Re: [pfSense] Pfsense 2.2 CPU 100%
We have a similar issue with pfSense 2.2 installed on vSphere 5.0 Happened 3 times that pfSense hits 100% CPU and stops responding (CPU load is seen from vSphere). Only recovered by resetting (from vSphere) adn after that, start behaving normally. I though it was related to this issue with Open-VM-Tools (https://redmine.pfsense.org/issues/4491) because vmware modules weren't loading. However, after solving the issue with a workaround, it happened again (with modules loaded). Toni - El 10 de Marzo 2015, a las 15:54, Freund, Ingo escribió: > Hi, > I’ve upgraded a virtual pfSense on an ESXi 5.5 installed on a HP Microserver > and > have the same issue. > - Ingo > From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Guillaume > JULLIEN > Sent: Tuesday, March 10, 2015 2:52 PM > To: list@lists.pfsense.org > Subject: [pfSense] Pfsense 2.2 CPU 100% > Hello , > Since I upgraded my pfsenses to version 2.2, they more than often display 100% > cpu load. > I'm testing an installation on an Alix APU1D. > no extra addon installed > only one service defined : DHCP > only my laptop connected on lan interface > If I plug WAN interface to my LAN CPU load can be 100% even with no particular > network traffic. > ? > Any advice ? > Guillaume JULLIEN > ___ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold SISTEL Servicios Informáticos de Software y Telecomunicaciones Avd. Los Jarales, 4 (03010) ALICANTE TLF 965930080 / FAX 901021558 sistel.es Este mensaje ha sido enviado por la empresa Sistel, S.L. o por alguno de sus empleados, para uso exclusivo de la persona o entidad que figura en el mismo como destinatario, conteniendo información confidencial y protegida. Cualquier distribución, transmisión, copia, uso o aprovechamiento no autorizado de la información y de los datos de carácter personal contenidos en el mismo, es absolutamente ilegal, quedando prohibido expresamente por la Ley Orgánica 15/1999, de Protección de Datos de Carácter Personal. Si Ud. no es la persona interesada o el receptor al que va dirigido este correo-electrónico, por favor, comuníquelo a la mayor brevedad posible, por medio de llamada telefónica (965930080) o por este mismo medio (e-mail), procediendo a la destrucción inmediata de este mensaje. The information contained in this communication is confidential, may be privileged and is intended for the exclusive use of the above named addressee(s). If you are not the intended recipient(s), you are expressly prohibited from copying, distributing, disseminating, or in any other way using any of the information contained within this communication. If you have received this communication in error, please contact the senderby telephone on +34 96 593 00 80 or by response via e-mail. This comunication in from Sistel, S.L. Por favor recuerda tu responsabilidad medioambiental antes de imprimir este e-mail. Please consider your environmental responsibility before printing this e-mail. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Problem upgrading pfSense on Sun Fire x4100
Hi again, BQ_BEGIN BQ_BEGIN well, no kernel crash ? no kernel crash after upgrade BQ_END answering myself, seems to be this problem: https://redmine.pfsense.org/issues/3749 I'll try the workaround at https://redmine.pfsense.org/projects/pfsense/repository/revisions/720c529f2890708c8dca6264924ec5b1afbf0daf BQ_END Definetly, my problem was due to this error in the upgrade log: x ./tmp/pre_upgrade_command: Cannot extract through symlink tmp tar: Error exit delayed from previous errors. chmod: /tmp/pre_upgrade_command: No such file or directory /tmp/pre_upgrade_command: Can't open /tmp/pre_upgrade_command: No such file or directory Because of my tmp was a symlink to /var/tmp, the pre_upgrade_command script couldn't be untared, and the situation was the same as of pfSense 2.1.4 (this is pfSense 2.1.5) as explained in the bug 3749. Now, my system is upgraded (and limiters disabled) Maybe can be checked this before upgrading (for pfSense 2.2.1), I can't remember if I manually tweaked /tmp or it was in this way when installed (as of pfSense 2.0.1) and survived on upgrades. Thanks again BQ_BEGIN BQ_BEGIN BQ_BEGIN if kernel crashs: seems to me you did the same mistake like me: setup with HA and limiters ? BQ_END i read the note, i'm using limiters on a separate VLAN (not LAN) and i thought to test if it crashes. i think we must wait this issue to be solved, isn't it? :( thanks and regards BQ_BEGIN see: https://doc.pfsense.org/index.php/Upgrade_Guide#Limiters_with_High_Availability_not_working br stephan 2015-01-28 10:47 GMT+01:00 Toni Garcia < toni.gar...