Project

General

Profile

Activity

From 03/29/2025 to 04/27/2025

04/27/2025

03:34 PM pfSense Plus Bug #16163: Gateway widget incorrectly displays IPv6 default gateway status
Correction: System_Patches rev is 2.2.20_4 Marc Goldburg
03:30 PM pfSense Plus Bug #16163 (New): Gateway widget incorrectly displays IPv6 default gateway status
Running 24.11 + System_Patches 2.2.20_04, the gateway widget occasionally fails to display the "globe icon" and gatew... Marc Goldburg
02:11 PM pfSense Packages Regression #16157 (Duplicate): Wireguard with ipv6 interface breaks in 25.03 beta.
Marcos M
08:19 AM pfSense Packages Regression #16157: Wireguard with ipv6 interface breaks in 25.03 beta.
I can confirm this behavior, as soon as I added IPv6 to the wg tunnel settings I had this crash.
25.03-BETA (amd64)
... aleksei prokofiev
04:55 AM Bug #16155: mpd5 specific options remain availble after enabling if_pppoe
testing this with 25.03 and 25.07 with above patch applied after enabling if_pppoe under System>Advanced>Networking>N... Jordan G
02:15 AM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online
Tested on 25.03-BETA. I can still recreate this with VTI tunnels. Haven't tested other methods of reproduction, but... Kris Phillips
02:08 AM Bug #16131: DHCP Relay not working when CARP Status VIP is other than None
I'm going to guess this is due to IPSec, as DHCP Relay is unpredictable with IPSec (especially tunnel mode).
Are y... Kris Phillips
12:05 AM Bug #16162 (Confirmed): IPsec unnecessarily prompts to apply changes after input errors
dylan mendez
12:04 AM Bug #16162: IPsec unnecessarily prompts to apply changes after input errors
I can confirm this behavior on latest development snapshots.
!clipboard-202504261804-bagsm.png!
 dylan mendez

04/26/2025

07:47 PM Feature #15089 (Resolved): Support LuaDNS provider
Tested on... Christopher Cope
07:45 PM Bug #16153: ECL can modify a discovered config file
can confirm this occurs when using ECL on 25.03.b.20250424.1928 and 25.07.a.20250426.1531, when inspecting the conten... Jordan G
07:07 PM Bug #16158 (Closed): IPsec allows deleting P1/P2 entries with an assigned VTI
dylan mendez
02:17 PM Bug #16158 (Incomplete): IPsec allows deleting P1/P2 entries with an assigned VTI
Tested on... Christopher Cope
08:39 AM Bug #16158: IPsec allows deleting P1/P2 entries with an assigned VTI
I am getting the same results on 24.11 pfSense Plus. Everything works as expected. Danilo Zrenjanin
08:28 AM Bug #16158 (Feedback): IPsec allows deleting P1/P2 entries with an assigned VTI
Danilo Zrenjanin
08:28 AM Bug #16158: IPsec allows deleting P1/P2 entries with an assigned VTI
I couldn't reproduce it on:... Danilo Zrenjanin
06:20 PM pfSense Packages Feature #16075: Add Zabbix 7.0 packages for 24.03
@jimp @mmendoza @jgreene
What is needed to get Zabbix 7.0 pushed to 24.03 to see if it builds? Andrew Almond
06:11 PM Feature #15562: Add support for OpenID
+1, OIDC for additional logon method for easy onboarding of helping hands. chris laws
04:25 PM Bug #16155: mpd5 specific options remain availble after enabling if_pppoe
I do not have an actual pppoe link to test this with but using 24.11 with the above changeset applied via system_patc... Jordan G
02:33 PM Bug #14613: Incorrect wireguard control panel status management
2.7.2 This problem is reproduced again hao zhang
02:26 PM Bug #16162 (Resolved): IPsec unnecessarily prompts to apply changes after input errors
When attempting to delete an IPsec P1/P2 with VTI and an interface assigned an error is generated as expected; howeve... Christopher Cope

04/25/2025

09:43 PM pfSense Packages Regression #16160 (Resolved): PHP error after saving WireGuard tunnel with multiple addresses
Marcos M
05:45 PM Bug #16018: Mysterious Entire Crash in "PFSense CE"
Marco, the GUI isnt working anymore when the Crash happends... Also a reboot doesnt work. Where ist the crashdump? Guido Lipke
04:44 PM Bug #16018: Mysterious Entire Crash in "PFSense CE"
The screenshot is not enough - please share the crash report after logging into the GUI and include what version of p... Marcos M
10:08 AM Bug #16018: Mysterious Entire Crash in "PFSense CE"
It isnt a Filesystem Error... This Crash Happens when editing Firewall Rules.
A few Minutes ago... same issue... I s... Guido Lipke
04:57 PM pfSense Packages Bug #13654: Wireguard does not fail back failover WAN setup.
Any update from the Netgate team on this issue? I just received another bill from AT&T with almost $1100 in data over... Andrew Collings
04:50 PM Bug #16161 (Duplicate): Crash report
Based on the backtrace this appears to be a duplicate of #15503 Jim Pingle
04:37 PM Bug #16161 (Duplicate): Crash report
Estou com esse erro de php, onde meu pfsense reinicia. William Nakada
02:52 PM Feature #15089: Support LuaDNS provider
Are you using an API key, rather than your account password? You should be. See https://app.luadns.com/users/api_keys Aaron Sierra

04/24/2025

09:20 PM pfSense Docs Todo #16146: Document net.inet6.icmp6.nd6_onlink_ns_rfc4861
For reference this behavior can be achieved with pfSense as the upstream router, e.g. if the address being pinged by ... Marcos M
09:10 PM pfSense Packages Regression #16160 (Feedback): PHP error after saving WireGuard tunnel with multiple addresses
Fixed with "f6dfb5a189c7e82b4f4962b7890f9c66eb36a088":https://github.com/pfsense/FreeBSD-ports/commit/f6dfb5a189c7e82... Marcos M
09:04 PM pfSense Packages Regression #16160 (Resolved): PHP error after saving WireGuard tunnel with multiple addresses
After adding a second address to a WireGuard tunnel (unassigned interface), the following alert is shown:... Marcos M
03:45 PM pfSense Packages Feature #15397: Wazuh Agent
I would also like this package to make it into the official pfSense package list.
What would it take to make that ha... Kuberan Govender
03:29 PM Bug #16115 (Resolved): Potential XSS in IPsec Phase 1
Jim Pingle
03:23 PM Bug #16115: Potential XSS in IPsec Phase 1
tested, reproduced on 25.07.a.20250331.2135
fixed in 25.07.a.20250409.0600 and later Georgiy Tyutyunnik
03:29 PM Bug #16114 (Resolved): Potential XSS in Firewall Schedules
Jim Pingle
03:23 PM Bug #16114: Potential XSS in Firewall Schedules
tested, reproduced on 25.07.a.20250331.2135
fixed in 25.07.a.20250409.0600 and later Georgiy Tyutyunnik
03:01 PM Bug #16116 (Resolved): Potential XSS in Wake on LAN page and widget
Jim Pingle
03:00 PM Bug #16116: Potential XSS in Wake on LAN page and widget
tested, reproduced on 25.07.a.20250331.2135
fixed in 25.07.a.20250409.0600 and later Georgiy Tyutyunnik
04:01 AM Feature #15089: Support LuaDNS provider
Luadns is added to Dynamic DNS list
I added the hostname and domain, but it’s not registering
/services_dyndns_... Alhusein Zawi
01:15 AM Bug #16155 (Feedback): mpd5 specific options remain availble after enabling if_pppoe
Applied in changeset commit:27e9a8aaa44702d0305f01ca21629f2b081dbdc0. Marcos M

