[pfSense Support] Install problem
I've tried to install pfSense in my machine (using the CD install) and it seemed to work fine. But, when I rebooted to run from the HD, all that appeared was a 2 line message saying: F1 load system F2 load system I didn't write down the exact message, so the one above is most likely not the exact one. But pressing anything but F1 did nothing at all. And pressing F1 made the system start loading only to stop 2 seconds later saying it couldn't find the kernel and stoppiong at the loader prompt. An ls command at this prompt gave me a no root system message. At the installation, I created a 20GB partition for pfSense. The hardware I am using is the following: CPU Celeron 2.8GHz (model 755, if I'm not mistaken) Mem 1GB DDR (64MB allocated to video) HD SAMSUNG SP0802N (80 GB) MB Intel D101GCC Video Integrated ATI Radeon X300 based graphics Lan1 integrated Realtek* 8101L Lan2 Realtek 8139 board Any ideas what I may have done wrong? Thank you, Roberto -- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Theme bug (was Install problem)
I've tried first just forcing the drive into LBA instead of auto, and this solved the problem. The only (small) problem that appeared was with the WebGUI interface. The default metallic theme gives me a rendering problem with windows/Firefox, in which the System and Diagnostics menus overlap. With the pfsense theme, Firefox works fine, but since I couldn't access the system menu, I had to do this switch with IE. The pfsense-dropdown theme gave me a similar problem, but instead System, I can't access the Diagnostics section. Did somebody else have this problem? Thank you very much, Marcos Roberto Greiner Holger Bauer wrote: > When the installer asks for "packetmode" (which is checked by default) > disable the checkbox. I guess it willwork then. I have seen the same problem > with some machines and unchecking "packetmode" always fixed it. Also make > sure your drive is set to "LBA" in the Bios and not "CHS" or "Auto". > > Holger > > >> -Original Message- >> From: Roberto Greiner [mailto:[EMAIL PROTECTED] >> Sent: Tuesday, August 01, 2006 3:36 PM >> To: support@pfsense.com >> Subject: [pfSense Support] Install problem >> >> >> I've tried to install pfSense in my machine (using the CD install) and >> it seemed to work fine. But, when I rebooted to run from the HD, all >> that appeared was a 2 line message saying: >> F1 load system >> F2 load system >> >> I didn't write down the exact message, so the one above is most likely >> not the exact one. But pressing anything but F1 did nothing >> at all. And >> pressing F1 made the system start loading only to stop 2 seconds later >> saying it couldn't find the kernel and stoppiong at the loader prompt. >> An ls command at this prompt gave me a no root system message. At the >> installation, I created a 20GB partition for pfSense. >> >> The hardware I am using is the following: >> CPU Celeron 2.8GHz (model 755, if I'm not mistaken) >> Mem 1GB DDR (64MB allocated to video) >> HD SAMSUNG SP0802N (80 GB) >> MB Intel D101GCC >> Video Integrated ATI Radeon X300 based graphics >> Lan1 integrated Realtek* 8101L >> Lan2 Realtek 8139 board >> >> Any ideas what I may have done wrong? >> >> Thank you, >> >> Roberto >> -- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Theme bug (was Install problem)
Scott Ullrich wrote: > On 8/1/06, Roberto Greiner <[EMAIL PROTECTED]> wrote: >> I've tried first just forcing the drive into LBA instead of auto, and >> this solved the problem. >> >> The only (small) problem that appeared was with the WebGUI interface. >> The default metallic theme gives me a rendering problem with >> windows/Firefox, in which the System and Diagnostics menus overlap. With >> the pfsense theme, Firefox works fine, but since I couldn't access the >> system menu, I had to do this switch with IE. The pfsense-dropdown theme >> gave me a similar problem, but instead System, I can't access the >> Diagnostics section. >> >> Did somebody else have this problem? >> >> Thank you very much, >> >> Marcos Roberto Greiner > > Hold down the CTRL key and use the mouse wheel to change the font > size. This should fix the problem. Indeed, that fixed the menus, but the rest of the screen got so small fonts that most of it can't be read. At least I can change the theme without using IE, but it's a shame, because the metallic theme looks very nice. Thank you very much, Marcos Roberto Greiner -- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Theme bug (was Install problem)
Holger Bauer wrote: > "CTRL+0" should set the default fontsize in firefox. This SHOULD display all > themes the right way. Actually Firefox is well tested as all the developers > use firefox on various OS's to test with. > > Holger > > >> -Original Message- >> From: Scott Ullrich [mailto:[EMAIL PROTECTED] >> Sent: Tuesday, August 01, 2006 5:33 PM >> To: support@pfsense.com >> Subject: Re: [pfSense Support] Theme bug (was Install problem) >> >> >> On 8/1/06, Roberto Greiner <[EMAIL PROTECTED]> wrote: >> >>> Indeed, that fixed the menus, but the rest of the screen >>> >> got so small >> >>> fonts that most of it can't be read. At least I can change the theme >>> without using IE, but it's a shame, because the metallic theme looks >>> very nice. >>> >> Not sure what that would be. Metallic shows up normally here on >> Firefox and IE. >> >> Scott >> PS: Large font support turned on in windows by chance? It wasn't exactly that. After some tweaking, I found that the default font in my Firefox was Times New Roman 18pts, when the usual is 16pts. I changed it to 16 pts, and everything jumped into place. Roberto -- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Kaiomy ethernet board
Hi, I'm trying to install pfSense (1.0rc2) on a machine, but one of the boards, despite being identified during installation, does not seem to work. The leds show no signal of traffic, and a ping to the gateway gets no answer, neither from other machines on the same network (it's not a firewall issue, I've checked). All I know about the board is that it's from a brand named 'Kaiomy', and pfSense labeled it as fwe0. Does somebody know if this board can be brought to work? Thank you, Roberto -- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Kaiomy ethernet board
Bill Marquette wrote: > On 9/25/06, Roberto Greiner <[EMAIL PROTECTED]> wrote: >> Hi, >> >> I'm trying to install pfSense (1.0rc2) on a machine, but one of the >> boards, despite being identified during installation, does not seem to >> work. The leds show no signal of traffic, and a ping to the gateway gets >> no answer, neither from other machines on the same network (it's not a >> firewall issue, I've checked). >> >> All I know about the board is that it's from a brand named 'Kaiomy', and >> pfSense labeled it as fwe0. >> >> Does somebody know if this board can be brought to work? > > That's the Firewire network driver. The BUGS section of it's man page > is kind of interesting. > > BUGS > This driver emulates Ethernet in a very adhoc way and it does not > reserve > a stream channel using an isochronous manager. Note that this driver > uses a protocol which is very different from RFC 2734 (IPv4 over IEEE > 1394). > > I wouldn't be the least bit surprised if this card doesn't work all > that well. BTW, are you sure that the Kaiomy really is the fwe > interface? :) Seems like it's probably your firewire card (assuming > you have one) not the Kaiomy NIC. > > --Bill Yes, actually the machine has 2 firewire interface, one onboard and one adicional card (don't ask, I wasn't the one who bought this machine :-P). I found a driver disk for the NIC, and it seems to be realtek based. I'm trying to force interface rl0, to see if it works. Thank you, Roberto -- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Kaiomy ethernet board
Forcing it to rl0 worked. It seems pfSense took some time to work it out (it took a few minutes until all started working), but it worked and pfSense is up and runnning. In any case, I followed your idea and disabled the onboard firewire. I can't remove the add-on board, because of warranty, but now that ot's working, that probably won't be a problem. Thank you for your help Roberto Holger Bauer wrote: > Disable the onboard firewire controller and remove the additional card. > Should cause less conflicts besides removing the confusion. > > Holger > > >> -Original Message- >> From: Roberto Greiner [mailto:[EMAIL PROTECTED] >> Sent: Monday, September 25, 2006 10:03 PM >> To: support@pfsense.com >> Subject: Re: [pfSense Support] Kaiomy ethernet board >> >> >> Bill Marquette wrote: >> >>> On 9/25/06, Roberto Greiner <[EMAIL PROTECTED]> wrote: >>> >>>> Hi, >>>> >>>> I'm trying to install pfSense (1.0rc2) on a machine, but one of the >>>> boards, despite being identified during installation, does >>>> >> not seem to >> >>>> work. The leds show no signal of traffic, and a ping to >>>> >> the gateway gets >> >>>> no answer, neither from other machines on the same network >>>> >> (it's not a >> >>>> firewall issue, I've checked). >>>> >>>> All I know about the board is that it's from a brand named >>>> >> 'Kaiomy', and >> >>>> pfSense labeled it as fwe0. >>>> >>>> Does somebody know if this board can be brought to work? >>>> >>> That's the Firewire network driver. The BUGS section of >>> >> it's man page >> >>> is kind of interesting. >>> >>> BUGS >>> This driver emulates Ethernet in a very adhoc way and >>> >> it does not >> >>> reserve >>> a stream channel using an isochronous manager. Note >>> >> that this driver >> >>> uses a protocol which is very different from RFC 2734 >>> >> (IPv4 over IEEE >> >>> 1394). >>> >>> I wouldn't be the least bit surprised if this card doesn't work all >>> that well. BTW, are you sure that the Kaiomy really is the fwe >>> interface? :) Seems like it's probably your firewire card (assuming >>> you have one) not the Kaiomy NIC. >>> >>> --Bill >>> >> Yes, actually the machine has 2 firewire interface, one >> onboard and one >> adicional card (don't ask, I wasn't the one who bought this >> machine :-P). >> >> I found a driver disk for the NIC, and it seems to be realtek >> based. I'm >> trying to force interface rl0, to see if it works. >> >> Thank you, >> >> Roberto >> >> -- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] kernel panic on 1.0RC2
