Re: [pfSense] SSH goes straight to shell

On Sat, Jul 23, 2016 at 9:51 PM, David Burgess wrote: > 2.1.5-RELEASE (amd64) >Can I change it back to the console somewhere? To answer my own question, the person who restored the config disabled the default admin account and created a new admin account with a different login. Apparently

[pfSense] SSH goes straight to shell

2.1.5-RELEASE (amd64) I had somebody restore the config from backup today using the serial port, as I am off site. Now when I ssh in I get a shell, whereas before I would see the console with a summary of interfaces and 13 or so options. Can I change it back to the console somewhere? db _

Re: [pfSense] PFSense for high-bandwith environments

On Feb 23, 2016 7:01 PM, "Jim Thompson" wrote: > > perhaps you have a different definition of ‘wire speed’. You have to fill the link with min-sized packets for “wire speed”. > (It’s trivial with large packets.) > > This is, of course, what is probably happing with 2-3K The definition I had in m

Re: [pfSense] PFSense for high-bandwith environments

On Thu, Feb 18, 2016 at 10:26 AM, Giles Davis wrote: > > > Using Intel E3-1270s and Intel 10G NICs (forget the exact model, but > they use the BSD ix driver) we start seeing packet loss and a general > maximum throughput at around 1-1.2Gbit. Our 'solution' so far of just > adding more appliances a

Re: [pfSense] Remote squid log

: > > Log location must start with a / character. > > > Is there a way to handle this? > > I need it to be saved remotely :( > > Can you mount the remote filesystem locally? I have run squid using pfSense on a cf card and mounting a second device for the squid cache. I don't remember if I used

Re: [pfSense] Confg Captive Portal using pfsense newbie

> Laptop / Pfsense ===> Access Point ===> Client > > Note : > > IP pfsense (Virtual ) = 192.168.0.1 > IP Laptop USB Lan = 192.168.0.2 > IP Laptop Onboard = 192.168.0.4 > IP Access Point = 192.168.0.3 (Note : DHCP disabled, just for access point > woifi, IP from pfsense SHCP Server) > > DHCP starte

Re: [pfSense] Multi-Wan Setup, High Availability and Traffic Segmentation

On Fri, Nov 13, 2015 at 8:09 AM, David White wrote: > I have a unique scenario: That sounds like a fairly standard use of multi-WAN, with vlan thrown in for flavour. Did you look at this page? If so, do you have any specific questions or problems with it? https://doc

[pfSense] replies that don't follow routing table

pfsense 2.1.3 WAN | pfsense /\ LANOPT1 pfsense has its default route on the WAN, and certain OSPF routes on OPT1. When connection requests arrive on OPT1 for a server on the LAN, pfsense correctly routes the incoming connection to the LAN server. The reply from the server, howev

Re: [pfSense] Why no dnssec in dnsmasq by default?

On Mon, Aug 24, 2015 at 1:19 PM, A Mohan Rao wrote: > Chris SIR, > I m using squid and squid guard its working good but some important sites r > not opening given message ip-addr target group i also make rule for that > still have same issue. Also add to whitelist. > If i m use internet without pf

Re: [pfSense] How do I harden my pfsense install WRT TLS and ssh?

On Fri, Jul 24, 2015 at 4:14 PM, Ted Byers wrote: > Thanks for this. I'd hoped it would be as simple as apt-get-update && > apt-get upgrade && apt-get update openssh-server. That is,whatever the > equivalent of apt-get is on a pfsense machine, I'd hoped it would be a > command invoked from ssh t

Re: [pfSense] Access Point Recommendations?

On Fri, Jul 17, 2015 at 8:45 AM, Chuck Mariotti wrote: > We are having a number of issues with Engenius Access Points... they seems to > have the features we need but for some reason, connectivity is not reliable > (seems Mac related). As much time as I would like to spend debugging it, it > wo

Re: [pfSense] Using on Fiber

On Fri, Jun 5, 2015 at 9:43 AM, Ryan Coleman wrote: > Hmm. I wonder why my file transfers never exceed 10MB/sec then… I’ve been > trying to migrate many TB of data via SCP That's likely the issue right there. ssh/scp/sftp won't go faster than that with the default settings. It might have to do