04/23/2025

06:38 PM Bug #16143: Unbound DNS over TLS resumption issue
further to this it turns out its a setting which needed tweaking
specifically;
infra-cache-min-rtt: 750
b... mrpops2ko .
04:36 PM Feature #16159 (New): Provide periodic connection reset for if_pppoe
PPPoE connections using mpd5/netgraph had several advanced options that are not available when if_pppoe is enabled.
... Steve Wheeler
01:24 AM Bug #16158 (Closed): IPsec allows deleting P1/P2 entries with an assigned VTI
!clipboard-202504221835-hmb4v.png!
Input validation does not prevent user from deleting a P1/P2 with a VTI assig... dylan mendez

04/22/2025

10:12 PM Feature #8641: Need way to disable HSTS and/or replace webConfigurator certificate from CLI
I support adding this to the console menu, I locked myself out by being a dumbo using a user certificate not server c... Chris Collins
08:34 PM pfSense Packages Bug #13654: Wireguard does not fail back failover WAN setup.
I can confirm this problem also exists with pfsense CE 2.7.2-RELEASE and WireGuard package 0.2.1.
For reference, thi... Wayne Sherman
03:18 PM Bug #16156 (Resolved): DDNS may send requests over IPv4 for IPv6 services
Marcos M
01:20 AM Bug #16156 (Feedback): DDNS may send requests over IPv4 for IPv6 services
Applied in changeset commit:363330d9eea0a54cb688977c2d57b82586843a70. Marcos M
12:47 AM Bug #16156 (In Progress): DDNS may send requests over IPv4 for IPv6 services
Marcos M
12:43 AM pfSense Packages Regression #16157 (Duplicate): Wireguard with ipv6 interface breaks in 25.03 beta.
Running: 25.03-BETA (amd64)
built on Mon Apr 14 14:38:00 EDT 2025
Upon upgrade, Wireguard will not start. Attache... quiet lion

04/21/2025

11:51 PM Bug #16156 (Resolved): DDNS may send requests over IPv4 for IPv6 services
When a DDNS "v6" service is configured with an interface that is not a gateway group and the interface has both IPv4 ... Marcos M
11:45 PM Bug #16155 (Resolved): mpd5 specific options remain availble after enabling if_pppoe
When if_pppoe is enabled some PPPoE options that only mpd5 supported are no longer available and should be hidden fro... Steve Wheeler
09:52 PM pfSense Packages Bug #16154 (Resolved): pfBlockerNG does not include the VIP ID with DNSBL VIPs
Fixed with "dee5e9429c1954d892716dcd597b5b7232096698":https://github.com/pfsense/FreeBSD-ports/commit/dee5e9429c1954d... Marcos M
09:51 PM pfSense Packages Bug #16154 (Resolved): pfBlockerNG does not include the VIP ID with DNSBL VIPs
VIPs require unique IDs. Omitting the ID causes @get_configured_vip_list()@ to not return all expected VIPs which in ... Marcos M
02:54 PM pfSense Docs Todo #16146 (Rejected): Document net.inet6.icmp6.nd6_onlink_ns_rfc4861
Looking at the Bugzilla entry I do not think we should document this. Certainly not in any primary troubleshooting do... Jim Pingle
02:41 PM pfSense Docs Todo #16151 (Resolved): Feedback on Netgate® Nexus — Netgate® Nexus Licensing
Should be cleaned up now, still in the breadcrumbs but not on every instance that used the substitutions:
https://... Jim Pingle
12:49 PM pfSense Docs Todo #16151 (In Progress): Feedback on Netgate® Nexus — Netgate® Nexus Licensing
I had setup instances of those names to use a substitution macro so it isn't actually defined in the text on each ins... Jim Pingle
01:03 AM pfSense Docs Todo #16151 (Resolved): Feedback on Netgate® Nexus — Netgate® Nexus Licensing
*Page:* https://docs.netgate.com/pfsense/en/latest/nexus/license/index.html
*Feedback:*
We already have
Docs>>p... jamie thompson
01:50 PM Bug #16153 (New): ECL can modify a discovered config file
When importing a config using the ECL if a config on an external drive contains RRD data that will be removed from th... Steve Wheeler
12:55 PM Bug #16148 (Rejected): OpenVPN socket listen queue overflow in pfSense 2.7.2
That particular error is on the management socket, so it could be from too many things in the GUI polling status for ... Jim Pingle
12:51 PM pfSense Packages Feature #16150 (Rejected): Add DNS API mijn.host
We pick up new compatible providers when we sync with upstream, no need to track them with separate feature requests. Jim Pingle
12:46 PM pfSense Docs Correction #16152 (Closed): Feedback on Netgate® Nexus — Netgate® Nexus Licensing
That is a global footer which is on every page, I don't see a way to change it on a per-page basis since it applies t... Jim Pingle
01:04 AM pfSense Docs Correction #16152 (Closed): Feedback on Netgate® Nexus — Netgate® Nexus Licensing
Since Netgate Nexus is new functionality, at the bottom of the page it is not (C) 2025 Electric Sheep Fencing LLC and... jamie thompson
12:44 PM Bug #16141 (Resolved): RRD data fails to restore via the ECL
Christian McDonald

