[pfSense Support] RE: [pfSense-discussion] carp settings?
Seems to be a bit of a bug or querk with carp setup. Setup your 1 to 1 nats first then add carp before you add any port forward rules. It seems that if there is anything in the port forward rules before this it gives the error you mention. I have seen a few people with this issue. -Original Message- From: Matthew Lenz [mailto:[EMAIL PROTECTED] Sent: 02 August 2005 00:49 To: pfsense Subject: Re: [pfSense-discussion] carp settings? I'm also having difficulty adding 1:1 nats and port forwarding using the public wan IP i've got configured for carp between the two firewalls. port forwarding complains that my NAT IP isn't valid and 1:1 (/32 using the virtual ip) says it overlaps an existing network. - Original Message - From: Matthew Lenz [EMAIL PROTECTED] To: pfsense discussion@pfsense.com Sent: Monday, August 01, 2005 6:21 PM Subject: [pfSense-discussion] carp settings? I've got my two firewalls setup and I think stuff is mostly working. I'm curious about the firewall rule that the cluster tutorial talks about. Is it still required to make the pfsync interface (opt4 on each firewall in my case) able to pass all traffic? I really don't want that interface have access to all the other interface networks so is it ok if I set the source and destination to OPT4 net ? .. what other stuff do I have to do to make the firewalls sync? Can they sync new carp entries? do the synchronize ip and remote system passwords have to be entered on both machines and correspond to one another or is it only entered on one machine? -Matt - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] pppoe and radius auth
Aug 2 08:48:26 mpd: MRU 1492 Aug 2 08:48:26 mpd: MAGICNUM a74aead8 Aug 2 08:48:26 mpd: AUTHPROTO CHAP MD5 Aug 2 08:48:26 mpd: [pppoe0] LCP: state change Ack-Sent -- Opened Aug 2 08:48:26 mpd: [pppoe0] LCP: phase shift ESTABLISH -- AUTHENTICATE Aug 2 08:48:26 mpd: [pppoe0] LCP: auth: peer wants nothing, I want CHAP Aug 2 08:48:26 mpd: [pppoe0] CHAP: sending CHALLENGE Aug 2 08:48:26 mpd: [pppoe0] LCP: LayerUp Aug 2 08:48:26 mpd: [pppoe0] LCP: rec'd Ident #2 link 0 (Opened) Aug 2 08:48:26 mpd: MESG: MSRASV5.10 Aug 2 08:48:26 mpd: [pppoe0] LCP: rec'd Ident #3 link 0 (Opened) Aug 2 08:48:26 mpd: MESG: MSRAS-0-ALANLAPTOP Aug 2 08:48:26 mpd: [pppoe0] CHAP: rec'd RESPONSE #1 Aug 2 08:48:26 mpd: Name: [EMAIL PROTECTED] Aug 2 08:48:26 mpd: [pppoe0] RADIUS: RadiusAddServer Adding 195.218.115.142 Aug 2 08:48:26 mpd: [pppoe0] RADIUS: RadiusPutAuth: RADIUS_CHAP (MD5) peer name: [EMAIL PROTECTED] Aug 2 08:48:27 mpd: [pppoe0] RADIUS: RadiusSendRequest: RAD_ACCESS_ACCEPT for user [EMAIL PROTECTED] Aug 2 08:48:27 mpd: [pppoe0] RADIUS: RadiusGetParams: Dropping attribute: 14 Aug 2 08:48:27 mpd: [pppoe0] RADIUS: RadiusGetParams: RAD_FRAMED_IP_ADDRESS: 10.4.230.10 Aug 2 08:48:27 mpd: [pppoe0] RADIUS: RadiusGetParams: Dropping attribute: 3 Aug 2 08:48:27 mpd: Response is valid Aug 2 08:48:27 mpd: [pppoe0] CHAP: sending SUCCESS Aug 2 08:48:27 mpd: [pppoe0] LCP: authorization successful Aug 2 08:48:27 mpd: [pppoe0] LCP: phase shift AUTHENTICATE -- NETWORK Aug 2 08:48:27 mpd: [pppoe0] setting interface ng1 MTU to 1480 bytes Aug 2 08:48:27 mpd: [pppoe0] up: 1 link, total bandwidth 64000 bps Aug 2 08:48:27 mpd: [pppoe0] IPCP: Up event Aug 2 08:48:27 mpd: [pppoe0] IPCP: state change Starting -- Req-Sent Aug 2 08:48:27 mpd: [pppoe0] IPCP: SendConfigReq #1 Aug 2 08:48:27 mpd: IPADDR 192.168.168.1 Aug 2 08:48:27 mpd: [pppoe0] CCP: Open event Aug 2 08:48:27 mpd: [pppoe0] CCP: state change Initial -- Starting Aug 2 08:48:27 mpd: [pppoe0] CCP: LayerStart Aug 2 08:48:27 mpd: [pppoe0] CCP: Up event Aug 2 08:48:27 mpd: [pppoe0] CCP: state change Starting -- Req-Sent Aug 2 08:48:27 mpd: [pppoe0] CCP: SendConfigReq #1 Aug 2 08:48:57 mpd: [pppoe0] RADIUS: Termination cause: Protocol error:PPP layer IPCP failed: parameter negotiation failed, RADIUS: 15 Aug 2 08:48:57 mpd: [pppoe0] RADIUS: RadiusAccount: Sending accounting data (Type: 2) Aug 2 08:49:27 mpd: [pppoe0] rec'd proto IPCP during terminate phase Aug 2 08:49:27 mpd: [pppoe0] rec'd proto CCP during terminate phase Aug 2 08:49:27 mpd: [pppoe0] rec'd proto IPCP during terminate phase Aug 2 08:49:27 mpd: [pppoe0] rec'd proto CCP during terminate phase Aug 2 08:49:27 mpd: [pppoe0] rec'd proto IPCP during terminate phase Aug 2 08:49:27 mpd: [pppoe0] rec'd proto CCP during terminate phase Aug 2 08:49:27 mpd: [pppoe0] rec'd proto IPCP during terminate phase Aug 2 08:49:27 mpd: [pppoe0] rec'd proto CCP during terminate phase Aug 2 08:49:27 mpd: [pppoe0] rec'd proto IPCP during terminate phase Aug 2 08:49:27 mpd: [pppoe0] rec'd proto CCP during terminate phase Aug 2 08:49:27 mpd: [pppoe0] rec'd proto IPCP during terminate phase Aug 2 08:49:27 mpd: [pppoe0] LCP: rec'd Terminate Ack #3 link 0 (Stopping) Aug 2 08:49:27 mpd: [pppoe0] LCP: state change Stopping -- Stopped Aug 2 08:49:27 mpd: [pppoe0] LCP: phase shift TERMINATE -- ESTABLISH Aug 2 08:49:27 mpd: [pppoe0] LCP: LayerFinish Aug 2 08:49:27 mpd: [pppoe0] device: CLOSE event in state UP Aug 2 08:49:27 mpd: [pppoe0] device is now in state CLOSING Aug 2 08:49:27 mpd: [pppoe0] device: DOWN event in state CLOSING Aug 2 08:49:27 mpd: [pppoe0] device is now in state DOWN
[pfSense Support] pppoe and racoon
Aug 2 08:52:39 racoon: INFO: 10.4.230.1[500] used as isakmp port (fd=14) Aug 2 08:52:39 racoon: INFO: fe80::240:f4ff:fe65:3d13%rl1[500] used as isakmp port (fd=15) Aug 2 08:52:39 racoon: INFO: fe80::202:b3ff:fece:791f%fxp0[500] used as isakmp port (fd=16) Aug 2 08:52:39 racoon: INFO: 192.168.1.100[500] used as isakmp port (fd=17) Aug 2 08:52:39 racoon: INFO: fe80::2c0:9fff:fe1e:2df8%em0[500] used as isakmp port (fd=18) Aug 2 08:52:39 racoon: INFO: 192.168.50.1[500] used as isakmp port (fd=19) Aug 2 08:52:39 racoon: INFO: fe80::2c0:9fff:fe1e:2df8%ng1[500] used as isakmp port (fd=8) Aug 2 08:52:39 racoon: INFO: 192.168.168.1[500] used as isakmp port (fd=9) Aug 2 08:52:39 racoon: INFO: fe80::1%lo0[500] used as isakmp port (fd=10) Aug 2 08:52:39 racoon: INFO: ::1[500] used as isakmp port (fd=11) Aug 2 08:52:39 racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=12) Aug 2 08:52:39 racoon: ERROR: failed to bind to address 192.168.168.1[500] (Address already in use). Aug 2 08:52:39 racoon: INFO: fe80::280:c8ff:fe37:6c9a%axe0[500] used as isakmp port (fd=13) Aug 2 08:52:39 racoon: INFO: 10.4.230.1[500] used as isakmp port (fd=14) Aug 2 08:52:39 racoon: INFO: fe80::240:f4ff:fe65:3d13%rl1[500] used as isakmp port (fd=15) Aug 2 08:52:39 racoon: INFO: fe80::202:b3ff:fece:791f%fxp0[500] used as isakmp port (fd=16) Aug 2 08:52:39 racoon: INFO: 192.168.1.100[500] used as isakmp port (fd=17) Aug 2 08:52:39 racoon: INFO: fe80::2c0:9fff:fe1e:2df8%em0[500] used as isakmp port (fd=18) Aug 2 08:52:39 racoon: INFO: 192.168.50.1[500] used as isakmp port (fd=19) this error seems to occur when i am logged into pppoe
Re: [pfSense Support] Issue installing 0.71.12 ISO to HD
