[pfSense] System stats: HUGE SPIKE, then failed.

There was just now a sudden spike in states, ~100x the normal number, maxing out the system max in just an hour, and causing the system to fail. With a maxed out state table, of course the system fails to process traffic.  Has anyone seen something like this before, or have any ideas what

Re: [pfSense] best ipsec cipher for aes-ni on sg-8860

You might try... (Wait for it) ...AES. On 12/9/2017 4:02 AM, Eero Volotinen wrote: Hi, What is the best ipsec ciphers for aes-ni ipsec acceleration? Eero ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project

Re: [pfSense] Actually, DHCP appears to be broken on a fresh install too

I just applied the newly available 10/9 build.  It seems to have fixed my broken install, by rolling forward. On 10/9/2017 2:21 PM, Karl Fife wrote: FYI: Clearly caused by this: https://forum.pfsense.org/index.php?topic=137682.msg752988#msg752988 --- Snip --- ...we'll get a fix out

Re: [pfSense] Actually, DHCP appears to be broken on a fresh install too

l have you back up with less effort than other solutions. ---   --- ZFS boot environments could contain this (or any) unforseen update/upgrade impact. That's why we run/ran Nano for so long. On 10/8/2017 1:57 PM, Karl Fife wrote: Actually, I noticed that resetting to factory defaults, an

[pfSense] Actually, DHCP appears to be broken on a fresh install too

Actually, I noticed that resetting to factory defaults, and creating a simple test config also results in DHCP not starting. Sounds like something more fundamental was broken in RC. I also notice that my old Sep 29 image is no longer being offered an update ('on the latest version') making me

[pfSense] DHCP appears to be broken after 2.4 Sunday October 8 build

Post update, DHCP service appears to die post update.  Is anyone else seeing this? I'm seeing it on two separate install locations, both running 2.4RC *2.4.0-RC* (amd64)  built on Sun Oct 08 06:40:54 CDT 2017 both on pcEngines APU2. Logs say: rc.bootup: The command '/usr/local/sbin/dhcpd

[pfSense] OpenVPN - Should not delete: direct trust of certificates

Someone feel free to challenge me here, or give a +1 In summary: The pfSense UI should not allow users to delete certificates because admins may be unaware of the implications. In detail:  In OpenVPN, certificates are trusted by way of them being signed by the CA (i.e. pfSense), that is,

[pfSense] GRE interface sows reply traffic in tcpdump, but not passed.

I'm having trouble with NAT'ed traffic through a GRE interface that is going over an IPSEC connection.  Pfsense itself can get ping replies from the remote end, but the hosts on the LAN can not.  NAT is enabled, so the source IP for LAN hosts is the local /30 tunnel address.  The irony is that

Re: [pfSense] pfSense 2.4 with ZFS, will it solve corrupt systems

Is setting the copies=2 option slated to be part of the regular installer? I recall copies=2 must enabled after-the-fact from the CLI. Enabling after-the-fact is slightly problematic, because ZFS will only make multiple copies of NEW blocks written, so in effect the system has is without

Re: [pfSense] 2.1.6 NAT BUG - All rules deleted !!

2.1 won't offer an upgrade if the SSD is too small. If you have a 1GB CF, you will have flash a larger one. On 6/7/2017 9:16 PM, Alexandre Paradis wrote: 2.3 support 32 bits, 2.4 doesn't. Tomer, you should upgrade to the latest version. On Wed, Jun 7, 2017 at 10:01 PM, Ryan Coleman

[pfSense] Chelsio T520 card transciever combatibility?

Does anyone have experience with the Chelsio T520 series of cards specifically as it relates to transceiver compatibility? SFP & SFP+: We have several applications where we could use these well-supported cards, some require use of SFP transceivers (not SFP+) such as 1000BASE-LX transceivers.

[pfSense] smartctl supporting mSATA controller

Can anyone recommend a good mSATA drive (i.e. controller chip) that supports a full suite of smartctl commands, such as an ATA (hdparm) secure erase, and self-test? Many have parital support, and it's really hard to find out what support exists short of bench testing.