Sorry to get into this post, but there is something bugging me here. I'm about to put into production a new server running the latest version of pfSense available at the page, which is rc2. Now, I'm seeing that if that version gives problems it won't be supported because it's old, and I'm supposed to use a daily snapshot instead? Roberto Holger Bauer wrote: Please upgrade to a most recent version: http://pfsense.com/~sullrich/1.0-SNAPSHOT-09-26-06/ We won't check for errors if they are not reported using the latest version. RC2 is quite old. Holger -Original Message- From: Rob Evers [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 27, 2006 9:37 AM To: support@pfsense.com Subject: [pfSense Support] kernel panic on 1.0RC2 Hi All, I have a strange problem on my firewall cluster, when I remove a carp address the firewall node locks up (repeatable), the machine is left with a panic message on the console, and can only be brought back to life with a reboot. After the reboot everything seems fine and the CARP address is removed. I have no idea how to debug this so can any of you give me pointers ? Attached is the output of the last dmesg The network card where the CARP address was configured is using the ste driver and is a 4-port D-link network adapter. The machines used are Dell PE2850 single processor HTT enabled. More information can be provided if necessary. TIA! Rob Evers -- "Intellectual Property" is nowhere near as valuable as "Intellect" - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- ------- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | ---
Re: [pfSense Support] kernel panic on 1.0RC2
Ok, but is there a date when RC3 could be expected? If it's close, then probably it would be better for me to wait a couple of days than to put in production the older version. Thank you, Roberto Holger Bauer wrote: > There have been some hundred codechanges form RC2 to the recent snaps ( see > http://cvstrac.pfsense.com/timeline ). RC2 actually is several weeks old now > and we are very close to RC3 (RC2 is dated in CVS 1st of august). As we only > fix bugs in the releng_1 codetree you can consider every new snapshot more > stable or including less bugs then a previous version. If you are > encountering problems of some sort you always should try to reproduce them > with the latest snapshot as they might be fixed already and why should we > look into problems just to find out "ah, that was fixed several weeks ago or > was related to a bug that was fixed weeks ago". > > Holger > > -Original Message- > From: Roberto Greiner [mailto:[EMAIL PROTECTED] > Sent: Wednesday, September 27, 2006 2:09 PM > To: support@pfsense.com > Subject: Re: [pfSense Support] kernel panic on 1.0RC2 > > > Sorry to get into this post, but there is something bugging me here. > > I'm about to put into production a new server running the latest version of > pfSense available at the page, which is rc2. Now, I'm seeing that if that > version gives problems it won't be supported because it's old, and I'm > supposed to use a daily snapshot instead? > > Roberto > > > Holger Bauer wrote: > Please upgrade to a most recent version: > http://pfsense.com/~sullrich/1.0-SNAPSHOT-09-26-06/ > We won't check for errors if they are not reported using the latest version. > RC2 is quite old. > > Holger > > > -Original Message- > From: Rob Evers [mailto:[EMAIL PROTECTED] > Sent: Wednesday, September 27, 2006 9:37 AM > To: support@pfsense.com > Subject: [pfSense Support] kernel panic on 1.0RC2 > > > Hi All, > > I have a strange problem on my firewall cluster, when I remove a carp > address the firewall node locks up (repeatable), the machine is left > with a panic message on the console, and can only be brought back to > life with a reboot. After the reboot everything seems fine > and the CARP > address is removed. I have no idea how to debug this so can any of you > give me pointers ? > > Attached is the output of the last dmesg > The network card where the CARP address was configured is > using the ste > driver and is a 4-port D-link network adapter. > The machines used are Dell PE2850 single processor HTT enabled. > > More information can be provided if necessary. > > TIA! > Rob Evers > > -- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] kernel panic on 1.0RC2
Yes, I know about the upgrade procedure. I was just thinking that if the new version was due to release, it would be no problem for me wait, say, a couple of days. But, since there is no exact date I will proceed with rc2. Thank you, Roberto Holger Bauer wrote: You can upgrade from a snap directly to RC3 when it becomes available (should be soon but no exact date yet). It only needs a reboot and a downtime for the reboot depending on the speed of your hardware. Holger -Original Message- From: Roberto Greiner [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 27, 2006 3:57 PM To: support@pfsense.com Subject: Re: [pfSense Support] kernel panic on 1.0RC2 Ok, but is there a date when RC3 could be expected? If it's close, then probably it would be better for me to wait a couple of days than to put in production the older version. Thank you, Roberto Holger Bauer wrote: There have been some hundred codechanges form RC2 to the recent snaps ( see http://cvstrac.pfsense.com/timeline ). RC2 actually is several weeks old now and we are very close to RC3 (RC2 is dated in CVS 1st of august). As we only fix bugs in the releng_ 1 codetree you can consider every new snapshot more stable or including less bugs then a previous version. If you are encountering problems of some sort you always should try to reproduce them with the latest snapshot as they might be fixed already and wh y should we look into problems just to find out "ah, that was fixed several weeks ago or was related to a bug that was fixed weeks ago". Holger -Original Message- From: Roberto Greiner [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 27, 2006 2:09 PM To: support@pfsense.com Subject: Re: [pfSense Support] kernel panic on 1.0RC2 Sorry to get into this post, but there is something bugging me here. I'm about to put into production a new server running the latest version of pfSense available at the page, which is rc2. Now, I'm seeing that if that version gives problems it won't be supported because it's old, and I'm supposed to use a daily snapshot instead? Roberto Holger Bauer wrote: Please upgrade to a most recent version: http://pfsense.com/~sullrich/1.0-SNAPSHOT-09-26-06/ We won't check for errors if they are not reported using the latest version. RC2 is quite old. Holger -Original Message- From: Rob Evers [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 27, 2006 9:37 AM To: support@pfsense.com Subject: [pfSense Support] kernel panic on 1.0RC2 Hi All, I have a strange problem on my firewall cluster, when I remove a carp address the firewall node locks up (repeatable), the machine is left with a panic message on the console, and can only be brought back to life with a reboot. After the reboot everything seems fine and the CARP address is removed. I have no idea how to debug this so can any of you give me pointers ? Attached is the output of the last dmesg The network card where the CARP address was configured is using the ste driver and is a 4-port D-link network adapter. The machines used are Dell PE2850 single processor HTT enabled. More information can be provided if necessary. TIA! Rob Evers -- ------- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | ---
[pfSense Support] User management
There is a feature in monowall that I can't seem to locate in pfSense, which is 'User Management'. Is it not available? (I'm using 1.0rc2). Thank you, Roberto -- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] msntp
hi, I've just installed rc3, and got a problem with ntp. I've tried adding the ntp server both as a name and as an IP address, but in the logs I keep getting the following message: Oct 2 15:33:41 teste msntp[12662]: msntp options: a=2 p=0 v=1 e=0.100 E=5.000 P=2147483647.000 Oct 2 15:33:41 teste msntp[12662]: d=18000 c=5 x=18000 op=1 l=/var/run/msntp.pid f=/var/db/msntp.state A.B.C.D Oct 2 15:33:41 teste msntp[12662]: msntp: bad daemon restart information Oct 2 15:33:41 teste msntp[12662]: msntp: unable to locate IP address/number Oct 2 15:33:41 teste msntp[12662]: msntp: Unknown error: 0 Putting a name gets the same message, just with the machine name instead of the A.B.C.D address. I'v also tried a rule in the firewall opening ntp udp port, using the ntp port both as source port and destination port, but it didn't work. Does anyone know what's happening? The message is beeing repeat every minute. Thank you, Roberto -- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] msntp (update)
