2.5.0 Future Release 65% 316 issues (156 closed — 160 open) Related issues Bug #1375: Captive portal logs: mixed with logs from other sources (squid, php) Bug #1605: DHCP Server should group known clients by interface Bug #1819: DNS Resolver Not Registering DHCP Server Specified Domain Name Bug #3334: Status/Traffic Graph isn't IPv6 ready Bug #3500: DHCP Leases List Not Showing Hostname in Some Cases Bug #3956: Check for invalid CA on generating new certificate Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel Bug #4521: Issue with OpenVPN certificate depth validation and long certificate subjects Bug #4866: L2TP server are restarted after adding/modifying L2TP users (mpd.secret) Bug #6025: Load balancing fails when one gateway has a weight of 1 and another gateway has a weight >1 Bug #6028: no firewall rules loaded after reboot with invalid ruleset Bug #6030: Duplicated tracker IDs on block private networks rules Bug #6167: IPsec IPComp not working Bug #6186: race conditions in service startup Bug #6277: RRD graphs are not created correctly for interfaces using CODELQ Bug #6333: Bootup starts/restarts dpinger multiple times Bug #6579: IPv6 CARP VIPs lost upon config sync where they include non-significant zeros Bug #6868: Interface MTU Setting not applied to all IPv6 routes Bug #7163: IGMP Proxy does not valid inputs Bug #7198: nginx-error.log is not circular and can fill filesystem Bug #7307: ZFS installer - shuts down instead of rebooting Bug #7380: WAN DHCP Gateway Outside of Subnet Causing Route Issues Bug #7384: DHCPv6 doesn't merge IPv6 prefix with the input submitted in DNS servers field when using Track Interface IPv6 configuration parameter for the LAN interface. Bug #7386: IPv6 not disabled in mpd.conf w/ IPv6 GUI option set to 'disabled' Bug #7389: Limiter does not work with transparent proxy Bug #7614: Port forwards where the destination is a network alias can create invalid refection rules if multiple subnets are in that alias. Bug #7622: Don't include disabled ipsec phase2 entries on pf table vpn_networks Bug #7772: Regression of Bug #906 Bug #7778: DHCP relay not working correctly with bridges Bug #7801: UDP fragments received over IPsec tunnel are not properly reassembled and forwarded Bug #8015: IPsec VPN Not Reconnecting until complete reboot Bug #8054: DHCP server accepts trailing dot in domain names, DNS resolver adds another and breaks Bug #8100: pfsync Initially Deletes States on Primary for Connections Established through Secondary Bug #8136: dpinger for WAN DHCPv6 gets fails to update gateway IP Bug #8192: dpinger - Change in ISP link-local IPv6 address drops connectivity Bug #8248: Pfsense hangs - non pingable when removing traffic shaper from interface(s) Bug #8256: IPv6 IP Alias VIP not added to Interface Network Macros Bug #8263: Cannot create a nonlinear `Link Share` service curve because of: "the sum of the child bandwidth higher than parent" Bug #8273: IPv6 GRE tunnel over PPPoE fails on startup Bug #8472: IPsec with "Split connections" enabled (multiple P2's) - new added P2's are not coming up (between two pfsense's 2.4.3) Bug #8522: SMTP test says success when actually fails Bug #8585: Logical interface MTU matches configuration of its physical port channel, not its own configuration Bug #8611: unable to receive IPv6 RA's on SG-1000, default route lost Bug #8616: When reconfiguring a captiveportal, connected users get disconnected and can't login back Bug #8815: IPv4 addresses disappear from interfaces when link is lost Bug #8870: Webgui incorrectly reports "The system is on the latest version". Bug #8922: Static routes set by system.inc for DNS gateway bindings are not removed Bug #8964: IPsec async cryptography advanced setting - TCP traffic not passing through Bug #8981: Uncheck DHCP registration does not clear entries Bug #8987: Web GUI main page very slow to load if wan interface is enabled but not connected. Bug #8990: Additional BOOTP/DHCP Options