2.6.0 open Next release 97% 284 issues (258 closed — 26 open) Related issues Bug #4893: Error loading rules when URL Table Ports content is empty Actions Bug #6275: Disconnected IPsec phase 2 entries are not shown in IPsec status Actions Bug #6507: GRE and GIF tunnels on dynamic IPv6 interface are not brought up during boot Actions Bug #7547: Static routes using aliases are not automatically updated when alias content changes Actions Bug #7801: UDP fragments received over IPsec tunnel are not properly reassembled and forwarded Actions Bug #8390: Input validation does not prevent removing a gateway used by a DNS server Actions Bug #9058: Kernel panic during L2TP retransmit Actions Bug #9277: MBT-4220/2220: pfSense hangs when running sysctl -a Actions Bug #10304: ``radvd`` only responds to the first Router Solicitation received after each multicast Router Advertisement Actions Bug #10662: Restoring from AutoConfigBackup presents reboot type selection option then reboots automatically Actions Bug #10706: Kernel route table entries are removed if they match disabled static route entries Actions Bug #10955: XMLRPC sync results in an error when a failover peer IP address is specified in DHCP server settings for an unconfigured interface Actions Bug #11290: Package ``<plugins>`` and ``<tabs>`` content missing from configuration in some cases Actions Bug #11337: Interface column empty in list of GIF tunnels when using IP Alias on CARP VIP as Interface Actions Bug #11552: Incorrect phase 2 entry removed when deleting multiple items consecutively Actions Bug #11581: Cannot configure WAN IP address with ``/32`` CIDR mask via console menu Actions Bug #11599: Modifying static routes results in a logged error, changes are not reflected in routing table Actions Bug #11653: Duplicate ``comconsole_port`` lines in ``/boot/loader.conf`` Actions Bug #11662: QinQ using OpenVPN ``ovpn`` interface as a parent is not configured at boot time Actions Bug #11675: VLAN and QinQ edit pages allows selecting incompatible OpenVPN ``tun`` interfaces Actions Bug #11701: Missing global ``$g`` declaration in ``config.lib.inc`` function ``pfSense_clear_globals()`` Actions Bug #11727: Cannot enter persistent CARP maintenance mode when CARP is disabled Actions Bug #11734: NAT rule overlap detection is inconsistent Actions Bug #11816: RFC 2136 Dynamic DNS client uses IPv6 alias VIP instead of Track IPv6 address for AAAA records Actions Bug #11818: Mixed use of aliases in a port range produces unloadable ruleset Actions Bug #11829: OpenVPN client certificate validation with OCSP always fails Actions Bug #11831: Certificate Revocation tab does not list active users of CRL entries Actions Bug #11846: Logging configuration added by a package is not removed on uninstall Actions Bug #11863: Unable to create nested URL aliases Actions Bug #11891: strongSwan configuration contains incorrect structure for mobile pool DNS records Actions Bug #11894: Vouchers may expire too early when using RAM disks Actions Bug #11902: Incorrect variable substitution in captive portal error page Actions Bug #11905: DHCPv4 server configuration does not include ARM TFTP filenames Actions Bug #11909: Output from reboot process is printed on Backup & Restore page when restoring a configuration file Actions Bug #11922: Certificate manager reports CA as in use by an LDAP server when LDAP is not configured for TLS Actions Bug #11926: Advanced DHCP client configuration "Protocol timing" help text is in the wrong location Actions Bug #11951: IPsec status fails when many tunnels are connected Actions Bug #11959: PPP interfaces lose the description field in ``ifconfig`` output when restarted Actions Bug #11969: PHP error if no DHCPv6 Relay interfaces are selected Actions Bug #11999: OpenVPN IPv6 tunnel network is not validated properly Actions Bug #12000: Remote log server input validation allows invalid values Actions Bug #12001: System attempts to stop inactive services at shutdown Actions Bug #12002: Boot messages contain entries about configuring LAGG/VLAN/QinQ interfaces even when no entries of those types are configured Actions Bug #12007: Dynamic DNS cache expiration time check calculation method may cause update to happen on the wrong day Actions Bug #12020: OpenVPN RADIUS-based firewall rules use incorrect port ranges Actions Bug #12022: Incorrect OpenVPN Client Export help link Actions Bug #12023: Mobile IPsec NAT/BINAT entries missing from firewall rules Actions Bug #12026: Applying IPsec settings for many tunnels is slow or times out Actions Bug #12034: Certificate Manager performs redundant escaping of special characters in certificate DN fields Actions Bug #12038: System attempts to start inactive services at boot Actions Bug #12039: Gateway alarm always triggers IPsec restart Actions Bug #12041: Certificate Manager shows incorrect DN for imported entries with UTF-8 encoding Actions Bug #12049: Input validation incorrectly rejects a second IPv4-only GRE tunnel Actions Bug #12050: "GoTo line #" function does not work on ``diag_edit.php`` Actions Bug #12072: FQDN L2TP server address is only