Feature #15905 (Rejected): DHCPv6, allow SLAAC: This already exists.
https://docs.netgate.com/pfsense/en/latest/services/dhcp/ipv6-ra.html#services-ipv6-ra
See m... Jim Pingle
08:59 AM Feature #15905 (Rejected): DHCPv6, allow SLAAC: Similar to Unifi.
Sets the Autonomous (A) flag on the router Advertisements to allow non-DHCPv6 capable clients to... Torstein Eide
12:18 PM Regression #15885: Error when viewing ALTQ Traffic Shaper queue status: update: found an issue with my config, patch itself works correctly on a factory default config.
Georgiy Tyutyunnik
11:59 AM pfSense Plus Regression #15899: LAGG LACP - adding a member stops DHCP from working: Steve Wheeler wrote in #note-1:
> Haven't been able to replicate this so far. Which interfaces were you using in the... Marcelo Cury

12/05/2024

10:58 PM Feature #15904 (New): Add native support for Captive Portal API (RFC8908): Add an option in Kea to automatically support RFC8910, DHCP Option 114 through a GUI option for all Captive Portals. ... Dale Harron
08:35 PM pfSense Plus Bug #15903 (Not a Bug): After 24.03 -> 24.11 upgrade system goes into spontaneous reboots: I run pfS on QOTOM-Q355G4
After 24.03 -> 24.11 upgrade, I noticed the system goes into spontaneous reboots
See... Yuri Weinstein
08:24 PM pfSense Plus Regression #15899: LAGG LACP - adding a member stops DHCP from working: Haven't been able to replicate this so far. Which interfaces were you using in the LAGG? How many? Steve Wheeler
02:30 PM pfSense Plus Regression #15899 (Incomplete): LAGG LACP - adding a member stops DHCP from working: Noticed that if you add a member to the LACP lag0 group, DHCP will stop answering on the VLANs on this group.
A rebo... Marcelo Cury
08:16 PM Bug #15902 (Duplicate): After an IPv6 prefix and IP change on the WAN interface the KEA DHCP service crashes and cannot be restarted: Duplicate of https://redmine.pfsense.org/issues/14977 Christian McDonald
07:10 PM Bug #15902 (Duplicate): After an IPv6 prefix and IP change on the WAN interface the KEA DHCP service crashes and cannot be restarted: After an IPv6 prefix and IP change on the WAN interface the KEA DHCP service crashes (after 1,5 to 2 hours) and canno... Uwe Verwey
05:35 PM Bug #15332: Kea fails to start if DHCP pool configuration contains default lease time or max lease time: Applied in changeset commit:3bfd3a0efe5abf9ee47e6fdd1625fe5b8f9e21c3. Christian McDonald
05:26 PM Bug #15332 (Feedback): Kea fails to start if DHCP pool configuration contains default lease time or max lease time: default and max lease time are not applicable in a Kea pool context, it only applies at subnet level.
Fixed in htt... Christian McDonald
01:18 PM Bug #15332: Kea fails to start if DHCP pool configuration contains default lease time or max lease time: I have the same issue, noting is being logged.
Started after update to 24.11
I have "Default Lease Time" and "NTP" ... Vöggur Guðmundsson
05:24 PM Bug #15896: Dpinger state reset: What routes are you referring to there? They are removed when you restart dpinger?
Have you tested 2.7.2 or only 2... Steve Wheeler
06:04 AM Bug #15896 (Incomplete): Dpinger state reset: I am still encountering the Dpinger bug that's been showing up.
If I restart the dpinger service it doesn't restor... Duane Ashwell
05:24 PM Revision 3bfd3a0e: kea: ignore default and max lease time within pool context. Fixes #15332: Christian McDonald
05:08 PM pfSense Packages Bug #15821 (Closed): pfSense-pkg-acme needs to be updated to use api.porkbun.com instead of porkbun.com: Fixed in ACME pkg v0.9 Jim Pingle
05:08 PM pfSense Packages Regression #15892 (Closed): PHP error: usr/local/www/acme/acme_accountkeys.php:158: Fixed in ACME pkg v0.9 Jim Pingle
04:16 PM pfSense Packages Regression #15887 (Not a Bug): Additional build options are missing: The missing options are not applicable to bind920 and hence have been removed:
https://github.com/pfsense/pfsense/co... Marcos M
03:43 PM Bug #15900 (Duplicate): After an IPv6 prefix and IP change on the WAN interface the old deprecated IPv6 address is shown on Dashboard->Interfaces and Status->Interfaces: After an IPv6 prefix and IP change on the WAN interface the old deprecated IPv6 address is shown on Dashboard->Interf... Uwe Verwey
03:35 PM Regression #15898 (Confirmed): Changes to the ``admins`` user group are not synced to the secondary node: I'm seeing this happen as well. Other group changes are synchronized, but not the "admins" group. On the secondary, n... Jim Pingle
01:36 PM Regression #15898 (Resolved): Changes to the ``admins`` user group are not synced to the secondary node: When I add or remove the group 'admins' for a user via the user manager, the change does not happen on the backup sys... Dean Chang
03:30 PM Revision f9207141: Remove old port options for bind: This options do not apply to bind920. Marcos M
01:20 PM pfSense Packages Bug #15872 (Resolved): PHP error when accessing mail reports: tested against:... Danilo Zrenjanin
01:20 PM Bug #15897: After an IPv6 prefix and IP change on the WAN interface the old deprecated IPv6 address is shown on Dashboard->Interfaces and Status->Interfaces: CARP is only used on the IPv4 cluster - not with IPv6 Uwe Verwey
01:17 PM Bug #15897 (Rejected): After an IPv6 prefix and IP change on the WAN interface the old deprecated IPv6 address is shown on Dashboard->Interfaces and Status->Interfaces: CARP is not compatible with dynamic addresses/interfaces, it can only be used with static interfaces. Jim Pingle
08:48 AM Bug #15897 (Rejected): After an IPv6 prefix and IP change on the WAN interface the old deprecated IPv6 address is shown on Dashboard->Interfaces and Status->Interfaces: After an IPv6 prefix and IP change on the WAN interface the old deprecated IPv6 address is shown on Dashboard->Interf... Uwe Verwey
08:41 AM Feature #15813: Include alternative TCP stack: So, what is the way forward? You marked this issue as a duplicate of another one which has not been addressed in more... Andreas Dekiert
02:40 AM pfSense Packages Bug #14853: Missing response for AAAA or A queries for blacklisted domains in Python mode: Note it doesnt happen to all domains, when it does happen, it always happens for that domain and vice versa for when ... Chris Collins
02:38 AM pfSense Packages Bug #14853: Missing response for AAAA or A queries for blacklisted domains in Python mode: Not sure if this is related, but I noticed some queries made to blocked domains on pfblockerng and I also have python... Chris Collins