I don't know exactly how or why, but after about 14 hours reporting errors, suddenly msntp decided to work and updated the timeinfo properly. Oct 3 14:52:53 msntp[82526]: msntp: 2006 Oct 03 14:52:53.381 + -0.000 +/- 0.217 secs Oct 3 14:52:53 msntp[82526]: msntp: after 4 hours 59 mins acc. 2 rej. 1 flush 0 max.off. -1.362 corr. -1.362 Oct 3 14:52:54 msntp[82526]: msntp: 2006 Oct 03 14:52:53.380 + 1.362 +/- 0.217 secs Oct 3 14:52:54 msntp[82526]: msntp: after 4 hours 59 mins acc. 1 rej. 1 flush 0 max.off. -8.169 corr. -8.169 Oct 3 14:52:54 msntp[82526]: msntp: packets out of order on socket 0 Oct 3 09:53:00 msntp[82526]: msntp: using NTP server .xxx.xx (A.B.C.D) Oct 3 09:53:00 msntp[82526]: msntp: bad daemon restart information Oct 3 09:53:00 msntp[82526]: d=18000 c=5 x=18000 op=1 l=/var/run/msntp.pid f=/var/db/msntp.state 143.107.151.2 Oct 3 09:53:00 msntp[82526]: msntp options: a=2 p=0 v=1 e=0.100 E=5.000 P=2147483647.000 Roberto Holger Bauer wrote: > We have some reports that msntp is randomly not working reliably at some > systems. We are testing a replacement for it right now. If everything works > well we'll roll out an update that will use another daemon to update the time > soon. > > Holger > > >> -Original Message- >> From: Alvaro Pietrobono [mailto:[EMAIL PROTECTED] >> Sent: Tuesday, October 03, 2006 9:42 AM >> To: support@pfsense.com >> Subject: Re: [pfSense Support] msntp >> >> >> Same installation of 1.0-RC3 (on WRAP) but msntp >> works fine... >> >> Oct 3 09:08:31 msntp[8889]: msntp: 2006 Oct 03 >> 09:08:31.947 + -0.000 ± >> 0.028 secs >> Oct 3 09:08:31 msntp[8889]: msntp: after 1.2 secs acc. >> 1 rej. 0 flush 0 >> max.off. 0.078 corr. 0.078 >> Oct 3 09:08:31 msntp[8889]: msntp: using NTP server ntp.ien.it >> (193.204.114.105) >> Oct 3 09:08:31 msntp[8889]: msntp: different >> parameters for restart >> Oct 3 09:08:31 msntp[8889]: d=18000 c=5 x=18000 op=1 >> l=/var/run/msntp.pid >> f=/var/db/msntp.state 193.204.114.105 >> Oct 3 09:08:30 msntp[8889]: msntp options: a=2 p=0 v=1 >> e=0.100 E=5.000 >> P=2147483647.000 >> >> ~A >> >> >> >> - Original Message - >> From: "Scott Ullrich" <[EMAIL PROTECTED]> >> To: >> Sent: Monday, October 02, 2006 9:12 PM >> Subject: Re: [pfSense Support] msntp >> >> >> >>> On 10/2/06, Roberto Greiner <[EMAIL PROTECTED]> wrote: >>> >>>> hi, >>>> >>>> I've just installed rc3, and got a problem with ntp. >>>> >>>> I've tried adding the ntp server both as a name and as an >>>> >> IP address, >> >>>> but in the logs I keep getting the following message: >>>> >>>> Oct 2 15:33:41 teste msntp[12662]: msntp options: a=2 p=0 >>>> >> v=1 e=0.100 >> >>>> E=5.000 P=2147483647.000 >>>> Oct 2 15:33:41 teste msntp[12662]: d=18000 c=5 x=18000 op=1 >>>> l=/var/run/msntp.pid f=/var/db/msntp.state A.B.C.D >>>> Oct 2 15:33:41 teste msntp[12662]: msntp: bad daemon >>>> >> restart information >> >>>> Oct 2 15:33:41 teste msntp[12662]: msntp: unable to locate IP >>>> address/number >>>> Oct 2 15:33:41 teste msntp[12662]: msntp: Unknown error: 0 >>>> >>>> Putting a name gets the same message, just with the >>>> >> machine name instead >> >>>> of the A.B.C.D address. I'v also tried a rule in the >>>> >> firewall opening >> >>>> ntp udp port, using the ntp port both as source port and >>>> >> destination >> >>>> port, but it didn't work. Does anyone know what's >>>> >> happening? The message >> >>>> is beeing repeat every minute. >>>> >>>> >>> Thanks for the report. I'll look into it. At this point I am >>> strongly leaning toward dumping MSNTP and replacing it with a sane >>> program. >>> >>> Scott >>> -- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Script Errors
Hi, I'm getting a script error on the captive portal page. I'm making a test run with 1.0rc3, and in my test I added a 10 minutes "idle timeout" limit and a 30 minutes "Hard Timeout" (the small values are for the test run only!). When I pressed the save button, I got a blank page with the following line: Fatal error: Call to undefined function: getvolume() in /usr/local/captiveportal/radius_accounting.inc on line 164 Captive portal has the following other settings: * *Enable logaout popup window is enabled Radius Authentication (only primary server) send Radius Accounting packets Enable HTTPS login HTTPS server name is filled, certificate and key windows have the proper keys. A portal page is set All the rest is empty or not set. The machine is a 2.4 Xeon, with a 74GB Sata disk e 1GB RAM. Also, the "Halt" and "Reboot" options in the Diagnostics menus don't seem to be working. With the reboot command, I got the usual message "The system is rebooting now. This may take a minute." But after 5 minutes the system had not initiated the reboot and all the services where still operating normally. No reboot was done. With the "Halt" option, I got again the following message: Fatal error: Call to undefined function: getvolume() in /usr/local/captiveportal/radius_accounting.inc on line 164 When I tried to reboot the machine with a "/sbin/reboot" from the Diagnostics/Command screen, the webinterface and the server keyboard ceased to answer. I tried the Power button, and to my surprise the machine started a normal shutdown. So I couldn't verify if all functions where still working properly. To be sure, I tried to reboot again 5 minutes later, and the same thing happened. The halt command gave me the error message from above again. This time I tried /sbin/halt instead of reboot, but the same thing happened: The web interface stopped working, the machine keyboard too, and pressing the power button made the machine start a shutdown. Besides that, another service that is giving me the same "Call to undefined function" error message as above is trying to disconnect a user through the Status/Captive Portal screen. I get the message and the user is not disconnected. Roberto -- ------- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Script Errors
Scott Ullrich wrote: > Please try and upload this fix: > http://www.pfsense.com/~sullrich/pfSense-1.0-RC3d-Full-Embedded.tgz to > System -> Firmware. I installed the update, but now I'm getting the following error: Fatal error: Call to undefined function: bcmod() in /usr/local/captiveportal/radius_accounting.inc on line 305 I'm getting it both at the Services/Captive Portal screen and when trying to disconnect users at Status/Captive Portal > > In terms of the reboot and halt issues, this is generally ACPI > related, make sure your BIOS is up to date and check out > http://wiki.pfsense.com/wikka.php?wakka=BootOptions and > http://wiki.pfsense.com/wikka.php?wakka=BootTroubleShooting > > Scott > I will try it next. Tks Roberto > > > On 10/5/06, Roberto Greiner <[EMAIL PROTECTED]> wrote: >> Hi, >> >> I'm getting a script error on the captive portal page. I'm making a test >> run with 1.0rc3, and in my test I added a 10 minutes "idle timeout" >> limit and a 30 minutes "Hard Timeout" (the small values are for the test >> run only!). When I pressed the save button, I got a blank page with the >> following line: >> >> Fatal error: Call to undefined function: getvolume() in >> /usr/local/captiveportal/radius_accounting.inc on line 164 >> >> Captive portal has the following other settings: >> * >> *Enable logaout popup window is enabled >> Radius Authentication (only primary server) >> send Radius Accounting packets >> Enable HTTPS login >> HTTPS server name is filled, certificate and key windows have the proper >> keys. >> A portal page is set >> >> All the rest is empty or not set. >> >> The machine is a 2.4 Xeon, with a 74GB Sata disk e 1GB RAM. >> >> Also, the "Halt" and "Reboot" options in the Diagnostics menus don't >> seem to be working. With the reboot command, I got the usual message >> "The system is rebooting now. This may take a minute." But after 5 >> minutes the system had not initiated the reboot and all the services >> where still operating normally. No reboot was done. With the "Halt" >> option, I got again the following message: >> >> Fatal error: Call to undefined function: getvolume() in >> /usr/local/captiveportal/radius_accounting.inc on line 164 >> >> When I tried to reboot the machine with a "/sbin/reboot" from the >> Diagnostics/Command screen, the webinterface and the server keyboard >> ceased to answer. I tried the Power button, and to my surprise the >> machine started a normal shutdown. So I couldn't verify if all functions >> where still working properly. >> >> To be sure, I tried to reboot again 5 minutes later, and the same thing >> happened. The halt command gave me the error message from above again. >> This time I tried /sbin/halt instead of reboot, but the same thing >> happened: The web interface stopped working, the machine keyboard too, >> and pressing the power button made the machine start a shutdown. >> >> Besides that, another service that is giving me the same "Call to >> undefined function" error message as above is trying to disconnect a >> user through the Status/Captive Portal screen. I get the message and the >> user is not disconnected. >> >> Roberto -- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Script Errors
