[pfSense Support] Snort

2007-11-21 Thread Jason J. Ellingson
Just tried out Snort on 1.2RC3... So far, so good... just a couple of notes: pfSense doesn't like: dos.rules - multiple ports listed: [135,137,138,139,445] -and- scan.rules - UDP protocol So I disabled those for now. Let's see how it goes... - Jason

Re: [pfSense Support] Split DNS LAN/DMZ

2007-11-21 Thread Jaye Mathisen
Use split-horizon DNS, and different DNS servers for the LAn/DMZ hosts? On Thu, Nov 22, 2007 at 04:07:18PM +1300, Volker Kuhlmann wrote: > When using the DNS forwarder with LAN hosts added, it would be desirable to > not make all the same information available to the DMZ hosts. In case of > using

[pfSense Support] Split DNS LAN/DMZ

2007-11-21 Thread Volker Kuhlmann
When using the DNS forwarder with LAN hosts added, it would be desirable to not make all the same information available to the DMZ hosts. In case of using pfsense as an NTP source, LAN and DMZ hosts would need to see a different IP address for time.localnet.site. I don't see how that can be done at

Re: [pfSense Support] does pfSense cache?

2007-11-21 Thread Bill Marquette
Are you resetting the modem after moving the laptop? Most cable modems are locked to a single MAC address on the ethernet side and will only allow the first device seen after power on. Outside of that, I can only see us caching if you are using the squid proxy package. --Bill On Nov 19, 2007 3:

Re: [pfSense Support] openvpn Question hope someone can help...

2007-11-21 Thread Paul M
Tom Bishop wrote: > I have done a tcpdump, I don't see the return packets...thats the > troubling part > > On Nov 20, 2007 8:13 AM, Paul M <[EMAIL PROTECTED] > > wrote: > > Tom Bishop wrote: > > Ok this one has been bugging me for sometime, I'm new to Pfsense

Re: [pfSense Support] Re: pfSense with 3 internal VLANs?

2007-11-21 Thread Paul M
Angelo Turetta wrote: > Curtis LaMasters wrote: >> and Firewall myself, however, I'm still having problems with the VLAN >> config. I would like the LAN interface to be VLAN1. Please let me >> know if you have any questions, or if I missed something. > > Curtis, this is quite easy to do. I manag

Re: [pfSense Support] suggestion change to UI - locking pages on slave firewalls

2007-11-21 Thread Paul M
Chris Buechler wrote: > Scott Ullrich wrote: >> On 11/20/07, Paul M <[EMAIL PROTECTED]> wrote: >>> two firewalls, fwa, fwb, fwa is the master and replicated to fwb >>> Could there be added in the UI (advanced options maybe) a flag to >>> indicate that this FW is a slave, and then grey out anything