@mcdiesel said in Colors for interfaces:

New pfSense 2.3 gui style is nice, easy to use, well done.

Colors on interfaces would be useful.

eg Red, Green, Blue.  Colour wouldn't actually do anything, it's just a 'tag'.

Two tones for each colour - the dark color when used for text / primary / icon, and the light shade for background bands.

Abstracting further, colour is just a word, and words are tags, and tags can be represented already with aliases.

So if the existing alias feature can have a color attribute, that colour in it's two tones could be used where the alias is involved.

I think the light background colour would be the most often used - rules lines, log lines, dhcp lease lines would all be subtly banded with the interface colour, which improve understanding, without making the interface any busier by adding elements.

Taking it one step further, if an alias could have an icon attribute, we could have subtle pictures of desktops, printers, switches on the various lists.

Many humans think in colours & pictograms, so I think this would make pfSense more intuitive, and faster to use, while maintaining it's great look and feel.

Appologies if this suggestion is duplicated elsewhere, or belongs in another part of forum/tracker/suggestion box.

Good time of the day. I can't help but agree that colors on interfaces would be helpful. Only Vod would suggest using not red, green and blue (it's just banal), but pastel colors - Pink, Rose Gold, Plum from the palette https://create.vista.com/colors/color-names/rose-quartz/. As for me, this is a good idea :)

@lindhe
When I last studied this stuff I hadn't even heard of Google. I vaguely remember the teaching was based on Smalltalk, UML, Gestault & Xerox. So I am very out of date. Something I did take away from it was that the guidelines were ideals.

I agree. Avoiding checkboxes being checked by default favours a human scannable configuration. You are fixed on the motif of checkbox as light switch. That's OK. They all seem good points.

If I understand correctly, your goals are (using preferred terms):
Checkboxes 'clear' by default.
The 'selected' state should always represent the turned on or enabled aspect of the feature under consideration.

These are mutually exclusive when the default state is 'on'.

Very good point re the digital vs paper equivalent. I'm a legacy human so probably culpable of wrong think and if I think too hard about it my brain hurts ;-)

Has someone came up with a solution of this severe problem?

@mystique_ one can also restore parts of a configuration, if you’re duplicating.

@gertjan this worked perfectly, thanks

@granroth Without looking at any of the pfSense code, the PHP variable $_REQUEST "contains the contents of $_GET, $_POST and $_COOKIE": https://www.php.net/manual/en/reserved.variables.request.php

I believe the default order is EGPCS (Environment, Get, Post, Cookie, and Server) so a cookie would override the URL variable. If the code uses the more generic $_REQUEST.

Upgraded earlier to Beta release 22.05.b.20220531.0600 and now to RC release 22.05.r.20220604.1403.
Problem still persists on both versions.

EDIT:
Seems that the problem appears if you have 2 (or more) System Information widgets with different contents on the Dashboard.

EDIT 2:
Looks like it's specifically caused by the "CPU Type", "Uptime" and "Current Date/Time" fields, as log as all of them are visible in all System Information widgets, everything is ok. If one or all of those fields are hidden in one of the System Information widget, then they start to act up.

So, after a few days I (in desperation!) reached out to the great people at Protectli who sold me the router hardware in the first place. Their support was awesome. Thanks protectli!

Someone there set up a working example and then exported the xml description (diagnostics > backup & restore) so that I had something to compare against, line-by-line. After an hour or so combing through mine and theirs, I discovered I had wrongly configured a static route early in my experimenting with pfsense, which was disrupting access on the WAN interface to the gui. Once removed (and after a reboot) access via WAN was restored. "Problem" resolved.

Many thanks @Bob-Dig and @johnpoz for helping me through the initial stages patiently; much appreciated.

@jimp I am so grateful for your response and now I know where to dig :D

https://docs.netgate.com/pfsense/en/latest/hardware/tune.html#flow-control
I see that by default, flow control is enabled?

I went into my ubiquiti switch, flow control was off.

While everything was running, I went ahead and enabled it on the switch. so now they are talking the same language.

If something on my LAN acts funny, ill look at shutting it off on both sides

Thank you for taking the time to direct me, very much appreciated

@larrym04 To avoid all of this, IMO the best (and most secure) option is to download the Acme package and get yourself a free LetsEncrypt cert so you can have that tasty green padlock. It's not too difficult, and you won't need to keep hitting that Advanced button.

@gianpaoloracca UPDATE:
you can scroll dragging the column header.
So it's clunky but it works.

I know this topic is old but I experienced the same behavior...

