Project

General

Profile

Activity

From 04/03/2025 to 05/02/2025

05/02/2025

11:50 PM Bug #16162 (Feedback): IPsec unnecessarily prompts to apply changes after input errors
Applied in changeset commit:16eb8e7bc495d3af0f8031fc1dd7edd9222bf28f. Marcos M
11:43 PM Bug #16162 (In Progress): IPsec unnecessarily prompts to apply changes after input errors
Marcos M
11:41 PM Revision 16eb8e7b: Check input validation before prompting to apply settings. Fix #16162
Marcos M
11:14 PM Bug #16167: if_pppoe sends invalid service name
I've also added changes in https://gitlab.netgate.com/pfSense/factory/-/commit/ff0af2d353b8db1eba524371556d51d028f03d... Reid Linnemann
11:00 AM Bug #16167 (Resolved): if_pppoe sends invalid service name
Looks fixed as of controller build 678d0c35afc910be4f6ce7420259a8321a7f1ec3 Steve Wheeler
10:36 PM pfSense Plus Bug #16176 (Resolved): Config restored during install can be overwitten by hardware specific default values
When installing using the Net Installer an config existing config can be selected to use in the resulting install.
... Steve Wheeler
07:48 PM Bug #16169 (Feedback): NAT64 states have ``src`` and ``dst`` swapped in data returned by pfSense PHP Module
Kristof gave me a test module to try and it worked, so the latest commit should solve it. Will re-test once that's in... Jim Pingle
01:20 PM Bug #16169 (In Progress): NAT64 states have ``src`` and ``dst`` swapped in data returned by pfSense PHP Module
It's closer but now the entire src+src-orig and dst+dst-orig are swapped in the module, but each pair is consistent a... Jim Pingle
03:47 PM Feature #16174: CARP VIP support for ``if_pppoe``
HA and CARP are only supported on static interfaces, not dynamic. That only ever worked by coincidence and luck.
T... Jim Pingle
07:48 AM Feature #16174 (New): CARP VIP support for ``if_pppoe``
With the mpd5 PPPOE implementation it is possible (although perhaps not intentional/supported) to create a CARP VIP o... Bert Smith
03:16 PM pfSense Plus Bug #16175 (Rejected): Error changing Firewall Rules
This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
02:58 PM pfSense Plus Bug #16175 (Rejected): Error changing Firewall Rules
Hello,
every time i want to change, delete or cahnge a rule in Firewall Rules it doesnt doo anything and i get a not... Felipe Branz
07:45 AM Bug #16173 (New): if_pppoe does not close PPPOE session on restart
When shutting down the interface or reboting, if_pppoe does not inform the peer that the session is terminated.
Fo... Bert Smith

05/01/2025

08:59 PM Feature #16092 (Resolved): Separate IDS/IPS and link-local firewall log entries from default block logging
Marcos M
08:55 PM Bug #16167 (Feedback): if_pppoe sends invalid service name
This should be fixed in the next pfnet-conbtroller build. Steve Wheeler
07:10 PM Bug #16170 (Feedback): Incorrect logic for detection of DNS server change in cases where the ISP does not provide search domains in DHCPv6 renewal
Applied in changeset commit:6976e027ae417d2a14e0192f53e9bab965dba82c. Marcos M
06:28 PM Bug #16170 (In Progress): Incorrect logic for detection of DNS server change in cases where the ISP does not provide search domains in DHCPv6 renewal
Marcos M
04:44 PM Bug #16170: Incorrect logic for detection of DNS server change in cases where the ISP does not provide search domains in DHCPv6 renewal

As expected, in 25.03-BETA on May 1 (25.03.b.20250429.1329) the issue mentioned in the OP still remains, each DHCPv... Patrik Stahlman
07:00 PM Revision 6976e027: Correct the DNS info change detection. Fix #16170
The variable $dns_changed was introduced along with the RENEW reason and
is intended to only take affect with RENEW. ... Marcos M
06:43 PM Revision e1ad3c08: Add collectd to the list of packages to build
Brad Davis
03:35 PM Feature #16172 (New): Adjust the SYSLOG log format for a firewall rule with action match
Security Onion does not collect logs from firewall rules with action==match. The reason is the format of the syslog m... Volodymyr Voskresenskyi
02:04 PM Bug #16171: Configuring a bridge on a base interface breaks bridges on VLAN interfaces on that interface
Jim Pingle wrote in #note-2:
> The configuration isn't just unsupported, it's not viable and even if it were, it's ag... Andreas Wuerl
01:01 PM Bug #16171 (Rejected): Configuring a bridge on a base interface breaks bridges on VLAN interfaces on that interface
The configuration isn't just unsupported, it's not viable and even if it were, it's against best practices for securi... Jim Pingle
06:57 AM Bug #16171: Configuring a bridge on a base interface breaks bridges on VLAN interfaces on that interface
The detailed relevant configuration looks like this:... Andreas Wuerl
06:33 AM Bug #16171 (Rejected): Configuring a bridge on a base interface breaks bridges on VLAN interfaces on that interface
The basic usecase is using a second port on the firewall to connect another hardware switch distributing the internal... Andreas Wuerl
12:28 PM Bug #16169 (Ready To Test): NAT64 states have ``src`` and ``dst`` swapped in data returned by pfSense PHP Module
It turns out that for nat64 we need to swap the wire information. That's a little odd, but it's what pfctl does (both... Kristof Provost

04/30/2025

08:12 PM pfSense Docs Todo #16135 (In Progress): Document NAT64 rules
First pass: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/b6748ba9503baa5d4e9d7c7d364ab4d215b0de1a
Staged ... Jim Pingle
07:28 PM Bug #16073: Nested aliases used with OpenVPN do not always load routes
Or from the webgui Diag > Command Prompt page like:
!Screenshot%20from%202025-04-30%2020-26-16.png!
That will rel... Steve Wheeler
07:10 PM Bug #16073: Nested aliases used with OpenVPN do not always load routes
The next time you see this happen, please run these from the php shell in the console menu (option 12) and let us kno... Chris W
05:17 PM Bug #16170 (Resolved): Incorrect logic for detection of DNS server change in cases where the ISP does not provide search domains in DHCPv6 renewal