Re: [pfSense] SIP through IKEv2-tunnel

Time to do a pcap, and see what's actually happening. Look in the SIP session description (SDP) and see what IP addresses the client is telling the other side to communicate with. Divide and conquer. On 3/21/2017 5:42 AM, Martin Fuchs wrote: what really irritates me is the fact (tried it

Re: [pfSense] Routing between interfaces

I'm in the needless complexity is insecurity camp. Your other speculations are baseless. On 2/11/2017 10:18 AM, Matthew Pounsett wrote: I see that you're in the "NAT is security" camp, which is unfortunately a misinformed way to approach network security.

Re: [pfSense] Routing between interfaces

I presume your ISP gave you a tunnel network and a public /28, and you're trying to use the IP's in the /28. Until recently, you had been binding the tunnel network interfaces directly to your 'wan'. You should probably be running a second router. The rationale is trust levels. The first

Re: [pfSense] Intel Atom C2758 (Rangeley/Avoton) install/boot failure with pfSense 2.3.2

the config, and restored it to a clean 64-bit image of 2.3.2, and as expected, it 'just worked' with no sysctrl modifications. The upgrade to 2.3.2_1 was also flawless because the old upgrade URL had been removed from the config. On 1/25/2017 4:01 PM, Karl Fife wrote: This is a good theory, becaus

Re: [pfSense] Intel Atom C2758 (Rangeley/Avoton) install/boot failure with pfSense 2.3.2

Would you mind sharing a snapshot of your Rangeley-optimized tunables? IIRC there are un-editable tunables that show on your tunables page that are not called out in the XML config. Thanks Vick On 1/26/2017 9:47 AM, Vick Khera wrote: On Wed, Jan 25, 2017 at 4:01 PM, Karl Fife <ka

Re: [pfSense] Intel Atom C2758 (Rangeley/Avoton) install/boot failure with pfSense 2.3.2

, or is it a community edition installation? If the latter, Full or Nano? On 1/25/2017 3:49 PM, Jim Pingle wrote: On 01/25/2017 01:10 PM, Karl Fife wrote: The piece that's still missing for me is that there must have been some change in default system setting for FreeBSD, or some other change between

Re: [pfSense] Intel Atom C2758 (Rangeley/Avoton) install/boot failure with pfSense 2.3.2

the full version. We will also begin running the full version with 2.4, (ZFS copies = 2) :-) On 1/25/2017 1:15 PM, Vick Khera wrote: On Wed, Jan 25, 2017 at 1:10 PM, Karl Fife <karlf...@gmail.com> wrote: pfsense 2.2.6 was running without issue on our Supermicro A1SRi-2758F rangeley

Re: [pfSense] Intel Atom C2758 (Rangeley/Avoton) install/boot failure with pfSense 2.3.2

There were changes in the defaults from FreeBSD 9 to 10. https://pleiades.ucsc.edu/hyades/FreeBSD_Network_Tuning Could that be it? Old config overwriting new defaults? -Original Message- From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Karl Fife Sent: Wednesday, January 25, 2

[pfSense] Intel Atom C2758 (Rangeley/Avoton) install/boot failure with pfSense 2.3.2

pfsense 2.2.6 was running without issue on our Supermicro A1SRi-2758F rangeley board (Intel Atom C2758) When we upgraded to 2.3.2, the new system failed to boot due to having insufficient RAM allocated to network memory buffers. We had to interrupt the boot process increase the value of

[pfSense] Rule Processing Order

Can anyone give a philosophical/design purpose why the general OpenVPN rules are processed before the interface-specific OpenVPN rules (i.e. an OpenVPN server bound to an interface). Processing rules from most-specific to least-specific seems like a more intuitive design guideline, but I'm