04/20/2025

07:35 PM pfSense Packages Feature #16150 (Rejected): Add DNS API mijn.host
Is it possible to add DNS API support for provider mijn.host in the ACME package?
It's already available in the orig... Finger Print
08:41 AM Bug #15584: Redacting description at Interfaces=>LAGGs section cause LAGG interface rebuild.
Tested on 25.03-BETA (amd64)
built on Mon Apr 14 22:38:00 +04 2025
FreeBSD 15.0-CURRENT
The issue still persists aleksei prokofiev
08:27 AM pfSense Plus Bug #15688: inverse on graph shows number as Bytes without converting to KB or MB or GB or TB, etc. on mouse over
Tested on
25.03-BETA (amd64)
built on Mon Apr 14 22:38:00 +04 2025
FreeBSD 15.0-CURRENT
Status_Traffic_Totals... aleksei prokofiev

04/19/2025

10:57 PM Bug #16130 (Resolved): Input validation prevents creating port forwards for the same port using a different address family

Created two port forward rules — one for IPv4 and one for IPv6 — using the same port, and no errors occurred.
Reso... Alhusein Zawi
09:30 PM Feature #16092: Separate IDS/IPS and link-local firewall log entries from default block logging
additional logging preferences are present in 25.03.b.20250414.1838 for specific network subsets and IDS/IPS blocked ... Jordan G
07:30 PM Feature #15862: Suppress multiple backups during config default
using 25.03.b.20250414.1838 defaulting the system results in fewer config history creation points, specifically the i... Jordan G
06:29 PM pfSense Plus Bug #16149 (Rejected): Custom Options Missing from pfSense Plus for Kea
The current docs are for 25.03/2.8.0 so that people testing the beta had access to the information for the new featur... Jim Pingle
04:50 PM pfSense Plus Bug #16149 (Confirmed): Custom Options Missing from pfSense Plus for Kea
Tested on... Christopher Cope
03:09 PM pfSense Plus Bug #16149 (Rejected): Custom Options Missing from pfSense Plus for Kea
Options referenced here to provide custom options to Kea are missing, but provided in the documentation:
https://doc... Kris Phillips
06:27 PM Bug #16141: RRD data fails to restore via the ECL
with the above patch applied, RRD data/monitoring graphs are present and show historical information when restoring a... Jordan G
05:05 PM Bug #16145 (Resolved): Not possible to delete Custom message text for the login screen
Tested on... Christopher Cope
03:18 PM pfSense Packages Bug #15435: Long boot time when using FQDN for WireGuard VPN endpoint
I have worked on a small change that I hope you will consider as a solution to control the start of the wireguard ser... Patrik Stahlman
06:46 AM Bug #16148 (Rejected): OpenVPN socket listen queue overflow in pfSense 2.7.2
We have been running pfSense CE for several years with multiple OpenVPN server instances (5+), and everything worked ... reza karimi

04/18/2025

06:35 PM pfSense Plus Bug #16147 (New): pfi_kkif_update event causing panic
Hardware is a SuperMicro PIO-618R-TDLR, dual Intel E5-2640 CPU & 32Gb of ram running Plus 24.11. ... Chris W
06:25 PM Bug #16145 (Feedback): Not possible to delete Custom message text for the login screen
Applied in changeset commit:23ed921b456f6cdc5f5ab53b94029452362cf658. Marcos M
06:17 PM Bug #16145 (In Progress): Not possible to delete Custom message text for the login screen
Thanks! Marcos M
11:36 AM Bug #16145: Not possible to delete Custom message text for the login screen
This change seems to fix the issue... Patrik Stahlman
11:25 AM Bug #16145 (Resolved): Not possible to delete Custom message text for the login screen

I tried the new feature #9293 to add Custom message text for the login screen. All went well until I wanted to remo... Patrik Stahlman
05:26 PM pfSense Plus Bug #16123 (Not a Bug): Advertisements from a GUA are ignored
See https://redmine.pfsense.org/issues/16146 Marcos M
05:24 PM pfSense Docs Todo #16146 (Rejected): Document net.inet6.icmp6.nd6_onlink_ns_rfc4861
Some ISPs require @net.inet6.icmp6.nd6_onlink_ns_rfc4861@ to be set (e.g. @sysctl net.inet6.icmp6.nd6_onlink_ns_rfc48... Marcos M
05:15 PM Bug #16142: XMLRPC requests fail due to incorrect request path
Yes, 25.03 works good. dylan mendez
10:19 AM pfSense Plus Bug #15418: Incorrect links to edit static mapping and WOL on DHCPv6 leases (status_dhcpv6_leases.php). URL parameter values missing.

The configuration I used back then was:
- ISC backend
- WAN DHCPv6
- LAN IPv6 tracking WAN
I am using KEA no... Patrik Stahlman
08:38 AM Bug #16144 (New): Switching from Static IP block to DHCP on the WAN leaves original routes in place
I had a /29 Static IP block and gave it up (changing ISP in the process) and switched the WAN to DHCP. I used option ... Nick Howitt
04:57 AM Bug #16143: Unbound DNS over TLS resumption issue
i've crossposted it to unbound github too https://github.com/NLnetLabs/unbound/issues/1271 mrpops2ko .

04/17/2025

08:30 PM Bug #16141 (Feedback): RRD data fails to restore via the ECL
Applied in changeset commit:209b8baa878f28bc3b34fded5b1d6163bb8db264. Christian McDonald
05:09 PM pfSense Packages Bug #15435: Long boot time when using FQDN for WireGuard VPN endpoint

-I know of others who experience the same issue, so I'll document my local patch that disables Wireguard from instal... Patrik Stahlman
04:37 PM pfSense Packages Bug #15435: Long boot time when using FQDN for WireGuard VPN endpoint

Unfortunately, wireguard, in its wisdom... seems to forcefully reinstall the shell commands every time I reboot. An... Patrik Stahlman
02:51 PM pfSense Packages Bug #15435: Long boot time when using FQDN for WireGuard VPN endpoint

Thanks Jim, yes, I can see the multitude of scenarios that needs to be catered for. I'm just happy I found a way fo... Patrik Stahlman
02:03 PM pfSense Packages Bug #15435: Long boot time when using FQDN for WireGuard VPN endpoint
Changing when WireGuard starts ends up being a chicken-and-egg situation. Certain other things may require connectivi... Jim Pingle
01:50 PM pfSense Packages Bug #15435: Long boot time when using FQDN for WireGuard VPN endpoint

Using the Shellcmd package, I tried changing wireguardd start from earlyshellcmd to shellcmd but that did not work,... Patrik Stahlman
01:30 PM pfSense Packages Bug #15435: Long boot time when using FQDN for WireGuard VPN endpoint

I found a simple solution: don't start wireguardd through the early shell command mechanism in config.xml
While ... Patrik Stahlman
09:35 AM pfSense Packages Bug #15435: Long boot time when using FQDN for WireGuard VPN endpoint

