Re: [pfSense Support] 0.78 on WRAP 1E board
What SSH client are you using? Is it configured for 'keyboard-interactive' ? --Bill On 8/20/05, Giorgio Ducci <[EMAIL PROTECTED]> wrote: > Hi, > I get installed the last embedded release 0.78 on a WRAP 1E board and > now all the minor webgui problem related to "status==>interfaces" are > ok. Wonderful!! After that I tried to connect by SSH to pfsense after, > of course, have enabled it in "System==>advanced" but I cannot log in: > it says "...no further authentication methods avalaible"..I also > disabled the firewall to be sure tha some rule would not interfere but > no chances. Should I do something else to enable the ssh or the > problem is elsewhere? Has someone else the same problem with embedded > release? > cheers > Giorgio > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] iperf question
Fleming, John (ZeroChaos) wrote: I'd also like to know which rl cards these are. Can you send the output of pciconf -lv? Glad to oblige [EMAIL PROTECTED]:9:0: class=0x02 card=0x13011186 chip=0x13001186 rev=0x10 hdr=0x00 vendor = 'D-Link System Inc' device = 'DL 10038C or 10038D (Remark of Realtek RTL-8139) Fast Ethernet Adapter' class= network subclass = ethernet [EMAIL PROTECTED]:10:0: class=0x02 card=0xf3111385 chip=0x0020100b rev=0x00 hdr=0x00 vendor = 'National Semiconductor' device = 'DP83815/16 Fast Ethernet Adapter (MacPhyter/MacPhyter-II)' class= network subclass = ethernet [EMAIL PROTECTED]:11:0: class=0x02 card=0x13011186 chip=0x13001186 rev=0x10 hdr=0x00 vendor = 'D-Link System Inc' device = 'DL 10038C or 10038D (Remark of Realtek RTL-8139) Fast Ethernet Adapter' class= network subclass = ethernet Chris Buechler wrote: > Yes it is. iperf doesn't test full duplex, it's one direction only (with one connection, run a server and a client on each side and you can test full duplex). You'll never get more than 100 Mb on a 100Mb link or 10 Mb on a 10 Mb link, even if it's full duplex, with a single iperf server and client. The specific command I ran was "iperf -i 1 -N -d -P3 -c 192.168.0.1" - from the options on my Gentoo box, -d says it does a bidirectional test simultaneously, testing (I presumed) duplex. rl's are known for poor performance, but should be better than that unless you're only running a 100-200 MHz machine or so. I just barely miss that category... ;-) CPU: AMD-K6(tm) 3D processor (300.68-MHz 586-class CPU) You should be seeing: media: Ethernet autoselect (100baseTX ) in your ifconfig output. Exactly what are you seeing on that line? rl0: flags=8843 mtu 1500 options=8 inet 192.168.0.1 netmask 0xff00 broadcast 192.168.0.255 inet6 fe80::211:95ff:fe28:ab2f%rl0 prefixlen 64 scopeid 0x1 ether 00:11:95:28:ab:2f media: Ethernet autoselect (100baseTX ) status: active - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] iperf question
> The specific command I ran was "iperf -i 1 -N -d -P3 -c 192.168.0.1" - > from the options on my Gentoo box, -d says it does a bidirectional test > simultaneously, testing (I presumed) duplex. > ah yeah, it is full duplex with that option. I assumed you were doing nothing but a -c and -s. > > rl's are known for poor performance, but should be better than that > > unless you're only running a 100-200 MHz machine or so. > > I just barely miss that category... ;-) > CPU: AMD-K6(tm) 3D processor (300.68-MHz 586-class CPU) > hah Well...that's probably the best you can get on that. :) With rl NIC's at least, since they're interrupt happy. When you're testing throughput, can you try to run 'top' at the console or a SSH session? I'm curious what your CPU utilization will be. I had a rl NIC in a P3 600 FreeBSD box, and it could only do about 70 Mb to another host on my LAN. Put a Intel fxp in the same box, and it could do 100 Mb at wire speed. With an Intel gig 'em' card, the same box can do 400 Mb though a single NIC. Considering that when you're passing traffic, you can roughly cut that number in half, that P3 600 could have only done probably 35 Mb in a firewalling scenario with rl NIC's. Yes, they really are that bad. :) At 70 Mb with the rl, the P3 600 was pegged at 100% CPU, mostly from interrupts. A P3 600 is easily 2-3 times as fast as a K6 300, so those numbers don't look too out of wack. > rl0: flags=8843 mtu 1500 > media: Ethernet autoselect (100baseTX ) > looks fine. I bet if you replace the rl NIC's with fxp's, you'll see a huge improvement in performance. -cmb - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] iperf question