Re: [pfSense] Assign IP Address with /32 Mask on WAN Interface

On Mar 30, 2015 11:53 AM, "WebDawg" wrote: >> > > Your default gateway HAS to be on the same subnet. > My ISP assigns me a /32 WAN address and a gateway on another subnet via pppoe. It hasn't been an issue. I've never tried self-assigning a /32 to an interface in pfSense, however. db __

Re: [pfSense] terrible performance on NFS & CIFS

On Wed, Nov 5, 2014 at 5:47 PM, Adam Thompson wrote: > Problem: really, really bad performance (<10Mbps) on both NFS (both tcp > and udp) and CIFS through pfSense. > In my experience, latency is the big buzzkill for CIFS. It seems like any latency will slow things down, and the more you have, th

[pfSense] log grep inconsistency

I have two firewalls running pfsense 2.1.3 amd64. One is nanobsd, the other is full install. Why is it that when I do 'grep band /var/log/ppp.log' on the embedded system I get the expected output of lines containing "band", while on the full system I only get "Binary file /var/log/ppp.log matches"

Re: [pfSense] Some packages not reinstalled after upgrade

On Sat, May 3, 2014 at 4:23 AM, David Burgess wrote: > I just upgraded a nanoBSD system from 2.1 to 2.1.3. All appeared to go > well, except that the Quagga OSPF package was not automatically > reinstalled after the reboot. Four other packages were automatically > reinstalled. J

[pfSense] Some packages not reinstalled after upgrade

I just upgraded a nanoBSD system from 2.1 to 2.1.3. All appeared to go well, except that the Quagga OSPF package was not automatically reinstalled after the reboot. Four other packages were automatically reinstalled. I thought I saw Quagga OSPF being installed when I reloaded the dashboard shortly

Re: [pfSense] apinger not noticing good connection

> Anyone else seeing apinger losing packets while ping doesn't? For many days now the gateway widget on my 2.1 box has been reporting packet loss in the 300-500% range. Meanwhile ping and RRD show no packet loss. This same system was recently showing a baseline of 2% loss in RRD while ping showed

Re: [pfSense] RDP port forward based on destination name.

On Thu, Mar 27, 2014 at 1:37 PM, greg whynott wrote: > if you RDP to: you'll land on the internal server: > > host1.foo.com 10.101.1.2 > host2.foo.com 10.101.3.4 > host3.foo.com 10.101.1.8 If you're using pfsense's DNS forwarder you can add host overrides for those three. Thi

Re: [pfSense] restoring nanobsd config to full install

On Wed, Mar 26, 2014 at 10:12 AM, David Burgess wrote: > I'm just getting a generic error. I found a missing xml tag using N++'s XML plugin from where I had manually added some vlan interfaces. You learn something every day. db ___ List

Re: [pfSense] restoring nanobsd config to full install

On Wed, Mar 26, 2014 at 9:57 AM, Vick Khera wrote: > it should work. it will prompt you for the new NICs to map into > WAN/LAN and you're good to go. I'm just getting a generic error. I don't see anything in the system log or dmesg to indicate what went wrong. I did edit the config file in Notepa

[pfSense] restoring nanobsd config to full install

I have a config backup from a pfsense 2.1 i386 nanoBSD install that I have tried to restore to a new pfsense 2.1 amd64 full install, but I get a generic error when trying to do the restore in the GUI. A quick glance at the backed up config and a one pulled from the new install doesn't show any obvi

Re: [pfSense] Odd symptoms from embedded 2.1-RELEASE

On Thu, Mar 20, 2014 at 10:12 AM, Ryan Coleman wrote: > So I’m going to try and fix it if there’s someone that is willing to help me > out today.. this just blows my mind - it’s like it loses the firewall > configuration and then falls to a default. > > None of the VLANs are passing data. Have yo

Re: [pfSense] Odd symptoms from embedded 2.1-RELEASE

On Mar 19, 2014 2:33 PM, "Brian Candler" wrote: > > (1) MTU problem / PMTU discovery / blocked ICMP Was my first thought. db ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Captive Portal: Per-client speed

On Wed, Mar 5, 2014 at 11:31 AM, Ryan Coleman wrote: > It appears I can throttle individual users on the Captive Portal, but how can > I limit the speed of that entire network? Is that through Traffic Shaping? > And how would I do that? Create a limiter (up and down, if desired) without a mask.

