Project

General

Profile

Activity

From 01/14/2025 to 02/12/2025

02/12/2025

07:25 PM Bug #16043 (Feedback): The filtered states shown may include states for interfaces other than the selected interface
Applied in changeset commit:ba43ae3191b64ff05a60f1faca79a6ad0d127abc. Marcos M
06:55 PM Bug #16043 (Resolved): The filtered states shown may include states for interfaces other than the selected interface
In Diagnostics > States the option is given to select an interface for filtering the displayed states. The states dis... Marcos M
07:10 PM Revision ba43ae31: Exclude states that don't match the selected interface. Fix #16043
Marcos M
06:58 PM Revision 740d3241: Improve performance of state display in diag_dump_states.php
The variable $killdstip was previously used in the tool-tip for the kill
state icon which later changed to reference ... Marcos M
04:38 PM Revision db1a9fd5: kea: don't define pd-pools using ISC config
Christian McDonald
04:14 PM Bug #16019 (Feedback): Kea can unintentionally attempt to spawn multiple processes and fail
A mitigation has been added for this. Christian McDonald
04:09 PM Revision b7ed91f9: kea: ensure all (rogue) instances are terminated. For #16019
Christian McDonald
04:02 PM Revision 7f5ad503: Compare system version using the pfSense-system package
This returns the previous behavior of comparing the package which has the
product dependencies. Marcos M
03:46 PM pfSense Plus Bug #15989: Renaming an alias in MIM does not update firewall and NAT rules with the new alias name
Related:
* https://redmine.pfsense.org/issues/15932
* https://redmine.pfsense.org/issues/16083 Marcos M
03:10 PM Revision 74e84f2b: Exclude the ramdisk restore log from the archive
The ramdisk restore log is meant to log the latest restore attempt. It
must be excluded from the archive to avoid clo... Marcos M

02/11/2025

10:31 PM Bug #16019: Kea can unintentionally attempt to spawn multiple processes and fail
Thanks for the info! I just ran into the same issue and I think it's also mentioned in the forums here: https://forum... Sevi A
09:43 PM Bug #12947 (Feedback): Old IPv6 addresses may continue to be used after DHCP or RA changes
Marcos M
09:28 PM Revision 1616fe18: Add a reminder to stop/start the RA service when the prefix has changed
The DeprecatePrefix option for radvd only triggers on shutdown.
Followup to 646389402feb2dd94171d7c81d4be67feef4f8d8. Marcos M
08:57 PM Revision 78cfbc5e: Reduce rc.newwanipv6 actions on RENEW
This change passes the dhcp6c REASON to the script. The script uses this
to retain the previous behavior for REASONs ... Marcos M
06:12 PM Regression #15400: IGMP packets are logged when the filter rule has logging disabled
While this behavior may be intentional, it is confusing if it is caused by the default ruleset, and disabling the opt... Andrew Almond
06:02 PM Revision 64638940: Trigger rc.newwanipv6 on dhcp6c RENEW
The upstream DHCPv6 server may respond to the RENEW with a different
prefix hence the rc.newwanipv6 script should be ... Marcos M
05:39 PM Feature #15321 (In Progress): Kea DHCP Custom Configuration Support (IPv4 and IPv6)
Christian McDonald
03:17 PM Bug #16007: Dynamic DNS, Porkbun, "@.mydomain.xyz"
Ben Woods wrote in #note-5:
> Could this be caused by porkbun moving the URL for their API recently?
> Old Value: p... Mustache Mustache
03:07 PM Revision 1d909abb: Fix regression when configuring the interface MAC address
Followup to dbb8c4840dbd75f28528a3ce4a0070091d95336a Marcos M
01:08 AM pfSense Docs Todo #16042 (New): Feedback on pfSense® software Configuration Recipes — Configuring CoDel Limiters for Bufferbloat
*Page:* https://docs.netgate.com/pfsense/en/latest/recipes/codel-limiters.html
*Feedback:* Suggestion regarding IP... Daniel Marks

02/10/2025

07:09 PM Revision e33068b7: Generate the UUID using the external interface MAC
Use the configured external interface to generate the UUID and serial for
miniupnpd.conf. Additionally, resort to usi... Marcos M
07:01 PM Revision dbb8c484: Handle a null return from pfSense_get_ifaddrs()
- Update the usage of get_interface_addresses() to handle a null return
- Update the usage of get_interface_mac() to ... Marcos M
04:55 PM Revision 2ef2fffc: Improve various pieces here, properly quote variables, use = properly, and use || instead of -o
Brad Davis
04:41 PM Revision e8d3a416: Simplify fetching the physical mem and do the calulation in shell instead of using expr(1)
Brad Davis
04:34 PM Revision f356ce54: let is not valid in shell and fix the calculation too
Brad Davis
04:26 PM Revision a465f0c1: Remove useless use of cat
Brad Davis
04:22 PM Revision 237b4ee7: Fix spacing and use tabs consistently
Brad Davis
04:03 PM Feature #15652 (Feedback): Kea DHCPv6 Prefix Delegation Support (IPv6 Only)
Support added in 25.07 for testing
DHCP log should show entries like:... Christian McDonald
04:02 PM Regression #16035 (Rejected): Ignore link-local addresses when generating Unbound host records
Christian McDonald
12:02 AM Revision b24bcd7a: Properly quote variables and switch to $( ) instead of backticks
Brad Davis

02/09/2025

11:07 PM Revision 6ee5b44a: Properly quote these variables
Brad Davis
10:39 PM Bug #12947: Old IPv6 addresses may continue to be used after DHCP or RA changes
I am also looking into this issue.
There are different possible issues here, depnding on configuration method.
In... Elias Ohm
10:37 PM Revision 84926bb6: Improve these tests by avoiding -a which might cause commands to run on the right-hand side
Brad Davis
10:20 PM Revision 1cbe125a: Instead of using a negative -z test, use -n
Brad Davis
09:56 PM Revision 4e5642c8: Improve these tests by avoiding -a and -o which might cause commands to run on the right-hand side
Brad Davis
09:43 PM Revision 7dc60557: Simplify checking the exit code from these commands
Brad Davis
09:15 PM Revision 8670a047: SC2086: Properly quote these variables
Brad Davis
09:05 PM Revision 51ceef5e: Simplify generating the random time to sleep by using jot(1)
Brad Davis
08:28 PM Revision c3cf1790: Simplify this check
Brad Davis
08:14 PM Revision 5a7a1a84: Remove unnecessary case statement since tar now uses libarchive and handles the different types of compression automatically
Brad Davis
04:44 PM pfSense Plus Feature #11732: Add VXLAN Support to pfSense Plus
I added VXLAN support by building latest FreeBSD VXLAN kernel module for my Pfsense CE 2.7.2 kernel.
You can see my ... Max Pal
11:10 AM Feature #15321: Kea DHCP Custom Configuration Support (IPv4 and IPv6)
This modification to the patch for Plus release 25.03 Beta is working for me:... Dale Harron
04:37 AM Bug #15852: Alias Nesting Only Shows IP and Network Alias Types On Initial Creation
Jordan G wrote in #note-2:
> it appears this functionality is by design and to prevent things like port aliases bein... Ethan Word
03:06 AM Bug #16039 (Confirmed): Gateway does not go down when packet loss threshold is set to 100%
Chris W
03:04 AM Bug #16039 (Incomplete): Gateway does not go down when packet loss threshold is set to 100%
I can reproduce this for the most part. I set WAN1 for the Tier1 interface and WAN2 for the Tier2 on a 4100 (identica... Chris W

