[pfSense Support] windows error 619 with pptp
I’m trying to establish a pptp connection from my PC (Windows XP) in my office to another remote office. After a while I get a Windows error message 619. I am behind a pfSense firewall (BETA3) with NAT and the remote office is using a m0n0wall v1.22 which terminates the VPN connection. Is this a known issue?
RE: [pfSense Support] windows error 619 with pptp
Unfortunately yes: http://cvstrac.pfsense.com/tktview?tn=812,6 This is a very strange bug that is pretty hard to diagnose. Disabling PPTP at the pfSense you are natting through should temporarily fix the issue. Holger -Original Message- From: Bernhard Ledermann [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 18, 2006 11:04 AM To: support@pfsense.com Subject: [pfSense Support] windows error 619 with pptp I'm trying to establish a pptp connection from my PC (Windows XP) in my office to another remote office. After a while I get a Windows error message 619. I am behind a pfSense firewall (BETA3) with NAT and the remote office is using a m0n0wall v1.22 which terminates the VPN connection. Is this a known issue? Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] pfSense Beta3 available
Hi. I can find the pfSense-1.0-BETA3-LiveCD-Installer.iso.gz file but if I gunzip it I will end with distribution files. Not the ISO ... Is everything right ? []'s On 4/18/06, Holger Bauer <[EMAIL PROTECTED]> wrote: > Hi community, > > we just got some reports that Beta3 was spotted at the mirrors! Get it while > it's hot and check http://pfsense.blogspot.com/2006/04/beta-3-is-here.html > for releaseinfo. > > Cheers, > Holger > > > Virus checked by G DATA AntiVirusKit > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] pfSense Beta3 available
Hi, I downloaded the same file and unzipped it on Win XP using WinRAR, it extracts to a folder then the PFSense.ISO is in the folder. Use that to create your bootable Disc. Installed Beta3 this afternoon and using it now. Kindest Regards, Craig Roy Horizon IT Consultants -Original Message- From: Guilherme Oliveira [mailto:[EMAIL PROTECTED] Sent: Tuesday, 18 April 2006 9:08 PM To: support@pfsense.com Subject: Re: [pfSense Support] pfSense Beta3 available Hi. I can find the pfSense-1.0-BETA3-LiveCD-Installer.iso.gz file but if I gunzip it I will end with distribution files. Not the ISO ... Is everything right ? []'s On 4/18/06, Holger Bauer <[EMAIL PROTECTED]> wrote: > Hi community, > > we just got some reports that Beta3 was spotted at the mirrors! Get it while it's hot and check http://pfsense.blogspot.com/2006/04/beta-3-is-here.html for releaseinfo. > > Cheers, > Holger > > > Virus checked by G DATA AntiVirusKit > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.1.384 / Virus Database: 268.4.3/317 - Release Date: 18/04/2006 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.1.384 / Virus Database: 268.4.3/317 - Release Date: 18/04/2006 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] pfSense Beta3 available
My fault. I used winrar and it decompress everything. I done that with freebsd and i had already burned the iso. Thanks. On 4/18/06, Craig Roy <[EMAIL PROTECTED]> wrote: > Hi, > > I downloaded the same file and unzipped it on Win XP using WinRAR, it > extracts to a folder then the PFSense.ISO is in the folder. Use that to > create your bootable Disc. > > Installed Beta3 this afternoon and using it now. > > Kindest Regards, > > Craig Roy > Horizon IT Consultants > > -Original Message- > From: Guilherme Oliveira [mailto:[EMAIL PROTECTED] > Sent: Tuesday, 18 April 2006 9:08 PM > To: support@pfsense.com > Subject: Re: [pfSense Support] pfSense Beta3 available > > Hi. > > I can find the pfSense-1.0-BETA3-LiveCD-Installer.iso.gz file but if I > gunzip it I will end with distribution files. Not the ISO ... > > Is everything right ? > > []'s > > On 4/18/06, Holger Bauer <[EMAIL PROTECTED]> wrote: > > Hi community, > > > > we just got some reports that Beta3 was spotted at the mirrors! Get it > while it's hot and check > http://pfsense.blogspot.com/2006/04/beta-3-is-here.html for releaseinfo. > > > > Cheers, > > Holger > > > > > > Virus checked by G DATA AntiVirusKit > > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- > No virus found in this incoming message. > Checked by AVG Anti-Virus. > Version: 7.1.384 / Virus Database: 268.4.3/317 - Release Date: 18/04/2006 > > > -- > No virus found in this outgoing message. > Checked by AVG Anti-Virus. > Version: 7.1.384 / Virus Database: 268.4.3/317 - Release Date: 18/04/2006 > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] pfSense BETA3 Embedded
I reflashed a 64MB cf card with the new image. It's O.K. until I've changed the LAN ip address. After it is done it didn't accepted any keyboard input from serial console. It is strange. Any other experience with it? Now I have returned to the latest snapshot, but will try again in the evening. Regards Imre -- Skype: ispanovits_imre This is Linux Land. In silent nights you can hear the windows machines rebooting signature.asc Description: PGP signature
[pfSense Support] L2TP From Behind pfSense
I am trying to make an L2TP connection to a remote Sonicwall from behind pfSense. Yesterday from a dial up connection I was able to establish the L2TP connection without any issues. Today I am behind the pfSense @ my office and I am not able to make the connection. I am guessing I am missing a firewall rule or 2, but I am not sure. I've enabled IPSec on the pfSense, which I thought created the default rules for allowing the IPSec traffic, but it still does not work. I first tried without IPSec enabled on the pfSense, which also did not work. Do I need more / other rules for this or perhaps a NAT entry to forward traffic to my laptop? Thanks for any help you can provide. Brian - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Massive amounts of pfsync traffic when CARP is turned off
I just noticed my pfSense (now upgraded to Beta3, thanks guys!) machine multicasting pfsync traffic of biblical proportions. This was a surprise to me because I don't have CARP enabled on this box. In poking around in my machine's config file I see the following entry: - <#> - <#> -- point of interest LAN Does this mean that, pfsync is enabled anyhow? How can I make the bad man stop? It's really hosing one of my switches. Best, Gary - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Massive amounts of pfsync traffic when CARP is turned off
Is this an imported config? CARP config options are located at Interfaces>Virtual IPs, CARP settings tab. Disable all options there, save and apply. Does this fix it? Btw, I haven't noticed that behavior with my embedded beta3 build. Maybe you are running into some kind of upgrade bug. If nothing helps I recommend reinstalling a fresh Beta3 :-/ Holger > -Original Message- > From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > Sent: Tuesday, April 18, 2006 4:26 PM > To: support@pfsense.com > Subject: [pfSense Support] Massive amounts of pfsync traffic when CARP > is turned off > > > I just noticed my pfSense (now upgraded to Beta3, thanks > guys!) machine > multicasting pfsync traffic of biblical proportions. This was a > surprise to me because I don't have CARP enabled on this box. > In poking > around in my machine's config file I see the following entry: > > - <#> > - <#> > -- point of interest > LAN > > > > > > > > > > > > > > > > > > Does this mean that, pfsync is enabled anyhow? How can I > make the bad > man stop? It's really hosing one of my switches. > > Best, > > Gary > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Massive amounts of pfsync traffic when CARP is turned off
Holger, The WebGUI shows CARP completely turned off, as it should be. The config file has been with me, more or less, since 0.95 but always on that machine. CARP had been turned on at one time on that machine, however it was completely disabled. I suspect that I simply need to remove the line from my config file to turn it off. Is that a correct statement or do I need to remove other lines as well? I'd rather avoid doing a complete re-install if at all possible. Thanks for your help. -Gary Holger Bauer wrote: Is this an imported config? CARP config options are located at Interfaces>Virtual IPs, CARP settings tab. Disable all options there, save and apply. Does this fix it? Btw, I haven't noticed that behavior with my embedded beta3 build. Maybe you are running into some kind of upgrade bug. If nothing helps I recommend reinstalling a fresh Beta3 :-/ Holger -Original Message- From: Gary Buckmaster [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 18, 2006 4:26 PM To: support@pfsense.com Subject: [pfSense Support] Massive amounts of pfsync traffic when CARP is turned off I just noticed my pfSense (now upgraded to Beta3, thanks guys!) machine multicasting pfsync traffic of biblical proportions. This was a surprise to me because I don't have CARP enabled on this box. In poking around in my machine's config file I see the following entry: - <#> - <#> -- point of interest LAN Does this mean that, pfsync is enabled anyhow? How can I make the bad man stop? It's really hosing one of my switches. Best, Gary - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Massive amounts of pfsync traffic when CARPis turned off
Just hit save at the CARP-Settings with all options turned off. It should save all necessary settings and apply the changes. Holger > -Original Message- > From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > Sent: Tuesday, April 18, 2006 4:37 PM > To: support@pfsense.com > Subject: Re: [pfSense Support] Massive amounts of pfsync traffic when > CARPis turned off > > > Holger, > > The WebGUI shows CARP completely turned off, as it should be. The > config file has been with me, more or less, since 0.95 but always on > that machine. CARP had been turned on at one time on that machine, > however it was completely disabled. I suspect that I simply need to > remove the line from my config file to turn it off. Is that > a correct > statement or do I need to remove other lines as well? I'd > rather avoid > doing a complete re-install if at all possible. Thanks for your help. > > -Gary > > Holger Bauer wrote: > > Is this an imported config? CARP config options are located > at Interfaces>Virtual IPs, CARP settings tab. Disable all > options there, save and apply. Does this fix it? Btw, I > haven't noticed that behavior with my embedded beta3 build. > Maybe you are runni > ng into some kind of upgrade bug. If nothing helps I > recommend reinstalling a fresh Beta3 :-/ > > > > Holger > > > > > >> -Original Message- > >> From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > >> Sent: Tuesday, April 18, 2006 4:26 PM > >> To: support@pfsense.com > >> Subject: [pfSense Support] Massive amounts of pfsync > traffic when CARP > >> is turned off > >> > >> > >> I just noticed my pfSense (now upgraded to Beta3, thanks > >> guys!) machine > >> multicasting pfsync traffic of biblical proportions. This was a > >> surprise to me because I don't have CARP enabled on this box. > >> In poking > >> around in my machine's config file I see the following entry: > >> > >> - <#> > >> - <#> > >> -- point of interest > >> LAN > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> Does this mean that, pfsync is enabled anyhow? How can I > >> make the bad > >> man stop? It's really hosing one of my switches. > >> > >> Best, > >> > >> Gary > >> > >> > - > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > >> > > > > > > Virus checked by G DATA AntiVirusKit > > > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Massive amounts of pfsync traffic when CARPis turned off