For 25.03-BETA-3 (25.03.b.20250427.2348) I applied commit https://github.com/pfsense/pfsense/commit/5c2c11b.patch... Patrik Stahlman
04:21 PM Bug #16131: DHCP Relay not working when CARP Status VIP is other than None
Kris Phillips wrote in #note-1:
> I'm going to guess this is due to IPSec, as DHCP Relay is unpredictable with IPSec... Silviu Bajenaru
03:46 PM Bug #16169 (Resolved): NAT64 states have ``src`` and ``dst`` swapped in data returned by pfSense PHP Module
There appears to be a bug in NAT64 state data retrieval via the pfSense PHP module. It has the post-NAT source and de... Jim Pingle
02:38 PM Bug #16167: if_pppoe sends invalid service name
Steve ran this dtrace probe:... Kristof Provost
12:57 PM Bug #16167: if_pppoe sends invalid service name
I'm unable to reproduce this.
There was an issue with pppcfg where '-pppoesvc' (i.e. to remove a service name) did... Kristof Provost
01:36 PM pfSense Packages Feature #16168 (Closed): Synchronize ACME package with new upstream acme.sh version 3.1.1
No need for a request to track this, it's done periodically and not to any specific version but whatever the latest i... Jim Pingle
12:49 AM pfSense Packages Feature #16168 (Closed): Synchronize ACME package with new upstream acme.sh version 3.1.1
The acme.sh project released a new version this past week with support for a ton of new DNS APIs, plus other updates ... Brett Keller
12:07 AM Revision 201a8998: Fix IPsec settings filter policy link
Steve Wheeler
12:03 AM Bug #16155 (Resolved): mpd5 specific options remain availble after enabling if_pppoe
Marcos M

04/29/2025

04:43 PM Bug #16167 (Resolved): if_pppoe sends invalid service name
In some circumstances the if_pppoe module sends an unexpected and seemingly random service name:... Steve Wheeler
03:13 PM pfSense Packages Feature #15960: NTOP Port Configuration in WebUI feature request
I believe this issue can be closed. Denny Page
03:11 PM pfSense Packages Bug #13432: ups driver will not start
I believe this issue can be closed. Denny Page
08:52 AM Feature #16166 (Pull Request Review): Option to deactivate ALTQ for VTNET interfaces
Under System/Advanced/Networking there is an option to deactivate ALTQ for Microsoft Hyper-V hn vNICs. It would be go... Björn Jakobsen
03:01 AM Feature #16165 (New): Threema Gateway API integration
Hello,
I will request a feature to integrate the Threema Gateway API as a notification service besides Telegram an... Dominik H
02:06 AM Revision 9316ad06: Fix config check for if_pppoe
'system/use_mpd5_for_pppoe' is not a valid config path. Marcos M

04/28/2025

06:51 PM pfSense Packages Bug #16164: mailreport package can't create a Report entity
can confirm this happening on pfSense+ 24.11 with mailreport 3.6.4_4. This does not occur when using pfSense+ 25.03.b... Jordan G
06:44 PM pfSense Packages Bug #16164 (Resolved): mailreport package can't create a Report entity
mailreport latest version (3.6.4_4) doesn't create a Report entity for further configuration after you Save in the in... Georgiy Tyutyunnik
09:59 AM pfSense Packages Feature #15397: Wazuh Agent
I would also like wazuh-agent to be included in the official packages.
Possibly also Check_MK agent. Matteo Calorio

04/27/2025

03:34 PM pfSense Plus Bug #16163: Gateway widget incorrectly displays IPv6 default gateway status
Correction: System_Patches rev is 2.2.20_4 Marc Goldburg
03:30 PM pfSense Plus Bug #16163 (New): Gateway widget incorrectly displays IPv6 default gateway status
Running 24.11 + System_Patches 2.2.20_04, the gateway widget occasionally fails to display the "globe icon" and gatew... Marc Goldburg
02:11 PM pfSense Packages Regression #16157 (Duplicate): Wireguard with ipv6 interface breaks in 25.03 beta.
Marcos M
08:19 AM pfSense Packages Regression #16157: Wireguard with ipv6 interface breaks in 25.03 beta.
I can confirm this behavior, as soon as I added IPv6 to the wg tunnel settings I had this crash.
25.03-BETA (amd64)
... aleksei prokofiev
04:55 AM Bug #16155: mpd5 specific options remain availble after enabling if_pppoe
testing this with 25.03 and 25.07 with above patch applied after enabling if_pppoe under System>Advanced>Networking>N... Jordan G
02:15 AM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online
Tested on 25.03-BETA. I can still recreate this with VTI tunnels. Haven't tested other methods of reproduction, but... Kris Phillips
02:08 AM Bug #16131: DHCP Relay not working when CARP Status VIP is other than None
I'm going to guess this is due to IPSec, as DHCP Relay is unpredictable with IPSec (especially tunnel mode).
Are y... Kris Phillips
12:05 AM Bug #16162 (Confirmed): IPsec unnecessarily prompts to apply changes after input errors
dylan mendez
12:04 AM Bug #16162: IPsec unnecessarily prompts to apply changes after input errors
I can confirm this behavior on latest development snapshots.
!clipboard-202504261804-bagsm.png!
 dylan mendez

04/26/2025

07:47 PM Feature #15089 (Resolved): Support LuaDNS provider
Tested on... Christopher Cope
07:45 PM Bug #16153: ECL can modify a discovered config file
can confirm this occurs when using ECL on 25.03.b.20250424.1928 and 25.07.a.20250426.1531, when inspecting the conten... Jordan G
07:07 PM Bug #16158 (Closed): IPsec allows deleting P1/P2 entries with an assigned VTI
dylan mendez
02:17 PM Bug #16158 (Incomplete): IPsec allows deleting P1/P2 entries with an assigned VTI
Tested on... Christopher Cope
08:39 AM Bug #16158: IPsec allows deleting P1/P2 entries with an assigned VTI
I am getting the same results on 24.11 pfSense Plus. Everything works as expected. Danilo Zrenjanin
08:28 AM Bug #16158 (Feedback): IPsec allows deleting P1/P2 entries with an assigned VTI
Danilo Zrenjanin
08:28 AM Bug #16158: IPsec allows deleting P1/P2 entries with an assigned VTI
I couldn't reproduce it on:... Danilo Zrenjanin
06:20 PM pfSense Packages Feature #16075: Add Zabbix 7.0 packages for 24.03
@jimp @mmendoza @jgreene
What is needed to get Zabbix 7.0 pushed to 24.03 to see if it builds? Andrew Almond
06:11 PM Feature #15562: Add support for OpenID
+1, OIDC for additional logon method for easy onboarding of helping hands. chris laws
04:25 PM Bug #16155: mpd5 specific options remain availble after enabling if_pppoe
I do not have an actual pppoe link to test this with but using 24.11 with the above changeset applied via system_patc... Jordan G
02:33 PM Bug #14613: Incorrect wireguard control panel status management
2.7.2 This problem is reproduced again hao zhang
02:26 PM Bug #16162 (Resolved): IPsec unnecessarily prompts to apply changes after input errors
When attempting to delete an IPsec P1/P2 with VTI and an interface assigned an error is generated as expected; howeve... Christopher Cope

