Re: [pfSense Support] Multiplan WAN IPs on same interface via DHCP

On 10/23/05, Thomas <[EMAIL PROTECTED]> wrote: > Took me a while to test this, especially since I had to recover from 0.89, > which stopped my box from booting (complaining about a parse error in > dyndns.class). > > Not quite there yet, so here's brain food for the gurus (as I've pointed out > bef

Re: [pfSense Support] 0.89.2

On 10/23/05, Kevin Wolf <[EMAIL PROTECTED]> wrote: > And, outbound NAT rules still don't seem to be working. I set the rule > up with the same settings I had in 0.86.4, moved the rule above the > default rule, applied, made a normal port forwarding rule / firewall > entry and applied, and the traf

Re: [pfSense Support] Intermittent Carp Failover on 1 of 3 interfaces

Do you have 'preemption' enabled on both boxes in the cluster? This is the trigger for CARP to take down all CARP interfaces if any one goes down (for whatever reason - I see this at work on OpenBSD from time to time). --Bill On 10/23/05, Britton Kerr <[EMAIL PROTECTED]> wrote: > Since .88 I'll

Re: [pfSense Support] 0.89.2

On 10/23/05, Kevin Wolf <[EMAIL PROTECTED]> wrote: > You can tell the port that I'm getting all the traffic on is not 7700. > This means that the port that I'm sending on through the WAN is not 7700 > like it should be according to the rule I made. I even doublechecked > that my IP was typed corre

Re: [pfSense Support] nat & firewall logs

On 10/23/05, jonathan gonzalez <[EMAIL PROTECTED]> wrote: > Hi, > > this post is more likely to be a request than a support post. > > I think that the firewall logs should be complemented with nat logs and > a very imporant column (on both logs) in order to review a lot of logs: > rule number. > >

Re: [pfSense Support] nat & firewall logs

On 10/23/05, jonathan gonzalez <[EMAIL PROTECTED]> wrote: > Bill, > > your options are quite valid, but anyway, exporting to netflow, a rule > number in the log line will help so much. The rule numbers are in the log line I thought? At any rate, since we add numerous rules depending on features a

Re: [pfSense Support] Diagnostics: DHCP leases v0.88

On 10/24/05, Frimmel, Ivan (ISS South Africa) <[EMAIL PROTECTED]> wrote: > From what I can recall from IP 101 I did years ago .. Pinging a host > will still resolve an IP to MAC (ARP), the host may not echo the ICMP > back.. But you should still get an ARP table entry on the requestor.. Am > I wron

Re: [pfSense Support] pfsense 0.88

Anyone that's set this up care to comment? I'm starting to talk about things I've never done, not a good idea :) --Bill On 10/24/05, Peter Zaitsev <[EMAIL PROTECTED]> wrote: > On Sun, 2005-10-23 at 09:23 -0500, Bill Marquette wrote: > > O > > > > >

Re: [pfSense Support] Diagnostics: DHCP leases v0.88

Doesn't fix Imre's original problem :) I haven't had a chance to look into this yet though. --Bill On 10/24/05, Frimmel, Ivan (ISS South Africa) <[EMAIL PROTECTED]> wrote: > Agreed topic dropped. The passive approach seems safer. > > -Original Message- > From: Chris Buechler [mailto:[EMA

Re: [pfSense Support] 0.89.2

On 10/24/05, Kevin Wolf <[EMAIL PROTECTED]> wrote: > I can't find my 0.86.4 cd, and it's not on the mirrors :( Does anyone > have a link where I can download it at? > > Here's what cat /tmp/rules.debug | grep 700 looks like from my 0.89.2 setup: > # cat /tmp/rules.debug | grep 700 > nat on xl1 fro

Re: [pfSense Support] Developer howto?

On 10/24/05, Jeroen Geusebroek <[EMAIL PROTECTED]> wrote: > Is there a document on how to help out with development? Unfortunately not. > I would like to contribute, but don't know how to setup a development > environment. I noticed the development iso, i guess that's a start, but > do the update

Re: [pfSense Support] pfSense web certificate creation error (openssl related)

If you haven't already, please file this as a bug in cvstrac (I'd like to have something to track for the fix and the MFC). Thanks --Bill On 10/24/05, jonathan gonzalez <[EMAIL PROTECTED]> wrote: > Hi group, > > i have detected an error in the generation of the web certificate for > pfSense. > >