resolved at boot Actions Bug #12075: Changes to an existing IPsec configuration are not applied on HA secondary after XMLRPC sync Actions Bug #12076: OpenVPN RADIUS-based firewall rules do not use expected value for RADIUS-assigned IP addresses Actions Bug #12102: Prevent using OpenVPN "Exit Notify" option with point-to-point modes Actions Bug #12107: Notifications page cannot be saved without configuring or disabling SMTP Actions Bug #12124: Creating or editing aliases fails with multiple hosts separated by spaces Actions Bug #12134: Typo in crash reporter page Actions Bug #12138: Clicking "logout" on portal page does not function when logout popup is disabled Actions Bug #12151: ``easyrule`` script does not function properly Actions Bug #12155: Tunnels with conflicting REQID values can lead to multiple identical Child SA entries Actions Bug #12159: "Default preferred lifetime" router advertisement validation check uses incorrect variable Actions Bug #12164: IPv6 policy routing does not work if an IPsec tunnel phase 2 remote network is configured for ``::/0`` Actions Bug #12168: 1:1 NAT rule with internal IP address of "Any" results in an invalid firewall rule Actions Bug #12170: Interface assignment mismatch is not detected if VLAN-only parent interface is removed Actions Bug #12173: IPv6 RA DNSSL lifetime is too short, not compliant with RFC 8106 Actions Bug #12174: Firewall rule tabs load slowly when many rules on the tab utilize gateways Actions Bug #12177: When attempting to delete an in-use alias, input validation only prints the first item using the alias in the error message Actions Bug #12189: IPsec status shows connect buttons while tunnel is connecting Actions Bug #12192: OpenVPN does not clean up previous CA and CRL files Actions Bug #12195: IPsec writes CRL files when tunnel does not use certificates Actions Bug #12196: IPsec settings fail to apply when a remote gateway is set to an FQDN and there are no DNS servers available Actions Bug #12197: Mobile IPsec phase 1 should not display "Gateway duplicates" option Actions Bug #12198: Disabling an IPsec phase 1 entry does not disable related phase 2 entries Actions Bug #12202: When a CARP VIP VHID change is synchronized to a secondary node, the CARP VIP is removed from the interface and the old VHIDs remain active Actions Bug #12212: Disabled IPsec VTI interfaces are always created Actions Bug #12216: ARM 32/64 network boot options are not parsed on Static DHCP Mapping page Actions Bug #12219: Prevent using OpenVPN "Inactive" option with point-to-point modes Actions Bug #12223: Configuration files are not deleted after disabling an OpenVPN instance Actions Bug #12224: OpenVPN page allows to delete/disable instance with an assigned interface Actions Bug #12227: Changing VHID on CARP VIP does not update VHID of related IP Alias VIPs Actions Bug #12232: OpenVPN status incorrect for TAP servers without a defined tunnel network Actions Bug #12236: IPsec bypass rules display help text under each entry Actions Bug #12238: OpenVPN client connect/disconnect scripts are not used in Remote Access (SSL/TLS) mode Actions Bug #12241: System Information widget unnecessarily polls data for hidden items Actions Bug #12247: Viewing an AutoConfigBackup entry takes approximately 60 seconds to completely load Actions Bug #12252: IPv6 DNS servers from dynamic sources are not listed on ``status_interfaces.php`` Actions Bug #12253: IPv6 gateway for an interface is not shown on ``status_interfaces.php`` if the interface does not also have an IPv4 gateway Actions Bug #12256: Sanitize WireGuard private and pre-shared keys in status output Actions Bug #12262: IPsec phase 1 entry with ``0.0.0.0`` as its remote gateway does not receive correct automatic firewall rules Actions Bug #12272: Duplicating a Port Forward does not copy "Filter Rule Association" values of "None" or "Pass" Actions Bug #12274: Unbound fails to start if its configuration references a python script which does not exist Actions Bug #12277: DHCPv6 Server should not offer configuration options for unsupported PPPoE Server interfaces Actions Bug #12280: Default IPv6 router advertisement intervals and lifetime are too low Actions Bug #12282: Default IPv4 gateway may be set to IPv6 gateway value in certain cases Actions Bug #12298: IPsec manual initiation and termination should use a timeout value or forced actions Actions Bug #12307: Update cURL to address vulnerabilities in 7.76.1 in CE Actions Bug #12315: IPsec tunnels using a gateway group do not get reloaded in some cases Actions Bug #12319: NAT reflection does not work for IPv6 port forwarding rules when configured for NAT+Proxy mode Actions Bug #12323: IPsec Phase 2 entry incorrectly orders proposals in AH mode Actions Bug #12328: IPsec VTI interface remote endpoint is not resolved the correct way Actions Bug #12331: Yandex Dynamic DNS client does not set the ``PddToken`` value Actions Bug #12347: IPsec widget treats phase 1 in "connecting" state as connected Actions Bug #12350: Incorrect label for IPsec DH group 32 Actions Bug #12352: Update Dynamic DNS code for one.com