Holger, Actually, that doesn't work. Hitting save on its own doesn't turn off the synchronization. Enabling, then saving, then disabling and saving again, also doesn't turn it off. If I leave it disabled in the WebGUI and then change the sync interface to WAN, all the sync traffic moves to the WAN interface. Changing it back to LAN moves the sync traffic back. -Gary Holger Bauer wrote: Just hit save at the CARP-Settings with all options turned off. It should save all necessary settings and apply the changes. Holger -Original Message- From: Gary Buckmaster [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 18, 2006 4:37 PM To: support@pfsense.com Subject: Re: [pfSense Support] Massive amounts of pfsync traffic when CARPis turned off Holger, The WebGUI shows CARP completely turned off, as it should be. The config file has been with me, more or less, since 0.95 but always on that machine. CARP had been turned on at one time on that machine, however it was completely disabled. I suspect that I simply need to remove the line from my config file to turn it off. Is that a correct statement or do I need to remove other lines as well? I'd rather avoid doing a complete re-install if at all possible. Thanks for your help. -Gary Holger Bauer wrote: Is this an imported config? CARP config options are located at Interfaces>Virtual IPs, CARP settings tab. Disable all options there, save and apply. Does this fix it? Btw, I haven't noticed that behavior with my embedded beta3 build. Maybe you are runni ng into some kind of upgrade bug. If nothing helps I recommend reinstalling a fresh Beta3 :-/ Holger -Original Message- From: Gary Buckmaster [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 18, 2006 4:26 PM To: support@pfsense.com Subject: [pfSense Support] Massive amounts of pfsync traffic when CARP is turned off I just noticed my pfSense (now upgraded to Beta3, thanks guys!) machine multicasting pfsync traffic of biblical proportions. This was a surprise to me because I don't have CARP enabled on this box. In poking around in my machine's config file I see the following entry: - <#> - <#> -- point of interest LAN Does this mean that, pfsync is enabled anyhow? How can I make the bad man stop? It's really hosing one of my switches. Best, Gary - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Massive amounts of pfsync traffic when CARPisturned off
There has been a lot of movement between your initial installed version and beta3. The cleanest thing really would be a reinstall from scratch :-/ but you might want to wait for scott's or bill's thoughts on this behavior first. Holger > -Original Message- > From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > Sent: Tuesday, April 18, 2006 4:45 PM > To: support@pfsense.com > Subject: Re: [pfSense Support] Massive amounts of pfsync traffic when > CARPisturned off > > > Holger, > > Actually, that doesn't work. Hitting save on its own doesn't > turn off > the synchronization. Enabling, then saving, then disabling > and saving > again, also doesn't turn it off. If I leave it disabled in > the WebGUI > and then change the sync interface to WAN, all the sync > traffic moves to > the WAN interface. Changing it back to LAN moves the sync > traffic back. > > -Gary > > Holger Bauer wrote: > > Just hit save at the CARP-Settings with all options turned > off. It should save all necessary settings and apply the changes. > > > > Holger > > > > > >> -Original Message- > >> From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > >> Sent: Tuesday, April 18, 2006 4:37 PM > >> To: support@pfsense.com > >> Subject: Re: [pfSense Support] Massive amounts of pfsync > traffic when > >> CARPis turned off > >> > >> > >> Holger, > >> > >> The WebGUI shows CARP completely turned off, as it should be. The > >> config file has been with me, more or less, since 0.95 but > always on > >> that machine. CARP had been turned on at one time on that > machine, > >> however it was completely disabled. I suspect that I > simply need to > >> remove the line from my config file to turn it off. Is that > >> a correct > >> statement or do I need to remove other lines as well? I'd > >> rather avoid > >> doing a complete re-install if at all possible. Thanks > for your help. > >> > >> -Gary > >> > >> Holger Bauer wrote: > >> > >>> Is this an imported config? CARP config options are located > >>> > >> at Interfaces>Virtual IPs, CARP settings tab. Disable all > >> options there, save and apply. Does this fix it? Btw, I > >> haven't noticed that behavior with my embedded beta3 build. > >> Maybe you are runni > >> ng into some kind of upgrade bug. If nothing helps I > >> recommend reinstalling a fresh Beta3 :-/ > >> > >>> Holger > >>> > >>> > >>> > -Original Message- > From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > Sent: Tuesday, April 18, 2006 4:26 PM > To: support@pfsense.com > Subject: [pfSense Support] Massive amounts of pfsync > > >> traffic when CARP > >> > is turned off > > > I just noticed my pfSense (now upgraded to Beta3, thanks > guys!) machine > multicasting pfsync traffic of biblical proportions. This was a > surprise to me because I don't have CARP enabled on this box. > In poking > around in my machine's config file I see the following entry: > > - <#> > - <#> > -- point of interest > LAN > > > > > > > > > > > > > > > > > > Does this mean that, pfsync is enabled anyhow? How can I > make the bad > man stop? It's really hosing one of my switches. > > Best, > > Gary > > > > >> > - > >> > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > >>> > >>> Virus checked by G DATA AntiVirusKit > >>> > >>> > >>> > >>> > >> > - > >> > >>> To unsubscribe, e-mail: [EMAIL PROTECTED] > >>> For additional commands, e-mail: [EMAIL PROTECTED] > >>> > >>> > >>> > >> > - > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > >> > > > > > > Virus checked by G DATA AntiVirusKit > > > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Massive amounts of pfsync traffic when CARPisturned off
If you are not using CARP/pfSync then it should be bound to the loopback adapter broadcasting nothing. On 4/18/06, Holger Bauer <[EMAIL PROTECTED]> wrote: > There has been a lot of movement between your initial installed version and > beta3. The cleanest thing really would be a reinstall from scratch :-/ but > you might want to wait for scott's or bill's thoughts on this behavior first. > > Holger > > > -Original Message- > > From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, April 18, 2006 4:45 PM > > To: support@pfsense.com > > Subject: Re: [pfSense Support] Massive amounts of pfsync traffic when > > CARPisturned off > > > > > > Holger, > > > > Actually, that doesn't work. Hitting save on its own doesn't > > turn off > > the synchronization. Enabling, then saving, then disabling > > and saving > > again, also doesn't turn it off. If I leave it disabled in > > the WebGUI > > and then change the sync interface to WAN, all the sync > > traffic moves to > > the WAN interface. Changing it back to LAN moves the sync > > traffic back. > > > > -Gary > > > > Holger Bauer wrote: > > > Just hit save at the CARP-Settings with all options turned > > off. It should save all necessary settings and apply the changes. > > > > > > Holger > > > > > > > > >> -Original Message- > > >> From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > > >> Sent: Tuesday, April 18, 2006 4:37 PM > > >> To: support@pfsense.com > > >> Subject: Re: [pfSense Support] Massive amounts of pfsync > > traffic when > > >> CARPis turned off > > >> > > >> > > >> Holger, > > >> > > >> The WebGUI shows CARP completely turned off, as it should be. The > > >> config file has been with me, more or less, since 0.95 but > > always on > > >> that machine. CARP had been turned on at one time on that > > machine, > > >> however it was completely disabled. I suspect that I > > simply need to > > >> remove the line from my config file to turn it off. Is that > > >> a correct > > >> statement or do I need to remove other lines as well? I'd > > >> rather avoid > > >> doing a complete re-install if at all possible. Thanks > > for your help. > > >> > > >> -Gary > > >> > > >> Holger Bauer wrote: > > >> > > >>> Is this an imported config? CARP config options are located > > >>> > > >> at Interfaces>Virtual IPs, CARP settings tab. Disable all > > >> options there, save and apply. Does this fix it? Btw, I > > >> haven't noticed that behavior with my embedded beta3 build. > > >> Maybe you are runni > > >> ng into some kind of upgrade bug. If nothing helps I > > >> recommend reinstalling a fresh Beta3 :-/ > > >> > > >>> Holger > > >>> > > >>> > > >>> > > -Original Message- > > From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, April 18, 2006 4:26 PM > > To: support@pfsense.com > > Subject: [pfSense Support] Massive amounts of pfsync > > > > >> traffic when CARP > > >> > > is turned off > > > > > > I just noticed my pfSense (now upgraded to Beta3, thanks > > guys!) machine > > multicasting pfsync traffic of biblical proportions. This was a > > surprise to me because I don't have CARP enabled on this box. > > In poking > > around in my machine's config file I see the following entry: > > > > - <#> > > - <#> > > -- point of interest > > LAN > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Does this mean that, pfsync is enabled anyhow? How can I > > make the bad > > man stop? It's really hosing one of my switches. > > > > Best, > > > > Gary > > > > > > > > >> > > - > > >> > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > >>> > > >>> Virus checked by G DATA AntiVirusKit > > >>> > > >>> > > >>> > > >>> > > >> > > - > > >> > > >>> To unsubscribe, e-mail: [EMAIL PROTECTED] > > >>> For additional commands, e-mail: [EMAIL PROTECTED] > > >>> > > >>> > > >>> > > >> > > - > > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > > >> For additional commands, e-mail: [EMAIL PROTECTED] > > >> > > >> > > >> > > > > > > > > > Virus checked by G DATA AntiVirusKit > > > > > > > > > > > - > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTE
Re: [pfSense Support] Massive amounts of pfsync traffic when CARPisturned off
Scott, I agree that that's how it *should* be working, but that's not what's currently happening on this box. I'd like, very much to stop the madness without requiring a complete re-install. Am I safe simply removing the pfsyncenabled tag from my config file or is there more involved? -Gary Scott Ullrich wrote: If you are not using CARP/pfSync then it should be bound to the loopback adapter broadcasting nothing. On 4/18/06, Holger Bauer <[EMAIL PROTECTED]> wrote: There has been a lot of movement between your initial installed version and beta3. The cleanest thing really would be a reinstall from scratch :-/ but you might want to wait for scott's or bill's thoughts on this behavior first. Holger -Original Message- From: Gary Buckmaster [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 18, 2006 4:45 PM To: support@pfsense.com Subject: Re: [pfSense Support] Massive amounts of pfsync traffic when CARPisturned off Holger, Actually, that doesn't work. Hitting save on its own doesn't turn off the synchronization. Enabling, then saving, then disabling and saving again, also doesn't turn it off. If I leave it disabled in the WebGUI and then change the sync interface to WAN, all the sync traffic moves to the WAN interface. Changing it back to LAN moves the sync traffic back. -Gary Holger Bauer wrote: Just hit save at the CARP-Settings with all options turned off. It should save all necessary settings and apply the changes. Holger -Original Message- From: Gary Buckmaster [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 18, 2006 4:37 PM To: support@pfsense.com Subject: Re: [pfSense Support] Massive amounts of pfsync traffic when CARPis turned off Holger, The WebGUI shows CARP completely turned off, as it should be. The config file has been with me, more or less, since 0.95 but always on that machine. CARP had been turned on at one time on that machine, however it was completely disabled. I suspect that I simply need to remove the line from my config file to turn it off. Is that a correct statement or do I need to remove other lines as well? I'd rather avoid doing a complete re-install if at all possible. Thanks for your help. -Gary Holger Bauer wrote: Is this an imported config? CARP config options are located at Interfaces>Virtual IPs, CARP settings tab. Disable all options there, save and apply. Does this fix it? Btw, I haven't noticed that behavior with my embedded beta3 build. Maybe you are runni ng into some kind of upgrade bug. If nothing helps I recommend reinstalling a fresh Beta3 :-/ Holger -Original Message- From: Gary Buckmaster [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 18, 2006 4:26 PM To: support@pfsense.com Subject: [pfSense Support] Massive amounts of pfsync traffic when CARP is turned off I just noticed my pfSense (now upgraded to Beta3, thanks guys!) machine multicasting pfsync traffic of biblical proportions. This was a surprise to me because I don't have CARP enabled on this box. In poking around in my machine's config file I see the following entry: - <#> - <#> -- point of interest LAN Does this mean that, pfsync is enabled anyhow? How can I make the bad man stop? It's really hosing one of my switches. Best, Gary - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Massive amounts of pfsync traffic when CARPisturned off
