[pfSense] When will we get manual logout option?

2013-04-28 Thread Khurram Masood
AOA guys! We have success fully setup manual logout by editing captiveportal.inc and system.inc. Our users can type the url logout.x.y.z and they get a logout page along with billing info. What I am worried about is that when we ll upgrade to the newer version we have two choices; i. We do the

Re: [pfSense] Problems with ACPI and Intel 82441PI

2013-04-28 Thread Mike Brady
Quoting Mike Brady : I have a couple of AR Infotek 5020 (http://www.arinfotek.com.tw/product.php?gid=1&pid=104) that I am having a couple of problems with that I do not how to go about resolving. Firstly, pfsense fails to boot with ACPI enabled. I have tried pfsense versions 2.0.1, 2.0

Re: [pfSense] help

2013-04-28 Thread Vick Khera
On Wed, Apr 24, 2013 at 10:36 AM, eyobe kebede wrote: > public ip 197.156.75.54 our side and 197.156.75.53 ISP side > Well, now you have just shared some new information. Try this: set your public IP to 197.156.75.54 and the default route to the .53 address, and the netmask to 255.255.255.252.

Re: [pfSense] Packet capture

2013-04-28 Thread Jason Pyeron
Yeah, that is what I quoted. Once you told me about the pflog0 I googled it. It seems that it is not just a copy of the headers that get sent to that virtual interface, but it is really pflogd that truncates the packets when putting them in /var/log/pflog. The page lied :) So now I have pflog0 (u

Re: [pfSense] Packet capture

2013-04-28 Thread James Records
Jason, Take a look at this: http://www.openbsd.org/faq/pf/logging.html Should help you out a bit. -- James Records | Principle Network Engineer M 425.984.4349 E ja...@northshoresoftware.com W www.northshoresoftware.com On Sun, Apr 28, 2013 at 1:21 PM, Jason Pyeron wrote: > ** > Nice.

Re: [pfSense] Packet capture

2013-04-28 Thread Jason Pyeron
Nice. I did not now about that. "When a packet is logged by PF, a copy of the packet header is sent to a pflog(4) interface along with some additional data such as the interface the packet was transiting, the act

Re: [pfSense] Packet capture

2013-04-28 Thread James Records
Jason, I think what you want is the pflog0 interface. -- James Records | Principle Network Engineer M 425.984.4349 E ja...@northshoresoftware.com W www.northshoresoftware.com On Sun, Apr 28, 2013 at 9:46 AM, Jason Pyeron wrote: > ** > Yes the interface for packet capture is nice for a int

Re: [pfSense] Packet capture

2013-04-28 Thread Jason Pyeron
To answer my own question: jpyeron@black /tmp $ ssh root@firewall 'tcpdump -i bridge0 -s0 -w -' > /tmp/fw35.pcap tcpdump: WARNING: bridge0: no IPv4 address assigned tcpdump: listening on bridge0, link-type EN10MB (Ethernet), capture size 65535 bytes now to subtract the bridge0 from the em0 pcap

Re: [pfSense] Packet capture

2013-04-28 Thread Jason Pyeron
Yes the interface for packet capture is nice for a interactive quick look, but it is not a solution for an automated ingest system for 24x7 capture. regarding the logs: {mail} Sun Apr 28 11:07:58 EDT 2013 INFO pf: 00:00:00.001738 rule 23/0(match): block in on em0: (tos 0x0, ttl 116, id 4687, of

Re: [pfSense] Packet capture

2013-04-28 Thread Trevor Benson
Have you tried using the built in packet capture under diagnostics? This will clean up your ssh traffic, which is what I assume you mean by tcpdump recursice traffic. Plus you can download a pcap to examine more closely in wireshark. As for traffic denied by the firewall have you tried looking at

[pfSense] Packet capture

2013-04-28 Thread Jason Pyeron
I am looking to capture all the packets that are traversing and attempting to traverse the firewall. If I use tcpdump -i WAN I get all the packets, if I use tcpdump -i LAN then I only get the packets that made it past the firewall plus the recursive traffic of my pcap data leaving the firewall too