Re: [pfSense Support] Playing a mp3
On Thu, Oct 29, 2009 at 1:39 PM, Dominic wrote: > Hi, > > I am currently running pfsense at two of my locations and the need has come > up to play > a mp3 file in a loop through a local machine. > > As the only common system in both locations I was wondering if this would > be possible > via pfSense? > > I know it is a strange thing to be doing with a firewall distro but it > would be really awesome > if it could. > > Is there any chance of been able to do this? > > Thank you, > > Dominic. > Above and beyond it's FreeBSD. " pkg_add -r mp3blaster " . IIRC that util is pretty pro at playing MP3s from the command line. Toss on repeat and you're done.
Re: [pfSense Support] SNMP oid's for bandwidth
to measure bandwidth used I use a script that checks the difference between bytes passed from poll A to poll B. I can point you to the plugin I use if you'd like. gives results like: vr0:UP (131.0KBps/8.0KBps) and I get alarms in my email when I pass too much traffic like you'd expect: * Nagios * Notification Type: PROBLEM Service: Interface Status - vr0 Host: pipboy Address: 192.168.2.1 State: WARNING Date/Time: Tue Sept 29 08:02:33 EDT 2009 Additional Info: vr0:UP (WARN 1490.2KBps/56.2KBps) The OID it uses is just off the IF-MIB if I remember right. and most devices regardless of OS tend to respond to polls on the .1.3.6.1.2.1 trees, especially .1.3.6.1.2.1.2.2 and .1.3.6.1.2.1.25 , the first of which is the one you're looking for for interface information. 2009/9/29 Ståle Johnsen > Hi, > I'm trying to monitor in / out bandwidth in bits on wan interface but are > having some problems finding the right SNMP oid. > > I found this one: http://cvstrac.pfsense.com/tktview?tn=257 but the OID > i'm trying doesn't return anything. > > Does anyone have any better suggestions for bandwidth monitoring on pfsense > from an nagios server? > > Regards > > Stale Johnsen >
Re: [pfSense Support] BLOCK IP
I haven't been running pfsense for a while, I'm just very familiar with how
pf thinks as a firewall. But if I remembner right the state table is under
some kind of status or tools menu. There ought to be a utility in there to
kill states. if pfctl works from the command line, do pfctl -k {target}
then pfctl -K {target}. I think pfctl works in an ssh session on
pfsense... again, if I Remember right =P
On Sat, Sep 26, 2009 at 6:21 PM, Chris Flugstad wrote:
> I have done that, i think iggdawg suggested that if the states are already
> started, that the firewall wont block them.
>
> how do i stop the current activity? wihtout rebooting of course ;)
> -chris
>
>
> -
> To unsubscribe, e-mail: support-unsubscr...@pfsense.com
> For additional commands, e-mail: support-h...@pfsense.com
>
> Commercial support available - https://portal.pfsense.org
>
>
Re: [pfSense Support] BLOCK IP
it sounds like you're running into a state table issue then. set up the rules you think you need to block him, then kill any states with his IP on it. On Sat, Sep 26, 2009 at 6:18 PM, Chris Flugstad wrote: > Well the MAL ip is on the LAN int, i have public IP's on my LAN side. > > the user on this residential service has had 15mbits symmetrical for the > last 48 hours. > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > >
Re: [pfSense Support] BLOCK IP
oh... try blocking on the WAN int based on the source IP.so... block
in on $ext_if ip from {badguy} to any.
On Sat, Sep 26, 2009 at 6:12 PM, Chris Flugstad wrote:
> Chris Buechler wrote:
>
>> On Sat, Sep 26, 2009 at 11:04 PM, Chris Flugstad
>> wrote:
>>
>>
>>> I have public IP's on my LAN and outbound NAT off. I have a ip address
>>> that
>>> is somewhat malicious and needed to block traffic to and from it.
>>> i tried making fw rules but that didnt work
>>>
>>> any ideas?
>>>
>>>
>>>
>>
>> That's all you need to do. Make sure they're in the right order, first
>> match wins.
>>
>> -
>> To unsubscribe, e-mail: support-unsubscr...@pfsense.com
>> For additional commands, e-mail: support-h...@pfsense.com
>>
>> Commercial support available - https://portal.pfsense.org
>>
>>
>>
> I tried on WAN int with the destination of the LAN IP that is maliscious.
