@Cortexian is the Windows firewall disabled/configured? https://docs.netgate.com/pfsense/en/latest/troubleshooting/nat-port-forwards.html

I did a small modification in my rule group. A small change in the rule description and I reordered the rules so that the rule without iP-options comes before the rule with IP-options set. [image: 1757332567767-ab160041-b646-49cf-bd66-3ded176aa5e1-image.png] [image: 1757332473112-c760c5e7-6843-4ee5-a322-6d8f32d3361c-image.png] Note that there are a couple of addresses: source 0.0.0.0 destination 224.0.0.22 source 192.168.100.2 destination 224.0.0.22 source 192.168.100.1 destination 224.0.0.1 192.168.100.1 = vlan gateway 224.0.0.22 = is used for the IGMPv3 protocol. This protocol is used by hosts to manage its multicast interests 224.0.0.1 = is a well-known multicast address reserved for the all-hosts group, meaning it addresses all devices that have joined the multicast group 192.168.100.2 = address inside my VM-lan assigned to the VM-host. I do not know why it behaves like this, however for this moment (during this test) I leave it as it is.

@sandrinho1976 said in Now Available: pfSense CE 2.8.1-RELEASE: Any news for the Zabbix Proxy 7 package? Is this what you're looking for? [image: 1757294811547-5175ce88-06b3-4abf-bf4d-91c593ccf8e6-image.png]

@Matlock well you have no rule allowing access from your PC to pfSense port 443. I’d ensure the internet can’t access it for sure.

Hello, Same issue here, a "gateway monitoring" rule blocks IPv6 gateway monitoring. Removing the monitor address from the gateway configuration and re-adding it causes the rule to disappear and monitoring works again until next interface reset. The issue began after upgrade to 2.8.0 and is still here in 2.8.1. Best regards, Ed

@BiloxiGeek said in DNSBL and IPv6: Does it just follow the IPv4 address that is listed above that? In my case it would end up being ::10.0.0.86 Yes. In this specific context that's the notation being used. (Full IPv6 web server address, for reference then, would be: http://[0000:0000:0000:0000:0010:0000:0000:0086]) Nota bene: I use 0.0.0.0 which renders the DNSBL webserver useless and inaccessible, but otherwise returns 0.0.0.0 or ::/NOERROR answers to all blocked lookups.

Hi, Please help to forward / report the bugs in ACME 1.0 package. Thanks.

@hescominsoon said in 25.7.1 package issue: 25.07.1-RELEASE on both and yesw i access both in private mode which auto clears when i close the tab. Minor nitpick…Private/incognito tabs all share the same session so cookies/cache would clear when closing the window/all private tabs.

@Gradius said in Feodo Tracker Botnet C2 IP Rules down for almost 48h: Any mirror or alternative ? No - AFAIK ... Edit (08.09.2025): Its UP again!

Well that's not a bug if the gateways used were marked as down. That's the expected behaviour in 2.8.X. If the gateway being marked down is a change since 2.7.2 that could be a separate problem.

@marcg I finally got the PD on the pfSense and I'm working through the reservations I had set to the tunnel so they get an reserved address within the PD. I had wanted to keep the tunnel from he.net but I never could get that working. If the BGW320 ever gets a different prefix I'll have to change any AAAA records at he.net's free DNS services. Won't be too difficult and I could script it through their API if it starts to happen often enough. I've had the same prefix for about a week now. Same IPv4 since I put the SG4200 online. I don't expect any changes but since I'm on the gulf coast it's somewhat likely that I could lose power and/or network for multiple days if a hurricane rolls through town. That could cause a change in the leases.

Updated CE 2.7.2 to 1.86.4_1 Changelog pkg add -f https://pkg.freebsd.org/FreeBSD:14:amd64/latest/All/tailscale-1.86.4_1.pkg Freshports

And 192.168.100.1 is part of the DOCSIS specification. That's because all cable modems run with this IP address.

@SteveITS Thanks very much, i knew i must have missed something. Clean Firewall logs now.

I even tried deleting and creating a new certificate. Any suggestions?

I just updated to pfSense 2.8.1 and my existing build/package of the Realtek 198.00 kernel module still works fine. I installed pfSense in VirtualBox first and checked that the kernel module loads there before updating my router.

Now you can upgrade to 25.07.1.

…and for a couple years, give or take, MaxMind has required the additional field/info to update so the geoIP data probably isn’t updating.

@louis2 Yes several of us are having this issue. A fix seems to be to go to: Status - Gateways - then click the recycle button to restart the Gateway service, it should then switch to online. [image: 1757154148879-40cda19d-00df-4fb7-bfae-7a166768f3ee-image.png]