04/25/2025

09:43 PM pfSense Packages Regression #16160 (Resolved): PHP error after saving WireGuard tunnel with multiple addresses
Marcos M
05:45 PM Bug #16018: Mysterious Entire Crash in "PFSense CE"
Marco, the GUI isnt working anymore when the Crash happends... Also a reboot doesnt work. Where ist the crashdump? Guido Lipke
04:44 PM Bug #16018: Mysterious Entire Crash in "PFSense CE"
The screenshot is not enough - please share the crash report after logging into the GUI and include what version of p... Marcos M
10:08 AM Bug #16018: Mysterious Entire Crash in "PFSense CE"
It isnt a Filesystem Error... This Crash Happens when editing Firewall Rules.
A few Minutes ago... same issue... I s... Guido Lipke
04:57 PM pfSense Packages Bug #13654: Wireguard does not fail back failover WAN setup.
Any update from the Netgate team on this issue? I just received another bill from AT&T with almost $1100 in data over... Andrew Collings
04:50 PM Bug #16161 (Duplicate): Crash report
Based on the backtrace this appears to be a duplicate of #15503 Jim Pingle
04:37 PM Bug #16161 (Duplicate): Crash report
Estou com esse erro de php, onde meu pfsense reinicia. William Nakada
02:52 PM Feature #15089: Support LuaDNS provider
Are you using an API key, rather than your account password? You should be. See https://app.luadns.com/users/api_keys Aaron Sierra

04/24/2025

09:20 PM pfSense Docs Todo #16146: Document net.inet6.icmp6.nd6_onlink_ns_rfc4861
For reference this behavior can be achieved with pfSense as the upstream router, e.g. if the address being pinged by ... Marcos M
09:10 PM pfSense Packages Regression #16160 (Feedback): PHP error after saving WireGuard tunnel with multiple addresses
Fixed with "f6dfb5a189c7e82b4f4962b7890f9c66eb36a088":https://github.com/pfsense/FreeBSD-ports/commit/f6dfb5a189c7e82... Marcos M
09:04 PM pfSense Packages Regression #16160 (Resolved): PHP error after saving WireGuard tunnel with multiple addresses
After adding a second address to a WireGuard tunnel (unassigned interface), the following alert is shown:... Marcos M
03:45 PM pfSense Packages Feature #15397: Wazuh Agent
I would also like this package to make it into the official pfSense package list.
What would it take to make that ha... Kuberan Govender
03:29 PM Bug #16115 (Resolved): Potential XSS in IPsec Phase 1
Jim Pingle
03:23 PM Bug #16115: Potential XSS in IPsec Phase 1
tested, reproduced on 25.07.a.20250331.2135
fixed in 25.07.a.20250409.0600 and later Georgiy Tyutyunnik
03:29 PM Bug #16114 (Resolved): Potential XSS in Firewall Schedules
Jim Pingle
03:23 PM Bug #16114: Potential XSS in Firewall Schedules
tested, reproduced on 25.07.a.20250331.2135
fixed in 25.07.a.20250409.0600 and later Georgiy Tyutyunnik
03:01 PM Bug #16116 (Resolved): Potential XSS in Wake on LAN page and widget
Jim Pingle
03:00 PM Bug #16116: Potential XSS in Wake on LAN page and widget
tested, reproduced on 25.07.a.20250331.2135
fixed in 25.07.a.20250409.0600 and later Georgiy Tyutyunnik
04:01 AM Feature #15089: Support LuaDNS provider
Luadns is added to Dynamic DNS list
I added the hostname and domain, but it’s not registering
/services_dyndns_... Alhusein Zawi
01:15 AM Bug #16155 (Feedback): mpd5 specific options remain availble after enabling if_pppoe
Applied in changeset commit:27e9a8aaa44702d0305f01ca21629f2b081dbdc0. Marcos M
01:09 AM Revision 1c9355bd: Remove the pppoe reset cron job when the interface is disabled or with if_pppoe
Marcos M

04/23/2025

06:38 PM Bug #16143: Unbound DNS over TLS resumption issue
further to this it turns out its a setting which needed tweaking
specifically;
infra-cache-min-rtt: 750
b... mrpops2ko .
04:36 PM Feature #16159 (New): Provide periodic connection reset for if_pppoe
PPPoE connections using mpd5/netgraph had several advanced options that are not available when if_pppoe is enabled.
... Steve Wheeler
01:24 AM Bug #16158 (Closed): IPsec allows deleting P1/P2 entries with an assigned VTI
!clipboard-202504221835-hmb4v.png!
Input validation does not prevent user from deleting a P1/P2 with a VTI assig... dylan mendez

04/22/2025

10:12 PM Feature #8641: Need way to disable HSTS and/or replace webConfigurator certificate from CLI
I support adding this to the console menu, I locked myself out by being a dumbo using a user certificate not server c... Chris Collins
08:34 PM pfSense Packages Bug #13654: Wireguard does not fail back failover WAN setup.
I can confirm this problem also exists with pfsense CE 2.7.2-RELEASE and WireGuard package 0.2.1.
For reference, thi... Wayne Sherman
05:40 PM Revision 27e9a8aa: Hide unsupported options with if_pppoe. Fix #16155
Marcos M
03:18 PM Bug #16156 (Resolved): DDNS may send requests over IPv4 for IPv6 services
Marcos M
01:20 AM Bug #16156 (Feedback): DDNS may send requests over IPv4 for IPv6 services
Applied in changeset commit:363330d9eea0a54cb688977c2d57b82586843a70. Marcos M
12:47 AM Bug #16156 (In Progress): DDNS may send requests over IPv4 for IPv6 services
Marcos M
02:21 PM Revision 7bfa6007: Check for Kea custom configuration before retrying without it
Errors without custom configuration can also trigger the notice. In such
case, retrying is redundant and the notice t... Marcos M
01:08 AM Revision 363330d9: ddns: use the correct AF for the service type. Fix #16156
Marcos M
01:05 AM Revision 3604a5df: Use IPv6 system preference for all configured interface types in get_request_source_address()
Marcos M
12:43 AM pfSense Packages Regression #16157 (Duplicate): Wireguard with ipv6 interface breaks in 25.03 beta.
Running: 25.03-BETA (amd64)
built on Mon Apr 14 14:38:00 EDT 2025
Upon upgrade, Wireguard will not start. Attache... quiet lion