Re: [pfSense Support] bridging question

On 10/24/05, Dan Swartzendruber <[EMAIL PROTECTED]> wrote: > > I was looking over the bridging example posted earlier, but it wasn't > quite what I was wondering about. Is it possible to bridge an OPT > interface to the WAN interface even though the WAN interface is in a > totally different subnet

Re: [pfSense Support] 0.89.2

On 10/24/05, Kevin Wolf <[EMAIL PROTECTED]> wrote: > Your changing it back seems to have done the trick. I did the update > thing again, checked the debug file thing and the entry now looks > exactly like it did in 0.86.4, and it's working great! > > Thanks for the hard work! And I just rewrote t

Re: [pfSense Support] Traffic shaping

Any 'altq on' lines? I'll try and duplicate this tonight (or not, it's already 8PM and I'm still at work). --Bill On 10/25/05, Peter Zaitsev <[EMAIL PROTECTED]> wrote: > Hi, > > I'm running 0.89.6 > > I tried to experiment with traffic shaping today. I'm to use it for > collocation so my goal i

Re: [pfSense Support] Traffic shaping

On 10/25/05, Scott Ullrich <[EMAIL PROTECTED]> wrote: > Not likely. This should be a ticket. If someone can open a ticket I > can look at easily unsetting the shaper at the end of the wizard of no > options where checked. Naw, we don't want to unset the shaper if nothing was selected, we just w

Re: [pfSense Support] Transparent Squid proxy in DMZ?

On 10/26/05, Tommaso Di Donato <[EMAIL PROTECTED]> wrote: > Maybe I did not undestand well, but redirecting http traffic to a host > located in DMZ is not a policy-based routing... In my opinion it is a > simple redirect for 80/tcp to a particular host. Obviously, here the > host is in DMZ. > Sorry

Re: [pfSense Support] Traffic Shaping, killing my DSL link speed to less than 100k

On 10/26/05, Mojo Jojo <[EMAIL PROTECTED]> wrote: > altq on sis1 hfsc queue { qWANRoot } > altq on sis0 hfsc queue { qLANRoot } Ahahhaha, oops. Looks like I need to put a better check in the wizard :) I forgot that ng0 isn't what shows up in the XML config, doh. At this time ALTQ isn't supp

[pfSense Support] ATTENTION: PPPOE users, testers needed (DynDNS on PPPOE too)

We may have finally tracked down the bug that's been biting PPPOE users with DynDNS. If you run PPPOE w/ or w/out DynDNS, please test the fix at: http://www.pfsense.org/~billm/ppp-linkup This file replaces /usr/local/sbin/ppp-linkup. You can use Diagnostics->Edit File to update, or just scp the

[pfSense Support] Re: ATTENTION: PPPOE users, testers needed (DynDNS on PPPOE too)

PPTP users ALSO need to test this. Thanks --Bill On 10/26/05, Bill Marquette <[EMAIL PROTECTED]> wrote: > We may have finally tracked down the bug that's been biting PPPOE > users with DynDNS. If you run PPPOE w/ or w/out DynDNS, please test > the fix at: http://www.pf

Re: [pfSense Support] Dyndns and PPPoE Test... Reloaded!

To be clear, that's /usr/local/sbin, NOT /usr/sbin :) --Bill On 10/27/05, Damien Dupertuis <[EMAIL PROTECTED]> wrote: > Okay, > > I finally had time to re-install ewerything... > I did: > > fresh install of 0.89.2 > fresh re-configure ewerything (no backup-load) > update_file.sh /etc/inc/dyndns.c

Re: [pfSense Support] Not Able to Get Out on WAN Side After Reboot

DynDNS? Please read the mailing list - we need testers of a potential fix. --Bill On 10/27/05, Brian <[EMAIL PROTECTED]> wrote: > After upgrading to the most recent version, I am all of a sudden not > able to get out of pfSense to the internet. I have a simple LAN / WAN > setup. I've tried rem

Re: [pfSense Support] Not Able to Get Out on WAN Side After Reboot

On 10/27/05, Brian <[EMAIL PROTECTED]> wrote: > I am using dyndns. I have applied the fixes noted in the other emails > as well. I am a bit afraid to reboot since I am in the office today and > need the internet connection to work :-) > > To test this, do I just need to reboot? For a good test,

Re: [pfSense Support] Dyndns and PPPoE Test... Reloaded!

On 10/27/05, Scott Ullrich <[EMAIL PROTECTED]> wrote: > This was not directed at you. We appreciate you testing whenever you > can. It was directed to the 5+ other ppl that have reported this > problme. And the hordes that aren't affected by this but could be inadvertantly affected by the fix!