@sistel.es > : BQ_BEGIN I'm trying to upgrade my HA firewall, starting from the secondary CARP member, but with no success. I tried from BUI and CLI (downloading and verifying md5 also) but after complete the firmware upgrade process, the device doesn't reboot by itself (and rebooting takes it to an inconsistent state, boot loop'ing...) This is the CLI output: 0) Logout (SSH only) 8) Shell 1) Assign Interfaces 9) pfTop 2) Set interface(s) IP address 10) Filter Logs 3) Reset webConfigurator password 11) Restart webConfigurator 4) Reset to factory defaults 12) pfSense Developer Shell 5) Reboot system 13) Upgrade from console 6) Halt system 14) Disable Secure Shell (sshd) 7) Ping host 15) Restore recent configuration Enter an option: 13 Starting the pfSense console firmware update system.. 1) Update from a URL 2) Update from a local file Q) Quit Please select an option to continue: 2 Enter the complete path to the .tgz or .img.gz update file: /root/pfSense-Full-Update-2.2-RELEASE-amd64.tgz One moment please... Broadcast Message from ad...@selene2.sistel.es (no tty) at 10:04 CET... Firmware upgrade in progress... Done. Rebooting... After this, the console menu reappears and every command fails with a "Out of file descriptors" message (also rebooting is impossible, only but pressing the power button) I've checked and no firmware process is running after the "Rebooting" message. Any idea on what could be the problem? There's a full upgrade log? Thanks -- Toni Garcia Técnico de Sistemas Oracle Linux 6 Certified Implementation Specialist Oracle Certified Professional Solaris 10 System Administrator Oracle Certified Associate Solaris 11 System Administrator SISTEL Servicios Informáticos de Software y Telecomunicaciones Avd. Los Jarales, 4 (03010) ALICANTE TLF 965930080 - FAX 901021558 www.sistel.es Por favor recuerda tu responsabilidad medioambiental antes de imprimir este e-mail. / Please consider your environmental responsibility before printing this e-mail. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold BQ_END ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold BQ_END -- Toni Garcia Técnico de Sistemas Oracle Linux 6 Certified Implementation Specialist Oracle Certified Professional Solaris 10 System Administrator Oracle Certified Associate Solaris 11 System Administrator SISTEL Servicios Informáticos de Software y Telecomunicaciones Avd. Los Jarales, 4 (03010) ALICANTE TLF 965930080 - FAX 901021558 www.sistel.es Por favor recuerda tu responsabilidad medioambiental antes de imprimir este e-mail.
Re: [pfSense] Problem upgrading pfSense on Sun Fire x4100
De: "Toni Garcia" Para: "pfSense Support and Discussion Mailing List" Enviados: Miércoles, 28 de Enero 2015 13:37:03 Asunto: Re: [pfSense] Problem upgrading pfSense on Sun Fire x4100 BQ_BEGIN well, no kernel crash ? no kernel crash after upgrade BQ_END answering myself, seems to be this problem: https://redmine.pfsense.org/issues/3749 I'll try the workaround at https://redmine.pfsense.org/projects/pfsense/repository/revisions/720c529f2890708c8dca6264924ec5b1afbf0daf BQ_BEGIN BQ_BEGIN if kernel crashs: seems to me you did the same mistake like me: setup with HA and limiters ? BQ_END i read the note, i'm using limiters on a separate VLAN (not LAN) and i thought to test if it crashes. i think we must wait this issue to be solved, isn't it? :( thanks and regards BQ_BEGIN see: https://doc.pfsense.org/index.php/Upgrade_Guide#Limiters_with_High_Availability_not_working br stephan 2015-01-28 10:47 GMT+01:00 Toni Garcia < toni.gar...