Re: [pfSense Support] enabling high performance tcp - freebsd
Squeeze Your Gigabit NIC for Top Performance http://www.enterprisenetworkingplanet.com/nethub/article.php/3485486 2008/2/13, Ermal Luçi [EMAIL PROTECTED]: Some of that info is rather old. -- - = - = - = - = - = - = - = - = - = - . Of course it runs William David Armstrong |== Bio Systems Security Networking ' FreeBSD MSN / GT biosystems gmail . com -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Carp FW Rules?
Good Afternoon I have configured 2 IP virtual in virtual IP as Carp mode. I configure the necessary ports in the Nat options for the services that desire to use. In the Internet side all services function ok however I cannot connect to this IP´s for my internal net (LAN) the Firewall logs accuses the following blocks: Jan 31 15:56:08 pf: 2. 439592 rule 527/0(match): block out on carp0: (tos 0x10, ttl 64, id 24317, offset 0, flags [DF], proto: TCP (6), length: 44) 189.2.203.20.56845 189.2.203.19.80: S, cksum 0x330e (correct), 51016579:51016579(0) win 0 mss 1460 Jan 31 15:56:10 pf: 2. 560566 rule 527/0(match): block out on carp0: (tos 0x10, ttl 64, id 1182, offset 0, flags [DF], proto: TCP (6), length: 44) 189.2.203.20.51379 189.2.203.19.80: S, cksum 0x9f8a (correct), 52143:52143(0) win 0 mss 1460 Jan 31 15:56:13 pf: 2. 440578 rule 527/0(match): block out on carp0: (tos 0x10, ttl 64, id 31284, offset 0, flags [DF], proto: TCP (6), length: 44) 189.2.203.20.58885 189.2.203.19.80: S, cksum 0x2b16 (correct), 51016579:51016579(0) win 0 mss 1460 Jan 31 15:56:15 pf: 2. 559579 rule 527/0(match): block out on carp0: (tos 0x10, ttl 64, id 21814, offset 0, flags [DF], proto: TCP (6), length: 44) 189.2.203.20.61750 189.2.203.19.80: S, cksum 0x7707 (correct), 52143:52143(0) win 0 mss 1460 How I can configure to allow conections in that interfaces?? -- - = - = - = - = - = - = - = - = - = - . Of course it runs William David Armstrong |== Bio Systems Security Networking ' FreeBSD MSN / GT biosystems gmail . com -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Carp FW Rules?
Thanks a lot. I´ts works now. []´s. -- - = - = - = - = - = - = - = - = - = - . Of course it runs William David Armstrong |== Bio Systems Security Networking ' FreeBSD MSN / GT biosystems gmail . com -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Squid missmatch parsing config
Was looking at the rules that webgui makes and verified an imperfection in the positioning of the rules of cache_mem, cache_dir and cache_replacement_policy heap , memory_replacement_policy . cache_dir diskd /var/squid/cache 4000 16 256 cache_mem 8 MB maximum_object_size 5 KB minimum_object_size 0 KB cache_replacement_policy heap LFUDA memory_replacement_policy heap GDSF in these positions squid first reads the directive of cache_dir and the cache_mem placed for use of squid. However squid reads this and assumes policing DEFAULT LRU. And ignores the variables of control cache_replacement_policy heap LFUDA memory_replacement_policy heap GDSF that the directive are defined in the configuration after cache_dir and cache_mem. I verified this with the command. # squidclient mgr:storedir HTTP/1.0 200 OK Server: squid/2.6.STABLE5 Date: Sat, 24 Feb 2007 00:50:36 GMT Content-Type: text/plain Expires: Sat, 24 Feb 2007 00:50:36 GMT Last-Modified: Sat, 24 Feb 2007 00:50:36 GMT X-Cache: MISS from cerberus.biosystems.ath.cx Via: 1.0 cerberus.biosystems.ath.cx:3128 (squid/2.6.STABLE5) Proxy-Connection: close Store Directory Statistics: Store Entries : 6745 Maximum Swap Size : 4096000 KB Current Store Swap Size: 132968 KB Current Capacity : 3% used, 97% free Store Directory #0 (diskd): /var/squid/cache FS Block Size 2048 Bytes First level subdirectories: 16 Second level subdirectories: 256 Maximum Size: 4096000 KB Current Size: 132968 KB Percent Used: 3.25% Current load metric: 100 / 1000 Filemap bits in use: 6718 of 16384 (41%) Filesystem Space in use: 142272/9430356 KB (2%) Filesystem Inodes in use: 10833/1224702 (1%) Flags: SELECTED Pending operations: 0 Removal policy: lru LRU reference age: 11.06 days Now I manually modified squid.conf and modified the position