to use their new login process Actions Bug #12355: Captive Portal database and ``ipfw`` rules are out of sync after unclean shutdown Actions Bug #12356: Validation when deleting a VIP does not check if the VIP is used by IPsec phase 1 entries Actions Bug #12361: NAT rule overlap detection does not check special networks Actions Bug #12362: Validation when deleting a VIP does not prevent deleting a CARP VIP used as a parent for an IP Aliases VIP Actions Bug #12366: Rotation settings for individual log files do not take effect after saving Actions Bug #12368: Disk widget alignment issue when only two items are in the list Actions Bug #12371: Remove subnet overlap check on LAN interfaces when using 6rd Actions Bug #12383: Typos in interfaces_assign.php configuration change description strings Actions Bug #12388: Captive Portal input validation for "After authentication Redirection URL" and "Blocked MAC address redirect URL" is swapped Actions Bug #12389: Help text for RAM disk settings does not mention Captive Portal data Actions Bug #12391: Uninitialized config variable in ```interface_assign.php``` Actions Bug #12408: Input validation prevents creating 1:1 NAT rules on OpenVPN Actions Bug #12410: 1:1 NAT edit page lists incorrect entries in the Destination field Actions Bug #12419: Console boot output includes ``Configuring IPsec VTI interfaces`` when no VTI interfaces are configured Actions Bug #12435: "6RD Prefix" field does not have input validation Actions Bug #12439: "Default preferred lifetime" field for IPv6 RA does not have input validation Actions Bug #12448: Set OpenVPN Gateway Creation value to "Both" by default for new instances Actions Bug #12452: Port forward rules are not created for special networks (pppoe, openvpn) Actions Bug #12455: Captive Portal online user statistics data is not cleared on unclean shutdown Actions Bug #12460: Unbound falls back to using all outgoing network interfaces if manually selected outgoing interface(s) are unavailable Actions Bug #12470: Thermal Sensors Dashboard widget filter for negative values refers to invalid variable Actions Bug #12472: IPsec Keep Alive does not work correctly with gateway groups in HA Actions Bug #12481: Temporary files for firewall rules generated from RADIUS ACL entries are not deleted on unclean shutdown Actions Bug #12498: Input validation error can unintentionally result in removal of PPP type interface settings Actions Bug #12500: Automatic outbound NAT for reflection does not support IPv6 Actions Bug #12503: Unable to delete limiter referenced in filter rules Actions Bug #12514: Trying to delete an assigned PPPoE interface fails without printing an error message Actions Bug #12515: Missing input validation check for 6RD Tunnel IPv6 Configuration Type setup Actions Bug #12529: Interface group name starting with a digit creates invalid XML for rule separators Actions Bug #12548: Kernel panic in ``nd6_dad_timer()`` Actions Bug #12554: Route overlap input validation does not work properly Actions Bug #12566: IPsec initiates on HA backup node when a tunnel interface is set to a gateway group Actions Bug #12572: Log entries from ``acbupload.php`` are missing the upload URL Actions Bug #12575: IPsec Mobile Client RADIUS Advanced parameters are not reset to default values when disabled Actions Bug #12584: ``rc.carpmaster`` only sends notifications via SMTP Actions Bug #12585: ``rc.notify_message`` only sends notifications via SMTP Actions Bug #12588: Automatic rule tracker IDs incorrect after multiple filter reloads Actions Bug #12589: Dynamic DNS updates do not respect certificate authority trust store Actions Bug #12604: IPv6 interface prefix change not reflected in RADVD configuration Actions Bug #12614: Pushover notifications fail Actions Bug #12626: Router Advertisement DNS search domain from one interface may unintentionally be used by other interfaces Actions Bug #12635: PHP: Error generated when backing up a config file with SSH disabled Actions Bug #12637: Incorrect SSH key permission after restore Actions Bug #12654: Nat issue after 20211220 version Actions Bug #12686: Incorrect copyright year Actions Bug #12694: PHP error when clicking Delete on Outbound NAT with no rules selected Actions Bug #12713: PHP error on ``pkg_mgr_install.php`` when multiple instances are running Actions Feature #2668: Support aliases in OpenVPN local/remote/tunnel network fields Actions Feature #4769: IPv6 support in the Traffic Shaper Wizard Actions Feature #7416: DHCPv4 client does not support ``supersede`` statement for option 54 Actions Feature #7749: Support ``0`` CIDR mask for IGMP Proxy networks Actions Feature #9092: Option to set interval of forced Dynamic DNS updates Actions Feature #9297: Graph for hardware temperature readings Actions Feature #9341: Support DNS Made Easy authentication without a username Actions Feature #9439: Poll Interval For GPS and PPS Actions Feature #9877: QEMU Guest Agent Actions Feature #10587: UPnP/NAT-PMP STUN configuration options Actions Feature #11118: Backup and restore SSH host key(s) Actions Feature #11439: IPv6 support in ``easyrule`` CLI script Actions Feature #11496: Support for NTP Peer mode Actions Feature #11659: Support for UEFI HTTP Boot option in DHCPv4 Server Actions Feature #11750: Support for network interfaces using the ``qlnxe`` driver Actions Feature #11865: Option to validate OpenVPN peer TLS certificate key usage Actions Feature #11895: Require user to manually apply changes after altering static route entries Actions Feature #11935: Log external IP address of OpenVPN clients on connect and disconnect Actions Feature #11957: XMLRPC synchronization for DHCP relay settings Actions Feature #11978: New Dynamic DNS Provider: Strato Actions Feature #12011: Disable log compression on new installations when ``/var/log`` is a ZFS dataset with compression enabled Actions Feature #12035: Input validation to prevent unsupported UTF-8 characters from being used in certificate subject components Actions Feature #12086: New Dynamic DNS Provider: deSEC Actions Feature #12094: Suppress kernel messages for ``lo0`` configuration during boot Actions Feature #12109: Option to suppress expiration notifications for revoked certificates Actions Feature #12116: Support DNS server gateway selection on ``system.php`` for multiple gateways not assigned to interfaces Actions Feature #12118: Create a log entry when a configuration change occurs Actions Feature #12169: IPsec keep alive option to initiate phase 2 without using ICMP Actions Feature #12181: Add connect/disconnect buttons to IPsec dashboard widget Actions Feature #12184: GUI options to configure IKE retransmission behavior Actions Feature #12194: Support Check IP services which return bare IP address values Actions Feature #12213: Support SHA-256 hash NTP authentication Actions Feature #12222: OpenVPN with LDAP active directory auth with Two factor authentication Actions Feature #12226: Copy button for group entries in the User Manager Actions Feature #12269: Include firewall rules from packages which failed to load in status output Actions Feature #12290: Add ``librdkafka`` package to the pfSense package repository Actions Feature #12291: Support for Slack notifications Actions Feature #12316: Include firewall rules generated from OpenVPN RADIUS ACL entries in status output Actions Feature #12318: Display default "Reflection Timeout" value on ``system_advanced_firewall.php`` Actions Feature #12321: Pop-up window to view firewall rules generated from RADIUS ACL entries on the OpenVPN status page Actions Feature #12325: IPv6 support for base system SNMP service Actions Feature #12342: Dynamic DNS client proxy support Actions Feature #12349: Disks dashboard widget to replace Disk Usage section of System Information widget Actions Feature #12397: Distinguish between policy-based and route-based entries on IPsec status SPD tab Actions Feature #12416: Support OpenVPN ``client-kill`` to terminate remote clients instead of clearing their session Actions Feature #12433: Icon for traffic direction on floating rules tab Actions Feature #12438: Option to select PPPoE Server authentication protocol Actions Feature #12441: Send notification for halt, reboot, and reroot events Actions Feature #12480: Wake on LAN button to wake all devices Actions Feature #12499: Allow Chelsio T6 CXGBE (``cc``) drivers to be used for ALTQ traffic shaping Actions Feature #12518: Restore RRD and extra data from configuration backups when restoring during installation Actions Feature #12555: Change Gateway/Group name in firewall rule list to clickable link to edit page for the entry Actions Todo #10298: Use SHA-512 for user password hashes Actions Todo #11507: Update font formats to WOFF2 Actions Todo #11933: PC/SC Smart Card Daemon ``pcscd`` running on all devices at all times, should be optional Actions Todo #11976: Compliance with pfSense style guide in Dynamic DNS service code Actions Todo #11983: Hide "Reboot and run a filesystem check" for ZFS systems Actions Todo #11985: Ensure ``/usr/local/sbin/`` scripts use full path to executable files Actions Todo #12012: Improve log settings help text for file size, compression, and retention count Actions Todo #12044: Improve IPsec identifier settings Actions Todo #12051: XMLRPC client improvements Actions Todo #12060: Remove deprecated ``libzmq`` code and references Actions Todo #12145: Convert RAM disks to ``tmpfs`` Actions Todo #12171: Upgrade to ``pkg`` 1.17.x Actions Todo #12218: Move "Description" option on OpenVPN server and client pages to top of the page, show internal instance ID Actions Todo #12235: ``pfSense-upgrade`` should reinstall all packages on new version upgrades Actions Todo #12289: Update "IPsec Filter Mode" option values and help text to reflect that VTI mode also helps transport mode (e.g. GRE) Actions Todo #12296: Explicitly state where AutoConfigBackup stores encrypted backup data Actions Todo #12299: Update default ``config.xml`` Actions Todo #12314: Convert help shortcut links to server-side redirects Actions Todo #12406: Remove unused functions Actions Todo #12430: Add IPsec phase 2 BINAT subnet size input validation Actions Todo #12449: Update "DNS Server Override" and "DNS Query Forwarding" help text Actions Todo #12454: Suppress kernel messages when loading ``dummynet`` and thermal sensor modules Actions Todo #12501: Traffic shaper wizard default bandwidth type should be Mbit/s Actions Todo #12511: Add note in log settings that disabling logging also disables ``sshguard`` login protection Actions pfSense Packages - Bug #11173: Status>Monitoring parameters are hidden by the interactive graph Actions pfSense Packages - Bug #12074: Freeradius: Additional Information field descriptions swapped Actions pfSense Packages - Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset Actions pfSense Packages - Todo #12456: Remove zabbix 5.2 packages Actions