Re: [pfSense Support] FreeBSD 6 release with 2 days

On 10/27/05, Szasz Revai Endre <[EMAIL PROTECTED]> wrote: > Yesss, > Finally the release which will fix those nasty stuff in the kernel now > providing full uniprocessor usage. Because the kernel of the 5.x didn't > really support uniprocessors from scratch, it was just a tare-down from SMP. > > Ok

Re: [pfSense Support] FreeBSD 6 release with 2 days

On 10/27/05, Mojo Jojo <[EMAIL PROTECTED]> wrote: > General comments about traffic shaping in PFSense from a fairly new user who > chose Pfsense mostly because it did offer traffic shaping. > > This may sound like a put down and I don't mean it that way, I just want you > to see it from another poi

Re: [pfSense Support] FreeBSD 6 release with 2 days

On 10/27/05, Mojo Jojo <[EMAIL PROTECTED]> wrote: > >> > This should be in the next image, we (Scott) recently backported the > change from FreeBSD -CURRENT. > >> > > Oops, one more question regarding this comment above. > > So, are you saying that I should be able to use the wizard to prioritize >

Re: [pfSense Support] FreeBSD 6 release with 2 days

On 10/27/05, Mojo Jojo <[EMAIL PROTECTED]> wrote: > >> > LAN/WAN will no longer be hardcoded, interfaces will become > selectable - HOWEVER, you will still only be able to shape between two > interfaces > >> > > Sweet, so are you saying that I will be able to use the shaper wizard to > prioritize

Re: [pfSense Support] ATTENTION: PPPOE users, testers needed (DynDNS on PPPOE too)

On 10/27/05, Stefan R. <[EMAIL PROTECTED]> wrote: > Hi, > > I copied the new /usr/local/sbin/ppp-linkup but > it seems the script is not calld at all. > > no file /tmp/wanup > ( it should be created by ppp-linkup) Yes, ppp-linkup creates it and /etc/inc/interfaces.inc rm's it after holding down bo

Re: [pfSense Support] Multiplan WAN IPs on same interface via DHCP

On 10/28/05, Scott Ullrich <[EMAIL PROTECTED]> wrote: > > Thanks for your help and any other tips on what I should be looking out for > > in order not to make my life miserable :-) > > No, thank you for doing all the leg work on this. This is quite > interesting and if we can make it work then it

Re: [pfSense Support] Hardware... (old)

On 10/28/05, Forrest Aldrich <[EMAIL PROTECTED]> wrote: > I have an old Compaq AP200 (500mhz, maybe 512mb RAM). I think this > would be sufficient for the firewall. > > I admit to some ignorance here. > > In the past, I had this old Dell that was 400mhz. Network throughput > was slower (FreeBSD-

Re: [pfSense Support] Re: Wrap Embedded 0.89.2: Traffic Shaper error

On 10/28/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > My apologies, this appears to be related to the topic "Traffic Shaping, > killing my DSL link speed to less than 100k" > > My 3000/500 line is running 200/20 with my traffic shaping rules enabled (!) > > I will turn it off, go back and rea

Re: [pfSense Support] Re: Wrap Embedded 0.89.2: Traffic Shaper error

On 10/28/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > At 05:39 PM 10/28/2005, Bill Marquette wrote: > >On 10/28/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > > My apologies, this appears to be related to the topic "Traffic Shaping, > > >

Re: [pfSense Support] Virtual IPs (FTP)

On 10/29/05, Nate Davis <[EMAIL PROTECTED]> wrote: > Howdy, > > OK, I figured out the problem I was having... Turns out that for FTP, > which is what I was trying to Port Forward with, there is a userland > FTP-Proxy that is turned on by default. This was causing the Incoming FTP > Connections to

Re: [pfSense Support] Traffic shaping breaks

Fixed. update_file.sh /usr/local/www/system_advanced.php and re-run shaper wizard or add: hfsc to tag in /conf/config.xml and reboot. --Bill On 10/29/05, Peter Zaitsev <[EMAIL PROTECTED]> wrote: > Hi, > > I tried to enable device pooling in advanced options (the only one thing > I changed on re

Re: [pfSense Support] Traffic shaping breaks

On 10/29/05, Peter Zaitsev <[EMAIL PROTECTED]> wrote: > On Sat, 2005-10-29 at 23:05 -0500, Bill Marquette wrote: > > Fixed. > > > > update_file.sh /usr/local/www/system_advanced.php > > and re-run shaper wizard or add: > > hfsc > > to tag in /conf/

