Activity

From 01/25/2026 to 02/23/2026

Today

08:05 AM pfSense Feature #16717 (New): OpenVPN 2FA implementation: Please change OpenVPN server implementation like OPNSense does it. Explanation:
# External VPN access must be done... Ivica Glavocic
06:53 AM pfSense Bug #16710: Firewall host aliases with duplicate FQDN will only populate one table: Sound like a duplicate of https://redmine.pfsense.org/issues/13792
In pfsense it is currently the users responsibi... Patch Public

02/22/2026

12:15 AM pfSense Plus Feature #16675: Add Service Controls to Status --> Services for CoreDNS/Threatgate: Tested in 26.07 snapshots from today. No service controls are present in PHP. Kris Phillips

02/21/2026

11:33 PM pfSense Feature #16695: Include System Patches package by default: Done with "6d512a072306982a43f91e33c29489bb62fa8caa":https://github.com/pfsense/FreeBSD-ports/commit/6d512a072306982a... Marcos M
11:30 PM pfSense Feature #16695 (Resolved): Include System Patches package by default: Marcos M
11:16 PM pfSense Plus Bug #16708 (Resolved): PHP error when saving 2+ DNS Forwarder domain overrides via Nexus MIM API or GUI: Marcos M
06:23 PM pfSense Plus Bug #16708: PHP error when saving 2+ DNS Forwarder domain overrides via Nexus MIM API or GUI: with above changeset applied on 25.11.1 I am able to successfully save multiple domain overrides in the DNS forwarder... Jordan G
08:45 PM pfSense Plus Bug #16323: Serial/Console Baud Rate Cannot Be Changed: 25.11.1 does not respect the speed set in the GUI but in 26.03.b.20260219.2016 the serial console is visible with the... Jordan G
10:22 AM pfSense Plus Bug #16716 (New): The interface to monitor is ignored: Hello, I created several Dynamic DNS clients to monitor differents WAN interfaces on my router using the following co... Manuel Carrera

02/20/2026

09:30 PM pfSense Plus Bug #16715 (Closed): Multiple redis and sqlite vulnerabilities reported in version used for 25.11.1: I read through these vulnerabilities and I'm not seeing any obvious threat to pfSense in a typical configuration. Red... Christian McDonald
08:50 PM pfSense Plus Bug #16715 (In Progress): Multiple redis and sqlite vulnerabilities reported in version used for 25.11.1: The upcoming release of pfSense Plus (26.03) includes updated versions of both redis and sqlite3.
We will need to ... Christian McDonald
08:16 PM pfSense Plus Bug #16715 (Closed): Multiple redis and sqlite vulnerabilities reported in version used for 25.11.1: The following vulnerabilities were reported in a Nessus security scan of pfSense Plus:
CVE-2025-49844
CVE-2025-77... Kris Phillips
07:53 PM pfSense Bug #16711: Firewall system log showing blocks for unassigned physical interfaces: Jim Pingle wrote in #note-1:
> That is expected behavior, since it is traffic being blocked/dropped by the firewall.... Zetto Null
01:48 PM pfSense Bug #16711 (Not a Bug): Firewall system log showing blocks for unassigned physical interfaces: That is expected behavior, since it is traffic being blocked/dropped by the firewall. In most cases that is something... Jim Pingle
12:46 AM pfSense Bug #16711 (Not a Bug): Firewall system log showing blocks for unassigned physical interfaces: We have a lab system running 2.6.0 that did not exhibit this behavior. We've looked through the release notes for 2.7... Zetto Null
06:25 PM pfSense Bug #16709 (Resolved): Cannot disable IPsec Advanced Settings tab option for Strict Interface Binding: tested, patch fixes the issue
tested on:
25.11.1-RELEASE (amd64)
built on Mon Jan 19 17:25:00 UTC 2026
FreeBSD 16... Georgiy Tyutyunnik
06:01 PM pfSense Plus Bug #16678: Automatic Boot verification performs rollback to previous Boot Environment when system is rebooted without internet connectivity: Victor Coss wrote in #note-10:
> Mine was a <shellcmd> not an <earlyshellcmd>. I also have Wireguard which I did not ... Christian McDonald
10:12 AM pfSense Plus Bug #16678: Automatic Boot verification performs rollback to previous Boot Environment when system is rebooted without internet connectivity: Mine was a <shellcmd> not an <earlyshellcmd>. I also have Wireguard which I did not put on there but it should just s... Victor Coss
09:52 AM pfSense Plus Bug #16678: Automatic Boot verification performs rollback to previous Boot Environment when system is rebooted without internet connectivity: Christian McDonald wrote in #note-8:
> Thanks for the list.
>
> do you have any custom early shell commands? Anot... Florian Harbecke
05:37 PM pfSense Packages Feature #16435: FRR - enable extended support for Equal-Cost MultiPath Routes (Compile time flag "MULTIPATH=on"): Customer was on a call today and is looking for an update on this redmine. Christopher Cope
04:39 PM pfSense Revision 68be3d8b: Strip HTML tags from page titles: Prevents the browser from showing tags (e.g. <sup>) in the tab title. Marcos M
03:57 AM pfSense Bug #16710: Firewall host aliases with duplicate FQDN will only populate one table: Even though I have Aliases Hostnames Resolve Interval set to 30 I waited 15 minutes and the table continues to show.... Zetto Null
03:23 AM pfSense Bug #16710: Firewall host aliases with duplicate FQDN will only populate one table: I removed the first two entries leaving just the A records.... Zetto Null
01:26 AM pfSense Bug #16710: Firewall host aliases with duplicate FQDN will only populate one table: Jim Pingle wrote in #note-2:
> That is just a part of how DNS works, there is no way for it to tell a change of addre... Zetto Null
12:35 AM pfSense Bug #16710 (Not a Bug): Firewall host aliases with duplicate FQDN will only populate one table: That is just a part of how DNS works, there is no way for it to tell a change of address from a random response for s... Jim Pingle
12:32 AM pfSense Bug #16710: Firewall host aliases with duplicate FQDN will only populate one table: The expected result is that you end up with a table with the following.... Zetto Null
12:28 AM pfSense Bug #16710 (Not a Bug): Firewall host aliases with duplicate FQDN will only populate one table: I discovered that if you have firewall host aliases using FQDN that CNAME which then rotate between two A records whe... Zetto Null

02/19/2026

08:09 PM pfSense Todo #16707 (Feedback): Improve gateway status consistency: That should be fixed with the addition of commit:ccaf33eebcfe6db42d35e2bc96430c12ba4a8f33. Marcos M
07:19 PM pfSense Todo #16707 (In Progress): Improve gateway status consistency: Looks like this change introduced a PHP error on one of my test VMs:... Jim Pingle
07:57 PM pfSense Revision ccaf33ee: Relax type requirements for gateway status helper functions: Some callers of the helper functions do not validate the arguments.
Handle this in the helper functions for better co... Marcos M
06:50 PM pfSense Bug #16709 (Feedback): Cannot disable IPsec Advanced Settings tab option for Strict Interface Binding: Applied in changeset commit:a31b2cc5adb69a88e8402275702fa444803897cc. Marcos M
04:28 PM pfSense Bug #16709: Cannot disable IPsec Advanced Settings tab option for Strict Interface Binding: it doesn't in my lab Georgiy Tyutyunnik
02:56 PM pfSense Bug #16709: Cannot disable IPsec Advanced Settings tab option for Strict Interface Binding: This came up not long ago and was discussed internally but I didn't see another Redmine for it. Steve found that:
... Jim Pingle
11:07 AM pfSense Bug #16709 (Resolved): Cannot disable IPsec Advanced Settings tab option for Strict Interface Binding: Specific config can cause the parameter "strict interface binding" to be unchangeable.
Georgiy Tyutyunnik
06:31 PM pfSense Revision a31b2cc5: Correct check for "Strict Interface Binding" option. Fix #16709: Marcos M
06:29 PM pfSense Revision 4b704d13: Fix option matching and alert message.: The previous condition check resulted in false positives. Use
preg_match() for easier readability. While here also fi... Marcos M
06:22 PM pfSense Plus Bug #16678: Automatic Boot verification performs rollback to previous Boot Environment when system is rebooted without internet connectivity: Florian Harbecke wrote in #note-7:
> Thanks for looking into this, and sorry for the late reply - I was tied up with... Christian McDonald
06:06 PM pfSense Plus Bug #16678: Automatic Boot verification performs rollback to previous Boot Environment when system is rebooted without internet connectivity: Thanks for looking into this, and sorry for the late reply - I was tied up with other tasks.
Christian McDonald wr... Florian Harbecke
04:53 PM pfSense Revision 07ab2672: Fix OpenVPN custom option parsing during upgrade.: Followup to fb490d5ff0f9eb5a42a8b20e6f2d9e4001252d57. Marcos M
03:50 PM pfSense Plus Bug #16708 (Feedback): PHP error when saving 2+ DNS Forwarder domain overrides via Nexus MIM API or GUI: Applied in changeset pfsense:commit:7404c936092879317ac022fce9cbcba821c8638e. Marcos M
02:35 AM pfSense Plus Bug #16708 (Resolved): PHP error when saving 2+ DNS Forwarder domain overrides via Nexus MIM API or GUI: h2. Summary
Saving two or more DNS Forwarder domain overrides in a single operation via the MIM API or the Netgate... LTC Tech
03:40 PM pfSense Revision 7404c936: Fix potential issues with redeclaring functions. Fix #16708: Marcos M
03:25 PM pfSense Feature #16423 (Resolved): Update the SSH server configuration to current standards and include post-quantum cryptography algorithms: Seems to be good now all-around on the latest snapshots. Jim Pingle
12:10 PM pfSense Bug #16705 (Resolved): Automatic gateways for OpenVPN peer-to-peer servers with a ``/30`` tunnel network do not use the peer address: The patch fixes it.
Thanks!
I am closing this case as resolved. Danilo Zrenjanin

