@jimp:

We're primarily focused on 2.4 at the moment, with some effort going into 2.3.3 as needed to keep things polished up. The real driving factors for point releases are new hardware product requirements, severe bugs, security vulnerabilities, or when we reach a point where we feel like it's necessary.

The release of 2.4 will trail the FreeBSD 11 release but not by far, otherwise we don't have any estimates that I'm aware of for other versions. Support for 2.3.x will be continuing after 2.4 since 2.4 is dropping i386, so i386 boxes can stay on 2.3.x for a while until they're eventually phased out.

Assuming next pfSense release is around the corner. https://www.freebsd.org/releases/11.0R/announce.html YAY!

The status is: It's in development, and has snapshots going, and it'll be released when it's ready or when it's necessary.

There is no ETA as we do not know when such a release will be needed. The next time a security issue pops up we may go forward with 2.3.3 or 2.3.2_2 depending on what it takes to address.

If there is something in 2.3.3 you want, run a snapshot. They're quite stable (usually). Usual caveats apply about lab testing first.

2.4 is our focus for the time being.

5.5.1 is there now on the latest 2.3.3 snapshots.

Make sure you execute that batch every 1h14 min. Usually the DHCPv6 address gets deprecated every 1h15 min.

Just a status update.

If you're using a Nokia IP390, like I am.. I would highly suggest disabling the ubsec driver by putting this line into your /boot/loader.conf.local file:

hint.ubsec.0.disabled=1

After I did that, it has been quite stable and has not locked up for over a month.

As I no longer use an MLPPP connection I can't be of much help other to say that I was using 2.3 snapshots early on without issue.

Confirmed working again on:

2.3.3-DEVELOPMENT (amd64) built on Sun Nov 13 21:49:19 CST 2016 FreeBSD 10.3-RELEASE-p12

Confirmed. Todays snapshot cleared up the problem.

@Ramosel:

Is it possible to change the bar graph colors on the "UPS Status" widget.  Something similar to how the "Thermal Sensors" is handled would be great.  Don't necessarily need green but just something other than red like the title bar.

That'd need to be done in the NUT/APCupsd packages, not in the pfSense themes.

@Limbi:

Hi,

The temperature reported in the dashboard is way lower of what it should be. When it was actively cooled the cpu temp was lower than ambient temperature, it is impossible. Please fix that or show me a workaround.

Go to    System>Advanced>Miscellaneous and check you have AMD selected under the Cryptographic & Thermal Hardware header on the Thermal Sensor drop down.

Ummm a reboot fixed it.
What happened?

On the bottom of "System / General Setup" page, there is a flag to enable "Login hostname" (it is disabled by default).

option.jpg
option.jpg_thumb

@jimp:

Fair point, but it does go both ways. A gentle reminder that it needs cherry picking would likely lead to it being pulled in a majority of the time.

It may be a two way street, but the traffic is going in only one direction.

IMHO this type of thing could be improved even more, to avoid the race condition between the file_exists() test and the unlink() by enhancing the unlink_if_exists() function so that it returns a true/false status to indicate if the file existed and was unlinked OK.

Pull request: https://github.com/pfsense/pfsense/pull/3186

Discussion welcome!

Such a thing could be used in other places that currently have a similar sequence of test-if-exists-then-unlink.

Are you are thinking of the higher level pfSense packages, such as pfBlockerNG, nut, ntopng, etc., which are what you would find in the menu system? I'm referring to the 150+ lower level FreeBSD packages that pfSense is built upon.

@jimp:

I pushed a fix

Thank you and thumbs up for next snapshot and also g8 work.

Also if anyone need right now temporary workaround, just add in "Advanced Configuration" this line:

cipher AES-256-CBC;

supported ciphers you always can find with:

openvpn --show-ciphers