of the rules and it's work OK unless you it makes a reboot. cache_replacement_policy heap LFUDA memory_replacement_policy heap GDSF cache_dir diskd /var/squid/cache 4000 16 256 cache_mem 8 MB maximum_object_size 5 KB minimum_object_size 0 KB # squidclient mgr:storedir HTTP/1.0 200 OK Server: squid/2.6.STABLE5 Date: Sat, 24 Feb 2007 00:53:47 GMT Content-Type: text/plain Expires: Sat, 24 Feb 2007 00:53:47 GMT Last-Modified: Sat, 24 Feb 2007 00:53:47 GMT X-Cache: MISS from cerberus.biosystems.ath.cx Via: 1.0 cerberus.biosystems.ath.cx:3128 (squid/2.6.STABLE5) Proxy-Connection: close Store Directory Statistics: Store Entries : 6745 Maximum Swap Size : 4096000 KB Current Store Swap Size: 132968 KB Current Capacity : 3% used, 97% free Store Directory #0 (diskd): /var/squid/cache FS Block Size 2048 Bytes First level subdirectories: 16 Second level subdirectories: 256 Maximum Size: 4096000 KB Current Size: 132968 KB Percent Used: 3.25% Current load metric: 100 / 1000 Filemap bits in use: 6718 of 16384 (41%) Filesystem Space in use: 142272/9430356 KB (2%) Filesystem Inodes in use: 10833/1224702 (1%) Flags: Pending operations: 0 Removal policy: heap -- - = - = - = - = - = - = - = - = - = - . Of course it runs William David Armstrong |== Bio Systems Security Networking ' NetBSD, OpenBSD or FreeBSD MSN / GT biosystems gmail . com -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] error on backup config syslog entry
Warning: Invalid argument supplied for foreach() in /etc/inc/xmlparse.inc on line 184 Warning: Cannot modify header information - headers already sent by (output started at /etc/inc/xmlparse.inc:184) in /usr/local/www/diag_backup.php on line 102 Warning: Cannot modify header information - headers already sent by (output started at /etc/inc/xmlparse.inc:184) in /usr/local/www/diag_backup.php on line 104 Warning: Cannot modify header information - headers already sent by (output started at /etc/inc/xmlparse.inc:184) in /usr/local/www/diag_backup.php on line 105 -- - = - = - = - = - = - = - = - = - = - . Of course it runs William David Armstrong |== Bio Systems Security Networking ' NetBSD, OpenBSD or FreeBSD MSN / GT biosystems gmail . com -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] WPA problems -- atheros card wlan open
Hello all I suggest a Random generator for wpa Passphrase. 2006/6/26, Holger Bauer [EMAIL PROTECTED]: Your passphrase is too short. It has to be 8-63 characters (there is a note at the webguipage for this setting). Please retry with a valid passkeyphrase. We maybe should check for the length of this field. Holger -Original Message- From: Rory Campbell-Lange [mailto:[EMAIL PROTECTED] Sent: Monday, June 26, 2006 3:39 PM To: support@pfsense.com Subject: Re: [pfSense Support] WPA problems -- atheros card wlan open Hi Scott, Holger On 6/9/06, Rory Campbell-Lange [EMAIL PROTECTED] wrote: We edited the page as directed, but the problem (no wpa authentication required) still persists. I just went to tripple check this and noticed it was broken and started to freak out big time but then I noticed that Enable WPA was not checked. Please double check this setting. We wpent about 8 hours on this feature the last week. We reset the page as directed and checked that Enable WPA was selected. No joy. We have flashed again with the latest pfSense download image today and the problem still persists. Relevant bits of the config are shown below. Regards, Rory ?xml version=1.0? pfsense version2.3/version lastchange/ thememetallic/theme system ... /system interfaces lan ifsis0/if ipaddr192.168.1.1/ipaddr subnet24/subnet media/ mediaopt/ bandwidth100/bandwidth bandwidthtypeMb/bandwidthtype /lan wan ifsis1/if mtu/ ipaddrdhcp/ipaddr subnet/ gateway/ blockpriv/ disableftpproxy/ dhcphostname/ media/ mediaopt/ bandwidth100/bandwidth bandwidthtypeMb/bandwidthtype /wan opt1 descrOPT1/descr ifath0/if wireless standard11b/standard modehostap/mode protmodeoff/protmode ssidtestwlan/ssid channel0/channel authmode/ txpower99/txpower distance/ wpa macaddr_acl/ auth_algs1/auth_algs wpa_mode1/wpa_mode wpa_key_mgmtWPA-PSK/wpa_key_mgmt wpa_pairwiseTKIP/wpa_pairwise