04/21/2025

11:51 PM Bug #16156 (Resolved): DDNS may send requests over IPv4 for IPv6 services
When a DDNS "v6" service is configured with an interface that is not a gateway group and the interface has both IPv4 ... Marcos M
11:45 PM Bug #16155 (Resolved): mpd5 specific options remain availble after enabling if_pppoe
When if_pppoe is enabled some PPPoE options that only mpd5 supported are no longer available and should be hidden fro... Steve Wheeler
09:52 PM pfSense Packages Bug #16154 (Resolved): pfBlockerNG does not include the VIP ID with DNSBL VIPs
Fixed with "dee5e9429c1954d892716dcd597b5b7232096698":https://github.com/pfsense/FreeBSD-ports/commit/dee5e9429c1954d... Marcos M
09:51 PM pfSense Packages Bug #16154 (Resolved): pfBlockerNG does not include the VIP ID with DNSBL VIPs
VIPs require unique IDs. Omitting the ID causes @get_configured_vip_list()@ to not return all expected VIPs which in ... Marcos M
04:56 PM Revision 06824b27: Correct DHCP6 client log
This function is called regardleass of the "without RA" option. Followup
to dd3d48af87c892a070210f0064e589157868e7c2. Marcos M
04:39 PM Revision 5c2c11bb: Supress info logs for rc.newwanipv6 RENEW
Only log when there's something to do during RENEW. This avoids spamming
the system log now that rc.newwanipv6 is cal... Marcos M
02:54 PM pfSense Docs Todo #16146 (Rejected): Document net.inet6.icmp6.nd6_onlink_ns_rfc4861
Looking at the Bugzilla entry I do not think we should document this. Certainly not in any primary troubleshooting do... Jim Pingle
02:41 PM pfSense Docs Todo #16151 (Resolved): Feedback on Netgate® Nexus — Netgate® Nexus Licensing
Should be cleaned up now, still in the breadcrumbs but not on every instance that used the substitutions:
https://... Jim Pingle
12:49 PM pfSense Docs Todo #16151 (In Progress): Feedback on Netgate® Nexus — Netgate® Nexus Licensing
I had setup instances of those names to use a substitution macro so it isn't actually defined in the text on each ins... Jim Pingle
01:03 AM pfSense Docs Todo #16151 (Resolved): Feedback on Netgate® Nexus — Netgate® Nexus Licensing
*Page:* https://docs.netgate.com/pfsense/en/latest/nexus/license/index.html
*Feedback:*
We already have
Docs>>p... jamie thompson
01:50 PM Bug #16153 (New): ECL can modify a discovered config file
When importing a config using the ECL if a config on an external drive contains RRD data that will be removed from th... Steve Wheeler
12:55 PM Bug #16148 (Rejected): OpenVPN socket listen queue overflow in pfSense 2.7.2
That particular error is on the management socket, so it could be from too many things in the GUI polling status for ... Jim Pingle
12:51 PM pfSense Packages Feature #16150 (Rejected): Add DNS API mijn.host
We pick up new compatible providers when we sync with upstream, no need to track them with separate feature requests. Jim Pingle
12:46 PM pfSense Docs Correction #16152 (Closed): Feedback on Netgate® Nexus — Netgate® Nexus Licensing
That is a global footer which is on every page, I don't see a way to change it on a per-page basis since it applies t... Jim Pingle
01:04 AM pfSense Docs Correction #16152 (Closed): Feedback on Netgate® Nexus — Netgate® Nexus Licensing
Since Netgate Nexus is new functionality, at the bottom of the page it is not (C) 2025 Electric Sheep Fencing LLC and... jamie thompson
12:44 PM Bug #16141 (Resolved): RRD data fails to restore via the ECL
Christian McDonald

04/20/2025

07:35 PM pfSense Packages Feature #16150 (Rejected): Add DNS API mijn.host
Is it possible to add DNS API support for provider mijn.host in the ACME package?
It's already available in the orig... Finger Print
08:41 AM Bug #15584: Redacting description at Interfaces=>LAGGs section cause LAGG interface rebuild.
Tested on 25.03-BETA (amd64)
built on Mon Apr 14 22:38:00 +04 2025
FreeBSD 15.0-CURRENT
The issue still persists aleksei prokofiev
08:27 AM pfSense Plus Bug #15688: inverse on graph shows number as Bytes without converting to KB or MB or GB or TB, etc. on mouse over
Tested on
25.03-BETA (amd64)
built on Mon Apr 14 22:38:00 +04 2025
FreeBSD 15.0-CURRENT
Status_Traffic_Totals... aleksei prokofiev

04/19/2025

10:57 PM Bug #16130 (Resolved): Input validation prevents creating port forwards for the same port using a different address family

Created two port forward rules — one for IPv4 and one for IPv6 — using the same port, and no errors occurred.
Reso... Alhusein Zawi
09:30 PM Feature #16092: Separate IDS/IPS and link-local firewall log entries from default block logging
additional logging preferences are present in 25.03.b.20250414.1838 for specific network subsets and IDS/IPS blocked ... Jordan G
07:30 PM Feature #15862: Suppress multiple backups during config default
using 25.03.b.20250414.1838 defaulting the system results in fewer config history creation points, specifically the i... Jordan G
06:29 PM pfSense Plus Bug #16149 (Rejected): Custom Options Missing from pfSense Plus for Kea
The current docs are for 25.03/2.8.0 so that people testing the beta had access to the information for the new featur... Jim Pingle
04:50 PM pfSense Plus Bug #16149 (Confirmed): Custom Options Missing from pfSense Plus for Kea
Tested on... Christopher Cope
03:09 PM pfSense Plus Bug #16149 (Rejected): Custom Options Missing from pfSense Plus for Kea
Options referenced here to provide custom options to Kea are missing, but provided in the documentation:
https://doc... Kris Phillips
06:27 PM Bug #16141: RRD data fails to restore via the ECL
with the above patch applied, RRD data/monitoring graphs are present and show historical information when restoring a... Jordan G
05:05 PM Bug #16145 (Resolved): Not possible to delete Custom message text for the login screen
Tested on... Christopher Cope
03:18 PM pfSense Packages Bug #15435: Long boot time when using FQDN for WireGuard VPN endpoint
I have worked on a small change that I hope you will consider as a solution to control the start of the wireguard ser... Patrik Stahlman
06:46 AM Bug #16148 (Rejected): OpenVPN socket listen queue overflow in pfSense 2.7.2
We have been running pfSense CE for several years with multiple OpenVPN server instances (5+), and everything worked ... reza karimi

04/18/2025

06:35 PM pfSense Plus Bug #16147 (New): pfi_kkif_update event causing panic
Hardware is a SuperMicro PIO-618R-TDLR, dual Intel E5-2640 CPU & 32Gb of ram running Plus 24.11. ... Chris W
06:25 PM Bug #16145 (Feedback): Not possible to delete Custom message text for the login screen
Applied in changeset commit:23ed921b456f6cdc5f5ab53b94029452362cf658. Marcos M
06:17 PM Bug #16145 (In Progress): Not possible to delete Custom message text for the login screen
Thanks! Marcos M
11:36 AM Bug #16145: Not possible to delete Custom message text for the login screen
This change seems to fix the issue... Patrik Stahlman
11:25 AM Bug #16145 (Resolved): Not possible to delete Custom message text for the login screen

I tried the new feature #9293 to add Custom message text for the login screen. All went well until I wanted to remo... Patrik Stahlman
06:16 PM Revision 23ed921b: Allow deleting login message. Fix #16145
Marcos M
05:26 PM pfSense Plus Bug #16123 (Not a Bug): Advertisements from a GUA are ignored
See https://redmine.pfsense.org/issues/16146 Marcos M
05:24 PM pfSense Docs Todo #16146 (Rejected): Document net.inet6.icmp6.nd6_onlink_ns_rfc4861
Some ISPs require @net.inet6.icmp6.nd6_onlink_ns_rfc4861@ to be set (e.g. @sysctl net.inet6.icmp6.nd6_onlink_ns_rfc48... Marcos M
05:15 PM Bug #16142: XMLRPC requests fail due to incorrect request path
Yes, 25.03 works good. dylan mendez
10:19 AM pfSense Plus Bug #15418: Incorrect links to edit static mapping and WOL on DHCPv6 leases (status_dhcpv6_leases.php). URL parameter values missing.