02/08/2025

11:56 PM pfSense Plus Bug #16037: New CoDel limiters are no longer created with any default values
following the documentation and creating a new limiter using taildrop/fqcodel leaving all values blank except the ini... Jordan G
08:47 PM Bug #15930 (Incomplete): Mobile IPsec clients can't connect after gateway failover
Further testing was conducted on the Netgate 8200 and 7100 devices, but the issue could not be replicated. This sugge... Danilo Zrenjanin
01:34 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy
Hi,
I don't understand why this is closed if packages still aren't available for CE 2.7.2?
Zabbix 6 LTS goes EO... Steve Scotter
02:06 AM pfSense Packages Feature #14630: FRR script hook for clearing states on routing changes
Its been over a year so im not sure where this situation leaves us.
To be blunt, you cannot use dynamic routing prot... Mike Moore

02/07/2025

07:25 PM pfSense Docs Todo #16040 (Closed): Feedback on pfSense® software Configuration Recipes — High Availability Configuration Example
Fixed, thanks!
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/c3e58087af002592d0eaea875d14826fb02ff3cf
 Jim Pingle
05:26 PM pfSense Docs Todo #16040 (Closed): Feedback on pfSense® software Configuration Recipes — High Availability Configuration Example
*Page:* https://docs.netgate.com/pfsense/en/latest/recipes/high-availability.html
*Feedback:*
2001:db8::201/64 ... Steve Y
06:39 PM Bug #16041 (New): Use newer name `submissions` for TCP port 465 instead of `smtp/s`
In Firewall > Rules, the table displayed has a column named "port" which helpfully shows not just the port number, bu... Sean McBride
05:52 PM Bug #15876: Routing Advertisements daemon fails to start when configured with more than 3 RDNSS entries in a prefix
With the updated radvd version in 25.03, up to 4 entries may be configured to align with what can be set in the DHCPv... Marcos M
04:58 PM Bug #15930 (New): Mobile IPsec clients can't connect after gateway failover
Kris Phillips
04:36 PM Bug #15060: LDAP bind fails when authentication servers use different CA chains
The issue still exists on 24.11. Lev Prokofev
03:13 PM Revision 1a578050: Fix the case where pfSense_get_ifaddrs() returns NULL.
It happens when the interface has no address (triggered with pppoe). Luiz Souza

02/06/2025

10:06 PM Revision b12078bb: Simplify rc.restore_ramdisk_store
Brad Davis
09:23 PM Revision d9554e41: Reorganize how RAM disks are created
This improves things by moving the read of the sizes for the RAM disks
up before things are unmounted and so we have ... Brad Davis
09:23 PM Revision 46d21522: Setup the dynamic linker before we call xmllint
Brad Davis
05:20 PM Todo #15258: Update Gandi LiveDNS service with API changes
I tested your commits via the Patches system and it works for me now! Hopefully with this confirmation from the OP wi... Matthew Drury
04:43 PM Revision ddc07852: Move dictionary.pfsense into PREFIX where it belongs
Brad Davis
03:25 PM Regression #16036 (Resolved): Cannot set a new name when duplicating an existing gateway group
tested, reproduced.
patch fixes the issue
tested on:
25.03-BETA (amd64)
built on Tue Feb 4 1:23:00 CET 2025
Free... Georgiy Tyutyunnik

02/05/2025

10:05 PM Revision 55e4f4ed: Shell exit codes are between 0-255
Brad Davis
06:31 PM Regression #16031: Some older ISA-based uart consoles do not function on development snapshots around 25.03 or later
The APU is also fixed in 25.07.
This fixes the Netgate Installer support for the APU. Luiz Souza
05:44 PM Revision 646b553b: Simplify these calculations by doing them directly in the shell
Brad Davis
05:43 PM Revision fa0d7711: Pet shellcheck SC2086 and properly quote variables
Brad Davis
04:48 PM pfSense Plus Feature #14017: Ability to remove all packages before upgardes with saved configuration
This would reduce the chance of user error and a big time saver when upgrading multiple firewalls. Andrew Almond
01:33 PM Bug #16039 (Confirmed): Gateway does not go down when packet loss threshold is set to 100%
I have multiple locations with Netgate 6100 appliances that have wired broadband (tier 1) with a cellular backup (tie... Andrew Collings
08:42 AM Todo #15258: Update Gandi LiveDNS service with API changes
Just FYI, I have fixed this in the following PR: https://github.com/pfsense/pfsense/pull/4726
I don't know how oft... Jasper S
08:07 AM Feature #16038 (Feedback): Add options for custom dynamic DNS update frequencies and disabling caching
I've had numerous occurrences where dynamic DNS entries either do not get updated at or have the wrong IP. Two factor... Andrew Almond
02:56 AM Bug #16032 (Resolved): Creating a Captive Portal zone with uppercase letters overwrites existing zones of the same name

Followed the steps. It will return:
"The following input errors were detected:
Zone [Test] already exists. "
... Alhusein Zawi
01:36 AM Revision 025b1ffc: Replace cut with awk.
The awk can deal with multiple spaces and/or tabs as delimiters for the input.
While here, quote a couple of variables. Luiz Souza
01:08 AM pfSense Plus Bug #16037 (Incomplete): New CoDel limiters are no longer created with any default values
When creating new limiters as per the "documentation,":https://docs.netgate.com/pfsense/en/latest/recipes/codel-limit... Andrew Almond

02/04/2025

10:57 PM Revision eb35f2ee: Consider the linklocal_fallback value when checking the interface cache
This is needed to make sure that callers to find_interface_ipv6() using
different linklocal_fallback values receive t... Marcos M
10:53 PM Revision 5f31c41b: Add the swap partition created by growfs to the system fstab.
Fixes the missing swap partition with the emmc-serial images.
Ticket: #10888 Luiz Souza
09:25 PM Regression #16036 (Feedback): Cannot set a new name when duplicating an existing gateway group
Applied in changeset commit:cfe52b690f01d98cf369cfdf2f009d08e8f69202. Marcos M
08:41 PM Regression #16036 (In Progress): Cannot set a new name when duplicating an existing gateway group
Marcos M
07:50 PM Regression #16036 (Resolved): Cannot set a new name when duplicating an existing gateway group
There's a UI element for duplicating a gateway group, but it behaves as if it's modifying an existing gateway group r... Max Leighton
08:35 PM Revision cfe52b69: Allow renaming when duplicating a gateway. Fix #16036
Marcos M
07:59 PM Revision 28a94ddf: Fix condition check in get_interface_addresses()
Followup to ec7c1879da64f8a39e4aa8103c351768118af03d Marcos M
06:53 PM Revision aef5c504: kea: Introduce kea-specific UI and config for DHCP-PD
Christian McDonald
06:37 PM Bug #15110: pfSense hangs when rebooting
Danilo Zrenjanin wrote in #note-15:
> The 256 GB WD NVMe SSD performs without any issues when used with the Netgate ... Thijs van Dien
05:31 PM Revision ec7c1879: Don't include LL addresses by default in get_interface_addresses()
- Update get_interface_addresses() to make including the IPv6 LL address
optional. It defaults to the function's pr... Marcos M
03:54 PM Regression #16031 (In Progress): Some older ISA-based uart consoles do not function on development snapshots around 25.03 or later
4860 upgraded fine and had a working console on the latest snapshot.
Not sure which other platforms we may want to... Jim Pingle
03:46 AM Regression #16031: Some older ISA-based uart consoles do not function on development snapshots around 25.03 or later
Fixed for the RCC based hw.
Fixed on 25.07 and 25.03. Luiz Souza
03:12 PM Regression #16035: Ignore link-local addresses when generating Unbound host records
Noting for reference that this is addressing a regression introduced in commit:ef4d1687b7518f4d88fee2b0c9d1cf0d47423d... Jim Pingle
02:25 PM Regression #16035 (Feedback): Ignore link-local addresses when generating Unbound host records
Applied in changeset commit:ec074cb5d05b2b8ff1b9215f90e9e680eb0a8cb6. Christian McDonald
02:12 PM Regression #16035 (Rejected): Ignore link-local addresses when generating Unbound host records
Christian McDonald
02:15 PM Revision ec074cb5: unbound: filter link-local addrs from host_entries.conf. Fixes #16035
Christian McDonald
01:54 PM Bug #16030 (Resolved): Captive Portal service management via ``pfSsh.php svc`` fails when the zone name contains uppercase letters
patch successfully fixes the issue.
patch changes the name of the existing zones to all lowercase
captive portal na... Georgiy Tyutyunnik

