On 4/11/08, Jan Zorz <[EMAIL PROTECTED]> wrote:
> Don't bother with this. I ran through a small flame-war with Scott about
> this, wrote my own patches for pfsense, that were working flawlessly on
> 1.0.1 and were applying rules on out-traffic, but politic persuation on
> dev's side prevented those
Scott Ullrich wrote:
Don't start that all over again, just learn to live with in-only rules.
I disagree with this completely. See the thread named "Patches for
out based rules creation on pfSense." and draw your own conclusions.
Scott, just out of interest I wanted to read that threa
On Fri, Apr 11, 2008 at 7:33 AM, Jan Zorz <[EMAIL PROTECTED]> wrote:
> Don't bother with this. I ran through a small flame-war with Scott about
> this, wrote my own patches for pfsense, that were working flawlessly on
> 1.0.1 and were applying rules on out-traffic, but politic persuation on
> dev's
O I C.
So, I read what I could find, and I could use some clearing up:
Choose one of the following:
1) FTP incoming or outgoing is impossible with Multi-WAN on either WAN
interface
2) FTP is impossible on Multi-WAN incoming, but possible outgoing only
through WAN1
3) FTP is impossible on Multi-W
On Fri, 11 Apr 2008, Ermal Lu?i spaketh thusly:
-}What's wrong with only in rules?!
-}
-}You can do the same blocking as you would do with out and just save
-}your computer from blocking the packet after traversing the whole
-}machine!
Blocking out has different uses. As a simple and not uncommo
Personally I have number 4 setup...
It took several days of playing, and to be honest I'm not sure what all was
the reason it finally worked.
But I have this setup:
WAN: "Disable the userland FTP-Proxy application" CHECKED
WAN2: "Disable the userland FTP-Proxy application" CHECKED
WAN3: "Disable t
Easy solution...block destination ports in the IN of the interface that the
computers/servers are connected...i.e. on your lan interface you have 1
email server and 100 computers...create a rule to only allow email from a
single server and then make another rule denying anything else. In Cisco
wor
Thanks so far for all the info.
But using WebDAV (port 80) instead of FTP would circumvent this limitation,
correct?
-Original Message-
From: Tim Dickson [mailto:[EMAIL PROTECTED]
Sent: Friday, April 11, 2008 12:50 PM
To: support@pfsense.com
Subject: RE: [pfSense Support] Multimple WAN
David Cavanaugh wrote:
Thanks so far for all the info.
But using WebDAV (port 80) instead of FTP would circumvent this limitation,
correct?
Correct. Using any file transfer mechanism other than the NAT-b0rk FTP
will work around this, including SCP, WebDAV (though that makes me
cringe a li
On Fri, 11 Apr 2008, Curtis LaMasters spaketh thusly:
-}Easy solution...block destination ports in the IN of the interface that the
-}computers/servers are connected...i.e. on your lan interface you have 1
-}email server and 100 computers...create a rule to only allow email from a
-}single server
Ermal Luçi wrote:
What's wrong with only in rules?!
You can do the same blocking as you would do with out and just save
your computer from blocking the packet after traversing the whole
machine!
The interface it's blocked on is relatively irrelevant. You can do
anything with only in rules,
On Fri, Apr 11, 2008 at 9:06 PM, Chris Buechler <[EMAIL PROTECTED]> wrote:
> Ermal Luçi wrote:
>
> > What's wrong with only in rules?!
> >
> > You can do the same blocking as you would do with out and just save
> > your computer from blocking the packet after traversing the whole
> > machine!
> >
>
Is there a way to make the FreeRADIUS (or just generally package)
information sync between two pfSense boxes?
I have 2 different customers that need radius-1 of them I can use CARP,
but the other has 2 different sites.
Scenario 1:
Customer with 2 office buildings providing internet access
13 matches
Mail list logo