Re: [pfSense Support] bug in 0.89.2

rm /tmp/config.cache and see if they show up afterwards. Also, have you rebooted since the DHCP change (other than rm /tmp/config.cache this shouldn't make any other difference, so don't get your hopes up :)) --Bill On 10/31/05, Jason J. Ellingson <[EMAIL PROTECTED]> wrote: > I even wiped the sy

Re: [pfSense Support] Traffic shaping broken in 0.90

Although... # pfctl -f /tmp/rules.debug bandwidth for qWANRoot higher than interface Tells me that ummm, the bandwidth Peter told the system is more than the interfaces bandwidth. Not much I can do to control that. However, I did just make some changes to the shaper for .90 (I assume the MFCs ma

Re: [pfSense Support] Dump states featue

On 10/31/05, Rainer Duffner <[EMAIL PROTECTED]> wrote: > Scott Ullrich wrote: > > >ftp://reflection.ncsa.uiuc.edu/pub/pfSense/updates/pfSense-Full-Update-0.90.tgz > > > > > > > > > It used this to upgrade my test-setup. > It shows the same symptoms Peter also sees. > "ab" timeouts after a very low

Re: [pfSense Support] Traffic shaping broken in 0.90

On 10/31/05, Peter Zaitsev <[EMAIL PROTECTED]> wrote: > On Mon, 2005-10-31 at 16:04 -0500, Dan Swartzendruber wrote: > > > > > >Well... You obviously could have checked that and printed the error > > >during wizard run. > > > > dude, these guys are working their butts off, a little more civility >

Re: [pfSense Support] Traffic shaping broken in 0.90

On 10/31/05, Peter Zaitsev <[EMAIL PROTECTED]> wrote: > On Mon, 2005-10-31 at 16:20 -0500, Dan Swartzendruber wrote: > > A > > >Why not to set it to 1000Mbit ? Seriously If you're looking for > > >something fail safe it could be fails safe. Just like your very well thought out default deny? I'l

Re: [pfSense Support] Traffic shaping broken in 0.90

On 10/31/05, Peter Zaitsev <[EMAIL PROTECTED]> wrote: > The fact it is not production ready as you put it makes me cautious - > this is why I go in bridging mode as this way I can bypass firewall > physically by switching couple of cables which staff at remote facility > can do for me. Right, so y

Re: [pfSense Support] Authenticanion to LDAP as an alternative to Radius

On 10/31/05, Wesley K. Joyce <[EMAIL PROTECTED]> wrote: > Are we still in feature freeze? If not, has it been considered to add > authentication straight to a LDAP directory server as an alternative to > Radius? 1.0 is frozen. 1.1 isn't, however at this time most devel work is still going towa

Re: [pfSense Support] PFSense on CF card

On 10/31/05, Mark Wass <[EMAIL PROTECTED]> wrote: > Hi All > > Sorry I posted to the wrong subject, here in my post again, with a more > appropriate subject. > > I was wanting to use PFSense in a CF card setup on a i386 system when the > stable version is released. What I was wanting to know is:

Re: [pfSense Support] bug in 0.89.2

On 10/31/05, Jason J. Ellingson <[EMAIL PROTECTED]> wrote: > Was missing before reboot. > Was missing after reboot. > Was missing after removing the cache. > Was missing after reboot after removing the cache. > > No joy. Strange. Anyone else seeing this? I just finished powering off all my hardw

Re: [pfSense Support] Empty LAN IP is broken once again

On 10/31/05, Peter Zaitsev <[EMAIL PROTECTED]> wrote: > If you want to look at Jupiter solutions take a look at Netscreen. > The M40 is Router platform (which has some firewalling functions) > this is not the product which would be functionally compared to > pfSense. NetScreen, SonicWall, Wat

Re: [pfSense Support] bug in 0.89.2

On 11/1/05, Jason J. Ellingson <[EMAIL PROTECTED]> wrote: > I know it was working before the latest upgrade. If there is a repository > of old upgrades, I'll keep going back until I see the version that first > causes this. Perhaps then I'll mull through the code to see what changes > were made.

Re: AW: [pfSense Support] Intel(r) PRO/1000 PT compatibility

On 11/2/05, Mark Wass <[EMAIL PROTECTED]> wrote: > Thanks for your reply. I was aware of that list which is why I asked the > question. I'm not sure how much I trust Intels document stating that it > works with FreeBSD 4.x and later, I hope it does, but this could be a > misprint. > > Would be go

Re: [pfSense Support] Static DHCP entry bug - solution...