Roberto Greiner wrote: > Scott Ullrich wrote: > >> Please try and upload this fix: >> http://www.pfsense.com/~sullrich/pfSense-1.0-RC3d-Full-Embedded.tgz to >> System -> Firmware. >> > I installed the update, but now I'm getting the following error: > > Fatal error: Call to undefined function: bcmod() in > /usr/local/captiveportal/radius_accounting.inc on line 305 > > I'm getting it both at the Services/Captive Portal screen and when > trying to disconnect users at Status/Captive Portal > >> In terms of the reboot and halt issues, this is generally ACPI >> related, make sure your BIOS is up to date and check out >> http://wiki.pfsense.com/wikka.php?wakka=BootOptions and >> http://wiki.pfsense.com/wikka.php?wakka=BootTroubleShooting >> >> Scott >> >> > I will try it next. > I didn't make the update, but it won't work, because the only change in the latest bios for my board is an update for the LAN adapter. Anyway, I tried adding the line to disable ACPI, but it didn't help either. Anyway, an interesting bit is that when trying to reboot from the console, I'm getting the same "undefined function: bcmod()" error message as I mentioned above. After that, the reboot (or halt, the result is the same) aborts and the console returns immediately to the normal menu. Roberto >> On 10/5/06, Roberto Greiner <[EMAIL PROTECTED]> wrote: >> >>> Hi, >>> >>> I'm getting a script error on the captive portal page. I'm making a test >>> run with 1.0rc3, and in my test I added a 10 minutes "idle timeout" >>> limit and a 30 minutes "Hard Timeout" (the small values are for the test >>> run only!). When I pressed the save button, I got a blank page with the >>> following line: >>> >>> Fatal error: Call to undefined function: getvolume() in >>> /usr/local/captiveportal/radius_accounting.inc on line 164 >>> >>> Captive portal has the following other settings: >>> * >>> *Enable logaout popup window is enabled >>> Radius Authentication (only primary server) >>> send Radius Accounting packets >>> Enable HTTPS login >>> HTTPS server name is filled, certificate and key windows have the proper >>> keys. >>> A portal page is set >>> >>> All the rest is empty or not set. >>> >>> The machine is a 2.4 Xeon, with a 74GB Sata disk e 1GB RAM. >>> >>> Also, the "Halt" and "Reboot" options in the Diagnostics menus don't >>> seem to be working. With the reboot command, I got the usual message >>> "The system is rebooting now. This may take a minute." But after 5 >>> minutes the system had not initiated the reboot and all the services >>> where still operating normally. No reboot was done. With the "Halt" >>> option, I got again the following message: >>> >>> Fatal error: Call to undefined function: getvolume() in >>> /usr/local/captiveportal/radius_accounting.inc on line 164 >>> >>> When I tried to reboot the machine with a "/sbin/reboot" from the >>> Diagnostics/Command screen, the webinterface and the server keyboard >>> ceased to answer. I tried the Power button, and to my surprise the >>> machine started a normal shutdown. So I couldn't verify if all functions >>> where still working properly. >>> >>> To be sure, I tried to reboot again 5 minutes later, and the same thing >>> happened. The halt command gave me the error message from above again. >>> This time I tried /sbin/halt instead of reboot, but the same thing >>> happened: The web interface stopped working, the machine keyboard too, >>> and pressing the power button made the machine start a shutdown. >>> >>> Besides that, another service that is giving me the same "Call to >>> undefined function" error message as above is trying to disconnect a >>> user through the Status/Captive Portal screen. I get the message and the >>> user is not disconnected. >>> >>> Roberto >>> > > > -- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Script Errors
Scott Ullrich wrote: > Update reposted. Please download again and upload to System -> Firmware. > I'm getting a corrupt image error. Something is wrong with this image. Roebrto -- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Script Errors
I just installed the image, and the bugs seem to be ironed out. Thank you very much Roberto Scott Ullrich wrote: > Alright, the latest version I just posted should hopefully do the > trick. Just tested it at work. > > Scott > > > On 10/5/06, Roberto Greiner <[EMAIL PROTECTED]> wrote: >> Scott Ullrich wrote: >> > Update reposted. Please download again and upload to System -> >> Firmware. >> > >> >> I'm getting a corrupt image error. Something is wrong with this image. >> >> Roebrto >> -- ----------- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Radius Session-Timeout
I've made a test with the Radius Session-Timeout attributes, but somehow it didn't work. First I tried using the "Hard timeout" option from the Captive Portal page, and after 45 minutes, as I had programmed, the client was disconnected. After that, I left the Hard timeout field blank and enabled the "Use RADIUS Session-Timeout attributes", but nothing happened. The radius server is sending the attributes with a value of 28800 (8 hours), but the user wasn't disconnected. I tried the same thing again again reducing the time to 1800 (30 minutes), then to 900 (15 minutes), but again the client wasn't disconnected. I've checked the reply packets from the radius server (Freeradius 1.1.3), and the Session-Timeout attribute is being sent properly. The Radius is sending the following attributes, along with the authorization: Framed-Compression=Van-Jacobsen-TCP-IP Framed-Protocol=PPP Service-Type=Framed-User Framed-MTU=1500 Session-Timeout=1800 In short, using the "Hard Timeout" options seems to be working properly, but "Use RADIUS Session-Timeout attributes" is not. Roberto -- ----------- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Radius Session-Timeout
Ok, monday morning I will try it. The system is scheduled to enter production midday, but before that I can still tinker with it. As soon as it's done I will report it. Roberto Holger Bauer wrote: > As you seem to have a testsetup available please can you test reauthenticate > user every minute and accounting too and report back? > > Holger > > >> -Original Message- >> From: Roberto Greiner [mailto:[EMAIL PROTECTED] >> Sent: Friday, October 06, 2006 5:25 PM >> To: support@pfsense.com >> Subject: [pfSense Support] Radius Session-Timeout >> >> >> I've made a test with the Radius Session-Timeout attributes, >> but somehow >> it didn't work. >> >> First I tried using the "Hard timeout" option from the Captive Portal >> page, and after 45 minutes, as I had programmed, the client was >> disconnected. After that, I left the Hard timeout field blank and >> enabled the "Use RADIUS Session-Timeout attributes", but nothing >> happened. The radius server is sending the attributes with a value of >> 28800 (8 hours), but the user wasn't disconnected. >> >> I tried the same thing again again reducing the time to 1800 (30 >> minutes), then to 900 (15 minutes), but again the client wasn't >> disconnected. I've checked the reply packets from the radius server >> (Freeradius 1.1.3), and the Session-Timeout attribute is being sent >> properly. The Radius is sending the following attributes, >> along with the >> authorization: >> >> Framed-Compression=Van-Jacobsen-TCP-IP >> Framed-Protocol=PPP >> Service-Type=Framed-User >> Framed-MTU=1500 >> Session-Timeout=1800 >> >> In short, using the "Hard Timeout" options seems to be >> working properly, >> but "Use RADIUS Session-Timeout attributes" is not. >> >> Roberto >> >> -- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Fwd: Re: [pfSense Support] Radius Session-Timeout]
Holger, I've enabled the "Reauthenticate connected users every minute", and apparently it's working. I'm getting a new "login OK" message in the freeradius box every minute, and the user is working normally. Th only strange thing is that when I enabled this option, I got the following message in the logs: Oct 9 09:51:18 teste pftpx[470]: #175 client write error: 34 Which is quite odd, since I dont recall installing ftp services in the box. Of course, It may also be a coincidence that this message apeared about the same time I enabled this option. It's an interesting feature, but brings a problem: On our box we have about 100-200 simultaneous users. With that many users, the log files in the radius box would become useless, due to the flooding of continuous reauthentication messages. :-( About accounting, i have it enabled and intend to use in production. Unless I did understand something incorrectly, the accounting messages are reaching the radius server as expected. RobertoOn 10/6/06, Roberto Greiner < [EMAIL PROTECTED]> wrote:> Ok,>> monday morning I will try it. The system is scheduled to enter> production midday, but before that I can still tinker with it. As soon> as it's done I will report it. >> Roberto>> Holger Bauer wrote:> > As you seem to have a testsetup available please can you test reauthenticate user every minute and accounting too and report back?> >> > Holger> >> >> >> -Original Message-> >> From: Roberto Greiner [mailto: [EMAIL PROTECTED]]> >> Sent: Friday, October 06, 2006 5:25 PM> >> To: support@pfsense.com> >> Subject: [pfSense Support] Radius Session-Timeout > >>> >>> >> I've made a test with the Radius Session-Timeout attributes,> >> but somehow> >> it didn't work.> >>> >> First I tried using the "Hard timeout" option from the Captive Portal > >> page, and after 45 minutes, as I had programmed, the client was> >> disconnected. After that, I left the Hard timeout field blank and> >> enabled the "Use RADIUS Session-Timeout attributes", but nothing > >> happened. The radius server is sending the attributes with a value of> >> 28800 (8 hours), but the user wasn't disconnected.> >>> >> I tried the same thing again again reducing the time to 1800 (30 > >> minutes), then to 900 (15 minutes), but again the client wasn't> >> disconnected. I've checked the reply packets from the radius server> >> (Freeradius 1.1.3), and the Session-Timeout attribute is being sent > >> properly. The Radius is sending the following attributes,> >> along with the> >> authorization:> >>> >> Framed-Compression=Van-Jacobsen-TCP-IP> >> Framed-Protocol=PPP > >> Service-Type=Framed-User> >> Framed-MTU=1500> >> Session-Timeout=1800> >>> >> In short, using the "Hard Timeout" options seems to be> >> working properly, > >> but "Use RADIUS Session-Timeout attributes" is not.> >>> >> Roberto> >>> >>-- -- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | ---
[pfSense Support] System overload
