Re: [pfSense Support] pfSense 0.76.2: No rdr rule for Squid Transparent Proxy
Hi Scott and all,
I don't experience Squid dying in pfsense yet. But, I
did experience this in the past when Squid core dumps
in my custom FreeBSD box.
The possibility of Squid dying or terminating (for
whatever reason) is not remote and with the rdr rules
for transparent proxying still in effect, this could
effectively block http traffic.
A solution could be to use a script (See the RunCache
script for squid as reference) to periodically check
if squid is still running and when it's not, the
script should set the filter dirty flag to reload the
filters.
With this solution, the /etc/inc/filter.inc should
also be modified to allow removal of the rdr rule for
transparent proxying only when squid has died or
terminated.
...
if (is_package_installed("squid") == 1)
if(is_process_running("squid")) {
//insert rule for transp proxy
}
else {
//remove rdr rule for transp proxy
}
...
I hope this makes my point clear.
Miles
--- Scott Ullrich <[EMAIL PROTECTED]> wrote:
> SQUID should not be dying. If it is then I need to
> deactivate the
> package until a new one is released on the freebsd
> site.
>
> Scott
>
>
> On 8/16/05, Albert Miles Enabe <[EMAIL PROTECTED]>
> wrote:
> > No need to file a ticket. Thanks for the swift
> action.
> > I'll wait till next release then.
> >
> > Also, I am concerned of the Squid process dying
> for
> > any reason and the rdr rule for transparent
> proxying
> > is still in effect. This will block http traffic
> to
> > the internet. Any solution for this?
> >
> > Thanks again.
> >
> > Miles
> >
> > --- Scott Ullrich <[EMAIL PROTECTED]> wrote:
> >
> > > The solution here is to set the filter dirty
> flag in
> > > the squid startup
> > > script. This will force the rules to be
> reloaded
> > > and then squid will
> > > be running.
> > >
> > > I'll take care of it shortly.
> > >
> > > Scott
> > >
> > >
> > > On 8/16/05, Bill Marquette
> > > <[EMAIL PROTECTED]> wrote:
> > > > Albert, can you file a ticket on this at
> > > http://cvstrac.pfsense.com/ ?
> > > > I'd rather not delay boot until squid is up,
> but I
> > > suppose that's open
> > > > for debate. Without looking at the code, I'm
> > > wondering if we're even
> > > > starting up squid before the filter.
> > > > Can you insert a sleep(); statement before the
> > > is_process_running
> > > > statement and tell us how long you have to
> sleep
> > > for to get reliable
> > > > results? Also, what speed hardware is this on?
> > > Thanks
> > > >
> > > > --Bill
> > > >
> > > > On 8/16/05, Albert Miles Enabe
> <[EMAIL PROTECTED]>
> > > wrote:
> > > > > I think it is actually a BUG in the script
> > > > > /etc/inc/filter.inc that checks for the
> squid
> > > process
> > > > > at boot time which will return FALSE because
> no
> > > > > package is loaded during this time yet. See
> the
> > > > > /etc/rc script for the loading sequence.
> > > > >
> > > > > The /etc/rc.bootup script that initializes
> the
> > > pf
> > > > > rules is called before executing rc.d items.
> > > Please
> > > > > see the /etc/rc script.
> > > > >
> > > > > As a solution, the
> > > "if(is_process_running("squid"))"
> > > > > at line no. 1134 of the file
> /etc/inc/filter.inc
> > > must
> > > > > be commented out.
> > > > >
> > > > > Cheers!
> > > > >
> > > > >
> > > > > --- Bachman Kharazmi <[EMAIL PROTECTED]>
> wrote:
> > > > >
> > > > > > When the squid package has installed
> properly
> > > > > > without any errors type:
> > > > > > # pfctl -sr | grep rdr
> > > > > > if that returns a rule and trans.proxy
> still
> > > doesn't
> > > > > > work (make sure
> > > > > > the squid process is running) then I would
> > > suggest
> > > > > > you read the squid
> > > > > > logs to findout why it doesn't cache.
> > > > > >
> > > > > > /bkw
> > > > > >
> > > > > >
> > > > > > On 8/16/05, Albert Miles Enabe
> > > <[EMAIL PROTECTED]>
> > > > > > wrote:
> > > > > > > Hi!
> > > > > > >
> > > > > > > The rdr (nat) rule for squid transparent
> > > proxy is
> > > > > > > missing on pfsense 0.76.2 which causes
> > > transparent
> > > > > > > proxying NOT to function properly. The
> > > > > > corresponding
> > > > > > > pass rules are present however.