@sistel.es > : BQ_BEGIN I'm trying to upgrade my HA firewall, starting from the secondary CARP member, but with no success. I tried from BUI and CLI (downloading and verifying md5 also) but after complete the firmware upgrade process, the device doesn't reboot by itself (and rebooting takes it to an inconsistent state, boot loop'ing...) This is the CLI output: 0) Logout (SSH only) 8) Shell 1) Assign Interfaces 9) pfTop 2) Set interface(s) IP address 10) Filter Logs 3) Reset webConfigurator password 11) Restart webConfigurator 4) Reset to factory defaults 12) pfSense Developer Shell 5) Reboot system 13) Upgrade from console 6) Halt system 14) Disable Secure Shell (sshd) 7) Ping host 15) Restore recent configuration Enter an option: 13 Starting the pfSense console firmware update system.. 1) Update from a URL 2) Update from a local file Q) Quit Please select an option to continue: 2 Enter the complete path to the .tgz or .img.gz update file: /root/pfSense-Full-Update-2.2-RELEASE-amd64.tgz One moment please... Broadcast Message from ad...@selene2.sistel.es (no tty) at 10:04 CET... Firmware upgrade in progress... Done. Rebooting... After this, the console menu reappears and every command fails with a "Out of file descriptors" message (also rebooting is impossible, only but pressing the power button) I've checked and no firmware process is running after the "Rebooting" message. Any idea on what could be the problem? There's a full upgrade log? Thanks -- Toni Garcia Técnico de Sistemas Oracle Linux 6 Certified Implementation Specialist Oracle Certified Professional Solaris 10 System Administrator Oracle Certified Associate Solaris 11 System Administrator SISTEL Servicios Informáticos de Software y Telecomunicaciones Avd. Los Jarales, 4 (03010) ALICANTE TLF 965930080 - FAX 901021558 www.sistel.es Por favor recuerda tu responsabilidad medioambiental antes de imprimir este e-mail. / Please consider your environmental responsibility before printing this e-mail. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold BQ_END ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold BQ_END -- Toni Garcia Técnico de Sistemas Oracle Linux 6 Certified Implementation Specialist Oracle Certified Professional Solaris 10 System Administrator Oracle Certified Associate Solaris 11 System Administrator SISTEL Servicios Informáticos de Software y Telecomunicaciones Avd. Los Jarales, 4 (03010) ALICANTE TLF 965930080 - FAX 901021558 www.sistel.es Por favor recuerda tu responsabilidad medioambiental antes de imprimir este e-mail. / Please consider your environmental responsibility before printing this e-mail. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold BQ_END -- Toni Garcia Técnico de Sistemas Oracle Linux 6 Certified Implementation Specialist Oracle Certified Professional Solaris 10 System Administrator Oracle Certified Associate Solaris 11 System Administrator SISTEL Servicios Informáticos de Software y Telecomunicaciones Avd. Los Jarales, 4 (03010) ALICANTE TLF 965930080 - FAX 901021558 www.sistel.es
Re: [pfSense] Problem upgrading pfSense on Sun Fire x4100
>> well, no kernel crash ? > no kernel crash after upgrade answering myself, seems to be this problem: https://redmine.pfsense.org/issues/3749 I'll try the workaround at https://redmine.pfsense.org/projects/pfsense/repository/revisions/720c529f2890708c8dca6264924ec5b1afbf0daf >> if kernel crashs: >> seems to me you did the same mistake like me: >> setup with HA and limiters ? > i read the note, i'm using limiters on a separate VLAN (not LAN) and i thought > to test if it crashes. > i think we must wait this issue to be solved, isn't it? :( > thanks and regards >> see: >> https://doc.pfsense.org/index.php/Upgrade_Guide#Limiters_with_High_Availability_not_working >> br >> stephan >> 2015-01-28 10:47 GMT+01:00 Toni Garcia < toni.gar...