The configuration I used back then was:
- ISC backend
- WAN DHCPv6
- LAN IPv6 tracking WAN
I am using KEA no... Patrik Stahlman
08:38 AM Bug #16144 (New): Switching from Static IP block to DHCP on the WAN leaves original routes in place
I had a /29 Static IP block and gave it up (changing ISP in the process) and switched the WAN to DHCP. I used option ... Nick Howitt
04:57 AM Bug #16143: Unbound DNS over TLS resumption issue
i've crossposted it to unbound github too https://github.com/NLnetLabs/unbound/issues/1271 mrpops2ko .

04/17/2025

08:30 PM Bug #16141 (Feedback): RRD data fails to restore via the ECL
Applied in changeset commit:209b8baa878f28bc3b34fded5b1d6163bb8db264. Christian McDonald
07:29 PM Revision 209b8baa: Ensure $rrdtool is set when restoring rrddata. Fixes #16141
Christian McDonald
05:09 PM pfSense Packages Bug #15435: Long boot time when using FQDN for WireGuard VPN endpoint

-I know of others who experience the same issue, so I'll document my local patch that disables Wireguard from instal... Patrik Stahlman
04:37 PM pfSense Packages Bug #15435: Long boot time when using FQDN for WireGuard VPN endpoint

Unfortunately, wireguard, in its wisdom... seems to forcefully reinstall the shell commands every time I reboot. An... Patrik Stahlman
02:51 PM pfSense Packages Bug #15435: Long boot time when using FQDN for WireGuard VPN endpoint

Thanks Jim, yes, I can see the multitude of scenarios that needs to be catered for. I'm just happy I found a way fo... Patrik Stahlman
02:03 PM pfSense Packages Bug #15435: Long boot time when using FQDN for WireGuard VPN endpoint
Changing when WireGuard starts ends up being a chicken-and-egg situation. Certain other things may require connectivi... Jim Pingle
01:50 PM pfSense Packages Bug #15435: Long boot time when using FQDN for WireGuard VPN endpoint

Using the Shellcmd package, I tried changing wireguardd start from earlyshellcmd to shellcmd but that did not work,... Patrik Stahlman
01:30 PM pfSense Packages Bug #15435: Long boot time when using FQDN for WireGuard VPN endpoint

I found a simple solution: don't start wireguardd through the early shell command mechanism in config.xml
While ... Patrik Stahlman
09:35 AM pfSense Packages Bug #15435: Long boot time when using FQDN for WireGuard VPN endpoint

I am happy to confirm that the long boot time (or boot failure in case of 25.03-BETA) occurs when using FQDN in wir... Patrik Stahlman
08:53 AM pfSense Packages Bug #15435: Long boot time when using FQDN for WireGuard VPN endpoint

This issue is still present in 25.03-BETA (25.03.b.20250414.1838) as mentioned here: https://forum.netgate.com/topi... Patrik Stahlman
04:59 PM Bug #16142: XMLRPC requests fail due to incorrect request path
2.8.0 is OK. Seems to only affect 25.07.
Reinstalling @php83-pear-XML_RPC2-1.1.5.pkg@ and restarting PHP didn't ha... Jim Pingle
04:18 PM Bug #16142: XMLRPC requests fail due to incorrect request path
stevew tested it on 25.03 and it's working and also sending the @POST@ request to the proper URL.
I don't see anyw... Jim Pingle
04:00 PM Bug #16142 (Confirmed): XMLRPC requests fail due to incorrect request path
Has this been tested on 25.03 and confirmed to be OK there?
I am seeing this on 25.07 as well but I'm not seeing a... Jim Pingle
05:41 AM Bug #16142 (Resolved): XMLRPC requests fail due to incorrect request path
Version: 25.07.a.20250416.0600
This has been happening for a few updates already. dylan mendez
04:43 PM Bug #16143 (New): Unbound DNS over TLS resumption issue
hi spent more time than i'd be willing to admit trying to resolve this issue and i'm now largely convinced its an iss... mrpops2ko .
09:58 AM pfSense Packages Regression #15158: XMLRPC Timeout won't save if over 150
The issue persisted on 24.11 pfSense Plus release.
Tested against. ... Danilo Zrenjanin

04/16/2025

08:18 PM Bug #15973: Kea DHCP server crashes on 3100 (32bit ARM) every 10 days or so post 24.11 upgrade
That patch resolves a problem that would prevent Kea from starting outright, not one that would cause it to crash aft... Christian McDonald
08:11 PM Bug #15973: Kea DHCP server crashes on 3100 (32bit ARM) every 10 days or so post 24.11 upgrade
Same here, on SG-3100.
Nice share, Sander, about the crontab "for when it fails"
Also, in patches pkg, I found t... Jon Q
08:09 PM pfSense Packages Feature #15853 (Resolved): Add mDNS Bridge (mdns-bridge) package
mdns-bridge is available in 2.8/25.03
Bugs can be tracked in separate issues.
Marking resolved. Christian McDonald

04/15/2025

07:24 PM Bug #16141 (Waiting on Merge): RRD data fails to restore via the ECL
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1215 Christian McDonald
05:57 PM Bug #16141: RRD data fails to restore via the ECL
Problem here is that @$rrdtool@ is unset when ECL calls @restore_rrddata@ so instead of exec'ing @"{$rrdtool} restore... Christian McDonald
05:42 PM Bug #16141 (In Progress): RRD data fails to restore via the ECL
Christian McDonald
03:52 PM Bug #16141 (Resolved): RRD data fails to restore via the ECL
When restoring a config at boot using the External Config Locator and RRD data present should be restored but fails w... Steve Wheeler
11:00 AM Bug #13792: Filterdns assumes sets of resolved addresses for each hostname are nonintersecting
I have a similar situation here. An alias acting as Whitelist, with two DDNS. When both DDNS are in the same location... Javier Martinez
06:47 AM pfSense Packages Feature #14032: Neighbor Discovery Proxy (NDproxy)
Firstname Surname wrote in #note-7:
> 8. Load the module (kldload ndproxy), if you get no warnings on load and no er... Filippo Tessarotto