Hi, today I tried to put one PfSense machine into production, but got into some strange problems. After connecting the machine to the network it should work with, during the boot process the system started to display several tim the message: ipfw: rule 3600 does not exist And it kept displaying that message, about once per second for almost 2 minutes. any idea what could cause this? Also, the same machine, after about 10 minutes slowed down to the extreme, to a point where no connection was possible at all, wheter to the webconfigurator or to the network through the machine. At the console, I managed to open a console and then execute a " top" command. Just waiting for this took about 2 minutes, and when it opened, it displayed loads varying from 3 to 20, showing only instances of lighttp and php. Despite that, the processor was showing an idle level of about 70%. The disk led was also blinking like mad. When I managed to order a reboot command, after a few moments the console started to display the following message: swap_pager_getswapspace(n): failed This messages was repeated dozens of times per second, with n varying usually between 2 and 10. The reboot process did not work. After some time I had to force the shutdown through the power button. Any ideas of what could have gone wrong? Hardware used: Asus PC-DL mainboard Intel Xeon 2.4 GHz 1 GB RAM 72GB SCSI Disk 2 ethernet, 1 on-board, 1 in dedicated board -- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | ---
Re: [pfSense Support] System overload
On 10/9/06, Scott Ullrich <[EMAIL PROTECTED]> wrote: I have no idea about this one.. However the ipfw messages are relatedto the captive portal.swap_pager_getswapspace(n): failed means you have run out of ram. Which is quite odd, since the machine has almost 1GB of RAM (64MB gone for video). All that I can think of is run a top and post the output when it goes nuts. Unfortunately this is no longer possible. I've placed the Monowall machine back into production, and I can't reproduce the problem outside of the production environment, but as I said, all that appeared on top where instances of lighttpd and php. Roberto-- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | ---
[pfSense Support] old problem identified, new one found (was: System overload)
Hi,about two weeks ago I posted a message about an installation that started trashing the disk for swap, despite having plenty of RAM (1GB) and placed a message saying it probably was a HD malfuntion. I managed to isolate the real problem. For some reason, the pfSense install detected the HD geometry incorrectly. It was reporting the values 155035/16/255, when the correct values where 9729/255/63. For some reason it managed to install anyway, but the results, as mentioned, wheren't quite good. After inserting the correct values, I managed to make a full install and no new error messages are being genereated from the disk. The weird part is that a FreeBSD 6.1 install I made yesterday detected the correct values. The hardware I'm using is the following: Hardware used: Asus PC-DL mainboard Intel Xeon 2.4 GHz 1 GB RAM80GB Seagate SATA disk 2 ethernet, 1 on-board, 1 in dedicated boardOn the other side I'm having a strange problem with the system time. Brazil is in the moment in a peculiar situation, where summer time has been postponed in a couple of weeks due to the elections (don't ask! :-P). In a "normal" year, last weekend should have been the start of summer time. Since it's not the case this year, I used a different place as reference for time. Usually it should have been America/Sao Paulo, but had to use America/Belem, since that city does not have summer time. Now I getting some weird behavior in my logs. Some messages are apearing with normal time, other are appearing with UTC time, as can bee seen here: Oct 18 16:46:56 check_reload_status: reloading filter Oct 18 16:46:50 check_reload_status: reloading filter Oct 18 16:46:10 check_reload_status: reloading filter Oct 18 13:45:05 php: : Creating rrd graph index Oct 18 13:45:05 php: : Creating rrd update script Oct 18 16:44:58 check_reload_status: webConfigurator restart in progress Oct 18 16:44:53 php: /system_advanced.php: webConfigurator certificates have changed. Restarting webConfigurator. Oct 18 15:35:20 check_reload_status: reloading filter Oct 18 12:35:16 syslogd: kernel boot file is /boot/kernel/kernel Oct 18 15:35:16 syslogd: exiting on signal 15 Oct 18 15:33:44 kernel: ipfw2 (+ipv6) initialized, divert loadable, rule-based forwarding enabled, default to accept, logging disabled Oct 18 12:30:14 dhcpd: For info, please visit http://www.isc.org/sw/dhcp/ Oct 18 12:30:14 dhcpd: All rights reserved. Oct 18 12:30:14 dhcpd: Copyright 2004-2006 Internet Systems Consortium. Oct 18 12:30:14 dhcpd: Internet Systems Consortium DHCP Server V3.0.4 Oct 18 12:30:12 dhcpd: Address range 192.168.1.100 to 192.168.1.199 not on net 172.16.0.0/255.255.0.0! Oct 18 12:30:12 dhcpd: Address range 192.168.1.100 to 192.168.1.199 not on net 172.16.0.0/255.255.0.0! Oct 18 12:30:12 dhcpd: For info, please visit http://www.isc.org/sw/dhcp/ Oct 18 12:30:12 dhcpd: All rights reserved. Oct 18 12:30:12 dhcpd: Copyright 2004-2006 Internet Systems Consortium. Oct 18 12:30:12 dhcpd: Internet Systems Consortium DHCP Server V3.0.4 Oct 18 15:28:53 check_reload_status: reloading filter Oct 18 15:28:48 check_reload_status: reloading filterAny idea of what could be happening here?Thank you, Roberto-- -- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | ---
[pfSense Support] Captive portal leak?
Hi,I running a test on pfSense. I've added a single machine to the lan port, connected it, and configured Captive Portal to a 120 minutes hard timeout. sure enough, the user was disconnected. The problem is that the aplication I left running continued to communicate. The application is bittorrent sharing a Knoppix torrent. -- -- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | ---
[pfSense Support] Captive portal leak?
Sorry, the previous message was incomplete. Gmail usage inexperience :-(Hi,I running a test on pfSense. I've added a single machine to the LAN port, and connected a user after configuring Captive Portal to a 120 minutes hard timeout. Sure enough, the user was disconnected after the timeout period. The problem is that the aplication I left running on the client continued to communicate. The application is bittorrent sharing a Knoppix torrent. The upload speed was about 170KB/sIs that the suposed behavior? Should Captive portal block all conections from the disconnected user or only new connections? The behavior I'm seeing indicates the second case. Is that correct? Thank you,Marcos Roberto Greiner-- -- --- | Marcos Roberto Greiner| | | | Os otimistas acham que estamos no melhor dos mundos | | Os pessimistas tem medo de que isto seja verdade | | Murphy| --- | [EMAIL PROTECTED] | ---
[pfSense Support] ntop package
Hi,
I'm having a small problem with the ntop package. I installed it and it
works fine, but the admin password does not work. When I try to enter in
the Admin/configure menus, it asks for a login, but anything I've tried
was refused. I tried to reset the password through Diagnostics/ntop
settings is the pfsense menus, and also directly through the command
line, neither of which got me access to the setup menus of ntop. Does
somebody know if there is a fixed password, or some bug in that package?
Thank you,
Roberto Greiner
--
-
Marcos Roberto Greiner
Os otimistas acham que estamos no melhor dos mundos
Os pessimistas tem medo de que isto seja verdade
Murphy
-
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Captive Portal bug + resource
Him
I was doing a small test with the captive portal, and noticed a minor
glitch with the setup pages. In the Services/Captive Portal/Allowed IP
Addresses, when clicking to add a new IP, if you simply click save
without adding anything, the error message appears out of place, thrown
to the right side, when using firefox (I'm using 1.5, didn't test with
2.0). IE 6 renders the page properly.
Also about the captive portal, is it possible to send messages to
devices (like snmp) when a user logs in to the portal, or when he fails
to log?
Thank you,
Marcos Roberto Greiner
--
-
Marcos Roberto Greiner
Os otimistas acham que estamos no melhor dos mundos
Os pessimistas tem medo de que isto seja verdade
Murphy
-
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Captive Portal bug + resource
Holger Bauer wrote: > You only can log the portal auth events by using a remote syslogserver. > See status>systemlogs, settings. SNMP is not supported for this. > Actually I was not referring to logs. I was thinking of something like sending to an AP a SNMP message saying to block the user if it fails authentication. Is something like that possible? Thank you, Roberto > Holger > > -Original Message- > From: Roberto Greiner [mailto:[EMAIL PROTECTED] > Sent: Monday, December 11, 2006 1:50 PM > To: support@pfsense.com > Subject: [pfSense Support] Captive Portal bug + resource > > Him > > I was doing a small test with the captive portal, and noticed a minor > glitch with the setup pages. In the Services/Captive Portal/Allowed IP > Addresses, when clicking to add a new IP, if you simply click save > without adding anything, the error message appears out of place, thrown > to the right side, when using firefox (I'm using 1.5, didn't test with > 2.0). IE 6 renders the page properly. > > Also about the captive portal, is it possible to send messages to > devices (like snmp) when a user logs in to the portal, or when he fails > to log? > -- ----- Marcos Roberto Greiner Os otimistas acham que estamos no melhor dos mundos Os pessimistas tem medo de que isto seja verdade Murphy - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Partitioning question
Hi,
I;m trying to install 1.2Beta in a test machine that already has other
systems installed (a Debian 4.0). The problem I'm having is that in the
partitioning step, the installer does not accept the size of the linux
partitions, saying that they are not a multiple of 1008. But I KNOW the
partitions are correct. The installer insists on shrinking or expanding
the partition. Isn't there a way to make pfSense just leave that
partition alone and proceed installing in the FreeBSD partition I've
created? Debian is in partition 1, FreeBSD was create as partition 5.
