I've run with as many as 7 interfaces - one SIS, one dual fxp, and one
quad fxp; no issues there. However, I've not done that on 1.0
On 10/24/06, Rudi Potgieter [EMAIL PROTECTED] wrote:
Hi All
Does pfsense have a problem using 4 nics? Whenever I install a fourth in
the machine, one of the
Coming from having participated in design authoring automated
systems that telnet/ssh to tens of thousands of devices and manage
them automatically, any such script worth it's salt is going to use
Expect and be able to handle multiple levels of indirection before a
shell prompt. Contact me
No. I think you are thinking in the wrong direction if you want rules
from one rulebase to magically expand into four rulebases. That's not
something I've ever wanted, I'm unsure how you ended down that train
of thought.
I think I started that [explicit] train of thought, simply because no
You provide no concrete reasoning for your speculations, and I think
that you're wrong.
What speculation? That the basis of networking is how specific
machines' interfaces are linked, be it at layer 2 or layer 7? This
kind of hand-waving really makes me itch for ad-hominem attacks, but
I'm
Eric better covers things below than what I had written.
What are those edge cases, exactly?
To enumerate all edges I have ever discovered would be more taxing
than my time allows. To name a few: repeated subnets, interface
balancing, source-based routing, traffic mirroring, TTL mangling,
Any kernel experts out there?
Whoa, waitaminit - you're telling us you expect this to be implemented
at the kernel level? As in trying to change the way the most trusted,
respected, and audited group of networking-centric OSes views and
handles networks? The same OS family that's regarded as
I find it irrelevant to the discussion what others are doing, though :-).
Simply that this concept is alien to me, and I'm trying to grasp
context - the more outside examples the better. It seems that what
you're looking for is somewhat similar to some of the higher-level
shiny bits on Cisco's
I've done this myself (full tun/tap setup), replete with DHCP - I just
port-forwarded it through pfSense to an internal host. It's pretty
neat, but lacks repeatability; I had to script some sudo commands both
server and client-side to set up the interfaces routing.
RB
On 5/29/06, Scott
Picky bit (a bit late, and package-related). SpamD hides the
Outlook tab when the SpamD Database tab is clicked. I've run
through most of the UI on my [not fresh install] system, and not found
any problems so far other than that.
RB
On 4/16/06, Scott Ullrich [EMAIL PROTECTED] wrote:
Please
Day late, dollar short, and only an opinion:I'll spare you the boring details, but I know understand enterprise redundancy. Software RAID has it's place, but at the enterprise level it's ridiculous to waste valuable CPU cycles on something a $300 add-on card can do much more efficiently and with
On 4/5/06, Vivek Khera [EMAIL PROTECTED] wrote: ISC's ntp is well known and understood and considered very accurate. I see no other choice.
After Running OpenNTP for a while now, I feel less uncomfortable with it - after the first 12 hours or so, the clock swings (+/-12ms) evened out, and it's
Joshua, privately I've had interest on this from one other person,
hopefully they'll contact you to coordinate efforts
That would be me - I'm no BSD developer, but am certainly willing to
muck about with setting up configs for it and such.
OpenNTP's only redeeming factors ATM seem to be it's
And yes, we are open to replacing it with something else if someone
wants to do the plubming.
If given the choice between ntp.org
(http://ntp.isc.org/bin/view/Main/NTPcopyrightStatement) and OpenNTP
(OpenBSD), which would you prefer?
That's the way I do it - IIRC, you may have to set up the 'allow' for
that subnet to go out, but you will definitely need to set one up to
deny from them to LAN (or some subset thereof).
The nice thing is that I have my own ISC DHCP/BIND setup on my LAN,
but I can just let pfSense take care of
it finish itself off before I
started recovering, since there really was no telling how far the
deletion had already gotten.
Scott Ullrich wrote:
Great, what version where you running?
On 2/2/06, Randy B [EMAIL PROTECTED] wrote:
Not a submitted bug, but just wanted to let you guys know
Scott Ullrich wrote:
On 2/3/06, Rainer Duffner [EMAIL PROTECTED] wrote:
If so, don't do this!
I always use /mnt...
Yes, use /mnt instead of /tmp/ so that you do not whipe you're data.
Scott
Indeed; I always use /mnt as well, but it was readonly (0555), and I
didn't even think to chmod
Not a submitted bug, but just wanted to let you guys know (for
historical purposes):
If you boot your system to the pfSense LiveCD to fsck disks or the like,
_DO NOT_ assume that mounted partitions will be automagically and safely
unmounted upon reboot - especially if they're mounted
Long time listener, first time caller. Bearded, black-wearing,
anti-social, White Zombie Otep-listening security professional.
I'm not going to quote the precise statement because it's not worth
repeating, but it's rather obvious that you're not making much headway
with your suggestion
I've loosed a monster... ;-)
FWIW, I think there's a wrong note in the version I sent out to the list.
Jonathan Woodard wrote:
Thanks for fixing this from me as well, I enjoy the beeps as well. On a
side note, I would again like to throw my vote for Star Wars Imperial
March. :-)
Holger
Rainer Duffner wrote:
Hi,
I tried installing the 0.90 that was on the mirrors this morning on a
Dual 1.2 GHz Tualation (a Supermicro P3TDE6) with 4 GB RAM.
Both FreeBSD6 and that 0.90 snapshot paniced relatively early in the
boot-sequence.
I've run 0.7x-series pfSense successfully on a Dell
I got to this point just running about 500 requests/sec in apache
benchmark. No keepalive.
Strike me as inexperienced here, but wouldn't you want to tweak PF a bit
for your environment? Did you try the Firewall Optimization Options
and set it to aggressive?
Methinks one would have a
Hm. Strange. As I understand DHCP relay should be run in addition to
Pass-through mode if DHCP is used. But I'm not sure how to set one up.
1:1 NAT is an option but I'd like to keep private IPs internally.
I of course could set pfsense to router mode but I guess kind of
bridging is what I'd
Kinda OT, but good info for someone possibly :)
Well, since we're sharing hardware platforms, here are two of my favorites:
http://www.advantech.com/products/Model_Detail.asp?model_id=1-U89QYBU=NCGPD=
http://www.mbx.com/oem/reference_platforms/RP-1013.cfm
Both have space for a Soekris 1411
Fleming, John (ZeroChaos) wrote:
I'd also like to know which rl cards these are. Can you send the output
of pciconf -lv?
Glad to oblige
[EMAIL PROTECTED]:9:0: class=0x02 card=0x13011186 chip=0x13001186 rev=0x10
hdr=0x00
vendor = 'D-Link System Inc'
device = 'DL 10038C or
Chris Buechler wrote:
hah Well...that's probably the best you can get on that. :) With rl
NIC's at least, since they're interrupt happy.
Wow. That was certainly it. Ran top and showed 0% idle CPU with over
70% interrupt dedicated to interrupts and ~25% system. I knew the RL
NICs were
Scott Ullrich wrote:
I just tested the latest vpn.inc with my home firewall that has 4+
ipsec links and it works fine.I'll be releasing a new version
soon. Please be on the lookout for it and give it a try.
Scott
I'm still showing this issue in 0.77. My last fix was to comment out a
26 matches
Mail list logo