04/14/2025

08:01 PM Bug #16019 (Resolved): Kea can unintentionally attempt to spawn multiple processes and fail
Marking resolved.
Thanks Christian McDonald
06:03 PM pfSense Packages Feature #14032: Neighbor Discovery Proxy (NDproxy)
OK, here's ndproxy for 2.7.2 if anyone needs it:
ndproxy is marked broken in the stock 14.0-RELEASE port, but it's... Firstname Surname
03:03 PM pfSense Plus Bug #16138: Ethernet rules passing IPv4 (0x0800) packets despite the block rule
I added a note about that tunable to the docs (in Bridging, but with an xref in Ethernet rules). Jim Pingle
02:17 PM pfSense Plus Bug #16138 (Not a Bug): Ethernet rules passing IPv4 (0x0800) packets despite the block rule
Yes exactly that. You must set net.link.bridge.ipfw to 1 to enable link-level pfil hooks on the bridge.
With that ... Steve Wheeler
01:38 PM pfSense Plus Bug #16138: Ethernet rules passing IPv4 (0x0800) packets despite the block rule
If you set
net.link.bridge.ipfw=1 (it was set to 0 by default)
Ethernet rules start to function
Tested on ... Boris Pavlovic
02:56 PM pfSense Packages Bug #15410: cache_object://URL Scheme is removed in Squid-6
I wanted to add more info on this. Thanks Jonathan Lee
02:55 PM pfSense Packages Bug #15410: cache_object://URL Scheme is removed in Squid-6
On 2025-04-11 01:08, Amos Jeffries wrote:
On 11/04/25 03:47, Jonathan Lee wrote:
Hello fellow Squid users,
Does ... Jonathan Lee
01:50 PM pfSense Plus Bug #16139 (Rejected): Help icon on Firewall=>Rules=>Ethernet=>Edit go to firewall rules page rather than Ethernet rules.
That's expected and not something that can be redirected separately. The help system ignores parameters on pages like... Jim Pingle
01:50 PM Feature #14802: Re-enable multiqueue support for virtio NIC
A colleague bravely tested this by building a new kernel for pfSense 2.7.2 with just ALTQ for vtnet disabled. We did ... Bernhard Schmidt
09:13 AM Bug #16124: Kernel Panic on PCI WiFi Passthrough (AC7265)
still present in 2.8.0.b.20250407.1736 Giampiero Di Pietrantonio

04/13/2025

02:21 PM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server
Phil Wardt wrote in #note-15:
> Kris Phillips wrote in #note-14:
> > pfSense has no control over the OpenVPN client... Kris Phillips
02:09 PM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server
Kris Phillips wrote in #note-14:
> pfSense has no control over the OpenVPN client being used and any bugs there need... Phil Wardt
05:41 AM Bug #16122: Interfaces=>Vlans, ipsecX interfaces are listed in the VLAN parent interface config dropdown menu.
Tested on 25.03-BETA (amd64)
built on Thu Apr 10 2:08:00 +04 2025
FreeBSD 15.0-CURRENT
Also in VLAN parent interfa... aleksei prokofiev
04:47 AM pfSense Plus Regression #15880: Upgrade available LED not set before branch is selected.
running 25.03.r.20250411.1649 and having 25.07.a.20250411.1649 available as an update on another branch, no indicatio... Jordan G

04/12/2025

11:20 PM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server
Phil Wardt wrote in #note-13:
> Currently, in Android 15 at least, this client options is ignored and never applied
... Kris Phillips
11:05 PM Bug #16019: Kea can unintentionally attempt to spawn multiple processes and fail
tested switching service backend with 25.03.r.20250411.1649 and 25.03.b.20250409.2208 and do not see multiple PIDs fo... Jordan G
02:40 PM pfSense Plus Bug #16139 (Confirmed): Help icon on Firewall=>Rules=>Ethernet=>Edit go to firewall rules page rather than Ethernet rules.
I can confirm on... Christopher Cope
06:11 AM pfSense Plus Bug #16139 (Rejected): Help icon on Firewall=>Rules=>Ethernet=>Edit go to firewall rules page rather than Ethernet rules.
The help icon should go to https://docs.netgate.com/pfsense/en/latest/firewall/ethernet-rules.html page.
!clipbo... Lev Prokofev
02:10 PM Bug #16112 (In Progress): Mythic Beasts DynDNS
Thanks for the report. I do see what appears to be the problem from their docs. I created a patch which should solve ... Christopher Cope
05:48 AM Bug #16122: Interfaces=>Vlans, ipsecX interfaces are listed in the VLAN parent interface config dropdown menu.
Still the issue in ... Lev Prokofev
04:14 AM pfSense Packages Bug #15410: cache_object://URL Scheme is removed in Squid-6
On 11/04/25 03:47, Jonathan Lee wrote:
Hello fellow Squid users,
Does anyone use pfSense squid package that knows a... Jonathan Lee

04/11/2025

04:24 PM pfSense Plus Bug #16138 (Not a Bug): Ethernet rules passing IPv4 (0x0800) packets despite the block rule
Tested on 24.11 and 25.03 Beta built on Fri Apr 4
Setup:
ix2 and igb1 in bridge, filtering on member interface:... Lev Prokofev
01:22 PM Bug #16137 (Rejected): Include ::1 in localhost address in default/auto access rules of unbound
It is already included unless you have manually disabled automatic access rules ("Disable Auto-added Access Control" ... Jim Pingle
07:30 AM Bug #16137 (Rejected): Include ::1 in localhost address in default/auto access rules of unbound
I have written a forum topic on this issue here that describes the issue:
https://forum.netgate.com/topic/197112/u... Terje Strand
02:55 AM Bug #16133: DHCPv6 not issuing IPv6 addresses with RA set to managed or assisted
Thanks. Have uploaded the full pcaps and logs. Will continue on the forum. Warren Linton
01:38 AM Bug #16133: DHCPv6 not issuing IPv6 addresses with RA set to managed or assisted
It'd be best to continue the discussion on the forum for now - please open a thread there:
https://forum.netgate.com... Marcos M

04/10/2025

10:55 PM Bug #16133: DHCPv6 not issuing IPv6 addresses with RA set to managed or assisted
Have attached 3 packet captures from a Windows 11 client. The first is from the original 2.7.2 system. You can see th... Warren Linton
12:11 AM Bug #16133: DHCPv6 not issuing IPv6 addresses with RA set to managed or assisted
Thanks. I'll run some packet captures and have a closer look at what is going on. Warren Linton
09:27 PM Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries
I'm seeing the same bug with 2.7.2-RELEASE. Same workaround (kill filterdns then Reload Filters) resolves it. Jesse Norell
09:25 PM pfSense Packages Feature #9833: ACME: add ability to use custom ACME server
+1, a game changer when working with PKI (so typical for pfSense deployments) Marcel Kinzel
03:57 PM pfSense Packages Bug #15410: cache_object://URL Scheme is removed in Squid-6
https://forum.netgate.com/topic/197092/squid-status-gui-tab-not-working-pfsense-plus-v-24 Jonathan Lee
03:56 PM pfSense Packages Bug #15410: cache_object://URL Scheme is removed in Squid-6
Update: I did some testing yesterday and found this status page error still occurs with the removal of all custom con... Jonathan Lee
03:45 PM pfSense Packages Feature #16075: Add Zabbix 7.0 packages for 24.03
@jimp Can you push Zabbix 7.0 to 24.03 and see if it builds? Andrew Almond
03:16 PM Revision 0c31fc41: Traffic shaper: fix traffic shaper and wizard
Eddie Wong