12/04/2024

08:21 PM pfSense Packages Regression #15892: PHP error: usr/local/www/acme/acme_accountkeys.php:158: Simple patch to apply the fix until the new package is ready:... Jim Pingle
08:20 PM pfSense Packages Regression #15892 (In Progress): PHP error: usr/local/www/acme/acme_accountkeys.php:158: As soon as I hit submit there I had another idea and replicated it with a bad item tag that looks like this:... Jim Pingle
08:17 PM pfSense Packages Regression #15892 (Feedback): PHP error: usr/local/www/acme/acme_accountkeys.php:158: Looks like the only way that could happen is if their config has some invalid/wrong item tag in the account keys sect... Jim Pingle
06:29 PM Regression #15888 (Closed): ALTQ shaper queues are not present after importing a config: This is a symptom of a separate issue with config access in MIM which has been resolved. To work around it, disable M... Marcos M
06:16 PM Revision e930812c: Add error handling for config xml parsing exceptions. Fix #15860: With this change, exceptions during a config restore will no longer
result in an unbootable instance. Marcos M
06:16 PM Revision e4b8c5b6: Remove deprecated function use of xml_parser_free(): As of PHP 8.0.0, the function has no effect and is no longer needed. Marcos M
04:42 PM Revision eae972cc: kea: keep the config.xml tidy when saving settings with empty values: Christian McDonald
07:42 AM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: Andrew Almond wrote in #note-16:
> @Maurice Detmers - Great work, thanks for submitting the PR!
> What steps will b... Maurice Detmers

12/03/2024

10:28 PM Feature #15656 (Closed): Options to expose Kea REST API (IPv4 and IPv6): Now that we have our own public API in the works, we probably don’t want to expose this directly.
Closing unless a... Christian McDonald
10:11 PM Feature #15654: Kea Static ARP Support (IPv4 only): https://gitlab.netgate.com/pfSense/pfSense/-/commit/ec77ad9834db6dadd2c7c70356e1514aad03939f Christian McDonald
10:10 PM Feature #15654 (Feedback): Kea Static ARP Support (IPv4 only): Christian McDonald
10:09 PM Revision ec77ad98: kea: enable static arp support, Feature #15654: Christian McDonald
10:01 PM Revision aaf29961: dhcp: fix static arp config access: Christian McDonald
09:58 PM Revision 6a499415: Revert "dhcp: fix static arp config access": This reverts commit c31cc5d0e1121e973abc0d58b4808f6d90762dba. Christian McDonald
09:50 PM Revision 437d8274: remove rogue character: Christian McDonald
09:48 PM Revision c31cc5d0: dhcp: fix static arp config access: Christian McDonald
08:00 PM Bug #15767 (Feedback): Clicking the picture widget image downloads the image with an invalid filename instead of showing it inline: Applied in changeset commit:cb698d2685ef3195bc3813856b0c52143fbdb4d4. Jim Pingle
07:49 PM Bug #15767 (In Progress): Clicking the picture widget image downloads the image with an invalid filename instead of showing it inline: Firefox apparently guesses what the extension should be based on the image type, Chrome takes the name as-is. Looks l... Jim Pingle
07:50 PM Revision cb698d26: Set picture widget download file ext. Fixes #15767: Jim Pingle
07:39 PM Revision ff50e62f: Handle null widget instance ID. Issue #15844: Jim Pingle
07:29 PM Revision 824b1e52: Fix config access regressions during config upgrades: - 122_to_123: outbound rule saved to wrong path
- 130_to_131: operate on same types
- 136_to_137: handle potentially ... Marcos M
07:23 PM Revision 7f4eb864: Don't use config result by reference: The $settings variable is not changed within the loop. Marcos M
07:20 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: @Maurice Detmers - Great work, thanks for submitting the PR!
What steps will be necessary for minor updates of 7.0, ... Andrew Almond
07:00 PM Bug #15844 (Feedback): Dashboard ``widgetkey`` values are not validated on save or load, can lead to configuration corruption or other problems: Applied in changeset commit:6b42147b1c52b559e833e0edcbfbdffbb410b809. Jim Pingle
06:54 PM Bug #15844 (In Progress): Dashboard ``widgetkey`` values are not validated on save or load, can lead to configuration corruption or other problems: There are still some refinements to be made here, more commits incoming. Jim Pingle
06:54 PM Revision 6b42147b: Refine widget validation checks. Fixes #15844: Jim Pingle
06:17 PM Feature #15813 (Duplicate): Include alternative TCP stack: Marcos M
06:07 PM Regression #15895 (Resolved): Configuration upgrade from before revision 19.1 removes OpenVPN settings: Marcos M
06:05 PM Regression #15895 (Feedback): Configuration upgrade from before revision 19.1 removes OpenVPN settings: Applied in changeset commit:908e52f9fc52914b8f0a0c1ae71be3c71bef6c3b. Marcos M
05:57 PM Regression #15895 (In Progress): Configuration upgrade from before revision 19.1 removes OpenVPN settings: Marcos M
05:54 PM Regression #15895 (Resolved): Configuration upgrade from before revision 19.1 removes OpenVPN settings: On pfSense+ 24.11, upgrades/restores from config version 19.1 result in empty OpenVPN settings. Marcos M
05:56 PM Revision 908e52f9: Config access regession when restoring from config 19.1. Fix #15895: Marcos M
05:53 PM pfSense Docs Correction #15894 (Closed): Update config version for pfSense+ 24.11: https://docs.netgate.com/pfsense/en/latest/releases/versions.html
pfSense+ 24.11 uses config version 23.6. Marcos M
05:50 PM Todo #15863 (Feedback): Update nginx HTTP2 syntax: Applied in changeset commit:6221ed9c9aa664361a79796b9b1535cb987e9c77. Jim Pingle
05:41 PM Revision 6221ed9c: Update nginx HTTP2 syntax. Fixes #15863: Jim Pingle
05:37 PM Revision 738f647c: Define PHP request_order. Fixes #15893: Jim Pingle
11:46 AM pfSense Packages Regression #15892 (Closed): PHP error: usr/local/www/acme/acme_accountkeys.php:158: When trying to select account keys in the ACME package in 24.11:... Steve Wheeler
09:18 AM pfSense Packages Regression #15887: Additional build options are missing: That'll be fixed with https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/commit/bd8c1a2e3e610649c50a291f970c157833fdd... Kristof Provost
01:05 AM pfSense Packages Feature #15891: NUT driver list update: PR for this is available as https://github.com/pfsense/FreeBSD-ports/pull/1394 Denny Page
12:55 AM pfSense Packages Feature #15891 (Resolved): NUT driver list update: Add new drivers (mostly modbus) to NUT. Denny Page
01:04 AM pfSense Packages Bug #15845: UPS Settings doesn't display the full list of availabale drivers: This is now covered by #15891. Denny Page

