2.4.3-p1 New Features and Changes

New features and changes for this release of pfSense® software:

Security / Errata


  • Added a check to avoid creating route-to rules for proxy ARP addresses

  • Corrected alias name input validation text referring to well-known and registered ports #8409

  • Corrected the list of pf reserved keywords to prevent aliases from using invalid custom names #8445

  • Fixed an issue with Captive Portal access rules being left behind on disconnect #8441

  • Fixed an issue with pressing Enter in the filter field of diag_pftop.php #8494

  • Fixed an issue with invalid rules generated due to the presence of IPv6 Alias VIPs #8408

  • Fixed an issue with IPsec mobile Pre-Shared Keys and iOS devices #8426

  • Fixed an issue with selecting a gateway when switching a firewall rule away from IPv4+IPv6 mode #8447

  • Fixed firewall rules generated by the OpenVPN wizard #8391

  • Fixed handling of OpenVPN RADIUS attribute firewall rules #8480

  • Fixed handling of XMLRPC user/group synchronization when that section is disabled on the primary #8450

  • Fixed input validation to allow named services to be used in firewall rules rather than numbers alone #8410

  • Fixed issues with IP alias VIPs on Localhost at boot time #8393

  • Increased the default Firewall Maximum Table Entries value to 400000 to cope with the increased size of the IPv6 bogon address lists #8417

  • Updated SimplePie RSS to 1.5.1 #8423

  • Added more fields to the list that status.php uses to redact private information #8394