per host Bug #9023: is_fqdn() validation Bug #9058: crash in l2tp retransmit Bug #9074: Alias URL lists only storing last-most list in config. Bug #9136: IPv6 Tracking Interfaces Lose IPv6 Address in Certain Cases Bug #9148: PPPoE over a VLAN fails to reconnect. Bug #9154: Editing a VLAN parent interface causes all VLANs to be reconfigured, which can lead to problems Bug #9208: The wrong session timeout value can be used for some captive portal users Bug #9209: RADIUS: Set NAS Identifer to webConfigurator when logging in the UI Bug #9225: Gateway group routing not updated on OpenVPN client reconnect Bug #9255: Potential performance issue when using multiple authentication servers in a zone Bug #9270: "Remove all states to and from the filtered address" does not remove all states Bug #9282: Add static mapping count to DHCP Server interface tabs Bug #9320: Outbound NAT and multiple IPSEC IPs for mobile warriors Bug #9324: IPv6 on top of a PPPOE ipv4 interface assigns parent interface to default route, not pppoe interface Bug #9331: Parallel Rekey fails for multiple Child SAs Bug #9334: bogus dialogue on Limiter deletion Bug #9344: OpenVPN click NCP Algorithms will always go to DH Parameters website(in Chinese-Taiwan) Bug #9349: IPSec service start/stop/restart fails after settings change Bug #9353: PHPSession errors from limited access to dashboard and widgets Bug #9365: Use of "continue" in switch statements can be ambiguous Bug #9366: "Illegal string offset" PHP errors Bug #9382: SNMP Undefined symbol "pf_altq" Bug #9383: dhcpleases kqueue error Bug #9384: devd putting "$" before variable contents when using single quotes Bug #9385: OpenVPN logs a "Device busy" error when opening tap interfaces, but continues to function Bug #9400: PHP scandir() error at boot Bug #9401: 26 to 31 character VPN interface names cause gateway names to exceed 31 character limit Bug #9405: IPsec IPv6 dynamic FQDN Remote Gateways / util.inc resolve_retry() IPv6 support Bug #9408: OCSP stapling detection broken on 2.5.0 Bug #9410: Package install fails to run from GUI Bug #9411: Firewall log does not contain valid entries Bug #9413: VLAN driver missing ALTQ support Bug #9414: Hardware with Intel 82583V interface such as some Watchguard equipment fail to load interface Bug #9415: Firewall log is empty in the GUI Bug #9420: crypt_data() uses deprecated openssl syntax for passphrase Bug #9421: crypt_data() needs to support stronger key derivation Bug #9428: Unable to access "System: Authentication servers" if "WebCfg - System: User Password Manager" is set Bug #9431: Upgrading to 2.5.0 with devel/aws-sdk-php installed fails Bug #9441: Setting Crypto HW breaks IPSec CBC Bug #9443: Captive Portal Vouchers feature is broken in 2.5.0 Bug #9449: Empty lines in various forms Bug #9450: Multiwan gateway group fail-over not working as expected (possible race condition) Bug #9459: patch pf: silence a runtime warning pfr_update_stats: assertion failed. Bug #9460: OpenVPN local auth failing due to fcgicli output Bug #9467: vmx(4) interfaces do not have ALTQ support on pfSense 2.5, they had ALTQ support on 2.4 Bug #9472: Unable to select QinQ interfaces for PPP interface Bug #9476: pfSense 2.4.x sending ARP replies with non-CARP source MAC address Bug #9478: Unable to check for updates from the GUI when using a proxy with authentication Bug #9548: Do not use VLANMTU flag to decide if interface supports to run VLAN Bug #9560: SMART tests not working Bug #9564: Dynamic DNS Status - IPv4 format error for 'Cached IP' Bug #9577: radvd send_ra_forall failed on interface / can't join ipv6-allrouters Bug #9592: VTI interface down because interface number created is greater than ipsec32768 Bug #9596: DHCPv6 Range should not be mandatory if Stateless DHCP selected as router mode Bug #9600: Add athp to wireless device regex list Bug #9611: PHP error on fresh 2.5.0 install or after factory reset Bug #9622: Changing admins membership does not