Should be safe. But then again turning off pfSync should remove the tag as well. On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: > Scott, > > I agree that that's how it *should* be working, but that's not what's > currently happening on this box. I'd like, very much to stop the > madness without requiring a complete re-install. Am I safe simply > removing the pfsyncenabled tag from my config file or is there more > involved? > > -Gary > > Scott Ullrich wrote: > > If you are not using CARP/pfSync then it should be bound to the > > loopback adapter broadcasting nothing. > > > > On 4/18/06, Holger Bauer <[EMAIL PROTECTED]> wrote: > > > >> There has been a lot of movement between your initial installed version > >> and beta3. The cleanest thing really would be a reinstall from scratch :-/ > >> but you might want to wait for scott's or bill's thoughts on this behavior > >> first. > >> > >> Holger > >> > >> > >>> -Original Message- > >>> From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > >>> Sent: Tuesday, April 18, 2006 4:45 PM > >>> To: support@pfsense.com > >>> Subject: Re: [pfSense Support] Massive amounts of pfsync traffic when > >>> CARPisturned off > >>> > >>> > >>> Holger, > >>> > >>> Actually, that doesn't work. Hitting save on its own doesn't > >>> turn off > >>> the synchronization. Enabling, then saving, then disabling > >>> and saving > >>> again, also doesn't turn it off. If I leave it disabled in > >>> the WebGUI > >>> and then change the sync interface to WAN, all the sync > >>> traffic moves to > >>> the WAN interface. Changing it back to LAN moves the sync > >>> traffic back. > >>> > >>> -Gary > >>> > >>> Holger Bauer wrote: > >>> > Just hit save at the CARP-Settings with all options turned > > >>> off. It should save all necessary settings and apply the changes. > >>> > Holger > > > > > -Original Message- > > From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, April 18, 2006 4:37 PM > > To: support@pfsense.com > > Subject: Re: [pfSense Support] Massive amounts of pfsync > > > >>> traffic when > >>> > > CARPis turned off > > > > > > Holger, > > > > The WebGUI shows CARP completely turned off, as it should be. The > > config file has been with me, more or less, since 0.95 but > > > >>> always on > >>> > > that machine. CARP had been turned on at one time on that > > > >>> machine, > >>> > > however it was completely disabled. I suspect that I > > > >>> simply need to > >>> > > remove the line from my config file to turn it off. Is that > > a correct > > statement or do I need to remove other lines as well? I'd > > rather avoid > > doing a complete re-install if at all possible. Thanks > > > >>> for your help. > >>> > > -Gary > > > > Holger Bauer wrote: > > > > > >> Is this an imported config? CARP config options are located > >> > >> > > at Interfaces>Virtual IPs, CARP settings tab. Disable all > > options there, save and apply. Does this fix it? Btw, I > > haven't noticed that behavior with my embedded beta3 build. > > Maybe you are runni > > ng into some kind of upgrade bug. If nothing helps I > > recommend reinstalling a fresh Beta3 :-/ > > > > > >> Holger > >> > >> > >> > >> > >>> -Original Message- > >>> From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > >>> Sent: Tuesday, April 18, 2006 4:26 PM > >>> To: support@pfsense.com > >>> Subject: [pfSense Support] Massive amounts of pfsync > >>> > >>> > > traffic when CARP > > > > > >>> is turned off > >>> > >>> > >>> I just noticed my pfSense (now upgraded to Beta3, thanks > >>> guys!) machine > >>> multicasting pfsync traffic of biblical proportions. This was a > >>> surprise to me because I don't have CARP enabled on this box. > >>> In poking > >>> around in my machine's config file I see the following entry: > >>> > >>> - <#> > >>> - <#> > >>> -- point of interest > >>> LAN > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> Does this mean that, pfsync is enabled anyhow? How can I > >>> make the bad > >>> man stop? It's really hosing one of my switches. > >>> > >>> Best, > >>> > >>> Gary > >>> > >>> > >>> > >>> > >>> > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROT
Re: [pfSense Support] Massive amounts of pfsync traffic when CARPisturned off
Yeah and I tried that, it had no effect. And as I said earlier in my post, I turned it on and saved, turned it off and saved and no effect. Changing the sync interface, even with synchronization turned off does have an effect (which it shouldn't IMHO but that's another story). -Gary Scott Ullrich wrote: Should be safe. But then again turning off pfSync should remove the tag as well. On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: Scott, I agree that that's how it *should* be working, but that's not what's currently happening on this box. I'd like, very much to stop the madness without requiring a complete re-install. Am I safe simply removing the pfsyncenabled tag from my config file or is there more involved? -Gary Scott Ullrich wrote: If you are not using CARP/pfSync then it should be bound to the loopback adapter broadcasting nothing. On 4/18/06, Holger Bauer <[EMAIL PROTECTED]> wrote: There has been a lot of movement between your initial installed version and beta3. The cleanest thing really would be a reinstall from scratch :-/ but you might want to wait for scott's or bill's thoughts on this behavior first. Holger -Original Message- From: Gary Buckmaster [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 18, 2006 4:45 PM To: support@pfsense.com Subject: Re: [pfSense Support] Massive amounts of pfsync traffic when CARPisturned off Holger, Actually, that doesn't work. Hitting save on its own doesn't turn off the synchronization. Enabling, then saving, then disabling and saving again, also doesn't turn it off. If I leave it disabled in the WebGUI and then change the sync interface to WAN, all the sync traffic moves to the WAN interface. Changing it back to LAN moves the sync traffic back. -Gary Holger Bauer wrote: Just hit save at the CARP-Settings with all options turned off. It should save all necessary settings and apply the changes. Holger -Original Message- From: Gary Buckmaster [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 18, 2006 4:37 PM To: support@pfsense.com Subject: Re: [pfSense Support] Massive amounts of pfsync traffic when CARPis turned off Holger, The WebGUI shows CARP completely turned off, as it should be. The config file has been with me, more or less, since 0.95 but always on that machine. CARP had been turned on at one time on that machine, however it was completely disabled. I suspect that I simply need to remove the line from my config file to turn it off. Is that a correct statement or do I need to remove other lines as well? I'd rather avoid doing a complete re-install if at all possible. Thanks for your help. -Gary Holger Bauer wrote: Is this an imported config? CARP config options are located at Interfaces>Virtual IPs, CARP settings tab. Disable all options there, save and apply. Does this fix it? Btw, I haven't noticed that behavior with my embedded beta3 build. Maybe you are runni ng into some kind of upgrade bug. If nothing helps I recommend reinstalling a fresh Beta3 :-/ Holger -Original Message- From: Gary Buckmaster [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 18, 2006 4:26 PM To: support@pfsense.com Subject: [pfSense Support] Massive amounts of pfsync traffic when CARP is turned off I just noticed my pfSense (now upgraded to Beta3, thanks guys!) machine multicasting pfsync traffic of biblical proportions. This was a surprise to me because I don't have CARP enabled on this box. In poking around in my machine's config file I see the following entry: - <#> - <#> -- point of interest LAN Does this mean that, pfsync is enabled anyhow? How can I make the bad man stop? It's really hosing one of my switches. Best, Gary - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Beta 3 Upgrade problems with Load Balancing
It appears that upgrading to beta3 has killed my load balancing. I originally had the monitor IPs the same for both gateways but have since corrected that. I am using the gateway on both interfaces as the monitor IP. With the failed load balancing I have also started to notice a failed message appearing in my logs. This is from my Load Balance Log sectionApr 18 11:12:28 slbd[2134]: Service changed status, reloading filter policy Apr 18 11:12:28 slbd[2134]: Switching to sitedown for VIP 127.0.0.1:666 Apr 18 11:12:28 slbd[2134]: TCP poll failed to start to 68.x.x.x:666 in default (Operation now in progress) (IP= WAN Gateway) Apr 18 11:12:28 slbd[2134]: TCP poll failed to start to 66.x.x.xx:666 in default (Operation now in progress) (IP=OPT1 Gateway) Apr 18 11:12:28 slbd[2134]: VIP 127.0.0.1:666 added real service 68.x.x.x:666 (IP= WAN Gateway) Apr 18 11:12:28 slbd[2134]: VIP 127.0.0.1:666 added real service 66.x.x.x:666 (IP=OPT1 Gateway) Apr 18 11:12:28 slbd[2134]: VIP 127.0.0.1:666 sitedown at 127.0.0.1:666 Apr 18 11:12:28 slbd[2134]: VIP 127.0.0.1:666 configured as "127.0.0.1" Apr 18 11:12:28 slbd[2134]: Using configuration file /var/etc/slbd.conf Apr 18 11:12:28 slbd[2134]: Using r_refresh of 5000 millisecondsThis is the log under system Apr 18 11:12:39 php: : There were error(s) loading the rules: /tmp/rules.debug:220: syntax error pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [220]: label "USER_RULE" Apr 18 11:12:33 php: : FTP proxy disabled for interface opt1 - ignoring. Apr 18 11:12:28 slbd[2134]: Service changed status, reloading filter policy Apr 18 11:12:28 slbd[2134]: Switching to sitedown for VIP 127.0.0.1:666 Apr 18 11:12:28 slbd[2134]: TCP poll failed to start to 68.x.x.x:666 in default (Operation now in progress) (IP= WAN Gateway) Apr 18 11:12:28 slbd[2134]: TCP poll failed to start to 66.x.x.x:666 in default (Operation now in progress) (IP=OPT1 Gateway)Most of the above log entry's I pasted are 'new' as in I didn't see these errors until after 2 reboots & recreating the load balanced rule from scratch with the gateways as the monitor IPs. Before I recreated the load balance rule and load balanced the only noticible error was. : There were error(s) loading the rules: /tmp/rules.debug:220: syntax error pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [220]: label "USER_RULELet me know of any suggestions you may have or if you need additional information from me. Wan interface = DHCP (with static gateway)Opt1 interface = static
Re: [pfSense Support] Massive amounts of pfsync traffic when CARPisturned off