> > > > > > >
> > > > > > > The problem is corrected by commenting
> out
> > > line#
> > > > > > 1134
> > > > > > > of /etc/inc/filter.inc:
> > > > > > >
> > > > > > > if
> (is_package_installed("squid") ==
> > > 1)
> > > > > > > //if
> > > (is_process_running("squid"))
> > > > > > >
> > > > > > > Could it be because this function was
> called
> > > at
> > > > > > the
> > > > > > > time when squid has not fully loaded
> itself?
> > > If
> > > > > > this
> > > > > > > is the case, then it would be better if
> the
> > > rc
> > > > > > loader
> > > > > > > for squid be given enough time to
> "sleep"
> > > for a
> > > > > > while
> > > > > > > before exiting.
> > > > > > >
[pfSense Support] Load Balancer
I have just upgrade from 73.12 to 77 on soekris 4801 Is load balancer for outbound connection too? The "bug" of ssh not restarting after a configuration restore is still here. regards Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] iperf question
On 8/18/05, Randy B <[EMAIL PROTECTED]> wrote: > Chris Buechler wrote: > > Not unless you're running both a client and server at each end. > > Unfortunately, not the case - Yes it is. iperf doesn't test full duplex, it's one direction only (with one connection, run a server and a client on each side and you can test full duplex). You'll never get more than 100 Mb on a 100Mb link or 10 Mb on a 10 Mb link, even if it's full duplex, with a single iperf server and client. > > I'm able to get 93Mb to another machine on the network - acceptable, > given the cheap switch I have. > that's roughly as good as you're going to get on 100 Mb. > > I have two rl cards and one sis - sis0 is linked to my cable modem and > my LAN is to rl0. The RL NICs are both rather new, and both say they've > autonegotiated at 100Mb. rl's are known for poor performance, but should be better than that unless you're only running a 100-200 MHz machine or so. what duplex does it say? or does it not say? I'm still thinking duplex mismatch, though 20 something Mb is quite a bit for having a mismatch. You should be seeing: media: Ethernet autoselect (100baseTX ) in your ifconfig output. Exactly what are you seeing on that line? -cmb - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Load Balancer
On 8/19/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: > I have just upgrade from 73.12 to 77 on soekris 4801 > Is load balancer for outbound connection too? > The "bug" of ssh not restarting after a configuration restore is still here. SSH works fine. Remove anything in /cf/conf/config.xml that has SSH in it. The outgoing load balancing is not fully working yet. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] iperf question
I'd also like to know which rl cards these are. Can you send the output of pciconf -lv? thanks -Original Message- From: Chris Buechler [mailto:[EMAIL PROTECTED] Sent: Friday, August 19, 2005 8:31 AM Cc: support@pfsense.com Subject: Re: [pfSense Support] iperf question On 8/18/05, Randy B <[EMAIL PROTECTED]> wrote: > Chris Buechler wrote: > > Not unless you're running both a client and server at each end. > > Unfortunately, not the case - Yes it is. iperf doesn't test full duplex, it's one direction only (with one connection, run a server and a client on each side and you can test full duplex). You'll never get more than 100 Mb on a 100Mb link or 10 Mb on a 10 Mb link, even if it's full duplex, with a single iperf server and client. > > I'm able to get 93Mb to another machine on the network - acceptable, > given the cheap switch I have. > that's roughly as good as you're going to get on 100 Mb. > > I have two rl cards and one sis - sis0 is linked to my cable modem and > my LAN is to rl0. The RL NICs are both rather new, and both say they've > autonegotiated at 100Mb. rl's are known for poor performance, but should be better than that unless you're only running a 100-200 MHz machine or so. what duplex does it say? or does it not say? I'm still thinking duplex mismatch, though 20 something Mb is quite a bit for having a mismatch. You should be seeing: media: Ethernet autoselect (100baseTX ) in your ifconfig output. Exactly what are you seeing on that line? -cmb - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Trying to setup pfsense with 3 WAN connections