12/02/2024

10:35 PM Regression #15890 (Feedback): Unable to change DNS Forwarder domain overrides: Applied in changeset commit:aac5bb5d396a1f1b18d59a532ad262a4d1085a40. Marcos M
10:27 PM Revision aac5bb5d: Config access regression when saving dnsmasq overrides. Fix #15890: Marcos M
09:35 PM Feature #15659: Kea option for ``reservations-out-of-pool`` and associated input validation (IPv4 and IPv6): I was just coming to enter an enhancement request for this and found this.
A couple of comments:
For option 1, ... Denny Page
07:58 PM Bug #15856: OpenVPN Status Page and Dashboard Widget use input values without validation: I merged the changes, they are ready for additional testing. Jim Pingle
06:25 PM Bug #15856 (Feedback): OpenVPN Status Page and Dashboard Widget use input values without validation: Applied in changeset commit:92a55a0ad8976975b320bdff11f0512f59d3a2ab. Jim Pingle
07:58 PM Bug #15844 (Feedback): Dashboard ``widgetkey`` values are not validated on save or load, can lead to configuration corruption or other problems: I merged the changes, they are ready for additional testing. Jim Pingle
05:12 PM Bug #15844: Dashboard ``widgetkey`` values are not validated on save or load, can lead to configuration corruption or other problems: Attached here are patches for testing on releases, each of which needs slight adjustments for the patches to apply cl... Jim Pingle
06:20 PM Revision 04b74da1: Dashboard widget settings and widgetkey validation. Issue #15844: * Adds validation of submitted widgetkey values before use when storing widget settings and other similar operations.... Jim Pingle
06:18 PM Revision 92a55a0a: Validate inputs when killing OpenVPN clients. Fixes #15856: While here, fix the JS 'busy' icon switching for both the widget and status page. Jim Pingle
05:26 PM Revision 238ebe47: Update bind build options: Bind is now at version 9.20 (from 9.16). Update the build options to
match. Kristof Provost
04:22 PM Feature #15321: Kea DHCP Custom Configuration Support (IPv4 and IPv6): I'm test driving this right now.
pfSense 24.11 Release.
With the patch mentioned above.
See also : [[https://forum.n... Gertjan KROEB
04:06 PM Bug #15767: Clicking the picture widget image downloads the image with an invalid filename instead of showing it inline: Seems to be browser-specific. Firefox gets the name correct, Chrome/Chromium gets the name wrong. Browsers based on t... Jim Pingle
02:25 PM Bug #15889 (Rejected): vtysh: error reading from bgpd: Connection reset by peer (54)Warning: closing connection to bgpd because of an I/O error!: Not nearly enough detail to say it's a bug, looks like bgpd just isn't running but there isn't anything here to sugge... Jim Pingle
09:28 AM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: Andrew Almond wrote in #note-14:
> I spent some time yesterday learning how to build from ports, and I was able to c... Maurice Detmers

12/01/2024

07:42 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy: I spent some time yesterday learning how to build from ports, and I was able to create Zabbix 7.0 proxy and agent bin... Andrew Almond
03:34 PM pfSense Plus Bug #15472: potential bug with the ath driver: https://forum.netgate.com/topic/195367/issues-upgrading-from-24-03-to-24-11-sg-1100-atheros-9280
I do not have the... Jonathan Lee
12:38 AM pfSense Plus Bug #15472: potential bug with the ath driver: Jonathan Lee wrote in #note-7:
> I have not been able to test this in the other version because I am in class curren... Kris Phillips
02:53 PM pfSense Packages Bug #13043: OSPF over Wireguard interface doesn't populate neighbors after reboot: My testing also seems to confirm your theory. I'm currently in the middle of a cutover from MPLS to site-to-site Wire... Andrew Collings
08:50 AM Bug #15332: Kea fails to start if DHCP pool configuration contains default lease time or max lease time: Tested on
24.11-RELEASE (amd64)
built on Wed Nov 27 22:22:00 +04 2024
FreeBSD 15.0-CURRENT
I am unable reprodu... aleksei prokofiev
03:25 AM Regression #15885: Error when viewing ALTQ Traffic Shaper queue status: after applying the above patch, queues made in the wizard previously seem to survive a reboot and can be seen under s... Jordan G
01:51 AM Bug #15767: Clicking the picture widget image downloads the image with an invalid filename instead of showing it inline: seems to be working as intended with 24.11-release Jordan G
01:09 AM pfSense Plus Feature #15884: Features Request - DHCP multiple subnet support | Relay forces you to disable server for all networks.: Kris Phillips wrote in #note-1:
> That said, not being able to run the relay while the DHCP server is enabled is cle... Christian McDonald
12:35 AM pfSense Plus Feature #15884 (Confirmed): Features Request - DHCP multiple subnet support | Relay forces you to disable server for all networks.: I can confirm this is an issue.
However, there is a debate on the usefulness of adding this to pfSense CE and Pl... Kris Phillips
12:41 AM pfSense Plus Bug #14401 (Confirmed): Changing from Switchport to Discrete Interface in VGA/Serial Console Breaks Port Status Monitoring: Moving this to Confirmed, as Jordan was able to confirm this behavior. Kris Phillips
12:31 AM Regression #15890 (Confirmed): Unable to change DNS Forwarder domain overrides: I can confirm this behavior. Applying domain overrides will not have them be retained on page reload. Kris Phillips

11/30/2024

10:37 PM Regression #15885: Error when viewing ALTQ Traffic Shaper queue status: Georgiy Tyutyunnik wrote in #note-4:
> reproduced.
> fater applying the patch created altq shaper works and is see... Kris Phillips
04:08 PM Regression #15885: Error when viewing ALTQ Traffic Shaper queue status: reproduced.
fater applying the patch created altq shaper works and is seen in GUI.
However applying the patch caus... Georgiy Tyutyunnik
01:35 AM Regression #15885 (Feedback): Error when viewing ALTQ Traffic Shaper queue status: Applied in changeset commit:d09924fcd062ca4d0a510448e28a23062f191bc5. Marcos M
10:14 PM Regression #15890 (Resolved): Unable to change DNS Forwarder domain overrides: In 24.11 saving changes to domain overrides in the DNS forwarder, including new overrides, do not apply to the runnin... Steve Wheeler
09:12 PM Bug #15876: Routing Advertisements daemon fails to start when configured with more than 3 RDNSS entries in a prefix: Applying the changes as a patch on... Christopher Cope
04:15 PM Regression #15882: L2TP server settings are not saved correctly: patch fixes the issue
tested on:
24.11-RELEASE (amd64)
built on Wed Nov 27 19:22:00 CET 2024
FreeBSD 15.0-CURRENT Georgiy Tyutyunnik
11:13 AM Bug #15889 (Rejected): vtysh: error reading from bgpd: Connection reset by peer (54)Warning: closing connection to bgpd because of an I/O error!: FRR
vtysh: error reading from bgpd: Connection reset by peer (54)Warning: closing connection to bgpd because of... yon Liu
01:08 AM Regression #15888 (Closed): ALTQ shaper queues are not present after importing a config: After importing a config into 24.11 hat has shaper queues defined the queues are not shown in the webgui.
This app... Steve Wheeler

11/29/2024

09:22 PM Revision d09924fc: Ignore queue status interface. Fix #15885: Return the previous condition; $altqstats['interface'] is not required. Marcos M
09:19 PM pfSense Packages Regression #15887 (Not a Bug): Additional build options are missing: Build options for bind916 in 24.03:... Marcos M
07:37 PM Regression #15885 (In Progress): Error when viewing ALTQ Traffic Shaper queue status: Marcos M
03:18 PM pfSense Packages Feature #15532 (Resolved): Update NUT status widget: Marcos M
05:46 AM pfSense Packages Feature #15532: Update NUT status widget: As this has been released, I think the issue may be closed. Denny Page

11/28/2024

11:47 PM Regression #15885 (Resolved): Error when viewing ALTQ Traffic Shaper queue status: In 24.11 the Status > Queues page can show 'No Queue data available' when queues are processing traffic.
The data ... Steve Wheeler
01:48 AM pfSense Plus Feature #15884 (Confirmed): Features Request - DHCP multiple subnet support | Relay forces you to disable server for all networks.: I have been working with a L3 switch and found some limitations with pfSense's implementation of DHCP.
First, you ... Marcelo Cury