wpa_group_rekey60/wpa_group_rekey wpa_gmk_rekey3600/wpa_gmk_rekey passphrasejaMb0n/passphrase ext_wpa_sw/ wpa_strict_rekey/ enable/ /wpa wep/ /wireless bridgelan/bridge enable/ ipaddr/ subnet32/subnet gateway/ spoofmac/ mtu/ /opt1 opt2 ... /opt2 /interfaces installedpackages/ revision ... /revision /pfsense -- Rory Campbell-Lange [EMAIL PROTECTED] www.campbell-lange.net - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- -=-=-=-=-=-=-=-=-=- William David Armstrong. Of course it runs Bio Systems Security Networking|== Hinodeinfo Soluções em Informática ' NetBSD, OpenBSD or FreeBSD ICQ 27550645 MSN / GT biosystems gmail . com -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] interesting link ipfw L7
http://lists.freebsd.org/pipermail/freebsd-ipfw/2006-June/002522.html -- -=-=-=-=-=-=-=-=-=- William David Armstrong. Of course it runs Bio Systems Security Networking|== Hinodeinfo Soluções em Informática ' NetBSD, OpenBSD or FreeBSD ICQ 27550645 MSN / GT biosystems gmail . com -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Remote monitoring
Try a SyMon http://www.xs4all.nl/~wpd/symon/ It´s monitor for CPU, MEM, IO ( disks ), PROCESSES , INTERFACES. Really a fine monitor. install a daemon on target machines and a monitor , webgui for a reports on another machine. my 0,2 cents 2006/5/23, Mailling [EMAIL PROTECTED]: The script is working fine (all nice in one IE screen :) but the password part doesn't work :( Van: Adrian Chitoni [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 23 mei 2006 1:35 Aan: support@pfsense.com Onderwerp: Re: [pfSense Support] Remote monitoring Or you can use iframes: body table tr tda href=http://username:[EMAIL PROTECTED] target=_blankpfsense1/aIFRAME src=http://username:[EMAIL PROTECTED] width=800 height=400 scrolling=auto frameborder=1 [Your user agent does not support iframes] /IFRAME/td /tr tr tda href=http://username:[EMAIL PROTECTED]pfsense2/aIFRAME src=http://username:[EMAIL PROTECTED] width=800 height=400 scrolling=auto frameborder=1 [Your user agent does not support iframes] /IFRAME/td /tr /table /body Cheers Adrian - Original Message - From: Adrian Chitoni To: support@pfsense.com Sent: Tuesday, May 23, 2006 9:23 AM Subject: Re: [pfSense Support] Remote monitoring Just create a html page with frames and store it locally. Like: ## html head meta http-equiv=Content-Type content=text/html; charset=iso-8859-1 / titleMonitoring/title /head frameset rows=107,108 frame src=http://192.168.1.252:8088; frame src=http://192.168.1.253; /frameset noframesbody /body /noframes/html ### Cheers Adrian - Original Message - From: Ebay To: support@pfsense.com Sent: Tuesday, May 23, 2006 8:21 AM Subject: [pfSense Support] Remote monitoring I would like a way to remotely monitor a PFsense box. I would relaay like to monitor all the interfaces as well as the cpu, mem, and swap on the status page. Does anyone know of anything that will do this? I would really like to monitor multiple boxes from the same computer. I have mono mon which does some of this. Thanks for the help. This software rocks i am new to PFsense and already love it. I've done cisco for 5 years and don't plan on going back. Thanks Ryan -- -=-=-=-=-=-=-=-=-=- William David Armstrong. Of course it runs Bio Systems Security Networking|== Hinodeinfo Soluções em Informática ' NetBSD, OpenBSD or FreeBSD ICQ 27550645 MSN / GT biosystems gmail . com -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Links Utils
http://www.cromwell-intl.com/SECURITY/security-stack-hardening.html -- -=-=-=-=-=-=-=-=-=- William David Armstrong . Of course it runs Bio Systems Security.Networking | Hinodeinfo Soluções em Informática ' NetBSD, OpenBSD or FreeBSD ICQ 27550645 MSN / GT Ψ biosystems ∆ gmail . com Ψ --
Re: [pfSense Support] error on parse config.xml on 060408 snapshot
I upgrade direct from snapshot and get this errors
I create all rules again and get this error
2006/4/10, Bill Marquette [EMAIL PROTECTED]:
Haven't seen that one before (and I just upgraded my main box to the
4-08 snapshot). What happens if you delete that rule (I assume it's
not needed based on your wording)?