> no dice. its still getting traffic through. tried on LAN int with
> blocking single host (lan ip of mal ip) as the destination
>
> ill just try EVERY option ;) untill it works
>
>
> -
> To unsubscribe, e-mail: support-unsubscr...@pfsense.com
> For additional commands, e-mail: support-h...@pfsense.com
>
> Commercial support available - https://portal.pfsense.org
>
>
Re: [pfSense Support] BLOCK IP
Also keep in mind that pf evaluates the state table before any rules, and if there's a remaining state for the IP address it will still have access even if you add a block rule. You need to kill any remaining states for that IP after adding the rule, and I'm not sure if pf does this automagically. toss up your ruleset and NAT tables on a pastebin and I'll have a look at them. I'm assuming the malicious IP is external. Seems like a silly question, but you'd be surprised. On Sat, Sep 26, 2009 at 6:07 PM, Chris Buechler wrote: > On Sat, Sep 26, 2009 at 11:04 PM, Chris Flugstad > wrote: > > I have public IP's on my LAN and outbound NAT off. I have a ip address > that > > is somewhat malicious and needed to block traffic to and from it. > > i tried making fw rules but that didnt work > > > > any ideas? > > > > That's all you need to do. Make sure they're in the right order, first > match wins. > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > >
Re: [pfSense Support] A note about top vs bottom posting -- please read and make sure you bottom post on our lists. Thank you.
On Wed, Jul 29, 2009 at 1:56 PM, Scott Ullrich wrote: > On Wed, Jul 29, 2009 at 1:54 PM, Curtis > LaMasters wrote: > > I actually find that to be annoying to read. However, in the spirit > > of good internetship, I'll oblige. Sorry any problems I may have > > caused. Let me know if I did that correctly. > > That looks correct. Unfortunately this is the way mailing lists have > operated for as long as I have remembered. > > Scott > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > Similarly I'm perfectly willing to oblige to keep the peace, even if it's irritating in my default mail program. It's a trivial effort on my part and I'm happy to do it.
Re: [pfSense Support] A note about top vs bottom posting -- please read and make sure you bottom post on our lists. Thank you.
On Wed, Jul 29, 2009 at 1:45 PM, Curtis LaMasters wrote: > Gotta tell you guys...this is out right frustrating. Is it the fact > that I'm using Gmail or that by definition, threading in email is > broken by design. I would have imagined that the Spamassassin mailing > list would have eaten all Gmail users alive if Gmail were the issue. > > Curtis LaMasters > http://www.curtis-lamasters.com > http://www.builtnetworks.com > > > > On Wed, Jul 29, 2009 at 12:42 PM, David Burgess wrote: > > The current is an example of top-posting, in response to your > > top-post. I don't think you've bottom-posted in this thread yet. > > > > db > > > > On Wed, Jul 29, 2009 at 11:41 AM, Curtis > > LaMasters wrote: > >> To which one? > >> > >> Curtis LaMasters > >> http://www.curtis-lamasters.com > >> http://www.builtnetworks.com > >> > >> > >> > >> On Wed, Jul 29, 2009 at 12:40 PM, David Burgess > wrote: > >>> Yes. > >>> > >>> On Wed, Jul 29, 2009 at 11:38 AM, Curtis > >>> LaMasters wrote: > This is top posting apparently. > > Curtis LaMasters > http://www.curtis-lamasters.com > http://www.builtnetworks.com > > > > On Wed, Jul 29, 2009 at 12:34 PM, wrote: > > > > > > On Wed, Jul 29, 2009 at 1:33 PM, Curtis LaMasters > > wrote: > >> > >> And I think the point is being missed. WHY WAS MY MESSAGE VIEWED AS > >> TOP POSTED. Ok, I committed my internet crime of YELLING in caps > for > >> the day. In Gmail, is there a proper way to not top post? > >> > >> Curtis LaMasters > >> http://www.curtis-lamasters.com > >> http://www.builtnetworks.com > >> > >> > >> > >> On Wed, Jul 29, 2009 at 12:28 PM, David Burgess > wrote: > >> > On Wed, Jul 29, 2009 at 11:25 AM, Curtis > >> > LaMasters wrote: > >> >> Thanks Scott. I know what top posting is...I just don't know why > you > >> >> think I did. I hit reply, type my message and go forth. Didn't > think > >> >> it needed to be any harder than that. > >> > > >> > It can be a lot harder than that. It's effectively illustrated in > the > >> > links that Scott provided. A little effort in replying can save a > lot > >> > of wasted effort in trying to bring oneself up to speed or refresh > >> > one's memory on a long thread. > >> > > >> > db > >> > > >> > > - > >> > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > >> > For additional commands, e-mail: support-h...@pfsense.com > >> > > >> > Commercial support available - https://portal.pfsense.org > >> > > >> > > >> > >> > - > >> To unsubscribe, e-mail: support-unsubscr...@pfsense.com > >> For additional commands, e-mail: support-h...@pfsense.com > >> > >> Commercial support available - https://portal.pfsense.org > >> > > > > flick the scroll wheel to get to the bottom of the post basically. > > > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > > >>> > >>> - > >>> To unsubscribe, e-mail: support-unsubscr...@pfsense.com > >>> For additional commands, e-mail: support-h...@pfsense.com > >>> > >>> Commercial support available - https://portal.pfsense.org > >>> > >>> > >> > >> - > >> To unsubscribe, e-mail: support-unsubscr...@pfsense.com > >> For additional commands, e-mail: support-h...@pfsense.com > >> > >> Commercial support available - https://portal.pfsense.org > >> > >> > > > > - > > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > > For additional commands, e-mail: support-h...@pfsense.com > > > > Commercial support available - https://portal.pfsense.org > > > > > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > >From the first post I knew this would be a popcorn-worthy event. Which is why I tried to jump in early and be at least moderately helpful.