11/27/2024

11:19 PM Regression #15882 (Feedback): L2TP server settings are not saved correctly: Marcos M
11:17 PM Regression #15882: L2TP server settings are not saved correctly: Several settings on the page will not be saved to the correct config path.
Fixed with commit:3487972e11dc8d096f97c2a... Marcos M
10:42 PM Regression #15882 (In Progress): L2TP server settings are not saved correctly: Marcos M
10:26 PM Regression #15882 (Resolved): L2TP server settings are not saved correctly: In 24.11 a configured and running L2TP server is always shown as disabled in the webgui. Even after enabling and resa... Steve Wheeler
11:10 PM Revision a0b8466e: Don't separate the last array key in config access paths: Marcos M
11:10 PM Revision 3487972e: Config access regression in L2TP. Fix #15882: Marcos M
10:38 PM pfSense Docs Correction #15883 (Closed): Voucher sync settings have moved: https://docs.netgate.com/pfsense/en/latest/captiveportal/vouchers.html#synchronizing-vouchers
> At the bottom of the... Marcos M
07:50 PM Bug #14891: High CPU usage when interface get down and up due to proces check_reload_status: If this can be reproduced on 24.11, do the following to get more info:
# SSH into the device
# Get the process ID... Marcos M
07:30 PM Todo #15879: Update NTP widget time in-place: This happens on older versions as well - it's simply how that widget works. It's more prevalent now because of recent... Marcos M
03:43 PM Todo #15879 (New): Update NTP widget time in-place: Surely not a big problem, but I notice that the “servber time” information flashes every 2 to 6 seconds. I hadn't not... Steph Swiss
07:04 PM pfSense Plus Regression #15880 (Feedback): Upgrade available LED not set before branch is selected.: Fixed.
The cron job is now up to date and using the correct API to check for new releases, update the LED state an... Luiz Souza
05:47 PM pfSense Plus Regression #15880 (Resolved): Upgrade available LED not set before branch is selected.: With the introduction of opt-in upgrades a user must now select the new version branch to upgrade.
However the scr... Steve Wheeler
06:52 PM pfSense Docs Todo #15881 (Closed): Update UPNP service docs: The wording/descriptions have changed:
https://redmine.pfsense.org/issues/15864 Marcos M
06:44 PM Revision b282c329: Pass the correct option for pfSense-upgrade to detect when a new version is available.: To be able to find new releases, pfSense-upgrade needs to look at all the
repositories and that is done with '-C'.
T... Luiz Souza
06:43 PM Revision 71f43603: Quote the shell variables as necessary.: No functional changes. Luiz Souza
06:05 PM Bug #15876 (Feedback): Routing Advertisements daemon fails to start when configured with more than 3 RDNSS entries in a prefix: Applied in changeset commit:490c8d19bb6d89d93df32c42705153cc5c995853. Marcos M
06:01 PM Bug #15876 (In Progress): Routing Advertisements daemon fails to start when configured with more than 3 RDNSS entries in a prefix: We can enforce the limit to avoid the service start failure. Marcos M
01:33 AM Bug #15876: Routing Advertisements daemon fails to start when configured with more than 3 RDNSS entries in a prefix: Found in the radvd log:... Christopher Saia
01:20 AM Bug #15876 (Resolved): Routing Advertisements daemon fails to start when configured with more than 3 RDNSS entries in a prefix: It's possible to silently crash the Router Advertisements daemon (radvd) with a DHCPv6 scope that is configured with ... Christopher Saia
05:54 PM Revision 490c8d19: Limit RDNSS addresses to 3. Fix #15876: Marcos M
05:36 PM Revision 6613449b: Remove the call to update_repos() in the pkg metadata update cronjob.: This is not necessary anymore as it is now handled by pfSense-upgrade. Luiz Souza
05:05 PM Bug #15844: Dashboard ``widgetkey`` values are not validated on save or load, can lead to configuration corruption or other problems: Added MR for affected packages, also improved the validation methods a bit in general.
Jim Pingle
03:19 PM pfSense Plus Bug #15878 (Not a Bug): Kea DHCP Registration Settings: Vöggur Guðmundsson wrote in #note-1:
> On second thought I am not able to reproduce this, I may have forgotten to Ap... Christian McDonald
03:14 PM pfSense Plus Bug #15878: Kea DHCP Registration Settings: On second thought I am not able to reproduce this, I may have forgotten to Apply the setting.
Sorry for for my haste Vöggur Guðmundsson
01:21 PM pfSense Plus Bug #15878 (Not a Bug): Kea DHCP Registration Settings: Setting the "DNS Registration" under specific if/vlan dos not work.
In the Kea DHCP main Settings tab I left the "... Vöggur Guðmundsson
01:03 PM pfSense Packages Bug #15614 (Duplicate): Squid 6.6 Package should have NO_TLSv1 and NO_TLSv1_1 feature flags set on directive pls_outgoing_options: Jim Pingle
08:17 AM pfSense Packages Bug #15614: Squid 6.6 Package should have NO_TLSv1 and NO_TLSv1_1 feature flags set on directive pls_outgoing_options: Please close @marcos already merged fix within this redmine 15381. This is resolved.
https://redmine.pfsense.org/... Jonathan Lee
01:02 PM Bug #15877 (Not a Bug): Web server crashes: This is a load issue on your hardware caused by your settings, not a bug.
At a minimum, you should disable log com... Jim Pingle
11:34 AM Bug #15877: Web server crashes: Probbaly more information with this status
System
Interfaces
Firewall
Services
VPN
Status
Diagnostics... Thomas Lionel SMETS
11:12 AM Bug #15877 (Not a Bug): Web server crashes: I updated from 24.03 to 24.11.
The Portal crashes after a few minute & I need to ssh into the FW to restart the we... Thomas Lionel SMETS
09:00 AM Bug #10513: State issues with policy routing and HA failover: Was anyone able to test this on newer versions?
I'll try to get a quick lab going to test on pfSense+ Jose Duarte
08:22 AM Bug #15154: dco_update_peer_stat: invalid peer ID 0 returned by kernel: Side note I had both SafeXcel and SMID based crypto options enabled. Jonathan Lee
08:19 AM pfSense Plus Bug #15472: potential bug with the ath driver: I have not been able to test this in the other version because I am in class currently and it is finals week. The sys... Jonathan Lee
08:08 AM pfSense Packages Bug #15644: Snort Status icon disappears: I can also confirm this issue exists in my 2100 in 23.03 boot environments Jonathan Lee
07:52 AM Bug #15612: Captive Portal with big number of passththrough MAC addresses is causing webgui gateway timeouts, Error 50x, and HA-sync XMLRPC Error: Subject: Ongoing Issues with pfSense+ Following Update
Hello,
We are still encountering the same issues exclusively... Timo C