02/03/2025

10:18 PM Feature #11975: Simplify NAT logging to conforme more easily with local/regional laws
Yes, though ultimately the requirement can be addressed using the new packet flow data feature. Marcos M
09:27 PM Feature #11975: Simplify NAT logging to conforme more easily with local/regional laws
Are we still limited by pf in this regards? Mike Moore
10:07 PM Revision ef4d1687: Fix regression with IPv6 LL addresses
- Update does_vip_exist() to correctly compare LL VIPs that include the
interface in the address (e.g. '%lo0').
- R... Marcos M
08:07 PM Feature #16034 (Rejected): Change interface default static IP subnet to /24 instead of /32
We have considered this and rejected it in the past. /24 is no more correct than /32 for any given interface, but /32... Jim Pingle
07:53 PM Feature #16034 (Rejected): Change interface default static IP subnet to /24 instead of /32
When setting an interface to Static, the default subnet mask is /32.
A /24 subnet mask is generally more common, an... Andrew Almond
07:59 PM Bug #16030 (Feedback): Captive Portal service management via ``pfSsh.php svc`` fails when the zone name contains uppercase letters
Marcos M
07:59 PM Bug #16030: Captive Portal service management via ``pfSsh.php svc`` fails when the zone name contains uppercase letters
Fixed with commit:27927fd401f7d511f3f7320e86581aa6d7d8fe50. Marcos M
05:44 PM Bug #16030 (Resolved): Captive Portal service management via ``pfSsh.php svc`` fails when the zone name contains uppercase letters
If the captive portal zone name has capitals in its name, some of the restart-related processes refer its name incorr... Georgiy Tyutyunnik
07:58 PM Bug #16032 (Feedback): Creating a Captive Portal zone with uppercase letters overwrites existing zones of the same name
Fixed with commit:27927fd401f7d511f3f7320e86581aa6d7d8fe50. Marcos M
06:54 PM Bug #16032 (Resolved): Creating a Captive Portal zone with uppercase letters overwrites existing zones of the same name
Steps to reproduce:
# Create a Captive Portal zone named "test" with description "zone 1".
# Create a Captive Porta... Marcos M
07:55 PM Revision 7d9443b9: Bump config version
Marcos M
07:53 PM Feature #16015: Method to change the AutoConfigBackup device key
This is a great addition! Andrew Almond
07:51 PM Revision 68ef1115: Include Captive Portal zone description in messages
Marcos M
07:51 PM Revision 859097d5: Remove the old Captive Portal configuration 'zone'
Marcos M
07:51 PM Revision 27927fd4: Consolidate Captive Portal zone name references from config
This change updates the code which uses the "captiveportal/<zone>/zone"
path to instead use "captiveportal/<zone>". T... Marcos M
07:40 PM Feature #16033 (New): Add the ability to download configuration backups in ACB without modifying ACB settings
It would be helpful to have a way to provide an Encryption Password and Device Key on the Restore tab or on a separat... Andrew Almond
06:40 PM Regression #16031 (Resolved): Some older ISA-based uart consoles do not function on development snapshots around 25.03 or later
At some point after 24.11, serial consoles for some devices started failing on development snapshots (Plus 25.03-25.0... Jim Pingle
11:49 AM Bug #16029 (Pull Request Review): When using LDAP group filter, group has to be in the same LDAP container as the user
We are using OpenLDAP that we want to use for the OpenVPN authentication.
Idea is to allow only those users that are... David Benes

02/02/2025

04:54 AM pfSense Packages Bug #15821: pfSense-pkg-acme needs to be updated to use api.porkbun.com instead of porkbun.com
Despite having the latest version of pfSense-pkg-acme installed (0.9_1) - my local file /usr/local/pkg/acme/dnsapi/dn... Ben Woods
04:49 AM Bug #16007: Dynamic DNS, Porkbun, "@.mydomain.xyz"
Could this be caused by porkbun moving the URL for their API recently?
Old Value: porkbun.com
New Value: api.porkbu... Ben Woods
02:56 AM Bug #15110: pfSense hangs when rebooting
Same error as others above. 5100 with a TS32GMTS400S 32gb M.2, same as photo in original post.
This occured after u... Jon Harrison
12:47 AM Feature #16014 (Resolved): Download function for AutoConfigBackup entries
Tested on... Christopher Cope
12:44 AM Feature #16015 (Resolved): Method to change the AutoConfigBackup device key
Tested on
</pre>25.03-BETA (amd64)
built on Tue Jan 28 14:37:00 UTC 2025
FreeBSD 15.0-CURRENT</pre>
It's working ... Christopher Cope
12:41 AM Bug #16012 (Resolved): "Reset" button on AutoConfigBackup Restore tab does not submit the form
Tested on... Christopher Cope

02/01/2025

10:05 PM Feature #16014: Download function for AutoConfigBackup entries
new actions appear in ACB and function as specified
!clipboard-202502011605-oksfy.png!
 Jordan G
09:57 PM Feature #16015: Method to change the AutoConfigBackup device key
clicking change key button in ACB (25.03.b.20250128.1437) takes you to subsequent screen with dialogs/warnings and ab... Jordan G
07:02 PM Bug #15852: Alias Nesting Only Shows IP and Network Alias Types On Initial Creation
it appears this functionality is by design and to prevent things like port aliases being nested in a host or network ... Jordan G
06:19 PM Bug #12947: Old IPv6 addresses may continue to be used after DHCP or RA changes
The following addresses the points from #note-25:
Trigger @rc.newwanipv6@ on RENEW:
* commit:646389402feb2dd94171d7c... Marcos M
06:07 PM Revision c66e2894: Include all IPv6 address flags in get_interface_addresses()
Marcos M
06:07 PM Revision 09a0164d: Select an interface IPv6 address based on priority
Marcos M
06:07 PM Revision 4294e51e: pfSense_getall_interface_addresses() is deprecated
Use pfSense_get_ifaddrs() instead which now includes LL addresses. Marcos M

