I Agree, and specially on FreeBSD. In fact, we have pretty complex
configurations with about 25 vlans per firewall and on top of these, we have
Carp Interfaces. We used to have FreeBSD but when manipulating the carp
interface, we would regularly face Kernel Panic.
We decided to switch to
Wow! I finally successfully did a firmware update on my embedded
platform which didn't require a reflash. I updated from 1.2-RC2 to
1.2-RC3 downloaded a few minutes ago. The process I used was:
upload tgz file to /tmp/firmware.tgz
select option 13, and used local file for upgrade
... sat
On 11/29/07, Vivek Khera [EMAIL PROTECTED] wrote:
Wow! I finally successfully did a firmware update on my embedded
platform which didn't require a reflash. I updated from 1.2-RC2 to
1.2-RC3 downloaded a few minutes ago. The process I used was:
upload tgz file to /tmp/firmware.tgz
select
Great idea, can't wait to see it.
Robert
On Wednesday 28 November 2007 15:44, Scott Ullrich wrote:
On 11/28/07, Ole Barnkob Kaas [EMAIL PROTECTED] wrote:
A bit offtopic - but bogons jogged my memory. Anyone thought on
implementing this:
http://www.spamhaus.org/drop/index.lasso
It will
On Nov 29, 2007, at 12:14 PM, Scott Ullrich wrote:
The *only* thing not right, and this has been reported before but
never reproduced it seems, is that the /etc/ttys file was for the
full
version. Thus, there was no menu on the serial port console.
Copying
over the ttys_wrap file from
On 11/29/07, Vivek Khera [EMAIL PROTECTED] wrote:
I know! :-)
It must just be something special to me, as nobody else seems to
observe this... :-(
PS: I really like the IPsec status summary view. Much more useful
than just staring at SAD entries.
Actually I found a minor issue and I have
Hi All,
I've heard much about these WRAP boards, which can store pfSense in
firmware. What I need to know is the following:
* We need something that can handle 51 IPSec tunnels (and up to a full T1 of
bandwidth, occasionally; usually much less) without any trouble caused by
underpowered CPUs or
On Thu, Nov 29, 2007 at 12:48:06PM -0800, Gabriel Green wrote:
Hi All,
I've heard much about these WRAP boards, which can store pfSense in
firmware. What I need to know is the following:
WRAP is obsolete. Try ALIX. A complete system is about 120 EUR, enclosure
and power supply
Gabriel Green wrote:
Hi All,
I've heard much about these WRAP boards, which can store pfSense in
firmware. What I need to know is the following:
* We need something that can handle 51 IPSec tunnels (and up to a full
T1 of bandwidth, occasionally; usually much less) without any trouble
Am 29.11.2007 um 22:11 schrieb Chris Buechler:
Gabriel Green wrote:
Hi All,
I've heard much about these WRAP boards, which can store pfSense
in firmware. What I need to know is the following:
* We need something that can handle 51 IPSec tunnels (and up to a
full T1 of bandwidth,
In pfSense, is there a way to have a rule affect only those people in a
certain range of IP addresses (as in, a range that you can't use a
subnet mask to match)?
For example, a typical setup of ours is to have an internal subnet of
say, 192.168.99.0/24. The DHCP Range that we usually use (DHCP
Yes. You'll need to create a subnet alias - say dynamicip and
populate it with the addresses (you can use cidr blocks here to reduce
the number of entries you need in the alias) that are dynamic, then
create a rule that uses the alias as the source address.
--Bill
On Nov 29, 2007 4:53 PM,
So in other words, add an alias that contains something like
192.168.99.100/32
192.168.99.101/32
...
192.168.99.127/32
192.168.99.128/26 (this should handle 128--191)
192.168.99.192/32
192.168.99.193/32
..
192.168.99.199/32
(or some variant of this if I get fancier with the subnet mask)
Am I
Exactly.
--Bill
On Nov 29, 2007 5:21 PM, Dimitri Rodis [EMAIL PROTECTED] wrote:
So in other words, add an alias that contains something like
192.168.99.100/32
192.168.99.101/32
...
192.168.99.127/32
192.168.99.128/26 (this should handle 128--191)
192.168.99.192/32
192.168.99.193/32
..
Léo Goehrs wrote:
I Agree, and specially on FreeBSD. In fact, we have pretty complex
configurations with about 25 vlans per firewall and on top of these, we have
Carp Interfaces. We used to have FreeBSD but when manipulating the carp
interface, we would regularly face Kernel Panic.
As
Paul Brown wrote:
I'm also having problems with Port Forwarding - both regular and 1:1.
Firewall log shows the traffic passing but connection attempts just
timeout.
Is this a known issue?
No, nothing related to this has changed in a long time.
See
I'm also having problems with Port Forwarding - both regular and 1:1.
Firewall log shows the traffic passing but connection attempts just
timeout.
Is this a known issue? A new feature? ;)
On Oct 23, 2007 5:20 PM, DLStrout [EMAIL PROTECTED] wrote:
Just wondering if this is a known issue or is
Rainer Duffner wrote:
BTW: What kind of case do you recommend?
AFAICS, PCEngines doesn't really sell Mini-ITX-cases, which seem to be
the form-factor for the ALIX-boards.
They aren't mini ITX. Cases linked here:
http://blog.pfsense.org/?p=155
PC Engines sells the same.
I'm confused, I have defined vlan1, and some parts of pfSense think it's
up, and some parts dont.
ifconfig see's it up:
# ifconfig vlan1
vlan1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
inet6 fe80::2e0:81ff:fe2b:d592%vlan1 prefixlen 64 scopeid 0xd
inet
On 11/30/07, Léo Goehrs [EMAIL PROTECTED] wrote:
[snip]
Well, I do it often, specially when something is wrong, or when removing a
customer, and having a kernel panic is not acceptable. I hope the FreeBSD
Team will correct this bug at some point.
It is fixed in 7.X. We will switch over at
As long as you don't destroy the interfaces you're fine. Deleting CARP
IPs is rare on almost all installs, so forcing a reboot isn't a big
deal. This is already fixed in FreeBSD 7 so it won't always be the case.
Well, I do it often, specially when something is wrong, or when removing a
21 matches
Mail list logo