2.7.0 open Future pfSense CE software release 8% 12 issues (1 closed — 11 open) Related issues Bug #12105: Packages are not automatically reinstalled when restoring configuration using the installer Actions Bug #12632: Assigning a /30 WAN IP address at the console does not save the gateway correctly Actions Bug #12721: Change get_gwgroup_members to include interface in link-local IPv6 addresses Actions Bug #12723: Disallow 0.0.0.0 as a VTI remote gateway Actions Bug #12727: Alias names used within static route and openvpn configuration are not updated when the alias is renamed. Actions Bug #12728: Cannot remove IPv6 static routes Actions Bug #12735: Interface status "Total Interrupts" display is non-functional Actions Bug #12737: CApath is not defined by default in curl Actions Feature #12675: Keep command line history as a config option Actions Feature #12741: Eliminate duplicate shell commands from history file Actions Todo #12093: Make AutoConfigBackup menu entry point to the settings tab so it loads faster when there is no WAN connectivity Actions
pfSense Plus - 22.01 open Release targeted for January 2022 100% 1 issue (1 closed — 0 open) Related issues pfSense Plus - Bug #11466: PHP exits with signal 11 on SG-3100 when calling PCRE functions Actions
pfSense Plus - 22.05 open Release targeted for May 2022 0% 1 issue (0 closed — 1 open) Related issues pfSense Plus - Bug #11626: Google LDAP connection failed due to lack of SNI for TLS 1.3 Actions
CE-Next open The next release of pfSense software (CE) 10% 109 issues (1 closed — 108 open) Related issues Bug #1819: DNS Resolver Not Registering DHCP Server Specified Domain Name Actions Bug #5413: Incorrect Handling of Unbound Resolver [service restarts, cache loss, DNS service interruption] Actions Bug #6333: Bootup starts/restarts dpinger multiple times Actions Bug #6880: Multiple DHCP6 WAN connections leads to multiple dhcp6c clients Actions Bug #7389: Limiter does not work with transparent proxy Actions Bug #8013: IPsec MSS clamping value shared for IPv4 and IPv6 Actions Bug #8100: pfsync Initially Deletes States on Primary for Connections Established through Secondary Actions Bug #8192: dpinger - Change in ISP link-local IPv6 address drops connectivity Actions Bug #8263: Cannot create a nonlinear `Link Share` service curve because of: "the sum of the child bandwidth higher than parent" Actions Bug #8611: unable to receive IPv6 RA's on SG-1000, default route lost Actions Bug #8815: IP addresses are removed from interfaces when link is lost and either IPv4 or IPv6 is dynamic Actions Bug #8964: IPsec async cryptography advanced setting - TCP traffic not passing through Actions Bug #9136: IPv6 Tracking Interfaces Lose IPv6 Address in Certain Cases Actions Bug #9296: Rule / Alias FQDN-Resolution broken Actions Bug #9349: IPSec service start/stop/restart fails after settings change Actions Bug #9384: devd putting "$" before variable contents when using single quotes Actions Bug #9887: Rule separator positions change when deleting multiple rules Actions Bug #10513: State issues with policy routing and HA failover Actions Bug #10530: Convert config version to be based on product version Actions Bug #10690: Not possible to make UFS install on ZFS formatted drive Actions Bug #10708: ZFS bootpool boot symlink issue Actions Bug #10875: PPP periodic reset does not fully restore gateway group round-robin functionality Actions Bug #10892: Large number of VLAN/LANs make floating rules are to read Actions Bug #11091: Interfaces set as disabled in the configuration have an UP status in the operating system at boot Actions Bug #11110: Backup file should be checked before restoring a specific area Actions Bug #11226: IPSec VTI P2 traffic selectors default to address when defined as a network. Actions Bug #11296: Static route targets may still reachable via default route when the gateway they should route through is down Actions Bug #11335: Spoofing the MAC on a LAGG interface does not work for some NIC types. Actions Bug #11416: OpenVPN IPv4 Tunnel Network check Actions Bug #11429: System Log / Settings form activates "Reset Log Files" button on enter Actions Bug #11430: PHP console spam after Assigning Interfaces Actions Bug #11503: Using multiple authentication backends on an OpenVPN server fails Actions Bug #11539: Mobile IPsec "split_include" value of 0.0.0.0/0 causes some clients to fail Actions