I am happy to confirm that the long boot time (or boot failure in case of 25.03-BETA) occurs when using FQDN in wir... Patrik Stahlman
08:53 AM pfSense Packages Bug #15435: Long boot time when using FQDN for WireGuard VPN endpoint

This issue is still present in 25.03-BETA (25.03.b.20250414.1838) as mentioned here: https://forum.netgate.com/topi... Patrik Stahlman
04:59 PM Bug #16142: XMLRPC requests fail due to incorrect request path
2.8.0 is OK. Seems to only affect 25.07.
Reinstalling @php83-pear-XML_RPC2-1.1.5.pkg@ and restarting PHP didn't ha... Jim Pingle
04:18 PM Bug #16142: XMLRPC requests fail due to incorrect request path
stevew tested it on 25.03 and it's working and also sending the @POST@ request to the proper URL.
I don't see anyw... Jim Pingle
04:00 PM Bug #16142 (Confirmed): XMLRPC requests fail due to incorrect request path
Has this been tested on 25.03 and confirmed to be OK there?
I am seeing this on 25.07 as well but I'm not seeing a... Jim Pingle
05:41 AM Bug #16142 (Resolved): XMLRPC requests fail due to incorrect request path
Version: 25.07.a.20250416.0600
This has been happening for a few updates already. dylan mendez
04:43 PM Bug #16143 (New): Unbound DNS over TLS resumption issue
hi spent more time than i'd be willing to admit trying to resolve this issue and i'm now largely convinced its an iss... mrpops2ko .
09:58 AM pfSense Packages Regression #15158: XMLRPC Timeout won't save if over 150
The issue persisted on 24.11 pfSense Plus release.
Tested against. ... Danilo Zrenjanin

04/16/2025

08:18 PM Bug #15973: Kea DHCP server crashes on 3100 (32bit ARM) every 10 days or so post 24.11 upgrade
That patch resolves a problem that would prevent Kea from starting outright, not one that would cause it to crash aft... Christian McDonald
08:11 PM Bug #15973: Kea DHCP server crashes on 3100 (32bit ARM) every 10 days or so post 24.11 upgrade
Same here, on SG-3100.
Nice share, Sander, about the crontab "for when it fails"
Also, in patches pkg, I found t... Jon Q
08:09 PM pfSense Packages Feature #15853 (Resolved): Add mDNS Bridge (mdns-bridge) package
mdns-bridge is available in 2.8/25.03
Bugs can be tracked in separate issues.
Marking resolved. Christian McDonald

04/15/2025

07:24 PM Bug #16141 (Waiting on Merge): RRD data fails to restore via the ECL
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1215 Christian McDonald
05:57 PM Bug #16141: RRD data fails to restore via the ECL
Problem here is that @$rrdtool@ is unset when ECL calls @restore_rrddata@ so instead of exec'ing @"{$rrdtool} restore... Christian McDonald
05:42 PM Bug #16141 (In Progress): RRD data fails to restore via the ECL
Christian McDonald
03:52 PM Bug #16141 (Resolved): RRD data fails to restore via the ECL
When restoring a config at boot using the External Config Locator and RRD data present should be restored but fails w... Steve Wheeler
11:00 AM Bug #13792: Filterdns assumes sets of resolved addresses for each hostname are nonintersecting
I have a similar situation here. An alias acting as Whitelist, with two DDNS. When both DDNS are in the same location... Javier Martinez
06:47 AM pfSense Packages Feature #14032: Neighbor Discovery Proxy (NDproxy)
Firstname Surname wrote in #note-7:
> 8. Load the module (kldload ndproxy), if you get no warnings on load and no er... Filippo Tessarotto

04/14/2025

08:01 PM Bug #16019 (Resolved): Kea can unintentionally attempt to spawn multiple processes and fail
Marking resolved.
Thanks Christian McDonald
06:03 PM pfSense Packages Feature #14032: Neighbor Discovery Proxy (NDproxy)
OK, here's ndproxy for 2.7.2 if anyone needs it:
ndproxy is marked broken in the stock 14.0-RELEASE port, but it's... Firstname Surname
03:03 PM pfSense Plus Bug #16138: Ethernet rules passing IPv4 (0x0800) packets despite the block rule
I added a note about that tunable to the docs (in Bridging, but with an xref in Ethernet rules). Jim Pingle
02:17 PM pfSense Plus Bug #16138 (Not a Bug): Ethernet rules passing IPv4 (0x0800) packets despite the block rule
Yes exactly that. You must set net.link.bridge.ipfw to 1 to enable link-level pfil hooks on the bridge.
With that ... Steve Wheeler
01:38 PM pfSense Plus Bug #16138: Ethernet rules passing IPv4 (0x0800) packets despite the block rule
If you set
net.link.bridge.ipfw=1 (it was set to 0 by default)
Ethernet rules start to function
Tested on ... Boris Pavlovic
02:56 PM pfSense Packages Bug #15410: cache_object://URL Scheme is removed in Squid-6
I wanted to add more info on this. Thanks Jonathan Lee
02:55 PM pfSense Packages Bug #15410: cache_object://URL Scheme is removed in Squid-6
On 2025-04-11 01:08, Amos Jeffries wrote:
On 11/04/25 03:47, Jonathan Lee wrote:
Hello fellow Squid users,
Does ... Jonathan Lee
01:50 PM pfSense Plus Bug #16139 (Rejected): Help icon on Firewall=>Rules=>Ethernet=>Edit go to firewall rules page rather than Ethernet rules.
That's expected and not something that can be redirected separately. The help system ignores parameters on pages like... Jim Pingle
01:50 PM Feature #14802: Re-enable multiqueue support for virtio NIC
A colleague bravely tested this by building a new kernel for pfSense 2.7.2 with just ALTQ for vtnet disabled. We did ... Bernhard Schmidt
09:13 AM Bug #16124: Kernel Panic on PCI WiFi Passthrough (AC7265)
still present in 2.8.0.b.20250407.1736 Giampiero Di Pietrantonio

04/13/2025

02:21 PM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server
Phil Wardt wrote in #note-15:
> Kris Phillips wrote in #note-14:
> > pfSense has no control over the OpenVPN client... Kris Phillips
02:09 PM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server
Kris Phillips wrote in #note-14:
> pfSense has no control over the OpenVPN client being used and any bugs there need... Phil Wardt
05:41 AM Bug #16122: Interfaces=>Vlans, ipsecX interfaces are listed in the VLAN parent interface config dropdown menu.
Tested on 25.03-BETA (amd64)
built on Thu Apr 10 2:08:00 +04 2025
FreeBSD 15.0-CURRENT
Also in VLAN parent interfa... aleksei prokofiev
04:47 AM pfSense Plus Regression #15880: Upgrade available LED not set before branch is selected.
running 25.03.r.20250411.1649 and having 25.07.a.20250411.1649 available as an update on another branch, no indicatio... Jordan G