It most likely will not "change" the pfsync association until the next reboot. On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: > Yeah and I tried that, it had no effect. And as I said earlier in my > post, I turned it on and saved, turned it off and saved and no effect. > Changing the sync interface, even with synchronization turned off does > have an effect (which it shouldn't IMHO but that's another story). > > -Gary > > Scott Ullrich wrote: > > Should be safe. But then again turning off pfSync should remove the > > tag as well. > > > > On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: > > > >> Scott, > >> > >> I agree that that's how it *should* be working, but that's not what's > >> currently happening on this box. I'd like, very much to stop the > >> madness without requiring a complete re-install. Am I safe simply > >> removing the pfsyncenabled tag from my config file or is there more > >> involved? > >> > >> -Gary > >> > >> Scott Ullrich wrote: > >> > >>> If you are not using CARP/pfSync then it should be bound to the > >>> loopback adapter broadcasting nothing. > >>> > >>> On 4/18/06, Holger Bauer <[EMAIL PROTECTED]> wrote: > >>> > >>> > There has been a lot of movement between your initial installed version > and beta3. The cleanest thing really would be a reinstall from scratch > :-/ but you might want to wait for scott's or bill's thoughts on this > behavior first. > > Holger > > > > > -Original Message- > > From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, April 18, 2006 4:45 PM > > To: support@pfsense.com > > Subject: Re: [pfSense Support] Massive amounts of pfsync traffic when > > CARPisturned off > > > > > > Holger, > > > > Actually, that doesn't work. Hitting save on its own doesn't > > turn off > > the synchronization. Enabling, then saving, then disabling > > and saving > > again, also doesn't turn it off. If I leave it disabled in > > the WebGUI > > and then change the sync interface to WAN, all the sync > > traffic moves to > > the WAN interface. Changing it back to LAN moves the sync > > traffic back. > > > > -Gary > > > > Holger Bauer wrote: > > > > > >> Just hit save at the CARP-Settings with all options turned > >> > >> > > off. It should save all necessary settings and apply the changes. > > > > > >> Holger > >> > >> > >> > >> > >>> -Original Message- > >>> From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > >>> Sent: Tuesday, April 18, 2006 4:37 PM > >>> To: support@pfsense.com > >>> Subject: Re: [pfSense Support] Massive amounts of pfsync > >>> > >>> > > traffic when > > > > > >>> CARPis turned off > >>> > >>> > >>> Holger, > >>> > >>> The WebGUI shows CARP completely turned off, as it should be. The > >>> config file has been with me, more or less, since 0.95 but > >>> > >>> > > always on > > > > > >>> that machine. CARP had been turned on at one time on that > >>> > >>> > > machine, > > > > > >>> however it was completely disabled. I suspect that I > >>> > >>> > > simply need to > > > > > >>> remove the line from my config file to turn it off. Is that > >>> a correct > >>> statement or do I need to remove other lines as well? I'd > >>> rather avoid > >>> doing a complete re-install if at all possible. Thanks > >>> > >>> > > for your help. > > > > > >>> -Gary > >>> > >>> Holger Bauer wrote: > >>> > >>> > >>> > Is this an imported config? CARP config options are located > > > > >>> at Interfaces>Virtual IPs, CARP settings tab. Disable all > >>> options there, save and apply. Does this fix it? Btw, I > >>> haven't noticed that behavior with my embedded beta3 build. > >>> Maybe you are runni > >>> ng into some kind of upgrade bug. If nothing helps I > >>> recommend reinstalling a fresh Beta3 :-/ > >>> > >>> > >>> > Holger > > > > > > > -Original Message- > > From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, April 18, 2006 4:26 PM > > To: support@pfsense.com > > Subject: [pfSense Support] Massive amounts of pfsync > > > > > > > >>> traffic when CARP > >>> > >>> > >>> > > is turned off > > > > > > I just noticed my pfSense (now upgraded to Beta3, thanks > > guys!) machine > > multicasting pfsync traffic of biblical proportions. This was a > > surprise to me because I don't have CARP enabled on this box. > > In poking > > around in my mac
Re: [pfSense Support] Massive amounts of pfsync traffic when CARPisturned off
So after saving the page with pfsync disabled, I need to reboot the firewall to completely turn it off? Scott Ullrich wrote: It most likely will not "change" the pfsync association until the next reboot. On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: Yeah and I tried that, it had no effect. And as I said earlier in my post, I turned it on and saved, turned it off and saved and no effect. Changing the sync interface, even with synchronization turned off does have an effect (which it shouldn't IMHO but that's another story). -Gary Scott Ullrich wrote: Should be safe. But then again turning off pfSync should remove the tag as well. On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: Scott, I agree that that's how it *should* be working, but that's not what's currently happening on this box. I'd like, very much to stop the madness without requiring a complete re-install. Am I safe simply removing the pfsyncenabled tag from my config file or is there more involved? -Gary Scott Ullrich wrote: If you are not using CARP/pfSync then it should be bound to the loopback adapter broadcasting nothing. On 4/18/06, Holger Bauer <[EMAIL PROTECTED]> wrote: There has been a lot of movement between your initial installed version and beta3. The cleanest thing really would be a reinstall from scratch :-/ but you might want to wait for scott's or bill's thoughts on this behavior first. Holger -Original Message- From: Gary Buckmaster [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 18, 2006 4:45 PM To: support@pfsense.com Subject: Re: [pfSense Support] Massive amounts of pfsync traffic when CARPisturned off Holger, Actually, that doesn't work. Hitting save on its own doesn't turn off the synchronization. Enabling, then saving, then disabling and saving again, also doesn't turn it off. If I leave it disabled in the WebGUI and then change the sync interface to WAN, all the sync traffic moves to the WAN interface. Changing it back to LAN moves the sync traffic back. -Gary Holger Bauer wrote: Just hit save at the CARP-Settings with all options turned off. It should save all necessary settings and apply the changes. Holger -Original Message- From: Gary Buckmaster [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 18, 2006 4:37 PM To: support@pfsense.com Subject: Re: [pfSense Support] Massive amounts of pfsync traffic when CARPis turned off Holger, The WebGUI shows CARP completely turned off, as it should be. The config file has been with me, more or less, since 0.95 but always on that machine. CARP had been turned on at one time on that machine, however it was completely disabled. I suspect that I simply need to remove the line from my config file to turn it off. Is that a correct statement or do I need to remove other lines as well? I'd rather avoid doing a complete re-install if at all possible. Thanks for your help. -Gary Holger Bauer wrote: Is this an imported config? CARP config options are located at Interfaces>Virtual IPs, CARP settings tab. Disable all options there, save and apply. Does this fix it? Btw, I haven't noticed that behavior with my embedded beta3 build. Maybe you are runni ng into some kind of upgrade bug. If nothing helps I recommend reinstalling a fresh Beta3 :-/ Holger -Original Message- From: Gary Buckmaster [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 18, 2006 4:26 PM To: support@pfsense.com Subject: [pfSense Support] Massive amounts of pfsync traffic when CARP is turned off I just noticed my pfSense (now upgraded to Beta3, thanks guys!) machine multicasting pfsync traffic of biblical proportions. This was a surprise to me because I don't have CARP enabled on this box. In poking around in my machine's config file I see the following entry: - <#> - <#> -- point of interest LAN Does this mean that, pfsync is enabled anyhow? How can I make the bad man stop? It's really hosing one of my switches. Best, Gary - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For
Re: [pfSense Support] Beta 3 Upgrade problems with Load Balancing
We tested this until the cows come home. My suggestion for you is to start over on the load balancing configuration. There must be something in the config that is not liking how LB works now. On 4/18/06, Josh <[EMAIL PROTECTED]> wrote: It appears that upgrading to beta3 has killed my load balancing. I originally had the monitor IPs the same for both gateways but have since corrected that. I am using the gateway on both interfaces as the monitor IP. With the failed load balancing I have also started to notice a failed message appearing in my logs. This is from my Load Balance Log sectionApr 18 11:12:28 slbd[2134]: Service changed status, reloading filter policy Apr 18 11:12:28 slbd[2134]: Switching to sitedown for VIP 127.0.0.1:666 Apr 18 11:12:28 slbd[2134]: TCP poll failed to start to 68.x.x.x:666 in default (Operation now in progress) (IP= WAN Gateway) Apr 18 11:12:28 slbd[2134]: TCP poll failed to start to 66.x.x.xx:666 in default (Operation now in progress) (IP=OPT1 Gateway) Apr 18 11:12:28 slbd[2134]: VIP 127.0.0.1:666 added real service 68.x.x.x:666 (IP= WAN Gateway) Apr 18 11:12:28 slbd[2134]: VIP 127.0.0.1:666 added real service 66.x.x.x:666 (IP=OPT1 Gateway) Apr 18 11:12:28 slbd[2134]: VIP 127.0.0.1:666 sitedown at 127.0.0.1:666 Apr 18 11:12:28 slbd[2134]: VIP 127.0.0.1:666 configured as " 127.0.0.1" Apr 18 11:12:28 slbd[2134]: Using configuration file /var/etc/slbd.conf Apr 18 11:12:28 slbd[2134]: Using r_refresh of 5000 millisecondsThis is the log under system Apr 18 11:12:39 php: : There were error(s) loading the rules: /tmp/rules.debug:220: syntax error pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [220]: label "USER_RULE" Apr 18 11:12:33 php: : FTP proxy disabled for interface opt1 - ignoring. Apr 18 11:12:28 slbd[2134]: Service changed status, reloading filter policy Apr 18 11:12:28 slbd[2134]: Switching to sitedown for VIP 127.0.0.1:666 Apr 18 11:12:28 slbd[2134]: TCP poll failed to start to 68.x.x.x:666 in default (Operation now in progress) (IP= WAN Gateway) Apr 18 11:12:28 slbd[2134]: TCP poll failed to start to 66.x.x.x:666 in default (Operation now in progress) (IP=OPT1 Gateway)Most of the above log entry's I pasted are 'new' as in I didn't see these errors until after 2 reboots & recreating the load balanced rule from scratch with the gateways as the monitor IPs. Before I recreated the load balance rule and load balanced the only noticible error was. : There were error(s) loading the rules: /tmp/rules.debug:220: syntax error pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [220]: label "USER_RULELet me know of any suggestions you may have or if you need additional information from me. Wan interface = DHCP (with static gateway)Opt1 interface = static
Re: [pfSense Support] Massive amounts of pfsync traffic when CARPisturned off
