Chris Linstruth

02:29 PM pfSense Bug #9767 (Feedback): Interesting Traffic Will not Initiate an IPsec VTI tunnel.: Interesting Traffic Will not Initiate an IPsec VTI tunnel.
Steps to reproduce:
Configure a VTI tunnel between t...

02:08 PM pfSense Feature #9726 (New): AH configured on AES GCM transform sets though strongswan strips them.: One might want to allow transform sets on a Phase 2 like this:
AES128/192/256-CBC with SHA256
AES128-GCM with no ...

11:49 AM pfSense Feature #9695 (Resolved): Add Ability to Force NAT-T Encapsulation on IKEv2 Peers: The strongswan documentation includes:
UDP encapsulation may also be forced, even if no NAT situation is detected,...

01:29 PM pfSense Bug #6799: Using NOT (!) with interface subnet macros results unexpected traffic passing when multiple subnets are included in the macro (i.e. VIP subnets): I believe that the negate address match rules not "blocking" any traffic is worth a deeper look. This wasn't really a...

06:45 PM pfSense Bug #9690 (New): Ethernet flow control should be disabled by default: Ethernet flow control has no place on a firewall except in very rare scenarios and should be disabled by default.
...
10:33 PM pfSense Feature #9532: GUI indication and options for MDS mitigation: Dashboard reflects chosen MDS settings. Looks good.
10:19 PM pfSense Bug #9420: crypt_data() uses deprecated openssl syntax for passphrase: Code uses new command line options to openssl. Encrypted backups result. Looks good.
10:00 PM pfSense Feature #9323: Option to hide 'Kernel PTI' from sysinfo widget: Tested disabling both PTI and MDS in the widget. Works.
09:57 PM pfSense Bug #9292: Default route as indicated by "(Default)" does not match the actual default route on the OS.: I tested this several ways. Looks good.
09:44 PM pfSense Bug #9218: SNMP sysDescr does not display hostname and patch version: $ snmpget -c public -v1 172.25.228.13 iso.3.6.1.2.1.1.1.0
SNMPv2-MIB::sysDescr.0 = STRING: pfSense pfSense-c.lab.ex...

Also available in: Atom

pfSense bugtracker