Re: [pfSense Support] SquidGuard blocking all blogspot sites
Hi, I don't run squidGuard on pfSense specifically but typically with squidGuard you must remove the entry from its blocking category and then rebuild the squidGuard DB, before finally restarting squid. To prevent it being blocked again though from a future BL update you should whitelist the entry rather than removing it from its blocking category. --James. (This email was sent from a mobile device)
Re: [pfSense Support] SquidGuard blocking all blogspot sites
How can i rebuild the squidGuard DB??? On Wed, Jan 19, 2011 at 2:08 PM, James Bensley jwbens...@gmail.com wrote: Hi, I don't run squidGuard on pfSense specifically but typically with squidGuard you must remove the entry from its blocking category and then rebuild the squidGuard DB, before finally restarting squid. To prevent it being blocked again though from a future BL update you should whitelist the entry rather than removing it from its blocking category. --James. (This email was sent from a mobile device) -- Thanks Regards Shali K R Server Administrator Vidya Academy of Science Technology Thrissur,Kerala. Mob:9846303531
[pfSense Support] Network Traffic difference
Dear all, In my pfsense traffic graphic shows WAN in 4 Mbps LAN out 1Mbps Why this differenceanything wrong with mypfsense? -- Thanks Regards Shali K R Server Administrator Vidya Academy of Science Technology Thrissur,Kerala. Mob:9846303531
[pfSense Support] changing LAN to WAN
Hi, I have an existing pfsense setup with 5 Lan 1 Wan, I need to change LAN3 (the only unused one) to become a second WAN (connected to an adsl modem) Please could someone give me some idea how to achieve this, I've got the book but the part about configuring a second WAN doesn't cover changing an existing setup. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Re: FW rules on load-balanced virtual ip
On Tue, Jan 18, 2011 at 5:07 PM, Shibashish shi...@gmail.com wrote: Hi, Can i (how to) write Firewall rules on the Virtual created/added in Pfsense? The Virtual Server IP is added for load-balancing purpose. e.g. webserver runs on 10.10.10.10 port 80, 443 mail server on 10.10.10.11 port 25, 110 vpn on 10.10.10.12 port 1195 So i want to set individual rules for each ip. Anyone?
Re: [pfSense Support] SquidGuard blocking all blogspot sites
On Wed, Jan 19, 2011 at 9:34 AM, Shali K.R. sh...@vidyaacademy.ac.in wrote: Dear all, SquidGuard blocking all blogspot sites under category adult how can i exclude good blogspot sites, i removed entry blogspot.com from /var/squidGuard/arcdb/blk_blacklists_adult/domains but no effect please help me First create a 'Destinations' entry which defines the sites you want to whitelist. Then create a new acl where you whitelist the 'destinations' you want to visit. You can then apply that acl to the relevant user, IP or network range. thx -- .warren - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] changing LAN to WAN
On Wed, Jan 19, 2011 at 5:55 AM, Nick Upson nick.up...@gmail.com wrote: Hi, I have an existing pfsense setup with 5 Lan 1 Wan, I need to change LAN3 (the only unused one) to become a second WAN (connected to an adsl modem) Please could someone give me some idea how to achieve this, I've got the book but the part about configuring a second WAN doesn't cover changing an existing setup. Just change the interface's IP config as needed, then configure it however desired as an additional WAN. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] dns forwarder failing on some hostnames
On Wed, Jan 19, 2011 at 8:25 AM, Vick Khera vi...@khera.org wrote: On Tue, Jan 18, 2011 at 9:38 PM, Chris Buechler cbuech...@gmail.com wrote: It feels like it is eating up any 192.168.0.0/16 IP address returned for a hostname. This is by design to protect against DNS rebinding attacks. If you have to get private IP responses from your upstream DNS you must disable that under SystemAdvanced. Thanks. I'll flip that setting when I'm at home. I read the description on the setting and it is not at all obvious that this is the symptom of the checkbox being unset. That's why I also changed the description pretty considerably last night. It totally made all of my VPN servers invisible. Seems a tough choice: protect against rebinding or make the VPN usable. You get both if you just use domain overrides for domains where you expect private IP responses. Domains in domain overrides are excluded since most commonly those return private IPs, generally leaving Internet DNS only as where private IP responses are blocked. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] changing LAN to WAN
-Original Message- From: Chris Buechler [mailto:cbuech...@gmail.com] Sent: Wednesday, January 19, 2011 10:51 AM To: support@pfsense.com Subject: Re: [pfSense Support] changing LAN to WAN On Wed, Jan 19, 2011 at 5:55 AM, Nick Upson nick.up...@gmail.com wrote: Hi, I have an existing pfsense setup with 5 Lan 1 Wan, I need to change LAN3 (the only unused one) to become a second WAN (connected to an adsl modem) Please could someone give me some idea how to achieve this, I've got the book but the part about configuring a second WAN doesn't cover changing an existing setup. Just change the interface's IP config as needed, then configure it however desired as an additional WAN. Agreed - Don't forget the Outbound Nat settings. Though you did say you have the book. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org __ Information from ESET NOD32 Antivirus, version of virus signature database 5800 (20110119) __ The message was checked by ESET NOD32 Antivirus. http://www.eset.com - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] dns forwarder failing on some hostnames