Yep. Why was it on to begin with? On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: > So after saving the page with pfsync disabled, I need to reboot the > firewall to completely turn it off? > > Scott Ullrich wrote: > > It most likely will not "change" the pfsync association until the next > > reboot. > > > > On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: > > > >> Yeah and I tried that, it had no effect. And as I said earlier in my > >> post, I turned it on and saved, turned it off and saved and no effect. > >> Changing the sync interface, even with synchronization turned off does > >> have an effect (which it shouldn't IMHO but that's another story). > >> > >> -Gary > >> > >> Scott Ullrich wrote: > >> > >>> Should be safe. But then again turning off pfSync should remove the > >>> tag as well. > >>> > >>> On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: > >>> > >>> > Scott, > > I agree that that's how it *should* be working, but that's not what's > currently happening on this box. I'd like, very much to stop the > madness without requiring a complete re-install. Am I safe simply > removing the pfsyncenabled tag from my config file or is there more > involved? > > -Gary > > Scott Ullrich wrote: > > > > If you are not using CARP/pfSync then it should be bound to the > > loopback adapter broadcasting nothing. > > > > On 4/18/06, Holger Bauer <[EMAIL PROTECTED]> wrote: > > > > > > > >> There has been a lot of movement between your initial installed > >> version and beta3. The cleanest thing really would be a reinstall from > >> scratch :-/ but you might want to wait for scott's or bill's thoughts > >> on this behavior first. > >> > >> Holger > >> > >> > >> > >> > >>> -Original Message- > >>> From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > >>> Sent: Tuesday, April 18, 2006 4:45 PM > >>> To: support@pfsense.com > >>> Subject: Re: [pfSense Support] Massive amounts of pfsync traffic when > >>> CARPisturned off > >>> > >>> > >>> Holger, > >>> > >>> Actually, that doesn't work. Hitting save on its own doesn't > >>> turn off > >>> the synchronization. Enabling, then saving, then disabling > >>> and saving > >>> again, also doesn't turn it off. If I leave it disabled in > >>> the WebGUI > >>> and then change the sync interface to WAN, all the sync > >>> traffic moves to > >>> the WAN interface. Changing it back to LAN moves the sync > >>> traffic back. > >>> > >>> -Gary > >>> > >>> Holger Bauer wrote: > >>> > >>> > >>> > Just hit save at the CARP-Settings with all options turned > > > > >>> off. It should save all necessary settings and apply the changes. > >>> > >>> > >>> > Holger > > > > > > > -Original Message- > > From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, April 18, 2006 4:37 PM > > To: support@pfsense.com > > Subject: Re: [pfSense Support] Massive amounts of pfsync > > > > > > > >>> traffic when > >>> > >>> > >>> > > CARPis turned off > > > > > > Holger, > > > > The WebGUI shows CARP completely turned off, as it should be. The > > config file has been with me, more or less, since 0.95 but > > > > > > > >>> always on > >>> > >>> > >>> > > that machine. CARP had been turned on at one time on that > > > > > > > >>> machine, > >>> > >>> > >>> > > however it was completely disabled. I suspect that I > > > > > > > >>> simply need to > >>> > >>> > >>> > > remove the line from my config file to turn it off. Is that > > a correct > > statement or do I need to remove other lines as well? I'd > > rather avoid > > doing a complete re-install if at all possible. Thanks > > > > > > > >>> for your help. > >>> > >>> > >>> > > -Gary > > > > Holger Bauer wrote: > > > > > > > > > >> Is this an imported config? CARP config options are located > >> > >> > >> > >> > > at Interfaces>Virtual IPs, CARP settings tab. Disable all > > options there, save and apply. Does this fix it? Btw, I > > haven't noticed that behavior with my embedded beta3 build. > > Maybe you are runni > > ng into some kind of upgrade bug. If nothing helps I > > recommend reinstalling a fresh Beta3 :-/ > > > > > > > > > >>
Re: [pfSense Support] Beta 3 Upgrade problems with Load Balancing
The slbd errors can be safely ignored for WAN load balancing - I've replied that elsewhere (forum I believe) and will be cleaning up those info messages for RC1. I'll need a copy of your /tmp/rules.debug, /var/etc/slbd.conf, and /conf/config.xml and a netstat -rn output would be useful to determine your routing table. Thanks --Bill On 4/18/06, Josh <[EMAIL PROTECTED]> wrote: > > It appears that upgrading to beta3 has killed my load balancing. I originally > had the monitor IPs the same for both gateways but have since corrected that. > I am using the gateway on both interfaces as the monitor IP. With the failed > load balancing I have also started to notice a failed message appearing in my > logs. > > This is from my Load Balance Log section > > Apr 18 11:12:28 slbd[2134]: Service changed status, reloading filter policy > Apr 18 11:12:28 slbd[2134]: Switching to sitedown for VIP 127.0.0.1:666 > Apr 18 11:12:28 slbd[2134]: TCP poll failed to start to 68.x.x.x:666 in > default (Operation now in progress)(IP= WAN Gateway) > > Apr 18 11:12:28 slbd[2134]: TCP poll failed to start to 66.x.x.xx:666 in > default (Operation now in progress) (IP=OPT1 Gateway) > > Apr 18 11:12:28 slbd[2134]: VIP 127.0.0.1:666 added real service > 68.x.x.x:666 (IP= WAN Gateway) > Apr 18 11:12:28 slbd[2134]: VIP 127.0.0.1:666 added real service > 66.x.x.x:666 (IP=OPT1 Gateway) > Apr 18 11:12:28 slbd[2134]: VIP 127.0.0.1:666 sitedown at 127.0.0.1:666 > Apr 18 11:12:28 slbd[2134]: VIP 127.0.0.1:666 configured as "127.0.0.1" > Apr 18 11:12:28 slbd[2134]: Using configuration file /var/etc/slbd.conf > Apr 18 11:12:28 slbd[2134]: Using r_refresh of 5000 milliseconds > > > This is the log under system > > > Apr 18 11:12:39 php: : There were error(s) loading the rules: > /tmp/rules.debug:220: syntax error pfctl: Syntax error in config file: pf > rules not loaded - The line in question reads [220]: label "USER_RULE" > Apr 18 11:12:33 php: : FTP proxy disabled for interface opt1 - ignoring. > Apr 18 11:12:28 slbd[2134]: Service changed status, reloading filter policy > Apr 18 11:12:28 slbd[2134]: Switching to sitedown for VIP 127.0.0.1:666 > Apr 18 11:12:28 slbd[2134]: TCP poll failed to start to 68.x.x.x:666 in > default (Operation now in progress)(IP= WAN Gateway) > Apr 18 11:12:28 slbd[2134]: TCP poll failed to start to 66.x.x.x:666 in > default (Operation now in progress)(IP=OPT1 Gateway) > > > > Most of the above log entry's I pasted are 'new' as in I didn't see these > errors until after 2 reboots & recreating the load balanced rule from scratch > with the gateways as the monitor IPs. Before I recreated the load balance > rule and load balanced the only noticible error was. > : There were error(s) loading the rules: /tmp/rules.debug:220: syntax error > pfctl: Syntax error in config file: pf rules not loaded - The line in > question reads [220]: label "USER_RULE > > > Let me know of any suggestions you may have or if you need additional > information from me. > Wan interface = DHCP (with static gateway) > Opt1 interface = static > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Massive amounts of pfsync traffic when CARPisturned off
Actually I may have found a bug with this. Are you using virtual ips? On 4/18/06, Scott Ullrich <[EMAIL PROTECTED]> wrote: > Yep. Why was it on to begin with? > > > On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: > > So after saving the page with pfsync disabled, I need to reboot the > > firewall to completely turn it off? > > > > Scott Ullrich wrote: > > > It most likely will not "change" the pfsync association until the next > > > reboot. > > > > > > On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: > > > > > >> Yeah and I tried that, it had no effect. And as I said earlier in my > > >> post, I turned it on and saved, turned it off and saved and no effect. > > >> Changing the sync interface, even with synchronization turned off does > > >> have an effect (which it shouldn't IMHO but that's another story). > > >> > > >> -Gary > > >> > > >> Scott Ullrich wrote: > > >> > > >>> Should be safe. But then again turning off pfSync should remove the > > >>> tag as well. > > >>> > > >>> On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: > > >>> > > >>> > > Scott, > > > > I agree that that's how it *should* be working, but that's not what's > > currently happening on this box. I'd like, very much to stop the > > madness without requiring a complete re-install. Am I safe simply > > removing the pfsyncenabled tag from my config file or is there more > > involved? > > > > -Gary > > > > Scott Ullrich wrote: > > > > > > > If you are not using CARP/pfSync then it should be bound to the > > > loopback adapter broadcasting nothing. > > > > > > On 4/18/06, Holger Bauer <[EMAIL PROTECTED]> wrote: > > > > > > > > > > > >> There has been a lot of movement between your initial installed > > >> version and beta3. The cleanest thing really would be a reinstall > > >> from scratch :-/ but you might want to wait for scott's or bill's > > >> thoughts on this behavior first. > > >> > > >> Holger > > >> > > >> > > >> > > >> > > >>> -Original Message- > > >>> From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > > >>> Sent: Tuesday, April 18, 2006 4:45 PM > > >>> To: support@pfsense.com > > >>> Subject: Re: [pfSense Support] Massive amounts of pfsync traffic > > >>> when > > >>> CARPisturned off > > >>> > > >>> > > >>> Holger, > > >>> > > >>> Actually, that doesn't work. Hitting save on its own doesn't > > >>> turn off > > >>> the synchronization. Enabling, then saving, then disabling > > >>> and saving > > >>> again, also doesn't turn it off. If I leave it disabled in > > >>> the WebGUI > > >>> and then change the sync interface to WAN, all the sync > > >>> traffic moves to > > >>> the WAN interface. Changing it back to LAN moves the sync > > >>> traffic back. > > >>> > > >>> -Gary > > >>> > > >>> Holger Bauer wrote: > > >>> > > >>> > > >>> > > Just hit save at the CARP-Settings with all options turned > > > > > > > > >>> off. It should save all necessary settings and apply the changes. > > >>> > > >>> > > >>> > > Holger > > > > > > > > > > > > > -Original Message- > > > From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > > > Sent: Tuesday, April 18, 2006 4:37 PM > > > To: support@pfsense.com > > > Subject: Re: [pfSense Support] Massive amounts of pfsync > > > > > > > > > > > >>> traffic when > > >>> > > >>> > > >>> > > > CARPis turned off > > > > > > > > > Holger, > > > > > > The WebGUI shows CARP completely turned off, as it should be. The > > > config file has been with me, more or less, since 0.95 but > > > > > > > > > > > >>> always on > > >>> > > >>> > > >>> > > > that machine. CARP had been turned on at one time on that > > > > > > > > > > > >>> machine, > > >>> > > >>> > > >>> > > > however it was completely disabled. I suspect that I > > > > > > > > > > > >>> simply need to > > >>> > > >>> > > >>> > > > remove the line from my config file to turn it off. Is that > > > a correct > > > statement or do I need to remove other lines as well? I'd > > > rather avoid > > > doing a complete re-install if at all possible. Thanks > > > > > > > > > > > >>> for your help. > > >>> > > >>> > > >>> > > > -Gary > > > > > > Holger Bauer wrote: > > > > > > > > > > > > > > >> Is this an imported config? CARP config options are located > > >>
RE: [pfSense Support] Load Balancing question
You fixed the bug on the pools, works great. The second issue on the Virtual Servers still exists. If you have more than 1 pool defined. You will not see both of them in the drop-down to choose from on the virtual server detail page (both editing and adding a new virtual server). Roy -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Friday, April 14, 2006 3:19 PM To: support@pfsense.com Subject: Re: [pfSense Support] Load Balancing question We have duplicated this bug. We'll work on it soon. On 4/14/06, Roy Walker <[EMAIL PROTECTED]> wrote: > Upgraded to Snapshot 4-12-2006. The server drop down does now grey out the monitor IP as stated, however now on the pool detail page it does not list the IPs in the pool to remove them (they do show in the list screen). > > On the virtual server detail page, there will only be 1 pool listed to choose from even if you have more than 1 pool setup. Looks like it always lists only the first one. > > Roy > > > > From: Scott Ullrich [mailto:[EMAIL PROTECTED] > Sent: Tue 4/11/2006 7:29 PM > To: support@pfsense.com > Subject: Re: [pfSense Support] Load Balancing question > > > > On 4/11/06, Eric W. Bates <[EMAIL PROTECTED]> wrote: > > Where do you find a snapshot? > > http://www.pfsense.com/~sullrich/RELENG_1_SNAPSHOT_04-08-2006/ > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Load Balancing question
