pfSense Plus¶
Changes in this version of pfSense Plus software.
Aliases / Tables¶
Authentication¶
Added: Option to enable/disable console bell, enabled by default #14002
Auto Configuration Backup¶
Fixed: PHP error if the configuration has an empty Auto Configuration Backup section #14076
Captive Portal¶
Fixed: PHP error in Captive Portal if
usedmacs
list is empty #14172
Certificates¶
Fixed: PHP errors when configuration lacks any certificates #14004
Fixed: PHP error when exporting a CRL for an old CA #14022
Fixed: Some blank SAN fields are not ignored when creating a certificate #14124
Added: Ability to edit Certificate Revocation List properties #14185
Changed: Add note to inform the user that the “Next Certificate Serial” value is ignored when the “Randomize Serial” option is enabled #14188
Cryptographic Modules¶
Added: Support for cryptographic acceleration using the Multi-Buffer Crypto for IPsec Library (IPsec-MB, IIMB) #14291
DHCP (IPv4)¶
Fixed: DHCP Server generates an invalid configuration for static mappings when defining network booting and UEFI HTTPBoot URL #13573
Fixed: Automatic DHCP failover firewall rules are not present in the ruleset when failover is active #13965
Fixed: Multiple PHP errors in the DHCP Server when the configuration contains an empty section for an interface #13983
Fixed: DHCP Server page does not properly select a default interface tab if neither WAN nor LAN are capable of being DHCP servers #14115
DHCP (IPv6)¶
Fixed: Typo in
filter.inc
variable for DHCPv6 VLAN priority tag value #14010
DNS Forwarder¶
Fixed: DNS Forwarder (
dnsmasq
) is using an invalid combination of options when “Query DNS servers sequentially” is enabled #13655
DNS Resolver¶
Fixed: DNS Resolver does not generate automatic ACLs for IPv6 when Network Interfaces is set to “All” #13851
Dashboard¶
Fixed: System Information Dashboard widget stops showing CPU details on aarch64 #14204
Fixed: Changing the default IPsec widget tab removes all widgets #14053
Fixed: Uptime displays plural seconds for multiple minutes in the System Information Dashboard widget #14176
Added: Support for Intel PCH temperature values in thermal sensors #14255
Fixed: PHP error in RSS widget after saving settings #14365
Diagnostics¶
Dynamic DNS¶
Changed: Improve DynDNS help text readability #14186
FreeBSD¶
Gateways¶
Hardware / Drivers¶
Fixed: Switch ports on 7100/1100/2100 do not have Auto MDI-X support enabled #13993
Fixed: Undersized CESA TDMA descriptor pools can be exhausted, leading to errors #14235
Fixed: Status LEDs on the Netgate 1100 do not function properly #14292
Fixed: 2100/1100 PCIe bus devices are not recognized #14334
Fixed: Intel e1000 driver (
em
,igb
) cannot pass packets tagged with VLAN0
#12821Fixed: Malicious Driver Detection event on
ixl(4)
driver #13003
IGMP Proxy¶
Fixed: IGMP Proxy multicast group membership query packets have an invalid checksum #13929
IPsec¶
Fixed: Deadlock in Charon VICI interface #13014
Fixed: PHP error from upgraded IPsec tunnel containing only deprecated ciphers #14009
Fixed: IPsec Phase 2 rekey failures with some PFS key groups #14217
Fixed: PHP Error performing IPv6
ip_in_subnet()
when passing a host addresses within prefix #14256
IPv6 Router Advertisements (radvd/rtsold)¶
Fixed: No working IPv6 gateway if upstream RA does not contain M or O flags because rtsold does not execute script #14072
Interfaces¶
Added: Priority Code Point (PCP) option on interface configuration #13511
Fixed: SNMP logs “Device not configured” error message when queries involve built-in switch port interfaces #13976
Fixed: PHP Error on
status_interfaces.php
with empty switch VLAN group configuration and assigned VLAN interfaces #13981Added: Promiscuous Mode option on interface configuration #14295
Changed: Start
rtsold
immediately afterdhcp6c
sends a request #13492Fixed: DHCP client can fail permanently if an interface is down at boot #13671
Changed: Trim blank characters from static IP address fields on the Interface configuration page #13959
Fixed: PHP error in
gwlb.inc
when OpenVPN or IPsec instances referred to by assigned interface entries are missing #13973Fixed: PHP error when attempting to create a GIF interface on ARM #14035
Fixed: Bridge interface is not properly validated when submitted on
interfaces_bridge_edit.php
#14052Fixed: IPv6 interface configuration race condition can lead to kernel panic #14164
Logging¶
NTPD¶
Notifications¶
Fixed: Identical SMTP notifications repeat in an infinite loop under certain conditions #14031
OpenVPN¶
Operating System¶
Fixed: Early boot hangs on Hyper-V with Gen2 VMs #13895
Fixed: OpenVPN and GIF interface create/destroy operations fail due to outdated
linker.hints
#13963Changed: Update memory graphs to account for changes in memory reporting #14011
Fixed: FreeBSD default
cron
jobs are enabled when they should be disabled #14016Fixed: Kernel panic from incoming IPv6 connections #14077
Fixed: Kernel panic when PF passes a large/fragmented ICMP6 packet #14092
PHP Interpreter¶
PPP Interfaces¶
Package System¶
Rules / NAT¶
Added: Support for Ethernet (L2) filtering rules #14308
Fixed: PHP Error loading Floating rule tab with OpenVPN group rules when there are no OpenVPN instances in the configuration #13953
Fixed: Custom default state timeouts are not respected in the ruleset #13992
Fixed: PHP Error enabling ICMP6 using EasyRule #14037
Fixed: The “Kill States” button does not work consistently #14091
Changed: Match upstream changes in PF syntax to disable fragment disassembly #14098
Fixed: PHP error when saving an ICMP firewall rule with no subtypes selected #14267
Fixed: Associated firewall rule for NAT port forward does not inherit
nosync
property, gets synchronized #14335Fixed: PHP error from empty separator #14338
Services¶
Fixed: Services Status page and Dashboard widget do not list the
radvd
service with certain static IPv6 configurations #14136
Setup Wizard¶
Changed: Update firewall host and domain fields in the Setup Wizard to match the description and warning text from
system.php
#14250
System Logs¶
Traffic Graphs¶
Fixed: PHP Error when viewing Traffic Graphs in
iftop
mode #14236
Traffic Shaper (Limiters)¶
Fixed: Traffic shaped by limiters is dropped when routed to a GIF gateway #14055
Traffic Shaper Wizards¶
Fixed: PHP errors when re-running Traffic Shaper Wizards with different settings #13915
Upgrade¶
User Manager / Privileges¶
Fixed: “All” user group overwritten after assigning an existing user to a group #14363
Virtual IP Addresses¶
Fixed: Firewall rules are not reloaded when removing a VIP, outdated rules/entries remain active #13908
Web Interface¶
XMLRPC¶
Fixed: PHP errors in
xmlrpc.php
during configuration synchronization if the target host has an empty XML tag for a given section #14034Fixed: PHP error when XMLRPC client attempts to synchronize without any synchronization settings in the configuration #14182
Fixed: Filter/NAT rules configured with “No XMLRPC Sync” enabled are still synchronized #14316