[pfSense Support] hard drive install failure
I'm attempting to install onto a hard-drive, the format was ok but then I get /sbin/fdisk -v -f /tmp/new.fdisk ad1 FAILED with a return code of 1 the log says the number of cylinders 153221 may out of range and that the number of sectors is out of range. I am attempting to install onto a 320Gb drive, is that too big? or do I need to change something somewhere - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Date Change Bug
What did you change it to? If you chose a GMT -X setting, they don't work properly. You have to choose a location time zone, not just the GMT + or - setting. Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 From: Nathan Eisenberg [mailto:nat...@atlasnetworks.us] Sent: Sunday, February 15, 2009 6:59 PM To: support@pfsense.com Subject: [pfSense Support] Date Change Bug Hello, I recently changed the timezone on one of our PFSense boxes, as it thought it was 12 hours ahead of where it actually is. Since I have made that change, states do not appear to be expiring normally, and the logs are still labeled with the old date/time offset. However, the result of 'date' in the command line is correct. Restarting this box is pretty difficult, although I am confident that a reboot would fix the issue. Do I have any other options? Best Regards, Nathan Eisenberg Atlas Networks, LLC Phone: 206-577-3078 supp...@atlasnetworks.us www.atlasnetworks.us
[pfSense Support] Re: hard drive install failure
additionally, I tried to install onto a smaller (10Gb) Hard drive, this appeared to work until I rebooted after the install and attempted to boot from the hard drive, both (I tried this with 2 different drives) failed to boot with READ_DMA failures, g_vfs_done error = 5, vnode_pager_getpages: I/O read error init: can't exec /bin/sh for /etc/rc init: fatal signal: segmentation fault 2009/2/16 Nick Upson nick.up...@gmail.com: I'm attempting to install onto a hard-drive, the format was ok but then I get /sbin/fdisk -v -f /tmp/new.fdisk ad1 FAILED with a return code of 1 the log says the number of cylinders 153221 may out of range and that the number of sectors is out of range. I am attempting to install onto a 320Gb drive, is that too big? or do I need to change something somewhere - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Date Change Bug
On Sun, Feb 15, 2009 at 5:58 PM, Nathan Eisenberg nat...@atlasnetworks.us wrote: Hello, I recently changed the timezone on one of our PFSense boxes, as it thought it was 12 hours ahead of where it actually is. Since I have made that change, states do not appear to be expiring normally, and the logs are still labeled with the old date/time offset. However, the result of 'date' in the command line is correct. Short answer: don't do that. Long answer: Yeah, don't change dates on a running unix system unless you plan on restarting all services afterwards. At best, what you did is increased the expiration time on all states by 12 hours (including states that would normally have expired in say 30 seconds). At worst, you also are no longer running the kernel thread that cleans up states (well, at least for the next 12 hours - by the time you read this, your system might actually be back to normal). Restarting this box is pretty difficult, although I am confident that a reboot would fix the issue. Do I have any other options? Wait it out, assuming you don't run out of state table entries and hose the box first. It'll either recover once it catches up to the date it _used_ to have, or you'll be rebooting it. --Bill - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Date Change Bug
Logs won't be fixed short of a reboot, unless you like monkeying around in the shell. Syslog records it's offset from GMT when it starts up. --Bill On Mon, Feb 16, 2009 at 8:17 AM, Bill Marquette bill.marque...@gmail.com wrote: On Sun, Feb 15, 2009 at 5:58 PM, Nathan Eisenberg nat...@atlasnetworks.us wrote: Hello, I recently changed the timezone on one of our PFSense boxes, as it thought it was 12 hours ahead of where it actually is. Since I have made that change, states do not appear to be expiring normally, and the logs are still labeled with the old date/time offset. However, the result of 'date' in the command line is correct. Short answer: don't do that. Long answer: Yeah, don't change dates on a running unix system unless you plan on restarting all services afterwards. At best, what you did is increased the expiration time on all states by 12 hours (including states that would normally have expired in say 30 seconds). At worst, you also are no longer running the kernel thread that cleans up states (well, at least for the next 12 hours - by the time you read this, your system might actually be back to normal). Restarting this box is pretty difficult, although I am confident that a reboot would fix the issue. Do I have any other options? Wait it out, assuming you don't run out of state table entries and hose the box first. It'll either recover once it catches up to the date it _used_ to have, or you'll be rebooting it. --Bill - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Re: policy rules with proxy and multiwan
Nobody answer? 2009/2/12 Federico Konig chamiko...@gmail.com I setup multiwan with 4 links, and i have a proxy service. Then, the machines on lan navigate trough the proxy. The proxy request a page trough the pfsense box. I'm used policy rules for a determinate ip address, but the problem is that this rules don't work because the request is always from proxy server and not from the Lan machine . Is there any solution for use policy rules with pfsense and a proxy server.? sorry about my redaction, i'm from Argentina.
Re: [pfSense Support] Support CARP active/active
cassio lima wrote: hi freinds pfsense in the support carp mode active / active and how I can configure? No, it does not support active/active. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Support CARP active/active
You could manually load balance I believe by making the Advertising Frequency of the virtual IP higher or lower on each of the firewalls. Probably not easy to troubleshoot or manage. Curtis LaMasters http://www.curtis-lamasters.com http://www.builtnetworks.com On Mon, Feb 16, 2009 at 9:38 AM, Gary Buckmaster g...@centipedenetworks.com wrote: cassio lima wrote: hi freinds pfsense in the support carp mode active / active and how I can configure? No, it does not support active/active. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Re: policy rules with proxy and multiwan
On Mon, Feb 16, 2009 at 9:57 AM, Federico Konig chamiko...@gmail.com wrote: Nobody answer? 2009/2/12 Federico Konig chamiko...@gmail.com I setup multiwan with 4 links, and i have a proxy service. Then, the machines on lan navigate trough the proxy. The proxy request a page trough the pfsense box. I'm used policy rules for a determinate ip address, but the problem is that this rules don't work because the request is always from proxy server and not from the Lan machine . Is there any solution for use policy rules with pfsense and a proxy server.? sorry about my redaction, i'm from Argentina. There is no solution to this unfortunately in 1.2.2/1.2.3. Scott - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Date Change Bug
That's what I discovered - I had originally set it to GMT -8, and it is now America/Los Angeles Best Regards, Nathan Eisenberg Atlas Networks, LLC Phone: 206-577-3078 supp...@atlasnetworks.usmailto:supp...@atlasnetworks.us www.atlasnetworks.ushttp://www.atlasnetworks.us From: Christopher Iarocci [mailto:ciaro...@tfop.net] Sent: Monday, February 16, 2009 5:46 AM To: support@pfsense.com Subject: RE: [pfSense Support] Date Change Bug What did you change it to? If you chose a GMT -X setting, they don't work properly. You have to choose a location time zone, not just the GMT + or - setting. Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 From: Nathan Eisenberg [mailto:nat...@atlasnetworks.us] Sent: Sunday, February 15, 2009 6:59 PM To: support@pfsense.com Subject: [pfSense Support] Date Change Bug Hello, I recently changed the timezone on one of our PFSense boxes, as it thought it was 12 hours ahead of where it actually is. Since I have made that change, states do not appear to be expiring normally, and the logs are still labeled with the old date/time offset. However, the result of 'date' in the command line is correct. Restarting this box is pretty difficult, although I am confident that a reboot would fix the issue. Do I have any other options? Best Regards, Nathan Eisenberg Atlas Networks, LLC Phone: 206-577-3078 supp...@atlasnetworks.usmailto:supp...@atlasnetworks.us www.atlasnetworks.ushttp://www.atlasnetworks.us
Re: [pfSense Support] Re: policy rules with proxy and multiwan
Ok, thank you Scott. I will trying. 2009/2/16 Scott Ullrich sullr...@gmail.com On Mon, Feb 16, 2009 at 9:57 AM, Federico Konig chamiko...@gmail.com wrote: Nobody answer? 2009/2/12 Federico Konig chamiko...@gmail.com I setup multiwan with 4 links, and i have a proxy service. Then, the machines on lan navigate trough the proxy. The proxy request a page trough the pfsense box. I'm used policy rules for a determinate ip address, but the problem is that this rules don't work because the request is always from proxy server and not from the Lan machine . Is there any solution for use policy rules with pfsense and a proxy server.? sorry about my redaction, i'm from Argentina. There is no solution to this unfortunately in 1.2.2/1.2.3. Scott - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Re: policy rules with proxy and multiwan