Re: [pfSense] blank lines in DHCP lease list

It's funny how something can dog you for a long time, and as soon as you ask for help, you get new insight. I found and deleted three tags in the DHCP config file, uploaded it again, and the lines are gone. db ___ List mailing list List@lists.pfsense.o

Re: [pfSense] blank lines in DHCP lease list

On Wed, Feb 26, 2014 at 3:46 PM, Ryan Coleman wrote: > Did you update the software before they started appearing? I’ve seen things > from 2.0 to 2.1 not carry over all their information. I believe this system was a fresh install of 2.1 with config by hand. I know that I did something at the tim

[pfSense] blank lines in DHCP lease list

Pic attached. This situation has survived many reboots. Is there are remedy for this? db <>___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] RFC3442 problem

On Tue, Feb 25, 2014 at 4:59 PM, Jeremy Porter wrote: > The correct fix, is don't use the Static Route option, as class full routes > haven't made any sense since 1993. DHCP option 121 is specifically for classless routes. > I've always seen the server side interpreted as the "server SHOULD NOT

Re: [pfSense] RFC3442 problem

On Tue, Feb 25, 2014 at 11:45 AM, David Burgess wrote: > If I didn't get it wrong, this is how it breaks down: Ok, so I did get it wrong. The RFC states that with a mask width of 0, there are 0 significant octets in the destination descriptor, so my string had an extra 00: in it, an

[pfSense] RFC3442 problem

pfsense 2.1 amd64 >From the RFC: "When a DHCP client requests the Classless Static Routes option and also requests either or both of the Router option and the Static Routes option, and the DHCP server is sending Classless Static Routes options to that client, the server SHOULD NOT inc

Re: [pfSense] can ping gateway on link

On Tue, Feb 25, 2014 at 10:11 AM, Brian Candler wrote: > Regards, > > Brian. Thanks for your input. I have decided to eliminate 10.1.0.253 as a DNS resolver altogether, since the possiblity exist to create a DNS loop due to the way my network is configured. I have opted instead to use an upstre

Re: [pfSense] can ping gateway on link

After some playing with it I've learned a few things. The gateway groups appear to be irrelevant to my problem. Setting a gateway as DNS server breaks the system. Reversing the setting doesn't fix the problem because the self-referring route remains. I tried deleting the route in the shell but I go

Re: [pfSense] can ping gateway on link

On Tue, Feb 25, 2014 at 2:20 AM, Brian Candler wrote: > This looks wrong. I don't see why destination 10.1.0.253 has a static route > to 10.1.0.253. I agree. I'm not sure why that's there. Here's some additional info. Action -- Result 1. set all gateways to default -- no change 2. deleted gate

Re: [pfSense] can ping gateway on link

On Mon, Feb 24, 2014 at 3:19 PM, Brian Candler wrote: > Do you see anything in 'dmesg' when you do this? Yes. Thanks for the tip. I see nothing but a sea of "arpresolve: can't allocate llinfo for 10.1.0.253". Some googling turns up this: https://redmine.pfsense.org/issues/337 but that issue is

[pfSense] can ping gateway on link

I have a gateway on a local link (via wireless bridge) that is being reported as down. When I attempt to ping that gateway from the shell I get [2.1-RELEASE][root@pfsense]: ping 10.1.0.253 PING 10.1.0.253 (10.1.0.253): 56 data bytes ping: sendto: Invalid argument but if I 'arping' the same host I

Re: [pfSense] gateway not accepting alternative monitor IP

On Sun, Feb 23, 2014 at 3:37 AM, Chris Buechler wrote: > Do you by chance have duplicate gateway entries in your config? There was a duplicate entry in the config. I deleted it and all is working as expected now. Thanks for the tip. On a related note, is there no partial config that can be down

Re: [pfSense] Limiter with dynamic pipe on floating rules

On Fri, Feb 21, 2014 at 7:50 AM, tibz wrote: > Basically, we are protecting a /24 public network and would like to limit > some IPs to some bandwidht, ie: > IP-1 to IP-10 at 1mbps each > IP11 to IP-20 at 2mbps each > IP21 to IP-30 at 5mbps each > the rest default up to 10mbps each I use Match f