04/12/2025

11:20 PM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server
Phil Wardt wrote in #note-13:
> Currently, in Android 15 at least, this client options is ignored and never applied
... Kris Phillips
11:05 PM Bug #16019: Kea can unintentionally attempt to spawn multiple processes and fail
tested switching service backend with 25.03.r.20250411.1649 and 25.03.b.20250409.2208 and do not see multiple PIDs fo... Jordan G
02:40 PM pfSense Plus Bug #16139 (Confirmed): Help icon on Firewall=>Rules=>Ethernet=>Edit go to firewall rules page rather than Ethernet rules.
I can confirm on... Christopher Cope
06:11 AM pfSense Plus Bug #16139 (Rejected): Help icon on Firewall=>Rules=>Ethernet=>Edit go to firewall rules page rather than Ethernet rules.
The help icon should go to https://docs.netgate.com/pfsense/en/latest/firewall/ethernet-rules.html page.
!clipbo... Lev Prokofev
02:10 PM Bug #16112 (In Progress): Mythic Beasts DynDNS
Thanks for the report. I do see what appears to be the problem from their docs. I created a patch which should solve ... Christopher Cope
05:48 AM Bug #16122: Interfaces=>Vlans, ipsecX interfaces are listed in the VLAN parent interface config dropdown menu.
Still the issue in ... Lev Prokofev
04:14 AM pfSense Packages Bug #15410: cache_object://URL Scheme is removed in Squid-6
On 11/04/25 03:47, Jonathan Lee wrote:
Hello fellow Squid users,
Does anyone use pfSense squid package that knows a... Jonathan Lee

04/11/2025

04:24 PM pfSense Plus Bug #16138 (Not a Bug): Ethernet rules passing IPv4 (0x0800) packets despite the block rule
Tested on 24.11 and 25.03 Beta built on Fri Apr 4
Setup:
ix2 and igb1 in bridge, filtering on member interface:... Lev Prokofev
01:22 PM Bug #16137 (Rejected): Include ::1 in localhost address in default/auto access rules of unbound
It is already included unless you have manually disabled automatic access rules ("Disable Auto-added Access Control" ... Jim Pingle
07:30 AM Bug #16137 (Rejected): Include ::1 in localhost address in default/auto access rules of unbound
I have written a forum topic on this issue here that describes the issue:
https://forum.netgate.com/topic/197112/u... Terje Strand
02:55 AM Bug #16133: DHCPv6 not issuing IPv6 addresses with RA set to managed or assisted
Thanks. Have uploaded the full pcaps and logs. Will continue on the forum. Warren Linton
01:38 AM Bug #16133: DHCPv6 not issuing IPv6 addresses with RA set to managed or assisted
It'd be best to continue the discussion on the forum for now - please open a thread there:
https://forum.netgate.com... Marcos M

04/10/2025

10:55 PM Bug #16133: DHCPv6 not issuing IPv6 addresses with RA set to managed or assisted
Have attached 3 packet captures from a Windows 11 client. The first is from the original 2.7.2 system. You can see th... Warren Linton
12:11 AM Bug #16133: DHCPv6 not issuing IPv6 addresses with RA set to managed or assisted
Thanks. I'll run some packet captures and have a closer look at what is going on. Warren Linton
09:27 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
I'm seeing the same bug with 2.7.2-RELEASE. Same workaround (kill filterdns then Reload Filters) resolves it. Jesse Norell
09:25 PM pfSense Packages Feature #9833: ACME: add ability to use custom ACME server
+1, a game changer when working with PKI (so typical for pfSense deployments) Marcel Kinzel
03:57 PM pfSense Packages Bug #15410: cache_object://URL Scheme is removed in Squid-6
https://forum.netgate.com/topic/197092/squid-status-gui-tab-not-working-pfsense-plus-v-24 Jonathan Lee
03:56 PM pfSense Packages Bug #15410: cache_object://URL Scheme is removed in Squid-6
Update: I did some testing yesterday and found this status page error still occurs with the removal of all custom con... Jonathan Lee
03:45 PM pfSense Packages Feature #16075: Add Zabbix 7.0 packages for 24.03
@jimp Can you push Zabbix 7.0 to 24.03 and see if it builds? Andrew Almond

04/09/2025

11:52 PM Bug #16133: DHCPv6 not issuing IPv6 addresses with RA set to managed or assisted
I mixed up my comment with notes from another test, apologies. I'll remove it and clarify here:
# pfSense 2.7.2 VM... Marcos M
11:10 PM Bug #16133: DHCPv6 not issuing IPv6 addresses with RA set to managed or assisted
Marcos M wrote in #note-1:
> I'm not able to reproduce this. I set up pfSense upstream with Kea DHCPv6 Server and ma... Warren Linton
09:17 PM Bug #16133 (Incomplete): DHCPv6 not issuing IPv6 addresses with RA set to managed or assisted
Marcos M
05:46 AM Bug #16133 (Incomplete): DHCPv6 not issuing IPv6 addresses with RA set to managed or assisted
Have updated from a working CE 2.7.2 config using ISC DHCP and where RA advertisements are set to Assisted mode. In 2... Warren Linton
10:33 PM pfSense Docs Todo #16135 (Resolved): Document NAT64 rules
NAT64 can now be enabled for firewall rules. NAT64 can be used with normal interface rules and floating rules. It als... Marcos M
06:46 PM Feature #16134 (Resolved): Support ``if_pppoe`` backend for PPPoE WAN interfaces
Placeholder issue for @if_pppoe@ to show in the release notes.
This functionality is optional and currently opt-in... Jim Pingle
05:54 PM Feature #15652 (Resolved): Kea DHCPv6 Prefix Delegation Support (IPv6 Only)
Jim Pingle

04/08/2025

10:13 PM Regression #16129 (Resolved): Bogons file is not updated
Marcos M
07:15 PM pfSense Plus Bug #16132 (Rejected): Logout does not work if csrf token has expired.
Allowing requests to succeed (even logout requests) with invalid CSRF validation is not an option.
There is alread... Jim Pingle
07:07 PM pfSense Plus Bug #16132 (Rejected): Logout does not work if csrf token has expired.
If the screen has been logged in for a long time (default auto logout time changed to greater than xsfr lifetime) cli... John Pettitt
05:52 PM Bug #15906 (Not a Bug): IPv6 delegated prefix changes upstream do not immediately update track6 interfaces
Tracked interfaces are handled by the renew script with link_interface_to_track6(). However the reported issue here s... Marcos M
04:59 PM Bug #16131 (New): DHCP Relay not working when CARP Status VIP is other than None
Hello,
I have an IPSec tunnel between a PFSense and another firewall. Behind the other firewall, there's a PXE ser... Silviu Bajenaru