--Bill
On 4/10/06, William Armstrong [EMAIL PROTECTED] wrote:
phantom rule is inserted on my system config.xml
rule
typepass/type
interfaceopt3/interface
max-src-nodes/
max-src-states/
statetimeout/
statetypekeep state/statetype
os/
max-src-conn-rate/
max-src-conn-rates/
source
any/
/source
destination
any/
/destination
descr/
/rule
there were error(s) loading the rules: /tmp/rules.debug:393: syntax
errorpfctl: Syntax error in config file: pf rules not loaded - The
line in question reads [393]: label USER_RULE ...
# /tmp/debug.rules
pass in quick on $wan proto udp from any to { 10.0.1.3 } port = 4712
keep state queue (qwandef, qwanacks) label USER_RULE: NAT LAN
pass in quick on $wan proto udp from any to { 10.0.1.3 } port = 2213
keep state queue (qwandef, qwanacks) label USER_RULE: NAT RAID
-- label USER_RULE
# opt3 array key does not exist for label USER_RULE
partial dmesg
fxp0: Intel 82559 Pro/100 Ethernet port 0xd800-0xd83f mem
0xe480-0xe4800fff,0xe400-0xe40f irq 9 at device 9.0 on
pci1
miibus0: MII bus on fxp0
inphy0: i82555 10/100 media interface on miibus0
inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
fxp0: Ethernet address: 00:02:b3:3a:42:f2
dc0: 82c169 PNIC 10/100BaseTX port 0xd400-0xd4ff mem
0xe380-0xe38000ff at device 10.0 on pci1
miibus1: MII bus on dc0
bmtphy0: BCM5201 10/100baseTX PHY on miibus1
bmtphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
dc0: Ethernet address: 00:a0:cc:5a:14:dd
xl0: 3Com 3c905C-TX Fast Etherlink XL port 0xd000-0xd07f mem
0xe300-0xe37f irq 11 at device 11.0 on pci1
miibus2: MII bus on xl0
xlphy0: 3c905C 10/100 internal PHY on miibus2
xlphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
xl0: Ethernet address: 00:01:02:38:ff:81
xl1: 3Com 3c905C-TX Fast Etherlink XL port 0xb800-0xb87f mem
0xe280-0xe280007f irq 5 at device 12.0 on pci1
miibus3: MII bus on xl1
ukphy0: Generic IEEE 802.3u media interface on miibus3
ukphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
xl1: Ethernet address: 00:01:03:df:83:3f
*** Welcome to pfSense RELENG_1_SNAPSHOT_04-08-2006-pfSense on cerberus ***
WAN* - fxp0- 192.168.33.2
OPT2(OPT2) - dc0 - NONE
LAN* - xl0 - 10.0.1.1
OPT1(OPT1) - xl1 - NONE
--
-=-=-=-=-=-=-=-=-=-
William David Armstrong . Of course it runs
Bio Systems Security.Networking |
Hinodeinfo Soluções em Informática ' NetBSD, OpenBSD or FreeBSD
ICQ 27550645
MSN / GT Ψ biosystems ∆ gmail . com Ψ
--
--
-=-=-=-=-=-=-=-=-=-
William David Armstrong . Of course it runs
Bio Systems Security.Networking |
Hinodeinfo Soluções em Informática ' NetBSD, OpenBSD or FreeBSD
ICQ 27550645 MSN / GT Ψ biosystems ∆ gmail . com Ψ
--
Re: [pfSense Support] error on parse config.xml on 060408 snapshot
I upgrade from this link http://www.pfsense.org/~sullrich/RELENG_1_SNAPSHOT_04-08-2006/pfSense-Full-Update-RELENG_1_SNAPSHOT_04-08-2006.tgz -- -=-=-=-=-=-=-=-=-=- William David Armstrong . Of course it runs Bio Systems Security.Networking | Hinodeinfo Soluções em Informática ' NetBSD, OpenBSD or FreeBSD ICQ 27550645 MSN / GT Ψ biosystems ∆ gmail . com Ψ --
[pfSense Support] error on parse config.xml on 060408 snapshot
phantom rule is inserted on my system config.xml
rule
typepass/type
interfaceopt3/interface
max-src-nodes/
max-src-states/
statetimeout/
statetypekeep state/statetype
os/
max-src-conn-rate/
max-src-conn-rates/
source
any/
/source
destination
any/
/destination
descr/
/rule