@sistel.es > : >>> I'm trying to upgrade my HA firewall, starting from the secondary CARP >>> member, >>> but with no success. >>> I tried from BUI and CLI (downloading and verifying md5 also) but after >>> complete >>> the firmware upgrade process, the device doesn't reboot by itself (and >>> rebooting takes it to an inconsistent state, boot loop'ing...) >>> This is the CLI output: >>> 0) Logout (SSH only) 8) Shell >>> 1) Assign Interfaces 9) pfTop >>> 2) Set interface(s) IP address 10) Filter Logs >>> 3) Reset webConfigurator password 11) Restart webConfigurator >>> 4) Reset to factory defaults 12) pfSense Developer Shell >>> 5) Reboot system 13) Upgrade from console >>> 6) Halt system 14) Disable Secure Shell (sshd) >>> 7) Ping host 15) Restore recent configuration >>> Enter an option: 13 >>> Starting the pfSense console firmware update system.. >>> 1) Update from a URL >>> 2) Update from a local file >>> Q) Quit >>> Please select an option to continue: 2 >>> Enter the complete path to the .tgz or .img.gz update file: >>> /root/pfSense-Full-Update-2.2-RELEASE-amd64.tgz >>> One moment please... >>> Broadcast Message from ad...@selene2.sistel.es >>> (no tty) at 10:04 CET... >>> Firmware upgrade in progress... >>> Done. >>> Rebooting... >>> After this, the console menu reappears and every command fails with a "Out >>> of >>> file descriptors" message (also rebooting is impossible, only but pressing >>> the >>> power button) >>> I've checked and no firmware process is running after the "Rebooting" >>> message. >>> Any idea on what could be the problem? There's a full upgrade log? >>> Thanks >>> -- >>> Toni Garcia >>> Técnico de Sistemas >>> Oracle Linux 6 Certified Implementation Specialist >>> Oracle Certified Professional Solaris 10 System Administrator >>> Oracle Certified Associate Solaris 11 System Administrator >>> SISTEL >>> Servicios Informáticos de Software >>> y Telecomunicaciones >>> Avd. Los Jarales, 4 (03010) ALICANTE >>> TLF 965930080 - FAX 901021558 >>> www.sistel.es >>> Por favor recuerda tu responsabilidad medioambiental antes de imprimir este >>> e-mail. / Please consider your environmental responsibility before printing >>> this e-mail. >>> ___ >>> pfSense mailing list >>> https://lists.pfsense.org/mailman/listinfo/list >>> Support the project with Gold! https://pfsense.org/gold >> ___ >> pfSense mailing list >> https://lists.pfsense.org/mailman/listinfo/list >> Support the project with Gold! https://pfsense.org/gold > -- > Toni Garcia > Técnico de Sistemas > Oracle Linux 6 Certified Implementation Specialist > Oracle Certified Professional Solaris 10 System Administrator > Oracle Certified Associate Solaris 11 System Administrator > SISTEL > Servicios Informáticos de Software > y Telecomunicaciones > Avd. Los Jarales, 4 (03010) ALICANTE > TLF 965930080 - FAX 901021558 > www.sistel.es > Por favor recuerda tu responsabilidad medioambiental antes de imprimir este > e-mail. / Please consider your environmental responsibility before printing > this
Re: [pfSense] Problem upgrading pfSense on Sun Fire x4100
> De: "WolfSec-Support" > Para: "pfSense Support and Discussion Mailing List" > Enviados: Miércoles, 28 de Enero 2015 10:53:34 > Asunto: Re: [pfSense] Problem upgrading pfSense on Sun Fire x4100 > well, no kernel crash ? no kernel crash after upgrade > if kernel crashs: > seems to me you did the same mistake like me: > setup with HA and limiters ? i read the note, i'm using limiters on a separate VLAN (not LAN) and i thought to test if it crashes. i think we must wait this issue to be solved, isn't it? :( thanks and regards > see: > https://doc.pfsense.org/index.php/Upgrade_Guide#Limiters_with_High_Availability_not_working > br > stephan > 2015-01-28 10:47 GMT+01:00 Toni Garcia < toni.gar...@sistel.es > : >> I'm trying to upgrade my HA firewall, starting from the secondary CARP >> member, >> but with no success. >> I tried from BUI and CLI (downloading and verifying md5 also) but after >> complete >> the firmware upgrade process, the device doesn't reboot by itself (and >> rebooting takes it to an inconsistent state, boot loop'ing...) >> This is the CLI output: >> 0) Logout (SSH only) 8) Shell >> 1) Assign Interfaces 9) pfTop >> 2) Set interface(s) IP address 10) Filter Logs >> 3) Reset webConfigurator password 11) Restart webConfigurator >> 4) Reset to factory defaults 12) pfSense Developer Shell >> 5) Reboot system 13) Upgrade from console >> 6) Halt system 14) Disable Secure Shell (sshd) >> 7) Ping host 15) Restore recent configuration >> Enter an option: 13 >> Starting the pfSense console firmware update system.. >> 1) Update from a URL >> 2) Update from a local file >> Q) Quit >> Please select an option to continue: 2 >> Enter the complete path to the .tgz or .img.gz update file: >> /root/pfSense-Full-Update-2.2-RELEASE-amd64.tgz >> One moment please... >> Broadcast Message from ad...