Bug #11541: OpenVPN status does not work properly when set to TCP and Concurrent Connections = 1 Actions Bug #11548: "rule expands to no valid combination" error from port forward automatic rule mixing IPv4 and IPv6 elements Actions Bug #11692: PPPoE IPv6 gateway set as default even when IPv6 default gateway is set to "None" Actions Bug #11764: IPv6 link local gateway default status not indicated in GUI Actions Bug #11864: OpenVPN stays bound to previous IP after its inteface changes Actions Bug #11877: Labels and description dissapear in firewall_schedule_edit.php Actions Bug #11941: Many exec() functions don't use full path to executable files Actions Bug #11984: Automatic Outbound NAT mode can create incorrect rules in some cases Actions Bug #12003: Pie and fq_pie in /etc/inc/shaper.inc doesn't handle floating point numbers and is applying invalid settings to the pie aqm and scheduler. It is also missing many of the pie settings. Actions Bug #12079: IGMPProxy: kernel panic, Sleeping thread owns a non-sleepable lock Actions Bug #12095: Memory leak in pcscd Actions Bug #12141: Lack of DNS or Internet connectivity causes GUI to be slow Actions Bug #12225: Group membership field is not needed for remote groups Actions Bug #12332: OpenVPN does not clear old Cisco-AVPair anchor rules in some cases Actions Bug #12335: IPsec DNS inefficiency Actions Bug #12357: Captive Portal popup Logout button loads full login page in popup when clicked Actions Bug #12385: deleteVIP() does not check 1:1 NAT and Outbound NAT rules Actions Bug #12440: zero-value prefix IPv6 addresses are mishandled. Actions Bug #12464: Syslog Auth messages are sent as Emergency Level Actions Bug #12527: DHCPv6 configuration doesn't detect errors on not configured interface Actions Bug #12536: Default gateway as "NONE" Actions Bug #12590: DDNS custom IPv6 service fails on 6rd tunnel Actions Bug #12609: IGMP Proxy server is restarted at every rc.newwanip event Actions Bug #12610: Dynamic DNS services are restarted at every rc.newwanip event, regardless of whether the IP is changed or not Actions Bug #12611: SNMP daemon is restarted at every rc.newwanip event Actions Bug #12612: DNS Resolver is restarted at every rc.newwanip event Actions Bug #12621: Fix rare case where /getstats.php might be called without valid post data. Actions Bug #12628: openvpn_resync_all() executes openvpn_resync_csc_all() even if affected interface not found / IP address not changed Actions Bug #12633: Gateway monitoring should mark gateway as "offline" on PPPoE parent interface disconnect Actions Bug #12645: filterdns does not monitor IPv6 address change of the remote IPsec gateway Actions Bug #12651: nginx bind error on captive portal restart Actions Bug #12672: DynDNS GLeSYS respons Actions Bug #12673: Firewall Logs Widget fails to update at intervals below 5 seconds. Actions Bug #12678: Applying firewall rules changes does not clear Aliases subsystem dirty flag Actions Bug #12680: Typo in the warning text Actions Bug #12691: Allow to load encrypted config.xml during install Actions Bug #12703: pf ``hostid`` value is handled inconsistently Actions Bug #12710: Disabling dhcpd rrd stats doesn't work Actions Bug #12715: Long system startup time when LDAP is configured and unavailable during startup. Actions Feature #855: More flexible options for state killing based on WAN status Actions Feature #2386: Bridge member that is not an assigned interface Actions Feature #4405: Traffic shaping doesn't work when applied to a bridge interface Actions Feature #4881: allow dynamic IPs-nets for NPt Actions Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port. Actions Feature #8794: NTP authentiction Actions Feature #8861: Show more detail on status_interfaces.php Actions Feature #9393: Better Support for Removable/Hot Plug Interfaces Actions Feature #11440: Expand collapsed sections by clicking anywhere on header Actions Feature #11589: Fix iftop experimental traffic fetcher, unify and improve output style Actions Feature #12077: Allow stick-connections per gateway group Actions Feature #12092: Utilize new ``pfctl`` ability to kill states by label Actions Feature #12121: Wider "local network(s)" fields in OpenVPN server configuration Actions Feature #12267: OpenVPN option to limit concurrent connections per user Actions Feature #12392: Allow the selection of "any" interface in floating rules. Actions Feature #12407: Use deferred client connections in OpenVPN Actions Feature #12494: DynDNS: make simultaneous update of IP and LegacyIP possible Actions Feature #12495: DynDNS: add deSEC IPv4&v6 simultaneos update Actions Feature #12553: Auto Config Backup: Allow selecting multiple backups for deletion Actions Feature #12616: Allow filtering Diag > States by ruleid Actions Feature #12636: Automatically create DNS Resolver ACLs for OpenVPN CSO entries Actions Feature #12702: GUI option for custom host ID in state synchronization settings Actions Feature #12714: Show ``Inactive`` for Hardware Crypto output instead of empty field on System Information dashboard widget when nothing can be accelerated Actions Feature #12724: Auto Config Backup should notify user on any backup failure Actions Todo #10464: Disallow package updates when a system update is available Actions Todo #12047: Make sure libnv fixes are on devel-12 branch Actions Todo #12367: ZFS: Do not show memstick disk on target list Actions Todo #12431: GUI pages should use ``POST`` for AJAX calls, not ``GET`` Actions Todo #12556: Comply to current standards when encrypting config files for online upload Actions Todo #12601: Optimize fw rules load on boot Actions Todo #12624: Reorganize UPnP options Actions Todo #12701: Reorganize CARP status page Actions Documentation #12535: Negate Rules function does not match the description Actions