--
-
Marcos Roberto Greiner
Os otimistas acham que estamos no melhor dos mundos
Os pessimistas tem medo de que isto seja verdade
Murphy
-
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Strange Squid side effect
I'm making some testes with pfSense (1.2Beta1), and got something
curious with Squid.
I've enabled the squid package as transparent proxy, allocating 1GB,
24MB as memory cache size and 8KB as maximum object size. All the rest I
left unchanged.
I also had configured traffic shaping using the traffic shaper wizard,
limiting p2p to 512kbps.
After 24 hours testing the p2p shaping I decided to test an http
download of two CD ISO images (simultaneous download). I got a good
download speed of ~50Mbps (the client is directly connected to pfSense,
and the file server is in our IDC), but the CPU of the pfSense machine
got to ~80-90% load. With a quick check, I identified squid as being the
reason for the overload. Here comes the strange part:
When I uninstalled squid, the download speed dropped to ~12-15Mbps. The
CPU load was gone, but for some reason the performance dropped too. I've
double checked the performance test, and the results repeated themselves.
In theory, since I set squid to ignore objects with more than 8KB, it
should not affect neither CPU nor down-speed in this case, but it is,
and in a most curious way. Any ideas?
Roberto
--
-
Marcos Roberto Greiner
The optimists believe we are in the best of worlds
The pessimists are afraid that this is true
Murphy
-
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Captive portal 'file manager' files not visible
I'm making a test with 1.2Beta1, and got a problem with the captive
portal. I added two files in the file manager section with the name
starting with 'captiveportal-', and added references to those two files
(one a .gif image named captiveportal-semfio_logo.gif, the other an
.html iframe file named captiveportal-noticias.html) in the 'Portal page
contents' file. It's exactly the same structure I used in the 1.0
pfSense and it worked. But with 1.2B1 I'm getting a 404 error for both
files when a client opens the captive portal screen. Did somebody else
get such a problem?
Any help is welcome.
Thank you,
Marcos Roberto Greiner
--
---------
Marcos Roberto Greiner
Os otimistas acham que estamos no melhor dos mundos
Os pessimistas tem medo de que isto seja verdade
Murphy
-
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] PPTP passthrough
Hi,
I'm trying to make a small setup with VPN-PPTP.
I have a PopTop server (in my valid network, not behind pfSense). The
problem I have is that when clients behind pfSense try to connect, only
the first one manages to open a tunnel. The second one gets an error
(the client says error 619, "The port was disconnected."). In the PopTop
logs I get the following messages:
Jun 27 10:29:18 server_name pptpd[12198]: GRE:
read(fd=6,buffer=804e560,len=8196) from PTY failed: status = -1 error =
Input/output error, usually
caused by unexpected termination of pppd, check option syntax and pppd logs
Jun 27 10:29:18 server_name pptpd[12198]: CTRL: PTY read or GRE write
failed (pty,gre)=(6,7)
Jun 27 10:29:18 server_name pptpd[12198]: CTRL: Reaping child PPP[12199]
Jun 27 10:29:18 server_name pptpd[12198]: CTRL: Client
pfSense_IP_address control connection finished
I know that PPTP and NAT have a problem in dealing with one another
(actually, it's GRE with NAT). Is there any setup or something alike I
can activate so that pfSense makes this work? With Linux, it's hard but
doable (actually, run /sbin/modprobe/ip_conntrack and a couple other
iptables modules. The pain is to find this out), but I don't know if
it's possible with FreeBSD/pfSense.
Thank you,
Marcos Roberto Greiner
--
---------
Marcos Roberto Greiner
Os otimistas acham que estamos no melhor dos mundos
Os pessimistas tem medo de que isto seja verdade
Murphy
-
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] radius secondary server - no accounting
I'm having a small issue with the use of the "Secondary RADIUS server"
option in the captive portal. The feature itself is working, but no
accounting is being sent, only the authentication itself.
When I point pfsense directly to the secondary server (actually using it
as primary), the accounting is sent properly. I've checked running
freeradius -X and confirmed it: The accounting simply isn't sent when
the server is used as secondary radius.
My test consisted in blocking Radius packets in the primary server with
iptables (to simulate a primary server failure). To double check, I
enabled logging of packets in the primary server iptables for packets
coming from the pfsense server, and after the pfsense server switched to
the secondary radius and managed to authenticate there, it still sent
the accounting packets to the primary radius, never trying to send them
to the secondary.
I'm using 1.2-BETA-1-TESTING-SNAPSHOT-07-02-2007, and both the radius
servers are freeradius 1.1.6 running on Debian 4.0 box.
Thank you,
Roberto Greiner
--
-----
Marcos Roberto Greiner
Os otimistas acham que estamos no melhor dos mundos
Os pessimistas tem medo de que isto seja verdade
Murphy
-
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Interface Assignment Mismatch
I'm having a problem with the installation of pfSense 1.2RC2
After booting with the live CD, immediately after assigning the network
interfaces, the software complains with the message 'Interface
Assignment Mismatch', and restarts the assignment procedure. I've tried
typing the names of the interfaces (I'm using only the two names the
installer gave me: rl0 and em0), inverting the interfaces (em0 as WAN
instead of LAN), and also using the auto-detect procedure, the result is
always the same.
One of the interfaces is on-board (em0), the other is an add-on (rl0).
The machine is a Xeon 2.6 with 512MB RAM, a 160GB SATA disk, the
ethernet interfaces are one Intel PRO/1000 (onboard) and one RealTek
RTL8139 (add-on)
The board has one onboard firewire interface, but it's disabled.
I had tried first with 1.2Beta3 (I already had a CD-R, and intended to
make the upgrade later), but after the error appeared I downloaded RC2,
but result was the same. The machine is currently running Debian Etch (I
intended to overwrite that install), and does not seem to have hardware
problems.
Any idea of what may be happening?
--
-----
Marcos Roberto Greiner
Os otimistas acham que estamos no melhor dos mundos
Os pessimistas tem medo de que isto seja verdade
Murphy
-
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] DHCP log error
I'm testing pfsense (version 1.2Beta2, on a Xeon 1.6GHz, 1GB RAM) to replace a monowall box in our network, but got a strange problem. One of the test clients I'm using, an old Acer notebook (P3-1000, 256MB RAM), , is not showing up in the DHCP leases list. The machine get the IP normally, I receive the captive portal without any problem, log-in, navigate and everything without problems. The login appears in the 'status/captive portal' page with the dynamic IP, but int the 'status/DHCP Leases' page, the lease does not appear. The problem remains, wheter I load the notebook with Windows XP or Linux-Debian-Etch. Also, If I load Windows, I'm getting the IP 172.18.30.1, with Linux I'm getting 172.18.255.252 (the DHCP configured range is 172.18.20.1-172.18.255.254). In both cases the network works, the IP appears in 'Status/Captive Portal', but not in 'Status/DHCP Leases'. In both cases, the system logs for DHCP show that the lease has worked properly (attached to the end of mail). Any ideas what may be wrong? Thanks, Marcos Roberto Greiner DHCP Lease when in Windows: Sep 13 10:09:19 dhcpd: DHCPOFFER on 172.18.30.1 to 00:02:2d:5b:58:55 (usp-aca13fde673) via em1 Sep 13 10:09:19 dhcpd: DHCPREQUEST for 172.18.30.1 (172.18.0.1) from 00:02:2d:5b:58:55 (usp-aca13fde673) via em1 Sep 13 10:09:19 dhcpd: DHCPACK on 172.18.30.1 to 00:02:2d:5b:58:55 (usp-aca13fde673) via em1 Sep 13 10:11:42 dhcpd: DHCPINFORM from 172.18.30.1 via em1 Sep 13 10:11:42 dhcpd: DHCPACK to 172.18.30.1 (00:02:2d:5b:58:55) via em1 Sep 13 10:11:45 dhcpd: DHCPINFORM from 172.18.30.1 via em1 Sep 13 10:11:45 dhcpd: DHCPACK to 