Re: [pfSense] pfSense 2.3.2-p1 RELEASE Now Available

FYI, same circumstances, update is no longer choking on that step. Thanks On 10/6/2016 5:16 PM, Karl Fife wrote: Update is failing over here. Is there perhaps a file missing from a repo? This is what I'm seeing when I update from the CLI: ...etc... Fetching php56-5.6.26.txz

Re: [pfSense] pfSense 2.3.2-p1 RELEASE Now Available

Update is failing over here. Is there perhaps a file missing from a repo? This is what I'm seeing when I update from the CLI: ...etc... Fetching php56-5.6.26.txz: .. done Fetching pfSense-rc-2.3.2_1.txz: . done Fetching pfSense-kernel-pfSense_wrap-2.3.2_1.txz: . done pkg:

Re: [pfSense] New feature in ISC DHCP server v.4.3+ ( pfSense feature request )

On 9/8/2016 9:14 PM, Jim Thompson wrote: On Thu, Sep 8, 2016 at 7:36 PM, Karl Fife <karlf...@gmail.com> wrote: There is a brand new feature/option in ISC dhcpd 4.3.0 (the DHCP server version in pfSense 2.3+). you could say, "Thank you". I drove the old crud out. I woul

[pfSense] New feature in ISC DHCP server v.4.3+ ( pfSense feature request )

. Is this in the pipeline? Before making a formal feature request I thought I'd bounce it off my peers here on the mailing list. Cheers. -Karl Fife https://www.freebsd.org/cgi/man.cgi?query=dhcpd.conf " ignore-client-uids flag; If the ignore-client-uids statement is present and has a value of

Re: [pfSense] DHCP Implicit rule processing order

Functionally related to the implicit auto-lockout rule. Makes sense. Thanks. On 8/31/2016 9:49 PM, Jim Pingle wrote: On 8/31/2016 9:30 PM, Karl Fife wrote: This suggests the implicit rules are evaluated BEFORE the explicit rules. Is there a good reason they're evaluated first? I'd expect

[pfSense] DHCP Implicit rule processing order

If I understand correctly, the actual interface to which the DHCP service is bound gets an IMPLICIT (hidden) pass rule. HOWEVER, I have a log rule defined during DHCP activity. I see the states, and see the LOGS for the DHCP conversations, (wireshark etc), but the pass rule is not being hit.

[pfSense] automatic aliases (are sometimes incorrect)

It appears that some of the automatic aliases offered via the GUI when creating firewall rules can be misleading or incorrect under certain circumstances. For example: If I create an OpenVPN server (say, a remote access type), and assign it to an interface called, say, VPN_BYOD, I'll see (as

Re: [pfSense] Unicast Flood

/16/2016 2:19 PM, Karl Fife wrote: Hey all. I'm trying to get to the bottom of an Ethernet concept: If an Ethernet switch has no switching/forwarding table entry for a given MAC, does it flood/broadcast BY DESIGN (e.g. to behave like a good old-fashioned Ethenet HUB) or is unicast flooding

Re: [pfSense] multiple:multiple

Makes sense. I was confused, seeing it in the context of analyzing secure connections to Google subnets. Apparently I'm not "QUIC" enough on the uptake of the Google's experimental transport layers. :-) On 8/5/2016 5:41 PM, Jim Pingle wrote: On 8/5/2016 3:13 PM, Karl Fife w

[pfSense] multiple:multiple

All of the states in the pfsense states display make sense to me: e.g. http://www.cs.hofstra.edu/~cscccl/c333/tcp.gif Maybe I'm having a brain fart, but I'm not finding a good treatise on the "multiple:multiple" state? Anyone? ___ pfSense mailing

Re: [pfSense] looking for perfect pfsense box for home?

to start deploying it at customer sites over NetGate hardware. On Aug 3, 2016, at 10:58 AM, Karl Fife <karlf...@gmail.com> wrote: +1 You can buy the 'blessed' hardware alone (e.g. CentOS) from netgate for $300 (2-port) and $350 (4-port). Cheaper than if you buy a preconfigured p

Re: [pfSense] looking for perfect pfsense box for home?