Please create a ticket and include as munch info as possible in http://cvstrac.pfsense.com/tktnew Thanks On 4/18/06, Roy Walker <[EMAIL PROTECTED]> wrote: > You fixed the bug on the pools, works great. The second issue on the > Virtual Servers still exists. > > If you have more than 1 pool defined. You will not see both of them in > the drop-down to choose from on the virtual server detail page (both > editing and adding a new virtual server). > > Roy > > -Original Message- > From: Scott Ullrich [mailto:[EMAIL PROTECTED] > Sent: Friday, April 14, 2006 3:19 PM > To: support@pfsense.com > Subject: Re: [pfSense Support] Load Balancing question > > We have duplicated this bug. We'll work on it soon. > > On 4/14/06, Roy Walker <[EMAIL PROTECTED]> wrote: > > Upgraded to Snapshot 4-12-2006. The server drop down does now grey > out the monitor IP as stated, however now on the pool detail page it > does not list the IPs in the pool to remove them (they do show in the > list screen). > > > > On the virtual server detail page, there will only be 1 pool listed to > choose from even if you have more than 1 pool setup. Looks like it > always lists only the first one. > > > > Roy > > > > > > > > From: Scott Ullrich [mailto:[EMAIL PROTECTED] > > Sent: Tue 4/11/2006 7:29 PM > > To: support@pfsense.com > > Subject: Re: [pfSense Support] Load Balancing question > > > > > > > > On 4/11/06, Eric W. Bates <[EMAIL PROTECTED]> wrote: > > > Where do you find a snapshot? > > > > http://www.pfsense.com/~sullrich/RELENG_1_SNAPSHOT_04-08-2006/ > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Massive amounts of pfsync traffic when CARPisturned off
This is now fixed. On 4/18/06, Scott Ullrich <[EMAIL PROTECTED]> wrote: > Actually I may have found a bug with this. Are you using virtual ips? > > On 4/18/06, Scott Ullrich <[EMAIL PROTECTED]> wrote: > > Yep. Why was it on to begin with? > > > > > > On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: > > > So after saving the page with pfsync disabled, I need to reboot the > > > firewall to completely turn it off? > > > > > > Scott Ullrich wrote: > > > > It most likely will not "change" the pfsync association until the next > > > > reboot. > > > > > > > > On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: > > > > > > > >> Yeah and I tried that, it had no effect. And as I said earlier in my > > > >> post, I turned it on and saved, turned it off and saved and no effect. > > > >> Changing the sync interface, even with synchronization turned off does > > > >> have an effect (which it shouldn't IMHO but that's another story). > > > >> > > > >> -Gary > > > >> > > > >> Scott Ullrich wrote: > > > >> > > > >>> Should be safe. But then again turning off pfSync should remove the > > > >>> tag as well. > > > >>> > > > >>> On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: > > > >>> > > > >>> > > > Scott, > > > > > > I agree that that's how it *should* be working, but that's not what's > > > currently happening on this box. I'd like, very much to stop the > > > madness without requiring a complete re-install. Am I safe simply > > > removing the pfsyncenabled tag from my config file or is there more > > > involved? > > > > > > -Gary > > > > > > Scott Ullrich wrote: > > > > > > > > > > If you are not using CARP/pfSync then it should be bound to the > > > > loopback adapter broadcasting nothing. > > > > > > > > On 4/18/06, Holger Bauer <[EMAIL PROTECTED]> wrote: > > > > > > > > > > > > > > > >> There has been a lot of movement between your initial installed > > > >> version and beta3. The cleanest thing really would be a reinstall > > > >> from scratch :-/ but you might want to wait for scott's or bill's > > > >> thoughts on this behavior first. > > > >> > > > >> Holger > > > >> > > > >> > > > >> > > > >> > > > >>> -Original Message- > > > >>> From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > > > >>> Sent: Tuesday, April 18, 2006 4:45 PM > > > >>> To: support@pfsense.com > > > >>> Subject: Re: [pfSense Support] Massive amounts of pfsync traffic > > > >>> when > > > >>> CARPisturned off > > > >>> > > > >>> > > > >>> Holger, > > > >>> > > > >>> Actually, that doesn't work. Hitting save on its own doesn't > > > >>> turn off > > > >>> the synchronization. Enabling, then saving, then disabling > > > >>> and saving > > > >>> again, also doesn't turn it off. If I leave it disabled in > > > >>> the WebGUI > > > >>> and then change the sync interface to WAN, all the sync > > > >>> traffic moves to > > > >>> the WAN interface. Changing it back to LAN moves the sync > > > >>> traffic back. > > > >>> > > > >>> -Gary > > > >>> > > > >>> Holger Bauer wrote: > > > >>> > > > >>> > > > >>> > > > Just hit save at the CARP-Settings with all options turned > > > > > > > > > > > > >>> off. It should save all necessary settings and apply the changes. > > > >>> > > > >>> > > > >>> > > > Holger > > > > > > > > > > > > > > > > > > > -Original Message- > > > > From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > > > > Sent: Tuesday, April 18, 2006 4:37 PM > > > > To: support@pfsense.com > > > > Subject: Re: [pfSense Support] Massive amounts of pfsync > > > > > > > > > > > > > > > >>> traffic when > > > >>> > > > >>> > > > >>> > > > > CARPis turned off > > > > > > > > > > > > Holger, > > > > > > > > The WebGUI shows CARP completely turned off, as it should be. > > > > The > > > > config file has been with me, more or less, since 0.95 but > > > > > > > > > > > > > > > >>> always on > > > >>> > > > >>> > > > >>> > > > > that machine. CARP had been turned on at one time on that > > > > > > > > > > > > > > > >>> machine, > > > >>> > > > >>> > > > >>> > > > > however it was completely disabled. I suspect that I > > > > > > > > > > > > > > > >>> simply need to > > > >>> > > > >>> > > > >>> > > > > remove the line from my config file to turn it off. Is that > > > > a correct > > > > statement or do I need to remove other lines as well? I'd > > > > rather avo
Re: [pfSense Support] pfSense Beta3 available
Be careful with CRAP browsers like IE that automatically extract the file contents on download. The .gz files are considerbly smaller and we plan to use them goinng forward. On 4/18/06, Guilherme Oliveira <[EMAIL PROTECTED]> wrote: > My fault. > > I used winrar and it decompress everything. > I done that with freebsd and i had already burned the iso. > > Thanks. > > On 4/18/06, Craig Roy <[EMAIL PROTECTED]> wrote: > > Hi, > > > > I downloaded the same file and unzipped it on Win XP using WinRAR, it > > extracts to a folder then the PFSense.ISO is in the folder. Use that to > > create your bootable Disc. > > > > Installed Beta3 this afternoon and using it now. > > > > Kindest Regards, > > > > Craig Roy > > Horizon IT Consultants > > > > -Original Message- > > From: Guilherme Oliveira [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, 18 April 2006 9:08 PM > > To: support@pfsense.com > > Subject: Re: [pfSense Support] pfSense Beta3 available > > > > Hi. > > > > I can find the pfSense-1.0-BETA3-LiveCD-Installer.iso.gz file but if I > > gunzip it I will end with distribution files. Not the ISO ... > > > > Is everything right ? > > > > []'s > > > > On 4/18/06, Holger Bauer <[EMAIL PROTECTED]> wrote: > > > Hi community, > > > > > > we just got some reports that Beta3 was spotted at the mirrors! Get it > > while it's hot and check > > http://pfsense.blogspot.com/2006/04/beta-3-is-here.html for releaseinfo. > > > > > > Cheers, > > > Holger > > > > > > > > > Virus checked by G DATA AntiVirusKit > > > > > > > > > - > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > -- > > No virus found in this incoming message. > > Checked by AVG Anti-Virus. > > Version: 7.1.384 / Virus Database: 268.4.3/317 - Release Date: 18/04/2006 > > > > > > -- > > No virus found in this outgoing message. > > Checked by AVG Anti-Virus. > > Version: 7.1.384 / Virus Database: 268.4.3/317 - Release Date: 18/04/2006 > > > > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] pfSense BETA3 Embedded
This happens during interface reload operations and shoudl return to normal after a few seconds. Perhaps you where too impatient during the load. I should add that this is really apparent when using slow devices such as Soekris/Wrap's. On 4/18/06, Ispánovits Imre <[EMAIL PROTECTED]> wrote: > I reflashed a 64MB cf card with the new image. It's O.K. until I've > changed the LAN ip address. After it is done it didn't accepted any > keyboard input from serial console. It is strange. Any other experience > with it? Now I have returned to the latest snapshot, but will try again > in the evening. > > Regards > > Imre > > > -- > Skype: ispanovits_imre > This is Linux Land. > In silent nights you can hear the windows machines rebooting > > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] L2TP From Behind pfSense
As we do not have NAT-Passthrough for these types of items, I don't see it working, if at all. On 4/18/06, Brian <[EMAIL PROTECTED]> wrote: > I am trying to make an L2TP connection to a remote Sonicwall from behind > pfSense. Yesterday from a dial up connection I was able to establish > the L2TP connection without any issues. Today I am behind the pfSense @ > my office and I am not able to make the connection. I am guessing I am > missing a firewall rule or 2, but I am not sure. I've enabled IPSec on > the pfSense, which I thought created the default rules for allowing the > IPSec traffic, but it still does not work. I first tried without IPSec > enabled on the pfSense, which also did not work. > > Do I need more / other rules for this or perhaps a NAT entry to forward > traffic to my laptop? > > Thanks for any help you can provide. > > Brian > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Massive amounts of pfsync traffic when CARPisturned off
Sure enough, I synched up with CVS and now everything works properly. Thanks again for your help! Scott Ullrich wrote: This is now fixed. On 4/18/06, Scott Ullrich <[EMAIL PROTECTED]> wrote: Actually I may have found a bug with this. Are you using virtual ips? On 4/18/06, Scott Ullrich <[EMAIL PROTECTED]> wrote: Yep. Why was it on to begin with? On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: So after saving the page with pfsync disabled, I need to reboot the firewall to completely turn it off? Scott Ullrich wrote: It most likely will not "change" the pfsync association until the next reboot. On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: Yeah and I tried that, it had no effect. And as I said earlier in my post, I turned it on and saved, turned it off and saved and no effect. Changing the sync interface, even with synchronization turned off does have an effect (which it shouldn't IMHO but that's another story). -Gary Scott Ullrich wrote: Should be safe. But then again turning off pfSync should remove the tag as well. On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: Scott, I agree that that's how it *should* be working, but that's not what's currently happening on this box. I'd like, very much to stop the madness without requiring a complete re-install. Am I safe simply removing the pfsyncenabled tag from my config file or is there more involved? -Gary Scott Ullrich wrote: If you are not using CARP/pfSync then it should be bound to the loopback adapter broadcasting nothing. On 4/18/06, Holger Bauer <[EMAIL PROTECTED]> wrote: There has been a lot of movement between your initial installed version and beta3. The cleanest thing really would be a reinstall from scratch :-/ but you might want to wait for scott's or bill's thoughts on this behavior first. Holger -Original Message- From: Gary Buckmaster [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 18, 2006 4:45 PM To: support@pfsense.com Subject: Re: [pfSense Support] Massive amounts of pfsync traffic when CARPisturned off Holger, Actually, that doesn't work. Hitting save on its own doesn't turn off the synchronization. Enabling, then saving, then disabling and saving again, also