02/18/2026

10:55 PM pfSense Todo #16707 (Feedback): Improve gateway status consistency: Applied in changeset commit:ddd366b3706a7c24d2406b9ccfdca76a0dca4be4. Marcos M
10:30 PM pfSense Todo #16707 (Feedback): Improve gateway status consistency: Currently there are several places where the gateway status is checked and each place has its own implementation of t... Marcos M
10:33 PM pfSense Revision ddd366b3: Implement helper functions for determining the gateway status. Implement #16707: Add the helper functions:
- get_gateway_status()
- is_gateway_online()
- is_gateway_action_enabled()
- is_gateway_sta... Marcos M
09:05 PM pfSense Feature #16423 (Feedback): Update the SSH server configuration to current standards and include post-quantum cryptography algorithms: Applied in changeset commit:236638261ad7f6016e4b3a6bc0cc171b212d8f99. Jim Pingle
08:58 PM pfSense Feature #16423 (In Progress): Update the SSH server configuration to current standards and include post-quantum cryptography algorithms: I found a client that won't connect with the new settings, but will if I add back in @hmac-sha2-512@. That doesn't se... Jim Pingle
08:57 PM pfSense Revision 23663826: Re-add hmac-sha2-512 to SSH daemon. Fixes #16423: Jim Pingle
07:22 PM pfSense Bug #16705 (Feedback): Automatic gateways for OpenVPN peer-to-peer servers with a ``/30`` tunnel network do not use the peer address: Fixed with commit:a1314269b3a21bd28ae5f1bc6f2a58308f366f92. Marcos M
08:13 AM pfSense Bug #16705: Automatic gateways for OpenVPN peer-to-peer servers with a ``/30`` tunnel network do not use the peer address: I replicated this behaviour.
*Environment*
* OpenVPN site-to-site configuration
* Two peers only
* Tunnel ne... Danilo Zrenjanin
07:18 PM pfSense Revision 19cfec7a: Fix comment wording: Marcos M
07:07 PM pfSense Revision a1314269: Use the IPv4 peer address as the gateway for OpenVPN S2S servers. Fix #16705: Marcos M
12:50 PM pfSense Plus Bug #16670: Routing broken after upgrade 24.11 → 25.07.1: OpenVPN gateway and subnet routed via lo0: That's the same problem as #16705 Fabian Schnelle
12:23 AM pfSense Plus Regression #16594 (Feedback): IPv6 IP Alias VIPs are not added to PPPoE interfaces: Fixed. Luiz Souza

02/17/2026

09:56 PM pfSense Revision c9ae83b3: Fix a regression with the v6 IP aliases on PPPoE interfaces (with if_pppoe).: Without this change no v6 aliases can be added to the interface.
Ticket: #16594 Luiz Souza
06:28 PM pfSense Bug #16610: GUI does not prevent adding a VIP with a blank address: The GUI prevents adding a VIP with a blank address and returns an error.
A valid IP address must be specified.
... Alhusein Zawi
06:16 PM pfSense Plus Bug #16704 (Rejected): OpenVPN IPV6 "track interface" option does not work: The option only supports WANs configured as 6rd Tunnel - not DHCPv6. This is because the current implementation of th... Marcos M
05:41 PM pfSense Feature #16706 (Resolved): 6rd interface prefix tracking for OpenVPN IPv6 tunnel network: Added with commit:97f9eb5c819fd7f0c5f232d2581e5080be1cb18a, commit:04026a297d7bd319cf6e5d9f46c57e7dfe0d3b20, and comm... Marcos M
05:29 PM pfSense Feature #16706 (Resolved): 6rd interface prefix tracking for OpenVPN IPv6 tunnel network: WAN interfaces configured for 6rd have a known prefix configuration. This can be used when configuring OpenVPN server... Marcos M
05:41 PM pfSense Revision 2aa9b02b: Fix IPv6 prefix calculation for OpenVPN track interface: Adds missing JS code (originally from interfaces.php) to update the GUI
description. While there clarify that only 6r... Marcos M
05:15 PM pfSense Packages Bug #16692: OSPFv3 not active on an interface: Tested again - I initiated OSPF/OSPFv3 between 2 pfSenses which used 25.07.1 and then I updated them one-by-one up to... Azamat Khakimyanov
05:08 PM pfSense Revision a0ca863f: Include System Patches by default: Part of implementing #16695 Marcos M
05:07 PM pfSense Bug #16705: Automatic gateways for OpenVPN peer-to-peer servers with a ``/30`` tunnel network do not use the peer address: Could be related to the recent changes in OpenVPN gateways in #16351 Jim Pingle
04:52 PM pfSense Bug #16705 (Resolved): Automatic gateways for OpenVPN peer-to-peer servers with a ``/30`` tunnel network do not use the peer address: re-created from https://redmine.netgate.com/issues/22042
OpenVPN SSL/TLS Site-2-Site scenario with /30 subnet and ... Georgiy Tyutyunnik
04:51 PM pfSense Revision eba99ecb: Clean up and modernize: - Properly quote variables
- Use builtin getopts instead of forking
- Use builtin substring processing instead of for... Brad Davis
04:51 PM pfSense Revision 2cdbc803: Follow up to b69ef562, also hide EIM-NAT for SCTP: Christian McDonald
04:38 PM pfSense Revision 23a1f24f: Ensure varrunpath can never be empty: Brad Davis
04:37 PM pfSense Revision b69ef562: EIM-NAT option is only applicable to UDP. Hide EIM-NAT option when not valid.: Christian McDonald
04:34 PM pfSense Revision 2cc231c6: Fix redirection, stderr to stdin must be last: Brad Davis
04:16 PM pfSense Packages Bug #16703: IPsec Export: Apple Profile - PHP Error: Log entry:... Jim Pingle
04:00 PM pfSense Revision 77f1f7e1: Clean up and modernize: - Properly quote variables
- Use test's built-in ability to check for empty strings
- Remove UUoC
- Avoid test -o Brad Davis
12:00 PM pfSense Regression #16682: ``daemon`` facility messages are not logged: Hello again :)
After restarting syslogd service it works.
Thanks. Krasimir Petrov
11:15 AM pfSense Regression #16682: ``daemon`` facility messages are not logged: Hi there,
I'm using pfSense 25.11.1 with FreeRADIUS 0.16.1
I applied the 'Fix missing system logs from daemon fac... Krasimir Petrov
11:08 AM pfSense Bug #16290 (Resolved): ``diag_authentication.php`` crashes with a core dump if RADIUS client Shared Secret value is not correct: Tested on 25.11.1 and on 26.07-DEVELOPMENT (built on Sun Feb 15 22:58:00 UTC 2026)
- 25.11.1 still crashed if Shared... Azamat Khakimyanov