04/07/2025

09:41 PM Bug #15906 (New): IPv6 delegated prefix changes upstream do not immediately update track6 interfaces
Marcos M
06:22 PM Bug #15924 (Resolved): SCTP states not purged causing subsequent SCTP INIT to be blocked
Fixed with commit:f25d7ff3037e26286d5a7479e9bf39bd1bb85e4c. Marcos M
05:46 PM Regression #16127 (Resolved): ``syslog`` configuration for ``if_pppoe`` breaks logging for itself and later configuration entries in certain cases
Applied commit 063d171d17fbf1c10883bdd25b8de56c33f4454c to System_Patches w/reboot.
Tested/Success. Remote logging... Craig Coonrad
03:55 PM Regression #16127 (Feedback): ``syslog`` configuration for ``if_pppoe`` breaks logging for itself and later configuration entries in certain cases
Applied in changeset commit:063d171d17fbf1c10883bdd25b8de56c33f4454c. Jim Pingle
03:24 PM Regression #16127 (In Progress): ``syslog`` configuration for ``if_pppoe`` breaks logging for itself and later configuration entries in certain cases
Jim Pingle
02:53 PM Regression #16127 (Confirmed): ``syslog`` configuration for ``if_pppoe`` breaks logging for itself and later configuration entries in certain cases
Looks like this is from something in if_pppoe logging and it's also in CE
When a config has "everything" checked it ... Jim Pingle
03:50 PM Bug #16130 (Feedback): Input validation prevents creating port forwards for the same port using a different address family
Applied in changeset commit:886b66f783ccd257c1d5a82376490e8abbf1fa5a. Marcos M
03:13 PM Bug #16130 (Resolved): Input validation prevents creating port forwards for the same port using a different address family
Attempting to create a port forward for IPv6 that uses the same port in an existing IPv4 rule leads to the input vali... Marcos M
03:50 PM Regression #16129 (Feedback): Bogons file is not updated
Applied in changeset commit:2018bea642da57c89f3dd3ff95805ad51086d095.
Additional improvements with commit:1c59b3e72e... Marcos M
03:04 PM Regression #16129 (Resolved): Bogons file is not updated
After an upgrade to 2.8.0-BETA the following is shown in the logs:... Marcos M
01:45 PM Bug #16128: if_pppoe: PHP password handling
Just a thought -- but it would potentially be helpful if password validation logic would check for leading or trailin... Bill Meeks
08:22 AM Bug #16128 (Confirmed): if_pppoe: PHP password handling
A user reports (https://forum.netgate.com/topic/197026/25-03-b-20250306-0140-if_pppoe-kernel-module-chap-failure/10 )... Kristof Provost

04/06/2025

07:23 PM pfSense Plus Bug #16123: Advertisements from a GUA are ignored
There is a workaround for this; adding a VIP to the WAN interface allows network solicitations to be sent back - or r... quiet lion
06:36 PM Regression #16127 (Resolved): ``syslog`` configuration for ``if_pppoe`` breaks logging for itself and later configuration entries in certain cases
*pfSense version* : 25.03-BETA
*platform* : QEMU
25.03-BETA appears to partially break remote logging. I'm seeing... Craig Coonrad
04:58 PM Feature #13293: Option to set auth-gen-token in OpenVPN GUI
Can you check my comment here please ? :
https://redmine.pfsense.org/issues/12466#change-76474
It's about this optio... Phil Wardt
04:55 PM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server
Currently, in Android 15 at least, this client options is ignored and never applied
When added in server, as a custom... Phil Wardt
01:03 PM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online
I see this too, I'm on 25.03-BETA.
However, I have worked around the issue by adding my own a static route to the mo... John S
03:36 AM pfSense Packages Feature #16075: Add Zabbix 7.0 packages for 24.03
We need it like... 2 months ago :(
I don't know how such an important package is still not up to date. Alex Diamantopulo
03:33 AM pfSense Packages Feature #16089: Add packages for Zabbix 7.2 agent and proxy
Thank you!
We desperately need zabbix proxy 7.2. This is an awful situation where we can't monitor one-third of our ... Alex Diamantopulo
03:29 AM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy
This should not be marked as resolved, the package is not in CE...
Please fix this. Alex Diamantopulo

04/05/2025

10:41 PM Bug #16019: Kea can unintentionally attempt to spawn multiple processes and fail
Tried switching between kea and isc, stopping and starting services in unusual ways, etc. I'm no longer able to repr... Kris Phillips
08:30 PM pfSense Plus Feature #15854: Lost Captive Portal User Logins when DHCP Leases are Cleared
With the release of CE 2.8.0 Beta Apr 1 and 25.03 Plus Beta, both the index-2411-Dec17.php and RFC8910-Dec11.php rema... Dale Harron
08:30 PM Feature #15904: Add native support for Captive Portal API (RFC8908)
With the release of CE 2.8.0 Beta Apr 1 and 25.03 Plus Beta, both the index-2411-Dec17.php and RFC8910-Dec11.php rema... Dale Harron
03:11 PM Regression #16126 (Resolved): Captive Portal status page lists empty selections when multiple portals exist
Tested on... Christopher Cope
01:45 PM Bug #16093 (Resolved): Firewall logs mark entries for ``match`` rules the same as ``pass`` rules
Tested on... Christopher Cope

04/04/2025

08:01 PM Todo #15799 (Rejected): Remove unnecessary functions.inc.php and functions.php imports in widget files
Jim Pingle
08:00 PM Feature #15221 (Pull Request Review): Make System Tunables table sortable
Jim Pingle
07:58 PM Todo #15798 (Rejected): Remove shellCommand dependency
See notes on PR. Jim Pingle
06:30 PM pfSense Docs Todo #16053 (Closed): Reinstalling pfSense Plus Software Determine Target Drive does not include USB storage
Added info about USB drive targets: https://gitlab.netgate.com/docs/pfsense-platforms/-/commit/19ab1a32c4b33826b21061... Jim Pingle
05:34 PM Bug #16125: "Interface Bound States" dosn't work properly with port forwarding
Jim Pingle wrote in #note-1:
> That is almost certainly a misconfiguration on your system, such as not having a gate... Nazar Mokrynskyi
03:49 PM Bug #16125 (Not a Bug): "Interface Bound States" dosn't work properly with port forwarding
That is almost certainly a misconfiguration on your system, such as not having a gateway defined on the second WAN se... Jim Pingle
11:58 AM Bug #16125 (Not a Bug): "Interface Bound States" dosn't work properly with port forwarding
I have a gateway group with two interfaces (WAN and WAN2), with "Floating States" it works properly and I can reach m... Nazar Mokrynskyi
05:06 PM pfSense Plus Bug #16123: Advertisements from a GUA are ignored
I'm also seeing this same issue, I am using 25.03 BETA. Unfortunately I can currently only recreate this issue when ... John S
02:01 AM pfSense Plus Bug #16123: Advertisements from a GUA are ignored