01/31/2025

11:02 PM pfSense Packages Bug #15771: RPKI cannot be configured
I haven’t seen a package update for FRR. Is this going to be pushed at all? Mike Moore
10:58 PM pfSense Packages Feature #9141: FRR xmlrpc
Any updates on getting config sync moving along? Mike Moore
10:56 PM pfSense Packages Bug #14390: Squid: SECURITY ALERT: Host header forgery detected
While there are some Squid improvements occurring in other redlines can we get an update on this issue? This isn’t an... Mike Moore
10:55 PM pfSense Packages Feature #14453: Expand prefix list entry window
Any updates on getting the prefix list window expanded?
The window should at least make ipv4 addresses visible Mike Moore
10:53 PM pfSense Packages Todo #14073: Shalla block list is offline but still available in pfBlocker
User confusion still occurs.
Mike Moore
06:39 PM Revision 75dfcf4a: Modernize this check as using x-prefix is not needed any longer
Brad Davis
04:34 PM Revision 35dab7fc: Config access regression when installing cron jobs with RAM disks
Marcos M
04:12 PM Bug #16027: RTTsd can be incorrect when using a manual gateway monitoring data payload size of ``0``
Jim Pingle wrote in #note-1:
> The default payload has been @1@ for nearly 5 years now so there is nothing actionabl... Leon Straathof

01/30/2025

11:07 PM Bug #12947 (In Progress): Old IPv6 addresses may continue to be used after DHCP or RA changes
Marcos M
10:36 PM pfSense Packages Bug #15932 (Duplicate): HAProxy entries disappear after saving with MIM enabled
This shares the same root cause as https://redmine.pfsense.org/issues/15989 which has been fixed for the upcoming rel... Marcos M
12:01 AM pfSense Packages Bug #15932: HAProxy entries disappear after saving with MIM enabled
Attached is the debug file. Chad High
05:49 PM Bug #16028 (Resolved): RFC 2136 Dynamic DNS cannot update AAAA records over IPv6
I've tested and it seems to be working as expected for all combinations I tried. Thanks! Renato Botelho
05:42 PM Bug #16028 (Feedback): RFC 2136 Dynamic DNS cannot update AAAA records over IPv6
Fixed with:
* commit:ddb0771962b2e1e974a908f1b02ddd94423c2903
* commit:132c1253f6e527c7e3155147acafa96ebb820575
* ... Marcos M
05:23 PM Bug #16028 (Resolved): RFC 2136 Dynamic DNS cannot update AAAA records over IPv6
To reproduce, create an RFC2136 entry with the following settings:
* Interface: an interface with IPv6
* Use public... Marcos M
05:37 PM Revision 495d44d0: Respect binding to IPv6 when updating AAAA records using RFC2136. Fix #16028
- Move the "local" nsupdate configuration line condition so that it is
set when "recordtype" is AAAA.
- Don't clobb... Marcos M
02:09 AM Revision 132c1253: Respect address family for RFC2136 when calling dyndnsCheckIP()
The "usepublicip" option is only used for IPv4. Marcos M
02:09 AM Revision ddb07719: Fix RFC2136 status info
- Use the correct variable name
- Remove the duplicate IPv6 file check Marcos M

01/29/2025

10:54 PM pfSense Packages Bug #15932: HAProxy entries disappear after saving with MIM enabled
That's odd. Try reverting/removing all patches then only apply this one (strip count 2, copy / paste - don't upload t... Marcos M
09:10 PM pfSense Packages Bug #15932: HAProxy entries disappear after saving with MIM enabled
My fault. It looks like there is something wrong with the original patch. I get the following error.... Chad High
08:26 PM pfSense Packages Bug #15932: HAProxy entries disappear after saving with MIM enabled
OK, let's add some debugging info to see if there are any clues.
Edit: see #note-11
Then reproduce the issue and po... Marcos M
07:45 PM pfSense Packages Bug #15932: HAProxy entries disappear after saving with MIM enabled
No custom patches installed other than the one you provided.
pfSense-upgrade:... Chad High
07:35 PM pfSense Packages Bug #15932: HAProxy entries disappear after saving with MIM enabled
I'm not able to replicate the issue with that config either.
Perhaps the devices that it's not working on have not... Marcos M
06:33 PM pfSense Packages Bug #15932: HAProxy entries disappear after saving with MIM enabled
Derp. I have uploaded 2 files here that has the before and after. Sorry about that. Let me know what else you want done. Chad High
06:16 PM pfSense Packages Bug #15932: HAProxy entries disappear after saving with MIM enabled
That's the wrong config path - show the config at installedpackages/haproxy, not installedpackages/package. Marcos M
08:37 PM Revision 5e6a51bb: ppp-ipv6: Fix indent
Renato Botelho
06:09 PM Revision 4ceeeb54: Fix ACB syntax error w/o password. Issue #16013
Jim Pingle
03:44 PM Bug #16027 (Duplicate): RTTsd can be incorrect when using a manual gateway monitoring data payload size of ``0``
The default payload has been @1@ for nearly 5 years now so there is nothing actionable here. Users can manually set t... Jim Pingle
03:28 PM Bug #16027 (Duplicate): RTTsd can be incorrect when using a manual gateway monitoring data payload size of ``0``
This issue has been reported before by others but because of not enough information always closed as not a bug. I hav... Leon Straathof
10:11 AM Regression #15074: ISO fails to boot UEFI
The Netgate Installer is also getting the EFI framebuffer fail without serial being added.
CE 2.8.0 ISO and post inst... Jonathan Smolka
02:02 AM Bug #12947: Old IPv6 addresses may continue to be used after DHCP or RA changes

> rtsold_vtnet1_script.sh should kill dhcp6c whenever an RA resulted in new ip addresses on that WAN interface.
... Marcos M

01/28/2025

11:32 PM Regression #16023: RAM disk configuration check fails at boot
When enable ram disks is set the xml read fails at specific points in boot with:... Steve Wheeler
04:45 PM pfSense Plus Feature #16026 (New): UI improvement on user deletion
User requests for an option to automatically remove and/or revoke user's certificates when deleting a local user. Georgiy Tyutyunnik
04:17 PM pfSense Packages Feature #16025 (New): FreeRADIUS RadSec support
Customer requests an option for FreeRADIUS package to support RadSec Georgiy Tyutyunnik
04:15 PM pfSense Packages Feature #16024 (New): GUI options for users' certificate allocations in FreeRADIUS
Customer requests an option for a FreeRADIUS user creation process:
to be able to create a new user certificate or t... Georgiy Tyutyunnik

