[pfSense Support] MAC based Access Control
How do I create a 'WAN' side firewall rule to allow a particular 'remote system based on its MAC address'
Re: [pfSense Support] MAC based Access Control
you cant, mac addresses are not passed through routers. Thanks, Stephen C -All of my email addresses go to the same place -Save Paper, think before you print On Sun, Nov 28, 2010 at 12:04 PM, Guruprasad g...@baysoft.in wrote: How do I create a ‘WAN’ side firewall rule to allow a particular ‘remote system based on its MAC address’ - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] ath0: ath_rx_proc: no mbuf!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all, I now have an Alix 2D13 with a Wistron CM9 Atheros 802.11a/b/g running pfsense 2.0. I had several freezes of my pfsense box and strongly suspected the WiFi to be the culprit. When the freezes appear, I see: ath0: ath_rx_proc: no mbuf! on the console. Google told me that it was related to mbuf size. I increased it and started a iperf test again (between 2 laptop connected to pfsense through WiFi). The used mbuf always goes up and does not seem to go down anymore. I searched the pfsense forum and found someone with a similar issue. ermal suggested to disable the shaper on the wireless interface. This seems to fix the problem for me. Is this a known bug? Any better workaround than disabling the shaper? Thank you. Regards, Cyril Jaquier -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkzy0rgACgkQlYy8cEwUMaSyKgCfQKv8kYbBqs4urnBxeTTlCI6N GYYAoIqSI2RgaNERR57EAEObEBCSSKaA =qy0g -END PGP SIGNATURE- - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] ath0: ath_rx_proc: no mbuf!
On Sun, Nov 28, 2010 at 3:07 PM, Cyril Jaquier cyril.jaqu...@jaqpot.net wrote: I searched the pfsense forum and found someone with a similar issue. ermal suggested to disable the shaper on the wireless interface. This seems to fix the problem for me. Is this a known bug? Any better workaround than disabling the shaper? I don't use wireless with pfsense, so I'm not sure if my situation is related, but my mbuf numbers also climb steadily. After a reboot it starts around 700. Presently at almost 10 days uptime, my mbuf usage is 10142 /10890, although I don't see any negative symptoms that I could attribute to it. This is on 2.0 embedded, Nov 18 snap. db - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] MAC based Access Control
Hi, On linux based system, you could fix the MAC / IP association, so that you can filter the IP address, being sure it corresponds to the MAC address you wan't to filter. This might not be exactyl what you wan't to do, but it could do the trick. I don't know exactly how it can be set up on a pfsense configuration. Maybe someone else could answer you on that bit. Regards, Benjamin 2010/11/28 stephen at stephenjc step...@stephenjc.com you cant, mac addresses are not passed through routers. Thanks, Stephen C -All of my email addresses go to the same place -Save Paper, think before you print On Sun, Nov 28, 2010 at 12:04 PM, Guruprasad g...@baysoft.in wrote: How do I create a ‘WAN’ side firewall rule to allow a particular ‘remote system based on its MAC address’ - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] MAC based Access Control
On Sun, Nov 28, 2010 at 11:45 PM, Benjamin MALYNOVYTCH benjamin.malynovy...@gmail.com wrote: On linux based system, you could fix the MAC / IP association, so that you can filter the IP address, being sure it corresponds to the MAC address you wan't to filter. You can't do that for hosts across the Internet, as the last response mentioned it's impossible to see the MAC address past the first layer 3 hop. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] MAC based Access Control
You're right. I was mentioning it only for local hosts. Benjamin 2010/11/29 Chris Buechler cbuech...@gmail.com On Sun, Nov 28, 2010 at 11:45 PM, Benjamin MALYNOVYTCH benjamin.malynovy...@gmail.com wrote: On linux based system, you could fix the MAC / IP association, so that you can filter the IP address, being sure it corresponds to the MAC address you wan't to filter. You can't do that for hosts across the Internet, as the last response mentioned it's impossible to see the MAC address past the first layer 3 hop. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org