there were error(s) loading the rules: /tmp/rules.debug:393: syntax
errorpfctl: Syntax error in config file: pf rules not loaded - The
line in question reads [393]: label USER_RULE ...
# /tmp/debug.rules
pass in quick on $wan proto udp from any to { 10.0.1.3 } port = 4712
keep state queue (qwandef, qwanacks) label USER_RULE: NAT LAN
pass in quick on $wan proto udp from any to { 10.0.1.3 } port = 2213
keep state queue (qwandef, qwanacks) label USER_RULE: NAT RAID
-- label USER_RULE
# opt3 array key does not exist for label USER_RULE
partial dmesg
fxp0: Intel 82559 Pro/100 Ethernet port 0xd800-0xd83f mem
0xe480-0xe4800fff,0xe400-0xe40f irq 9 at device 9.0 on
pci1
miibus0: MII bus on fxp0
inphy0: i82555 10/100 media interface on miibus0
inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
fxp0: Ethernet address: 00:02:b3:3a:42:f2
dc0: 82c169 PNIC 10/100BaseTX port 0xd400-0xd4ff mem
0xe380-0xe38000ff at device 10.0 on pci1
miibus1: MII bus on dc0
bmtphy0: BCM5201 10/100baseTX PHY on miibus1
bmtphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
dc0: Ethernet address: 00:a0:cc:5a:14:dd
xl0: 3Com 3c905C-TX Fast Etherlink XL port 0xd000-0xd07f mem
0xe300-0xe37f irq 11 at device 11.0 on pci1
miibus2: MII bus on xl0
xlphy0: 3c905C 10/100 internal PHY on miibus2
xlphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
xl0: Ethernet address: 00:01:02:38:ff:81
xl1: 3Com 3c905C-TX Fast Etherlink XL port 0xb800-0xb87f mem
0xe280-0xe280007f irq 5 at device 12.0 on pci1
miibus3: MII bus on xl1
ukphy0: Generic IEEE 802.3u media interface on miibus3
ukphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
xl1: Ethernet address: 00:01:03:df:83:3f
*** Welcome to pfSense RELENG_1_SNAPSHOT_04-08-2006-pfSense on cerberus ***
WAN* - fxp0- 192.168.33.2
OPT2(OPT2) - dc0 - NONE
LAN* - xl0 - 10.0.1.1
OPT1(OPT1) - xl1 - NONE
--
-=-=-=-=-=-=-=-=-=-
William David Armstrong . Of course it runs
Bio Systems Security.Networking |
Hinodeinfo Soluções em Informática ' NetBSD, OpenBSD or FreeBSD
ICQ 27550645
MSN / GT Ψ biosystems ∆ gmail . com Ψ
--
Re: [pfSense Support] State Problems
Tente utilizar outro micro com freebsd para efetuar esse sincronismo para testar se nao é alguma incompatibilidade com o seu sistema atualmente e instalado 2006/1/26, Lawrence Farr [EMAIL PROTECTED]: I'm using pfsense to protect a number of web/mail/ftp servers, which it does fantastically. Since upgrading to the 1.0 Betas it seems to be running out of available states very quickly. I've upped the state table to 2 and it's run out within a few hours. Most of the states seem to be http access with successive source/destination ports eg: tcp 195.10.242.40:80 - 156.99.15.1:11608 FIN_WAIT_2:FIN_WAIT_2 tcp 195.10.242.40:80 - 156.99.15.1:11609 FIN_WAIT_2:FIN_WAIT_2 tcp 195.10.242.40:80 - 156.99.15.1:11610 FIN_WAIT_2:FIN_WAIT_2 tcp 195.10.242.40:80 - 156.99.15.1:11611 FIN_WAIT_2:FIN_WAIT_2 tcp 195.10.242.40:80 - 156.99.15.1:11612 FIN_WAIT_2:FIN_WAIT_2 tcp 195.10.242.40:80 - 156.99.15.1:11614 FIN_WAIT_2:FIN_WAIT_2 tcp 195.10.242.40:80 - 156.99.15.1:11615 FIN_WAIT_2:FIN_WAIT_2 tcp 195.10.242.40:80 - 156.99.15.1:11616 FIN_WAIT_2:FIN_WAIT_2 tcp 195.10.242.40:80 - 156.99.15.1:11618 FIN_WAIT_2:FIN_WAIT_2 tcp 195.10.242.40:80 - 156.99.15.1:11619 TIME_WAIT:TIME_WAIT or tcp 62.6.139.10:51538 - 195.10.242.12:80 FIN_WAIT_2:FIN_WAIT_2 tcp 62.6.139.10:40536 - 195.10.242.12:80 FIN_WAIT_2:FIN_WAIT_2 tcp 62.6.139.10:24485 - 195.10.242.12:80 FIN_WAIT_2:FIN_WAIT_2 tcp 62.6.139.10:37053 - 195.10.242.12:80 FIN_WAIT_2:FIN_WAIT_2 Should I not be using stateful filtering for http services, or limiting states per ip? It's currently running 1.0-PREBETA2-BUG-VALIDATION-EDITION5 Cheers Lawrence Farr EPC Direct Limited - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- -=-=-=-=-=-=-=-=-=- William David Armstrong Bio Systems Security. ICQ 10253747 MSN biosystems ]at[ gmail . com -- . Of course it runs | ' NetBSD, OpenBSD or FreeBSD -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Freebsd version
chmod 777 /boot/kernel re-run firmware upgrade again. 2006/1/19, Jörgen Haraldsson [EMAIL PROTECTED]: Hi I don't know if it's just me that have missed something but why is the Freebsd version in Pfsense only Freebsd 6.0 - Beta 5. I have upgraded to Pfsense Beta 1 version but still Freebsd is only Beta 5. Are there some over upgrade files i should install ? I can't make a new installation with Livecd because i have made some extra program installation in the Freebsd under Pfsense and i am not interested to reinstall all the programs. _ Nyhet! Hotmail direkt i din Mobil! http://mobile.msn.com/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- -=-=-=-=-=-=-=-=-=- William David Armstrong Bio Systems Security. ICQ 10253747 MSN biosystems ]at[ gmail . com -- . Of course it runs | ' NetBSD, OpenBSD or FreeBSD -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] What's the minimal configuration need of pfsense
In my opinion it goes to depend on the one that you desire to run in this Box for a basic FW but I run this in Pentium 120Mhz 64Mb RAM 540 HDand NIC prefer run in PCI NIC's if you go use AltQ traffic Shapper, check in man if your's NIC is listed on suported devices for AltQ. man altq SUPPORTED DEVICES The driver modifications described in altq(9) are required to use a cer- tain network card with ALTQ. They have been applied to the following hardware drivers: an(4), ath(4), awi(4), bfe(4), bge(4), dc(4), de(4), ed(4), em(4), fxp(4), hme(4), lnc(4), rl(4), sf(4), sis(4), sk(4), vr(4), wi(4), and xl(4). The ndis(4) framework also has support for ALTQ and thus all encapsulated drivers. The tun(4) pseudo driver also does support ALTQ and includes the required modifications. if you desire to use one squid and other functions I recommend PII 400 mhz, minimum 128Mb RAM recommended 512MB Ram and 10 Gb de HD and all NIC PCI 10 / 100 ( not a realtek like brand ) 2005/10/5, Adrien Gundogan [EMAIL PROTECTED]: Hi, I already read a lot of things about m0n0wall and the Pfsense, but I'm not able to understand what's the minimal material needs to install a WIFI-LAN. I mean, I would like to mount a system whith which I need a WLAN and LAN connection. And I can't imagine that I don't need other material than : - mother board - cd reader - Floppy disk reader - Hard Disk - Ethernet card And for WLAN do I need a normal WLAN card or should I buy a specific card? The Newby that I am thanks you very much. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- -=-=-=-=-=-=-=-=-=- William David Armstrong Bio Systems Security. ICQ 10253747 MSN [EMAIL PROTECTED] -- Ninguém nasce sabendo de tudo. Mas tudo pode ser Aprendido; E principalmente porque tudo pode ser Ensinado By Bio. -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Trouble/Questions about the development version.