04/09/2025

11:52 PM Bug #16133: DHCPv6 not issuing IPv6 addresses with RA set to managed or assisted
I mixed up my comment with notes from another test, apologies. I'll remove it and clarify here:
# pfSense 2.7.2 VM... Marcos M
11:10 PM Bug #16133: DHCPv6 not issuing IPv6 addresses with RA set to managed or assisted
Marcos M wrote in #note-1:
> I'm not able to reproduce this. I set up pfSense upstream with Kea DHCPv6 Server and ma... Warren Linton
09:17 PM Bug #16133 (Incomplete): DHCPv6 not issuing IPv6 addresses with RA set to managed or assisted
Marcos M
05:46 AM Bug #16133 (Incomplete): DHCPv6 not issuing IPv6 addresses with RA set to managed or assisted
Have updated from a working CE 2.7.2 config using ISC DHCP and where RA advertisements are set to Assisted mode. In 2... Warren Linton
10:33 PM pfSense Docs Todo #16135 (Resolved): Document NAT64 rules
NAT64 can now be enabled for firewall rules. NAT64 can be used with normal interface rules and floating rules. It als... Marcos M
08:53 PM Revision d7814a52: Fix exclude path when archiving RAM disk logs
"--exclude" uses a relative path. Marcos M
06:46 PM Feature #16134 (Resolved): Support ``if_pppoe`` backend for PPPoE WAN interfaces
Placeholder issue for @if_pppoe@ to show in the release notes.
This functionality is optional and currently opt-in... Jim Pingle
05:54 PM Feature #15652 (Resolved): Kea DHCPv6 Prefix Delegation Support (IPv6 Only)
Jim Pingle

04/08/2025

10:13 PM Regression #16129 (Resolved): Bogons file is not updated
Marcos M
07:15 PM pfSense Plus Bug #16132 (Rejected): Logout does not work if csrf token has expired.
Allowing requests to succeed (even logout requests) with invalid CSRF validation is not an option.
There is alread... Jim Pingle
07:07 PM pfSense Plus Bug #16132 (Rejected): Logout does not work if csrf token has expired.
If the screen has been logged in for a long time (default auto logout time changed to greater than xsfr lifetime) cli... John Pettitt
05:52 PM Bug #15906 (Not a Bug): IPv6 delegated prefix changes upstream do not immediately update track6 interfaces
Tracked interfaces are handled by the renew script with link_interface_to_track6(). However the reported issue here s... Marcos M
04:59 PM Bug #16131 (New): DHCP Relay not working when CARP Status VIP is other than None
Hello,
I have an IPSec tunnel between a PFSense and another firewall. Behind the other firewall, there's a PXE ser... Silviu Bajenaru

04/07/2025

09:41 PM Bug #15906 (New): IPv6 delegated prefix changes upstream do not immediately update track6 interfaces
Marcos M
06:22 PM Bug #15924 (Resolved): SCTP states not purged causing subsequent SCTP INIT to be blocked
Fixed with commit:f25d7ff3037e26286d5a7479e9bf39bd1bb85e4c. Marcos M
05:46 PM Regression #16127 (Resolved): ``syslog`` configuration for ``if_pppoe`` breaks logging for itself and later configuration entries in certain cases
Applied commit 063d171d17fbf1c10883bdd25b8de56c33f4454c to System_Patches w/reboot.
Tested/Success. Remote logging... Craig Coonrad
03:55 PM Regression #16127 (Feedback): ``syslog`` configuration for ``if_pppoe`` breaks logging for itself and later configuration entries in certain cases
Applied in changeset commit:063d171d17fbf1c10883bdd25b8de56c33f4454c. Jim Pingle
03:24 PM Regression #16127 (In Progress): ``syslog`` configuration for ``if_pppoe`` breaks logging for itself and later configuration entries in certain cases
Jim Pingle
02:53 PM Regression #16127 (Confirmed): ``syslog`` configuration for ``if_pppoe`` breaks logging for itself and later configuration entries in certain cases
Looks like this is from something in if_pppoe logging and it's also in CE
When a config has "everything" checked it ... Jim Pingle
04:55 PM Revision 1c59b3e7: Improve process_url()
* Fetch plain files only if they've been updated remotely
* Add check for empty file
* Don't falsely log "Could not e... Marcos M
03:50 PM Bug #16130 (Feedback): Input validation prevents creating port forwards for the same port using a different address family
Applied in changeset commit:886b66f783ccd257c1d5a82376490e8abbf1fa5a. Marcos M
03:13 PM Bug #16130 (Resolved): Input validation prevents creating port forwards for the same port using a different address family
Attempting to create a port forward for IPv6 that uses the same port in an existing IPv4 rule leads to the input vali... Marcos M
03:50 PM Regression #16129 (Feedback): Bogons file is not updated
Applied in changeset commit:2018bea642da57c89f3dd3ff95805ad51086d095.
Additional improvements with commit:1c59b3e72e... Marcos M
03:04 PM Regression #16129 (Resolved): Bogons file is not updated
After an upgrade to 2.8.0-BETA the following is shown in the logs:... Marcos M
03:49 PM Revision 063d171d: Fix syslog config for if_pppoe. Fixes #16127
- if_pppoe section set a filter but did not reset it after, which
prevented subsequent directives from having other... Jim Pingle
03:13 PM Revision 886b66f7: Limit port forward overlap checks to the same IP address family. Fix #16130
Marcos M
03:07 PM Revision 2018bea6: Check for expected file extension before extracting the file. Fix #16129
This regressed with 5a7a1a84dd8703f866257e70818bfce0ac6db9d3. Marcos M
01:45 PM Bug #16128: if_pppoe: PHP password handling
Just a thought -- but it would potentially be helpful if password validation logic would check for leading or trailin... Bill Meeks
08:22 AM Bug #16128 (Confirmed): if_pppoe: PHP password handling
A user reports (https://forum.netgate.com/topic/197026/25-03-b-20250306-0140-if_pppoe-kernel-module-chap-failure/10 )... Kristof Provost

04/06/2025

07:23 PM pfSense Plus Bug #16123: Advertisements from a GUA are ignored
There is a workaround for this; adding a VIP to the WAN interface allows network solicitations to be sent back - or r... quiet lion
06:36 PM Regression #16127 (Resolved): ``syslog`` configuration for ``if_pppoe`` breaks logging for itself and later configuration entries in certain cases
*pfSense version* : 25.03-BETA
*platform* : QEMU
25.03-BETA appears to partially break remote logging. I'm seeing... Craig Coonrad
04:58 PM Feature #13293: Option to set auth-gen-token in OpenVPN GUI
Can you check my comment here please ? :
https://redmine.pfsense.org/issues/12466#change-76474
It's about this optio... Phil Wardt
04:55 PM Feature #12466: Option to Disable Renegotiation timer in OpenVPN Server
Currently, in Android 15 at least, this client options is ignored and never applied
When added in server, as a custom... Phil Wardt
01:03 PM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online
I see this too, I'm on 25.03-BETA.
However, I have worked around the issue by adding my own a static route to the mo... John S
03:36 AM pfSense Packages Feature #16075: Add Zabbix 7.0 packages for 24.03
We need it like... 2 months ago :(
I don't know how such an important package is still not up to date. Alex Diamantopulo
03:33 AM pfSense Packages Feature #16089: Add packages for Zabbix 7.2 agent and proxy
Thank you!
We desperately need zabbix proxy 7.2. This is an awful situation where we can't monitor one-third of our ... Alex Diamantopulo
03:29 AM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy
This should not be marked as resolved, the package is not in CE...
Please fix this. Alex Diamantopulo