Future open Items for an indeterminate later release 5% 124 issues (6 closed — 118 open) Related issues Bug #1675: Captive portal logout problems with pop-up blockers. Actions Bug #3132: Gateway events for IPv6 affect IPv4 services and vice versa Actions Bug #4154: RADIUS authentication not working over IPv6 Actions Bug #4406: ALTQ problems with wireless cloned interfaces Actions Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel Actions Bug #4716: "DNS Resolver" lacks SOA for ".local" domain setups Actions Bug #5367: Safari repeatedly tries to reload dashboard Actions Bug #5786: Check WebConfigurator port for conflicts Actions Bug #6167: IPsec IPComp not working Actions Bug #6186: race conditions in service startup Actions Bug #6696: Add configure link to Status > Queues error message if traffic shaping not configured Actions Bug #7082: pkg_edit.php - impossible to use default_value with rowhelperfield Actions Bug #7138: Pfsense wide dhcpv6 client doesn't recognise ifid statement Actions Bug #7195: pkg_edit.php - <checkenablefields> tag has no effect on fields other than checkbox/input Actions Bug #7222: Encryption No Longer Enforced for Email Notifications Actions Bug #7288: The field 'Distinguished name Organization' contains invalid characters Actions Bug #7841: CARP Sync Issue - when no internet on standby Actions Bug #8179: Incorrect reverse DNS zone in DHCP server config for non-octet-aligned subnet mask Actions Bug #8502: main (top) menu items do not drop down in some cases Actions Bug #8614: Cannot remove Additional BOOTP/DHCP Options Actions Bug #8818: Thermal Sensor Actions Bug #8820: System/Advanced/Misc - "Do not kill connections when schedule expires" UN-checked still leaves existing connections open. Actions Bug #9344: OpenVPN click NCP Algorithms will always go to DH Parameters website(in Chinese-Taiwan) Actions Bug #9353: PHPSession errors from limited access to dashboard and widgets Actions Bug #9755: package description wrong link https://www.freshports.org/security/openvpn-client-export Actions Bug #10310: Systems with low RAM and several packages may temporarily fail to load large tables after an upgrade Actions Bug #10352: RADIUS authentication fails with MSCHAPv1 or MSCHAPv2 when passwords contain international characters Actions Bug #11093: ral(4) driver non-functional in arm64 Actions Bug #11352: CTF types > 2^15 in the pfSense kernel config results in DTrace failing Actions Bug #11418: 'NAT-T: Force' is broken for IPv6 IPsec Actions Bug #11473: System Activity shows invalid data on SG-3100 Actions Bug #12013: Reading log data is inefficient in certain cases Actions Feature #84: Nightly Filter Summary E-Mail Actions Feature #96: Add "All local networks" to source and destination drop down boxen in firewall rules Actions Feature #286: Backup/restore users individually Actions Feature #290: Add Multi-WAN awareness to UPnP Actions Feature #521: Group manager Assigned Permissions Actions Feature #701: Interface groups with NAT Actions Feature #746: Add interface group to source/dest drop downs Actions Feature #946: Allow aliases to be used to define IPsec phase 2 networks Actions Feature #1257: Handle encypted CA/Certificate private keys Actions Feature #1268: Allow mass renewing of certs Actions Feature #1337: VLANs with different MAC address than parent interface Actions Feature #1831: Captive portal IPv6 support Actions Feature #1979: Add some default read-only system aliases Actions Feature #2024: RRD Graphs for packages Actions Feature #2358: NAT64 Support Actions Feature #2479: Allow reordering of the traffic graphs on the dashboard Actions Feature #2593: sync NTPD, SNMP config between HA members Actions Feature #2676: Reply-to option in firewall rule Actions Feature #2965: Mac Firewalling Actions Feature #3115: Traffic shaping for multi WAN Actions Feature #3185: Accommodate a DHCPv6 failover-like mechanism Actions Feature #3377: OAuth2 authentication in captive portal Actions Feature #3652: OpenVPN - Dynamic IPv6 Tunnel Network Actions Feature #3696: Multiple items backup/restore Actions Feature #3697: New backup/restore area: Certificates Actions Feature #3882: Add OUI database to the base system, remove dependency on nmap Actions Feature #4098: Add option to force a password change on login Actions Feature #4195: Aliases: sections Actions Feature #4234: allow for strict user <> cn validation of mobile