I use a squid 2.5.Stable10 ( install from freebsd 6.0-beta3 and ports/ make package ) + SquidGuard ( install from freebsd 6.0-beta3 and ports make package ) + DB3 ( install from freebsd 6.0-beta3 and ports make package ) + bigurlblacklist. Work very well for web filtering and I use a rule on pf for block default traffic to port 80-83 and 8080-8083 and force use a NCSA authentication from squid. and create a list of users from allowed and dennyed types of sites ( Default ) Work fine. I use the file editor from pfsense for include or remove a clients because htpasswd not more include in pfsense install If you can try this I send for you my squid .conf and squidGuard.conf my 2 cents. flames /dev/null []'s -- -=-=-=-=-=-=-=-=-=- William David Armstrong Bio Systems Security. ICQ 10253747 MSN [EMAIL PROTECTED] -- Ninguém nasce sabendo de tudo. Mas tudo pode ser Aprendido; E principalmente porque tudo pode ser Ensinado By Bio. -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] 85.2 traffic Shapper TOS error
The error is not on TF wizard.. I try clone rule for MS-RDP ( port 3389 ) to a another service RADMIN ( port 4899 ) but I select TOS low delay and to throughput for this rule I get this error and if I not select it's work fine. 2005/9/27, Scott Ullrich [EMAIL PROTECTED]: This just came up moments ago Rerun the ez-shaper wizard. Scott. On 9/27/05, William Armstrong [EMAIL PROTECTED] wrote: I get this error on I include manual rule for service Radmin php: : There were error(s) loading the rules: /tmp/rules.debug:115: syntax error /tmp/rules.debug:116: syntax error /tmp/rules.debug:117: syntax error /tmp/rules.debug:118: syntax error pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [115]: pass in on xl0 proto tcp from 10.0.1.0/24 to any port 4899 tos lowdelay,throughput keep state tag qOthersDownH -- -=-=-=-=-=-=-=-=-=- William David Armstrong Bio Systems Security. ICQ 10253747 MSN [EMAIL PROTECTED] -- Ninguém nasce sabendo de tudo. Mas tudo pode ser Aprendido; E principalmente porque tudo pode ser Ensinado By Bio. -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- -=-=-=-=-=-=-=-=-=- William David Armstrong Bio Systems Security. ICQ 10253747 MSN [EMAIL PROTECTED] -- Ninguém nasce sabendo de tudo. Mas tudo pode ser Aprendido; E principalmente porque tudo pode ser Ensinado By Bio. -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Broken mirrors
who site I can get a 0.85 Full Upgrade,in /old/ it´s not included !!! sorry for this again.. -- -=-=-=-=-=-=-=-=-=- William David Armstrong Bio Systems Security. ICQ 10253747 MSN [EMAIL PROTECTED] -- Ninguém nasce sabendo de tudo. Mas tudo pode ser Aprendido; E principalmente porque tudo pode ser Ensinado By Bio. -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Broken mirrors
Ok thank's I wait . []'s -- -=-=-=-=-=-=-=-=-=- William David Armstrong Bio Systems Security. ICQ 10253747 MSN [EMAIL PROTECTED] -- Ninguém nasce sabendo de tudo. Mas tudo pode ser Aprendido; E principalmente porque tudo pode ser Ensinado By Bio. -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