11/26/2024

11:47 PM Bug #15874 (Resolved): Users with Deny Config Write privilege can trigger logging operations: A user with the deny_config_write privilege set and access to the log settings page can still trigger the syslog daem... Steve Wheeler
11:24 PM pfSense Packages Bug #15872 (Feedback): PHP error when accessing mail reports: Fixed with c49098e2900a9211de44dc0b9937235ce9d638a2. The "diff":https://github.com/pfsense/FreeBSD-ports/commit/c4909... Marcos M
11:20 PM pfSense Packages Bug #15872 (Resolved): PHP error when accessing mail reports: ... Marcos M
11:23 PM Bug #15873 (Resolved): PHP error when a user is denied access to the dashboard: When logging in as a user who doesn't have access to the dashboard the following is logged:... Steve Wheeler
06:44 PM pfSense Plus Regression #15871 (Resolved): Azure: User credentials entered during new VM deployments are not applied to the system: Fixed with ports commit da0f905e27963dd88ee17b874eb9e9f05a8ad41a. Marcos M
06:42 PM pfSense Plus Regression #15871 (Resolved): Azure: User credentials entered during new VM deployments are not applied to the system: The user/password entered during VM deployment in Azure does not work. Marcos M
06:41 PM pfSense Packages Bug #14489: FRR needs delayed startup: I had the same issue so I wrote a system patch to sleep for 30 seconds at the beginning of frr.inc. It's janky, but i... Andrew Collings
06:22 PM Bug #13542 (Closed): Boot delay caused when OpenVPN config uses alias list that relies on DNS: In more recent versions, there are checks for the availability of DNS before requests are sent which should help with... Marcos M
05:33 PM pfSense Plus Bug #15870 (New): Azure: VM backups fail: Running a backup against an instance in Azure fails after eventually timing out (>5hrs!).
No obvious reason for th... Marcos M
05:30 PM pfSense Plus Todo #15869 (New): Azure: Use a random password for the admin account after resetting the configuration: After resetting the configuration, the pfSense default credentials are used. Instead, generate a random password for ... Marcos M
05:24 PM pfSense Plus Todo #15867 (New): Azure: Use a random admin password when deploying with SSH key as login: When deploying the pfSense Plus image in Azure you can choose to allow logins using the generated SSH key pair. If th... Marcos M
05:15 PM pfSense Plus Todo #15866 (Needs Patch): Update Azure agent: The currently-used Azure agent is @2.8.0.11_1@:
https://www.freshports.org/sysutils/azure-agent
The current lates... Marcos M
04:54 PM Todo #15865 (Feedback): Make the UPnP IGD & PCP STUN port optional: https://github.com/pfsense/pfsense/pull/4717 Marcos M
04:54 PM Todo #15865 (Resolved): Make the UPnP IGD & PCP STUN port optional: The service does not require a STUN port to be specified - make it optional. Marcos M
04:52 PM Todo #15864 (Resolved): Update UPnP IGD & PCP GUI text: https://github.com/pfsense/pfsense/pull/4689
https://github.com/pfsense/pfsense/pull/4695
https://github.com/pfsens... Marcos M
04:36 PM Todo #15864 (Resolved): Update UPnP IGD & PCP GUI text: Update the text regarding the "UPnP" service to use more accurate and clearer terms. Marcos M
04:48 PM Revision c3dc4126: Merge pull request #4717 from Self-Hosting-Group/igd-pcp-finalisation: https://redmine.pfsense.org/issues/15864
Followup to:
7961830d30b89605b26732350335f5a9498ff5ba
9bc580f00f691b2c3de5f... Marcos M
04:29 PM Revision d1c8a7d6: Avoid potential name collision in CSRF: Jim Pingle
03:40 PM Bug #15831 (Resolved): Kernel Panic when IGMPProxy gets CIDR Removed: Jim Pingle
03:40 PM Bug #15601 (Resolved): Routes with IPv6 Address as Next Hop for IPv4 Destination Causes Kernel Panic: Jim Pingle
03:40 PM Regression #15094 (Resolved): Updates fail against an authenticated upstream proxy: Jim Pingle
03:40 PM Bug #14977 (Resolved): Kea fails to restart due to race between process termination and startup: Jim Pingle
03:28 PM pfSense Plus Regression #15494: Reinstall Packages button reports another instance of ``pfSense-upgrade`` is running: Tested on
24.11-RELEASE (amd64)
built on Fri Nov 22 4:34:00 UTC 2024
FreeBSD 15.0-CURRENT
Issue persists aleksei prokofiev

11/25/2024

09:18 PM Todo #15863 (Resolved): Update nginx HTTP2 syntax: nginx is logging a deprecation notice for the current HTTP2 syntax:... Jim Pingle
08:46 PM Feature #15862 (New): Suppress multiple backups during config default: During the config default process, triggered from the console menu, webgui or hardware reset button, non-default pack... Steve Wheeler
08:04 PM Bug #15844: Dashboard ``widgetkey`` values are not validated on save or load, can lead to configuration corruption or other problems: MR updated with validation for remaining widgets that utilize @widgetkey@. Also included validation for some settings... Jim Pingle
01:19 PM pfSense Packages Regression #14452 (Resolved): Prometheus node_exporter generates errors with the default config: Jim Pingle
12:00 AM Revision bf313265: UPnP IGD & PCP: No need to enter STUN port and update example servers: (#4717) Self-Hosting-Group
12:00 AM Revision 210a89aa: UPnP IGD & PCP: Simplify UI and finalise wording and descriptions update: (#4717) Self-Hosting-Group