@selene2.sistel.es >> (no tty) at 10:04 CET... >> Firmware upgrade in progress... >> Done. >> Rebooting... >> After this, the console menu reappears and every command fails with a "Out of >> file descriptors" message (also rebooting is impossible, only but pressing >> the >> power button) >> I've checked and no firmware process is running after the "Rebooting" >> message. >> Any idea on what could be the problem? There's a full upgrade log? >> Thanks >> -- >> Toni Garcia >> Técnico de Sistemas >> Oracle Linux 6 Certified Implementation Specialist >> Oracle Certified Professional Solaris 10 System Administrator >> Oracle Certified Associate Solaris 11 System Administrator >> SISTEL >> Servicios Informáticos de Software >> y Telecomunicaciones >> Avd. Los Jarales, 4 (03010) ALICANTE >> TLF 965930080 - FAX 901021558 >> www.sistel.es >> Por favor recuerda tu responsabilidad medioambiental antes de imprimir este >> e-mail. / Please consider your environmental responsibility before printing >> this e-mail. >> ___ >> pfSense mailing list >> https://lists.pfsense.org/mailman/listinfo/list >> Support the project with Gold! https://pfsense.org/gold > ___ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold -- Toni Garcia Técnico de Sistemas Oracle Linux 6 Certified Implementation Specialist Oracle Certified Professional Solaris 10 System Administrator Oracle Certified Associate Solaris 11 System Administrator SISTEL Servicios Informáticos de Software y Telecomunicaciones Avd. Los Jarales, 4 (03010) ALICANTE TLF 965930080 - FAX 901021558 www.sistel.es Por favor recuerda tu responsabilidad medioambiental antes de imprimir este e-mail. / Please consider your environmental responsibility before printing this e-mail. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Problem upgrading pfSense on Sun Fire x4100
I'm trying to upgrade my HA firewall, starting from the secondary CARP member, but with no success. I tried from BUI and CLI (downloading and verifying md5 also) but after complete the firmware upgrade process, the device doesn't reboot by itself (and rebooting takes it to an inconsistent state, boot loop'ing...) This is the CLI output: 0) Logout (SSH only) 8) Shell 1) Assign Interfaces 9) pfTop 2) Set interface(s) IP address 10) Filter Logs 3) Reset webConfigurator password 11) Restart webConfigurator 4) Reset to factory defaults 12) pfSense Developer Shell 5) Reboot system 13) Upgrade from console 6) Halt system 14) Disable Secure Shell (sshd) 7) Ping host 15) Restore recent configuration Enter an option: 13 Starting the pfSense console firmware update system.. 1) Update from a URL 2) Update from a local file Q) Quit Please select an option to continue: 2 Enter the complete path to the .tgz or .img.gz update file: /root/pfSense-Full-Update-2.2-RELEASE-amd64.tgz One moment please... Broadcast Message from ad...@selene2.sistel.es (no tty) at 10:04 CET... Firmware upgrade in progress... Done. Rebooting... After this, the console menu reappears and every command fails with a "Out of file descriptors" message (also rebooting is impossible, only but pressing the power button) I've checked and no firmware process is running after the "Rebooting" message. Any idea on what could be the problem? There's a full upgrade log? Thanks -- Toni Garcia Técnico de Sistemas Oracle Linux 6 Certified Implementation Specialist Oracle Certified Professional Solaris 10 System Administrator Oracle Certified Associate Solaris 11 System Administrator SISTEL Servicios Informáticos de Software y Telecomunicaciones Avd. Los Jarales, 4 (03010) ALICANTE TLF 965930080 - FAX 901021558 www.sistel.es Por favor recuerda tu responsabilidad medioambiental antes de imprimir este e-mail. / Please consider your environmental responsibility before printing this e-mail. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] squid too slow in high traffic load conditions