> > Why do I not use IPs? Because I want them to still be dynamic, but I use > the "Deny unknown clients"... which requires all the MAC addresses to be > listed in this table. > ---- > Jason J Ellingson > &

Re: [pfSense Support] Open VPN question

FWIW, I seem to recall it screwed around with OPT interfaces in a rather nasty way. I thought there was a fix for m0n0 that we sync'd in, but it hasn't had satisfactory testing.If you do test it, patches, not support questions (unless those questions are developer type questions), would be gre

Re: RE: Re: [pfSense Support] Serial port console ... ?

On 11/2/05, David Strout <[EMAIL PROTECTED]> wrote: > Just using a standard roll-over cable .. I can try > a null-modem, but the standard roll-over "use" to > work great. Not sure I saw what type of hardware you had (apologies if I missed it), but typically to connect to PCs together, as John ment

Re: Re: RE: Re: [pfSense Support] Serial port console ... ?

On 11/3/05, David Strout <[EMAIL PROTECTED]> wrote: > I have to say that I don't necessarily agree with > the statement. I have had it working on EXACTLY > the same system(s) w/ the same cable before, but > to satisfy my curiosity and that of those out > there ... I just tried a db9 to db9 null-mo

Re: [pfSense Support] em0 vs. VLANs

On 11/7/05, Rainer Duffner <[EMAIL PROTECTED]> wrote: > Hi, > > http://www.freebsd.org/releases/6.0R/relnotes-i386.html#PROC > > > in the Release-Notes, it says that hardware-VLAN tagging support is now > disabled. > "In the em(4) >

Re: [pfSense Support] Static ARP entries

Interesting, sounds like a bug. Are these clients on LAN or other interface? I wonder if we made this only work on LAN. --Bill On 11/8/05, Szasz Revai Endre <[EMAIL PROTECTED]> wrote: > Hello, > > Why is it, when Static ARP entries are enabled, a user which is not in > the DHCP client list stil

Re: [pfSense Support] Boot issues with .90 and .92

It's very possible if your CF is going bad. I thought you said you'd tried a different card though? --Bill On 11/8/05, Barry Kiesz <[EMAIL PROTECTED]> wrote: > Yep that was you... I appreciate all the help that night... > > Quick question for you/everybody. Could this be a problem with my CF c

Re: [pfSense Support] Boot issues with .90 and .92

You may need to go into Computer Management and select the drive from the drive management screen and repartition it (really, just delete and readd a partition). --Bill On 11/8/05, Scott Ullrich <[EMAIL PROTECTED]> wrote: > On 11/8/05, Barry Kiesz <[EMAIL PROTECTED]> wrote: > > Thinking that the

Re: [pfSense Support] Load Balancing

NAT occurs before filtering. You need a rule on the WAN interface allowing connections to the physical server IPs. --Bill On 11/10/05, Lee Hetherington <[EMAIL PROTECTED]> wrote: > I have. On the wan interface, im allowing anything to connect to the vip > 85.116.30.1 address on port 25 > > Do I

Re: [pfSense Support] Load Balancing

AN IP? > > On 11/10/05, Bill Marquette <[EMAIL PROTECTED]> wrote: > > NAT occurs before filtering. You need a rule on the WAN interface > > allowing connections to the physical server IPs. > > > > --Bill > > > > On 11/10/05, Lee Hetherington <

Re: [pfSense Support] Load Balancing

o connect to internal /24 on port 25 > >> > >>LAN Interface > >> > >>Allow anything to connect to internal/24 on port 25 > >> > >>Surely that covers it off? > >> > >>Lee > >> > >>Bill Marquette wrote: > &g

Re: [pfSense Support] Again .. New release / console issue

On 11/11/05, David Strout <[EMAIL PROTECTED]> wrote: > I'll ask it again . > > Is there any news on the next release 0.9x, am no --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROT

Re: [pfSense Support] Again .. New release / console issue

On 11/11/05, Dan Swartzendruber <[EMAIL PROTECTED]> wrote: > At 01:16 PM 11/11/2005, you wrote: > >Need testers. The sooner I get good feedback, the sooner its relased: > > I'll give this a try tonight... > > p.s. the traffic shaping is terrific. I downloaded the 0.93 tarball, > maxing out the D

Re: [pfSense Support] Re: [pfSense 0.88/0.90] Atheros card not bound to driver

On 11/12/05, Gil Freund <[EMAIL PROTECTED]> wrote: > Spoken too soon > See attached dmesg output. This is on a 0.90 upgraded to 0.93. > > Seems OK on a full 0.93 install. > > >>Philips (IBM OEM) OK OK OK > > > > TP-Link TL-WN660G Problem Problem

Re: [pfSense Support] captive portal - Is this possible?

If I remember how that feature works (since I enabled it - someone else actually wrote the code I believe, I'd have to look back about 6 months in cvs history!) it is supposed to do an arp -s for each IP in the list and then an ifconfig staticarp. According to the FBSD man page on ifconfig, static

Re: [pfSense Support] WAN DHCP not working ?

On 11/14/05, Emanuel A. Gonzalez <[EMAIL PROTECTED]> wrote: > Well, thanks Scott, you were right, the problem isn't the new release, but > hardware. I have changed the nic before, but seems that the 3COM 3C905-TX > has some issues, cause both nics I tried were this model, and both had the > same p

Re: [pfSense Support] Are Sangoma cards supported

This is certainly something we are interested in supporting. None of the devs have this equipment however. There's a couple ways to get this item supported, one is to provide access over the Internet to a device that has one in it so we can test options. The other, much more expensive (and frank

Re: [pfSense Support] Solution: Re: [pfSense Support] VPN & NAT Traversal (CISCO VPN Client)

On 11/18/05, Chris <[EMAIL PROTECTED]> wrote: > It did not work with IPSec Passthrough disabled. I must have tested too > quickly after disabling it. I tried again an hour later and I could not > connect to the office. I enabled passthrough and I was fine. > > Sorry for any confusion. That kind

Re: [pfSense Support] vlans and traffic shaping 0.94.10

Is this error at the beginning of the wizard, or the end? If the end, it's a known bug that I haven't had time to dig into (and from other reports, it's purely cosmetic - although you may need to resave the normal filter policy and apply to force the shaper rules to load)). --Bill On 11/23/05, a

Re: [pfSense Support] Embedded bootup

The embedded image uses a serial console. I know nothing about the Lex, but if you are using VGA with it, then this is as far as you'll see it boot - try hooking up a serial cable. --Bill On 11/23/05, Adam Armstrong <[EMAIL PROTECTED]> wrote: > Hi, > > I have a Lex box (the CV860A), but I can't

Re: [pfSense Support] restarting httpd

Create a tag inside the tag and you'll have a developer menu (and anything else we use that tag for ;-P) which has a restart http option. Of course, this requires that the http daemon is running :) Otherwise, Espen already answered regarding the command that runs (beware of shell expansion). -

Re: [pfSense Support] vlans and traffic shaping 0.94.10

ok, should be fixed now, if what I just fixed was the same bug that bit you ;) --Bill On 11/23/05, Scott Ullrich <[EMAIL PROTECTED]> wrote: > On 11/23/05, alan walters <[EMAIL PROTECTED]> wrote: > > Cool maybe. It is at the end > > Hopefully we'll have that fixed soon. Please open a ticket. > >

Re: [pfSense Support] Traffic Shaper Presets

This would be your lucky day ;) On 11/23/05, Kevin Wolf <[EMAIL PROTECTED]> wrote: > Just a few comments... first off, the rules for Shareaza and Gnutella > seem to be identical, so you might choose to either remove Shareaza, or > rename it to Gnutella 2- and have it shape TCP as well as UDP packe

Re: [pfSense Support] Traffic Shaper Presets

I agree with most of this...the wizard was a start and started life as a rip from the m0n0 "magic shaper" code. If you look at the xml and compare it to the original m0n0 code, you won't see a whole heck of a lot of difference. Certainly a concept for post-1.0. Thanks --Bill On 11/23/05, [EMAI

Re: [pfSense Support] Question about NAT

On 11/24/05, Rainer Duffner <[EMAIL PROTECTED]> wrote: > OK, I finally solved it. > The key to 1:1 NAT is that you also need to proxy-arp for the IPs in > question. > Otherwise, the router wouldn't know what to do with the packets... Yeah, that's a bug, we should be enforcing that a virtual IP exi

Re: [pfSense Support] Question about NAT

On 11/24/05, Rainer Duffner <[EMAIL PROTECTED]> wrote: > I don't know if it is a bug. > Though other firewalls probably do that automatically, the real problem > was that I didn't know it had to be done ;-) Well, it's unexpected behavior and none of the other NATs allow you to enter them w/out a v

Re: [pfSense Support] captive portal - Is this possible?

