[pfSense Support] configure squid?
Hi All, I have using pfsense-0.68.12 installed squid-2.5.10_4 but i don't configure wtih my network till now WAN # DHCP LAN # 192.168.3.20 anybody tell me config squid with pfsense, if possible squid.conf file send= me Regards: aaziz - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Dead CPU Usage meter on pfSense 0.70.4
Just a cosmetic problem: CPU Usage meter on pfSense 0.70.4 is not working. Miles Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
AW: [pfSense Support] configure squid?
You'll have to modify the package for squid in /usr/local/pkg/squid.xml. You should upgrade to the latest version before doing anything: http://pfsense.com/updates/pfSense-Full-Update-0.70.4.tgz Holger -Ursprüngliche Nachricht- Von: Abdul Aziz [mailto:[EMAIL PROTECTED] Gesendet: Montag, 18. Juli 2005 09:02 An: support@pfsense.com Cc: [EMAIL PROTECTED] Betreff: [pfSense Support] configure squid? Hi All, I have using pfsense-0.68.12 installed squid-2.5.10_4 but i don't configure wtih my network till now WAN # DHCP LAN # 192.168.3.20 anybody tell me config squid with pfsense, if possible squid.conf file send= me Regards: aaziz - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Intrusion Prevention
Thanks...the links you provided look very interesting! Oh, and I knew I should have kept my big mouth closed :) On 7/18/05, Holger Bauer [EMAIL PROTECTED] wrote: I guess it doesn't make sense to have a small solution that will be replaced later. Actually there are some projects that might do the job better: http://www.snortsam.net/ http://sourceforge.net/projects/packetfence/ Give it some time and you'll see something like that in pfsense or at least as an installable package :-) Holger -Ursprüngliche Nachricht- Von: Jason Landry [mailto:[EMAIL PROTECTED] Gesendet: Montag, 18. Juli 2005 07:08 An: pfsense Betreff: [pfSense Support] Intrusion Prevention I know that intrusion prevention is on the radar, but what are the chances of a relatively simple version to start? My thought was something along these lines: If W connections are attempted through X ports within Y minutes, block the source /24 subnet for Z minutes. Any connection attempt that has an incoming rule defined that allows the connection would not count against the number of attempts. I have absolutely no ability to program this stuff (I'm a SQL guy), and I have no idea of how difficult it would be, but I thought I'd offer the suggestion. Thanks for all your hard work to date! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Multi WAN dhclient
Support for multiple WAN dhclient has been available for 2-3 weeks. Has anyone tried this yet? I need some feedback on if this works or not Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
AW: [pfSense Support] carp array
1. config all your public IPs as CARP-IPs, so the pfsense will answer them on wan 2. use firewallNATportforward to forward the virtual IPs to the Servers inside your Network (check the autocreate rule option) 3. use firewallNAToutbound with enabled advanced outbound NAT to make the Servers use their corrosponding virtual IP for going out to WAN (you have to create some rules for that, first match wins) Alternatively you could use 1:1 NAT but this basically is for converting complete IP-Ranges btw, I'll redo the tutorial in some time with the new GUI-Layout. Hope this helps, Holger -Ursprüngliche Nachricht- Von: alan walters [mailto:[EMAIL PROTECTED] Gesendet: Dienstag, 19. Juli 2005 00:36 An: support@pfsense.com Betreff: FW: [pfSense Support] carp array I have reviewed the tutorial before, it looks good for outbound connections. How would I manage this under the latest version? (NO auto option) We have two apache servers 1 dns and 1 smtp server inside our network that clients need to access We want to use the carp array for inbound connections as well as outbound connections is this possible would I just setup the carp configuration using virtual IP's for each of my services on the WAN We have two apache servers 1 dns and 1 smtp server inside our network that clients need to access So we have a pool of IP's can we make all of these available in the carp pool on the wan interface?? This is a hard thing to write but I hope someone realises what I am saying Alan -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: 16 July 2005 00:15 To: alan walters Cc: support@pfsense.com Subject: Re: [pfSense Support] carp array On 7/15/05, alan walters [EMAIL PROTECTED] wrote: We have a present firewall that we want to redunently backup. I have reviewed some of the information but am a little confused about how we could deploy this. Our configureation is as follows Primary backup Wan1wan2(opt1)Wan1 wan2(opt1) Lan DMZ(opt2) opt3(carp)opt3(carp) LAN DMZ(opt2) Would switches be placed in front of wan1 and wan2 and then linked to primary and backup firewalls? http://www.pfsense.com/tutorials/carp/carp_cluster.htm goes over this in detail (with pictures!) Can I sync the entire system across this?? Can you provide failover services? Yes. Take a look at http://www.pfsense.com/tutorials/carp/carp_cluster.htm Would the hardware need to be identical No. I use a Nexcom appliance currently as my primary firewall and a soekris 4501 as a backup. Works great. Any thoughts on how this configuration would best be deployed. http://www.pfsense.com/tutorials/carp/carp_cluster.htm has the low down. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.323 / Virus Database: 267.8.16/50 - Release Date: 15/07/2005 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.323 / Virus Database: 267.9.0/50 - Release Date: 16/07/2005 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.323 / Virus Database: 267.9.0/50 - Release Date: 16/07/2005 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Re: [BULK] AW: [pfSense Support] carp array
Hi, 1. config all your public IPs as CARP-IPs, so the pfsense will answer them on wan Sorry to ask, it is possible for me to do this for replacing IP Aliases? currently i'm have to manually edit config.xml to include all those Public IP that i have under shellcmd so that my WAN interfaces will answer to all my public IP and port forward to my server on DMZ with private IP set ( 192.168.0.x ) Please shed me some light on this and thanks in advances, Regards, - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Re: [BULK] AW: [pfSense Support] carp array
Yikes...why aren't you using proxy arp? At any rate, carp will work for that too - it'll be somewhat noisy, but'll work just fine. In fact...what the hell I recommend it, there, I said it...;-P --Bill On 7/18/05, ijez [EMAIL PROTECTED] wrote: Hi, 1. config all your public IPs as CARP-IPs, so the pfsense will answer them on wan Sorry to ask, it is possible for me to do this for replacing IP Aliases? currently i'm have to manually edit config.xml to include all those Public IP that i have under shellcmd so that my WAN interfaces will answer to all my public IP and port forward to my server on DMZ with private IP set ( 192.168.0.x ) Please shed me some light on this and thanks in advances, Regards, - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