172.18.30.1 (00:02:2d:5b:58:55) via em1 Sep 13 10:13:07 dhcpd: DHCPINFORM from 172.18.30.1 via em1 Sep 13 10:13:07 dhcpd: DHCPACK to 172.18.30.1 (00:02:2d:5b:58:55) via em1 Sep 13 10:13:10 dhcpd: DHCPINFORM from 172.18.30.1 via em1 Sep 13 10:13:10 dhcpd: DHCPACK to 172.18.30.1 (00:02:2d:5b:58:55) via em1 Sep 13 10:13:56 dhcpd: DHCPREQUEST for 172.18.30.1 from 00:02:2d:5b:58:55 (usp-aca13fde673) via em1 Sep 13 10:13:56 dhcpd: DHCPACK on 172.18.30.1 to 00:02:2d:5b:58:55 (usp-aca13fde673) via em1 DHCP Lease in Linux: Sep 13 10:16:33 dhcpd: DHCPOFFER on 172.18.255.252 to 00:02:2d:5b:58:55 via em1 Sep 13 10:16:33 dhcpd: DHCPREQUEST for 172.18.255.252 (172.18.0.1) from 00:02:2d:5b:58:55 via em1 Sep 13 10:16:33 dhcpd: DHCPACK on 172.18.255.252 to 00:02:2d:5b:58:55 via em1 Sep 13 10:20:16 dhcpd: DHCPDISCOVER from 00:02:2d:5b:58:55 via em1 Sep 13 10:20:17 dhcpd: DHCPOFFER on 172.18.255.252 to 00:02:2d:5b:58:55 via em1 Sep 13 10:20:17 dhcpd: DHCPREQUEST for 172.18.255.252 (172.18.0.1) from 00:02:2d:5b:58:55 via em1 Sep 13 10:20:17 dhcpd: DHCPACK on 172.18.255.252 to 00:02:2d:5b:58:55 via em1 -- --------- Marcos Roberto Greiner Os otimistas acham que estamos no melhor dos mundos Os pessimistas tem medo de que isto seja verdade Murphy - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] DHCP log error
As a note. I've installed the latest snapshot (dated 14-Sept.), and the problem repeated itself. The lease appears in the DHCP logs, but not in the DHCP Leases page. Roberto Roberto Greiner wrote: > I'm testing pfsense (version 1.2Beta2, on a Xeon 1.6GHz, 1GB RAM) to > replace a monowall box in our network, but got a strange problem. > > One of the test clients I'm using, an old Acer notebook (P3-1000, 256MB > RAM), , is not showing up in the DHCP leases list. > > The machine get the IP normally, I receive the captive portal without > any problem, log-in, navigate and everything without problems. The login > appears in the 'status/captive portal' page with the dynamic IP, but int > the 'status/DHCP Leases' page, the lease does not appear. The problem > remains, wheter I load the notebook with Windows XP or > Linux-Debian-Etch. Also, If I load Windows, I'm getting the IP > 172.18.30.1, with Linux I'm getting 172.18.255.252 (the DHCP configured > range is 172.18.20.1-172.18.255.254). In both cases the network works, > the IP appears in 'Status/Captive Portal', but not in 'Status/DHCP Leases'. > > In both cases, the system logs for DHCP show that the lease has worked > properly (attached to the end of mail). Any ideas what may be wrong? > > Thanks, > > Marcos Roberto Greiner > > DHCP Lease when in Windows: > > Sep 13 10:09:19 dhcpd: DHCPOFFER on 172.18.30.1 to 00:02:2d:5b:58:55 > (usp-aca13fde673) via em1 > Sep 13 10:09:19 dhcpd: DHCPREQUEST for 172.18.30.1 (172.18.0.1) from > 00:02:2d:5b:58:55 (usp-aca13fde673) via em1 > Sep 13 10:09:19 dhcpd: DHCPACK on 172.18.30.1 to 00:02:2d:5b:58:55 > (usp-aca13fde673) via em1 > > > Sep 13 10:11:42 dhcpd: DHCPINFORM from 172.18.30.1 via em1 > Sep 13 10:11:42 dhcpd: DHCPACK to 172.18.30.1 (00:02:2d:5b:58:55) via > em1 > Sep 13 10:11:45 dhcpd: DHCPINFORM from 172.18.30.1 via em1 > Sep 13 10:11:45 dhcpd: DHCPACK to 172.18.30.1 (00:02:2d:5b:58:55) via > em1 > Sep 13 10:13:07 dhcpd: DHCPINFORM from 172.18.30.1 via em1 > Sep 13 10:13:07 dhcpd: DHCPACK to 172.18.30.1 (00:02:2d:5b:58:55) via > em1 > Sep 13 10:13:10 dhcpd: DHCPINFORM from 172.18.30.1 via em1 > Sep 13 10:13:10 dhcpd: DHCPACK to 172.18.30.1 (00:02:2d:5b:58:55) via > em1 > Sep 13 10:13:56 dhcpd: DHCPREQUEST for 172.18.30.1 from > 00:02:2d:5b:58:55 (usp-aca13fde673) via em1 > Sep 13 10:13:56 dhcpd: DHCPACK on 172.18.30.1 to 00:02:2d:5b:58:55 > (usp-aca13fde673) via em1 > > > > > DHCP Lease in Linux: > > Sep 13 10:16:33 dhcpd: DHCPOFFER on 172.18.255.252 to 00:02:2d:5b:58:55 > via em1 > Sep 13 10:16:33 dhcpd: DHCPREQUEST for 172.18.255.252 (172.18.0.1) from > 00:02:2d:5b:58:55 via em1 > Sep 13 10:16:33 dhcpd: DHCPACK on 172.18.255.252 to 00:02:2d:5b:58:55 > via em1 > Sep 13 10:20:16 dhcpd: DHCPDISCOVER from 00:02:2d:5b:58:55 via em1 > Sep 13 10:20:17 dhcpd: DHCPOFFER on 172.18.255.252 to 00:02:2d:5b:58:55 > via em1 > Sep 13 10:20:17 dhcpd: DHCPREQUEST for 172.18.255.252 (172.18.0.1) from > 00:02:2d:5b:58:55 via em1 > Sep 13 10:20:17 dhcpd: DHCPACK on 172.18.255.252 to 00:02:2d:5b:58:55 > via em1 > > > -- - Marcos Roberto Greiner Os otimistas acham que estamos no melhor dos mundos Os pessimistas tem medo de que isto seja verdade Murphy - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] DHCP log error
I've left all values (except IP range) with the default values. So, 7200 seconds for default lease, and 86400 for maximum lease. I've also noticed another thing. When I go to the 'DHCP Leases' page and press the 'Show all configured Leases' button, my lease appears in the list, but as offline and expired, despite the fact that I'm connected. Roberto Paul M wrote: > Roberto Greiner wrote: >> As a note. I've installed the latest snapshot (dated 14-Sept.), and the >> problem repeated itself. >> >> The lease appears in the DHCP logs, but not in the DHCP Leases page. > > what timeout have you set for dhcp leases? > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- - Marcos Roberto Greiner Os otimistas acham que estamos no melhor dos mundos Os pessimistas tem medo de que isto seja verdade Murphy - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] DHCP fatal error in services_dhcp.php line 48
Hi, I was configuring CARP, and as a final touch, I chose to enable, inside the DHCP server, the NTP servers option. When I activated it, pointing NTP to the LAN-CARP address (in this case 172.16.0.1. The physical LAN address is 172.16.0.2), I got a blank page with only the following line: Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to allocate 35 bytes) in /usr/local/www/services_dhcp.php on line 48 The DHCP server is no longer working. Did somebody else get something like that? Now, if I try to make any changes on the DHCP server, after clicking on save the pages dies on reload, it never refreshes. A reboot did not solve the problem. My server is a Xen virtual machine running with 512MB memory, 2 virtual processors, and a 10GB disk. The physical server is Core 2 Duo machine, with 4GB RAM. The pfsense version I'm running is 1.2.3-RC1, built Apr,22 15:36:34 2009. Thanks, Roberto -- - Marcos Roberto Greiner Os otimistas acham que estamos no melhor dos mundos Os pessimistas tem medo de que isto seja verdade James Branch Cabell - - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] DHCP fatal error in services_dhcp.php line 48
Jim Pingle wrote: Roberto Greiner wrote: Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to allocate 35 bytes) in /usr/local/www/services_dhcp.php on line 48 That is during the DHCP lease cleanup routine. Your /var/dhcpd/var/db/dhcpd.leases file must be huge. It doesn't typically grow that large during normal operation. It's a new server. No user ever connected to it Roberto -- - Marcos Roberto Greiner Os otimistas acham que estamos no melhor dos mundos Os pessimistas tem medo de que isto seja verdade James Branch Cabell - - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] DHCP fatal error in services_dhcp.php line 48
Jim Pingle wrote:
Roberto Greiner wrote:
Jim Pingle wrote:
Roberto Greiner wrote:
Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to
allocate 35 bytes) in /usr/local/www/services_dhcp.php on line 48
That is during the DHCP lease cleanup routine. Your
/var/dhcpd/var/db/dhcpd.leases file must be huge. It doesn't typically
grow that large during normal operation.
It's a new server. No user ever connected to it
Can you check that file just to be sure? If nobody has connected to the
server, you can probably safely remove the leases file anyhow.
$ ls -l /var/dhcpd/var/db
total 17792
-rw-r--r-- 1 root _dhcp 4529052 Oct 14 09:42 dhcpd.leases
-rw-r--r-- 1 dhcpd _dhcp 4528906 Oct 14 09:42 dhcpd.leases~
I removed both files and restarted the server (without the ntp configuration).
The ntp server started properly.
As a test, I tried to enable the "ntp servers" configuration again, and got the
same error as before.
