[pfSense Support] Plz Comments

Hi, I'm using captive portal in pfsense for authent. my cisco wireless. Recently when i update firmware pfSense-Full-Update-1.0.1-SNAPSHOT-01-19-2007.tgz it make my server; 1. Load cpu up to 50% (before this less than 30%) 2. Hang after 4 to 7 days (after reboot 3 times it comes normal again)

[pfSense Support] Problems viewing mirrored tutorials

Hi, I can't view any of the tutorials that are mirrored through the TUTORIALS page (http://pfsense.com/index.php?id=36). It seems to be some sort of Flash content, but nothing ever gets loaded. I can view/download the others that are directly connected to the site (i.e. transparent firewall).

Re: [pfSense Support] Problems viewing mirrored tutorials

Joseph Favia Jr. wrote: Hi, I can't view any of the tutorials that are mirrored through the TUTORIALS page (http://pfsense.com/index.php?id=36). It seems to be some sort of Flash content, but nothing ever gets loaded. I can view/download the others that are directly connected to the site (i.e

RE: [pfSense Support] I am having a difficult time fowarding vnc from the wan to a ip on the lan

VNC uses by default screen number 0 = 5900 for VNC and 5800 for the VNC webserver with Java plug-in. Just try to connect to http:// 10.1.1.92:5800 . On a Mac OSX server this port is already in use by apple's remote desktop software. You can change the port by choosing

Re: [pfSense Support] I am having a difficult time fowarding vnc from the wan to a ip on the lan

Is reflection enabled? --Bill On 2/4/07, kevin hawkins <[EMAIL PROTECTED]> wrote: I still can not make it work. I am sitting behind it though that might be the problem. On 2/4/07, Holger Bauer < [EMAIL PROTECTED]> wrote: > It uses 5500 for reverse connection, 5800 for the http serverapplet an

[pfSense Support] Snort

I am new to PFSense firewall and Snort, but very familar with firewall/security technology in general. I was using IPCop with Snort enabled but switched to PFSense once I used monowall (For VPN Support) and found out PFSense built on monowall by adding intrusion detection. My IPCop Snort service

Re: [pfSense Support] Snort

Changw the memory usage type to ac-sparsebands. On 2/5/07, Bill Roth <[EMAIL PROTECTED]> wrote: I am new to PFSense firewall and Snort, but very familar with firewall/security technology in general. I was using IPCop with Snort enabled but switched to PFSense once I used monowall (For VPN Suppo

Re: [pfSense Support] Snort

I tried that, and still got nothing, but I didn't wait long. I then switched it to ac, and it has been on that since. with no logged intrusions. >>> [EMAIL PROTECTED] 2/5/2007 10:04 AM >>> Changw the memory usage type to ac-sparsebands. On 2/5/07, Bill Roth <[EMAIL PROTECTED]> wrote: > I am new

Re: [pfSense Support] Snort

On 2/5/07, Bill Roth <[EMAIL PROTECTED]> wrote: I tried that, and still got nothing, but I didn't wait long. I then switched it to ac, and it has been on that since. with no logged intrusions. Have no idea then. ac-sparebands works too well for us sometimes with the amount of stuff in the de

[pfSense Support] Sending PFsense logs to Dshield

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I am a new convert to PFsense... in fact about 24 hours now and it rocks! One of the things I have done over the years is submit logs to dshield.org - http://www.dshield.org/howto.html Has anyone done this with PFsense and can you tell me what yo

Re: [pfSense Support] Snort

I am sure something just isn't set right. Is there any documentation on snort for PFSense, or should I just use the standard docs >>> [EMAIL PROTECTED] 2/5/2007 10:11 AM >>> On 2/5/07, Bill Roth <[EMAIL PROTECTED]> wrote: > I tried that, and still got nothing, but I didn't wait long. I then > sw

Re: [pfSense Support] Snort

On 2/5/07, Bill Roth <[EMAIL PROTECTED]> wrote: I am sure something just isn't set right. Is there any documentation on snort for PFSense, or should I just use the standard docs There are no docs currently. Use the standard docs. Also, are you sure that you have enough memory when running in

Re: [pfSense Support] Snort

384 MB of ram, running on a P733. >>> [EMAIL PROTECTED] 2/5/2007 10:35 AM >>> On 2/5/07, Bill Roth <[EMAIL PROTECTED]> wrote: > I am sure something just isn't set right. Is there any documentation on > snort for PFSense, or should I just use the standard docs There are no docs currently. Use th

Re: [pfSense Support] Snort

On 2/5/07, Bill Roth <[EMAIL PROTECTED]> wrote: 384 MB of ram, running on a P733. Sorry but that is simply not enough ram. Please see http://wiki.pfsense.com/wikka.php?wakka=ReleaseCaveats Scott - To unsubscribe, e-mail: [EM

[pfSense Support] system crash/hacked? - cannot access console - increase logging?