Re: [pfSense] gateway not accepting alternative monitor IP

On Thu, Feb 20, 2014 at 9:39 PM, Ryan Coleman wrote: > I saw this today with 2.0.3 and it was caching the page. Have you tried a > different browser? Yes, and from a different computer. I've also tried force reloading the page. db ___ List mailing lis

[pfSense] gateway not accepting alternative monitor IP

pfsense 2.1 amd64 When I enter an alternative monitoring IP and hit save, pfsense takes me back to the list of gateways and the monitoring IP is listed as the default. I've tried entering a couple of addresses in there and they don't stick after hitting Save or Apply. What am I missing? db __

[pfSense] uploading partial config does not apply changes

pfsense 2.1 Sometimes I want to make multiple changes to a portion of my config, such as static routes. Rather than plowing through the GUI, I just download that portion of the config, edit, and upload again. At this point the GUI tells me the config has been uploaded, but the new static routes d

Re: [pfSense] Netgate's customized pfSense release

On Thu, Feb 13, 2014 at 9:54 AM, Andrew Hull wrote: > My knee jerk reaction is that this is A Bad Thing(tm), and I reloaded the > devices with images from ESF. Does anyone here have a strong opinion one way > or the other? My first reaction is that the branding is a good thing. Netgate brings pf

Re: [pfSense] FreeBSD 10.0 on Ubiquiti EdgeRouter Lite

On Wed, Feb 12, 2014 at 8:30 AM, Jim Thompson wrote: > you know it’s ipv4-only, right? (there should be a layer2 version as well, > but you can’t run both.) If I had a choice between v4-only acceleration and no acceleration, I'd take the former. I'm using two of these devices right now, and a

Re: [pfSense] FreeBSD 10.0 on Ubiquiti EdgeRouter Lite

On Feb 11, 2014 5:55 AM, "Jim Thompson" wrote: > > > Thanks for this. > > As before, we'll supply a solution for pfSense on the ERL after 2.2 (based on FreeBSD 10) after 2.2 drops. > > -- Jim That's great news. Does anybody care to speculate whether FreeBSD will be able to take advantage of the p

[pfSense] ICMP host unreachable and RFC1918

pfsense 2.1 I have internal subnets in the 10.0.0.0/14 address space and also a public subnet x.x.x.240/28 that is routed statically to pfsense's WAN address. pfsense sits at the edge of the network and I have another router whose only internet access is through pfsense. The x.x.x.240/28 public su

[pfSense] Fwd: shaper hint

pfsense 2.1 amd64 I'm using the shaper with the priq scheduler and a WAN bandwidth of 2100 kbit/s. Looking at my RRD Quality graphs, latency to my next hop on WAN gets really high and packet loss tops 50% during a period of time where the "WAN out" max speed is showing 2.27 Mbps. How is the WAN p

Re: [pfSense] Processes

On Jan 22, 2014 6:59 PM, "Brian Caouette" wrote: > > What would cause CPU to run high on pfSense? I'm not running any extra packages. I am back to the base install. I doubled my memory thinking it would help with performance. It didn't. Is there a way to see everything running and what its using?

Re: [pfSense] AR9280 network adapter not working

On Wed, Dec 11, 2013 at 4:15 PM, Marco wrote: > After a reboot the error vanished and the network adapter seems to > work. I didn't change a thing, maybe the network setup requires a > reboot, I'm not sure. Anyway, I can't reproduce the problem any > longer. Sorry for the noise. Interface change

Re: [pfSense] Traffic Graph: Not reflecting reality?

On Nov 6, 2013 4:32 PM, "Dave Warren" wrote: > > Last I looked, it happened on all of my interfaces, but I'm 100% VLAN'd here, my entire box runs on one single port. Same here, except I don't see it on my WAN. My WAN is MLPPP over vlans. On 2.0 I saw this double traffic on the WAN only. db _

Re: [pfSense] Traffic Graph: Not reflecting reality?