01/27/2025

10:55 PM Regression #16023 (Resolved): RAM disk configuration check fails at boot
In some situation the ramdisk_check_enabled function can incorrectly return empty at boot. This results in either RAM... Steve Wheeler
08:10 PM Bug #16022 (Resolved): Static lease DNS records are incorrectly removed when backing lease expires
Records that are registered "early" should not be removed when the backing lease expires. These records should persis... Christian McDonald
08:04 PM Revision 1af53b7a: Do not use the lua script on armv7, it is not supported.
Fixes the warnings at boot. Luiz Souza
03:51 PM pfSense Packages Todo #16021 (New): Improve input validation in the FreeRADIUS package GUI
Review the FreeRADIUS package and identify fields which could support input validation and do not already perform val... Jim Pingle
03:27 PM pfSense Packages Feature #16009 (Resolved): Switch to Suricata's built-in UNIX socket control mechanism to signal rule updates, log rotations, and process shutdown
PRs merged, thanks! Jim Pingle
03:27 PM pfSense Packages Bug #16008 (Resolved): Improperly double-quoted constants when using SIGHUP and SIGUSR2 in GUI code function calls
PRs merged, thanks! Jim Pingle
03:18 PM pfSense Packages Bug #15932: HAProxy entries disappear after saving with MIM enabled
When I had a single entry I saved the output of the installed packaged in HAproxy and then after adding a second entr... Chad High
02:58 PM pfSense Packages Regression #16020 (New): GeoIP filtering no longer working in latest version
Unable to apply any GeoIP filtering
https://forum.netgate.com/topic/196190/ipv4-source-definitions-line-1-invalid-... Mike Moore
02:10 PM Todo #16013 (Feedback): AutoConfigBackup code cleanup and GUI refresh
Applied in changeset commit:c81106eb27b31ee4738addc45798ddc10ff6c841. Jim Pingle
02:10 PM Feature #16014 (Feedback): Download function for AutoConfigBackup entries
Applied in changeset commit:c81106eb27b31ee4738addc45798ddc10ff6c841. Jim Pingle
02:10 PM Bug #16012 (Feedback): "Reset" button on AutoConfigBackup Restore tab does not submit the form
Applied in changeset commit:c81106eb27b31ee4738addc45798ddc10ff6c841. Jim Pingle
02:10 PM Bug #12249 (Feedback): Long configuration revision reasons can cause AutoConfigBackup upload to fail
Applied in changeset commit:c81106eb27b31ee4738addc45798ddc10ff6c841. Jim Pingle
02:10 PM Bug #16011 (Feedback): AutoConfigBackup remote revision timestamps may not be unique due to batch uploads
Applied in changeset commit:c81106eb27b31ee4738addc45798ddc10ff6c841. Jim Pingle
02:10 PM Bug #16010 (Feedback): AutoConfigBackup scheduled backups always upload even when the configuration has not changed
Applied in changeset commit:c81106eb27b31ee4738addc45798ddc10ff6c841. Jim Pingle
02:10 PM Feature #16015 (Feedback): Method to change the AutoConfigBackup device key
Applied in changeset commit:c81106eb27b31ee4738addc45798ddc10ff6c841. Jim Pingle
02:10 PM Todo #16016 (Feedback): Change AutoConfigBackup default key generation format
Applied in changeset commit:c81106eb27b31ee4738addc45798ddc10ff6c841. Jim Pingle
02:02 PM Revision c81106eb: ACB Device Key Changes + General Refresh
- Changed default method of device key generation.
Implements #16016
- Added mechanism to change the device key.
... Jim Pingle
12:47 PM Bug #12947: Old IPv6 addresses may continue to be used after DHCP or RA changes
I'am quiet confused.
On a WAN interface with "Do not wait for RA" is NOT checked (so a WAN interface where we expe... Jan-Jonas Sämann

01/26/2025

03:33 PM Bug #12947: Old IPv6 addresses may continue to be used after DHCP or RA changes
I dug a little deeper on how the renewal of delegated prefixes should happen. DHCPv6 does not have a mechanism where ... Jan-Jonas Sämann
06:24 AM Bug #15346: Port Forward Add Unassociated Filter Rule Not Working
Tested on 24.11
The issue still persists. aleksei prokofiev
06:14 AM pfSense Packages Bug #15644: Snort Status icon disappears
Tested on pfSense 24.11 and snort 4.1.6_22
The issue still persists. aleksei prokofiev

01/25/2025

11:47 PM Bug #16007: Dynamic DNS, Porkbun, "@.mydomain.xyz"
Kris Phillips wrote in #note-3:
> Emanuel Persson wrote in #note-2:
> > API Access is enabled. But for subdomains i... Emanuel Persson
10:53 PM Bug #16007: Dynamic DNS, Porkbun, "@.mydomain.xyz"
Emanuel Persson wrote in #note-2:
> API Access is enabled. But for subdomains it would work but this is a "Root doma... Kris Phillips
11:44 PM pfSense Plus Regression #15880: Upgrade available LED not set before branch is selected.
tested with 25.03.b.20250120.1851 using 6100 as hardware - without the newer update branch selected the indicator lig... Jordan G
11:06 PM Bug #16019 (Resolved): Kea can unintentionally attempt to spawn multiple processes and fail
When doing things like restarting the Kea service or switching between ISC and Kea, there is a possibility of Kea att... Kris Phillips
11:00 PM Bug #15847 (Confirmed): Kea DHCP lease utilization stats incorrect for delegated prefix pools
Tested on 24.11 and 25.03. I can confirm this behavior. The Lease Utilization section on a Delegation Prefix under ... Kris Phillips
10:57 PM Bug #16018 (Incomplete): Mysterious Entire Crash in "PFSense CE"
This looks like a file system issue. If you back up your config, reinstall on the latest firmware, and then restore ... Kris Phillips
08:53 PM Bug #16018 (Incomplete): Mysterious Entire Crash in "PFSense CE"
!https://i.imgur.com/8iRcwyP.png!
When changing Settings the firewall is crashing with this stacktrace on the cons... Guido Lipke
07:20 PM Bug #15852: Alias Nesting Only Shows IP and Network Alias Types On Initial Creation
From my interpretation of your description and based on preliminary testing, it seems what you're stating is possible... Jordan G
05:09 PM Feature #13293: Option to set auth-gen-token in OpenVPN GUI
Bumping this.
Is this possible as an addition for 25.03? We run into this a few times a week and manually addin... Kris Phillips
10:48 AM pfSense Plus Bug #15959: MIM GUI is unable to write IPv6 aliases
The issue persisted.
Tested against:... Danilo Zrenjanin
04:31 AM Bug #12947: Old IPv6 addresses may continue to be used after DHCP or RA changes
My duplicate of this was just closed in the moment I published an attempt to fix primary ipv6 gua selection. So here ... Jan-Jonas Sämann
12:02 AM Bug #12947 (Confirmed): Old IPv6 addresses may continue to be used after DHCP or RA changes
I am re-opening this issue since there are a couple failure cases that can explain the reported issues. To address th... Marcos M
12:04 AM Bug #15625: IPv6 prefix rotation by ISP causes complete service disruption
I implemented a deprecated address check and will observe the behavior in the next few days.
Basically this patch ... Jan-Jonas Sämann
12:03 AM Bug #15625 (Duplicate): IPv6 prefix rotation by ISP causes complete service disruption
Marcos M
12:04 AM Bug #15900 (Duplicate): After an IPv6 prefix and IP change on the WAN interface the old deprecated IPv6 address is shown on Dashboard->Interfaces and Status->Interfaces
Marcos M
12:04 AM Bug #15906 (Duplicate): IPv6 delegated prefix changes upstream do not immediately update track6 interfaces
Marcos M