doesn't turn it off. If I leave it disabled in the WebGUI and then change the sync interface to WAN, all the sync traffic moves to the WAN interface. Changing it back to LAN moves the sync traffic back. -Gary Holger Bauer wrote: Just hit save at the CARP-Settings with all options turned off. It should save all necessary settings and apply the changes. Holger -Original Message- From: Gary Buckmaster [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 18, 2006 4:37 PM To: support@pfsense.com Subject: Re: [pfSense Support] Massive amounts of pfsync traffic when CARPis turned off Holger, The WebGUI shows CARP completely turned off, as it should be. The config file has been with me, more or less, since 0.95 but always on that machine. CARP had been turned on at one time on that machine, however it was completely disabled. I suspect that I simply need to remove the line from my config file to turn it off. Is that a correct statement or do I need to remove other lines as well? I'd rather avoid doing a complete re-install if at all possible. Thanks for your help. -Gary Holger Bauer wrote: Is this an imported config? CARP config options are located at Interfaces>Virtual IPs, CARP settings tab. Disable all options there, save and apply. Does this fix it? Btw, I haven't noticed that behavior with my embedded beta3 build. Maybe you are runni ng into some kind of upgrade bug. If nothing helps I recommend reinstalling a fresh Beta3 :-/ Holger -Original Message- From: Gary Buckmaster [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 18, 2006 4:26 PM To: support@pfsense.com Subject: [pfSense Support] Massive amounts of pfsync traffic when CARP is turned off I just noticed my pfSense (now upgraded to Beta3, thanks guys!) machine multicasting pfsync traffic of biblical proportions. This was a surprise to me because I don't have CARP enabled on this box. In poking around in my machine's config file I see the following entry: - <#> - <#> -- point of interest LAN
Re: [pfSense Support] Beta 3 Upgrade problems with Load Balancing
Ok thanks to Bill's suggestions I have everything fixed and working ok. It seems that Beta3 decided to lookup rules that should have been disabled that I had on my PPtP interface which was and had been for sometime completly disabled. I temp enabled the PPtP interface again and deleted all the rules under this interface. Once these rules were gone things started working as they should. So now that this is behind me, everything appears great for my load balancing setup.Thanks for the help Bill...-JoshBill thanks for the help and On 4/18/06, Bill Marquette <[EMAIL PROTECTED]> wrote: The slbd errors can be safely ignored for WAN load balancing - I'vereplied that elsewhere (forum I believe) and will be cleaning up thoseinfo messages for RC1. I'll need a copy of your /tmp/rules.debug,/var/etc/slbd.conf, and /conf/config.xml and a netstat -rn output would be useful to determine your routing table.Thanks--BillOn 4/18/06, Josh <[EMAIL PROTECTED]> wrote:>> It appears that upgrading to beta3 has killed my load balancing. I originally had the monitor IPs the same for both gateways but have since corrected that. I am using the gateway on both interfaces as the monitor IP. With the failed load balancing I have also started to notice a failed message appearing in my logs. >> This is from my Load Balance Log section>> Apr 18 11:12:28 slbd[2134]: Service changed status, reloading filter policy> Apr 18 11:12:28 slbd[2134]: Switching to sitedown for VIP 127.0.0.1:666> Apr 18 11:12:28 slbd[2134]: TCP poll failed to start to 68.x.x.x:666 in default (Operation now in progress)(IP= WAN Gateway)>> Apr 18 11:12:28 slbd[2134]: TCP poll failed to start to 66.x.x.xx:666 in default (Operation now in progress) (IP=OPT1 Gateway)>> Apr 18 11:12:28 slbd[2134]: VIP 127.0.0.1:666 added real service 68.x.x.x:666 (IP= WAN Gateway) > Apr 18 11:12:28 slbd[2134]: VIP 127.0.0.1:666 added real service 66.x.x.x:666 (IP=OPT1 Gateway)> Apr 18 11:12:28 slbd[2134]: VIP 127.0.0.1:666 sitedown at 127.0.0.1:666> Apr 18 11:12:28 slbd[2134]: VIP 127.0.0.1:666 configured as "127.0.0.1" > Apr 18 11:12:28 slbd[2134]: Using configuration file /var/etc/slbd.conf> Apr 18 11:12:28 slbd[2134]: Using r_refresh of 5000 milliseconds>>> This is the log under system>> > Apr 18 11:12:39 php: : There were error(s) loading the rules: /tmp/rules.debug:220: syntax error pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [220]: label "USER_RULE" > Apr 18 11:12:33 php: : FTP proxy disabled for interface opt1 - ignoring.> Apr 18 11:12:28 slbd[2134]: Service changed status, reloading filter policy> Apr 18 11:12:28 slbd[2134]: Switching to sitedown for VIP 127.0.0.1:666> Apr 18 11:12:28 slbd[2134]: TCP poll failed to start to 68.x.x.x:666 in default (Operation now in progress)(IP= WAN Gateway)> Apr 18 11:12:28 slbd[2134]: TCP poll failed to start to 66.x.x.x:666 in default (Operation now in progress)(IP=OPT1 Gateway) Most of the above log entry's I pasted are 'new' as in I didn't see these errors until after 2 reboots & recreating the load balanced rule from scratch with the gateways as the monitor IPs. Before I recreated the load balance rule and load balanced the only noticible error was. > : There were error(s) loading the rules: /tmp/rules.debug:220: syntax error pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [220]: label "USER_RULE>>> Let me know of any suggestions you may have or if you need additional information from me. > Wan interface = DHCP (with static gateway)> Opt1 interface = static>-To unsubscribe, e-mail: [EMAIL PROTECTED]For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Beta 3 Upgrade problems with Load Balancing
This commit addressed that: http://cvstrac.pfsense.com/chngview?cn=11412 Very strange. If this is a issue still, please reopen the ticket and include as much information as possible. Thanks! On 4/18/06, Josh <[EMAIL PROTECTED]> wrote: > Ok thanks to Bill's suggestions I have everything fixed and working ok. It > seems that Beta3 decided to lookup rules that should have been disabled that > I had on my PPtP interface which was and had been for sometime completly > disabled. I temp enabled the PPtP interface again and deleted all the rules > under this interface. Once these rules were gone things started working as > they should. > > So now that this is behind me, everything appears great for my load > balancing setup. > > Thanks for the help Bill... > -Josh > > > > > Bill thanks for the help and > > > On 4/18/06, Bill Marquette <[EMAIL PROTECTED]> wrote: > > The slbd errors can be safely ignored for WAN load balancing - I've > > replied that elsewhere (forum I believe) and will be cleaning up those > > info messages for RC1. I'll need a copy of your /tmp/rules.debug, > > /var/etc/slbd.conf, and /conf/config.xml and a netstat -rn output > > would be useful to determine your routing table. > > > > Thanks > > > > --Bill > > > > On 4/18/06, Josh <[EMAIL PROTECTED]> wrote: > > > > > > It appears that upgrading to beta3 has killed my load balancing. I > originally had the monitor IPs the same for both gateways but have since > corrected that. I am using the gateway on both interfaces as the monitor IP. > With the failed load balancing I have also started to notice a failed > message appearing in my logs. > > > > > > This is from my Load Balance Log section > > > > > > Apr 18 11:12:28 slbd[2134]: Service changed status, reloading filter > policy > > > Apr 18 11:12:28 slbd[2134]: Switching to sitedown for VIP 127.0.0.1:666 > > > Apr 18 11:12:28 slbd[2134]: TCP poll failed to start to 68.x.x.x:666 in > default (Operation now in progress)(IP= WAN Gateway) > > > > > > Apr 18 11:12:28 slbd[2134]: TCP poll failed to start to 66.x.x.xx:666 > in default (Operation now in progress) (IP=OPT1 Gateway) > > > > > > Apr 18 11:12:28 slbd[2134]: VIP 127.0.0.1:666 added real service > 68.x.x.x:666 (IP= WAN Gateway) > > > Apr 18 11:12:28 slbd[2134]: VIP 127.0.0.1:666 added real service > 66.x.x.x:666 (IP=OPT1 Gateway) > > > Apr 18 11:12:28 slbd[2134]: VIP 127.0.0.1:666 sitedown at 127.0.0.1:666 > > > Apr 18 11:12:28 slbd[2134]: VIP 127.0.0.1:666 configured as "127.0.0.1" > > > Apr 18 11:12:28 slbd[2134]: Using configuration file /var/etc/slbd.conf > > > Apr 18 11:12:28 slbd[2134]: Using r_refresh of 5000 milliseconds > > > > > > > > > This is the log under system > > > > > > > > > Apr 18 11:12:39 php: : There were error(s) loading the rules: > /tmp/rules.debug:220: syntax error pfctl: Syntax error in config file: pf > rules not loaded - The line in question reads [220]: label "USER_RULE" > > > Apr 18 11:12:33 php: : FTP proxy disabled for interface opt1 - > ignoring. > > > Apr 18 11:12:28 slbd[2134]: Service changed status, reloading filter > policy > > > Apr 18 11:12:28 slbd[2134]: Switching to sitedown for VIP 127.0.0.1:666 > > > Apr 18 11:12:28 slbd[2134]: TCP poll failed to start to 68.x.x.x:666 in > default (Operation now in progress)(IP= WAN Gateway) > > > Apr 18 11:12:28 slbd[2134]: TCP poll failed to start to 66.x.x.x:666 in > default (Operation now in progress)(IP=OPT1 Gateway) > > > > > > > > > > > > Most of the above log entry's I pasted are 'new' as in I didn't see > these errors until after 2 reboots & recreating the load balanced rule from > scratch with the gateways as the monitor IPs. Before I recreated the load > balance rule and load balanced the only noticible error was. > > > : There were error(s) loading the rules: /tmp/rules.debug:220: syntax > error pfctl: Syntax error in config file: pf rules not loaded - The line in > question reads [220]: label "USER_RULE > > > > > > > > > Let me know of any suggestions you may have or if you need additional > information from me. > > > Wan interface = DHCP (with static gateway) > > > Opt1 interface = static > > > > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] pfSense Beta3 available
On 4/18/06, Holger Bauer <[EMAIL PROTECTED]> wrote: > Hi community, > > we just got some reports that Beta3 was spotted at the mirrors! Get it while > it's hot and check http://pfsense.blogspot.com/2006/04/beta-3-is-here.html > for releaseinfo. Two large bugs were quickly uncovered after beta 3 release. It's worth pulling down the hotfix update we just released - it's a mere 19K and will work on _both_ embedded and full installs (sorry, CD-ROM users will just have to wait until we start releasing snapshots again). It fixes the DF-bit option being broken (multiple random-id keywords on the scrub line) and a bug with disabled rules with no description showing up in the rule file anyway. The update is in the updates directory on the mirrors (or will be within the hour) with the filename: pfSense-BETA3-update-for-random_id-and-blank_rule-issues-on-embedded-and-full.tgz --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] pfSense Beta3 available
Hi Bill, Thanks for the info on the update, but the error msg is back on boot up stating the Monitor IP is Bad IP address. But no record of it is mentioned in the System Log and No errors displayed so far. Time will tell I suppose. Kindest Regards, Craig Roy Horizon IT Consultants -Original Message- From: Bill Marquette [mailto:[EMAIL PROTECTED] Sent: Wednesday, 19 April 2006 10:55 AM To: support@pfsense.com Subject: Re: [pfSense Support] pfSense Beta3 available On 4/18/06, Holger Bauer <[EMAIL PROTECTED]> wrote: > Hi community, > > we just got some reports that Beta3 was spotted at the mirrors! Get it while it's hot and check http://pfsense.blogspot.com/2006/04/beta-3-is-here.html for releaseinfo. Two large bugs were quickly uncovered after beta 3 release. It's worth pulling down the hotfix update we just released - it's a mere 19K and will work on _both_ embedded and full installs (sorry, CD-ROM users will just have to wait until we start releasing snapshots again). It fixes the DF-bit option being broken (multiple random-id keywords on the scrub line) and a bug with disabled rules with no description showing up in the rule file anyway. The update is in the updates directory on the mirrors (or will be within the hour) with the filename: pfSense-BETA3-update-for-random_id-and-blank_rule-issues-on-embedded-and-ful l.tgz --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.1.384 / Virus Database: 268.4.4/318 - Release Date: 18/04/2006 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.1.384 / Virus Database: 268.4.4/318 - Release Date: 18/04/2006 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] pfSense Beta3 available