Chris Buechler wrote: hah Well...that's probably the best you can get on that. :) With rl NIC's at least, since they're interrupt happy. Wow. That was certainly it. Ran top and showed 0% idle CPU with over 70% interrupt dedicated to interrupts and ~25% system. I knew the RL NICs were poor, just never knew how poor they really were until I started playing around with BSD - I guess my Linux machines have always been powerful enough to overcome the danged things. Funny this - the 93Mb was between a desktop Athlon XP-1800 and a laptop AMD-64 3000+, both with RTL-8139 NICs. I guess I'll stop buying the crappy RTL cards now, eh? Hey, anyone interested in a couple of top-quality NICs? I'll sell 'em to you cheap! RB - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Error with squid on .79
I get the following error trying to install squid: Parse error: parse error, unexpected T_VARIABLE in /etc/inc/pkg-utils.inc(424) : eval()'d code on line 1 Fatal error: Call to undefined function: write_squid_static_config() in /etc/inc/pkg-utils.inc(424) : eval()'d code on line 1 This happens each time I try to install. In previous versions, a first attempt would fail to install correctly, but the second attempt would work. Also, I tried installing squidguard first using it's dependency on squid as a workaround to install both. Installing squidguard gives the following error: XML error: not well-formed (invalid token) at line 60 Jason - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Problem with WLAN & DHCP since version 73.8?
On a whim, I restored to factory defaults and re-entered my configuration settings. I no longer have the problem waiting 5-10 minutes on "configuring WAN interface..." so something in the config file must be causing this problem. I've carried the config file from version to version for quite a while. Also, when I upgraded to version 0.79 I had a warning on the terminal that the configuration file was created by a *newer* version of pfsense than was currently on the box (I was previously at 0.77). I can send a password-sanitized version of my config file if that would help. Jason On 8/18/05, Scott Ullrich <[EMAIL PROTECTED]> wrote: > On 8/17/05, Jason Landry <[EMAIL PROTECTED]> wrote: > > I've been running ok since 0.73.8, but I'm having a lot of difficulties > > since. > > > > I just installed 0.77 and once pfsense starts loading, everthing seems > > fine until it gets to: > > > > "configuring WAN interface..." > > > > it then takes 5-10 minutes before pfsense is fully loaded with the console > > menu. > > > > I made a change to the WAN interface, simply changing the bandwidth > > from 4 meg to 4000 kb, and it took about 2 minutes before connectivity > > to the internet was restored. > > > > I then made a change to turn of SNMP, and at the console I had a > > "tcsetupgrp failed errno=25" > > (a few more notes I managed to jot down were "fatal trap 12: page > > fault while in kernal mode", "supervisor write, page not present") > > > > At that point, a cold reboot was required. > > > > I again had to wait 5-10 minutes for the "configuring WAN > > interface..." to come up. > > > > All of this seems to work fine on 0.73.8, and below on this hardware, > > so I'm at a loss. > > Sounds like: > > * Newer freebsd doesnt agree with your wan nic > >or > > * Your NIC supports RXCSUM, POLLING or something other option that > we're trying to activate because the card says it supports it but > somethings not going good. > > I would replace the WAN nic with a decent card. I'm having 0 issues > with 0.77 at all my locations. > > Scott > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