replicate correctly to HA slave Bug #9634: rc.newwanipv6 is called although dhcp6c should discard Request messages Bug #9643: Limiters do not function properly on 2.5 snapshots Bug #9646: OpenSSL 1.1.1 does not list engines for AES-NI or BSD crypto Bug #9649: IPv6 6RD Tunnel Bug #9663: panic on boot when IPv6 option "Do not wait for a RA" is enabled Bug #9710: IPv6 RA: prefix option does not contain router address in spite of "R" flag being set Bug #9715: Call to undefined function sort_related_log_files Bug #9730: newsyslog cron job not present after every upgrade Bug #9744: fatal error if ECDH Curve not default Bug #9745: can't add ECDSA certificate key when signing CSR Bug #9758: dhcpleases does not handle spaces in DHCP lease hostnames Bug #9785: ACB permits manual backup attempt when disabled Bug #9790: firewall aliases table with fqdn stays in system after deleting Bug #9796: kernel panic after removing interfaces Bug #9802: status_logs_settings.php: "Reset log files" does not clear all log files Bug #9806: Undefined variables in filter.inc openvpn aliases section Bug #9830: NTP ACLs vs. NTP pools Bug #9855: CSRF error at login when clicking the 'sign in' button multiple times Bug #9872: Error during build when compiling a non pfSense software Bug #9879: PHP Warning: count(): Parameter must be an array or an object that implements Countable in /usr/local/www/system_crlmanager.php Bug #9887: Rule separator positions change when deleting multiple rules Bug #9917: Widget Refresh Logic Flawed Bug #9920: system_crlmanager.php: CRL export file is empty if CA key type is ECDSA Bug #9924: crl_contains_cert() does not correctly report revoked status for intermediate CAs Bug #9936: zombie alias check errors if no alises exist Bug #9979: status_ipsec.php missing information Bug #9983: Reauth vs Rekey UI and behavior for swanctl Bug #9998: DHCP6c and Unbound DNS Server Boot-Up Configuration Failure Bug #10001: incorrect route deletion on 2.5 Bug #10149: system_gateways.php: PHP error on line 169 Bug #10151: vpn_ipsec_phase1.php: webgui bugs on latest 2.5 Bug #10155: sshguard is not compatible with RFC 5424 log format Bug #10176: Multiple overlapping phase 2 SAs on VTI tunnels Bug #10178: crypt.inc: crypt_data() legacy mode using wrong message digest Bug #10179: incorrect encrypted backup restore error handling Bug #10190: can't disable Phase 1 when Phase 2 is VTI Bug #10200: DHCPv6 domain-search list not sent to clients Bug #10206: VIP alias-ip's disappear from nic (caused by running ifconfig twice.?.) Bug #10236: Cannot add more than 2 VMXNET3 Adapters in vSphere Bug #10240: incorrect interface assignment after switching from PPPoE Bug #10241: Updating Dynamic DNS provider Hover is not working Bug #10247: Duplicate Outbound NAT entries when creating L2TP server Bug #10264: Gateways created at the console do not apply the naming convention used in the GUI Bug #10270: OMAPI / disableauthoritative / alwaysbroadcast not saved inside dhcpd.conf Bug #10276: NTP "No Select" does not work Bug #10284: Exporting p12 for CSR causes a crash report Bug #10295: Unescaped characters in dhcp-client-identifier prevent DHCPD from starting on interface Bug #10296: swanctl.conf may need multiple pools to support IPv4 and IPv6 Bug #10305: Using special character in Schedules description Bug #10306: Incorrect IPsec service status Bug #10307: NTP status widget doesn't display stratum Bug #10314: Per-user IKEv2 settings are not functioning on 2.5.0 Bug #10317: SMTP notifications validating SSL when option disabled Bug #10327: Fix/Update GPS initialization commands for Garmin devices. Bug #10331: French language give a Warning: sprintf(): in system_advanced_admin.php Bug #10336: fatal error on firewall_aliases_edit.php Bug #10346: DHCPv6 service Dynamic DNS errors Bug #10351: Saving IPSEC connection breaks FRR BGP on VTI interfaces Bug #10359: Require State Filter setting breaks filter rule link to associated states Bug #10360: PHP error when renewing a CA used by services Bug #10362: Error renewing cert if SAN contains IP Address Bug #10363: Note for Duplicate Connections in OpenVPN tunnel settings is obscure Bug #10365: LAGG member event causes filter to reload Bug #10366: Captive Portal Allowed MAC bandwidth Issue Bug #10368: OpenVPN server no definition of protocol to use (udp4) Bug #10383: Additional interfaces do not survive a reboot before the setup wizard has been run Bug #10386: A NTP Time Server name may only contain the characters a-z, 0-9, '-' and '.'