[pfSense Support] ping_hosts.sh in infinite loop
Earlier today while I was making some changes to my NAT rules (I was testing to see how many connection states I can track as a result of the DDoS/syn flood I am currently under[1]) and it seems that /etc/ping_hosts.sh got stuck in an infinite loop. I'm guessing it's forking processes which are immediately dying or something. Anyone got a good way to debug this to try to gain some information about why it's stuck and burning CPU before I kill the process? -Dave [1] http://forum.pfsense.org/index.php/topic,9284.msg52570.html#msg52570 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] SQUID : ACL with time restriction with captive portal
Hello all my system works : captive portal, squid, etc. But I need to restrict with acl in /usr/local/etc/squid/squid.conf so juste before : # Default block all to be sure http_access deny all I've add : # Regles perso acl clients_wifi src 192.168.0.0/255.255.255.0 acl plage_autorisee time MTWHFA 07:30-10:00 http_access allow clients_wifi plage_autorisee I precise that range IP is good. Thank you ! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] ping_hosts.sh in infinite loop
On Tue, 6 May 2008 00:43:15 -0700, David Rees [EMAIL PROTECTED] wrote: Earlier today while I was making some changes to my NAT rules (I was testing to see how many connection states I can track as a result of the DDoS/syn flood I am currently under[1]) and it seems that /etc/ping_hosts.sh got stuck in an infinite loop. I'm guessing it's forking processes which are immediately dying or something. Anyone got a good way to debug this to try to gain some information about why it's stuck and burning CPU before I kill the process? -Dave [1] http://forum.pfsense.org/index.php/topic,9284.msg52570.html#msg52570 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] ping_hosts.sh in infinite loop
On Tue, May 6, 2008 at 6:12 AM, [EMAIL PROTECTED] wrote: Was it just me, or did [EMAIL PROTECTED]'s reply look empty? -Dave - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] ping_hosts.sh in infinite loop
David Rees wrote: On Tue, May 6, 2008 at 6:12 AM, [EMAIL PROTECTED] wrote: Was it just me, or did [EMAIL PROTECTED]'s reply look empty? It was. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] ping_hosts.sh in infinite loop
David Rees wrote: On Tue, May 6, 2008 at 9:27 AM, Chris Buechler [EMAIL PROTECTED] wrote: David Rees wrote: Was it just me, or did [EMAIL PROTECTED]'s reply look empty? It was. Thought so. ;-) Anyone have any ideas on the ping_hosts.sh getting stuck and apparently looping? It's still doing it 8 hours later - I'd like to kill the process to let the box rest a bit, but if someone has any requests for information or diagnostics before I do so I can wait a bit... no clue, was hoping Scott would reply to that part. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] ping_hosts.sh in infinite loop
On 5/6/08, David Rees [EMAIL PROTECTED] wrote: Thought so. ;-) Anyone have any ideas on the ping_hosts.sh getting stuck and apparently looping? It's still doing it 8 hours later - I'd like to kill the process to let the box rest a bit, but if someone has any requests for information or diagnostics before I do so I can wait a bit... Show the process information (ps awux | grep ping). It is normal for this process to be running quite a bit but I am not sure about 8 hours. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] How to tell current OpenVPN clients
Hi Folks, Any simple method to determine the current OpenVPN clients on a pfSense gateway and their IP addresses? I quite often use VNC to take control of remote clients, and it would be wonderful if there was a quick method. Regards, Merul - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] How to tell current OpenVPN clients
Enable the management interface or download the Java (All Platform). There's pretty good information on the management interface and GUI's for it on the OpenVPN website. -- Curtis LaMasters http://www.curtis-lamasters.com http://www.builtnetworks.com
Re: [pfSense Support] How to tell current OpenVPN clients
Thanks Curtis, Does this work on the embedded version of pfSense? Thought I'd been pretty diligent about googling pre-posting, but apologies if not. BR Merul On 6 May 2008, at 19:03, Curtis LaMasters wrote: Enable the management interface or download the Java (All Platform). There's pretty good information on the management interface and GUI's for it on the OpenVPN website. -- Curtis LaMasters http://www.curtis-lamasters.com http://www.builtnetworks.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] How to tell current OpenVPN clients