On Nov 6, 2013 2:17 PM, "Dave Warren" wrote: > > I'm wondering if it's possible that data in the Traffic Graph is not showing up correctly? > > I don't use a proxy server any my internal interface graphs usually report double traffic. Only the real time graphs though, as rrd looks correct. db __

Re: [pfSense] Alix Update 2.0.3 to 2.1 fails with 11 interfaces (/var full)

On Fri, Oct 11, 2013 at 3:25 PM, Jim Pingle wrote: > On 2.1 you can adjust the /var and /tmp sizes under System > Advanced on > the Miscellaneous tab. > Right! I had forgot about that. So following the original topic, could one more probably ensure a successful upgrade to 2.1 by increasing the

Re: [pfSense] Alix Update 2.0.3 to 2.1 fails with 11 interfaces (/var full)

On Fri, Oct 11, 2013 at 2:58 PM, Jens Kühnel wrote: > > and are where are possibilities to change that? It's not in the fstab! > /etc/rc.embedded ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Alix Update 2.0.3 to 2.1 fails with 11 interfaces (/var full)

On Oct 9, 2013 7:05 PM, "Jens Kühnel" wrote: > "NanoBSD", "update 2.1" and "embedded", but could not find anything. > I also checked the forum, but I could only find file system full when I too came up dry when researching this issue. I ended up grabbing a spare system and restoring my running c

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

On Wed, Oct 9, 2013 at 10:38 AM, Jim Thompson wrote: > > > So asking the question is stupid(*), because a lie is indistinguishable > from the truth. > > I disagree on that point. Even if one is sure to get a "no" answer, regardless of the truth, it is still useful to ask the question for at least

[pfSense] RFC 3021

Are there any plans to implement this in pfsense? I do a lot of PtP links and this would be handy. db ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] RRD traffic lost after 2.0.3 -> 2.1

On Tue, Oct 1, 2013 at 3:45 AM, Seth Mos wrote: > > No idea why it isn't doing that for you. I only know of issues on nanobsd. > > Cheers, > Seth > That's twice in 12 days you've mentioned that. Care to elaborate? I've done some searching and found nothing that looks like what you've described

[pfSense] bug upgrading to 2.1 on nanobsd?

In a recent thread there was mention of a RRD bug when upgrading to 2.1 on nanobsd systems where the /tmp filesystem would fill up, resulting in a sytem with no valid interfaces. I have two production systems to be upgraded, one running 2.0.1 and the other running 2.1RC0, both nanobsd, so this pro

Re: [pfSense] routing - additional route on WAN doesn't work

On Wed, Sep 25, 2013 at 2:17 PM, Adam Thompson wrote: >> If I'm not mistaken, this is the rule that prevents me from reaching the >> remote subnet via 184.70.48.188. Unfortunately, this is a system-generated >> rule. Suggestions? Are you suggesting that all of the traffic originating from pfse

Re: [pfSense] Allow group of non-contiguous IP's to LDAP

On Tue, Sep 3, 2013 at 2:38 PM, David Burgess wrote: > Use an alias as your source. Aliases can be created in Firewall: > Aliases and can reference multiple addresses, ranges, and/or subnets. > > db Sorry for the previous top-post. Gmail is

Re: [pfSense] Allow group of non-contiguous IP's to LDAP

Use an alias as your source. Aliases can be created in Firewall: Aliases and can reference multiple addresses, ranges, and/or subnets. db On Tue, Sep 3, 2013 at 2:30 PM, Marc R. Meshurle Jr. wrote: > I have a situation where I am doing external LDAP authentication with a mail > server. The vendo

Re: [pfSense] lock-ups

On Sat, Jun 8, 2013 at 8:36 PM, Jason Pyeron wrote: > ** > The only time I have observed that type of problem was when the power > supply was browning out, ensure that your power supply is of a good quality > and sufficient amperage. > Thanks for the input. My power supply is actually a DC setu

[pfSense] lock-ups

*2.1-BETA1 * (amd64) built on Wed May 1 12:20:46 EDT 2013 FreeBSD 8.3-RELEASE-p8 I've had a couple of lock-ups in the past month where pfsense is unresponsive on all interfaces, at least at layer 3. This is a remote site so I don't have access to layer 2 or the vga cons

Re: [pfSense] Multiple Crashes 2.0.2

> Let me keep an eye on MBUF utilisation tomorrow. > > Does anyone know the SNMP OID for MBUF, if it can be monitored over it? > > Maybe not as handy as SNMP, but I have used the following cron job to monitor mbufs. 00***root/bin/date >> /conf/netstat-m.log ; /usr/bin/upti