Hello, We are experiencing speed problems with pfSense+squid in high traffic load conditions. This pfSense has squid+squidGuard+HAVP (squid configured in transparent mode and HAVP configured as parent for squid, as defined in the pfsense wiki) pfSense has also been tuned with the following system variables: kern.ipc.nmbclusters=32768 kern.maxfiles=65536 kern.maxfilesperproc=32768 net.inet.ip.portrange.last=65535 kern.hz=100 Moreover, squid has the custom variable "redirect_children 20" because while on high traffic load conditions, the default children (used by squidGuard) were not enough. After some months of tuning, we cannot achive a good configuration (if possible) with it, and disabling transparent mode (and thus, avoiding traffic to get squid) is the only way we found to avoid the speed problems. There a speed limit for squid on pfSense or any configuration parameter i'm missing that can affect preformance? Thanks -- Toni Garcia Técnico de Sistemas Oracle Linux 6 Certified Implementation Specialist Oracle Certified Professional Solaris 10 System Administrator Oracle Certified Associate Solaris 11 System Administrator SISTEL Servicios Informáticos de Software y Telecomunicaciones Avd. Los Jarales, 4 (03010) ALICANTE TLF 965930080 - FAX 901021558 www.sistel.es Por favor recuerda tu responsabilidad medioambiental antes de imprimir este e-mail. / Please consider your environmental responsibility before printing this e-mail. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Not able to access https sites
Hi, I didn't test it before, but in the docs there is a guideto WPAD https://doc.pfsense.org/index.php/WPAD_Autoconfigure_for_Squid Regards De: "Rupesh Gujrathi" Para: list@lists.pfsense.org, "jonatas baldin" Enviados: Martes, 11 de Noviembre 2014 13:24:37 Asunto: [pfSense] Not able to access https sites Hi, Is there any other way to do the same, if no how I can configure WPAD on pfsense. Message: 1 Date: Sat, 8 Nov 2014 19:44:15 -0200 From: Jonatas Baldin < jonatas.bal...@gmail.com > To: pfSense support and discussion < list@lists.pfsense.org > Subject: Re: [pfSense] Not able to access https sites Message-ID: Content-Type: text/plain; charset="utf-8" Try implementing WPAD. Em 08/11/2014 13:21, "Rupesh Gujrathi" < gujrathirupe...@gmail.com > escreveu: > Hi, friends > I have configured pfsesnse ver 2.1.5 with squid3 for transparent proxy. > All the sites are working fine but I am not able to access the https sites. > Is there any configuration that I may be missing? > > ___ > List mailing list > List@lists.pfsense.org > https://lists.pfsense.org/mailman/listinfo/list > -- next part -- An HTML attachment was scrubbed... URL: < http://lists.pfsense.org/pipermail/list/attachments/20141108/41b11866/attachment-0001.html > -- Subject: Digest Footer ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- End of List Digest, Vol 216, Issue 1 ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- Toni Garcia Técnico de Sistemas Oracle Linux 6 Certified Implementation Specialist Oracle Certified Professional Solaris 10 System Administrator Oracle Certified Associate Solaris 11 System Administrator SISTEL Servicios Informáticos de Software y Telecomunicaciones Avd. Los Jarales, 4 (03010) ALICANTE TLF 965930080 - FAX 901021558 www.sistel.es Por favor recuerda tu responsabilidad medioambiental antes de imprimir este e-mail. / Please consider your environmental responsibility before printing this e-mail. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Option to clear Squid cache