Hi. Add this line in the costum options field of your OpenVPN Server: management PFSENSE-IP 7505; then telnet the pfsense host on port 7505 and type status or help :) NOTE: In PFSENSE-IP don't use 127.0.0.1!!! Type the LAN address of the pfsense host instead Ter, 2008-05-06 às 19:08 +0100, Merul Patel escreveu: Thanks Curtis, Does this work on the embedded version of pfSense? Thought I'd been pretty diligent about googling pre-posting, but apologies if not. BR Merul On 6 May 2008, at 19:03, Curtis LaMasters wrote: Enable the management interface or download the Java (All Platform). There's pretty good information on the management interface and GUI's for it on the OpenVPN website. -- Curtis LaMasters http://www.curtis-lamasters.com http://www.builtnetworks.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] ping_hosts.sh in infinite loop
On 5/6/08, David Rees [EMAIL PROTECTED] wrote: root 59637 5.7 0.5 1744 1216 ?? S 7:51PM 58:41.28 /bin/sh /etc/ping_hosts.sh root1510 0.0 0.3 1268 732 ?? Is2:06PM 0:00.04 minicron 240 /var/run/ping_hosts.pid /etc/ping_hosts.sh root 59636 0.0 0.5 1716 1176 ?? I 7:51PM 0:00.01 sh -c /etc/ping_hosts.sh root 88640 0.0 0.5 1744 1216 ?? S11:12AM 0:00.00 /bin/sh /etc/ping_hosts.sh The box was rebooted around 2pm. The high CPU utilization started right before 8pm, you can see how the first ping_hosts.sh script has used over an hour of CPU time. The script itself doesn't take up that much CPU, but looking at top CPU time is 25-30% user and 60-70% system, 0% idle which seems to indicate that the script is forking off a lot of processes. I was making some changes to the NAT rules and number of states to track around the time to see how pfsense would handle a SYN flood. Looking at the script itself, I don't see any obvious places where the script could get stuck. If it were possible to see what the script was doing that would help. I don't think I mentioned this earlier, but it's running 1.2 embedded on ALIX hardware. Since you appear to have some shell script knowledge check the script where it reads in a couple of files. Can you take a look at the files that it reads in and tell me how many entries in the file there are? I am wondering if one of those files have grown in size to a point where it can never finish processing. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] ping_hosts.sh in infinite loop
On Tue, May 6, 2008 at 11:31 AM, Scott Ullrich [EMAIL PROTECTED] wrote: Since you appear to have some shell script knowledge check the script where it reads in a couple of files. Can you take a look at the files that it reads in and tell me how many entries in the file there are? I am wondering if one of those files have grown in size to a point where it can never finish processing. All the files appear to be empty. No files are large. I suspect that whatever triggered the issue has since resolved itself, otherwise we'd have ping_hosts.sh scripts piling up every 5 minutes. My best guess is that it's somehow gotten stuck in the loop reading the config file near the top - possibly when doing the tunnel parsing. This would make sense if the config file isn't written out atomically. In the while [ $configline != /tunnel ]; loop there is an explicit read - which doesn't appear to check to see if the read failed or not - unfortunately I'm not familiar enough with the while read bash syntax to know what happens when a read fails - would have to do a bit of research and am a bit short on time right this second. How is the config file written to disk? Is it simply overwritten? Or does a temporary config get generated and then linked over the original config file? If my theory is correct, I would suggest two fixes: 1. Make sure the config file is written atomically to the filesystem. This means writing the file to a temporary file and then moving/linking the temporary file over the real one. 2. Check that the read in the inner loop is successful and abort the inner loop if not. while [ $configline != /tunnel ]; do read configline # check for successful read here and abort if not successful # inner loop code omitted for brevity done -Dave - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] ping_hosts.sh in infinite loop
On 5/6/08, David Rees [EMAIL PROTECTED] wrote: All the files appear to be empty. No files are large. I suspect that whatever triggered the issue has since resolved itself, otherwise we'd have ping_hosts.sh scripts piling up every 5 minutes. My best guess is that it's somehow gotten stuck in the loop reading the config file near the top - possibly when doing the tunnel parsing. This would make sense if the config file isn't written out atomically. In the while [ $configline != /tunnel ]; loop there is an explicit read - which doesn't appear to check to see if the read failed or not - unfortunately I'm not familiar enough with the while read bash syntax to know what happens when a read fails - would have to do a bit of research and am a bit short on time right this second. How is the config file written to disk? Is it simply overwritten? Or does a temporary config get generated and then linked over the original config file? If my theory is correct, I would suggest two fixes: 1. Make sure the config file is written atomically to the filesystem. This means writing the file to a temporary file and then moving/linking the temporary file over the real one. 2. Check that the read in the inner loop is successful and abort the inner loop if not. while [ $configline != /tunnel ]; do read configline # check for successful read here and abort if not successful # inner loop code omitted for brevity done Excellent suggestions. Can you make these changes to your file and test? If all looks well submit a diff -rub patch and I'll get it committed. Thanks! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] ping_hosts.sh in infinite loop
On Tue, May 6, 2008 at 12:09 PM, Scott Ullrich [EMAIL PROTECTED] wrote:
On 5/6/08, David Rees [EMAIL PROTECTED] wrote:
If my theory is correct, I would suggest two fixes:
1. Make sure the config file is written atomically to the filesystem.
This means writing the file to a temporary file and then
moving/linking the temporary file over the real one.
I did some checking in the PHP code - it does look like there are
various locations where the /conf/config.xml or
{$g['conf_path']}/config.xml or /cf/conf/config.xml are written just
using a plain fopen, write, close. This does leave you open to the
race condition I mentioned earlier where it's possible that another
process ends up reading a halfway written config file.
I'll try to get the time to fix this properly - a generic safe_write
function which takes a filename as an argument, writes to a temporary
file in the same folder, then renames the temporary file over the
original filename should do the trick. Then it's just a matter of
finding all the places where the config file is written to and
replacing the those sections of code with the function call.
2. Check that the read in the inner loop is successful and abort the
inner loop if not.
while [ $configline != /tunnel ];
do
read configline
# check for successful read here and abort if not successful
# inner loop code omitted for brevity
done
This sanity check is only a couple lines.
Excellent suggestions. Can you make these changes to your file and
test? If all looks well submit a diff -rub patch and I'll get it
committed.
No problem, I just need to find the time to do the first patch which
is pretty involved. Find a patch to check that the read configline was
successful to avoid the infinite loop on a corrupt config file. Seems
to work on my system.
-Dave
--- ping_hosts.sh.orig 2007-11-23 17:17:54.0 -0800
+++ ping_hosts.sh 2008-05-06 13:45:33.0 -0700
@@ -25,6 +25,9 @@
VPNENABLED=1
while [ $configline != /tunnel ];
do
+if ! read configline ; then
+ break
+fi
read configline
if [ $configline = disabled/ ]; then
VPNENABLED=0
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] ping_hosts.sh in infinite loop
On 5/6/08, David Rees [EMAIL PROTECTED] wrote:
I did some checking in the PHP code - it does look like there are
various locations where the /conf/config.xml or
{$g['conf_path']}/config.xml or /cf/conf/config.xml are written just
using a plain fopen, write, close. This does leave you open to the
race condition I mentioned earlier where it's possible that another
process ends up reading a halfway written config file.
Yes and no. Any config.xml operations are protected by config_lock()
and unlock().Are you seeing a case where they are not? Note:
write_config() automatically handles this behind the scenes.
I'll try to get the time to fix this properly - a generic safe_write
function which takes a filename as an argument, writes to a temporary
file in the same folder, then renames the temporary file over the
original filename should do the trick. Then it's just a matter of
finding all the places where the config file is written to and
replacing the those sections of code with the function call.
Might be a good idea. I think we already have a wrapper for writing
a file in PHP so we just need to alter that code.
No problem, I just need to find the time to do the first patch which
is pretty involved. Find a patch to check that the read configline was
successful to avoid the infinite loop on a corrupt config file. Seems
to work on my system.
Great, thanks for your help!