02/16/2026

10:54 PM pfSense Plus Bug #16704: OpenVPN IPV6 "track interface" option does not work: Please see related forum discussion here: https://forum.netgate.com/topic/200126/ipv6-tunnel-track-not-seeing-pd Satrajit Das
10:49 PM pfSense Plus Bug #16704 (Rejected): OpenVPN IPV6 "track interface" option does not work: I am on pfSense plus 25.11.1 on a 6100 max. My ISP provides a /56 DHCPv6 prefix delegation (see screenshot). I use "t... Satrajit Das
03:44 PM pfSense Revision d0cf5d04: Shell script cleanup and simplification: Brad Davis

02/15/2026

06:27 PM pfSense Packages Bug #16703 (New): IPsec Export: Apple Profile - PHP Error: Apple Profile Export is failing upon attempting to download the profile the following error is displayed.
50x Err... Skyler H
09:45 AM pfSense Feature #16702: Localroot: From https://nanog.org/events/nanog-96/content/5731/
*Abstract*
The ability to hold a copy of the root zone in yo... Bart Schapendonk
09:43 AM pfSense Feature #16702 (New): Localroot: https://nanog.org/events/nanog-96/content/5731/
https://localroot.isi.edu/about/
This is "experimental", but se... Bart Schapendonk
12:59 AM pfSense Plus Bug #16678: Automatic Boot verification performs rollback to previous Boot Environment when system is rebooted without internet connectivity: unable to reproduce described behavior when moving from 25.11.1 to 26.03builds and removing physical connection prior... Jordan G

02/14/2026

03:59 PM pfSense Bug #16690: Dynamic DNS client ignores Verify SSL/TLS Certificate Trust option when the entry does not contain a username: Oh I see! It's a policy that sacrifices convenience a little to force users doing at least the bare minimum. It proba... Manuel Carrera
03:47 PM pfSense Bug #16690: Dynamic DNS client ignores Verify SSL/TLS Certificate Trust option when the entry does not contain a username: Skipping verification already removes any guarantee of a secure connection. However the option can be useful e.g. whe... Marcos M
10:23 AM pfSense Bug #16690: Dynamic DNS client ignores Verify SSL/TLS Certificate Trust option when the entry does not contain a username: I see that you won't change the current behavior I commented on, so I am curious.
Could you tell me why do you wan... Manuel Carrera
08:21 AM pfSense Revision cb0411a8: Add missing new line to generated OpenVPN config: Marcos M
08:18 AM pfSense Revision c007d2f3: Force the OpenVPN client MTU when set on assigned interface.: An option to filter the server-pulled MTU is needed for OpenVPN clients.
Followup to fb490d5ff0f9eb5a42a8b20e6f2d9e4... Marcos M
04:51 AM pfSense Packages Bug #16701 (New): OSPF routes learned from neighbor are not removed on link down: ... Chris Linstruth
12:06 AM pfSense Plus Feature #16700 (New): Feature Request: Auto-Block Spoofed Source IPv6 Prefix for GIF Tunnels: *Summary*
Automatically add the assigned IPv6 prefix of a GIF tunnel interface (e.g., Hurricane Electric Tunnel Brok... Jonathan Lee

02/13/2026

11:55 PM pfSense Feature #16695 (Pull Request Review): Include System Patches package by default: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/460 Marcos M
12:42 AM pfSense Feature #16695 (Resolved): Include System Patches package by default: The System Patches package contains a list of recommended patches. Add the package by default. Marcos M
11:48 PM pfSense Docs Todo #16699 (New): Add info about matching NAT64 translated traffic: Once NAT64 translation takes place it's not possible to match the packet e.g. with "match out" rules. Relevant pages:... Marcos M
11:35 PM pfSense Docs Todo #16698 (New): Add info about new option "Only kill policy routing states for lower-priority gateways": https://docs.netgate.com/pfsense/en/latest/config/advanced-misc.html#state-killing-on-gateway-recovery
The page is... Marcos M
10:04 PM pfSense Plus Regression #16697 (Feedback): Kea DHCPv6 Leases page does not include delegated prefixes from active dynamic leases: Fixed with: {{collapse... Marcos M
09:47 PM pfSense Plus Regression #16697 (Feedback): Kea DHCPv6 Leases page does not include delegated prefixes from active dynamic leases: The page at Status > DHCPv6 Leases only lists Prefix Delegation leases from static reservations and not active leases. Marcos M
10:02 PM pfSense Revision 38010e76: Update outdated Kea binding variable reference. Fix #16697: Followup to 8e35d417d87244a161e30e097f8562c5cfc09e90. Marcos M
09:49 PM pfSense Revision 8e35d417: Update outdated Kea binding variable reference. Fix #16697: Marcos M
04:23 PM pfSense Bug #16696 (Rejected): DHCP server not available for ewy created interface: Most likely you didn't use an appropriate subnet mask for the IP address of the interface, but there isn't enough inf... Jim Pingle
03:58 PM pfSense Bug #16696 (Rejected): DHCP server not available for ewy created interface: After creating new interface (opt2) with a static IPV4 address the interface does not show up under DHCP server to co... Dominic Reynolds

02/12/2026

08:35 PM pfSense Feature #16423 (Feedback): Update the SSH server configuration to current standards and include post-quantum cryptography algorithms: Applied in changeset commit:75fd49b0d8fd51db0655c0c5d33fe349389dc228. Jim Pingle
08:30 PM pfSense Feature #16423 (In Progress): Update the SSH server configuration to current standards and include post-quantum cryptography algorithms: Jim Pingle
06:06 PM pfSense Feature #16423: Update the SSH server configuration to current standards and include post-quantum cryptography algorithms: I started bumping up against this today after updating to macOS 26.3 which bundles OpenSSH_10.2p1, so these warnings ... → luckman212
08:28 PM pfSense Revision 75fd49b0: Update SSH daemon algorithms. Implements #16423: Jim Pingle
06:24 PM pfSense Bug #12922: Classless static routes received on DHCP WAN can override chosen default gateway: This issue still exists in 25.11.1-RELEASE and the patch from David above resolves the issue. Sam Wildig
05:32 PM pfSense Bug #16690: Dynamic DNS client ignores Verify SSL/TLS Certificate Trust option when the entry does not contain a username: Patch for this is in the latest System Patches package as a recommended patch entry. Jim Pingle
05:01 PM pfSense Bug #16690 (Resolved): Dynamic DNS client ignores Verify SSL/TLS Certificate Trust option when the entry does not contain a username: Marcos M
05:32 PM pfSense Regression #16688 (Resolved): Creating a CA certificate with Trust Store checked is not trusted: Patch for this is in the latest System Patches package as a recommended patch entry. Jim Pingle
04:46 PM pfSense Regression #12382: Certificate Depth checking creates OpenVPN micro-outages every time a user authenticates after 2.5.2 upgrade: client is hitting this issue on 25.11.1 Georgiy Tyutyunnik
04:42 PM pfSense Packages Bug #16692 (Closed): OSPFv3 not active on an interface: Fixed in FRR pkg version 2.1.2_1 which is now available on 25.11.1 Jim Pingle
02:01 PM pfSense Packages Bug #16692: OSPFv3 not active on an interface: There is another report https://forum.netgate.com/topic/199743/25.11-ospf3-peerig-no-longer-working./7 and ticket HS#... Lev Prokofev
01:04 PM pfSense Packages Bug #16595 (Closed): pfSense Plus 25.11.x: ntopng causes excessive memory usage and WebGUI unresponsiveness: Jim Pingle
01:10 AM pfSense Packages Bug #16595: pfSense Plus 25.11.x: ntopng causes excessive memory usage and WebGUI unresponsiveness: This issue appears to be resolved since updating to pfsense 25.11.1 ram usage stays normal and does not keep incremen... Barrett Sawyers
12:50 AM pfSense Bug #16654 (Resolved): Interfaces menu does not use natural sorting when configured to sort alphabetically: fixed
Interfaces are sorted alphabetically when Interface Sort is enabled.
!clipboard-202602111648-iwcjt.png!... Alhusein Zawi
12:39 AM pfSense Bug #11925: Calling-Station-Id always set to WAN IP: Believe it or not, there is another even _older_ bug open for this: https://redmine.pfsense.org/issues/8087 Maximillian Carper
12:19 AM pfSense Bug #8087: Provide Calling-Station-ID to RADIUS backed VPN connections: Erich Weiler wrote in #note-13:
> You can edit those files by hand using vim or whatever. You can either ssh into th... Maximillian Carper