01/24/2025

09:48 PM Bug #15625: IPv6 prefix rotation by ISP causes complete service disruption
Marcos M wrote in #note-1:
> I don't know if there's any code that still uses @pfSense_get_interface_addresses()@ - ... Jan-Jonas Sämann
08:11 PM pfSense Docs Todo #16017 (Feedback): Update AutoConfigBackup docs to account for new changes
The AutoConfigBackup docs will need updated to match changes happening in 25.03:
* https://redmine.pfsense.org/iss... Jim Pingle
05:10 PM Todo #16016 (Resolved): Change AutoConfigBackup default key generation format
Currently ACB associates backups with a host by a hash of its SSH public key, which is known as the "Device Key" in A... Jim Pingle
04:52 PM Feature #16015 (Resolved): Method to change the AutoConfigBackup device key
Currently the AutoConfigBackup device key is derived automatically and there is no way to change the key. It would be... Jim Pingle
04:42 PM Feature #16014 (Resolved): Download function for AutoConfigBackup entries
The AutoConfigBackup GUI has a "download" icon for entries which can be confusing since it opens a view which downloa... Jim Pingle
04:35 PM Todo #16013 (Resolved): AutoConfigBackup code cleanup and GUI refresh
The frontend and backend code in AutoConfigBackup needs a lot of review/cleanup.
* It's changed a lot over the yea... Jim Pingle
04:17 PM Bug #16012 (Resolved): "Reset" button on AutoConfigBackup Restore tab does not submit the form
When viewing backups for an alternate Device Key on the Restore tab, the "Reset" button changes the key back to the o... Jim Pingle
04:15 PM Bug #16011 (Feedback): AutoConfigBackup remote revision timestamps may not be unique due to batch uploads
The way AutoConfigBackup queues and batches uploads (once per minute), a sufficiently fast system on a sufficiently f... Jim Pingle
04:05 PM Bug #16010 (Rejected): AutoConfigBackup scheduled backups always upload even when the configuration has not changed
There is code to detect and skip scheduled backups if the configuration has not changed since the last upload, but is... Jim Pingle
04:01 PM Bug #12249 (In Progress): Long configuration revision reasons can cause AutoConfigBackup upload to fail
Fixing this as a part of what I'm already working on, best option is to truncate the reason to the limit supported by... Jim Pingle

01/23/2025

07:35 PM Revision d54f6e6d: Bump up Composer dependencies to latest major versions
and fix some fallout Christian McDonald
04:50 PM pfSense Packages Feature #16009: Switch to Suricata's built-in UNIX socket control mechanism to signal rule updates, log rotations, and process shutdown
This feature request is implemented via the following Pull Requests for the RELENG_2_7_2 and DEVEL branches, respecti... Bill Meeks
01:39 PM pfSense Packages Feature #16009 (Resolved): Switch to Suricata's built-in UNIX socket control mechanism to signal rule updates, log rotations, and process shutdown
Suricata provides a UNIX control socket for communicating with the running binary process. Switch to this more robust... Bill Meeks
04:49 PM pfSense Packages Bug #16008: Improperly double-quoted constants when using SIGHUP and SIGUSR2 in GUI code function calls
This issue is corrected in the following Pull Requests for the RELENG_2_7_2 and DEVEL branches, respectively:
http... Bill Meeks
01:20 PM pfSense Packages Bug #16008 (Resolved): Improperly double-quoted constants when using SIGHUP and SIGUSR2 in GUI code function calls
There are multiple instances of improperly double-quoted constants for the SIGHUP and SIGUSR2 values in the Suricata ... Bill Meeks
03:49 PM Revision c3e20129: Update Composer dependencies
Christian McDonald
03:21 PM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy
Jim Pingle wrote in #note-45:
> The GUI packages were picked back there but failed to build because the actual under... Maurice Detmers
03:09 PM pfSense Packages Bug #15995: Unable to switch to the RELENG_2_7_2 branch
Jim Pingle wrote in #note-3:
> If it's a VM, it should work.
that works, thank you very much Maurice Detmers

01/22/2025

10:48 PM Bug #15956: Kea DHCP static mappings requires lease expiry before taking effect
Ran into the same issue. I have no way to reproduce it. I changed the assigned static ip to another ip address, unplu... Cornel van Mastrigt
12:47 PM Bug #16007: Dynamic DNS, Porkbun, "@.mydomain.xyz"
API Access is enabled. But for subdomains it would work but this is a "Root domain update". Not a subdomain update. I... Emanuel Persson
12:30 PM Bug #16007: Dynamic DNS, Porkbun, "@.mydomain.xyz"
Porkbun working fine for me on 24.11 software. Make sure you have API enabled for the domain in the Porkbun dashboard... Lev Prokofev
12:03 PM Bug #16007 (New): Dynamic DNS, Porkbun, "@.mydomain.xyz"
!clipboard-202501221253-aai6z.png!... Emanuel Persson
04:21 AM Bug #15906: IPv6 delegated prefix changes upstream do not immediately update track6 interfaces
Although this does restore basic connectivity, it defeats downstream prefix invalidation.
Deprecated prefixes in the... Jan-Jonas Sämann

01/21/2025

07:41 PM Bug #15625: IPv6 prefix rotation by ISP causes complete service disruption
Same here, just added my note to the wrong ticket: #12947#note-24 a week ago...
I can confirm and reproduce this on 2... Manuel Gayer
07:29 PM Revision 8208e606: Improve NAT64 input validation
NAT64 rules do not currently support route-to. Marcos M
07:19 PM Bug #15906: IPv6 delegated prefix changes upstream do not immediately update track6 interfaces
Same here, as already said in #12947#note-24.
For the moment I use this shell script in a cron-job every minute:
<pr... Manuel Gayer
07:02 PM Bug #16005 (Resolved): PHP error from invalid IPv6 address on ``diagnostics_ping.php``
Marcos M
06:05 PM Bug #16005 (Feedback): PHP error from invalid IPv6 address on ``diagnostics_ping.php``
Applied in changeset commit:3e161bebc0c49d6bde2f487682317abb0356698f. Marcos M
05:23 PM pfSense Packages Bug #15932: HAProxy entries disappear after saving with MIM enabled
It would be helpful to see the respective config section before and after reproducing the issue. It can be found in @... Marcos M
08:19 AM Feature #15813: Include alternative TCP stack
Andreas Dekiert wrote in #note-7:
> So, what is the way forward? You marked this issue as a duplicate of another one... Manuel Trier