Hi, I don't know what's the right place to ask for this, so I apology for the inconvenience I'm setting up a Squid cache on pfSense and I would like to have a button to clear the cache, invoking: squid -k shutdown rm -rf /var/squid/cache/* squid -z and restarting squid again. I can see some of this procedure is also coded (function squid_dash_z in /usr/local/pkg/squid.inc), so I think it's reasonably easy to add a button that executes it on user request. I can cooperate with the package mantainer if needed, so feel free to contact me. Regards -- Toni Garcia Técnico de Sistemas Oracle Linux 6 Certified Implementation Specialist Oracle Certified Professional Solaris 10 System Administrator Oracle Certified Associate Solaris 11 System Administrator SISTEL Servicios Informáticos de Software y Telecomunicaciones Avd. Los Jarales, 4 (03010) ALICANTE TLF 965930080 - FAX 901021558 www.sistel.es Por favor recuerda tu responsabilidad medioambiental antes de imprimir este e-mail. / Please consider your environmental responsibility before printing this e-mail. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] menu bar in safari on 2.1.5
Hello, I solved the issue by hiding the new "Gold" menu, by commenting lines 334-341 in file /usr/local/www/fbegin.inc I will wait for next release to check again, when this file will be overwritten. - Mensaje original - De: "Josh Reynolds" Para: list@lists.pfsense.org Enviados: Miércoles, 10 de Septiembre 2014 21:08:16 Asunto: Re: [pfSense] menu bar in safari on 2.1.5 Having the same issue here, had to use the old sidebar theme. Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com On 09/10/2014 04:09 AM, Toni Garcia wrote: Hello, I'm facing this exact problem using this theme with latest Firefox, Chrome and Chromium. After clearing the cache I'm unable to see the complete menu bar in one line, and System menu is really hard to access. It's me or it's a bug? Regards - Mensaje original - De: "Vick Khera" Para: "pfSense Support and Discussion Mailing List" Enviados: Viernes, 29 de Agosto 2014 17:24:43 Asunto: Re: [pfSense] menu bar in safari on 2.1.5 On Fri, Aug 29, 2014 at 11:17 AM, Jim Thompson < j...@netgate.com > wrote: Have you reloaded (the CSS changed) and/or cleared the browser cache? Yeah, just did that and it cleared up. Sorry for the noise. My failovers are all upgraded... waiting for later in the night to do the primaries. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- Toni Garcia Técnico de Sistemas Oracle Linux 6 Certified Implementation Specialist Oracle Certified Professional Solaris 10 System Administrator Oracle Certified Associate Solaris 11 System Administrator SISTEL Servicios Informáticos de Software y Telecomunicaciones Avd. Los Jarales, 4 (03010) ALICANTE TLF 965930080 - FAX 901021558 www.sistel.es Por favor recuerda tu responsabilidad medioambiental antes de imprimir este e-mail. / Please consider your environmental responsibility before printing this e-mail. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- Toni Garcia Técnico de Sistemas Oracle Linux 6 Certified Implementation Specialist Oracle Certified Professional Solaris 10 System Administrator Oracle Certified Associate Solaris 11 System Administrator SISTEL Servicios Informáticos de Software y Telecomunicaciones Avd. Los Jarales, 4 (03010) ALICANTE TLF 965930080 - FAX 901021558 www.sistel.es Por favor recuerda tu responsabilidad medioambiental antes de imprimir este e-mail. / Please consider your environmental responsibility before printing this e-mail. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] menu bar in safari on 2.1.5
Hello, I'm facing this exact problem using this theme with latest Firefox, Chrome and Chromium. After clearing the cache I'm unable to see the complete menu bar in one line, and System menu is really hard to access. It's me or it's a bug? Regards - Mensaje original - De: "Vick Khera" Para: "pfSense Support and Discussion Mailing List" Enviados: Viernes, 29 de Agosto 2014 17:24:43 Asunto: Re: [pfSense] menu bar in safari on 2.1.5 On Fri, Aug 29, 2014 at 11:17 AM, Jim Thompson < j...@netgate.com > wrote: Have you reloaded (the CSS changed) and/or cleared the browser cache? Yeah, just did that and it cleared up. Sorry for the noise. My failovers are all upgraded... waiting for later in the night to do the primaries. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- Toni Garcia Técnico de Sistemas Oracle Linux 6 Certified Implementation Specialist Oracle Certified Professional Solaris 10 System Administrator Oracle Certified Associate Solaris 11 System Administrator SISTEL Servicios Informáticos de Software y Telecomunicaciones Avd. Los Jarales, 4 (03010) ALICANTE TLF 965930080 - FAX 901021558 www.sistel.es Por favor recuerda tu responsabilidad medioambiental antes de imprimir este e-mail. / Please consider your environmental responsibility before printing this e-mail. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] IPsec and NAT problem with SonicWall VPN Client