02/11/2026

10:48 PM pfSense Plus Bug #16678: Automatic Boot verification performs rollback to previous Boot Environment when system is rebooted without internet connectivity: I know I'm running a different system than OP (XG-1541 instead of 6100), but in case they don't reply. The packages I... Victor Coss
08:40 PM pfSense Packages Bug #16692: OSPFv3 not active on an interface: Another note: Even on the older FRR the FRR package code does not generate the line in question. It generates the @ro... Jim Pingle
07:53 PM pfSense Packages Bug #16692: OSPFv3 not active on an interface: This is unlikely to be related to the base system in any way.
FRR was upgraded to 10.x during that time so likely so... Jim Pingle
06:11 PM pfSense Packages Bug #16692: OSPFv3 not active on an interface: I made a mistake, the initial config which I had on 25.07.1 was... Azamat Khakimyanov
05:36 PM pfSense Packages Bug #16692 (Closed): OSPFv3 not active on an interface: Tested on 25.07.1
I created simple config with OSPF and OSFPv3 on WAN with IPv4 and IPv6 addresses so the final co... Azamat Khakimyanov
07:12 PM pfSense Feature #16693 (New): Info message if before you click on update if ssh is not activated: This idea is a nice information for users which have SSH no enabled. So the message should only popup if ssh is not e... Marc Walter
05:02 PM pfSense Plus Bug #16676: Failed Upgrade with error: Okay wasn't sure if you wanted both 24.11 and 25.07.1 so ran them both and sent it to the link. Thanks. Peter N
04:57 PM pfSense Packages Regression #16640 (Resolved): ". 200 OK" appended to error.log at every cron run: Marcos M
04:48 PM pfSense Packages Regression #16640: ". 200 OK" appended to error.log at every cron run: I have pfB 3.2.14 so manually edited the .inc file, but it seems to have fixed this, after a day and a few updates. Steve Y
10:26 AM pfSense Bug #16690: Dynamic DNS client ignores Verify SSL/TLS Certificate Trust option when the entry does not contain a username: So that's why I saw nothing in the logs! I didn't know the logs needed a patch too. I applied it and tested again the... Manuel Carrera

02/10/2026

11:35 PM pfSense Bug #16690: Dynamic DNS client ignores Verify SSL/TLS Certificate Trust option when the entry does not contain a username: If you're on 25.11.1 make sure to apply the recommended patches from the System Patches package then restart the sysl... Marcos M
09:37 PM pfSense Bug #16690: Dynamic DNS client ignores Verify SSL/TLS Certificate Trust option when the entry does not contain a username: Hello,
I did a few tests:
* Windows client / server with VALID certificate -> Connection OK (expected behavior)
... Manuel Carrera
05:50 PM pfSense Bug #16690 (Feedback): Dynamic DNS client ignores Verify SSL/TLS Certificate Trust option when the entry does not contain a username: Applied in changeset commit:96de6fba1edef19dd78b17451a7882f6561371ee. Marcos M
05:32 PM pfSense Bug #16690 (Resolved): Dynamic DNS client ignores Verify SSL/TLS Certificate Trust option when the entry does not contain a username: Marcos M
09:55 PM pfSense Revision ccf782e6: Simplify description wording for pre-login message: Marcos M
09:41 PM pfSense Revision 8977f0a7: Clarify wording when a CRL does not have any certs: Marcos M
08:45 PM pfSense Plus Bug #16676: Failed Upgrade with error: Can I get the output from @ls -l /lib@ and @ls -l /usr/lib@ Christian McDonald
03:09 AM pfSense Plus Bug #16676: Failed Upgrade with error: Status uploaded to link Identifiers parsed. Thanks. Peter N
08:14 PM pfSense Plus Bug #16678: Automatic Boot verification performs rollback to previous Boot Environment when system is rebooted without internet connectivity: What additional packages (if any) do you have installed?
At least with a vanilla installation, I'm not able to rep... Christian McDonald
08:11 PM pfSense Bug #16673 (Closed): LDAPS TLS connections intermittently failing with 'Unknown CA (48)' error: Great, thanks for testing!
Closing this one in favor of #16688 since that had the root cause and this was a symptom. Jim Pingle
08:08 PM pfSense Bug #16673: LDAPS TLS connections intermittently failing with 'Unknown CA (48)' error: It appears that this bug has been fixed with https://redmine.pfsense.org/projects/pfsense/repository/2/revisions/3788... Michael Lake
07:21 PM pfSense Packages Bug #16691 (New): Title: sanitize_ipaddr() incorrectly expands bare IPv4 addresses ending in .0 to /24 subnets: When pfBlockerNG processes an upstream IP feed containing a bare IPv4 address whose fourth octet is `0` (e.g., `N.N.N... Ashley R. Thomas
07:19 PM pfSense Regression #16688: Creating a CA certificate with Trust Store checked is not trusted: * Applied patch and rebooted
* Executed again the command "curl -v" with my server -> Connection OK
* Used the Dyna... Manuel Carrera
05:46 PM pfSense Regression #16688: Creating a CA certificate with Trust Store checked is not trusted: Regarding the DDNS cert verification option, see: https://redmine.pfsense.org/issues/16690 Marcos M
04:29 PM pfSense Regression #16688: Creating a CA certificate with Trust Store checked is not trusted: Affected users can install the "System Patches package":https://docs.netgate.com/pfsense/en/latest/development/system... Jim Pingle
04:25 PM pfSense Regression #16688 (Feedback): Creating a CA certificate with Trust Store checked is not trusted: Applied in changeset commit:37884c3039756e3868b7f995a3329793b771a6b0. Jim Pingle
04:15 PM pfSense Regression #16688: Creating a CA certificate with Trust Store checked is not trusted: Manuel Carrera wrote in #note-1:
> Also about the Dynamic DNS service: If you do not check "Verify SSL/TLS Certifica... Jim Pingle
04:11 PM pfSense Regression #16688 (In Progress): Creating a CA certificate with Trust Store checked is not trusted: The source path for local trusted certificates that @certctl@ reads changed upstream for some reason, updating the pa... Jim Pingle
08:00 AM pfSense Regression #16688: Creating a CA certificate with Trust Store checked is not trusted: Also about the Dynamic DNS service: If you do not check "Verify SSL/TLS Certificate Trust", isn't pfSense supposed to... Manuel Carrera
05:42 PM pfSense Revision 96de6fba: DDNS: Respect preference for cert verification in custom entries without a username. Fix #16690: A username is not be required for the verify preference to work. This
change allows for the option to be used regardl... Marcos M
04:13 PM pfSense Revision 37884c30: Correct trusted CA path. Fixes #16688: Jim Pingle
01:12 PM pfSense Docs Todo #16689 (Rejected): Advice needed or Feedback on Packages — FreeRADIUS package: This site is not for discussion or assistance, please start a thread on the forum with your questions. Jim Pingle
07:06 AM pfSense Docs Todo #16689 (Rejected): Advice needed or Feedback on Packages — FreeRADIUS package: *Page:* https://docs.netgate.com/pfsense/en/latest/packages/freeradius.html
*Feedback:* Hi, I'm currently trying t... Niklas Pein
10:09 AM pfSense Regression #16682: ``daemon`` facility messages are not logged: Tested on 25.11.1-RELEASE (built on Tue Jan 27 20:33:00 UTC 2026)
There is a 'Fix missing system logs from daemon ... Azamat Khakimyanov