+1 You can buy the 'blessed' hardware alone (e.g. CentOS) from netgate for $300 (2-port) and $350 (4-port). Cheaper than if you buy a preconfigured pfSense appliance with support. Seems like REALLY inexpensive insurance to be using vetted hardware that others are also using. In general,

Re: [pfSense] Mini-USB console on new pfSense certified hardware

On 8/1/2016 4:20 PM, Moshe Katz wrote: You could also use a set of USB over twisted pair adapters, but those aren't necessarily the most dependable pieces of hardware over long distances. Indeed. When something goes wrong, cognitive loads are high, and you don't want to be dickign around

[pfSense] Mini-USB console on new pfSense certified hardware

USB HOST to RS232 adapter It appears that the new rangely-based pfSense certified hardware (2440, 4860) has a mini-USB (client) port for console access. This "convenience" is ironic for us because I actually prefer RS232, (because that's the interface everything else uses). As far as I

[pfSense] 32-to-64 bit upgrade - unbound needn't be un-bound

Over the weekend I did some 32-to-64 bit architecture upgrades on NanoBSD systems with 64-bit hardware. The migrations were seamless EXCEPT that in every case, the DNS forwarder [sic] would fail to work unless selectively un-bound from IPv6 interfaces. On all of the systems, there was at

Re: [pfSense] Lightning strike

On 7/26/2016 8:40 PM, Chris Buechler wrote: On Tue, Jul 26, 2016 at 7:43 PM, Volker Kuhlmann <hid...@paradise.net.nz> wrote: On Tue 26 Jul 2016 09:41:37 NZST +1200, Karl Fife wrote: Interesting how it failed: The fried port 'simply' broke connectivity for the interface's LAN s

[pfSense] Lightning strike

The 6th Ethernet port (em5) on my Lanner fw-7541D died Saturday night during the electrical storm. Just the one port. Apparently fried, apparently by an electrical anomaly. Now, the link light is always on (dimly lit), whether populated or not, and neither the POST, nor the OS detects the

Re: [pfSense] CIFS slow on PPTP

. Good luck. -K On 7/25/2016 2:22 PM, Chris wrote: Karl Fife wrote: Are you sure that CIFS is slow because of PPTP? All but the latest CIFS/SMB protocols are poorly suited for high-latency connections such as the public Internet (e.g. where you might use VPN). Even under the best

Re: [pfSense] CIFS slow on PPTP

Are you sure that CIFS is slow because of PPTP? All but the latest CIFS/SMB protocols are poorly suited for high-latency connections such as the public Internet (e.g. where you might use VPN). Even under the best circumstances, many applications don't tolerate it well

[pfSense] DNS Forwarder # exception

DNS Forwarder had a domain override *exception* feature that I don't see in DNS Resolver. I'm looking for a equivalent/workaround. Obviously, In both dnsmasq and unbound, I can create a domain override, e.g. DomainIP example.com10.243.0.1 However, I Don't want the

[pfSense] CPU Utilization on landing page

Ever since upgrading to 2.3, I notice that the CPU utilization is uncommonly high when a browser is pointed at the Status / Dashboard. Naturally, this is the php-fpm process. Each instance of php-fpm runs at between 8 and 40% of my 1.8ghz Atom (dual core, HT). With four or five dasbord

Re: [pfSense] MTU on TUN adapter in lossy conditions

interface being used, and if it permanently changes it. I ran into an issue where an application would randomly quit working. After doing some digging I found that Cisco AnyConnect had reconfigured the MTU on my wired NIC to 1300, even when the tunnel was disabled. On Wed, Jun 15, 2016 at 1:46 PM, Karl

[pfSense] MTU on TUN adapter in lossy conditions

Has anyone had success adjusting MTU on OpenVPN tunnel adapters to deal with loss amplification across tunnel networks? By default the MTU on an openVPN adapter(s) are set to 1500, but it seems that performance in lossy conditions might be dramatically improved by changing the MTU to

Re: [pfSense] Snort or Suricata

With as many rules as an IDS/IPS would evaluate for each packet, it seems that a multi-threaded option would be an obvious choice, especially on modern multi-core quasi-embedded systems (e.g. Rangely/Atom) with lower absolute clock speeds. Otherwise it seems you might become effectively CPU

Re: [pfSense] [Announce] pfSense 2.3.1-RELEASE Now Available!