Scott
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] ping_hosts.sh in infinite loop
On Tue, May 6, 2008 at 1:54 PM, Scott Ullrich [EMAIL PROTECTED] wrote:
On 5/6/08, David Rees [EMAIL PROTECTED] wrote:
I did some checking in the PHP code - it does look like there are
various locations where the /conf/config.xml or
{$g['conf_path']}/config.xml or /cf/conf/config.xml are written just
using a plain fopen, write, close. This does leave you open to the
race condition I mentioned earlier where it's possible that another
process ends up reading a halfway written config file.
Yes and no. Any config.xml operations are protected by config_lock()
and unlock().Are you seeing a case where they are not? Note:
write_config() automatically handles this behind the scenes.
Ah, missed that. I did see a few other places where it appears that
config.xml is written besides through the write_config routine...
Modifying write_config to update the config file atomically will be
straight forward and should cover most of the cases where the file is
commonly written.
If you lock the file before doing any reads of the config then we
should be sure that we aways get a valid config file. Even if
everything does, it's not bad practice to attempt the config files
atomically.
But since the ping_hosts.sh script doesn't check, that explains the
problem. I'm guessing that there are other scripts that don't as well.
I'll see if I can modify write_config to do the right thing.
-Dave
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] ping_hosts.sh in infinite loop
On Tue, May 6, 2008 at 2:07 PM, David Rees [EMAIL PROTECTED] wrote:
Ah, missed that. I did see a few other places where it appears that
config.xml is written besides through the write_config routine...
Modifying write_config to update the config file atomically will be
straight forward and should cover most of the cases where the file is
commonly written.
OK, attached is a patch to /etc/config.inc that makes sure that the
config.xml and config.cache is updated atomically. The patch adds a
function function write_safe_file with 3 arguments: $file, $content,
$force_binary.
Tested on my local pfSense 1.2 box here, seems to work OK.
Let me know what you think!
If the patches I submitted look OK, do you think they'll make it into 1.2.1?
-Dave
--- config.inc.orig 2008-02-14 10:41:55.0 -0800
+++ config.inc 2008-05-06 14:23:24.0 -0700
@@ -1061,11 +1061,9 @@
conf_mount_rw();
/* write new configuration */
- $fd = fopen({$g['cf_conf_path']}/config.xml, w);
- if (!$fd)
+ if (!write_safe_file({$g['cf_conf_path']}/config.xml, $xmlconfig, false)) {
die(Unable to open {$g['cf_conf_path']}/config.xml for writing in write_config()\n);
- fwrite($fd, $xmlconfig);
- fclose($fd);
+ }
if($g['platform'] == embedded) {
cleanup_backupcache(5);
@@ -1082,11 +1080,7 @@
$config = parse_xml_config({$g['conf_path']}/config.xml, $g['xml_rootobj']);
/* write config cache */
- $fd = @fopen({$g['tmp_path']}/config.cache, wb);
- if ($fd) {
- fwrite($fd, serialize($config));
- fclose($fd);
- }
+ write_safe_file({$g['tmp_path']}/config.cache, serialize($config), true);
/* tell kernel to sync fs data */
mwexec(/bin/sync);
@@ -1096,6 +1090,45 @@
return $config;
}
+/f* config/write_safe_file
+ * NAME
+ * write_safe_file - Write a file out atomically
+ * DESCRIPTION
+ * write_safe_file() Writes a file out atomically by first writing to a
+ * temporary file of the same name but ending with the pid of the current
+ * process, them renaming the temporary file over the original.
+ * INPUTS
+ * $filename - string containing the filename of the file to write
+ * $content - string containing the file content to write to file
+ * $force_binary - boolean denoting whether we should force binary
+ * mode writing.