01/20/2025

08:16 PM Bug #16005 (Pull Request Review): PHP error from invalid IPv6 address on ``diagnostics_ping.php``
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1184 Marcos M
07:45 PM Bug #16005 (Resolved): PHP error from invalid IPv6 address on ``diagnostics_ping.php``
Steps to reproduce:
# Go to @Diagnostics > Ping@
# Set @IP Protocol@ to @IPv6@
# Enter @2001::1:2:3:4:5:6:7:8@ and... Marcos M
08:12 PM Revision 3e161beb: Handle potential errors with Net_IPv6::checkIPv6. Fix #16005
Marcos M
08:10 PM Revision 5e7e72ee: Don't process empty filter rules from packages
Packages may insert their own filter rules via a function referenced in
the package xml element "filter_rules_needed"... Marcos M
03:39 PM Bug #13158 (Resolved): Input validation error when applying limiter changes
Marcos M
03:39 PM Bug #15925 (Resolved): DNS Resolver option for Query Name Minimization cannot be disabled
The default configuration itself was updated to enable it - it's only done for installs. Marcos M
03:32 PM Bug #16004 (New): tailscale unexpected state: NoState
Found taiscale down today, status: unexpected state: NoState
Restarting the service didn't fix the issue.
To fix,... Marcelo Cury
01:48 PM Feature #16002: SCRAM-SHA-1(-PLUS) + SCRAM-SHA-256(-PLUS) + SCRAM-SHA-512(-PLUS) + SCRAM-SHA3-512(-PLUS) supports
SCRAM is supported by Net_SMTP which uses Auth_SASL or Auth_SASL2:
- https://github.com/pear/Net_SMTP?tab=readme-ov-... Neustradamus -
01:36 PM Feature #16002 (Needs Patch): SCRAM-SHA-1(-PLUS) + SCRAM-SHA-256(-PLUS) + SCRAM-SHA-512(-PLUS) + SCRAM-SHA3-512(-PLUS) supports
We do not directly implement that layer, we use PHP libraries (e.g. Mail which uses "Net_SMTP":https://pear.php.net/p... Jim Pingle
01:47 PM Bug #16000: 400 Bad Request - The plain HTTP request was sent to HTTPS port - nginx
I will create a PR to fix this problem! :) Neustradamus -
01:40 PM Bug #16000: 400 Bad Request - The plain HTTP request was sent to HTTPS port - nginx
It's not a bad or improper configuration, it's working as expected. It should not answer HTTP requests on the HTTPS p... Jim Pingle
01:28 PM pfSense Packages Regression #15469: RRD Graphs height is smaller than expected
That's not the expected scale. They're still about half as tall as they should be. Compare with the images in the ori... Jim Pingle

01/19/2025

05:06 PM pfSense Packages Bug #16003 (New): ACME IPV6 cloudflare issues, ipv4 preferred not respected
https://forum.netgate.com/topic/195953/bug-24-11-acme-ipv6-cloudflare-issues-ipv4-not-respected
Using cloudflare d... Jay Sols
04:27 PM Bug #15973: Kea DHCP server crashes on 3100 (32bit ARM) every 10 days or so post 24.11 upgrade
Same issue here, same hardware. I have a core-dump available which I can share with Netgate. I don't want to share it... Sander Peterse
05:31 AM pfSense Packages Feature #12179: QEMU package
if guest agent can be made a package it should feature integration with the dashboard services widget to easily monit... Jordan G
04:01 AM pfSense Packages Regression #15469: RRD Graphs height is smaller than expected
Various RRD graphs viewed via Status>Monitoring show scale as expected with 24.11
!clipboard-202501182201-5b8vb.pn... Jordan G
03:52 AM Bug #13158: Input validation error when applying limiter changes
following the application of the above linked patch (on 24.11), opening a child queue for a limiter, making a change ... Jordan G
03:12 AM Feature #15984: Can we have a way to start smartd on bootup?
Moving to Feature Request, as this is not a Bug. Kris Phillips
03:10 AM Feature #16002: SCRAM-SHA-1(-PLUS) + SCRAM-SHA-256(-PLUS) + SCRAM-SHA-512(-PLUS) + SCRAM-SHA3-512(-PLUS) supports
Moving from Bug Report to Feature Request, as this is not a Bug. Kris Phillips
02:32 AM Bug #15925: DNS Resolver option for Query Name Minimization cannot be disabled
Tested on... Christopher Cope
02:21 AM Todo #15969 (Resolved): Improve the system load impact from Dashboard widgets
Tested on... Christopher Cope

01/18/2025

05:34 AM Bug #16000: 400 Bad Request - The plain HTTP request was sent to HTTPS port - nginx
You have closed my ticket, please reopen, it has not been solved!
Linked to:
- https://www.google.com/search?q=40... Neustradamus -
05:22 AM Bug #16000: 400 Bad Request - The plain HTTP request was sent to HTTPS port - nginx
Thanks for your quick answer!
You can check ALL your devices :)
If you have a WebAdmin in HTTPS, you have autom... Neustradamus -
03:47 AM Bug #16000 (Rejected): 400 Bad Request - The plain HTTP request was sent to HTTPS port - nginx
What you are seeing is expected. You cannot send an HTTP request to an HTTPS port. That cannot be redirected, it's an... Jim Pingle
03:05 AM Bug #16000 (Rejected): 400 Bad Request - The plain HTTP request was sent to HTTPS port - nginx
Dear pfSense team,
Default local machine:
- http://pfsense/
- https://pfsense/
- https://pfsense/system_advance... Neustradamus -
04:00 AM Feature #16002 (Needs Patch): SCRAM-SHA-1(-PLUS) + SCRAM-SHA-256(-PLUS) + SCRAM-SHA-512(-PLUS) + SCRAM-SHA3-512(-PLUS) supports
Dear pfSense team,
I have discovered that "Notification E-Mail auth mechanism" supports are not good:
- https://p... Neustradamus -
03:45 AM Bug #16001 (Rejected): No easy WebAdmin access from WAN feature
Administrators should never expose the firewall GUI to the WAN, so adding rules manually is as "easy" as it will be. ... Jim Pingle
03:43 AM Bug #16001: No easy WebAdmin access from WAN feature
In more with this option, two forms:
- One with authorized IPv4
- One with authorized IPv6
WAN rules:... Neustradamus -
03:28 AM Bug #16001 (Rejected): No easy WebAdmin access from WAN feature
Dear pfSense team,
There is no easy feature to add the WebAdmin access from WAN.
If a NEW option is created (on... Neustradamus -

01/17/2025

10:19 PM pfSense Packages Bug #15996 (Resolved): pfBlockerNG can clobber unbound file permissions
Fixed with https://github.com/pfsense/FreeBSD-ports/commit/8d632447c10537dc99e9ab3aa1ac66768fa55829. Marcos M
08:00 PM Bug #15999 (Duplicate): DNS Forwarder issue with defining domain override
Marcos M
07:23 PM Bug #15999: DNS Forwarder issue with defining domain override
The issue is confirmed at the following pfSense Plus version:... Danilo Zrenjanin
07:22 PM Bug #15999 (Duplicate): DNS Forwarder issue with defining domain override
If you attempt to define a domain override under Services/DNS Forwarder, the entry you created will disappear after s... Danilo Zrenjanin
01:43 PM Bug #15998 (Rejected): IPSec bypass rules cause interface failure
There isn't nearly enough information here to make any conclusions or identify anything specific. It sounds like an i... Jim Pingle
12:26 PM Bug #15998 (Rejected): IPSec bypass rules cause interface failure
When we had version 2.6.3, we migrated an IPSec to a dataline. The only way we found to force IPSec to let go of the... Chaim Robinson
08:23 AM Feature #15997 (New): Multi chassis link aggregation
Multi-Chassis LAG would be a very useful feature and a natural expansion of the clustering feature. MC-LAG would pro... Marcello Lodi

