• Messages seem to be broken/ something missing

    4
    0 Votes
    4 Posts
    79 Views
    stephenw10S
    For reference that's an ugly error but it's only cosmetic. It's safe to upgrade still if you see that after rolling back.
  • 25.03.b.20250306.0140 - if_pppoe kernel module chap failure

    19
    0 Votes
    19 Posts
    2k Views
    F
    @stephenw10 This is just another example of what I tried to explain in https://redmine.pfsense.org/issues/16128 Passing passwords as command line arguments is always going to result in failures like this. It needs to be addressed as a security issue. I've not tried it but I bet a password with ;rm -rf /; in it would be pretty destructive.
  • 25.07 failing

    8
    0 Votes
    8 Posts
    139 Views
    S
    Thanks that worked!! Much appreciated.
  • 0 Votes
    47 Posts
    1k Views
    M
    At least there seem to be improvements to be made. I will dig further.
  • Is 25.07.r.20250715.1733 still the latest build?

    7
    0 Votes
    7 Posts
    325 Views
    RobbieTTR
    @luckman212 The final release 25.07 stable is live and running on my system. ️
  • 25.07.r.20250715.1733 New log-type?

    6
    0 Votes
    6 Posts
    267 Views
    jimpJ
    Hover over the red X and it will show a nice new popup window with a lot more detail about the entry. You can use the info from that popup to dig deeper in the rules and maybe see what it was.
  • php errors

    1
    0 Votes
    1 Posts
    58 Views
    No one has replied
  • Sticky connections on 25.07rc

    4
    1 Votes
    4 Posts
    198 Views
    T
    @bigsy Nice! Thank you for the update.
  • 25.07.r.20250709.2036 First Boot WireGuard Service not running

    40
    0 Votes
    40 Posts
    1k Views
    Bob.DigB
    @stephenw10 said in 25.07.r.20250709.2036 First Boot WireGuard Service not running: Are you using failover or loadbalance with those WG gateways? If not you might try disabling the monitoring action on them. Not with them but with others. Disabling the monitoring action only on them didn't make a difference. Edit: Disabling it on all but WAN also made no difference.
  • 0 Votes
    4 Posts
    182 Views
    RobbieTTR
    @Bob-Dig said in The if_pppoe backend does not support all advanced features of the MPD implementation: It isn't. ISP does a reset after 24 hours... I've never had an ISP do that to me and have no idea why an ISP do so as it isn't a recognised implementation of any standard. So yes, a bit odd that your provider does that to you. Glad the Cron countermeasure works but it should not come down to the end user. Your ISP needs a kicking and/or you need a better ISP. ️
  • New Tunable: kern.crypto.iimb.enable_aescbc on fresh install

    14
    0 Votes
    14 Posts
    338 Views
    dennypageD
    I enabled my iimb by hand. Seems to work fine on my 6100. FWIW, the current documentation indicates that the default value of kern.crypto.iimb.enable_aescbc is 1 (enabled), although it has a warning that iimb can be slower than qat for cbc. I don't use cbc, so it doesn't matter in my case. I think the documentation is incorrect or outdated (at least for the 6100), as the code in /etc/inc/config.console.inc explicitly sets kern.crypto.iimb.enable_aescbc to 0. FWIW, there is also an interesting note on the qat/iimb trade-off earlier here. YMMV
  • 1 Votes
    2 Posts
    109 Views
    stephenw10S
    Hmm, I thought we'd fixed that. Let me see... Ah, maybe not: https://redmine.pfsense.org/issues/16207
  • 25.03-BETA won't install in SG-2100 (SG-1100 ok)

    13
    0 Votes
    13 Posts
    947 Views
    R
    @stephenw10 Thanks again. Well it is full of passwords and pre-shared keys and very detailed stuff but I guess we should find the culprit of it somehow. I did find leftovers of lcdproc before, which I cleaned at some point. That means that part of the config I am using was migrated from a modified WatchGuard I have used in the past. Let me have a look tomorrow. It's kind of late now in my timezone. Thanks!
  • Bricked (and recovered) 4200

    6
    0 Votes
    6 Posts
    488 Views
    J
    I would agree. 18 hours in and everything continues to run smoothly. The issue related to image availability I believe is the valid answer and we can close this out as solved. Thanks everyone. -JD
  • DNS resolver exiting when loading pfblocker 25.03.b.20250409.2208

    124
    0 Votes
    124 Posts
    12k Views
    stephenw10S
    Good to hear.
  • 25.07.r.20250709.2036: still issues with limiters

    2
    0 Votes
    2 Posts
    129 Views
    P
    @pst said in 25.07.r.20250709.2036: still issues with limiters: I have yet to test limiters in combination with floating firewall rule for buffer boat mitigation, which was an issue in earlier betas. Still an issue in the RC. UL/DL limiters on LAN work as long as I haven't configured UL/DL limiters for WAN. Once there are WAN limiters no limits on LAN are adhered to (which I think is a regression from the beta where at least one direction worked as configured). Time to shelve those ideas of using limiters I guess.
  • Not seeing package updates except for Nexus?

    2
    0 Votes
    2 Posts
    131 Views
    stephenw10S
    Yes, those are the correct versions in 25.07-RC. The newer pkgs are currently only in head, what will be 25.11. They may be pulled back into 25.07 at some point if necessary though.
  • Gateway monitoring still not OK

    22
    0 Votes
    22 Posts
    631 Views
    dennypageD
    @stephenw10 said in Gateway monitoring still not OK: I would still expect to have seen dpinger try to ping and show loss rather than pending. /etc/inc/gwlb.inc: // dpinger returns '<gwname> 0 0 0' when queried directly after it starts. // while a latency of 0 and a loss of 0 would be perfect, in a real world it doesnt happen. // or does it, anyone? if so we must 'detect' the initialization period differently..
  • [solved - user error] 25.07.r.20250709.2036 UPnP is working

    2
    0 Votes
    2 Posts
    94 Views
    Bob.DigB
    Ok, I had created a block rule to the firewall before and because I actually don't use UPnP, I didn't noticed that this was blocking UPnP now. So everything works like expected, at least with IPv4. *** 15.07.2025 *** [11:27:00] starting Tixati v3.29 [11:27:00] loading settings [11:27:00] loading transfers [11:27:00] loading DHT [11:27:00] loading RSS [11:27:00] loading scheduler [11:27:00] loading throttle [11:27:00] loading channels [11:27:00] loading interface [11:27:01] startup complete [11:27:01] listening on tcp:0.0.0.0:19703 [11:27:01] listening on tcp:[::]:19703 [11:27:01] DHT started [11:27:01] listening on udp:0.0.0.0:19703 [11:27:01] listening on udp:[::]:19703 [11:27:04] NAT-PMP mapped TCP port 19703 on gateway 192.168.1.1 [11:27:04] NAT-PMP mapped UDP port 19703 on gateway 192.168.1.1 Would be nice to have that UPnP Port 5351 as a port-template. [image: 1752572782881-screenshot-2025-07-15-114613.png]
  • Bug 16302

    8
    0 Votes
    8 Posts
    468 Views
    stephenw10S
    Most commonly new sensors appeared because an update had new drivers that exposed them. The chipset PCH sensor was pulled into base for 23.09 (I think!) for example.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.