. Bug #10390: Fix DigitalOcean Dynamic DNS client for IPv6 Bug #10397: Changing default or static route gateway on 2.5.0 does not remove old route Bug #10406: "Toggle All" button for radio buttons Bug #10418: IPsec VTI Interface issues Bug #10424: status.php: Calls using pkg should use pkg-static Feature #790: Advanced options for dnsclient (resolv.conf) Feature #855: More flexible options for state killing based on WAN status Feature #1192: Certificate Manager - Ability to Encrypt Private Keys When Exporting Feature #1257: Handle encypted CA/Certificate private keys Feature #1337: VLANs with different MAC address than parent interface Feature #1557: Add the Interface descriptions to the OS interface descriptions Feature #2568: Allow dashed DUID to be entered in a DHCPv6 Mapping Feature #2850: add units in ntp status page Feature #3258: Allow multiple certificates to be revoked in a single step Feature #3377: OAuth2 authentication in captive portal Feature #3567: Option to disable NTP Feature #4068: CAs present on CERT manager are not trusted from pfSense Feature #4405: Traffic shaping doesn't work when applied to a bridge interface Feature #4991: WebGUI does not support ECDSA certificates for IPSec Stage 1 Feature #5644: Captive Portal retain logins across reboot Feature #6324: Improve IKEv2 multiple traffic selector per SA configuration GUI Feature #6742: OAuth2 authentication for OpenVPN (and for FreeRadius) Feature #6775: Strongswan PKCS#11 Support Feature #6787: NTP GUI sync/poll interval Feature #6960: Consider replacing ISC DHCP server with KEA DHCP Feature #7016: system_information_widget.php - Indicate adaptive state timeout status when active Feature #7284: NTPd Autoset GPS device baud rate Feature #7304: DHCP: Enable OMAPI Config Feature #7332: Provide certificate expiry warning Feature #7467: Add iPhone/Android/Generic USB tethering support Feature #7671: Gateway Monitoring Via Custom Script or Telnet. Feature #7767: OCSP support for OpenVPN server Feature #7861: Make "Descriptive name" of certificates editable Feature #8160: Accomodate both RADIUS and pool IP addresses in IPsec Feature #8289: OpenVPN - configurable username as common name Feature #8624: DNS Resolver Resolve IPv6 OpenVPN Client Addresses Feature #8645: Upload certificate file instead of pasting Feature #8861: Show more detail on status_interfaces.php Feature #9152: Sort diag_states_summary.php by states Feature #9206: OpenVPN+RADIUS+Cisco AVPair ACL Enhancements/BugFixes Feature #9260: ssh_tunnel_shell: Disable console message output Feature #9274: CP - trim() username post_value Feature #9297: Log and Graph Temperatures Feature #9302: radvd always advertises DNS servers and Domain Search List regardless of M or O flag Feature #9309: Allow manual selection of IPsec IKE Pseudo-Random Function (PRF) Feature #9426: Show PPP uptime on the Dashboard - Interfaces Widget Feature #9527: Add ability for LDAP extended query on groups in RFC2307 containers. Feature #9531: [IPSEC] Add additional curve-based DH Groups (31+) Feature #9538: add support for athp(4) driver Feature #9544: Enable RADIX_MPATH Feature #9639: Cloudflare DDNS "API Token" Feature #9661: Increase the number of DHCP/DHCPv6 NTP server options to three (or more) Feature #9688: restartallwan - pfSsh.php script to restart all wan interfaces Feature #9706: Increased number of colors for login screen Feature #9716: Italian translation