+ * RESULT
+ * boolean - true if successful, false if not
+ **/
+function write_safe_file($file, $content, $force_binary) {
+ $tmp_file = $file . . . getmypid();
+ $write_mode = $force_binary ? wb : w;
+
+ $fd = fopen($tmp_file, $write_mode);
+ if (!$fd) {
+ // Unable to open temporary file for writing
+ return false;
+ }
+ if (!fwrite($fd, $content)) {
+ // Unable to write to temporary file
+ fclose($fd);
+ return false;
+ }
+ fclose($fd);
+
+ if (!rename($tmp_file, $file)) {
+ // Unable to move temporary file to original
+ unlink($tmp_file);
+ return false;
+ }
+ return true;
+}
+
/f* config/reset_factory_defaults
* NAME
* reset_factory_defaults - Reset the system to its default configuration.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] boot usb wothout bios support
Hi I'm new to BSD and pfsense. I want to boot pfsense from my usb pen drive but my BIOS it's old and can't boot from a USB drive. Sombody can help me? Note: I don't have Hard Drive nor Floppy Disk, I just have: -Cd-rom drive -1GB USB pen drive with pfsense installed (it works I tested it on my laptop) - the pfsense cd, - computer with 3 network cards. - celeron proccesor (333) very old! -- Lalo: Just do it, life is too short
Re: [pfSense Support] boot usb wothout bios support
Ernesto Eduardo Medina Núñez wrote: Hi I'm new to BSD and pfsense. I want to boot pfsense from my usb pen drive but my BIOS it's old and can't boot from a USB drive. Sombody can help me? Note: I don't have Hard Drive nor Floppy Disk, I just have: -Cd-rom drive -1GB USB pen drive with pfsense installed (it works I tested it on my laptop) - the pfsense cd, - computer with 3 network cards. - celeron proccesor (333) very old! -- Lalo: Just do it, life is too short If your BIOS is too old to boot from a USB drive, but you want to boot from a USB drive, what could you possibly expect us to do? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] boot usb wothout bios support
Am 07.05.2008 um 00:21 schrieb Gary Buckmaster: Ernesto Eduardo Medina Núñez wrote: Hi I'm new to BSD and pfsense. I want to boot pfsense from my usb pen drive but my BIOS it's old and can't boot from a USB drive. Sombody can help me? Note: I don't have Hard Drive nor Floppy Disk, I just have: -Cd-rom drive -1GB USB pen drive with pfsense installed (it works I tested it on my laptop) - the pfsense cd, - computer with 3 network cards. - celeron proccesor (333) very old! -- Lalo: Just do it, life is too short If your BIOS is too old to boot from a USB drive, but you want to boot from a USB drive, what could you possibly expect us to do? Get an adapter, so you can connect a micro drive to ATA and boot from that. There's no magic. Can't you boot from CD and put the rules on USB? I've never done that, but IIRC, pfsense can do that. Rainer -- Rainer Duffner CISSP, LPI, MCSE [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] boot usb wothout bios support
Booting from CD isn't an option? Why are you trying to boot from USB? _ From: Ernesto Eduardo Medina Núñez [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 06, 2008 3:16 PM To: support@pfsense.com Subject: [pfSense Support] boot usb wothout bios support Hi I'm new to BSD and pfsense. I want to boot pfsense from my usb pen drive but my BIOS it's old and can't boot from a USB drive. Sombody can help me? Note: I don't have Hard Drive nor Floppy Disk, I just have: -Cd-rom drive -1GB USB pen drive with pfsense installed (it works I tested it on my laptop) - the pfsense cd, - computer with 3 network cards. - celeron proccesor (333) very old! -- Lalo: Just do it, life is too short
Re: [pfSense Support] boot usb wothout bios support
If BIOS does not support booting from USB then no operating system can help because the BIOS is the first intelligence to the processor which directs the computer to devices. Looks like you should boot from pfsense liveCD and then configure the rules to be saved on the USB drive. Ideally save your current config.xml file on any USB drive root. Remove all other files even if they don't matter(just keeps it clean) And then boot from CD. The pfsense should recognize the USB drive and the config file. Leave the CD in there for future power cyles. Hope this helps. Ernesto Eduardo Medina Núñez [EMAIL PROTECTED] wrote: Hi I'm new to BSD and pfsense. I want to boot pfsense from my usb pen drive but my BIOS it's old and can't boot from a USB drive. Sombody can help me? Note: I don't have Hard Drive nor Floppy Disk, I just have: -Cd-rom drive -1GB USB pen drive with pfsense installed (it works I tested it on my laptop) - the pfsense cd, - computer with 3 network cards. - celeron proccesor (333) very old! -- Lalo: Just do it, life is too short
