25.03 New Features and Changes

This is a regularly scheduled software release including new features and bug fixes.

General

pfSense Plus

Changes in this version of pfSense Plus software.

Aliases / Tables

  • Added: System Aliases for various reserved networks #15776

  • Changed: Exclude the WireGuard and Tailscale interface group system aliases from rules #15848

Auto Configuration Backup

  • Fixed: Long configuration revision reasons can cause AutoConfigBackup upload to fail #12249

  • Fixed: AutoConfigBackup scheduled backups always upload even when the configuration has not changed #16010

  • Fixed: AutoConfigBackup remote revision timestamps may not be unique due to batch uploads #16011

  • Fixed: “Reset” button on AutoConfigBackup Restore tab does not submit the form #16012

  • Changed: AutoConfigBackup code cleanup and GUI refresh #16013

  • Added: Download function for AutoConfigBackup entries #16014

  • Added: Method to change the AutoConfigBackup device key #16015

Captive Portal

  • Fixed: PHP error in Captive Portal with undefined zone interface list #15907

  • Fixed: Captive Portal does not function with MAC filtering disabled #15926

Certificates

  • Added: Certificate Authorities created in the GUI do not have the Basic Constraints extension marked critical #15818

  • Changed: Additional error handling for invalid certificate configuration #15975

Configuration Backend

  • Fixed: PHP error on save with very long configuration change descriptions #15911

DHCP (IPv4)

  • Fixed: Kea fails to start if DHCP pool configuration contains default lease time or max lease time #15332

  • Added: Kea Static ARP Support (IPv4 only) #15654

  • Fixed: Static lease DNS records are incorrectly removed when backing lease expires #16022

DNS Forwarder

  • Fixed: Unable to change DNS Forwarder domain overrides #15890

DNS Resolver

  • Fixed: DNS Resolver option for Query Name Minimization cannot be disabled #15925

Dashboard

  • Fixed: Clicking the picture widget image downloads the image with an invalid filename instead of showing it inline #15767

  • Changed: Improve the system load impact from Dashboard widgets #15969

Diagnostics

  • Fixed: PHP error from invalid IPv6 address on diagnostics_ping.php #16005

Dynamic DNS

  • Added: Improve Dynamic DNS client IPv6 support #11177

  • Added: Per-instance options to control Dynamic DNS client Check IP Service behavior #14067

  • Fixed: Dynamic DNS uses the default gateway interface instead of the specified interface #14605

  • Fixed: RFC 2136 Dynamic DNS cannot update AAAA records over IPv6 #16028

IPsec

  • Fixed: Input validation for duplicate remote gateways does not work when using the duplicate P1 button #15598

IPv6 Router Advertisements (radvd/rtsold)

  • Fixed: Incorrect warning from radvd about AdvRDNSSLifetime value #12938

  • Added: PREF64 support in Router Advertisements #15808

  • Fixed: Routing Advertisements daemon fails to start when configured with more than 3 RDNSS entries in a prefix #15876

L2TP

  • Fixed: L2TP server settings are not saved correctly #15882

Logging

  • Fixed: PHP error when saving System Log settings #15988

Multi-Instance Management

  • Fixed: Renaming an alias in MIM does not update firewall and NAT rules with the new alias name #15989

OpenVPN

  • Fixed: Configuration upgrade from before revision 19.1 removes OpenVPN settings #15895

Operating System

  • Fixed: Azure: User credentials entered during new VM deployments are not applied to the system #15871

  • Fixed: Values obtained from sysctl are sometimes unexpectedly empty, leading to PHP and other math errors #14648

  • Fixed: Errors on the console when starting/stopping services #15912

PHP Interpreter

  • Fixed: Cookie named id prevents some forms from being loaded or saved properly #11268

Rules / NAT

  • Fixed: Incorrect rule may be opened for editing after rule order has changed #15935

  • Fixed: Tracking information for firewall rules is not shown when editing the rule #15936

  • Fixed: Warning message in logs when changing firewall rules after setting Require Firewall Interface #15961

Traffic Shaper (ALTQ)

  • Fixed: Error when viewing ALTQ Traffic Shaper queue status #15885

Traffic Shaper (Limiters)

  • Fixed: Input validation error when applying limiter changes #13158

  • Fixed: Setting a limiter queue length greater than 100 prevents the limiter from loading #13662

  • Fixed: Cannot add limiters named new #13687

  • Fixed: PHP error when a queue is added with the same name as a limiter #15914

UPnP IGD & PCP

  • Changed: Update UPnP IGD & PCP GUI text #15864

  • Changed: Make the UPnP IGD & PCP STUN port optional #15865

Upgrade

  • Fixed: Upgrade available LED not set before branch is selected. #15880

  • Changed: Link to release information on the system update page #15953

User Manager / Privileges

  • Fixed: Users with Deny Config Write privilege can trigger some VLAN interface operations #15282

  • Fixed: Users with Deny Config Write privilege can trigger some QinQ interface operations #15318

  • Fixed: PHP error when a user is denied access to the dashboard #15873

  • Fixed: Users with Deny Config Write privilege can trigger logging operations #15874

  • Fixed: Users with Deny Config Write privilege can change their own password #15908

Web Interface

  • Added: Custom message text for the login screen #9293

  • Changed: Update nginx HTTP2 syntax #15863

  • Fixed: Incorrect color in button text within disabled rows #15977