pfSense Gold Subscription

Author Topic: 2.2.4-RELEASE Coming Soon  (Read 6683 times)

0 Members and 1 Guest are viewing this topic.

Offline Mr. Jingles

  • Hero Member
  • *****
  • Posts: 1136
  • Karma: +92/-724
    • View Profile
    • The FreeBSD Foundation
Re: 2.2.4-RELEASE Coming Soon
« Reply #15 on: July 25, 2015, 11:50:27 am »
If I could politely ask: is the firewall rules log mess, that has existed ever since 2.0, finally fixed?

As in descriptions don't match the actual rules, and the non descriptions, only (@540645064) kind of descriptions, making the FW log utterly useless?
« Last Edit: July 25, 2015, 12:05:40 pm by Mr. Jingles »

Offline stephenw10

  • Administrator
  • Hero Member
  • *****
  • Posts: 11914
  • Karma: +468/-15
    • View Profile
Re: 2.2.4-RELEASE Coming Soon
« Reply #16 on: July 25, 2015, 02:34:28 pm »
Hmm, a number of log issues were fixed for 2.2.3:
https://doc.pfsense.org/index.php/2.2.3_New_Features_and_Changes#Rules.2FAliases.2FNAT
I know you're running an earlier version. That may have already been addressed.

Steve

Offline Harvy66

  • Hero Member
  • *****
  • Posts: 2216
  • Karma: +204/-12
    • View Profile
Re: 2.2.4-RELEASE Coming Soon
« Reply #17 on: July 25, 2015, 04:26:22 pm »
Do we know if it includes the very recent last fin fix?

https://www.freebsd.org/security/advisories/FreeBSD-SA-15:13.tcp.asc

Offline cmb

  • Hero Member
  • *****
  • Posts: 11230
  • Karma: +893/-7
    • View Profile
    • Chris Buechler
Re: 2.2.4-RELEASE Coming Soon
« Reply #18 on: July 25, 2015, 04:35:09 pm »
Do we know if it includes the very recent last fin fix?

https://www.freebsd.org/security/advisories/FreeBSD-SA-15:13.tcp.asc

Yes. It's generally not applicable for our use cases though. https://doc.pfsense.org/index.php?title=2.2.4_New_Features_and_Changes

If I could politely ask: is the firewall rules log mess, that has existed ever since 2.0, finally fixed?

As in descriptions don't match the actual rules, and the non descriptions, only (@540645064) kind of descriptions, making the FW log utterly useless?

That general issue has been fixed with static tracking IDs in all 2.2.x versions. Every pre-2.2x version (not since 2.0, every release ever) used pf's rule numbers, which may change every time you make a ruleset change.

Offline cmb

  • Hero Member
  • *****
  • Posts: 11230
  • Karma: +893/-7
    • View Profile
    • Chris Buechler
Re: 2.2.4-RELEASE Coming Soon
« Reply #19 on: July 26, 2015, 12:57:57 am »
Now coming tomorrow. Noticed fixing a mobile IPsec rightid problem made it impossible to configure many EAP situations. That's fixed.
https://github.com/pfsense/pfsense/commit/9a2bec12621c8feaaddd781a89915267659496d2
https://github.com/pfsense/pfsense/commit/5e11c6a176d70f1caa987e64a01a8f996b18aad7

and documentation updated to reflect the correct config.
https://doc.pfsense.org/index.php/IKEv2_with_EAP-MSCHAPv2

Release rebuilt, going through test matrix again now. This one should come out after I get up on Sunday.

Those who want to test the latest, gitsync RELENG_2_2 off the most recent snapshot and you'll have the same as we're testing for final release.

Offline ecfx

  • Full Member
  • ***
  • Posts: 221
  • Karma: +28/-11
    • View Profile
Re: 2.2.4-RELEASE Coming Soon
« Reply #20 on: July 26, 2015, 04:13:08 am »
Limiter - NAT reflection problems are fixed in this release ?

Offline stephenw10

  • Administrator
  • Hero Member
  • *****
  • Posts: 11914
  • Karma: +468/-15
    • View Profile
Re: 2.2.4-RELEASE Coming Soon
« Reply #21 on: July 31, 2015, 07:49:28 am »
Are referring to this? https://redmine.pfsense.org/issues/4326

Steve

Offline ecfx

  • Full Member
  • ***
  • Posts: 221
  • Karma: +28/-11
    • View Profile
Re: 2.2.4-RELEASE Coming Soon
« Reply #22 on: July 31, 2015, 07:54:51 am »
yes ... it's work in progress.
Thx

Offline Supermule

  • Hero Member
  • *****
  • Posts: 2530
  • Karma: +77/-102
    • View Profile
Re: 2.2.4-RELEASE Coming Soon
« Reply #23 on: July 31, 2015, 07:57:57 am »
Wondering if its the same meachanism that stops rounting when SYN/ACK flooded?
Kind regards Brian


Offline jwt

  • Administrator
  • Sr. Member
  • *****
  • Posts: 344
  • Karma: +101/-31
    • View Profile
Re: 2.2.4-RELEASE Coming Soon
« Reply #24 on: August 02, 2015, 04:42:56 pm »
Wondering if its the same meachanism that stops rounting when SYN/ACK flooded?

Brian, are you going to stop, or not?