Hello, I have a problem when trying to connect from inside my netwrok to an external SonicWall VPN server. Sniffing traffic on my firewall (both interfaces LAN/WAN) shows me that internal IP address is not being NATed, but NAT is working for any other use (IP traffic and other non SonicWall VPN servers) When trying with SonicWall client, on both interfaces I can see this traffic: 18:10:25.718378 IP 192.168.255.241.500 > SONICWALL.500: isakmp: phase 1 I agg 18:10:25.718401 IP 192.168.255.241 > SONICWALL.225: udp Other test, connecting to a non SonicWall VPN servers, show this traffic in the LAN interface 18:10:30.003703 IP 192.168.255.241.6321 > IPSEC_SERVER.500: isakmp: phase 1 I agg 18:10:30.043896 IP IPSEC_SERVER.500 > WAN_ADDRESS.6321: isakmp: phase 1 R agg 18:10:30.195077 IP 192.168.255.241.6321 > IPSEC_SERVER.500: isakmp: phase 1 I agg[E] 18:10:30.195090 IP 192.168.255.241.6321 > IPSEC_SERVER.500: isakmp: phase 2/others I inf[E] 18:10:30.244034 IP IPSEC_SERVER.500 > WAN_ADDRESS.6321: isakmp: phase 2/others R #6[E] 18:10:30.244551 IP 192.168.255.241.6321 > IPSEC_SERVER.500: isakmp: phase 2/others I #6[E] 18:10:30.265647 IP IPSEC_SERVER.500 > WAN_ADDRESS.6321: isakmp: phase 2/others R #6[E] 18:10:30.330998 IP 192.168.255.241.6321 > IPSEC_SERVER.500: isakmp: phase 2/others I inf[E] and this traffic in the WAN interface 18:10:30.003703 IP WAN_ADDRESS.6321 > IPSEC_SERVER.500: isakmp: phase 1 I agg 18:10:30.043896 IP IPSEC_SERVER.500 > WAN_ADDRESS.6321: isakmp: phase 1 R agg 18:10:30.195077 IP WAN_ADDRESS.6321 > IPSEC_SERVER.500: isakmp: phase 1 I agg[E] 18:10:30.195090 IP WAN_ADDRESS.6321 > IPSEC_SERVER.500: isakmp: phase 2/others I inf[E] 18:10:30.244034 IP IPSEC_SERVER.500 > WAN_ADDRESS.6321: isakmp: phase 2/others R #6[E] 18:10:30.244551 IP WAN_ADDRESS.6321 > IPSEC_SERVER.500: isakmp: phase 2/others I #6[E] 18:10:30.265647 IP IPSEC_SERVER.500 > WAN_ADDRESS.6321: isakmp: phase 2/others R #6[E] 18:10:30.330998 IP WAN_ADDRESS.6321 > IPSEC_SERVER.500: isakmp: phase 2/others I inf[E] The question is why pfSense is not NATing a particular IPsec connection, while NAT has been working in the same configuration for a long time. pfSense version is 2.0.3 in 2 boxes using CARP for redundancy. Thanks, any help would be appreciated -- Toni Garcia Técnico de Sistemas Oracle Linux Certified Implementation Specialist Oracle Certified Professional Solaris 10 System Administrator SISTEL Servicios Informáticos de Software y Telecomunicaciones Avd. Los Jarales, 4 (03010) ALICANTE TLF 965930080 - FAX 901021558 www.sistel.es Por favor recuerda tu responsabilidad medioambiental antes de imprimir este e-mail. / Please consider your environmental responsibility before printing this e-mail. ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] How to add Routing
You can add static routes in "System > Routing" You must first add a gateway and, after that, you can set a route to a given network using this gateway. Regards - Mensaje original - De: "pratap koppal" Para: list@lists.pfsense.org Enviados: Viernes, 9 de Agosto 2013 10:26:53 Asunto: [pfSense] How to add Routing Hi all, I want to know, how to add routing for a different network in pfsense Regards, Pratap Koppal 9594524325 ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list -- Toni Garcia Técnico de Sistemas Oracle Linux Certified Implementation Specialist Oracle Certified Professional Solaris 10 System Administrator SISTEL Servicios Informáticos de Software y Telecomunicaciones Avd. Los Jarales, 4 (03010) ALICANTE TLF 965930080 - FAX 901021558 www.sistel.es Por favor recuerda tu responsabilidad medioambiental antes de imprimir este e-mail. / Please consider your environmental responsibility before printing this e-mail. ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