Re: [pfSense] Multiple Crashes 2.0.2

On Tue, Jun 4, 2013 at 9:36 AM, Nishant Sharma wrote: > > On 4 Jun 2013 20:59, "Ermal Luçi" wrote: > > > > That means probably mbuf exhaustion. > > Can you try up kern.ipc.nmbclusters="131072" > > That is already in place. I increased it after few crashes 3 months > before. What is the value I ca

Re: [pfSense] Need advise or best practice for pfsense NAT

On 2013-05-21 10:28 PM, "Makara" wrote: > > Hi List, > > We are using pfsense for NAT purpose, around 1000 customers concurrent and the bandwidth is around 500MBPS. We have problem the pfsense is stuck around 1 or 2 week always. You may want to try some of these: http://doc.pfsense.org/index.php

[pfSense] boot delays

I'm sure this is documented somewhere, but I just can't find it, so I apologize for asking again. There appear to be two delays when booting pfsense, the first at the F1 prompt, the second at the menu of 10 ways to boot pfsense. I'm running nanoBSD, so I don't want to remove the F1 prompt, but I w

Re: [pfSense] SOHO Router for VPN to pfSense

On Mon, Apr 29, 2013 at 10:35 AM, Chris Bagnall wrote: > On 29/4/13 5:11 pm, David Burgess wrote: > >> It could just be my own ignorance, but I have had little success trying to >> connect a pair of pfsense firewalls via OpenVPN. >> > > Really? I must admit it

Re: [pfSense] SOHO Router for VPN to pfSense

On Mon, Apr 29, 2013 at 10:01 AM, Chris Bagnall wrote: > On 29/4/13 2:35 pm, j...@millican.us wrote: > >> I have a task to connect a number of small/home offices via VPN (OpenVPN >> is preferred but could be IPSEC) to a central location that has a >> pfSense box as its FW/Router. Does anyone have

Re: [pfSense] Snort taking ages to reload

On Fri, Feb 22, 2013 at 9:22 AM, b...@todoo.biz wrote: > Hi, > > I was wondering if It is normal that snort takes ages to reload after each > modification we are doing ? > It takes an average of 1 to 5 minutes to reload and give back the control > through the GUI. Which version of pfsense and s

Re: [pfSense] 2.0.1-RELEASE Not blocking

On Thu, Feb 21, 2013 at 2:12 PM, Gerald Waugh wrote: > "No rules are currently defined for this interface > All incoming connections on this interface will be blocked until you add > pass rules." Are you using squid or some other proxy? If your hosts are talking to a proxy rather than internet

Re: [pfSense] 2.0.1-RELEASE Not blocking

On Thu, Feb 21, 2013 at 11:03 AM, Gerald Waugh wrote: > I must be missing something basic. > I have setup several pfSense systems, but my latest one in not blocking. > this current firewall > I have several firewall rules for the WAN port, and none are working. > > > Is there some basic thing tha

Re: [pfSense] Bridging WAN to OPT for only one IP in a /27

On Thu, Jan 31, 2013 at 12:29 PM, j...@millican.us wrote: > Hello, > Probably a newbish question but I would like a sanity check before I go down > a blind alley. I have a /27 from my provider feeding into a pfSense 2.0.2 > box. I was hoping to be able to Bridge the WAN to one of the OPT interfa

Re: [pfSense] WRAP

On 2013-01-05 10:22 AM, "Jim Thompson" wrote: > > We sell more than a few boxes with D510s. The office is even connected by one. > > The GUI doesn't seem sluggish on these at all. It is a little pokey on an Alix (Geode). > > Perhaps something else was at issue? I have 13 traffic graphs on the da

Re: [pfSense] WRAP

On 2013-01-05 10:16 AM, "David Burgess" wrote: >Hugo Sorry, Ugo, autocorrect. db ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] WRAP

On 2013-01-05 4:59 AM, "Eugen Leitl" wrote: > With the speed of courrent connections (100+ MBit/s) lulz. You noticed Hugo is in Canada, eh? To be fair, we can get up to 250 Mbps in a few urban centres, but 6/1 DSL is way more common by my accounting. That said, I ran pfSense on an Atom d510, bu