Hi there, Need tips for outgoing load balance and source routing with pfsense and 2 and 3 WAN connections. I tryed to config this scenario com with 2 pfsense box and with 1 pfsense box. With 2 gateways and using pfSense-LiveCD-0.76.4.iso I could have failover work but without "sync" of pf and nat rules. Acctually when I put any firewall or nat rule I started to have Acknowledge messages. After I tryed 3 WAN connections in one box just to have source routing for inbound connection but it also doesnt work. Or to be fair, it works with WAN and not for OPT1 or OPT2. I need at least source routing for 3 WAN and 1 LAN, if possible outgoing load balance. Any tip or trick? rules.debug and config.xml is attached for your verify. My Best Regards, Thanks Moacyr sargon.rules.debug Description: Binary data 1.9 metallic normal priq sargon caprioli.com.br admin $1$ezf5Q3eo$0qtZnpwULuwZa56/65fRp/ America/Sao_Paulo 300 pool.ntp.org http 200.204.0.10 200.204.0.138 200.158.122.1 vr0 192.168.0.18 24 100 Mb rl0 200.158.122.28 26 on 512 priq rl1 WANT 201.28.106.114 29 201.28.106.113 rl2 WANE 200.231.8.10 26 200.231.8.1 dyndns 192.168.0.50 192.168.0.254 public 192.168.0.0/24 Auto created rule for lan wan 192.168.0.0/24 opt1 192.168.0.0/24 opt2 tcp 5900 192.168.0.29 5900 opt1 tcp 5900 192.168.0.29 5900 wan tcp 5900 192.168.0.29 5900 opt2 wan tcp 192.168.0.29 5900 NAT opt2 tcp 192.168.0.29 5900 NAT opt1 tcp 192.168.0.29 5900 NAT pass lan keep state udp lan 500 pass lan keep state ah lan pass lan keep state esp lan pass lan keep state lan Default LAN -> any pass lan keep state lan 201.28.106.113 pass lan keep state lan 200.231.8.1 /firewall_nat_out.php made unknown change 1124327274 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Trying to setup pfsense with 3 WAN connections
Outgoing load balancing is not ready yet. On 8/19/05, Moacyr Leite da Silva <[EMAIL PROTECTED]> wrote: > > > Hi there, > > Need tips for outgoing load balance and source routing with pfsense and 2 > and 3 WAN connections. > > I tryed to config this scenario com with 2 pfsense box and with 1 pfsense > box. With 2 gateways and using pfSense-LiveCD-0.76.4.iso I could have > failover work but without "sync" of pf and nat rules. Acctually when I put > any firewall or nat rule I started to have Acknowledge messages. > > > After I tryed 3 WAN connections in one box just to have source routing for > inbound connection but it also doesnt work. Or to be fair, it works with WAN > and not for OPT1 or OPT2. > > I need at least source routing for 3 WAN and 1 LAN, if possible outgoing > load balance. Any tip or trick? > > rules.debug and config.xml is attached for your verify. > > My Best Regards, > > Thanks > Moacyr > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Load Balancer
Scott Ullrich ha scritto: The "bug" of ssh not restarting after a configuration restore is still here. SSH works fine. Remove anything in /cf/conf/config.xml that has SSH in it. yes, ssh works fine, but if you restore a configuration, it keeps the old pwd (pfsense) and don't use the one in conf file, until you reboot (or restart ssh) The outgoing load balancing is not fully working yet. so, I stop trying thank you regards Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] pfsense on flash
I noticed there are images for running pfsense on a Soekris device. Is it possible to use this image on flash in a standard PC? I woul love to replace my monowall with PFSense. Thanks Jamy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] pfsense on flash
The embedded images lack video, keyboard and mouse support. Perhaps the best solution is to install using the cdrom installer to the compact flash directly then editing /etc/platform to read "wrap". Scott On 8/19/05, Jamy Klein <[EMAIL PROTECTED]> wrote: > I noticed there are images for running pfsense on a Soekris device. Is > it possible to use this image on flash in a standard PC? I woul love > to replace my monowall with PFSense. > > Thanks > > Jamy > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] pfsense on flash
I just install from the cd straight onto the CF card and disable swap Then when it is setup is disable logs and forward to my syslog server works great > The embedded images lack video, keyboard and mouse support. Perhaps > the best solution is to install using the cdrom installer to the > compact flash directly then editing /etc/platform to read "wrap". > Scott On 8/19/05, Jamy Klein <[EMAIL PROTECTED]> wrote: > I noticed there are images for running pfsense on a Soekris device. Is > it possible to use this image on flash in a standard PC? I woul love > to replace my monowall with PFSense. > > Thanks > > Jamy > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] There were error(s) loading the rules
Hello, I have some problems with pfSense 0.77. I got this message: php: : There were error(s) loading the rules: /tmp/rules.debug:110: syntax error /tmp/rules.debug:111: syntax error /tmp/rules.debug:112: syntax error /tmp/rules.debug:113: syntax error /tmp/rules.debug:114: syntax error /tmp/rules.debug:115: syntax error /tmp/rules.debug:116: syntax error pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [110]: pass quick on rl0 proto esp from 172.16.0.72 to keep state label "IPSEC: esp proto" The Problem is now: The pfSense will nor route anylonger! From the LAN side it is possible to "ping" the WAN interface of the FW (172.16.0.72) but it is not possible to ping any other host (e.g. 172.16.0.71) in front of the WAN interface. Directly from the FW (via webinterface) it is possible to ping hosts in front of the WAN interface. What is going wrong? Regards Bastian - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] There were error(s) loading the rules