02/09/2026

10:18 PM pfSense Plus Bug #16676: Failed Upgrade with error: Thanks! The 25.07.1 test is enough - 26.03 won't be available to 24.11 either way. Please also include the status arc... Marcos M
09:30 PM pfSense Plus Bug #16676: Failed Upgrade with error: Just tried the upgrade from 25.07.1 --> Dev 26.03 it failed upon reboot. (see attachment of console log .txt file)
... Peter N
10:09 PM pfSense Regression #16688 (Resolved): Creating a CA certificate with Trust Store checked is not trusted: Hello,
I have created a CA certificate in pfSense with "Trust Store" checked, and used it to create a server certi... Manuel Carrera
06:23 PM pfSense Todo #16653 (Resolved): Add label to automatic PF ``antispoof``, CARP, Captive Portal, and ICMPv6 rules: Looks good, all the rules in question have labels in the ruleset and PF shows them when using @pfctl@ and so on. Jim Pingle
05:33 PM pfSense Revision 9e947603: Consolidate developerspew checks into g_get('debug'): Marcos M
04:57 PM pfSense Revision ae3e499f: Follow system log level preference for daemon logs.: This is needed for php-fpm to follow correct priority from logger().
Followup to 0370993ffd98ea1912181d65e8d75f29028... Marcos M
01:15 PM pfSense Plus Bug #16685 (Rejected): openvpn NAT: There isn't nearly enough information here to rule out a configuration problem. The syntax you posted is not from pfS... Jim Pingle
12:03 PM pfSense Bug #16687 (New): "Proxy URL" configuration field label is misleading: The field "Proxy URL" on the System/Advanced/Miscellaneous page should be labeled "Proxy address" because it does not... Christian Ullrich
02:14 AM pfSense Plus Bug #16678: Automatic Boot verification performs rollback to previous Boot Environment when system is rebooted without internet connectivity: I have some ideas here, I’d like to get a fix for this into 26.03. Christian McDonald

02/08/2026

08:36 PM pfSense Plus Bug #16678: Automatic Boot verification performs rollback to previous Boot Environment when system is rebooted without internet connectivity: I had issues too upgrading from 25.07.1 to 25.11.1 but on an XG-1541 instead of the 6100. It automatically rolled bac... Victor Coss
06:09 PM pfSense Plus Bug #16611: WireGuard MultiWAN Not Failing Back to Tier 1: Tested on 25.11.1-RELEASE
I was able to reproduce this issue and as a workaround I added Floating Firewall rule:
... Azamat Khakimyanov
03:19 AM pfSense Feature #16686: Better handling DNS when using multiple wireguard tunnels of different locations: To add one more thing:
It would be good to have redundancy in dns so that if the proper dns server location ever g... Tam N
03:12 AM pfSense Feature #16686 (New): Better handling DNS when using multiple wireguard tunnels of different locations: Hello,
I'm not very technical but here goes:
*Feature request:* An option to make it so each wireguard tunnel u... Tam N
01:58 AM pfSense Feature #16666 (Resolved): Allow wildcard records for Dynamic DNS provider deSEC.io: I can confirm wildcards are now an option for deSEC.io on... Christopher Cope
01:47 AM pfSense Bug #16681 (Resolved): Inaccurate "No default gateway found" log message when the default gateway is set to automatic: I can also confirm this on... Christopher Cope

02/07/2026

08:44 PM pfSense Packages Feature #14652: FRR OSPF6 not working over wireguard: pfSense Plus 25.11.1 FRR package 2.1_1, Wireguard Package 0.2.11_1
using BGP is the same, no link local, not worki... Emre K
03:33 PM pfSense Plus Bug #16685 (Rejected): openvpn NAT: I using openvpn ipv4 NAT forward ports, but it can't work.
-A PREROUTING -d 203.190.5.5/32 -p tcp -m multiport --d... yon Liu
03:15 PM pfSense Todo #16658: Automatically configure the OpenVPN tunnel MTU when set in the assigned interface configuration: tested this version not fix
26.03-DEVELOPMENT (amd64)
built on Fri Feb 6 14:00:00 CST 2026
FreeBSD 16.0-CURRENT yon Liu
01:08 PM pfSense Bug #16681: Inaccurate "No default gateway found" log message when the default gateway is set to automatic: No errors listed anymore, only "NOTICE".
Tested on ... Lev Prokofev

02/06/2026

11:58 PM pfSense Regression #16313 (Resolved): sshguard patch files are not present in devel branches: These are in devel/26.03. Marcos M
11:42 PM pfSense Plus Bug #16676: Failed Upgrade with error: The intent is to determine if the issue is already addressed in 26.03. Having the console output during the upgrade i... Marcos M
11:27 PM pfSense Plus Bug #16676: Failed Upgrade with error: After reviewing your reply. Could you please elaborate more concisely about a few things.
I am attaching a screens... Peter N
08:57 PM pfSense Plus Bug #16676: Failed Upgrade with error: Would you provide the status archive before the upgrade (from /status.php)? You can upload it here (along with any re... Marcos M
11:17 PM pfSense Bug #16684 (Duplicate): pfSense 25.11.1 doesn't display radiusd user authentication event notifications: Duplicate of #16682 (See also: #16679) Jim Pingle
10:39 PM pfSense Bug #16684 (Duplicate): pfSense 25.11.1 doesn't display radiusd user authentication event notifications: Tested on
25.11.1-RELEASE (amd64)
built on Tue Jan 27 22:33:00 EET 2026
FreeBSD 16.0-CURRENT
After upgrading ... AMD AMD
10:47 PM pfSense Docs New Content #16452 (Resolved): Add VXLAN documentation: Marcos M
10:39 PM pfSense Packages Bug #16489 (Resolved): PHP error with pfBlockerNG DNSBL Lighttp: Marcos M
10:34 PM pfSense Packages Feature #16533 (Resolved): Add Multicast Bridge (mcast-bridge) package: Marcos M
10:34 PM pfSense Todo #16538 (Resolved): Prevent the GUI from removing vital packages: Marcos M
10:33 PM pfSense Packages Bug #16544 (Duplicate): During WAN failover event, HAproxy frontend IPs are not transferred from the primary to the secondary pfSense HAproxy service: Marcos M
10:31 PM pfSense Plus Bug #16555: Session timeout not being honored, /tmp/sess_* files are accumulating: Related discussion on temp session files (not reproducible on 26.03):
https://forum.netgate.com/topic/199786/tmp-ses... Marcos M
10:20 PM pfSense Bug #16577 (Resolved): Netgate Installer - Invalid path to up-script in mpd_wan.conf when using PPPoE WAN: Marcos M
10:20 PM pfSense Bug #16610 (Feedback): GUI does not prevent adding a VIP with a blank address: Applied in changeset commit:840c8a2e6194513730c6bbbb5caac4516b7abe5c. Marcos M
10:19 PM pfSense Bug #16579 (Resolved): Firewall logs do not correctly parse ``short`` packet errors: Marcos M
10:06 PM pfSense Revision 840c8a2e: Reject empty VIP input. Fix #16610: Marcos M
10:01 PM pfSense Bug #16614 (Resolved): Connections from the firewall itself fail with oversize packets and TSO enabled: Marcos M
10:01 PM pfSense Todo #16620 (Resolved): Remove dead link about ``.local`` TLD use from ``system.php``: Better to remove the link from the GUI - sources can be left to the docs if needed.
Done in commit:5da3b78d640fe8c... Marcos M
10:00 PM pfSense Revision 5da3b78d: Remove dead link. Fix #16620: Marcos M
09:53 PM pfSense Packages Bug #16627 (Resolved): PHP error when saving without interfaces selected: Marcos M
09:49 PM pfSense Packages Feature #16632 (Rejected): Wireguard Logging: There really isn't any logging to expose. Marcos M
09:47 PM pfSense Plus Bug #16633 (Resolved): Packets containing a specific byte pattern may not be transmitted via switch ports on the Netgate 2100: Marcos M
09:46 PM pfSense Packages Regression #16640 (Feedback): ". 200 OK" appended to error.log at every cron run: https://github.com/pfsense/FreeBSD-ports/commit/ff8f2bd645ac59706edc8cd35a6abc4710588068 Marcos M
09:44 PM pfSense Todo #16653 (Feedback): Add label to automatic PF ``antispoof``, CARP, Captive Portal, and ICMPv6 rules: Added with commit:ed0d30330652ea6ab4d27042b94d5ad26428fd80.
This includes missing lables for antispoof, CARP, Capt... Marcos M
09:37 PM pfSense Revision ed0d3033: Add missing rule labels. Implement #16653: Marcos M
08:35 PM pfSense Bug #16654 (Feedback): Interfaces menu does not use natural sorting when configured to sort alphabetically: Applied in changeset commit:4046a40b0b1a5fc177eae3f0808734e9150db4d2. Marcos M
08:23 PM pfSense Revision 4046a40b: Refactor msort(). Fix #16654: The msort() function doesn't account for sorting flags. Replace the logic
the native PHP function array_multisort() a... Marcos M
07:48 PM pfSense Docs Todo #16683 (New): Add documentation for RADIUS client Message Authenticator support: !clipboard-202602061447-efuyy.png!
Christian McDonald
06:49 PM pfSense Plus Bug #16664 (Rejected): AdvLinkMTU hardcoded to 1500 despite 6rd interface: Setting an AdvLinkMTU value different from the interface has the following drawbacks:
# Connections between LANs will... Marcos M
06:18 PM pfSense Regression #16672 (Feedback): Firewall rules matching and tagging across distinct anchors are ignored by subsequent tagged rule: Marcos M
06:05 PM pfSense Packages Bug #16679 (Duplicate): FreeRadius dosn't send logs to syslog: Fixed in https://redmine.pfsense.org/issues/16682 Marcos M
06:05 PM pfSense Regression #16682 (Resolved): ``daemon`` facility messages are not logged: This is a regression in 25.11.1. Fixed with commit:0370993ffd98ea1912181d65e8d75f29028a4cbc. Marcos M
06:03 PM pfSense Regression #16682 (Resolved): ``daemon`` facility messages are not logged: Log messages that use the @daemon@ facility are not logged to the system log. Marcos M
05:35 PM pfSense Feature #15952 (Feedback): PHP RADIUS client ``Message-Authenticator`` attribute capability: Applied in changeset commit:d87fac91ec73fbf9082043491061612634cca09d. Marcos M
05:27 PM pfSense Revision d87fac91: Add the GUI options for RADIUS Message Authenticator. Implement #15952: Co-authored-by: R. Christian McDonald <cmcdonald@netgate.com> Marcos M
04:10 PM pfSense Bug #16681 (Feedback): Inaccurate "No default gateway found" log message when the default gateway is set to automatic: Applied in changeset commit:fc14ba531d2132ae3276432cb76728f7d779cae3. Marcos M
03:57 PM pfSense Bug #16681 (Resolved): Inaccurate "No default gateway found" log message when the default gateway is set to automatic: When the system default gateway is set to automatic the system determines which default gateway should be used. Even ... Marcos M
03:59 PM pfSense Revision fc14ba53: Fix condition check for missing default gateway. Fix #16681: Marcos M
11:46 AM pfSense Todo #16658 (Resolved): Automatically configure the OpenVPN tunnel MTU when set in the assigned interface configuration: tested on
25.11.1-RELEASE (amd64)
built on Mon Jan 19 17:25:00 UTC 2026
FreeBSD 16.0-CURRENT
patch works as expec... Georgiy Tyutyunnik