Like you I'm also forced to use double nat as my primary WAN come from an openMPTCProuter which aggregates my WANs in front of pfSense and I also have failover to the same WANs (but in load balancing) in case of MPTCP failure so I'm also dependent on the checkIP service to update my DNS when the MPTCP gateway is the active one.

I update 4 DDNS with the same IP for this gateway and the 4 cached IPs continuously turn Red for some second, sometimes one at a time, sometimes 2 of them at the same time.

After found your post I changed the checkIP service from the default "http://checkip.dyndns.org" to the other one "https://ipinfo.io/ip" and the problem is gone.

So it's definitely a dyndns service problem, maybe that the frequency of the requests from the same IP to update 4 DNS causes the dyndns service to refuse to respond to each one.

Thanks for sharing your solution.

@bingo600 still not working. I even forwarded port 80 and 443 on OPT1 interface but still not working

Same issue here. WAN is on em1 - no other VLANs on that interface. The dashboard traffic widget:

Screen Shot 2022-05-09 at 11.51.21.png

Screen Shot 2022-05-09 at 11.51.26.png

Half the actual throughput. Settings same as yours.

The Traffic Graph graph shows this (/status_graph.php):

Screen Shot 2022-05-09 at 11.51.44.png

which is correct (I have a symmetrical line - upload was 897Mbps during this test)

@rcoleman-netgate Thanks for your quick response!
Indeed it works now! Thanks!

@jimp Thanks. I will dig deeper into Brave.

@nogbadthebad thanks for your reply. (I work with @emasi on the project.) We are aware that the scenario is not ideal and we have already taken the necessary precautions (change management) so we don't trigger the issue anymore.
The fact remains that this issue is easily triggered. We have tested many scenarios. The conflict handling when creating rules alone is pretty neat really. But as soon as we add separators to the scenarios not only the new changes are conflicting - but the actions delete existing firewall rules. And that's dangerous, worth to mention and worth to fix. (At least we think it is.)
So we are following the pfSense bug report guide and are documenting our observations here to discuss first. Maybe you folks can confirm this is an issue so we can report it to pfSense Redmine. (We have never done that, so sorry if our procedure seems a bit wonky:)

@worlddrknss Sounds like you can reproduce it so I suggest opening a report at http://redmine.pfsense.org/

Has no one successfully done this yet?

I'd like to tag the thread as [SOLVED], but I can't edit my initial post any more.

What should I do?

Same problem here. We have about 100 users deployed across 10 openVPN server instances on our core pfsense VM using tap/bridge mode. There are a number of reasons we prefer this arrangement over a routed tunnel when VPNing into a cooperate windows domain network.

I'm tempted to roll back to 2.5.2 because we can't see connected users on either the openVPN status page or the dashboard widget. Are there any plans to make these interfaces display connected users again with a future update (soon?)

@xanaro said in Full screen theme for 2.3:

full width really improves a lot of the pages as well, traffic graph, squid real time, etc...

Thats correct!

Ah .. System_Patches
Thanks a lot !

@johnpoz said in Rearranging interface order?:

Or you could change the names on them so the alphabetical ordering is how you want them to be ;)

I set the sorting to alphabetical and prefixed all of my interface names with numbers. Much easier than trying to use the actually alphabetical names.

I run everything in VM's so I got to a point where I ran a clone on the sister VM and got it working.

I have absolutely no clue to why the dropdown was empty....

the .conf file was as it should be and everything was running as it should and it was showing packages as it should.

Only thing was the system -> update.

To update this post, I apparently posted it again later on and received a answer found in this thread...
https://forum.netgate.com/topic/169870/dnsbl-reputation-404-error-solved/4?_=1647182583544

@shupiluliuma said in WebGUI no longer works; login page never displayed:

The mask on the interface was set to /32 instead of /24. I either missed the setting or messed up the selection and didn't notice.

nothing serious has happened, you just ran over it, it happens, by default the GUI offers /32 and if you don't watch it well, this could be the problem.... :)

Yep i did it. thanks.

But another question. I gave the Modem IP to the Wan ip of Netgate without brigde mode. There is no Internet connection.

I dont understand the problem.

@jackyaz login via ssh and run radsniff -x you may see something there.

I could work around by having the fw's hostname in my local hosts-file and access that instead of localhost.

@gertjan how to deploy this in pfsense

map $status $loggable { ~^[23] 0; default 1; } access_log /path/to/access.log combined if=$loggable;

There is a bug when fetching patches, I'll have a fix in shortly. In the meantime, visit the URL for that patch and copy/paste the text into the patch entry manually rather than using the URL.