I agree this is still an issue in 0.77. It happens when you change the firewall rules. It does not matter what is in the ipsec setup. Wheather it is empty or you are using it -Original Message- From: Bastian Schern [mailto:[EMAIL PROTECTED] Sent: 19 August 2005 18:56 To: support@pfsense.com Subject: [pfSense Support] There were error(s) loading the rules Hello, I have some problems with pfSense 0.77. I got this message: php: : There were error(s) loading the rules: /tmp/rules.debug:110: syntax error /tmp/rules.debug:111: syntax error /tmp/rules.debug:112: syntax error /tmp/rules.debug:113: syntax error /tmp/rules.debug:114: syntax error /tmp/rules.debug:115: syntax error /tmp/rules.debug:116: syntax error pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [110]: pass quick on rl0 proto esp from 172.16.0.72 to keep state label "IPSEC: esp proto" The Problem is now: The pfSense will nor route anylonger! From the LAN side it is possible to "ping" the WAN interface of the FW (172.16.0.72) but it is not possible to ping any other host (e.g. 172.16.0.71) in front of the WAN interface. Directly from the FW (via webinterface) it is possible to ping hosts in front of the WAN interface. What is going wrong? Regards Bastian - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] There were error(s) loading the rules
On 8/19/05, alan walters <[EMAIL PROTECTED]> wrote: > I agree this is still an issue in 0.77. > It happens when you change the firewall rules. > > It does not matter what is in the ipsec setup. Wheather it is empty or > you are using it I disagree. I just changed a rule on my firewall at home and then REBOOTED it. All 5 of my tunnels are STILL fine. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] There were error(s) loading the rules
There are two ways to remake the error that I found. (1) create a new firewall rule and apply it. (2) to save the ipsec configuration (DOES NOT MATTER WHEATHER THERE IS ANYTHING IN IT OR NOT) this happened on at least 8 installs. Yes I agree you can clear the ipsec and reload the xml but if you do any of the above after that the issue comes back -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: 19 August 2005 19:40 To: alan walters Cc: Bastian Schern; support@pfsense.com Subject: Re: [pfSense Support] There were error(s) loading the rules On 8/19/05, alan walters <[EMAIL PROTECTED]> wrote: > I agree this is still an issue in 0.77. > It happens when you change the firewall rules. > > It does not matter what is in the ipsec setup. Wheather it is empty or > you are using it I disagree. I just changed a rule on my firewall at home and then REBOOTED it. All 5 of my tunnels are STILL fine. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Internal Virus Database is out-of-date. Checked by AVG Anti-Virus. Version: 7.0.338 / Virus Database: 267.10.4/66 - Release Date: 09/08/2005 -- Internal Virus Database is out-of-date. Checked by AVG Anti-Virus. Version: 7.0.338 / Virus Database: 267.10.4/66 - Release Date: 09/08/2005 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] There were error(s) loading the rules
On 8/19/05, alan walters <[EMAIL PROTECTED]> wrote: > There are two ways to remake the error that I found. > > > (1) create a new firewall rule and apply it. [click to toggle enabled/disabled status]* * * * * TestRule I added the rule above. No issues. > (2) to save the ipsec configuration (DOES NOT MATTER WHEATHER THERE IS > ANYTHING IN IT OR NOT) I just changed my ipsec. Again, no issues. The problem is either fixed on recent versions or this is not how to reliably reproduce it. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
FW: [pfSense Support] There were error(s) loading the rules