11/24/2024

12:46 PM Bug #15746: IPv6 is not deprecated on PPPoE Periodic Reset: Same issue here as well. Unfortunately most consumer isps are handing out dynamic prefixes…There is actually an optio... Johannes Rohde
04:03 AM pfSense Packages Feature #15532: Update NUT status widget: tested on 24.11 (built on Wed Nov 20 11:41:00 CST 2024) using nut v2.8.2_4, metrics seem consistent when comparing wi... Jordan G
02:57 AM Bug #15861: Assign Interface IP and Restart GUI Console Menu Items Present PID Errors: Restart GUI is also producing a similar error:
Restarting webConfigurator...pkill: Cannot get process list (kvm_ge... Kris Phillips
02:46 AM Bug #15861: Assign Interface IP and Restart GUI Console Menu Items Present PID Errors: After a factory default and then switching to the Kea backend from ISC, the original error about "No such file or dir... Kris Phillips
02:44 AM Bug #15861: Assign Interface IP and Restart GUI Console Menu Items Present PID Errors: Testing with the ISC Backend, it produces a different error:
DHCPD...pkill: Cannot get process list (kvm_getprocs:... Kris Phillips
02:39 AM Bug #15861: Assign Interface IP and Restart GUI Console Menu Items Present PID Errors: Tested post-reboot and with a factory defaulted firewall. Same results. Kris Phillips
02:27 AM Bug #15861 (Duplicate): Assign Interface IP and Restart GUI Console Menu Items Present PID Errors: When attempting to set the DHCP scope for the LAN interface from the Console Menu using option 2, there is always an ... Kris Phillips
01:53 AM Bug #15584: Redacting description at Interfaces=>LAGGs section cause LAGG interface rebuild.: present in 24.11.r.20241112.1813, it would also appear that just changing and saving the description line (for only t... Jordan G

11/20/2024

09:12 PM pfSense Packages Bug #15845: UPS Settings doesn't display the full list of availabale drivers: Modbus is very new to NUT. I expect your UPS supports USB HID, potentially in addition to Modbus. I would recommend ... Denny Page
08:57 PM pfSense Packages Bug #15845: UPS Settings doesn't display the full list of availabale drivers: Denny Page wrote in #note-2:
> I looked into this a bit... What is the model number of your UPS?
>
> Also, does i... Eric Wright
08:46 PM pfSense Packages Bug #15845: UPS Settings doesn't display the full list of availabale drivers: I looked into this a bit... What is the model number of your UPS?
Also, does it have a USB port as well as the ser... Denny Page
08:55 PM pfSense Packages Bug #15857 (New): FRR BGP generates an invalid config when peer group with a space in its name is used: When creating a peer group by going to Services > FRR BGP > Neighbors > Add and entering a name to create a peer grou... Andrew Collings
07:18 PM Revision 3c383268: Add specialnet flag for VIP aliases only: Marcos M
06:18 PM Bug #15856: OpenVPN Status Page and Dashboard Widget use input values without validation: Attaching a small POC Python script. Edit and adjust the URL, and credentials, target page, and port to match the set... Jim Pingle
06:15 PM Bug #15856 (Resolved): OpenVPN Status Page and Dashboard Widget use input values without validation: When performing operations using the OpenVPN status page (@/status_openvpn.php@) or the Dashboard widget (@/widgets/w... Jim Pingle
01:17 AM Todo #15855 (Rejected): Upgrade openvpn to the latest version: Plus 24.11 RC already includes 2.6.12. Jim Pingle
01:05 AM Todo #15855 (Rejected): Upgrade openvpn to the latest version: Because the latest version fixes many problems, please upgrade to the latest version as soon as possible
https://w... yon Liu
01:09 AM Bug #15831: Kernel Panic when IGMPProxy gets CIDR Removed: A decision was made to ship this with 24.11 after all, so I think we can consider the matter closed :) Mateusz Guzik

11/19/2024

09:49 PM pfSense Plus Feature #15854 (New): Lost Captive Portal User Logins when DHCP Leases are Cleared: When DHCP Leases are cleared, Captive Portal User Logins may cease to be functional due to a change from the IP used ... Dale Harron
08:08 PM pfSense Packages Feature #15853 (Resolved): Add mDNS Bridge (mdns-bridge) package: mDNS Bridge is intended as an alternative to Avahi reflection for sharing Multicast DNS across network interfaces.
... Denny Page
07:50 PM pfSense Packages Bug #15845: UPS Settings doesn't display the full list of availabale drivers: I will look at adding app_modbus in the next version. Denny Page
07:20 PM pfSense Packages Bug #15749 (Not a Bug): BGP advertising all routes and ignoring networks statements.: I don't believe there is a bug, at least not with pfSense or the GUI package. The stated behavior looks to be intenti... Marcos M
07:13 PM Bug #15850: DHCP not always giving gateway: Audio Images IT wrote in #note-4:
> Marcos M wrote in #note-2:
> > Would you be able to test this on 24.11-RC using... Audio Images IT
07:12 PM Bug #15850: DHCP not always giving gateway: Marcos M wrote in #note-2:
> Would you be able to test this on 24.11-RC using Kea (enabled on the page System > Adva... Audio Images IT
04:27 PM Bug #15850: DHCP not always giving gateway: I haven't seen this happen before and I'm not quite sure what would make it happen either. Unless the client itself i... Jim Pingle
04:08 PM pfSense Docs New Content #15812: Recipe for OpenVPN Site-to-Site SSL/TLS with DCO: Some revisions: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/24ad7f4a8e8ee6722defb55b3300eaf7f80f22aa Jim Pingle
04:07 PM pfSense Plus Bug #15849 (Duplicate): KEA is not appending the DNS Domain suffix as ISC did: This was all overhauled in Plus 24.11 and is already addressed -- see #15651
Try the 24.11 RC and it should all wo... Jim Pingle
08:52 AM pfSense Plus Bug #15851: openvpn DCO mode Failed to open tun/tap interface: I am setting up a new dco openvpn tunnel.The same configuration works fine on Ubuntu 24.04. So I think the problem is... yon Liu
04:00 AM pfSense Plus Bug #15851 (Rejected): openvpn DCO mode Failed to open tun/tap interface: That appears to be a settings issue. Post on the forum with the server and client settings for assistance. Also, if t... Jim Pingle
03:56 AM pfSense Plus Bug #15851 (Rejected): openvpn DCO mode Failed to open tun/tap interface: openvpn can't create interface when I use DCO mode. p2p tunnel,For privacy reasons, the IP has been changed
... yon Liu
04:05 AM Bug #15852 (New): Alias Nesting Only Shows IP and Network Alias Types On Initial Creation: Hopefully the title makes some sense, but I will give this as much context as I can.
Firstly, according to the do... Ethan Word