I just upgraded pfSense community edition from 2.2.6 to 2.3 on two different Lanner FW-7541D's In both cases the UI reported "Firmware Installation Failed" thusly: https://imagebin.ca/v/2hkICOAnJnbs however the unit rebooted, correctly showing the updated version. The install logs didn't

Re: [pfSense] Soeckris Net5501 SSD

Of Karl Fife Sent: Wednesday, May 18, 2016 1:18 PM To: pfSense Support and Discussion Mailing List <list@lists.pfsense.org> Subject: Re: [pfSense] Soeckris Net5501 SSD Ed, you said it well here: "wear leveling work is in SATA and DOM" I think this is an important point, because

Re: [pfSense] Soeckris Net5501 SSD

devices. I’m generally a fan of the SSDs with metal cases for heat dissipation. ED. On 2016, May 17, at 6:09 PM, Karl Fife <karlf...@gmail.com> wrote: I have about 15 Net5501's OR Lanner FW-7541D's in the field running embedded/Nano on CF cards. There's not enough

[pfSense] Soeckris Net5501 SSD

I have about 15 Net5501's OR Lanner FW-7541D's in the field running embedded/Nano on CF cards. There's not enough space on a 1GB CF to upgrade to v2.3. Of course I can upgrade to larger CF cards, however the eventual phase-out of NanoBSD makes me wonder if it's better to install a SATA SSD

Re: [pfSense] Monitor (RRD) all 0 data on 2.3

I envision the ideal design to be one in which I can have five or six (customized) graphs in one view (rather than having only one single customizable 'default' view). Ideally all of the saved graphs would visible/rendered together when I go that page, but even if I had some presets (like an

Re: [pfSense] Site to Site VPN behind nat

On 5/2/2016 10:24 AM, Vick Khera wrote: On Sun, May 1, 2016 at 8:18 PM, Dane Reugger wrote: I've seen this done with Aruba but not sure it's possible with PfSense but if it is I would love a guide to get it going. Use OpenVPN. It doesn't care at all about the NAT.

[pfSense] Long delay before DHCP issued leases appear n the DHCP lease table

I've been 'subdividing' some growing networks into multi-lan; guest, management networks etc. On every occasion I've observed that it has taken considerable time (perhaps 10 to 20 minutes) after the DHCP server begins issuing new leases (to hosts moved from the other interface) before they

Re: [pfSense] Cisco VPN

I've done this. IIRC It was a PITA. I'm having trouble finding my notes but my recollection is that the Cisco nomenclature is different. Also, the only cyphers and keys I could make work were as follows: Key exchange v1 Phase 1 Auth Auth: Mutual PSK Nego: Main Phase 1 Prop AES 128 Sha 1 DH

[pfSense] NTP Drift file not retained (NanoBSD) and "clipping" of

It appears that pfSense 2.3 and earlier on nanoBSD does not retain its system clock calibration between reboots. On certain (certified) systems, this appears to trigger a sequence in which the offset gets further and further behind, and NTPD tries in vain to slew the clock, increasing the

Re: [pfSense] Ambiguous gateway monitoring

6 at 12:31 PM, Karl Fife <karlf...@gmail.com> wrote: I'm bringing this up in the off chance that it is a bug. I think it might be expected behavior but want to bounce it off a few others. I have an installation with two fiber uplinks. Each uplink has an IP on the ISP's single WAN subnet

[pfSense] Ambiguous gateway monitoring

I'm bringing this up in the off chance that it is a bug. I think it might be expected behavior but want to bounce it off a few others. I have an installation with two fiber uplinks. Each uplink has an IP on the ISP's single WAN subnet (e.g. one single subnet, not a pair of tunnels). This is

Re: [pfSense] Access Point Recommendations?