Can you clarify the "Monitor IP is Bad IP address" error? I don't know where you're seeing that (other than during boot). --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] pfSense Beta3 available
Hi Bill, Yes it is during boot, Network for WAN and OPT are up then they are pulled down during Hardware load, then after that Bad Monitor IP Error MSG, then loads the LAN, WAN, OPT and firewall rules etc. There is no record of it in the System Log, and it does not seem to be a problem. Don’t mind me, I'm a bit of a perfectionist. If I supply a PFSense box to customers then if they watch this they may start trying to fix things but make things worse. Is it possible to boot PFSense step by step asking to confirm so that I can get the exact point it occurs, if need be? Kindest Regards, Craig Roy Horizon IT Consultants [EMAIL PROTECTED] AUSTRALIAN RESELLER FOR -Original Message- From: Bill Marquette [mailto:[EMAIL PROTECTED] Sent: Wednesday, 19 April 2006 1:53 PM To: support@pfsense.com Subject: Re: [pfSense Support] pfSense Beta3 available Can you clarify the "Monitor IP is Bad IP address" error? I don't know where you're seeing that (other than during boot). --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.1.384 / Virus Database: 268.4.4/318 - Release Date: 18/04/2006 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.1.384 / Virus Database: 268.4.4/318 - Release Date: 18/04/2006 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] After bootup changes
Scott Ullrich wrote: On 17 Apr 2006 16:16:37 -0500, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: After bootup I would not like to show the pfsense menu. This is a security risk for me as pressing 8 will give a root shell. I would instead like to just show a login prompt as with any normal Freebsd machine. System -> Advanced -> Disable console menu Also, why won't my chpass changes maintain after reboot? I would like to use bash as my shell, however it will always default to /bin/sh on reboot. One more thing, does the pfsense distro still recognize /etc/rc.conf? I tried installing powerdns, however the rc.d script will not run? You should use the webConfigurator password function to maintain the root and admin accounts. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] I tried disabling the console menu as stated, however it still is not disabled. This is very important to me as I will be using this box as a frontend that a number of people will be logging into and not having access to the root account is very important. I looked at the php code as I am a php developer myself, and I see that /var/etc/disableconsolemenu is created, however the console is still showing up. Bug possibly? Also were do I maintain the root account. I dont see anywhere to change the shell or password. Is there some config file I need to edit? Thanks for the help, Nate - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] After bootup changes
On 4/18/06, Nate Steffan <[EMAIL PROTECTED]> wrote: > Scott Ullrich wrote: > > >On 17 Apr 2006 16:16:37 -0500, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > > > > >>After bootup I would not like to show the pfsense menu. This is a security > >>risk for me as pressing 8 will give a root shell. I would instead like to > >>just show a login prompt as with any normal Freebsd machine. > >> > >> > > > >System -> Advanced -> Disable console menu > > > > > > > >>Also, why > >>won't my chpass changes maintain after reboot? I would like to use bash as > >>my shell, however it will always default to /bin/sh on reboot. One more > >>thing, does the pfsense distro still recognize /etc/rc.conf? I tried > >>installing powerdns, however the rc.d script will not run? > >> > >> > > > >You should use the webConfigurator password function to maintain the > >root and admin accounts. > > > >Scott > > > >- > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > > I tried disabling the console menu as stated, however it still is not > disabled. This is very important to me as I will be using this box as a > frontend that a number of people will be logging into and not having > access to the root account is very important. I looked at the php code > as I am a php developer myself, and I see that > /var/etc/disableconsolemenu is created, however the console is still > showing up. Bug possibly? > > Also were do I maintain the root account. I dont see anywhere to change > the shell or password. Is there some config file I need to edit? > The admin id == the root account. Displaying a login prompt will only stop non-authorized people from gaining access, not authorized admins from gaining root. We do have a user manager in HEAD that will do what you wish, but that won't make it into 1.0. Aside from that - I was just able to duplicate the console menu not being disabled issue. Looks like you found a bug, can you please file a ticket on it at http://cvstrac.pfsense.org/ ? Thanks --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] pfSense Beta3 available
Craig, based on your screenshots in the forum, you weren't running Beta3 when you took them. I suspect your issue is related to bugs pre-beta3 in the load balance code. Can you delete your pools and recreate them? Thanks --Bill On 4/18/06, Craig Roy <[EMAIL PROTECTED]> wrote: > Hi Bill, > > Yes it is during boot, Network for WAN and OPT are up then they are pulled > down during Hardware load, then after that Bad Monitor IP Error MSG, then > loads the LAN, WAN, OPT and firewall rules etc. > > There is no record of it in the System Log, and it does not seem to be a > problem. Don't mind me, I'm a bit of a perfectionist. If I supply a PFSense > box to customers then if they watch this they may start trying to fix things > but make things worse. > > Is it possible to boot PFSense step by step asking to confirm so that I can > get the exact point it occurs, if need be? > > Kindest Regards, > > Craig Roy > Horizon IT Consultants > [EMAIL PROTECTED] > > AUSTRALIAN RESELLER > FOR > > > -Original Message- > From: Bill Marquette [mailto:[EMAIL PROTECTED] > Sent: Wednesday, 19 April 2006 1:53 PM > To: support@pfsense.com > Subject: Re: [pfSense Support] pfSense Beta3 available > > Can you clarify the "Monitor IP is Bad IP address" error? I don't > know where you're seeing that (other than during boot). > > --Bill > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- > No virus found in this incoming message. > Checked by AVG Anti-Virus. > Version: 7.1.384 / Virus Database: 268.4.4/318 - Release Date: 18/04/2006 > > > -- > No virus found in this outgoing message. > Checked by AVG Anti-Virus. > Version: 7.1.384 / Virus Database: 268.4.4/318 - Release Date: 18/04/2006 > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] pfSense Beta3 available
Sorry Bill, but they are of Beta 3 as I took them this morning when Scott asked for them. Kindest Regards, Craig Roy Horizon IT Consultants [EMAIL PROTECTED] AUSTRALIAN RESELLER FOR -Original Message- From: Bill Marquette [mailto:[EMAIL PROTECTED] Sent: Wednesday, 19 April 2006 3:07 PM To: support@pfsense.com Subject: Re: [pfSense Support] pfSense Beta3 available Craig, based on your screenshots in the forum, you weren't running Beta3 when you took them. I suspect your issue is related to bugs pre-beta3 in the load balance code. Can you delete your pools and recreate them? Thanks --Bill On 4/18/06, Craig Roy <[EMAIL PROTECTED]> wrote: > Hi Bill, > > Yes it is during boot, Network for WAN and OPT are up then they are pulled > down during Hardware load, then after that Bad Monitor IP Error MSG, then > loads the LAN, WAN, OPT and firewall rules etc. > > There is no record of it in the System Log, and it does not seem to be a > problem. Don't mind me, I'm a bit of a perfectionist. If I supply a PFSense > box to customers then if they watch this they may start trying to fix things > but make things worse. > > Is it possible to boot PFSense step by step asking to confirm so that I can > get the exact point it occurs, if need be? > > Kindest Regards, > > Craig Roy > Horizon IT Consultants > [EMAIL PROTECTED] > > AUSTRALIAN RESELLER > FOR > > > -Original Message- > From: Bill Marquette [mailto:[EMAIL PROTECTED] > Sent: Wednesday, 19 April 2006 1:53 PM > To: support@pfsense.com > Subject: Re: [pfSense Support] pfSense Beta3 available > > Can you clarify the "Monitor IP is Bad IP address" error? I don't > know where you're seeing that (other than during boot). > > --Bill > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- > No virus found in this incoming message. > Checked by AVG Anti-Virus. > Version: 7.1.384 / Virus Database: 268.4.4/318 - Release Date: 18/04/2006 > > > -- > No virus found in this outgoing message. > Checked by AVG Anti-Virus. > Version: 7.1.384 / Virus Database: 268.4.4/318 - Release Date: 18/04/2006 > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.1.384 / Virus Database: 268.4.4/318 - Release Date: 18/04/2006 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.1.384 / Virus Database: 268.4.4/318 - Release Date: 18/04/2006 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] After bootup changes
Bill Marquette wrote: On 4/18/06, Nate Steffan <[EMAIL PROTECTED]> wrote: Scott Ullrich wrote: On 17 Apr 2006 16:16:37 -0500, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: After bootup I would not like to show the pfsense menu. This is a security risk for me as pressing 8 will give a root shell. I would instead like to just show a login prompt as with any normal Freebsd machine. System -> Advanced -> Disable console menu Also, why won't my chpass changes maintain after reboot? I would like to use bash as my shell, however it will always default to /bin/sh on reboot. One more thing, does the pfsense distro still recognize /etc/rc.conf? I tried installing powerdns, however the rc.d script will not run? You should use the webConfigurator password function to maintain the root and admin accounts. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] I tried disabling the console menu as stated, however it still is not disabled. This is very important to me as I will be using this box as a frontend that a number of people will be logging into and not having access to the root account is very important. I looked at the php code as I am a php developer myself, and I see that /var/etc/disableconsolemenu is created, however the console is still showing up. Bug possibly? Also were do I maintain the root account. I dont see anywhere to change the shell or password. Is there some config file I need to edit? The admin id == the root account. Displaying a login prompt will only stop non-authorized people from gaining access, not authorized admins from gaining root. We do have a user manager in HEAD that will do what you wish, but that won't make it into 1.0. Aside from that - I was just able to duplicate the console menu not being disabled issue. Looks like you found a bug, can you plse file a ticket on it at http://cvstrac.pfsense.org/ ? Thanks --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Ok that is understandable about the root account and a ticket has been created in the cvstrac for the console bug. Now is there a way to make persistant changes for the shell. Sorry, but I have grown accustomed to bash. When I say persistent, I am asking how to make it so it lasts longer than a reboot. Nate - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