Oh well. I have worked on more than 6 differnet updated versions and seen this issue. 0.77 is the version of them all. Well I have said so you know. It does not effect me as I have reverted all my versions t0 0.74.6 till I see it gone for real. What it does is produce an empty tunnel in the ipsec and create empty rules in the vpn section of rules.debug. this stops some rules loading. Thanks anyway. -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: 19 August 2005 21:48 To: alan walters Cc: Bastian Schern; support@pfsense.com Subject: Re: [pfSense Support] There were error(s) loading the rules On 8/19/05, alan walters <[EMAIL PROTECTED]> wrote: > There are two ways to remake the error that I found. > > > (1) create a new firewall rule and apply it. [click to toggle enabled/disabled status]* * * * * TestRule I added the rule above. No issues. > (2) to save the ipsec configuration (DOES NOT MATTER WHEATHER THERE IS > ANYTHING IN IT OR NOT) I just changed my ipsec. Again, no issues. The problem is either fixed on recent versions or this is not how to reliably reproduce it. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Internal Virus Database is out-of-date. Checked by AVG Anti-Virus. Version: 7.0.338 / Virus Database: 267.10.4/66 - Release Date: 09/08/2005 -- Internal Virus Database is out-of-date. Checked by AVG Anti-Virus. Version: 7.0.338 / Virus Database: 267.10.4/66 - Release Date: 09/08/2005 -- Internal Virus Database is out-of-date. Checked by AVG Anti-Virus. Version: 7.0.338 / Virus Database: 267.10.4/66 - Release Date: 09/08/2005 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] There were error(s) loading the rules
I think I did nothing with the IPSec rule. But is there a way to get the FW back to work? Bastian Scott Ullrich schrieb: On 8/19/05, alan walters <[EMAIL PROTECTED]> wrote: There are two ways to remake the error that I found. (1) create a new firewall rule and apply it. [click to toggle enabled/disabled status] * * * * * TestRule I added the rule above. No issues. (2) to save the ipsec configuration (DOES NOT MATTER WHEATHER THERE IS ANYTHING IN IT OR NOT) I just changed my ipsec. Again, no issues. The problem is either fixed on recent versions or this is not how to reliably reproduce it. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] There were error(s) loading the rules
Backup the xml file and find the ipsec section and replace with the below code Replace the ipsec section with: -Original Message- From: Bastian Schern [mailto:[EMAIL PROTECTED] Sent: 19 August 2005 23:02 To: Scott Ullrich Cc: alan walters; support@pfsense.com Subject: Re: [pfSense Support] There were error(s) loading the rules I think I did nothing with the IPSec rule. But is there a way to get the FW back to work? Bastian Scott Ullrich schrieb: > On 8/19/05, alan walters <[EMAIL PROTECTED]> wrote: > >>There are two ways to remake the error that I found. >> >> >>(1) create a new firewall rule and apply it. > > > [click to toggle enabled/disabled status] * * * * > * TestRule > > I added the rule above. No issues. > > >>(2) to save the ipsec configuration (DOES NOT MATTER WHEATHER THERE IS >>ANYTHING IN IT OR NOT) > > > I just changed my ipsec. Again, no issues. The problem is either > fixed on recent versions or this is not how to reliably reproduce it. > > Scott > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.338 / Virus Database: 267.10.13/78 - Release Date: 19/08/2005 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.338 / Virus Database: 267.10.13/78 - Release Date: 19/08/2005 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Error when installing pfSense
Hello, I run the "installer" and after I partition the disk (I have only create one partition with * size, FreeBSD type and active status) It prompt the following error dialog box: Cancelled Execution of the command /FreeSBIE/sbin/fdisk -v -f /tmp/new.fdisk ad0 FAILED with a return code of 1. And in the viewlog, the tailing log about this error: , -<<< Executing `/FreeSBIE/sbin/fdisk -v -f /tmp/new.fdisk ad0` | *** Working on device /dev/ad0 *** | fdisk: WARNING line 1: number of cylinders (57461) may be out-of-range | (must be within 1-1024 for normal BIOS operation, unless the entire disk | is dedicated to FreeBSD | fdisk: ERROR line 1: number of sectors must be within (1-63) , ->>> Exit status: 1 I have tried 2 machines, both are VIA chipset, got this error. And I have install on a old PC with Intel chipset and also under VMware successfully.
[pfSense Support] Avoid 0.78!
Firmware upgrade bug lurks from within. I would avoid it at all costs. 0.79 will be published soon. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] 0.78 on WRAP 1E board
Hi, I get installed the last embedded release 0.78 on a WRAP 1E board and now all the minor webgui problem related to "status==>interfaces" are ok. Wonderful!! After that I tried to connect by SSH to pfsense after, of course, have enabled it in "System==>advanced" but I cannot log in: it says "...no further authentication methods avalaible"..I also disabled the firewall to be sure tha some rule would not interfere but no chances. Should I do something else to enable the ssh or the problem is elsewhere? Has someone else the same problem with embedded release? cheers Giorgio - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