02/05/2026

09:00 PM pfSense Feature #15952: PHP RADIUS client ``Message-Authenticator`` attribute capability: We need to plumb support for this down through the Auth_RADIUS wrapper for the PHP Radius extension, and add a GUI kn... Christian McDonald
08:44 PM pfSense Feature #15952 (In Progress): PHP RADIUS client ``Message-Authenticator`` attribute capability: Christian McDonald
04:28 PM pfSense Feature #15952 (Confirmed): PHP RADIUS client ``Message-Authenticator`` attribute capability: It's no longer working on the latest 26.03 snapshot. Marcos M
06:50 PM pfSense Feature #16029 (Feedback): Add option to search for LDAP groups in the base DN: Applied in changeset commit:2dfa947e86a2aaa3f2e5bfad4e397c2c6f45f2ca. Anonymous
06:38 PM pfSense Revision 2dfa947e: Merge pull request #4725 from dbenesj/ldap-group-base-dn: Co-authored-by: Marcos Mendoza <mmendoza@netgate.com>
Add option to search LDAP group in base DN. Implement #16029 David Benes
04:50 PM pfSense Todo #16668: Upgrade PHP to 8.5.x: For reference:
Update composer:
"334b5d6954938487746be154b4c6c57bda11a042":https://github.com/pfsense/FreeBSD-por... Marcos M
04:29 PM pfSense Todo #16668 (Resolved): Upgrade PHP to 8.5.x: Christian McDonald
03:59 PM pfSense Feature #16680 (Rejected): Captive Portal Adjustable Voucher Lengths: The voucher keys are already weak for security, lowering it would make the codes predictable. I am against adding opt... Jim Pingle
03:19 PM pfSense Feature #16680 (Rejected): Captive Portal Adjustable Voucher Lengths: We had a customer request to be able to easily set a desired length for the vouchers in the GUI.
When high securit... Christopher Cope
12:47 PM pfSense Packages Bug #16679 (Confirmed): FreeRadius dosn't send logs to syslog: I’m able to reproduce the same behavior on the same release. It does appear to be a regression, since this worked as ... Danilo Zrenjanin
12:29 PM pfSense Packages Bug #16679 (Duplicate): FreeRadius dosn't send logs to syslog: Tested on... Lev Prokofev
07:04 AM pfSense Revision 0370993f: Restore log level for daemon facility: Originally both daemon.none and daemon.info were specified. This recently
changed to only daemon.none with commit: ae... Marcos M
04:36 AM pfSense Revision 480a1c06: Bump up the Copyright year.: Luiz Souza

02/04/2026

08:34 AM pfSense Packages Bug #16656: Suricata 7.0.8_5 - UI frontend crash while opening "Blocks" page: There're some issues with immediate fixing the problem. The pfSense's port applies some patches the original sources,... Ivan Bobyr
12:20 AM pfSense Revision 2308c338: Add net/pfSense-pkg-mcast-bridge: Marcos M

02/03/2026

11:55 PM pfSense Packages Feature #16089 (Resolved): Add Zabbix 7.4: it's available on the latest snapshot.
26.03.a.20260203.1710 Alhusein Zawi
11:11 PM pfSense Packages Feature #16089: Add Zabbix 7.4: Zabbix 7.4 is still not listed
!clipboard-202602031510-4c7ry.png!
26.03.a.20260203.1710
Alhusein Zawi
11:24 PM pfSense Plus Bug #16676: Failed Upgrade with error: Okay ran requested command in console. Attached is output scrubbed of identification markers is all mac,addresses,and... Peter N
10:19 PM pfSense Plus Bug #16676: Failed Upgrade with error: OK it looks like those logs are from just force upgrading all pkgs from 25.07.1 to 25.11.1 but doing that doesn't run... Steve Wheeler
08:49 PM pfSense Plus Bug #16676: Failed Upgrade with error: Per request sending in some files that may help. One is the original upgrade log I initially captured several days ag... Peter N
06:00 PM pfSense Plus Bug #16676: Failed Upgrade with error: Are you able to get a full upgrade log from 25.07.1? Preferably from the cli using: pfSense-upgrade -d Steve Wheeler
06:45 AM pfSense Plus Bug #16676 (New): Failed Upgrade with error: h2. Issue:
Attempting to update from 25.07.1 --> 25.11.1
After updating the system seems to complete fine and r... Peter N
09:14 PM pfSense Bug #16290: ``diag_authentication.php`` crashes with a core dump if RADIUS client Shared Secret value is not correct: This issue isn't unique to the @diag_authentication.php@ page so we might come up with a better subject. Christian McDonald
09:08 PM pfSense Bug #16290 (Feedback): ``diag_authentication.php`` crashes with a core dump if RADIUS client Shared Secret value is not correct: Let's try again.
There was a bug in the attribute parser that failed to handle the case where recvfrom syscall ret... Christian McDonald
05:46 PM pfSense Plus Bug #16678 (New): Automatic Boot verification performs rollback to previous Boot Environment when system is rebooted without internet connectivity: While pre-configuring a Netgate 6100 appliance for deployment at a customer site, we encountered unexpected behavior ... Florian Harbecke
02:08 PM pfSense Feature #15221 (Resolved): Sort list of System Tunables: Jim Pingle
10:16 AM pfSense Plus Bug #16677 (New): Editing of LAGG inteface which has lots of VLANs in it is very slow so it might confuse if it has finished or not: Tested on 25.11.1-RELEASE (built on Tue Jan 27 20:33:00 UTC 2026)
I've created LAGG0 on *vtnet2* and *vtnet3* ('Cr... Azamat Khakimyanov

02/02/2026

05:05 PM pfSense Revision fff3021f: Check for rdr rules with a missing interface on upgrade: Marcos M
04:00 PM pfSense Revision 2e09427a: Chase bind GSSAPI defaults change: Brad Davis