I just uploaded pfSense-0.69.14-LiveCD.iso too... http://analyzerx.noodles.gr/pfSense-0.69.14-LiveCD.isoOn 8/2/05, analyzerx [EMAIL PROTECTED] wrote: http://analyzerx.noodles.gr/pfSense-0.67.8.iso I have some other old versions too, pfSense-0.61.3.iso pfSense-0.69.14-LiveCD.iso pfSense-0.69.14-wrap-soekris-128-megs.bin.gz pfSense-128-megs-soekris-0.69.6.bin.gz pfSense-128-megs-wrap-soekris-0.66.6.bin.gz pfSense-Full-Update-0.67.2.tgz pfSense-Full-Update-0.69.8.tgz pfSense-Full-Update-0.70.1.tgz pfSense-Full-Update-0.70.tgz I'll try to upload them all and post the link to them... I hope scott or anyone doesn't have any problem with this! o_O please tell me if I shouldn't do it... On 8/2/05, Scott Ullrich [EMAIL PROTECTED] wrote: http://www.pfsense.com/old/ is our older stuff but it really doesn'tgo so far back.Sorry!Scott On 8/1/05, Kyle Mott [EMAIL PROTECTED] wrote:Man, I cant even get a fresh install from 0.62.3 and update to 0.73 to work. I *always* get the following execve error:dhclient[1375]: exiting.dhclient[1375]: exiting. dhclient[1375]: connection closeddhclient[1375]: connection closeddhclient[1374]: exiting.dhclient[1374]: exiting.dhclient[1374]: vx0: not founddhclient[1374]: vx0: not found dhclient[1376]: exiting.dhclient[1376]: exiting.dhclient[1376]: execve (/etc/dhclient-script, ...): No such file or directorydhclient[1376]: execve (/etc/dhclient-script, ...): No such file or directoryWhere is the archive ISO's located? I wanna try installing 0.67.8 and then upgrading to 0.72 or 0.73.-Kyle Mott Wesley Joyce wrote: Kyle, in my experience, installing 0.67.8 from ISO and upgrading to 0.73 works.Installing 0.72 from ISO does not work. From: Kyle Mott [mailto:[EMAIL PROTECTED] ]Sent: Monday, August 01, 2005 11:30 AMTo: analyzerx Cc: Scott Ullrich; Wesley Joyce; support@pfsense.comSubject: Re: [pfSense Support] Issue installing 0.71.12 ISO to HD I've tried 0.72, and that panics at 50% also. I'll probably try an older version and then upgrade when I get home today, but Id really like to try the newer version(s).I also seem to be having an issue when I go to restore my config, I always get a weird 'execve' error for my WAN DHCLIENT config. I havent been able to track it down, but I'll keep working on it.-Kyle Mott analyzerx wrote: try installing a older version and upgrading (0.6.X seem to be working fine)also try the new version i think there are some changes for this bug/thing On 8/1/05, Kyle Mott [EMAIL PROTECTED] wrote: I'm getting the same exact error, every time I try to install the 0.71.12 ISO. I had to revert back to m0n0wall (hopefully temporarily). -Kyle MottScott Ullrich wrote:Does this happen every time you attempt an install or did you only try once? ScotOn 7/30/05, Wesley Joyce [EMAIL PROTECTED] wrote: The exact error I am getting installing 0.71.12 to HD is as follows. Afterdoing all the partitioning and selecting of file systems, at 50% of the '/FreeSBIE/usr/local/bin/cpdup …' command being executed I get aPanic: vm_fault: fault on nofault entry: c780400 Cupid = 0Uptime 1m38sDumping 126mb (2 chunks)Chunk 0: 1mb (159 pages) … ok Chunk 1: 126MB (32174 pages) 110 94 78 62 46 30 14 … okDump complete…snip… Wesley Joyce, Network Administrator Network Operations, Information Technology Services University of the Virgin Islands #2 John Brewers Bay, St. Thomas, USVI 00802-9990 (340) 693-1469 (voice) / (340) 693-1545 (fax) http://www.uvi.edu/ From: Wesley Joyce [mailto: [EMAIL PROTECTED]] Sent: Saturday, July 30, 2005 1:37 PM To: 'analyzerx'; support@pfsense.com Subject: RE: [pfSense Support] Pre 0.7x ISOThanks.I have tried to install pfSense-LiveCD-0.71.12 , pfSense-LiveCD-0.716 ,pfSense-LiveCD-0.70.10 and pfSense-LiveCD-0.70.4 ISO's to hard drive usingthe 'installer' and they all either dump during the copy of files to thepartition, or after rebooting from the hard drive the 1st time, it complainsabout the hard drive and files not being found.I previously got the 0.6xseries to install.Is it supports installing 0.6x and upgrading to the latest 0.71? Wesley Joyce, Network Administrator Network Operations, Information Technology Services University of the Virgin Islands #2 John Brewers Bay, St. Thomas, USVI 00802-9990 (340) 693-1469 (voice) / (340) 693-1545 (fax) http://www.uvi.edu/ From: analyzerx [mailto: [EMAIL PROTECTED]] Sent: Saturday, July 30, 2005 1:27 PM To: support@pfsense.com Subject: Re: [pfSense Support] Pre 0.7x ISOWhat seems to be the problem with the installation? I'm uploading it to my web server in any case, it will take some time causeI only have 128kbps upload... o_O I'll post the URL once it's done... -To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] warning on 0.73
I get a warning on 0.73 and 0.73.2 about the configuration that I am using being newer than the one being used. This happens on boot. I defaulted my configuration when on 0.73 but still get the error on boot. Any ideas
Re: [pfSense Support] Remote Shutdown
Use execraw.php to issues shutdown -h now Scott On 8/2/05, analyzerx [EMAIL PROTECTED] wrote: halt system in the web admin? o_O? On 8/2/05, Roger Miranda (Digital Relay) [EMAIL PROTECTED] wrote: Hey, I have a PfSense Version Firewall in place but due to energy prices in it's location it needs to be shutdown everynight. Is there anyway that I can use a smiple feature ethier through SSH or HTML/PHP to shutdown the firewall an easy way? Due to agian the location of the device, there is no one there with technical background. So I need a pretty simple way. Thanks for all the help in advance. Roger - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] ipsec more info
Is it possible to route all traffic from opt1 across an ipsec vpn. Or is there anyway to encapsulate traffic somehow else. What I am trying to achieve is routing some remote sites we have back into our primary backbone. We are having problems with DOS attacks on these sites. So we where planning to route them to our primary 100 mbps backbone And mask them with our public IP addresses there. This would consolidate our services much better and allow for easier management as our Primary upstream is far more supportive. I know it is way off topic but I would love some feedback
Re: [pfSense Support] ipsec more info
On 8/2/05, alan walters [EMAIL PROTECTED] wrote: Is it possible to route all traffic from opt1 across an ipsec vpn. I think there's somebody doing this with m0n0wall. I recall it being discussed on the list in the past. I believe how they accomplished it was adding a site to site VPN, then adding a static route on the LAN for 0.0.0.0/0 (i.e. everything; this route wasn't possible in the GUI without changing the code, not sure if that's been changed here or not) pointing to the other end LAN side of the VPN tunnel. I could be way off on that though, it's been a while. Worth a shot at least, might also want to google with site:m0n0.ch to see if you come up with anything. -cmb - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Question on UPDATES