Appreciate the reply, Marcos.
> NA's are not necessarily restricted to LL addresses and the default ruleset all... quiet lion
04:55 PM Regression #16126 (Feedback): Captive Portal status page lists empty selections when multiple portals exist
Applied in changeset commit:010b97a975c60efd2a889d8081d3c6bfadda5963. Marcos M
04:44 PM Regression #16126 (Waiting on Merge): Captive Portal status page lists empty selections when multiple portals exist
Marcos M
04:31 PM Regression #16126 (Resolved): Captive Portal status page lists empty selections when multiple portals exist
# Create two or more Captive Portals
# Go to Status > Captive Portal
# The drop-down selection list shows blank ent... Marcos M
02:10 AM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy
Any updates on this? Is there anything we can do to get Zabbix 7 proxy package in CE? Alex Diamantopulo

04/03/2025

09:14 PM pfSense Plus Bug #16106 (Not a Bug): Input validation issue with Alias network address
The current behavior is intended (not a bug).
Additional input validation could be considered as a feature request. ... Marcos M
08:37 PM pfSense Plus Bug #16106: Input validation issue with Alias network address
Jim Pingle wrote in #note-1:
> The problem is that when you add a trailing dot it's a valid hostname, not an IP addr... Steven C
08:38 PM Bug #16122: Interfaces=>Vlans, ipsecX interfaces are listed in the VLAN parent interface config dropdown menu.
Additional info for reference:... Marcos M
08:37 PM Bug #16111: Set Advanced or standard settings deleted all ipv4 host routes on primary node in HA Cluster
I'm unable to reproduce this between two HA pairs using BGP over VTI; all DUT's were on 25.03. I suggest testing on 2... Marcos M
02:18 PM Bug #16111: Set Advanced or standard settings deleted all ipv4 host routes on primary node in HA Cluster
Hello,
Sorry for the late response...
tThe problem is definitely reproducible. I also discussed it with the PFS... Robert Gladewitz
08:04 PM pfSense Plus Bug #16123 (Incomplete): Advertisements from a GUA are ignored
NA's are not necessarily restricted to LL addresses and the default ruleset allows this. I'm unable to reproduce the ... Marcos M
12:59 PM pfSense Plus Bug #16123: Advertisements from a GUA are ignored
NB: Adding a static route to the first v6 hop allows the NDP to be inserted:
ndp -a
2a02:fb8::11 ... quiet lion
12:47 AM pfSense Plus Bug #16123 (Not a Bug): Advertisements from a GUA are ignored
ISP: Gigaclear (UK)
*Description:*
After exactly 5 minutes v6 connectivity will die. Prefixes are still present... quiet lion
05:42 PM Bug #16124 (New): Kernel Panic on PCI WiFi Passthrough (AC7265)
Kernel Panic on ESXi-8.0U3d-24585383-standard if PCI (Passthrough) device is assigned to pfSense:
Dual Band Wirele... Giampiero Di Pietrantonio
04:13 PM Feature #15415 (Resolved): Enhanced firewall log action information display
Works great with that change, now the redundant single associated rule is hidden, but it still shows if there are mul... Jim Pingle
03:55 PM Feature #15415: Enhanced firewall log action information display
Done with commit:823a344d6bbef2a598becaa1820da9981e6a0748 Marcos M

04/02/2025

07:12 PM Feature #15415: Enhanced firewall log action information display
Looks good with that change applied.
One possible improvement might be to suppress the "associated rules" output i... Jim Pingle
04:56 PM Bug #16122 (New): Interfaces=>Vlans, ipsecX interfaces are listed in the VLAN parent interface config dropdown menu.
If the system has configured IPsec VTI, the "ipsecX" interface is listed in the dropdown menu of the VLAN parent inte... Lev Prokofev
04:25 PM pfSense Plus Bug #16106: Input validation issue with Alias network address
When Save is clicked, the system could compare the value with the trimmed value but display a yellow warning at the t... Andrew Almond
04:23 PM pfSense Packages Bug #16120 (Confirmed): Zebra RIB doesn't reflect the removal of the static routes until the restart of service
Test environment:
BGP connection with peer 172.32.0.3
Peer advertises the route 172.21.100.0/24
Static route fo... Lev Prokofev
02:04 PM Bug #16117: DYNDNS using the wrong source interface if Firewall State Policy is set to Interface Bound States
Hello Marcos, thanks for answering.
I'll try to simulate that in my lab, I'll install a new NIC in my server to ma... Marcelo Cury
01:24 PM Bug #16119 (Incomplete): Cannot Find the pool label for 'pfsense'
There is not enough information here to say for sure what is happening in your environment. This site is not for supp... Jim Pingle
08:06 AM Bug #16119: Cannot Find the pool label for 'pfsense'
System running as VM on an Uraid Server Athanasios Chatzi
08:02 AM Bug #16119 (Incomplete): Cannot Find the pool label for 'pfsense'
After upgrade from console and restart , the system is unable to start , with error ,
Solaris: NOTICE: Cannot find ... Athanasios Chatzi
07:14 AM Bug #16073: Nested aliases used with OpenVPN do not always load routes
I've verified every time I reboot the firewall, OpenVPN configuration contains the alias instead of the alias values.... Gerard Alcorlo