02/01/2026

02:52 AM pfSense Plus Feature #16675 (New): Add Service Controls to Status --> Services for CoreDNS/Threatgate: Currently, there are no service controls for CoreDNS or ThreatGate in the Status --> Services menu, either in Nexus o... Kris Phillips
02:18 AM pfSense Regression #16407 (Resolved): Editing an alias used in static routes does not correctly update the routing table: Tested on latest 26.03 snapshot. Confirmed Resolved.
There was also a warning added to the Alias page stating t... Kris Phillips
02:11 AM pfSense Bug #16644 (Resolved): Firewall log always shows rules with Reject action under "Associated Rules": Tested on latest 26.03 snapshot. Can confirm this is resolved, per screenshot attached.
Marking Resolved. Kris Phillips

01/31/2026

07:42 PM pfSense Packages Bug #16674 (New): Telegraf service settings page writes deprecated parameter ssl_ca for InfluxDB output: As discussed in https://forum.netgate.com/topic/200029/telegraf-failure-due-to-deprecated-ssl_ca-parameter
The Tel... Dan Roncadin
06:47 AM pfSense Bug #16661 (Resolved): UTF-8 characters saved in the Client Identifier of DHCP static mappings result in an invalid configuration: No more PHP errors after restoring the config with "bad" symbols.
Tested on... Lev Prokofev

01/30/2026

09:32 PM pfSense Feature #15221: Sort list of System Tunables: I can confirm the latest patch fixes the issue I was seeing with the older patch and all sorting works properly now. ... Glenn Hall
04:30 PM pfSense Feature #15221 (Feedback): Sort list of System Tunables: Applied in changeset commit:bc1322f22ff437a169fae932ce4c9e38286d49e7. Jim Pingle
04:22 PM pfSense Feature #15221: Sort list of System Tunables: I just pushed a fix to ensure the tunables are always sorted the same way when editing, deleting, etc. It seems to ha... Jim Pingle
03:44 PM pfSense Feature #15221 (In Progress): Sort list of System Tunables: OK, I can reproduce the issue with that configuration. We'll keep working on it. Jim Pingle
01:45 AM pfSense Feature #15221: Sort list of System Tunables: I reverted the patch today and then loaded the latest available dev build which includes the patch natively (26.03.a.... Glenn Hall
09:21 PM pfSense Packages Regression #16640: ". 200 OK" appended to error.log at every cron run: This is one line of error.log:
[PFB_FILTER - 17] Failed or invalid Mime Type: [application/SIMH-tape-data|0] [ 10/27... Steve Y
09:02 PM pfSense Packages Regression #15158: XMLRPC Timeout won't save if over 150: I'm catching up on reviewing my open issues... in pfBlockerNG 3.2.14 the setting saves, at least "200." Steve Y
08:56 PM pfSense Feature #15464 (Resolved): Allow Installer to install CE even if NDI detects as Plus: Jim Pingle
08:54 PM pfSense Feature #15464: Allow Installer to install CE even if NDI detects as Plus: Resolved per https://docs.netgate.com/pfsense/en/latest/install/install-walkthrough.html#advanced-options Steve Y
06:13 PM pfSense Regression #16638: PPPoE on VirtIO ``vtnet`` interface fails to pass routed traffic: Source Address FROM WAN is normal now, but Source Address FROM LAN not normal work.
!clipboard-202601310212-bnsmq.... yon Liu
04:39 PM pfSense Todo #16668 (Feedback): Upgrade PHP to 8.5.x: Christian McDonald
04:39 PM pfSense Regression #16672: Firewall rules matching and tagging across distinct anchors are ignored by subsequent tagged rule: That should get picked up in our next upstream src merge here shortly. Jim Pingle
04:35 PM pfSense Revision da0ab2bf: Log errors when checking for system updates: Marcos M
04:20 PM pfSense Revision bc1322f2: Ensure tunables are always sorted. Fixes #15221: Jim Pingle
03:53 PM pfSense Bug #15612: Captive Portal with big number of passththrough MAC addresses is causing webgui gateway timeouts, Error 50x, and HA-sync XMLRPC Error: Tested against:... Danilo Zrenjanin
03:50 PM pfSense Feature #16166 (Feedback): Option to deactivate ALTQ for VirtIO ``vtnet`` interfaces: Applied in changeset commit:d1c2fe84a734c33e61b550d4742a2de6729bb236. Björn Jakobsen
03:44 PM pfSense Revision 8901f5aa: Merge pull request #4733 from jakobsen-lrz/vtnet-deactivate-altq-option: Marcos M
02:42 PM pfSense Revision d302f445: kea2{fib6,unbound}: chase API changes in Symfony Console 8: Christian McDonald
12:14 PM pfSense Revision d1c2fe84: Add option to control ALTQ support for VTNET NICs. Implement #16166: Signed-off-by: Bjoern Jakobsen <Bjoern.Jakobsen@lrz.de> Björn Jakobsen

01/29/2026

10:31 PM pfSense Packages Feature #16089 (Feedback): Add Zabbix 7.4: Added with: "7ebd365346f1d6d4e8c210491de77cf6fb893365":https://github.com/pfsense/FreeBSD-ports/commit/7ebd365346f1d6... Marcos M
10:24 PM pfSense Packages Feature #16089 (In Progress): Add Zabbix 7.4: Marcos M
10:30 PM pfSense Revision 5b678df3: poudriere_bulk: drop pecl-xdebug, not compatible with PHP 8.5: Christian McDonald
10:26 PM pfSense Revision 2d6eda10: Build Zabbix7.4, remove options for EOL ports. Implement #16089: Marcos M
10:08 PM pfSense Packages Feature #9315: Add Package: dnscrypt-proxy: Github "PR #1434":https://github.com/pfsense/FreeBSD-ports/pull/1434 fulfills this feature request by adding DNSCr... Mr Nopoz
09:28 PM pfSense Regression #16672: Firewall rules matching and tagging across distinct anchors are ignored by subsequent tagged rule: It appears this may be resolved in freebsd as of this commit https://github.com/freebsd/freebsd-src/commit/4616481212... Arthur Wiebe
03:03 AM pfSense Regression #16672 (Feedback): Firewall rules matching and tagging across distinct anchors are ignored by subsequent tagged rule: Starting at pfSense Plus 25.11 our team noticed a bug occurring on x86 hardware such as the Netgate 4200/6100.
I've ... Arthur Wiebe
08:44 PM pfSense Revision 5c252e58: Upgrade to PHP 8.5: Christian McDonald
08:23 PM pfSense Revision 20b17bf2: composer: update dependencies for PHP 8.5: Christian McDonald
08:20 PM pfSense Feature #15221: Sort list of System Tunables: Glenn Hall wrote in #note-5:
> I applied this patch and seem to have discovered an issue. With the patch in place, I... Jim Pingle
03:05 AM pfSense Feature #15221: Sort list of System Tunables: I applied this patch and seem to have discovered an issue. With the patch in place, I am able to sort on any of the f... Glenn Hall
08:12 PM pfSense Feature #16273 (Rejected): Allow configuration of Third-Party Mapping for UPnP IGD & PCP service: Marcos M
05:06 PM pfSense Bug #16673: LDAPS TLS connections intermittently failing with 'Unknown CA (48)' error: Quick follow-up, trying to summarize what appears to be happening during a failed authentication attempt:
# pfSens... Michael Lake
04:39 AM pfSense Bug #16673 (Closed): LDAPS TLS connections intermittently failing with 'Unknown CA (48)' error: (See my Netgate Forum post on the issue: https://forum.netgate.com/topic/200020/intermittent-tls-failures-with-ldap-a... Michael Lake
04:20 PM pfSense Revision b67acbc1: interfaces: reorder code to align with configuration type order: no functional changes intended Christian McDonald
04:00 PM pfSense Revision 20ac9362: Log detaild info about config path warnings: Marcos M
05:32 AM pfSense Packages Bug #16650: ACME account key and certificate editing pages unnecessarily double encode configuration data: Just updated. Confirmed it fixes both this bug and the related bug #16651. Thanks so much Jim! cemysce .