01/16/2025

11:55 PM pfSense Plus Bug #15989: Renaming an alias in MIM does not update firewall and NAT rules with the new alias name
Part of the fix requires a binary update which cannot be applied via the System Patches package. Marcos M
09:27 PM pfSense Plus Bug #15989: Renaming an alias in MIM does not update firewall and NAT rules with the new alias name
Trying to patch using the commitID above and I'm unable to fetch. Mike Moore
04:08 PM pfSense Plus Bug #15989 (Resolved): Renaming an alias in MIM does not update firewall and NAT rules with the new alias name
Georgiy Tyutyunnik
04:08 PM pfSense Plus Bug #15989: Renaming an alias in MIM does not update firewall and NAT rules with the new alias name
latest dev fixes the issue
tested on:
25.07-DEVELOPMENT (amd64)
built on Thu Jan 16 6:00:00 UTC 2025
FreeBSD 15.0... Georgiy Tyutyunnik
11:12 PM pfSense Plus Bug #15978: Unable to get SMART data from 4200 onboard storage
Ive been following this redmine. If there is no way to monitor the system's disk health......Why is this product even... Mike Moore
10:06 PM pfSense Plus Bug #15978: Unable to get SMART data from 4200 onboard storage
So there is no way to monitor the storage health of the Netgate 4200?
How is a user supposed to know if the storage ... Andrew Almond
08:45 PM Bug #15925 (Feedback): DNS Resolver option for Query Name Minimization cannot be disabled
Applied in changeset commit:85a27bcb9b81425868aab775f9a456e27ca5767d. Marcos M
08:31 PM Revision cdba77b2: Fix typo in function name on log error message
Renato Botelho
08:30 PM Revision 21b966d4: Style fixes
Renato Botelho
08:18 PM pfSense Packages Bug #15996 (Resolved): pfBlockerNG can clobber unbound file permissions
To reproduce:
# Use a ZFS system.
# Install pfBlockerNG-devel and set it up DNSBL in Unbound python mode.
# Set up... Marcos M
07:19 PM Bug #15973: Kea DHCP server crashes on 3100 (32bit ARM) every 10 days or so post 24.11 upgrade
Björn Bylander wrote in #note-1:
> Loh Phat wrote:
> > The DHCP server dies with the following log entry:
> >
> ... Blaik Harvey
05:25 PM pfSense Plus Regression #15964 (Closed): Upgrades on UFS from 23.09.1 to 24.03 or 24.11 Fails
Luiz Souza
03:53 PM pfSense Plus Regression #15964 (Resolved): Upgrades on UFS from 23.09.1 to 24.03 or 24.11 Fails
can successfully update from 23.09.1 to the latest dev or latest stable on UFS
tested on:
25.07-DEVELOPMENT (amd64)... Georgiy Tyutyunnik
12:40 PM Bug #15990 (Resolved): Input validation prevents updating a limiter without changing the name
tested, patch fixes the issue
tested on:
25.03-BETA (amd64)
built on Wed Jan 8 2:56:00 CET 2025
FreeBSD 15.0-CURRENT Georgiy Tyutyunnik

01/15/2025

08:02 PM Bug #15708: The filterdns service won't start
I also ran into this issue. I had to bump my threads past 4096 to get it to work properly. A message on the "Tables" ... Dark Baritone
04:09 PM pfSense Plus Bug #15993: Upgrade fails with NVMe drive installed
Ok have a good day Jim :) Jonathan Lee
04:09 PM pfSense Plus Bug #15993: Upgrade fails with NVMe drive installed
It is the everything bagel 2100-MAX, we can call it the SG-2100-ULTRA edition .. comes with heat sinks a nvme drive, ... Jonathan Lee
04:07 PM pfSense Plus Bug #15993: Upgrade fails with NVMe drive installed
That you managed to make it function partially does not indicate it is "supported". It may have appeared functional, ... Jim Pingle
04:00 PM pfSense Plus Bug #15993: Upgrade fails with NVMe drive installed
@Jim Pringle
I am using a mpcie to nvme adapter on the mpcie slot that was used for wifi. It does work perfectly how... Jonathan Lee
03:35 PM pfSense Packages Bug #15995: Unable to switch to the RELENG_2_7_2 branch
If it's a VM, it should work. Jim Pingle
03:12 PM pfSense Packages Bug #15995: Unable to switch to the RELENG_2_7_2 branch
Jim Pingle wrote in #note-1:
> You're probably checking out the tree on a Windows filesystem, and the repository is ... Maurice Detmers
03:09 PM pfSense Packages Bug #15995 (Not a Bug): Unable to switch to the RELENG_2_7_2 branch
You're probably checking out the tree on a Windows filesystem, and the repository is not compatible with that. Files ... Jim Pingle
02:36 PM pfSense Packages Bug #15995 (Not a Bug): Unable to switch to the RELENG_2_7_2 branch
Hi,
I hope I am posting this in the right spot and hopefully someone can help me with this.
I am trying to switc... Maurice Detmers
06:49 AM Bug #15988 (Resolved): PHP error when saving System Log settings
The patch has been tested and it fixes the issue. aleksei prokofiev

01/14/2025

08:17 PM Feature #14483: Conditionally reconfigure IPsec VTI interfaces only when necessary while applying IPsec changes
Devs,
Is there any hope on the horizon on getting a patch to fix? If one is available, I have no problem providing a... Mike Moore
07:53 PM pfSense Plus Bug #15993 (Rejected): Upgrade fails with NVMe drive installed
There are systems which require NVMe to function as that is their only drive, so disabling it automatically at any po... Jim Pingle
07:01 PM pfSense Plus Bug #15993 (Rejected): Upgrade fails with NVMe drive installed
Hello fellow Redmine community members, I found a bug during upgrade to 25.11 the upgrade fails with my NVMe driver. ... Jonathan Lee
07:31 PM pfSense Packages Bug #15932: HAProxy entries disappear after saving with MIM enabled
I have also experienced this issue.
I can create a frontend with 1 ACL and it's fine. If I add a second ACL then all... Andrew Almond
07:22 PM pfSense Plus Bug #15994 (Resolved): Backup configuration cache is not cleaned automatically
With the introduction of BE2.0, the configuration backup cache is now only trimmed when backups are listed (e.g. by v... Marcos M
07:06 PM Revision 85a27bcb: QNAME minimization default has changed. Fix #15925
Marcos M
04:54 PM pfSense Packages Feature #15981 (Resolved): Add a fresh Suricata 7.0.8 package version in package manager.
PRs merged/picked. Thanks! Jim Pingle
03:50 PM Bug #15925 (Pull Request Review): DNS Resolver option for Query Name Minimization cannot be disabled
Marcos M
01:16 PM pfSense Plus Regression #15992 (Rejected): PHP Shell Permission Issue for User After Upgrade from 23.03 to 23.11
That has never been intended to work, it should only work as root/admin. It may have worked in certain cases by luck,... Jim Pingle
09:07 AM pfSense Plus Regression #15992 (Rejected): PHP Shell Permission Issue for User After Upgrade from 23.03 to 23.11
Hi
Description:
After upgrading from pfSense version 23.04 to 24.11, I encountered an issue where the nagios use... Abdallah Musa
08:23 AM Bug #15982: Limiters do not change values and disappear after reboot if bandwidth set over 5 Gig
But we need bandwidth limiter higher than ~4,3G. We need for example 7.5G or 10G
So changing just the UI is not very... Marco Eberhardt
07:54 AM Bug #15990: Input validation prevents updating a limiter without changing the name
Working great, thanks! Richard Rovelstad
 

Also available in: Atom