ipsec users when using rsa+xauth Actions Feature #4259: Port forward NAT rules with "any" protocol Actions Feature #4632: Support for Multipath TCP (MPTCP) Actions Feature #4724: Captive Portal Status Add Client Hostname Actions Feature #4776: Add 802.1x dynamic vlan support Actions Feature #5307: Add logarithmic scale option to RRD graphs Actions Feature #5510: Need a simple way to enable/disable package-installed services Actions Feature #5619: Curl with ARES support Actions Feature #5735: Automaticaly add DHCP leases to alias list or make it readable in selected fields Actions Feature #5835: Improve OpenVPN client gateway detection in edge cases where the remote does not send gateway information Actions Feature #5950: DHCPv6 Server support for PD of PD-obtained networks Actions Feature #6457: Allow ability to configure AWS EC2 AMI via userdata Actions Feature #6728: Route53 API mod and Geolocation Actions Feature #6742: OAuth2 authentication for OpenVPN (and for FreeRadius) Actions Feature #6960: Consider replacing ISC DHCP server with KEA DHCP Actions Feature #7078: Allow reordering of client specific overrides in OpenVPN Actions Feature #7181: Add Top and Add Bottom on Seperator Actions Feature #7182: Break up System Widget on the Dashboard Actions Feature #7244: Publish pfsense as a Vagrant Basebox Actions Feature #7260: Source OS / p0f Database Missing Modern Operating Systems Actions Feature #7783: Support for hosting VMs on pfSense using bhyve Actions Feature #7847: USB NIC not loading (TP-Link UE300 RTL8153) Actions Feature #7852: Add views support to Unbound GUI Actions Feature #8316: expiration date when creating new rules Actions Feature #8346: Let pFSense act as an IPSec XAuth VPN Client Actions Feature #8474: Easier Conversion to HA Pair from Existing Non-HA Firewall Actions Feature #8694: Client CA Auth for PFSense WebGui Actions Feature #8712: QOS on ipsec links Actions Feature #8775: Use SRV record for LDAP Authentication Actions Feature #8879: DHCP options ADD force options Actions Feature #9536: Support dynamic prefix in DHCPv6 Server Actions Feature #9544: Enable RADIX_MPATH Actions Feature #9574: Show changelog at package upgrade Actions Feature #9680: Seperate DHCP Server and relay per interface Actions Feature #9717: Search box for pfsense ? Actions Feature #9718: Make diag_states_summary table sortable Actions Feature #9942: Give pfSense the possibility to change the keyboard Layout for console users Actions Feature #10204: Possible clarification of Track IPv6 Interface Subnet ID Actions Feature #10223: Add the ability to create additional loopback interfaces Actions Feature #10250: DHCP lease view by interface Actions Feature #10404: Consider using chrony for NTP services Actions Feature #10467: Email alert functionality for system health Actions Feature #10987: Add support for secure boot Actions Feature #11056: Add option to disable flow-control on interfaces in GUI Actions Feature #11270: Consider integrating Nebula mesh VPN Actions Feature #11302: WireGuard XMLRPC sync Actions Feature #11324: Separate syslog "Remote log servers" Parameters Actions Feature #11369: add Enabling IPv6 Source Address Validation support Actions Feature #11498: WireGuard does not pass multicast traffic to peer Actions Feature #11588: Automatically suggest next IP address in Wireguard interface subnet when creating a peer Actions Feature #11604: WireGuard Dynamic Listen Port Randomization Actions Feature #11921: Feature Request: Compile unbound with EDNS Client Subnet (ECS) module (--enable-subnet) Actions Feature #12521: Add the BBR2, QUIC, RACK Congestion Control (CC) protocols Actions Feature #12564: add column to show that an Alias is in use by or not Actions Todo #32: PPPoE Server users integration with user manager Actions Todo #33: L2TP users integration with user manager Actions Todo #1521: Investigate FreeBSD route metric support for future versions Actions Todo #5902: Use a common place for default values Actions Todo #6647: Enable Additional Security Headers Actions Todo #6697: White squares around the numeric values in the Status / Queues page Actions Todo #6727: Missing file apple-touch-icon-precomposed.png ? Actions Todo #11280: Add WireGuard to ALTQ list Actions Todo #12025: Add 1:1 Validation to Notify Someone They are 1:1 NAT'ing an Interface Address Actions
pfSense Packages - Future open Scheduled for an unspecified future version, typically not the next one 0% 5 issues (0 closed — 5 open) Related issues pfSense Packages - Bug #7267: Status Traffic Totals - Stacked Bar - Scale not high enough Actions pfSense Packages - Bug #10791: Valid (vlan)interfaces do not get vif reporting "Invalid phyint address" Actions pfSense Packages - Feature #11178: Filer do not ask what to do with previous filename Actions pfSense Packages - Feature #11798: HA Sync for FRR config Actions pfSense Packages - Feature #12358: IP List Copy/Import/Export Actions
pfSense Plus - Plus-Next open The next release of pfSense Plus software 0% 1 issue (0 closed — 1 open) Related issues Bug #12249: HAProxy causing failed ACB backups Actions