Hi, Can someone assist me with allowing access back to the console? And perhaps increasing the logging? Using: Version 1.0.1 built on Sun Oct 29 01:13:05 UTC 2006 PlatformpfSense On the weekend the system went down. It's the first time this has happened and I have been running

Re: [pfSense Support] system crash/hacked? - cannot access console - increase logging?

On 2/5/07, Darren Cockburn <[EMAIL PROTECTED]> wrote: Hi, Can someone assist me with allowing access back to the console? And perhaps increasing the logging? Using: Version 1.0.1 built on Sun Oct 29 01:13:05 UTC 2006 PlatformpfSense On the weekend the system went down. It's

Re: [pfSense Support] Snort

is 512 enough? or should I move to a system that has 1 gig? >>> [EMAIL PROTECTED] 2/5/2007 10:47 AM >>> On 2/5/07, Bill Roth <[EMAIL PROTECTED]> wrote: > 384 MB of ram, running on a P733. Sorry but that is simply not enough ram. Please see http://wiki.pfsense.com/wikka.php?wakka=ReleaseCaveats

Re: [pfSense Support] Snort

On 2/5/07, Bill Roth <[EMAIL PROTECTED]> wrote: is 512 enough? or should I move to a system that has 1 gig? I would follow what the release caveats page states. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional comma

RE: [pfSense Support] system crash/hacked? - cannot access console - increase logging?

Silly me, Using /usr/sbin/clog shows log entries after the "crash" for ALL logs (nothing before) Is there anything I can turn on (newsyslog as an example) that would keep a better history of events? Any thoughts on why I cannot access the machine locally? Thanks again. - Darren. -Original

Re: [pfSense Support] system crash/hacked? - cannot access console - increase logging?

On 2/5/07, Darren Cockburn <[EMAIL PROTECTED]> wrote: Silly me, Using /usr/sbin/clog shows log entries after the "crash" for ALL logs (nothing before) Is there anything I can turn on (newsyslog as an example) that would keep a better history of events? Send the logs to a remote syslog host.

RE: [pfSense Support] Snort

I had similar problems my box is running 866Mhz PIII and 512Mb of RAM. Snort would eat up 400-500MB of memory, and eventually crash. I have moved tothe lowmem method has been working well for me for a couple of months now (or more). you might want to give that a try... Cully -Original Mes

Re: [pfSense Support] Snort

On 2/5/07, Bennefield, Cully A. <[EMAIL PROTECTED]> wrote: I had similar problems my box is running 866Mhz PIII and 512Mb of RAM. Snort would eat up 400-500MB of memory, and eventually crash. I have moved tothe lowmem method has been working well for me for a couple of months now (or more). you

Re: [pfSense Support] system crash/hacked? - cannot access console - increase logging?

On 2/5/07, Darren Cockburn <[EMAIL PROTECTED]> wrote: Silly me, Using /usr/sbin/clog shows log entries after the "crash" for ALL logs (nothing before) Is there anything I can turn on (newsyslog as an example) that would keep a better history of events? You probably want to syslog to a remote

RE: [pfSense Support] system crash/hacked? - cannot access console - increase logging?

Will do Thanks for the wonderful product. - Darren. -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Monday, February 05, 2007 11:47 AM To: support@pfsense.com Subject: Re: [pfSense Support] system crash/hacked? - cannot access console - increase logging? On 2/5/

[pfSense Support] BTX Halt

I keep getting a btx halt error on the new system I am trying to install PF sense on. Any ideas. It is a compaq EVO d500, p1.5Ghz, with 1GB ram - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL

Re: [pfSense Support] BTX Halt

On 2/5/07, Bill Roth <[EMAIL PROTECTED]> wrote: I keep getting a btx halt error on the new system I am trying to install PF sense on. Any ideas. It is a compaq EVO d500, p1.5Ghz, with 1GB ram Please see http://wiki.pfsense.com/wikka.php?wakka=BootTroubleShooting and http://wiki.pfsense.com/wik

RE: [pfSense Support] I am having a difficult time fowarding vnc from the wan to a ip on the lan

You should never test this from inside your network. However if you need configurations like this to work from inside yourLAN enable nat reflection at system>advanced (very bottom) Holger -Original Message- From: Bill Marquette [mailto:[EMAIL PROTECTED] Sent: Monday, February 05, 2007 3

RE: [pfSense Support] Plz Comments

Sounds like hardwareissues. What version have you run previously? Maybe you should upgrade to the latest snapshot again. Does it detect all your available RAM on bootup? Holger -Original Message- From: saidy [mailto:[EMAIL PROTECTED] Sent: Monday, February 05, 2007 11:25 AM To: support@

Re: [pfSense Support] Snort

ok, I put a new box together with enough memory for snort (the BTX issue which was stupid to ask, so sorry), and here is a sample of my logs. I am not sure what all of this means, but it doesn't look good. snort2c[864]: SIGTERM received - exiting Feb 5 13:57:32 snort2c[864]: SIGTERM received - e

Re: [pfSense Support] I am having a difficult time fowarding vnc from the wan to a ip on the lan