[pfSense] dashboard graphs fail

2.0.2-RELEASE (amd64) Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz I have a traffic graphs applet running on the dashboard. This machine has 16 interfaces, but only 6 graphs are expanded by default. The graphs update every 1 second. Under 2.0 (and the betas) these graphs worked well, even when running a

Re: [pfSense] 2.0.2 release now available

On Mon, Dec 24, 2012 at 2:04 AM, Chris Buechler wrote: > Renato (rbgarga), a long time contributor on > the open source side, is starting full time with us on January 2. His > first month will largely be dedicated to 2.1, and a month of work will > be enough to get it to RC1 status with release no

Re: [pfSense] update from 2.0.1 to 2.1 HEAD

On Sat, Dec 8, 2012 at 11:10 AM, Chris Bagnall wrote: > You, sir, have my thanks. Good news: http://forum.pfsense.org/index.php/topic,48256.msg302923.html#msg302923 I haven't tried it myself yet. db ___ List mailing list List@lists.pfsense.org http:

Re: [pfSense] update from 2.0.1 to 2.1 HEAD

On Sat, Dec 8, 2012 at 9:20 AM, David Lawley wrote: > Been thinking about updating to current 2.1 Beta. > > Curious what issues folks have run into, if any. I'm sure there might be > one or two gotchas along the way... Some CF cards are exceptionally slow to change from ro mount to rw. Recent b

Re: [pfSense] fast CF cards?

On Wed, Nov 7, 2012 at 9:46 AM, Jim Thompson wrote: > > We've also never had a Kingston CF fail that I know of. > > Thanks, everybody, for the feedback. I settled on a Sandisk 200x 8GB. There were some Kingston's available with much faster ratings, but after reading some reviews of them, it seems

Re: [pfSense] fast CF cards?

On Tue, Nov 6, 2012 at 12:30 PM, Jim Pingle wrote: > > I have a Sandisk 200x (30MB/s) 4gb card here that is very speedy. > However, it has an annoying quirk with the disk layout that makes > FreeBSD spit an error message on every rw mount. Annoying log spam, but > it's still speedy. May just be t

[pfSense] fast CF cards?

My CF card is getting to be a few years old now, and I really should have a backup ready to go. I really hate slow IO in any machine, and I don't like long drawn-out firmware updates (especially since I'm usually up at 4 am doing them). With that in mind, can anybody recommend a CF card with good

[pfSense] CPU frequency no longer displayed

After rebooting pfsense this morning the dashboard is displaying "CPU TypeIntel(R) Core(TM) i3 CPU 540 @ 3.07GHz". Whereas it used to display the actual CPU frequency (powerd is enabled), now it does not. Any idea why? db ___ List mailing list List@l

Re: [pfSense] Detecting Torpig with pfsense?

On Oct 5, 2012 7:57 AM, "Ståle Johnsen" wrote: > > Hi. > I don't think that is possible since the logged incident was a couple of days ago and I as far as I know torpig does not send data to the C&C server all the time? As suggested earlier, I would block everything to those addresses and turn on

Re: [pfSense] Soekris net5501-70 additional PCI network card does not work

On Sep 26, 2012 5:50 AM, "Chris Bagnall" wrote: > > Update: a quick read of its spec sheet indicates it only supports 3.3v: > http://soekris.com/products/net5501.html > > So it might be that your Intel NIC is expecting 5v signalling, especially if it's an old (pre-PCI 2.2) card. Correct. I ran an

Re: [pfSense] Soekris net5501-70 additional PCI network card does not work

On Sep 26, 2012 4:50 AM, "İhsan Doğan" wrote: > > the built in Via Rhine ethernet interfaces do not support VLAN > HW tagging News to me. I have one running with vlans just fine. You may have other issues. db ___ List mailing list List@lists.pfsense.or

Re: [pfSense] web site access disappears

On Wed, Aug 8, 2012 at 10:00 AM, Karmstrong wrote: > We have run into the common problem of web site access randomly stopping. > For instance, at one of our locations google.com no longer works. At > others, yahoo.com can not be accessed. We can not pull the sites up in a > browser nor ping them.