Roberto
--
-
Marcos Roberto Greiner
Os otimistas acham que estamos no melhor dos mundos
Os pessimistas tem medo de que isto seja verdade
James Branch Cabell
-
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] DHCP fatal error in services_dhcp.php line 48
Jim Pingle wrote:
Roberto Greiner wrote:
Jim Pingle wrote:
Roberto Greiner wrote:
Jim Pingle wrote:
Roberto Greiner wrote:
Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to
allocate 35 bytes) in /usr/local/www/services_dhcp.php on line 48
That is during the DHCP lease cleanup routine. Your
/var/dhcpd/var/db/dhcpd.leases file must be huge. It doesn't typically
grow that large during normal operation.
It's a new server. No user ever connected to it
Can you check that file just to be sure? If nobody has connected to the
server, you can probably safely remove the leases file anyhow.
$ ls -l /var/dhcpd/var/db
total 17792
-rw-r--r-- 1 root _dhcp 4529052 Oct 14 09:42 dhcpd.leases
-rw-r--r-- 1 dhcpd _dhcp 4528906 Oct 14 09:42 dhcpd.leases~
I removed both files and restarted the server (without the ntp
configuration). The ntp server started properly.
As a test, I tried to enable the "ntp servers" configuration again, and
got the same error as before.
That is rather odd. Something weird must be going on with its network
connection if it has a 4.5MB leases file.
I can't reproduce this on my test box either
Could it be something mwith the fact that my box is a Xen virtual server?
Roberto
--
-----
Marcos Roberto Greiner
Os otimistas acham que estamos no melhor dos mundos
Os pessimistas tem medo de que isto seja verdade
James Branch Cabell
-
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] DHCP fatal error in services_dhcp.php line 48
Keenan Tims wrote:
Quoting Roberto Greiner :
Could it be something mwith the fact that my box is a Xen virtual
server?
Perhaps posting the generated leases file (or an excerpt of it) would
be helpful? I don't see how this would be directly related to your use
of Xen, though I suppose if your network configuration is badly broken
you might see this.
Keenan
At beginning of the file I have the following:
failover peer "dhcp0" state {
my state normal at 3 2009/10/14 14:23:17;
partner state normal at 3 2009/10/14 14:13:17;
}
lease 172.16.89.254 {
starts 3 2009/10/14 17:04:35;
ends 3 2009/10/14 19:04:35;
tsfp 3 2009/10/14 20:04:35;
atsfp 3 2009/10/14 20:04:35;
cltt 3 2009/10/14 17:04:35;
binding state active;
next binding state expired;
hardware ethernet 00:0a:e4:5e:b5:a3;
}
That IP is for the notebook I'm using for setup.
After that, there are thousand of entries like the following:
lease 172.16.255.254 {
starts 3 2009/10/14 14:08:33;
binding state backup;
}
All with IPs ranging from 172.16.50.0 to 172.16.255.254 (The range I used when
setting DHCP).
At the very end of the file I got the following:
lease 172.16.89.254 {
starts 3 2009/10/14 17:56:52;
ends 3 2009/10/14 19:56:52;
tsfp 3 2009/10/14 20:56:52;
atsfp 3 2009/10/14 20:56:52;
cltt 3 2009/10/14 17:56:52;
binding state active;
next binding state expired;
hardware ethernet 00:0a:e4:5e:b5:a3;
}
It's the same IP as in the start of the file. Is that expected? An
effect of having two servers with DHCP due to CARP?
Roberto
--
-----
Marcos Roberto Greiner
Os otimistas acham que estamos no melhor dos mundos
Os pessimistas tem medo de que isto seja verdade
James Branch Cabell
-
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] DHCP fatal error in services_dhcp.php line 48
Chris Buechler wrote:
On Wed, Oct 14, 2009 at 2:28 PM, Roberto Greiner wrote:
At beginning of the file I have the following:
failover peer "dhcp0" state {
my state normal at 3 2009/10/14 14:23:17;
partner state normal at 3 2009/10/14 14:13:17;
}
lease 172.16.89.254 {
starts 3 2009/10/14 17:04:35;
ends 3 2009/10/14 19:04:35;
tsfp 3 2009/10/14 20:04:35;
atsfp 3 2009/10/14 20:04:35;
cltt 3 2009/10/14 17:04:35;
binding state active;
next binding state expired;
hardware ethernet 00:0a:e4:5e:b5:a3;
}
That IP is for the notebook I'm using for setup.
After that, there are thousand of entries like the following:
lease 172.16.255.254 {
starts 3 2009/10/14 14:08:33;
binding state backup;
}
All those failover entries on that big of a scope exhaust PHP's memory
limit. No way around that for the time being, I opened a bug ticket
but you won't see that fixed in 1.2.x at least. Either use a smaller
scope, or use something else as your DHCP server. Or send patches to
fix the problem. :)
Ok,
as soon as possible I will try using a smaller scope.
Tks.
Roberto
--
-----
Marcos Roberto Greiner
Os otimistas acham que estamos no melhor dos mundos
Os pessimistas tem medo de que isto seja verdade
James Branch Cabell
-
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] DHCP fatal error in services_dhcp.php line 48
Roberto Greiner wrote:
Chris Buechler wrote:
On Wed, Oct 14, 2009 at 2:28 PM, Roberto Greiner
wrote:
At beginning of the file I have the following:
failover peer "dhcp0" state {
my state normal at 3 2009/10/14 14:23:17;
partner state normal at 3 2009/10/14 14:13:17;
}
lease 172.16.89.254 {
starts 3 2009/10/14 17:04:35;
ends 3 2009/10/14 19:04:35;
tsfp 3 2009/10/14 20:04:35;
atsfp 3 2009/10/14 20:04:35;
cltt 3 2009/10/14 17:04:35;
binding state active;
next binding state expired;
hardware ethernet 00:0a:e4:5e:b5:a3;
}
That IP is for the notebook I'm using for setup.
After that, there are thousand of entries like the following:
lease 172.16.255.254 {
starts 3 2009/10/14 14:08:33;
binding state backup;
}
All those failover entries on that big of a scope exhaust PHP's memory
limit. No way around that for the time being, I opened a bug ticket
but you won't see that fixed in 1.2.x at least. Either use a smaller
scope, or use something else as your DHCP server. Or send patches to
fix the problem. :)
Ok,
as soon as possible I will try using a smaller scope.
Tks.
Roberto
It worked. I reduced the range to 172.16.50.0-172.16.60.254, and now the
"ntp servers" configuration no longer gives any problem.
Tks a lot.
Roberto
--
-----
Marcos Roberto Greiner
Os otimistas acham que estamos no melhor dos mundos
Os pessimistas tem medo de que isto seja verdade
James Branch Cabell
-
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
[pfSense Support] CARP with captive portal
Hi, I'm having trouble making captive portal and CARP work togheter. I've set CARP to use the WAN interface for synchronization, and it works fine. Problem is, the moment I enable Captive Portal, the LAN Virtual IP dies out (stops pinging), and the whole setup stops working. I've tried adding the LAN MAC address of the stations on the "Pass-through MAC" page (added MAC address of both servers), but it didn't work. Also tried the same for IP. The moment I disable captive portal, CARP immediately works again. Any ideas of what I should do to make Captive Portal and CARP work together? Tks, Roberto Greiner -- ----- Marcos Roberto Greiner Os otimistas acham que estamos no melhor dos mundos Os pessimistas tem medo de que isto seja verdade James Branch Cabell - - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] CARP with captive portal
Hi, no one with ideas about this? Roberto Roberto Greiner wrote: Hi, I'm having trouble making captive portal and CARP work togheter. I've set CARP to use the WAN interface for synchronization, and it works fine. Problem is, the moment I enable Captive Portal, the LAN Virtual IP dies out (stops pinging), and the whole setup stops working. I've tried adding the LAN MAC address of the stations on the "Pass-through MAC" page (added MAC address of both servers), but it didn't work. Also tried the same for IP. The moment I disable captive portal, CARP immediately works again. Any ideas of what I should do to make Captive Portal and CARP work together? Tks, Roberto Greiner -- ----- Marcos Roberto Greiner Os otimistas acham que estamos no melhor dos mundos Os pessimistas tem medo de que isto seja verdade James Branch Cabell - - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] CARP with captive portal
Ermal Luçi wrote: On Fri, Oct 16, 2009 at 6:21 PM, Roberto Greiner wrote: Hi, I'm having trouble making captive portal and CARP work togheter. I've set CARP to use the WAN interface for synchronization, and it works fine. Problem is, the moment I enable Captive Portal, the LAN Virtual IP dies out (stops pinging), and the whole setup stops working. I've tried adding the LAN MAC address of the stations on the "Pass-through MAC" page (added MAC address of both servers), but it didn't work. Also tried the same for IP. The moment I disable captive portal, CARP immediately works again. Any ideas of what I should do to make Captive Portal and CARP work together? Without modification NO. Please open a bug report on redmine.pfsense.org so i can can fix this for 2.0. Do not forget to assign it to me. Ok. I've created the bug report. Tks. Roberto -- ----- Marcos Roberto Greiner Os otimistas acham que estamos no melhor dos mundos Os pessimistas tem medo de que isto seja verdade James Branch Cabell - - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