On 11/30/05, Szasz Revai Endre <[EMAIL PROTECTED]> wrote: > Hello again! > > About this old problem with the static arp entries.. > 20223 deny ip from 192.168.22.201 not MAC any 00:02:00:25:00:b6 any layer2 in > 20223 deny ip from any to 192.168.22.201 not MAC 00:02:00:25:00:b6 any > layer2 out > T

Re: [pfSense Support] ipfw and pf

Right. The hope is to remove ipfw from base. There's nothing in pfSense core that absolutely requires ipfw (although certain functionality that we decided not to rewrite for 1.0 currently is written to use ipfw). --Bill On 11/30/05, Scott Ullrich <[EMAIL PROTECTED]> wrote: > Even if we dump it

Re: [pfSense Support] multi gateway LAN routing

You might try changing how Outlook sends attachments. winmail.dat doesn't help most people :) --Bill On 12/3/05, DLStrout <[EMAIL PROTECTED]> wrote: > > Hope this gif image is a better rep of what I was trying to convey ... > > -Original Message- > From: David Strout [mailto:[EMAIL PROTE

Re: [pfSense Support] Either your LAN or WAN interface doesn't support ALTQ

Neither XE or EP are supported by ALTQ. http://www.freebsd.org/cgi/man.cgi?query=altq&manpath=FreeBSD+6.0-current&format=html --Bill On 12/3/05, Emanuele Baglini <[EMAIL PROTECTED]> wrote: > What I can do? > I've the latest version and my network card have this prefix: > RL > XE > EP > I need Tr

Re: [pfSense Support] feature request

It'd be helpful to know why you want it removed. --Bill On 12/4/05, David Strout <[EMAIL PROTECTED]> wrote: > There have been several requests to shut off IPv6 > functionality in pfSense. I am wondering if there > is an easy way to do this and if it can be > incorporated into the webConfigurator

Re: [pfSense Support] R: [pfSense Support] Either your LAN or WAN interface doesn't support ALTQ

Yup. I see 4 of them for buy it now @ $9 on ebay http://search.ebay.com/search/search.dll?cgiurl=http%3A%2F%2Fcgi.ebay.com%2Fws%2F&fkr=1&from=R8&satitle=intel+pcmcia&category0= and that was just the first search I did. --Bill On 12/4/05, Emanuele Baglini <[EMAIL PROTECTED]> wrote: > Intel PCMCI

Re: [pfSense Support] more stat/graph

Install the ntop package. --Bill On 12/6/05, dny <[EMAIL PROTECTED]> wrote: > if possible, i like to be able to see > - how many total connection from each host > - differenciate by download/upload. > - what ports are most connected from each and all host > > so we can see if someone is heavily u

Re: [pfSense Support] DynDns scheduling issues

FYI, update_file.sh pulls from HEAD which has some changes that can possibly bite you. As such, until it's modified to pull from RELENG_1, it's been pulled from the RELENG_1 tree. At this time there's no way to delete files during the update process, so be aware that update_file.sh may actually b

Re: [pfSense Support] Traffic shaper question

I'm still not sure what you're asking. I assume you want queues by IP address. We don't do that, you can manually create the queues, it'll be painful, but it's not a feature I'm looking to add at this time and isn't a design requirement for the shaper. --Bill On 12/13/05, RoboK <[EMAIL PROTECTE

Re: [pfSense Support] Traffic shaper question

anyany any > catch all > > i don`t see but traffic flows normally. > I want to know how works TS in pfSense in spite of this. > > I don` know how explain detailed this yet :-} > Thank you very much > > - Original Messa

Re: [pfSense Support] Traffic shaper question

; > > ifproto source destination > > target > > WANany any any > > catch all > > > > i don`t see but traffic flows normally. > > I want to know how works TS in pfSense in spit

Re: [pfSense Support] IPSec VPN in 0.99 embedded doesn't work

upgrade or full image? --Bill On 12/24/05, Ispánovits Imre <[EMAIL PROTECTED]> wrote: > Hi, > > On the new 0.99 embedded version the ipsec vpn doesn't work for me, although > the > same generic pc version works fine on the same hardware. > I don't see any wrong in the logs, but no SAD/SPD esta

Re: [pfSense Support] >>> pfSense 1.0 BETA posted!

On 12/27/05, Luis Avila <[EMAIL PROTECTED]> wrote: > We're beginning to test version 1.0 beta. > - Menu > Status > Queues – Statistics doesn't work … keep getting > information: Loading I've seen this on a slow box (Soekris 4801) with all the possible queues the wizard generates. It usua

Re: [pfSense Support] Question about Dev.Ed.