I might be late on this, but VNC uses port 5900, not 5400. >>> [EMAIL PROTECTED] 2/4/2007 7:47:01 PM >>> I am having a hard time tringto figure out how to foward a port for vnc from the wan interface to a ip on the lan interface. IE 10.1.1.92 The port that vnc uses is 5400 I believe. Thanks K --

Re: [pfSense Support] Snort

I have never seen that before. Maybe snort was already running so it could not lock the file? On 2/5/07, Bill Roth <[EMAIL PROTECTED]> wrote: ok, I put a new box together with enough memory for snort (the BTX issue which was stupid to ask, so sorry), and here is a sample of my logs. I am not s

Re: [pfSense Support] Snort

I think I might start from scratch. Do you guys have any beta stuff to test. I can run it on my new box? >>> [EMAIL PROTECTED] 2/5/2007 4:13:30 PM >>> I have never seen that before. Maybe snort was already running so it could not lock the file? On 2/5/07, Bill Roth <[EMAIL PROTECTED]> wrote: >

Re: [pfSense Support] Snort

Not really a beta as its quite tested, but the latest version (which you should be using for snort, btw) is located here: http://snapshots.pfsense.com/FreeBSD6/RELENG_1/iso/ Scott On 2/5/07, Bill Roth <[EMAIL PROTECTED]> wrote: I think I might start from scratch. Do you guys have any beta stu

Re: [pfSense Support] Snort

is this version 1.01? >>> [EMAIL PROTECTED] 2/5/2007 4:18:48 PM >>> Not really a beta as its quite tested, but the latest version (which you should be using for snort, btw) is located here: http://snapshots.pfsense.com/FreeBSD6/RELENG_1/iso/ Scott On 2/5/07, Bill Roth <[EMAIL PROTECTED]> wrote

Re: [pfSense Support] Snort

It is a snapshot. Which is the 1.0.X tree. Only bug fixes + minor improvements are commited to RELENG_1. On 2/5/07, Bill Roth <[EMAIL PROTECTED]> wrote: is this version 1.01? >>> [EMAIL PROTECTED] 2/5/2007 4:18:48 PM >>> Not really a beta as its quite tested, but the latest version (which you

Re: [pfSense Support] Snort

thanks. I will give it a shot >>> [EMAIL PROTECTED] 2/5/2007 4:29:10 PM >>> It is a snapshot. Which is the 1.0.X tree. Only bug fixes + minor improvements are commited to RELENG_1. On 2/5/07, Bill Roth <[EMAIL PROTECTED]> wrote: > is this version 1.01? > > >>> [EMAIL PROTECTED] 2/5/2007 4:18:4

Re: [pfSense Support] Plz Comments

Hi, 1. Version: pfSense 1.0.1-SNAPSHOT-02-02-2007, still got problem 2. When using command line # dmesg | grep memory real memory = 1073152000 (1023 MB) avail memory = 1040928768 (992 MB) Should i check RAM on bootup or this command is enough? 3. Using top and founded that a lot of php servic

Re: [pfSense Support] Plz Comments

On 2/5/07, saidy <[EMAIL PROTECTED]> wrote: [snip 3. Using top and founded that a lot of php services running and make cpu load increased, especially when many people login. Do NOT install the deviso on production firewalls. This is the ONLY way make appears. Scott --

Re: [pfSense Support] Plz Comments

I'm using pfSense 1.0.1 RELEASE and update using http://snapshots.pfsense.com/FreeBSD6/RELENG_1/pfSense-Full-Update-1.0.1-SNAPSHOT-02-02-2007.tgz and not http://snapshots.pfsense.com/FreeBSD6/RELENG_1/iso/ ... it is same approach that i should not do it on production firewall? - Original M

Re: [pfSense Support] Plz Comments

On 2/5/07, saidy <[EMAIL PROTECTED]> wrote: I'm using pfSense 1.0.1 RELEASE and update using http://snapshots.pfsense.com/FreeBSD6/RELENG_1/pfSense-Full-Update-1.0.1-SNAPSHOT-02-02-2007.tgz and not http://snapshots.pfsense.com/FreeBSD6/RELENG_1/iso/ ... it is same approach that i should not do it

RE: [pfSense Support] Plz Comments

I think he's saying that he's seeing a lot of instances of php which are causing a high load on the cpu...not that "make" is showing up in the list. :) > Date: Mon, 5 Feb 2007 20:55:00 -0500> From: [EMAIL PROTECTED]> To: > support@pfsense.com> Subject: Re: [pfSense Support] Plz Comments> > On

Re: [pfSense Support] Plz Comments

That i mean, thank you my friend. Its because when i seach in internet i got this; http://m0n0.ch/wall/list/showmsg.php?id=306/49 Forgive me because of my bad english. Thank you - Original Message - From: Adam Van Ornum To: support@pfsense.com Sent: Tuesday, February 06, 2007

Re: [pfSense Support] Plz Comments

On 2/5/07, saidy <[EMAIL PROTECTED]> wrote: That i mean, thank you my friend. Its because when i seach in internet i got this; Will look into it more. Thanks! Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additiona