On Mon, Feb 16, 2009 at 11:42 AM, Scott Ullrich sullr...@gmail.com wrote: On Mon, Feb 16, 2009 at 9:57 AM, Federico Konig chamiko...@gmail.com wrote: Nobody answer? 2009/2/12 Federico Konig chamiko...@gmail.com I setup multiwan with 4 links, and i have a proxy service. Then, the machines on lan navigate trough the proxy. The proxy request a page trough the pfsense box. I'm used policy rules for a determinate ip address, but the problem is that this rules don't work because the request is always from proxy server and not from the Lan machine . Is there any solution for use policy rules with pfsense and a proxy server.? sorry about my redaction, i'm from Argentina. There is no solution to this unfortunately in 1.2.2/1.2.3. Aside from putting the proxy on a different box inside your network rather than running on the firewall itself. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Re: policy rules with proxy and multiwan
On Mon, Feb 16, 2009 at 07:57, Federico Konig chamiko...@gmail.com wrote: Nobody answer? It was unclear whether you meant policy in the Cisco sense (route source X via gateway Y) or policy in the sense of applying access policies - like who may connect to what site on what port. Either way, a firewall that doesn't do deep packet inspection (L7 filtering), cannot distinguish what client issued what request to a proxy - if there is any policy to be applied, it must be done at the proxy level and not at the firewall level. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] SQUID Module + LDAP AUTH
Hello People, Is that LDAP AUTH working at PFSense SQUID MODULE? I tried a lot of times to configure that without sucess... I'm using a Win2003Standard Active Directory to authenticate. Here is my config sample: Authentication mode:LDAP LDAP version 3 Authentication server 10.0.0.10 Authentication server port BLANK LDAP server user DN cn=administrator,cn=users,dc=controller,dc=org LDAP password (the admin passwd) LDAP base domaindc=controller,dc=org LDAP search filter sAMAccountName=%s (my domain test name is: controller.org) None of my Active Directory users are working... it's like to use a wrong password. After 3 tries, error message. Any Idea? Thanks a lot.. Cordially, Fabrício. ||| Fabrício Ferreira ||| Especialista em segurança digital e Infraestrutura de redes. MCP * Microsoft Certified Professional. MCNPS * Microsoft Certified Network Product Specialist. Cel: (011) 9937-6605 E-mail: gu...@uol.com.br
Re: [pfSense Support] SQUID Module + LDAP AUTH
ideas http://www.papercut.com/kb/Main/ConfiguringSquidProxyToAuthenticateWithActiveDirectory On Mon, Feb 16, 2009 at 11:51 PM, Fabricio Ferreira gu...@bol.com.brwrote: *Hello People,* *Is that LDAP AUTH working at PFSense SQUID MODULE?* *I tried a lot of times to configure that without sucess... * *I'm using a Win2003Standard Active Directory to authenticate.* * * *Here is my config sample: * *Authentication mode:LDAP* *LDAP version 3* *Authentication server 10.0.0.10 * *Authentication server port BLANK * *LDAP server user DN cn=administrator,cn=users,dc=controller,dc=org* *LDAP password (the admin passwd) * *LDAP base domaindc=controller,dc=org* *LDAP search filter sAMAccountName=%s * ** * (my domain test name is: controller.org)* * * *None of my Active Directory users are working... it's like to use a wrong password.* *After 3 tries, error message.* *Any Idea?* *Thanks a lot..* * * *Cordially,* * * *Fabrício.* *||| Fabrício Ferreira |||* *Especialista em segurança digital e Infraestrutura de redes.* *MCP * Microsoft Certified Professional.* *MCNPS * Microsoft Certified Network Product Specialist.* *Cel: (011) 9937-6605* *E-mail: gu...@uol.com.br*