11/18/2024

11:47 PM Bug #15850: DHCP not always giving gateway: Would you be able to test this on 24.11-RC using Kea (enabled on the page System > Advanced > Networking)? Marcos M
11:40 PM Bug #15850: DHCP not always giving gateway: I have access to Netgate 4100 and 4200 routers, so I can try on those routers, but since it has been observed on thre... Audio Images IT
11:31 PM Bug #15850 (New): DHCP not always giving gateway: I've noticed that if when using VLANs on the LAN interface, a DHCP server is configured with the default gateway (i.e... Audio Images IT
11:06 PM pfSense Plus Bug #15849 (Duplicate): KEA is not appending the DNS Domain suffix as ISC did: I've set a domain for my router (home.me). The URL for my router is "sg-router.home.me", and my self-signed keys used... Dennis Adler
09:01 PM pfSense Docs New Content #15812 (Feedback): Recipe for OpenVPN Site-to-Site SSL/TLS with DCO: First draft: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/75479978e950cfc595d556612c44651455c2b086
https:... Jim Pingle
07:35 PM Revision f865f055: Exclude Tailscale group from specialnets. Implement #15848: Marcos M
07:10 PM Revision 65818681: Clarify the notice given when rules are skipped: Marcos M
06:57 PM Revision de17c931: Config access regression when editing system tunables. Fix NG#18003: Marcos M
06:28 PM Todo #15848 (Feedback): Exclude the WireGuard and Tailscale interface group system aliases from rules: Done with commit:d0605a76e751dbdb83e89856a9342a8813285d32 and commit:f865f0550d932b297a818bf601baf7b79907c3ad. Marcos M
06:25 PM Todo #15848 (Resolved): Exclude the WireGuard and Tailscale interface group system aliases from rules: The WireGuard and Tailscale interface groups are special. Unlike interface groups in the config which are made up of ... Marcos M
06:26 PM Revision d0605a76: Exclude WireGuard group from specialnets. Implement #15848: Marcos M
03:26 PM Bug #15847 (Confirmed): Kea DHCP lease utilization stats incorrect for delegated prefix pools: Leases from delegated prefix pools (i.e. track interfaces) are not counted for lease utilization stats. Christian McDonald
01:45 PM Bug #15831 (Feedback): Kernel Panic when IGMPProxy gets CIDR Removed: Jim Pingle
01:44 PM Bug #15831: Kernel Panic when IGMPProxy gets CIDR Removed: Fixes got merged to devel-main and plus-devel-main and will be part of the future releases.
However, they wont be ... Mateusz Guzik
02:48 AM Bug #15839 (Rejected): ``diag_packet_capture.php`` uses ``viewdetail`` and ``viewtype`` values in command execution without validation or encoding: Jim Pingle
02:13 AM Bug #15839: ``diag_packet_capture.php`` uses ``viewdetail`` and ``viewtype`` values in command execution without validation or encoding: In the future, I will report new security concerns through the link.
As you mentioned, arbitrary inputs are repl... James Kim

11/17/2024

12:20 PM Feature #15846: Ability to set OpenVPN client service start type to Manual so the service state survives a reboot: pfSense Community Version
2.7.2-RELEASE (amd64)
built on Wed Dec 6 20:10:00 GMT 2023
FreeBSD 14.0-CURRENT Jon Brown
11:57 AM Feature #15846 (New): Ability to set OpenVPN client service start type to Manual so the service state survives a reboot: h1. Background / My Setup
* My VPN provider allows me 10 connections.
* I have 10 OpenVPN clients setup to use my... Jon Brown
10:43 AM Bug #15598: Input validation for duplicate remote gateways does not work when using the duplicate P1 button: Tested on 24.03 and can not reproduce. Always I've got error.
"The following input errors were detected:
The remote... aleksei prokofiev
03:54 AM Bug #15767: Clicking the picture widget image downloads the image with an invalid filename instead of showing it inline: running 24.11.r.20241112.1813 clicking the picture results in downloading widget_image.png and shows the correct image Jordan G
02:45 AM Feature #15801: Gateway of a disabled interface cannot be configured in System > Routing: also happening with 24.11.r.20241112.1813 Jordan G
12:34 AM pfSense Packages Bug #15749: BGP advertising all routes and ignoring networks statements.: Jesus Christ…you didn’t read the redmine…
Ehhh…alright man.
I’ll follow up Glen Shok.
Incredible…. Mike Moore
12:31 AM pfSense Packages Bug #15749: BGP advertising all routes and ignoring networks statements.: ... Chris Linstruth

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

12/16/2024

12/15/2024

12/14/2024

12/13/2024

12/12/2024

12/11/2024

12/10/2024

12/09/2024

12/08/2024

12/07/2024

12/06/2024

12/05/2024

12/04/2024

12/03/2024

12/02/2024

12/01/2024

11/30/2024

11/29/2024

11/28/2024

11/27/2024

11/26/2024

11/25/2024

11/24/2024

11/23/2024

11/22/2024

11/21/2024

11/20/2024

11/19/2024

11/18/2024

11/17/2024