01/28/2026

10:44 PM pfSense Packages Bug #16671 (New): Custom Options (After Auth)" field is non-functional when authentication is disabled: "Custom Options (After Auth)" configuration field in Services → Squid Proxy Server → General does not work when Authe... Jonathan Lee
04:46 PM pfSense Todo #16567: Do not add ``fe80::1:1`` link-local address to interfaces configured for IPv6 tracking: https://github.com/pfsense/pfsense/commit/b680c0b3c2b61e53b4371ef9ded8de2fa925d67c Christian McDonald
03:36 PM pfSense Todo #16567 (Feedback): Do not add ``fe80::1:1`` link-local address to interfaces configured for IPv6 tracking: Christian McDonald
03:33 PM pfSense Revision b680c0b3: Remove link-local fe80::1:1 addresses from track6 interfaces. For #16567: Christian McDonald
03:24 PM pfSense Packages Feature #16623 (Closed): Account Key fields for External Account Binding: Added in ACME pkg v1.1 which is out now for pfSense Plus software version 25.11.1 and CE 2.8.1 Jim Pingle
03:24 PM pfSense Packages Feature #16604 (Closed): ACME Certificate Profiles: Added in ACME pkg v1.1 which is out now for pfSense Plus software version 25.11.1 and CE 2.8.1 Jim Pingle
03:24 PM pfSense Packages Todo #16603 (Closed): Base ACME certificate renewal time logic on certificate lifetime: Implemented in ACME pkg v1.1 which is out now for pfSense Plus software version 25.11.1 and CE 2.8.1 Jim Pingle
03:23 PM pfSense Packages Bug #16650 (Closed): ACME account key and certificate editing pages unnecessarily double encode configuration data: Fixed in ACME pkg v1.1 which is out now for pfSense Plus software version 25.11.1 and CE 2.8.1 Jim Pingle
02:41 PM pfSense Plus Bug #16147 (Feedback): pfi_kkif_update event causing panic: This is fixed upstream: https://cgit.freebsd.org/src/commit/?id=dc0cf0648c8d28ab4914c798a4cff8256ae94ee5
That's in... Steve Wheeler
01:11 PM pfSense Plus Bug #16670: Routing broken after upgrade 24.11 → 25.07.1: OpenVPN gateway and subnet routed via lo0: Jim Pingle wrote in #note-1:
> This is most likely a configuration issue but there is not enough information here to... Sami Siltala
01:05 PM pfSense Plus Bug #16670 (Incomplete): Routing broken after upgrade 24.11 → 25.07.1: OpenVPN gateway and subnet routed via lo0: This is most likely a configuration issue but there is not enough information here to go on, and this platform is not... Jim Pingle
10:34 AM pfSense Plus Bug #16670 (Incomplete): Routing broken after upgrade 24.11 → 25.07.1: OpenVPN gateway and subnet routed via lo0: Hi
I recently noticed that after upgrading pfSense from version 24.11 to the newer 25.07.1, the firewall log start... Sami Siltala

01/27/2026

10:18 PM pfSense Plus Bug #16669 (Resolved): Installing a package from the WebGUI fails due to a PHP version error: Marcos M
09:30 PM pfSense Plus Bug #16669 (Feedback): Installing a package from the WebGUI fails due to a PHP version error: An update has been picked back to the ports tree which addresses this issue. Affected systems will need to:
# Go to ... Marcos M
09:08 PM pfSense Plus Bug #16669 (Resolved): Installing a package from the WebGUI fails due to a PHP version error: A package install (not reinstall) from the Package Manager page results in an error about the PHP version. The follow... Marcos M
10:12 PM pfSense Revision 587c5776: Update the update check logic to be uniform with pfSense-upgrade: This change aligns the update check logic with pfSense-upgrade. This
improves consistency and reduces redundant packa... Marcos M
08:39 PM pfSense Todo #16657: Improve handling of certificates without subjects: For certificates with one SAN, it prints "SAN=<SAN spec>". For certificates with multiple it prints a count afterward... Jim Pingle
08:35 PM pfSense Todo #16657 (Feedback): Improve handling of certificates without subjects: Applied in changeset commit:445abad5522d04cc1414d9a11409504042941eba. Jim Pingle
08:21 PM pfSense Revision 445abad5: Change display of cert DN/Subject to be Identity. Implements #16657: Certs may have an empty Subject if they contain SANs, so if the subject is empty, use the SANs to form an Identity to... Jim Pingle
06:53 PM pfSense Packages Feature #11826 (Closed): Preserve acme SAN Method parameters for new cert creations: At some point this must have been fixed because now I can duplicate a cert entry and its SAN parameters carry over, a... Jim Pingle
06:13 PM pfSense Todo #16668 (In Progress): Upgrade PHP to 8.5.x: Christian McDonald
06:13 PM pfSense Todo #16668 (Resolved): Upgrade PHP to 8.5.x: Christian McDonald
02:45 AM pfSense Revision 37d83493: Remove outdated alternate meta ports: Marcos M

01/26/2026

06:01 PM pfSense Docs Todo #16667 (Rejected): Feedback on Releases — Versions of pfSense software and FreeBSD: It is based on "FreeBSD-CURRENT" which is 16 at the moment: https://docs.freebsd.org/en/books/handbook/cutting-edge/#... Jim Pingle
05:56 PM pfSense Docs Todo #16667 (Rejected): Feedback on Releases — Versions of pfSense software and FreeBSD: *Page:* https://docs.netgate.com/pfsense/en/latest/releases/versions.html
*Feedback:*
This page lists the FreeBSD... Craig Leres
04:38 PM pfSense Feature #16666 (Feedback): Allow wildcard records for Dynamic DNS provider deSEC.io: Applied with commit:2d485cdcb2f14a6fd213fe7c41fc11d277241fd7. Marcos M
04:38 PM pfSense Feature #16666 (Resolved): Allow wildcard records for Dynamic DNS provider deSEC.io: Allow wildcards for deSEC:
https://desec.readthedocs.io/en/latest/dns/rrsets.html Marcos M
04:27 PM pfSense Bug #16655 (Rejected): pfSense GUI Enforces 64-Character SHA-256 NTP Key, Incompatible with NTPv3/v4 Protocol Constraints: Marcos M
04:20 PM pfSense Feature #16665 (New): DHCP Static Mappings management: I would like to request a feature related to DHCP Static Mappings management.
In real-world scenarios, it is quite c... Александър Димитров
04:20 PM pfSense Revision 2d485cdc: DDNS: allow wildcard for deSEC.io: Co-authored-by: Leif <33157431+lswaage@users.noreply.github.com>
Service API docs mention wildcards are allowed. Marcos M
04:18 PM pfSense Feature #16662 (Duplicate): DynDNS: Add "preserve" toggle to desec.io provider: Duplicate of https://redmine.pfsense.org/issues/12495 Marcos M
03:41 PM pfSense Packages Bug #16656 (Closed): Suricata 7.0.8_5 - UI frontend crash while opening "Blocks" page: The error indicates there was an issue in the /var/log/suricata/*block.log file(s). The timestamp string contained ma... Marcos M
01:06 PM pfSense Feature #16177 (Closed): Include Unbound 1.23.0 in upcoming release: Jim Pingle

01/25/2026

06:04 PM pfSense Plus Bug #16664 (Rejected): AdvLinkMTU hardcoded to 1500 despite 6rd interface: I originally opened this as a feature request https://redmine.pfsense.org/issues/16659. After further consideration, ... Isaac McDonald
01:36 PM pfSense Feature #16177: Include Unbound 1.23.0 in upcoming release: I think this issue can be closed, latest pfSense versions eg 24.11 ship with Unbound 1.24.2
→ luckman212
01:21 PM pfSense Regression #16638: PPPoE on VirtIO ``vtnet`` interface fails to pass routed traffic: pfsense 25.11
!clipboard-202601252120-wdjxb.png!
LAN can't route out via WAN. pfsense has using wiregaurd and... yon Liu

« Previous

Also available in: Atom

Project

General

Profile

pfSense bugtracker

Activity

Activity

Today

02/22/2026

02/21/2026

02/20/2026

02/19/2026

02/18/2026

02/17/2026

02/16/2026

02/15/2026

02/14/2026

02/13/2026

02/12/2026

02/11/2026

02/10/2026

02/09/2026

02/08/2026

02/07/2026

02/06/2026

02/05/2026

02/04/2026

02/03/2026

02/02/2026

02/01/2026

01/31/2026

01/30/2026

01/29/2026

01/28/2026

01/27/2026

01/26/2026

01/25/2026