Re: [pfSense Support] ping_hosts.sh in infinite loop
On Tue, May 6, 2008 at 5:30 PM, David Rees [EMAIL PROTECTED] wrote: OK, attached is a patch to /etc/config.inc that makes sure that the config.xml and config.cache is updated atomically. The patch adds a function function write_safe_file with 3 arguments: $file, $content, $force_binary. Tested on my local pfSense 1.2 box here, seems to work OK. Let me know what you think! If the patches I submitted look OK, do you think they'll make it into 1.2.1? Thanks! At a glance it looks OK, Scott will need to review though. If no one has any objections I think it is suitable for 1.2.1 as it's a bug fix. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] boot usb wothout bios support
Re: If BIOS does not support booting from USB then no operating system can help because the BIOS is the first intelligence to the processor which directs the computer to devices. A Compact flash with IDE interface works very well. It seems to me that a floppy could boot, load a USB driver and hand over to the USB device on these old machines? Any reason not? (Floppy disk required!) Kind regards David Hingston
Re: [pfSense Support] boot usb wothout bios support
On Tue, May 6, 2008 at 9:26 PM, Tortise [EMAIL PROTECTED] wrote: It seems to me that a floppy could boot, load a USB driver and hand over to the USB device on these old machines? Any reason not? (Floppy disk required!) I was thinking of that - I seem to recall some kind of boot loader that can load from a floppy or CD and then boot from a USB device. Don't remember any details whatsoever, and I might be dreaming that up but I'm pretty sure I've seen it at some point. Not helpful at all, but it's worth Googling for someone that's interested. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] boot usb wothout bios support
The older FreeBSD installations had a floppy boot disc, whether this could be adapted I have wondered? Kind regards David Hingston - Original Message - From: Chris Buechler [EMAIL PROTECTED] To: support@pfsense.com Sent: Wednesday, May 07, 2008 1:45 PM Subject: Re: [pfSense Support] boot usb wothout bios support On Tue, May 6, 2008 at 9:26 PM, Tortise [EMAIL PROTECTED] wrote: It seems to me that a floppy could boot, load a USB driver and hand over to the USB device on these old machines? Any reason not? (Floppy disk required!) I was thinking of that - I seem to recall some kind of boot loader that can load from a floppy or CD and then boot from a USB device. Don't remember any details whatsoever, and I might be dreaming that up but I'm pretty sure I've seen it at some point. Not helpful at all, but it's worth Googling for someone that's interested. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] PPTP problem
I'm running PFsense 1.2 Embedded on an Alix2c3. Everything works (and has been working) good as far as I can tell. The problem I'm having is related to PPTP connections. At the location this box is running at, the PPTP server is on. I used to be able to VPN in and access network resources (connect to file server via AFP, access router webGUI). A little while ago I used NAT to redirect SSH and HTTPS to an internal IP so a vendor could work on a local ReadyNAS unit. It seems like since then, I've not been able to access anything on the local network... I can connect to the PPTP server, it issues me an IP on the local subnet (router is at 192.168.1.1, PPTP server is at 192.168.1.3) like 192.168.1.144 via DHCP. When I try to connect to the file server, the connection times out. When I try to connect to the WebGUI, no dice either. When I try to ping the router's IP, I get no response. No error, but no response. Same thing happens when I try to ping other IPs on the network. Any ideas? How do I begin to troubleshoot this? I've restarted the PPTP server and rebooted the device. If I'm behind my PFsense install, I've turned off my PPTP server. I've even gone so far as to plug my laptop directly into my DSL modem to ensure that nothing on the local network is interfering. I've tried from different computers at different locations with the same result. Thank you for the help. Aloha, Jeremy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] boot usb wothout bios support
On Tue, May 6, 2008 at 10:35 PM, Tortise [EMAIL PROTECTED] wrote: The older FreeBSD installations had a floppy boot disc, whether this could be adapted I have wondered? Not in this fashion, no. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