Feature #9718: Make diag_states_summary table sortable Feature #9726: Hash Algorithm configured on child ESP/AH proposals using AES GCM though strongswan strips them Feature #9754: Add separate authentication log Feature #9771: diag_reboot.php: add ability to reroot and reboot with fsck to WebGUI Feature #9788: Display number of connections in status_openvpn.php Feature #9825: Requirements for trusted certificates in iOS 13 and macOS 10.15 Feature #9828: L2TP (long) username containing @ (realm separator) Feature #9834: system_certmanager.php: add ability to import certificate without private key Feature #9842: Add CA/certificate renewal function Feature #9843: allow to generate cert/csr with ECDSA key Feature #9862: Add support for waiting between ping-packages on diag_ping.php Feature #9869: Allow CRL entries to be made by serial number Feature #9878: IPsec PKCS#11 authentication Feature #9883: Allow CAs to use randomized serials when signing Feature #9884: Add support for OpenVPN --x509-username-field Feature #9896: Add poly1305-chacha20 to the TLSv1.2 cipher list in nginx Feature #9907: do not show incompatible ECDSA certs for DNS Resolver Feature #9923: Add select_source compatible output to cert_build_list() Feature #9942: Give pfSense the possibility to change the keyboard Layout for console users Feature #9972: cert_build_list(): by default don't show certs without prv key Feature #10186: Ability to do inverse matching of tags in floating rules Feature #10214: Allow IPsec duplicate endpoints Feature #10221: Update DH group warnings to say that group 5 is also weak Feature #10222: Tune GRE MTU if GRE over IPsec is used Feature #10256: Add support for IPv6 to No-IP Dynamic DNS Feature #10273: OpenVPN compile with --enable-async-push Feature #10274: DNS64 support Feature #10293: DNS flag day - EDNS buffer size recommendation Feature #10301: Password confirmation when exporting encrypted backup file Feature #10321: URL/URL Table alias with IDN hostnames Feature #10323: Allow limiting NTP pool server usage count Feature #10333: Increase the number of DHCP NTP server options to three for DHCP Static Mappings Feature #10341: Exclude unsupported interfaces from DHCP Relay Feature #10348: Add localhost to NTP Interfaces Feature #10374: Add ARM32/64 network booting support to dhcpd Feature #10387: Reevaluate the GUI upgrade language presented to the user Feature #10388: Upgrade to Python 3.8 Feature #10412: DHCPv6 Statis Entries are not updated on external DDNS server Todo #8350: Remove clog in favor of standard syslogd or syslogd alternative with rotation via newsyslog or logrotate Todo #8821: Remove Growl Notifications Todo #9052: Update Font-Awesome Todo #9356: Find optimal default for net.pf.request_maxcount Todo #9360: Switch to Python 3.x Todo #9367: Update SMART Page with new capabilities Todo #9386: Deprecate built-in relayd Load Balancer Todo #9482: Remove zabbix 3.2 and 3.4 from pfSense Todo #9603: Strongswan stroke is deprecated, move to swanctl/vici Todo #9607: Update web server TLS versions for 2.5.0 Todo #9711: Add GUI options to control log rotation Todo #9712: Add code for packages to set their own log rotation parameters Todo #9713: Review log rotation behavior Todo #9714: Add page to view "other" logs Todo #9734: Re-evaluate log size, line defaults, and limits Todo #9808: status_logs_settings.php: Add GUI option for syslog format Todo #9856: Add certificate detail infoblock to CA list Todo #9897: Warn user when using incompatible ECDSA cert curves for WebGUI Todo #9903: Rename IPsec "RSA" options to more generic "Certificate" options Todo #9915: Convert OpenVPN to CAPath Todo #10135: help.php: Update links to use The pfSense Book Todo #10349: Sanitize ldapbindpass and ldap_pass Todo #10353: Update pkg to 1.13.x Todo #10423: status.php: Add kernel modules pfSense Packages - Bug #7161: pfSense-pkg-bind9 changelog pointing to non-existent location pfSense Packages - Bug #7267: Status Traffic Totals - Stacked Bar - Scale not high enough pfSense Packages - Bug #7293: dns/bind911 requires TCP_RFC7413 in kernel pfSense Packages - Bug #8830: Automatic flowbit resolution setting does not match description pfSense Packages - Bug #9135: Suricata in inline modus blocks some downloads pfSense Packages - Bug #9657: STunnel fails to generate an rc script pfSense Packages - Bug #9740: empty Status / Tinc VPN page on latest 2.5 pfSense Packages - Feature #9265: Add options to configure TIMEOUTclose and debug on stunnel package pfSense Packages - Feature #9387: Update telegraf to 1.9.3 from ports pfSense Packages - Feature #9545: Enable MULTIPATH in FRR pfSense Packages - Feature #9820: Add Zabbix 4.4 (agent and proxy) packages pfSense Packages - Feature #9974: Add pfSense package for sysutils/node_exporter pfSense Packages - Todo #9158: Updates for Squid 4.x pfSense Packages - Todo #9787: Update Mail Reports to deal with clog deprecation
Future Items for an indeterminate later release 5% 112 issues (6 closed — 106 open) Related issues Bug #1675: Captive portal logout problems with pop-up blockers. Bug #3132: Gateway events for IPv6 affect IPv4 services and vice versa Bug #4154: RADIUS authentication not working over IPv6 Bug #4406: ALTQ problems with wireless cloned interfaces Bug #4716: "DNS Resolver" lacks SOA for ".local" domain setups Bug #5367: Safari repeatedly tries to reload dashboard Bug #5786: Check WebConfigurator port for conflicts Bug #5826: Auto-exclude LAN address feature only works for the LAN interface Bug #6696: Add configure link to Status > Queues error message if traffic shaping not configured Bug #6880: Multiple DHCP6 WAN connections leads to multiple dhcp6c clients Bug #7082: pkg_edit.php - impossible to use default_value with rowhelperfield Bug #7138: Pfsense wide dhcpv6 client doesn't recognise ifid statement Bug #7195: pkg_edit.php - <checkenablefields> tag has no effect on fields other than checkbox/input Bug #7222: Encryption No Longer Enforced for Email Notifications Bug #7288: The field 'Distinguished name Organization' contains invalid characters Bug #7841: CARP Sync Issue - when no internet on standby Bug #8013: IPsec MSS clamping value shared for IPv4 and IPv6 Bug #8502: main (top) menu items do not drop down in some cases Bug #8576: pfSense stops passing traffic after some time when using Outbound NAT pool w/ Sticky Address Bug #8614: Cannot remove Additional BOOTP/DHCP Options Bug #8818: Thermal Sensor Bug #8820: System/Advanced/Misc - "Do not kill connections when schedule expires" UN-checked still leaves existing connections open. Bug #9755: package description wrong link https://www.freshports.org/security/openvpn-client-export Bug #9933: Captive Portal + Voucher not keeping auto-added "Pass-through MAC Auto Entry" Bug #10310: Systems with low RAM and several packages may temporarily fail to load large tables after an upgrade Bug #10352: RADIUS authentication fails with MSCHAPv1 or MSCHAPv2 when passwords contain international characters Feature #84: Nightly Filter Summary E-Mail Feature #96: Add "All local networks" to source and destination drop down boxen in firewall rules Feature #286: Backup/restore users individually Feature #290: Add Multi-WAN awareness to UPnP Feature #521: Group manager Assigned Permissions Feature #701: Interface groups with NAT Feature #746: Add interface group to source/dest drop downs Feature #885: Show gateway/group IPs on mouseover Feature #939: Ability to restore specific areas of configuration backup from full config backup Feature #946: Allow aliases to be used to define IPsec phase 2 networks Feature #1268: Allow mass renewing of certs Feature #1831: Captive portal IPv6 support Feature #1979: Add some default read-only system aliases Feature #2024: RRD Graphs for packages Feature #2358: NAT64 Support Feature #2386: Bridge member that is not an assigned interface Feature #2424: Allow masking of pass-thru MACs