On 8/2/05, David Strout [EMAIL PROTECTED] wrote: Are the updates posted to the mirrors static or are they updated based upon changes throughout the day/multiday timeline. They update throughout the day. Check the md5's. A little clarity if I grabbed the 0.73.2 update last night and then I see a difference in time on the mirrors this morning... does hat mean that the file name is the same but a newer version or changed, and should i be grabbing the latest.tgz instead. latest.tgz is for the after installation scripts on the BSD Installer. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] concurrent captive portal users
By default, captive portal will allow multiple logins using the same username and password... If the username and password is shared among a group of people, they could all login and surf to various places at the same time and monowall (and I presume pfSense) would be happy with it... In our situation, we didn't want people to have the option of sharing their usernames and passwords. I just mod'ed the monowall code so concurrent logins with the same username are not allowed with Captive Portal... (I plan to put a config item in for this later, so you can choose to operate this way or not)... The way I've coded it, if you are logged into the captive portal and someone else logs in with your username and password, it will kick you off, then allow them in, making a note of the reason for the logout in the syslog, like so: Is this a feature that others are interested in? I am sure it wouldn't take much to put this in pfSense, since I think most of that code is still the same as monowall... How do I go about getting it added? Paul - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] concurrent captive portal users
If you can make this an option this would be a great addition. A unified diff with the m0n0wall code changes should be enough for me to integrate the code into pfSense. Scott On 8/2/05, Paul Taylor [EMAIL PROTECTED] wrote: By default, captive portal will allow multiple logins using the same username and password... If the username and password is shared among a group of people, they could all login and surf to various places at the same time and monowall (and I presume pfSense) would be happy with it... In our situation, we didn't want people to have the option of sharing their usernames and passwords. I just mod'ed the monowall code so concurrent logins with the same username are not allowed with Captive Portal... (I plan to put a config item in for this later, so you can choose to operate this way or not)... The way I've coded it, if you are logged into the captive portal and someone else logs in with your username and password, it will kick you off, then allow them in, making a note of the reason for the logout in the syslog, like so: Is this a feature that others are interested in? I am sure it wouldn't take much to put this in pfSense, since I think most of that code is still the same as monowall... How do I go about getting it added? Paul - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] concurrent captive portal users
Woops - I was trying to paste this in after like so: when I accidentally sent the email... :) Last 50 captive portal log entries Aug 2 13:44:33 LOGIN: pault, 00:50:da:b2:42:36, 192.168.1.254 Aug 2 13:45:29 LOGIN: pault, 00:10:4b:76:91:4e, 192.168.1.253 Aug 2 14:01:34 DISCONNECT: pault, 00:10:4b:76:91:4e, 192.168.1.253 Aug 2 14:01:51 CONCURRENT LOGIN - TERMINATING: pault, 00:50:da:b2:42:36, 192.168.1.254 Aug 2 14:01:51 LOGIN: pault, 00:10:4b:76:91:4e, 192.168.1.253 Aug 2 14:01:55 CONCURRENT LOGIN - TERMINATING: pault, 00:10:4b:76:91:4e, 192.168.1.253 Aug 2 14:01:55 LOGIN: pault, 00:50:da:b2:42:36, 192.168.1.254 Aug 2 14:02:24 CONCURRENT LOGIN - TERMINATING: pault, 00:50:da:b2:42:36, 192.168.1.254 Aug 2 14:02:24 LOGIN: pault, 00:10:4b:76:91:4e, 192.168.1.253 Aug 2 14:02:38 CONCURRENT LOGIN - TERMINATING: pault, 00:10:4b:76:91:4e, 192.168.1.253 Aug 2 14:02:38 LOGIN: pault, 00:50:da:b2:42:36, 192.168.1.254 Note that I kicked the pault user at 14:01:34, then tried logging in as pault at 14:01:51 (after saving the code onto Monowall). It kicked the other login of pault out (the .254 user) and then logged me in (.253). Then, we went back and forth logged each other out... What fun! Paul -Original Message- From: Paul Taylor [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 02, 2005 2:29 PM To: support@pfsense.com Subject: [pfSense Support] concurrent captive portal users By default, captive portal will allow multiple logins using the same username and password... If the username and password is shared among a group of people, they could all login and surf to various places at the same time and monowall (and I presume pfSense) would be happy with it... In our situation, we didn't want people to have the option of sharing their usernames and passwords. I just mod'ed the monowall code so concurrent logins with the same username are not allowed with Captive Portal... (I plan to put a config item in for this later, so you can choose to operate this way or not)... The way I've coded it, if you are logged into the captive portal and someone else logs in with your username and password, it will kick you off, then allow them in, making a note of the reason for the logout in the syslog, like so: Is this a feature that others are interested in? I am sure it wouldn't take much to put this in pfSense, since I think most of that code is still the same as monowall... How do I go about getting it added? Paul - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] concurrent captive portal users
On 8/2/05, Paul Taylor [EMAIL PROTECTED] wrote: Woops - I was trying to paste this in after like so: when I accidentally sent the email... :) Last 50 captive portal log entries Aug 2 13:44:33 LOGIN: pault, 00:50:da:b2:42:36, 192.168.1.254 Aug 2 13:45:29 LOGIN: pault, 00:10:4b:76:91:4e, 192.168.1.253 Aug 2 14:01:34 DISCONNECT: pault, 00:10:4b:76:91:4e, 192.168.1.253 Aug 2 14:01:51 CONCURRENT LOGIN - TERMINATING: pault, 00:50:da:b2:42:36, 192.168.1.254 Aug 2 14:01:51 LOGIN: pault, 00:10:4b:76:91:4e, 192.168.1.253 Aug 2 14:01:55 CONCURRENT LOGIN - TERMINATING: pault, 00:10:4b:76:91:4e, 192.168.1.253 Aug 2 14:01:55 LOGIN: pault, 00:50:da:b2:42:36, 192.168.1.254 Aug 2 14:02:24 CONCURRENT LOGIN - TERMINATING: pault, 00:50:da:b2:42:36, 192.168.1.254 Aug 2 14:02:24 LOGIN: pault, 00:10:4b:76:91:4e, 192.168.1.253 Aug 2 14:02:38 CONCURRENT LOGIN - TERMINATING: pault, 00:10:4b:76:91:4e, 192.168.1.253 Aug 2 14:02:38 LOGIN: pault, 00:50:da:b2:42:36, 192.168.1.254 Note that I kicked the pault user at 14:01:34, then tried logging in as pault at 14:01:51 (after saving the code onto Monowall). It kicked the other login of pault out (the .254 user) and then logged me in (.253). Then, we went back and forth logged each other out... What fun! You might also make the behaviour configurable - say, _not_ logging the existing user out, or giving an option asking first. --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] concurrent captive portal users
Bill, I am planning to make it an option - Either log them out, or allow concurrency I hadn't thought of having it ask. I've also had another suggestion to redirect them to a page that indicates their password may have been compromised... I'll probably stick with an on/off switch for now... Paul -Original Message- From: Bill Marquette [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 02, 2005 2:59 PM To: Paul Taylor Cc: support@pfsense.com Subject: Re: [pfSense Support] concurrent captive portal users On 8/2/05, Paul Taylor [EMAIL PROTECTED] wrote: Woops - I was trying to paste this in after like so: when I accidentally sent the email... :) Last 50 captive portal log entries Aug 2 13:44:33 LOGIN: pault, 00:50:da:b2:42:36, 192.168.1.254 Aug 2 13:45:29 LOGIN: pault, 00:10:4b:76:91:4e, 192.168.1.253 Aug 2 14:01:34 DISCONNECT: pault, 00:10:4b:76:91:4e, 192.168.1.253 Aug 2 14:01:51 CONCURRENT LOGIN - TERMINATING: pault, 00:50:da:b2:42:36, 192.168.1.254 Aug 2 14:01:51 LOGIN: pault, 00:10:4b:76:91:4e, 192.168.1.253 Aug 2 14:01:55 CONCURRENT LOGIN - TERMINATING: pault, 00:10:4b:76:91:4e, 192.168.1.253 Aug 2 14:01:55 LOGIN: pault, 00:50:da:b2:42:36, 192.168.1.254 Aug 2 14:02:24 CONCURRENT LOGIN - TERMINATING: pault, 00:50:da:b2:42:36, 192.168.1.254 Aug 2 14:02:24 LOGIN: pault, 00:10:4b:76:91:4e, 192.168.1.253 Aug 2 14:02:38 CONCURRENT LOGIN - TERMINATING: pault, 00:10:4b:76:91:4e, 192.168.1.253 Aug 2 14:02:38 LOGIN: pault, 00:50:da:b2:42:36, 192.168.1.254 Note that I kicked the pault user at 14:01:34, then tried logging in as pault at 14:01:51 (after saving the code onto Monowall). It kicked the other login of pault out (the .254 user) and then logged me in (.253). Then, we went back and forth logged each other out... What fun! You might also make the behaviour configurable - say, _not_ logging the existing user out, or giving an option asking first. --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] concurrent captive portal users
On 8/2/05, Paul Taylor [EMAIL PROTECTED] wrote: I am planning to make it an option - Either log them out, or allow concurrency I hadn't thought of having it ask. I've also had another suggestion to redirect them to a page that indicates their password may have been compromised... I'll probably stick with an on/off switch for now... Great ideas!! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Remote Shutdown
On 8/2/05, Scott Ullrich [EMAIL PROTECTED] wrote: Use execraw.php to issues shutdown -h now that probably won't actually power off the machine though, will just keep it running at the press any key to restart screen. there's a way to make it power off if the machine supports it, though I don't recall what it is offhand. -cmb - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Remote Shutdown
Chris Buechler wrote: On 8/2/05, Scott Ullrich [EMAIL PROTECTED] wrote: Use execraw.php to issues shutdown -h now that probably won't actually power off the machine though, will just keep it running at the press any key to restart screen. there's a way to make it power off if the machine supports it, though I don't recall what it is offhand. shutdown -p now should do the trick depending on hardware support. -- Scott Muller - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Enable 'routed'
On 8/2/05, Scott Muller [EMAIL PROTECTED] wrote: Is it possible to enable the Routing daemon (routed). Our pfsense box sits on a network that uses rip v2. I have manually started /sbin/routed -q (-q means listen only) from the shell prompt but need an integrated way to do this, or is there a recommended alternative way to get this going. You can use shellcmd for this (http://m0n0.ch/wall/list/?action=show_msgactionargs[]=135actionargs[]=62) --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]