Your point about having a one-off solution is a great one. Installing a single UniFi AP would be unnecessarily complex. The TP-Link TL-WA801nd is a BGN-only device. Do you (or anyone) have a preferred stand-alone AC access point? On 7/22/2015 8:10 PM, Adrian Zaugg wrote: TP-Link

Re: [pfSense] Access Point Recommendations?

My specific hardware recommendations are below: I suspect Geoff's PoE switches did not meet the published requirement for 802.3at (i.e. more than 15 watts of PoE) rather than being an idiosyncratic incompatibility. The irony is that the AVERAGE wattage for AP-AC is actually LESS THAN 15

Re: [pfSense] Access Point Recommendations?

We've gone all-in with AC in challenging environments (crowded, congested etc). UniFi AP-AC to be exact. It's awesome. One trick with UniFi AP-AC (vs AP-PRO) is that UniFi AP-AC *needs* 802.3at PoE PSE. It will APPEAR to work with 802.3af PoE PSE, but it will choke under even light load.

Re: [pfSense] Client-Side 1:1 NAT for IP address conflicts w/ VPN

not, thus it is good practice to use the smaller netblock to reduce the risk of conflict when multi-homing, whether it be via VPN or MNO. On 12/10/2014 12:36 AM, Chris L wrote: On Dec 9, 2014, at 8:53 PM, Karl Fife karlf...@gmail.com wrote: In the wild, I'm seeing a an increasing number

Re: [pfSense] Client-Side 1:1 NAT for IP address conflicts w/ VPN

I agree with you Chris. That's an excellent choice for someone building out a new network assuming you don't peer with other networks/systems in that space. Ultimately, it's a crap shoot, and the solution is to use IPV6 and 6:4 NAT for legacy. Still, if there were a way to easily invoke

[pfSense] Client-Side 1:1 NAT for IP address conflicts w/ VPN

In the wild, I'm seeing a an increasing number of crappy consumer/ISP routers with subnets that conflict with ours (10../8). Comcast appears to be a common offender, curiously allocating the largest private subnet to their smallest customers. Of course this breaks VPN due to address

Re: [pfSense] OpenVPN Non-admin users.

Somehow I overlooked that option. Needless fussing. Enabling the OpenVPNManager by default seems like it could be a reasonable option considering that all supported versions of Windows (Vista/7/8/[10]) require users (even admins) to elevate the OpenVPN client (and/or create an elevated

[pfSense] OpenVPN Non-admin users.

I'd like to poll how others have dealt with the issue of non-admin Windows users running OpenVPN (TUN) for remote access. If you recall, non-admin users don't have the privileged of inserting a routes, so even though the tunnel is is established, it won't be used without an explicit route.

Re: [pfSense] OpenVPN Non-admin users.

end users to be able to bring up/down the tunnel, and so auto-starting as a service proved not workable. Gordon Russell Clarke County IT 540 955 5135 - Original Message - From: Karl Fife karlf...@gmail.com To: ESF - Electric Sheep Fencing pfSense Support list@lists.pfsense.org Sent

Re: [pfSense] GUI Auto Update updates to image with wrong console type

to me on the 2.1.4 - 2.1.5 upgrade. On Tue, Sep 9, 2014 at 8:20 AM, Vick Khera vi...@khera.org wrote: On Mon, Sep 8, 2014 at 8:05 PM, Karl Fife karlf...@gmail.com wrote: Has anyone else observed that the serial console stops working after a WebGUI update? On my ALIX home office router

[pfSense] GUI Auto Update updates to image with wrong console type

Has anyone else observed that the serial console stops working after a WebGUI update? This has happened consistently with our Lannder FW-5741D's I can not definitely exclude all other causes, but I observe that all six have had their console type changed to VGA from Serial, presumably during