04/05/2025

10:41 PM Bug #16019: Kea can unintentionally attempt to spawn multiple processes and fail
Tried switching between kea and isc, stopping and starting services in unusual ways, etc. I'm no longer able to repr... Kris Phillips
08:30 PM pfSense Plus Feature #15854: Lost Captive Portal User Logins when DHCP Leases are Cleared
With the release of CE 2.8.0 Beta Apr 1 and 25.03 Plus Beta, both the index-2411-Dec17.php and RFC8910-Dec11.php rema... Dale Harron
08:30 PM Feature #15904: Add native support for Captive Portal API (RFC8908)
With the release of CE 2.8.0 Beta Apr 1 and 25.03 Plus Beta, both the index-2411-Dec17.php and RFC8910-Dec11.php rema... Dale Harron
03:11 PM Regression #16126 (Resolved): Captive Portal status page lists empty selections when multiple portals exist
Tested on... Christopher Cope
01:45 PM Bug #16093 (Resolved): Firewall logs mark entries for ``match`` rules the same as ``pass`` rules
Tested on... Christopher Cope

04/04/2025

08:01 PM Todo #15799 (Rejected): Remove unnecessary functions.inc.php and functions.php imports in widget files
Jim Pingle
08:00 PM Feature #15221 (Pull Request Review): Make System Tunables table sortable
Jim Pingle
07:58 PM Todo #15798 (Rejected): Remove shellCommand dependency
See notes on PR. Jim Pingle
06:30 PM pfSense Docs Todo #16053 (Closed): Reinstalling pfSense Plus Software Determine Target Drive does not include USB storage
Added info about USB drive targets: https://gitlab.netgate.com/docs/pfsense-platforms/-/commit/19ab1a32c4b33826b21061... Jim Pingle
05:34 PM Bug #16125: "Interface Bound States" dosn't work properly with port forwarding
Jim Pingle wrote in #note-1:
> That is almost certainly a misconfiguration on your system, such as not having a gate... Nazar Mokrynskyi
03:49 PM Bug #16125 (Not a Bug): "Interface Bound States" dosn't work properly with port forwarding
That is almost certainly a misconfiguration on your system, such as not having a gateway defined on the second WAN se... Jim Pingle
11:58 AM Bug #16125 (Not a Bug): "Interface Bound States" dosn't work properly with port forwarding
I have a gateway group with two interfaces (WAN and WAN2), with "Floating States" it works properly and I can reach m... Nazar Mokrynskyi
05:06 PM pfSense Plus Bug #16123: Advertisements from a GUA are ignored
I'm also seeing this same issue, I am using 25.03 BETA. Unfortunately I can currently only recreate this issue when ... John S
02:01 AM pfSense Plus Bug #16123: Advertisements from a GUA are ignored

Appreciate the reply, Marcos.
> NA's are not necessarily restricted to LL addresses and the default ruleset all... quiet lion
04:55 PM Regression #16126 (Feedback): Captive Portal status page lists empty selections when multiple portals exist
Applied in changeset commit:010b97a975c60efd2a889d8081d3c6bfadda5963. Marcos M
04:44 PM Regression #16126 (Waiting on Merge): Captive Portal status page lists empty selections when multiple portals exist
Marcos M
04:31 PM Regression #16126 (Resolved): Captive Portal status page lists empty selections when multiple portals exist
# Create two or more Captive Portals
# Go to Status > Captive Portal
# The drop-down selection list shows blank ent... Marcos M
04:34 PM Revision 010b97a9: Update Status > Captive Portal with correct config path. Fix #16126
While there, show the zone description as well. Marcos M
02:10 AM pfSense Packages Feature #15548: Add packages for Zabbix 7.0 Agent and Proxy
Any updates on this? Is there anything we can do to get Zabbix 7 proxy package in CE? Alex Diamantopulo

04/03/2025

09:14 PM pfSense Plus Bug #16106 (Not a Bug): Input validation issue with Alias network address
The current behavior is intended (not a bug).
Additional input validation could be considered as a feature request. ... Marcos M
08:37 PM pfSense Plus Bug #16106: Input validation issue with Alias network address
Jim Pingle wrote in #note-1:
> The problem is that when you add a trailing dot it's a valid hostname, not an IP addr... Steven C
08:38 PM Bug #16122: Interfaces=>Vlans, ipsecX interfaces are listed in the VLAN parent interface config dropdown menu.
Additional info for reference:... Marcos M
08:37 PM Bug #16111: Set Advanced or standard settings deleted all ipv4 host routes on primary node in HA Cluster
I'm unable to reproduce this between two HA pairs using BGP over VTI; all DUT's were on 25.03. I suggest testing on 2... Marcos M
02:18 PM Bug #16111: Set Advanced or standard settings deleted all ipv4 host routes on primary node in HA Cluster
Hello,
Sorry for the late response...
tThe problem is definitely reproducible. I also discussed it with the PFS... Robert Gladewitz
08:04 PM pfSense Plus Bug #16123 (Incomplete): Advertisements from a GUA are ignored
NA's are not necessarily restricted to LL addresses and the default ruleset allows this. I'm unable to reproduce the ... Marcos M
12:59 PM pfSense Plus Bug #16123: Advertisements from a GUA are ignored
NB: Adding a static route to the first v6 hop allows the NDP to be inserted:
ndp -a
2a02:fb8::11 ... quiet lion
12:47 AM pfSense Plus Bug #16123 (Not a Bug): Advertisements from a GUA are ignored
ISP: Gigaclear (UK)
*Description:*
After exactly 5 minutes v6 connectivity will die. Prefixes are still present... quiet lion
05:42 PM Bug #16124 (New): Kernel Panic on PCI WiFi Passthrough (AC7265)
Kernel Panic on ESXi-8.0U3d-24585383-standard if PCI (Passthrough) device is assigned to pfSense:
Dual Band Wirele... Giampiero Di Pietrantonio
04:13 PM Feature #15415 (Resolved): Enhanced firewall log action information display
Works great with that change, now the redundant single associated rule is hidden, but it still shows if there are mul... Jim Pingle
03:55 PM Feature #15415: Enhanced firewall log action information display
Done with commit:823a344d6bbef2a598becaa1820da9981e6a0748 Marcos M
03:53 PM Revision 9be17707: dyndns: add some error handling
Marcos M
03:40 PM Revision 823a344d: Omit matched rule from associated rules in firewall logs
Followup to 738d2703ec4f483ea2d5038d4d6faa2f26a921b2. Marcos M
 

Also available in: Atom