On 12/31/05, Tommaso Di Donato <[EMAIL PROTECTED]> wrote: > Hi Guys! > I'm working with the developers edition, and it is fantastic. I have to fix > two problems, and then (if you like) I would like to write down some notes > about it, like a documentation > Now the questions: > 1) I rebuilt

Re: [pfSense Support] dhcpd, static addresses AND dynamic addresses

Just add them to the list at the bottom of the DHCP server screen. The static ARP entry has nothing to do with static DHCP. --Bill On 1/1/06, Charles Sprickman <[EMAIL PROTECTED]> wrote: > Hello, > > I'm looking to setup pfsense/dhcpd to hand out "static" IPs to a few known > MAC addresses and d

Re: [pfSense Support] [Fwd: Re: PFSense?]

Yep, we've been following it...we've got eyes everywhere ;-P I don't find that blog entry terribly interesting though. It depends on your perspective of "unnecessary services" - a web daemon is pretty necessary for pfSense, that's why you use it, otherwise you'd be editing pf.conf by hand (not th

Re: [pfSense Support] Errors doing cvsup_current

John, dunno if you figured out the solution to this, but I stumbled on this tonight myself. Do a: pkg_add -r ftp://ftp2.freebsd.org/pub/FreeBSD/ports/i386/packages-6-stable/All/lighttpd-1.4.8.tbz and you should be able to rerun build_embedded.sh and continue. I suspect (haven't tried this) tha

Re: AW: AW: [pfSense Support] beeps gone?

Back in my BBS days I had GnR Sweet Child of Mine as the sysop page themeanyone care to figure that one out? Oh god, I can see it now, we're going to have to have a 'beep' theme! Anyone writes alternate beeps and I'll add the option (but ONLY after I get Sweet child of mine) ;-P --Bill On 1

Re: AW: AW: [pfSense Support] beeps gone?

; Seriously... > > > > > > On 1/4/06, Jonathan Woodard <[EMAIL PROTECTED]> wrote: > > > > Someone needs to write that so we can have the option. We could even > > > > have a section where people upload and download startup/shutdown > > > "

Re: [pfSense Support] Floppy Support

Is FreeBSD even supported in MS VS2005? :) I wouldn't consider it even a FreeBSD bug until then (heck, it's not even supported in the VMWare server versions - fbsd 6 that is) --Bill On 1/6/06, Dimitri Rodis <[EMAIL PROTECTED]> wrote: > Hello, > > The floppy drive doesn't appear to work correctly

Re: [pfSense Support] LOGGING ISSUE

On 1/7/06, David Strout <[EMAIL PROTECTED]> wrote: > Yet another reason I state that pfS is NOT ready > for BETA at it's current state. And the reason it needs to be in beta so we get enough testers to shake out the last remaining bugs before final release. --Bill --

Re: [pfSense Support] A cosmetic patch

On 1/7/06, Rajkumar S <[EMAIL PROTECTED]> wrote: > I have almost completed the orange theme, but it requires patches to about 20 > php files. I > am now going through the theme once again and see if I can come up with a > generic enough > patch set that can be applied for all themes. If some one

Re: [pfSense Support] BTW: How many VLANs can I have?

I thought there was a limit to the number of interfaces in pfSense, but I can't find it now. I don't believe FreeBSD however (or the em(4) driver) have any specific limitations. --Bill On 1/9/06, Rainer Duffner <[EMAIL PROTECTED]> wrote: > Hi, > > I looked unter "limitations" in the FAQ and didn

Re: [pfSense Support] BTW: How many VLANs can I have?

On 1/10/06, Rainer Duffner <[EMAIL PROTECTED]> wrote: > That's the number of interfaces - I already found that. > But I'm pretty sure I read about a limitation on the number of VLANs, too. > > So whatever the number of VLANs supported is (I believe this number to > be 64, but this is only from memo

Re: [pfSense Support] What to try with hdd install problems - possible solution + Nexcom 1041c hints

FWIW, the Nexcom 1030's that I have work wonderfully on the embedded image (which already does serial console). The only thing I had to do was swap the COM ports on the motherboard, by default the external serial (on the 1030) is cabled to COM2. BIOS redirection still worked (up until you get to

Re: [pfSense Support] server load balancing ( inbound )

On 1/17/06, Chris Buechler <[EMAIL PROTECTED]> wrote: > Scott Ullrich wrote: > > More than one client. You may be able to search the mailing archives > > for a very long drawn out conversation where basically someone was > > using apachebench to test and it was not a ideal testing environment. >

<    1   2   3   4   5   6   7   8   9   10   >