Re: [pfSense] VM woes

On Tue, Aug 7, 2012 at 12:34 PM, Josh Karli wrote: > Thanks Jim. What text editors are preinstalled? Neither of the usual Linux > ones I use are there (I'm new to FreeBSD) and google isn't helping. I believe vi is there, but go to Diagnostics > Edit File in the GUI (if you can get there). db __

Re: [pfSense] Network "freezes" on IBM x3550, Broadcom NICs

On Thu, Jun 28, 2012 at 10:37 PM, Paul Gear wrote: > Would i be better off virtualising this system on VMware?  That way i > could handle all the VLAN tagging in the hypervisor, and the NIC > presented to the system would be an Intel E1000 instead of a Broadcom. > The VMware ESXi 5 and Linux driv

Re: [pfSense] Network "freezes" on IBM x3550, Broadcom NICs

On Thu, Jun 28, 2012 at 10:11 PM, Paul Gear wrote: > > What should be my next troubleshooting step? > memtest? Different NICs? Have you looked at your MBUF usage (netstat -m)? I get similar symptoms after running out of MBUFs, but if you followed the first step in the doc you linked then you sho

Re: [pfSense] Encrypt Microwave Link?

On Tue, Jun 26, 2012 at 3:43 PM, Chris Bagnall wrote: > I would be quite interested in why a narrow beamwidth > isn't beneficial in this context Better, but not a security solution. Unless you're talking about a laser, beamwidth is not a quantitative measure. You can't define an antenna's beamwid

Re: [pfSense] Encrypt Microwave Link?

On Tue, Jun 26, 2012 at 1:46 PM, Paul Cockings wrote: > 1. (broad question... beat me up if like..)  Are microwave links "hackable" > and therefore I should consider some type of encryption on that link Unless it's a laser, wireless transmitter is broadcasting to the world. Most radios designed

Re: [pfSense] Low(ish) cost pfSense platforms

On Jun 9, 2012 12:47 PM, "Larry Sampas" wrote: > > For my small-office installs the Supermicro Atoms are doing great, but I have not yet had one at scale (thousands of concurrent states running at > 20Mbps). I have that same board on a 30/3 connection that hits 30,000 states on a daily basis. No

Re: [pfSense] High interrupt load on LAGG with LACP

On Tue, Jun 5, 2012 at 9:42 AM, Jens Kühnel wrote: > Sorry, I forgot to mention. The interrupt load happens when no traffic > is going through. It's not a traffic problem. What you're describing is odd, but I will echo Chris' point, which is that the ALIX has no hope whatsoever of routing at spe

Re: [pfSense] is pfSense the right choice?

On Thu, May 3, 2012 at 11:55 AM, Noam Birnbaum wrote: > Good call, David -- > > They current have dual WAN -- 40/40 WiMAX and 50/10 cable.  I expect that as > they grow these pipes will at least double. pfsense should do fine, but last I looked most of the netgate stuff was Alix-based, which do

Re: [pfSense] is pfSense the right choice?

On Thu, May 3, 2012 at 11:05 AM, Noam Birnbaum wrote: > Is pfSense the right choice for this environment? You didn't mention the (arguably) most important feature of your proposed environment, which would be throughput expectations. For the feature set you mentioned though, pfsense sounds like

Re: [pfSense] captive portal and https passthrough

On Tue, May 1, 2012 at 10:54 AM, David Burgess wrote: > When the LAN user clicks on the link the browser just times > out. I changed the link to http://www.paypal.com, but the browser > still times out, and I believe it's because paypal is redirecting to > https. To answer my o

[pfSense] captive portal and https passthrough

Hi all, I don't have much experience with captive portal, so I'm doing some testing with 2.0.1 in a vm. It's a bog standard WAN-LAN setup with CP enabled on the LAN. I don't want any authentication, I simply want to present a small html page with links to a couple of web sites. I have created pass

Re: [pfSense] vmware appliance

On Tue, May 1, 2012 at 10:10 AM, Moshe Katz wrote: > If you look at the Snapshots server, it seems that there are VMWare > snapshots. Good. Thank you. db ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list

[pfSense] vmware appliance

The docs (http://doc.pfsense.org/index.php/VMwareAppliance) state that there is no longer a current vmware appliance for download. Is there a particular reason for this? Are there plans to reinstate that at some point? db ___ List mailing list List@lists

  1   2   >