04/01/2025

10:27 PM Bug #16118 (New): Expand view of system generated alias in GUI
Expand preview of what is in the system generated alias. Currently you can not view what is in a long alias list of s... Mike Moore
08:27 PM Bug #16117 (Ready To Test): DYNDNS using the wrong source interface if Firewall State Policy is set to Interface Bound States
Please re-test on 2.8.0-BETA - there have been various fixes related to the issue. Marcos M
04:39 PM Bug #16117: DYNDNS using the wrong source interface if Firewall State Policy is set to Interface Bound States
Just a fix to this section:
What actions I did to fix the issue ?
Changed Firewall State Policy from Interface ... Marcelo Cury
04:04 PM Bug #16117 (Ready To Test): DYNDNS using the wrong source interface if Firewall State Policy is set to Interface Bound States
pfSense 2.7.2, all patches applied.
DYNDNS provider -> DUCKDNS
Default gateway of the firewall is a Gateway group i... Marcelo Cury
07:55 PM Bug #16116 (Feedback): Potential XSS in Wake on LAN page and widget
Applied in changeset commit:6a92af14584d22f077e1421e952674f880cd5b6c. Jim Pingle
07:25 PM Bug #16116: Potential XSS in Wake on LAN page and widget
Updated POC Jim Pingle
07:13 PM Bug #16102 (Resolved): syslogd fails to release file handlers
Marcos M
07:11 PM Bug #16093: Firewall logs mark entries for ``match`` rules the same as ``pass`` rules
Should be fixed now - see https://redmine.pfsense.org/issues/15415#note-14 Marcos M
07:09 PM Bug #16046 (Resolved): Dynamic DNS IP address may not be updated after changing the interface of a Dynamic DNS entry
Marcos M
07:09 PM Bug #16043 (Resolved): The filtered states shown may include states for interfaces other than the selected interface
Marcos M
07:04 PM Feature #15776 (Resolved): System Aliases for various reserved networks
Marcos M
07:03 PM Bug #15572 (Rejected): Disabling DNSSEC should also disable Harden DNSSEC Data
I think the input validation is sufficient as-is - additional details can be left to the docs if needed. Marcos M
06:55 PM Feature #15321 (Resolved): Kea DHCP Custom Configuration Support (IPv4 and IPv6)
Marcos M
06:54 PM Bug #14605 (Resolved): Dynamic DNS uses the default gateway interface instead of the specified interface
Marcos M
06:52 PM Bug #12938 (Resolved): Incorrect warning from ``radvd`` about ``AdvRDNSSLifetime`` value
Marcos M
06:35 PM Bug #16115 (Feedback): Potential XSS in IPsec Phase 1
Applied in changeset commit:0ff75cd0b9fb14c04c94c3585831a9f669be0a5d. Jim Pingle
06:30 PM Bug #16115: Potential XSS in IPsec Phase 1
Updated POC Jim Pingle
06:07 PM Feature #11177 (Resolved): Improve Dynamic DNS client IPv6 support
Marcos M
05:46 PM Feature #2358 (Resolved): NAT64 support
Marcos M
05:33 PM Bug #13662 (Resolved): Setting a limiter queue length greater than 100 prevents the limiter from loading
Marcos M
05:27 PM Feature #15808 (Resolved): PREF64 support in Router Advertisements
Marcos M
05:18 PM Todo #15258 (Resolved): Update Gandi LiveDNS service with API changes
Marcos M
05:02 PM Todo #16013 (Resolved): AutoConfigBackup code cleanup and GUI refresh
Marcos M
04:55 PM Bug #16114 (Feedback): Potential XSS in Firewall Schedules
Applied in changeset commit:dfc70e51d556d8c1724bfc7f1fd5fe4b73faab3b. Jim Pingle
04:47 PM Bug #16114: Potential XSS in Firewall Schedules
Updated POC. Jim Pingle

03/31/2025

09:06 PM Feature #15415 (Feedback): Enhanced firewall log action information display
The following splits the rules found into "Matched Rule" and "Associated Rules". The matched rule shows the closest m... Marcos M
02:13 PM Feature #15415 (In Progress): Enhanced firewall log action information display
Found a hiccup with the current output.
Sometimes a rule in the rules.debug gets expanded into multiple rules in p... Jim Pingle
06:19 PM Bug #16116: Potential XSS in Wake on LAN page and widget
Attached is a small proof of concept script which can trigger the problem. Ensure there is no WOL entry named "XSS Te... Jim Pingle
06:17 PM Bug #16116 (Resolved): Potential XSS in Wake on LAN page and widget
The page at @services_wol_edit.php@ does not perform sufficient validation on the @interface@ value submitted by user... Jim Pingle
06:13 PM Bug #16115: Potential XSS in IPsec Phase 1
Attached is a small proof of concept script which can trigger the problem. Ensure there is no IPsec Phase 1 named "XS... Jim Pingle
06:12 PM Bug #16115 (Resolved): Potential XSS in IPsec Phase 1
The page at @vpn_ipsec_phase1.php@ does not perform sufficient validation on the @interface@ value submitted by users... Jim Pingle
06:08 PM Bug #16114: Potential XSS in Firewall Schedules
Attached is a small proof of concept script which can trigger the problem. Ensure there is no schedule named @XSS_Tes... Jim Pingle
06:04 PM Bug #16114 (Resolved): Potential XSS in Firewall Schedules
The page at @firewall_schedule_edit.php@ does not perform sufficient validation on the @schedule@ values submitted by... Jim Pingle
02:26 PM Feature #16113: Firewall rule line numbers
Can you highlight where specifically in the firewall rules page where i can search for tracking IDs?
Perhaps its bee... Mike Moore
02:24 PM Feature #16113 (Rejected): Firewall rule line numbers
That's what the tracking IDs are for. They never need adjusting, they're always easier. Jim Pingle
02:20 PM Feature #16113 (Rejected): Firewall rule line numbers
When having large rule sets its often easier to locate rules by rule/line number. Easier identification when searchin... Mike Moore
01:49 PM Bug #16111 (Incomplete): Set Advanced or standard settings deleted all ipv4 host routes on primary node in HA Cluster
I can't replicate this here. I create a host route and it's there both before and after applying settings?
We'll n... Jim Pingle
07:44 AM Bug #16111 (Incomplete): Set Advanced or standard settings deleted all ipv4 host routes on primary node in HA Cluster
I have noticed that when using host routes in an HA cluster, the problem occurs that the host routes (only the host r... Robert Gladewitz
09:39 AM Bug #16112 (In Progress): Mythic Beasts DynDNS
Hi Team,
Curious if there's a way to update the DynDNS for the Mythic Beasts API.
The only reference I could fin... Mauro Sahanaja

03/30/2025

02:09 AM pfSense Plus Bug #16101: Kernel Panic with if_qlnxe driver loaded via kldload
Kristof Provost wrote in #note-2:
> I'm rather confused by this panic.
>
> `fault virtual address = 0x0` and `i... Kris Phillips

03/29/2025

09:14 PM Bug #16093: Firewall logs mark entries for ``match`` rules the same as ``pass`` rules
Tested on... Christopher Cope
08:35 PM Regression #16105: Config access error after changing an interface from DHCP to Static
Success, appears to be working in 25.03beta and 24.11. It should be noted, both patches above need to be applied in ... Jay Sols
05:21 PM pfSense Packages Bug #9537: One month offset in displayed data between time changes
I can report that this issue is still reproducible on pfSense 24.03-RELEASE with Traffic Totals 2.3.2_4.
Similar t... Brian Lunardini
 

Also available in: Atom