On Wed, Jan 19, 2011 at 11:54 AM, Chris Buechler cbuech...@gmail.com wrote: You get both if you just use domain overrides for domains where you expect private IP responses. Domains in domain overrides are excluded since most commonly those return private IPs, generally leaving Internet DNS only as where private IP responses are blocked. Excellent. I'll do that, as there are only three domain names involved (or two, if kcilink.com implies int.kcilink.com) Thanks a bunch! 2.0 is certainly very very nice looking. I have yet to investigate many of the new features but the basic upgrade of uploading my 1.2.3 config file into 2.0 worked splendidly. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] rsync install on pfsense
Greetings pfsensei's, I'm wondering if I can install rsync onto my pfsense. I would like to rsync some files from a protected network up to the firewall, and send them over to my backup system which will eventually archive that data to tape. Is this possible? and is it safe? or is this a terrible idea? I'm not familiar with *BSD, but Ubuntu/Debian. -Andy - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] rsync install on pfsense
On Wed, Jan 19, 2011 at 3:49 PM, Andy Graybeal andy.grayb...@casanueva.com wrote: Greetings pfsensei's, I'm wondering if I can install rsync onto my pfsense. I would like to rsync some files from a protected network up to the firewall, and send them over to my backup system which will eventually archive that data to tape. Is this possible? and is it safe? or is this a terrible idea? http://doc.pfsense.org/index.php/Installing_FreeBSD_Packages - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] rsync install on pfsense
On 01/19/2011 03:55 PM, Chris Buechler wrote: On Wed, Jan 19, 2011 at 3:49 PM, Andy Graybeal andy.grayb...@casanueva.com wrote: Greetings pfsensei's, I'm wondering if I can install rsync onto my pfsense. I would like to rsync some files from a protected network up to the firewall, and send them over to my backup system which will eventually archive that data to tape. Is this possible? and is it safe? or is this a terrible idea? http://doc.pfsense.org/index.php/Installing_FreeBSD_Packages - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org /me bows. thanks Chris. -Andy - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] rsync install on pfsense
If the rsync daemon runs on pfsense, wouldnt that require the service to start on boot? Is that possible? Doesnt rc.conf gets deleted/resetted on boot? Vassilis Andy Graybeal wrote on 19.01.2011 22:00: On 01/19/2011 03:55 PM, Chris Buechler wrote: On Wed, Jan 19, 2011 at 3:49 PM, Andy Graybeal andy.grayb...@casanueva.com wrote: Greetings pfsensei's, I'm wondering if I can install rsync onto my pfsense. I would like to rsync some files from a protected network up to the firewall, and send them over to my backup system which will eventually archive that data to tape. Is this possible? and is it safe? or is this a terrible idea? http://doc.pfsense.org/index.php/Installing_FreeBSD_Packages - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org /me bows. thanks Chris. -Andy - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] USB Wifi nic
I have a vm running under esxi 4.1 that I need to pass in a usb wifi dongle. It's a dev environment so I am not too worried about the fact 1) it's a vm and b) passing the dongle in could be unstable. Would pfsense work happily with this so long as the chip in the dongle was on the HCL and supported AP mode? Thanks! jlc - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] rsync install on pfsense
On 01/19/2011 04:26 PM, Vassilis V. wrote: If the rsync daemon runs on pfsense, wouldnt that require the service to start on boot? Is that possible? Doesnt rc.conf gets deleted/resetted on boot? Vassilis I'm hoping to get away with it running in a cron job, I don't fully understand what you said, so I don't know if it makes a difference. -Andy - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] ShrewSoft
On 1/4/2011 12:55 AM, DuWayne Odom wrote: There must be something tiny that is being missed. h Obviously a late reply, but if you are using Shrew Soft version 2.1.7 or later you will need to set the policy generation mode to unique under the policy tab. -Matthew - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Re: Network Traffic difference
On Wed, Jan 19, 2011 at 9:44 PM, Shali K.R. sh...@vidyaacademy.ac.in wrote: sir .. In my pfsense traffic graphic shows WAN in 4 Mbps LAN out 1Mbps Why this differenceanything wrong with mypfsense? http://forum.pfsense.org/index.php/topic,31855.0.html For pcap use tcpdump on the pfsense console. bd - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Re: Network Traffic difference
Based on this tutorial http://doc.pfsense.org/index.php/Squid_Package_Tuningi had enabled microsoft updates but now i cleared all these from squid configuration but still its same as before On Thu, Jan 20, 2011 at 10:18 AM, David Burgess apt@gmail.com wrote: On Wed, Jan 19, 2011 at 9:44 PM, Shali K.R. sh...@vidyaacademy.ac.in wrote: sir .. In my pfsense traffic graphic shows WAN in 4 Mbps LAN out 1Mbps Why this differenceanything wrong with mypfsense? http://forum.pfsense.org/index.php/topic,31855.0.html For pcap use tcpdump on the pfsense console. bd - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org -- Thanks Regards Shali K R Server Administrator Vidya Academy of Science Technology Thrissur,Kerala. Mob:9846303531
