Nice. Thanks for testing! 👍

@stephenw10 Aye that's right

Hi guys,
I create simple shell script reports for AbuseIPDB from filter.log file. Maybe it will be helpful to someone.
It was tested over a one-week period and works as expected.
Here is the link: ttps://github.com/whoami-0x44/abuseipdb-reporting-pfsense

Yes you can choose 2.8.0-beta from the installer menu.

Edit: Now 2.8.0-RC

Nope, none of those are a big concern. Some of that could be cleaned up but they are just ugly.

@w0w

Seems so or possibly an interaction with if_pppoe and something else within the new beta.

Regressing to 24.11 again and symptoms vanish. Reverting to the old backend on the beta seems fine too (albeit with the old pppoe issues).

I had to work back again and re-test as I had the test diff patch applied with the revised beta, which drew some doubts on my results for a while. Fat-fingering in a config error when testing is something I try to avoid but you have to admit your mistakes.

I'm waiting for the next beta drop really, to see if the changes also impact the issues I see. Opening up all the cores may just be peeling back something that was already latent and just masked by the old backend process.

I did do a couple of tests that suggests the upload fq_codel settings may need adjusting against a different workload for if_pppoe; but too early to be sure.

I'm also being nudged to try Kea again, as apparently it has matured a bit since its launch.

☕️

Hmm, it does seem kinda shady!

There's no FreeBSD port as far as I can see, though there is one for v2ray which this was forked from.

You are asking about adding it as a client to connect to the xrayvpn service only?

I'm not really seeing any advantages over existing VPN options TBH.

@matthijs

I had an issue with a static arp entry, but it was a wrong configuration on my side (an old wrong static arp entry/Mac address) The IP adres with this static ARP entry was in use by another host (with another MAC address) an that was an issue. I did not experience this in 2.7.2 So in fact 2.8.0 is behaving correctly

@jimp oh cool, it never even occurred to me that ppl would carry around a universal cert

@patient0 Worked! thanks!

The rule order in the configuration file is supposed to reflect both the rule processing and rule position (i.e. what's shown in the GUI) order. Ultimately, the processing itself is determined by what gets put into /tmp/rules.debug. As for the rule position in the GUI, there are multiple factors involved. With the latest fixes (referenced in the thread linked above), what does happen should finally match what is supposed to happen.

@techpro2004 FFS.

@antoine2711 said in Can’t compile a port software. Error: Unable to determine OS version. Either define OSVERSION, install /usr/include/sys/param.h or define SRC_BASE:

Hi @bmeeks, I was able to retreive the pkg in the cache folder of my FreeBSD (/var/cache/pkg).

Thanks for your help again. I’m ok for now.

Best Regards, Antoine

The risk with installing packages from the stock FreeBSD repo (or any other repo except the official pfSense repo for your version) is that the versions of various shared library dependencies may differ from what is currently used by pfSense. The pkg utility will automatically attempt to download and install any shared library dependencies needed by the package you are installing. So long as those are the same ABI and shared library versions as what already exists on the pfSense installation, you are fine. It's when they differ that your pfSense installation can get broken - and sometimes irretrievably broken.

@stephenw10 I don't think kernel debug symbols are really going to be of much use to me. And Xdebug is a php debugger, but I need debug symbols for php83-pecl-radius (and php-fpm I suppose).

@LamaZ This looks to have been going on for many years glad it made it. Secure Time!! Quizzes, Tests, Exams, etc all are now a bit more secure.

@guiambros said in pfSense compile requirements for 3rd party software:

Using the default devel branch I can finish the poudriere jail, but can't compile packages due to missing pfSense-pkg-zabbix-[agent4|proxy4] pre-reqs. If I use the RELENG_2_7_2 branch, jail creation fails with make[4]: don't know how to make aes-586.S. Stop.

For anyone having this issue, you just need fork the FreeBSD-src then merge this pull request into your branch.

@encrypt1d: it seems Netgate made it (intentionally?) impossible to compile or do anything with CE.

I do not believe this is an intentional sabotage. The commits that led to this issue can be found here and here.

I don't really understand why these commits were made, but I suspect it was because netgate wanted to upgrade OpenSSL to version 3.0.9 on pSense 2.7.2. This version was not yet integrated into FreeBSD 14, hence the custom commits.

As for "netgate made it harder to build pfSense"..yes, possibly, but it's not impossible. See this repo.

Also: WITHOUT_LIB32=y is absolutely not needed to my knowledge. I don't know why people keep referencing it.