Feature #2479: Allow reordering of the traffic graphs on the dashboard Feature #2593: sync NTPD, SNMP config between HA members Feature #2668: Allow Alias network names in OpenVPN local/remote/tunnel networks Feature #2676: Reply-to option in firewall rule Feature #2965: Mac Firewalling Feature #3115: Traffic shaping for multi WAN Feature #3185: Accommodate a DHCPv6 failover-like mechanism Feature #3559: add option for backup ddns ( dynamic dns ) in restore area Feature #3652: OpenVPN - Dynamic IPv6 Tunnel Network Feature #3696: Multiple items backup/restore Feature #3697: New backup/restore area: Certificates Feature #3882: Add OUI database to the base system, remove dependency on nmap Feature #4098: Add option to force a password change on login Feature #4195: Aliases: sections Feature #4234: allow for strict user <> cn validation of mobile ipsec users when using rsa+xauth Feature #4259: Port forward NAT rules with "any" protocol Feature #4632: Support for Multipath TCP (MPTCP) Feature #4724: Captive Portal Status Add Client Hostname Feature #4881: allow dynamic IPs-nets for NPt Feature #5307: Add logarithmic scale option to RRD graphs Feature #5510: Need a simple way to enable/disable package-installed services Feature #5619: Curl with ARES support Feature #5735: Automaticaly add DHCP leases to alias list or make it readable in selected fields Feature #5835: Improve OpenVPN client gateway detection in edge cases where the remote does not send gateway information Feature #5950: DHCPv6 Server support for PD of PD-obtained networks Feature #6457: Allow ability to configure AWS EC2 AMI via userdata Feature #6728: Route53 API mod and Geolocation Feature #7077: Display negotiated cipher for NCP OpenVPN connections in Status->OpenVPN Feature #7078: Allow reordering of client specific overrides in OpenVPN Feature #7181: Add Top and Add Bottom on Seperator Feature #7182: Break up System Widget on the Dashboard Feature #7244: Publish pfsense as a Vagrant Basebox Feature #7260: Source OS / p0f Database Missing Modern Operating Systems Feature #7410: IPSEC multiple dynamic IP remote clients Feature #7416: Dhclient does not support supersede statement for option 54 Feature #7783: Support for hosting VMs on pfSense using bhyve Feature #7847: USB NIC not loading (TP-Link UE300 RTL8153) Feature #7852: Add views support to Unbound GUI Feature #8316: expiration date when creating new rules Feature #8346: Let pFSense act as an IPSec XAuth VPN Client Feature #8474: Easier Conversion to HA Pair from Existing Non-HA Firewall Feature #8511: Dynamic DNS: Cloudflare Add TTL option Feature #8694: Client CA Auth for PFSense WebGui Feature #8712: QOS on ipsec links Feature #8775: Use SRV record for LDAP Authentication Feature #8879: DHCP options ADD force options Feature #8946: Add field to show IA_PD to DHCP6 Server page Feature #9536: Support dynamic prefix in DHCPv6 Server Feature #9574: Show changelog at package upgrade Feature #9680: Seperate DHCP Server and relay per interface Feature #9717: Search box for pfsense ? Feature #9768: IPsec for site-to-site scenario where one side has dynamic ip Feature #10204: Possible clarification of Track IPv6 Interface Subnet ID Feature #10223: Add the ability to create additional loopback interfaces Feature #10250: DHCP lease view by interface Feature #10322: Force ipv4/ipv6 DNS resolution for NTP servers Todo #32: PPPoE Server users integration with user manager Todo #33: L2TP users integration with user manager Todo #204: All write_config() statements should include a reason of some sort Todo #1521: Investigate FreeBSD route metric support for future versions Todo #5902: Use a common place for default values Todo #6647: Enable Additional Security Headers Todo #6697: White squares around the numeric values in the Status / Queues page Todo #6727: Missing file apple-touch-icon-precomposed.png ? Todo #9417: Convert LDAP TLS setup from environment to LDAP_OPT_X_TLS_* set options