Re: [pfSense] pfSense Routing - VPN's

] On Behalf Of Karl Fife Sent: 16 May 2014 07:55 To: pfSense Support and Discussion Mailing List Subject: Re: [pfSense] pfSense Routing - VPN's This is exactly what we do. We make the hub the OpenVPN server, and the spokes the clients because the hub IP is static, and we can manage all of the OpenVPN

Re: [pfSense] pfSense Routing - VPN's

This is exactly what we do. We make the hub the OpenVPN server, and the spokes the clients because the hub IP is static, and we can manage all of the OpenVPN listeners on one instance. If your whole network is a /16, and each spoke is a /24, all you need is a route directive on each of the

Re: [pfSense] using Pfsense as a router

The two ends of your MPLS link are on different subnets, so your MPLS provider will have to route for you. You have to coordinate with them on that (OR create your own point-to-point tunnel) For example, YOUR site1 router needs to know that site2's 172.16.11.0/24 subnet is reachable via

[pfSense] DNS Forwarder problem in 2.1.0

What I observe: When a static mapping is created for a DHCP client, the DNS forwarder appears to NOT register the mapping (i.e. does not allow DNS resolution) unless the client is also manually assigned an IP address. It is my understanding that if the address value is left blank (i.e. if

[pfSense] 2.x Traffic shaping

I'm not quite sure where to start with this one, but ever since we migrated from version 1.2.3 to 2.0.1, our traffic shaping seems to fail under many conditions where 1.2.3 'just worked'. The endgame is that it's fouling up our VoIP telephony. Essentially, everything's exactly the same as it

[pfSense] Move instance from X to Y, cold spare.

If I have a production system running on hardware X, and I want to move it to hardware Y, is there a way to do so by exporting the configuration and re-importing it on the other box? It would appear that the answer is YES and it works 100% perfectly UNLESS the hardware interfaces are not

Re: [pfSense] Pfsense Ipad / Iphone - Android - Smartphone App

... At one point we did look at making the web interface theme for mobile browsers a lot more finger-friendly, not sure what happened to that. We had a mock-up screen with some large icons, one per section, and some JS that would let you pick the menu entries using those. I think that's all

[pfSense] Got TOE?

Are there any TCP/IP Offload Engine nic's that pfSense can leverage? A TOE in pfSense could function somewhat like the hardware packet-forwarding ASICs in the likes of Csco/Juniper etc, No? If supported, it seems that a TOE could be an enabling factor for pfSense in some applications where

Re: [pfSense] Dynamic DNS force update?

...@lists.pfsense.org] *Im Auftrag von *Karl Fife *Gesendet:* Mittwoch, 22. Februar 2012 06:12 *An:* list@lists.pfsense.org *Betreff:* [pfSense] Dynamic DNS force update? Is there a way to force the Dynamic DNS client to post an update? It would appear that the only way to do this is to change the IP

Re: [pfSense] Dynamic DNS force update?

My question is of course, HOW. How does one change the cached number without releasing the address on the monitored interface? -K On 2/22/2012 11:47 AM, Bob Gustafson wrote: Change the cached number, then do as Martin Fuchs suggested. On Wed, 2012-02-22 at 10:02 -0600, Karl Fife wrote: Hi

Re: [pfSense] Dynamic DNS force update?

1:28 PM, newsgroups.ma...@stefanbaur.de wrote: Am 22.02.2012 19:06, schrieb Karl Fife: My question is of course, HOW. How does one change the cached number without releasing the address on the monitored interface? -K Have a look at the files matching /conf/dyndns* and try editing those. -Stefan

[pfSense] Dynamic DNS force update?

Is there a way to force the Dynamic DNS client to post an update? It would appear that the only way to do this is to change the IP address bound to the montored interface. My question very specifically is, is it possible to force an update WITHOUT changing the interface address? I have a