Re: [pfSense Support] A note about top vs bottom posting -- please read and make sure you bottom post on our lists. Thank you.
On Wed, Jul 29, 2009 at 1:33 PM, Curtis LaMasters wrote: > And I think the point is being missed. WHY WAS MY MESSAGE VIEWED AS > TOP POSTED. Ok, I committed my internet crime of YELLING in caps for > the day. In Gmail, is there a proper way to not top post? > > Curtis LaMasters > http://www.curtis-lamasters.com > http://www.builtnetworks.com > > > > On Wed, Jul 29, 2009 at 12:28 PM, David Burgess wrote: > > On Wed, Jul 29, 2009 at 11:25 AM, Curtis > > LaMasters wrote: > >> Thanks Scott. I know what top posting is...I just don't know why you > >> think I did. I hit reply, type my message and go forth. Didn't think > >> it needed to be any harder than that. > > > > It can be a lot harder than that. It's effectively illustrated in the > > links that Scott provided. A little effort in replying can save a lot > > of wasted effort in trying to bring oneself up to speed or refresh > > one's memory on a long thread. > > > > db > > > > - > > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > > For additional commands, e-mail: support-h...@pfsense.com > > > > Commercial support available - https://portal.pfsense.org > > > > > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > flick the scroll wheel to get to the bottom of the post basically.
Re: [pfSense Support] A note about top vs bottom posting -- please read and make sure you bottom post on our lists. Thank you.
On Wed, Jul 29, 2009 at 1:25 PM, Curtis LaMasters wrote: > Thanks Scott. I know what top posting is...I just don't know why you > think I did. I hit reply, type my message and go forth. Didn't think > it needed to be any harder than that. > > Curtis LaMasters > http://www.curtis-lamasters.com > http://www.builtnetworks.com > > > > On Wed, Jul 29, 2009 at 12:15 PM, Scott Ullrich wrote: > > http://www.caliburn.nl/topposting.html > > http://idallen.com/topposting.html > > > > Thank you > > > > Scott > > > > - > > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > > For additional commands, e-mail: support-h...@pfsense.com > > > > Commercial support available - https://portal.pfsense.org > > > > > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > Unfortunately Gmail top posts by default. So expecting bottom posting to be and to remain the default behavior may be an exercise in futility. proper ettiquite or not, some people just bang off replies and figure everything is a-ok. This being a reason, not an excuse.
Re: [pfSense Support] QoS with no ingress interface
I see. I was thinking of a more general solution. I'm more familiar with PF under OpenBSD than on PfSense. I see what's going on now. On Fri, May 29, 2009 at 1:42 PM, David Burgess wrote: > On Fri, May 29, 2009 at 11:38 AM, wrote: > > Your VOIP traffic is originating from the PFsense box itself? there's no > > interface that the trafffic comes in through? does the traffic originate > at > > the machine's loopback interface? > > My voip traffic does originate from pfsense because I'm running the > freeswitch package. I had a filter prioritizing traffic from internal > extensions, but it doesn't cover things like voice mail, music on > hold, IVRs, all of which originate from the freeswitch package running > on pfsense. > > Another reason look forward to the 2.0 release, I guess. > > db > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > >
Re: [pfSense Support] QoS with no ingress interface
Your VOIP traffic is originating from the PFsense box itself? there's no interface that the trafffic comes in through? does the traffic originate at the machine's loopback interface? On Fri, May 29, 2009 at 1:35 PM, David Burgess wrote: > I asked this on the forum but didn't get any info: > http://forum.pfsense.org/index.php/topic,16361.0.html > > Basically I want to filter traffic that originates from pfsense > itself. The traffic shaper GUI requires that I define an IN and OUT > interface, which doesn't seem to apply in this case. I tried setting > IN and OUT interface both to WAN but it threw a "no parent queue" > error. Any ideas? Is that a limitation of PF or is there a script file > I can edit somewhere on pfsense? > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > >
Re: [pfSense Support] Milliseconds latency QOS
All you can do is assign a queue to pass VOIP packets with the highest priority. you can't lower the latency past whatever the nominal latency of your line is. No QoS allows for more than priority processing. On Fri, May 29, 2009 at 1:26 PM, Mikel Jimenez wrote: > Hello > > Qhere I can define certain queue, (for example VOIP) to dont have more than > X latency? > > Is this possible with Pfsense? > > Thanks > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > >
