Try http://www.pfsense.com/downloads/pfSense-Full-Update-0.70.2.tgz
and another useful URL :) http://www.pfsense.com/downloads/
On 7/17/05, David Strout [EMAIL PROTECTED] wrote:
I saw the post on the BLOG about ver 0.70.2
but can seem to find it on the updates link or in
the downloads
Yikes...why aren't you using proxy arp? At any rate, carp will work
for that too - it'll be somewhat noisy, but'll work just fine. In
fact...what the hell I recommend it, there, I said it...;-P
--Bill
On 7/18/05, ijez [EMAIL PROTECTED] wrote:
Hi,
1. config all your public IPs as
On 7/21/05, alan walters [EMAIL PROTECTED] wrote:
I would like to try and test an inbound round robin to our test web servers.
This isn't currently a feature, it's being worked on.
Would it be possible to put a shell command In to do this.
Please tell me if you figure something
Use the EZ-Shaper wizard. It will do exactly what you want.
--Bill
On 7/24/05, Xtian [EMAIL PROTECTED] wrote:
Hi,
I have done my best to read the FAQs, documentation, and mailing list
archives for both pfSense and Monowall, and have not found any information on
this, hence I am asking
On 7/25/05, Christian Rohrmeier [EMAIL PROTECTED] wrote:
I haven't found that to be true. It doesn't create any rules for SSH.
pfSense has a wide selection of games and P2P software that it will make
rules and queues for, but not SSH, unless I overlooked something.
Certainly trying to SSH
On 7/29/05, Scott Ullrich [EMAIL PROTECTED] wrote:
On 7/29/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
- I created a Virtual IP using the same IP address as my WAN interface,
trying to get the router to accept (or redirect) ICMP (I want my system
pingable). I failed in doing that.
On 8/2/05, Paul Taylor [EMAIL PROTECTED] wrote:
Woops - I was trying to paste this in after like so: when I accidentally
sent the email... :)
Last 50 captive portal log entries
Aug 2 13:44:33 LOGIN: pault, 00:50:da:b2:42:36, 192.168.1.254
Aug 2 13:45:29 LOGIN: pault, 00:10:4b:76:91:4e,
On 8/2/05, Scott Muller [EMAIL PROTECTED] wrote:
Is it possible to enable the Routing daemon (routed). Our pfsense box
sits on a network that uses rip v2. I have manually started
/sbin/routed -q (-q means listen only)
from the shell prompt but need an integrated way to do this, or is
It sure does :) I had an ISP failure last night, quite annoying :)
I've now got a duplicate of all my rules with different gateways
setup. I enable/disable the rules depending on which ISP I need/want
the traffic to head out at that time. Can't wait 'til this weekend so
we can make all that
On 8/5/05, Paul Taylor [EMAIL PROTECTED] wrote:
While looking through the config.xml file to see if I could spot anything
unusual (to help me fix the last issue I posted about), I noticed the
FreeRadius config...
The problem that I saw is that the passwords are stored in clear text. I
On 8/5/05, Paul Taylor [EMAIL PROTECTED] wrote:
Bill,
Well, yes, I realize that base64encoding doesn't provide much in the
way of security... But it's better than the data being completely in the
clear... I have some encryption/decryption code around here somewhere that
could
-
From: Bill Marquette [mailto:[EMAIL PROTECTED]
Sent: Friday, August 05, 2005 11:17 AM
To: Paul Taylor
Cc: support@pfsense.com
Subject: Re: [pfSense Support] FreeRadius Package - slight security issue
On 8/5/05, Paul Taylor [EMAIL PROTECTED] wrote:
Bill,
Well, yes, I realize
You won't find one until that work is complete. How it should work is
not how it currently works - it's a functioning work in progress.
--Bill
On 8/8/05, alan walters [EMAIL PROTECTED] wrote:
Just looking for a quick blah on how the incoming load balancer should
work
Hrm..I've got a GX110 sitting on my desk here that I installed FreeBSD
on just fine. If I can dig up another HD, I'll try the install on it.
--Bill
On 8/11/05, Wesley Joyce [EMAIL PROTECTED] wrote:
I'm in the same boat as well on Dell GX 110's. I have followed the 'upgrade
solution' of
On 8/12/05, Chris Buechler [EMAIL PROTECTED] wrote:
On 8/12/05, Bill Marquette [EMAIL PROTECTED] wrote:
Let me guess, the hosts initiating the PING are running Windows? I'm
pretty sure we've recently fixed this bug. Care to try it?
With ipfilter 3.x (and hence m0n0wall) it doesn't
No. Use the new Virtual IP screen to create virtual IPs that are
either proxy arp or other depending on whether those IPs are routed
to the physical subnet the box is on or to it directly.
--Bill
On 8/15/05, Paulus Edwin Prasetya [EMAIL PROTECTED] wrote:
So, it is really because of realtek, so
On 8/16/05, Howard Virag [EMAIL PROTECTED] wrote:
Hello,
This is likely not strictly (or loosely) a pfSense problem.
Can someone venture a guess as to why simple port forwarding is failing for
me?
In short, It works to my Linux PC, an older AMD 800 MHz machine, but
port forwards to my
I've had coworkers report the same issue. The solution was to remove
the entire IPSEC section in the XML file (actually, if you know
exactly what to remove, you don't need to, but this is the easier more
generic way describing the fix). At some point in one of the versions
right after the
What SSH client are you using? Is it configured for 'keyboard-interactive' ?
--Bill
On 8/20/05, Giorgio Ducci [EMAIL PROTECTED] wrote:
Hi,
I get installed the last embedded release 0.78 on a WRAP 1E board and
now all the minor webgui problem related to status==interfaces are
ok. Wonderful!!
On 8/22/05, Bastian Schern [EMAIL PROTECTED] wrote:
Hi,
SNIP
I'm using pfSense Version 0.79.2 and my Virtual IPs are not functional.
It's not possible to ping any Virtual Interface. Most important thing is
to get the external IPs back to work. Because all of them should be
forwarded to
suspended: connect to
kundt.homeip.net[213.191.40.68]: Connection timed out
-- Forwarded message --
From: Bill Marquette [EMAIL PROTECTED]
To: Bastian Schern [EMAIL PROTECTED]
Date: Mon, 22 Aug 2005 18:18:24 -0500
Subject: Re: [pfSense Support] Virtual IPs not working
On 8
There was a nasty bug in .79 that partially reverted the config file
version. This left a config file that had newer syntax and an older
version number. Upgrading past .79 w/out taking some corrective
measure will break your system. Again, if you installed or upgraded
to .79 and plan on using
On 8/23/05, Scott Ullrich [EMAIL PROTECTED] wrote:
I'll check it out. I really need to rip out the interfaces crap and
redo it completely. But no time and a feature freeze. GRR.
Yeah, I think this work is slated for 2.x / next hackathon or
something. The right way to do this requires a
On 8/23/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
As a test, I tried to create a rule to send all VNC traffic over the
OPT1 WAN interface, but it always used the default WAN interface.
I must be missing something. How can this be done when the second WAN
interface has a static
I noticed this behaviour this morning. https didn't work, http sent
me to the login page, but ping worked (usually) and I could SSH
through the firewall. Oddly, last night after I setup CP, it worked
as intended.
--Bill
On 8/23/05, Tobias Frank [EMAIL PROTECTED] wrote:
Hello,
when trying
iy yi yi...I can't ever begin to remember what bugs lurked back that
far. Any chance you can upgrade to current? We're fixing stuff left
and right, I'm not going to go back through the last three months
changelogs to see if we've already fixed whatever might be affecting
you (if anything). If
0.81 contained a number of load balancer fixes.
--BillOn 8/30/05, Holger Bauer [EMAIL PROTECTED] wrote:
It
can be done the way you describe it and I have this setup at home in my
testenvironment (however, I use different subnets on my wans, but it
should work with your setup too as far as I
Interestingly the WRAP image is supposed to be mounted read-only
anyway. Only /cf should normally get mounted r/w and then only
for changes.
--BillOn 8/30/05, Fleming, John (ZeroChaos) [EMAIL PROTECTED] wrote:
Just an FYI this is why you see the error message. You should only beworried if you see
Hmmm, that's a seriously high interrupt load. How much traffic
goes through this box? What type of NICs and CPU do the boxes
have?
--BillOn 8/31/05, Rodolfo Vardelli [EMAIL PROTECTED] wrote:
second part.Now backup is completly frozer,here top:last
pid: 737;load
averages:0.97,0.43,0.17up
I don't believe slb is fully integrated into the outbound load
balancer. If you don't have a load balanced server you probably
won't see anything in the logs at this time.
--BillOn 9/2/05, Daniel Solsona [EMAIL PROTECTED] wrote:
Well, awesome job guys for the work on the outbound load balancer
Not all CF cards are created equal. Some are better than others.
http://www.m0n0.ch/bsd/#knownprobs
http://lists.soekris.com/pipermail/soekris-tech/2004-October/022017.html
--Bill
PS. Scott, note the especially Lexar in the m0n0 page? Wasn't
it Lexar cards we were trying to use at the hackathon
Technically, we do put the interface in the rule when it's
created. But I can guarantee we'll only snag the first one.
So, while you can enter the same IP multiple times in a pool
(artificially creating a ratio based round robin) I'd be willing to bet
that we don't correctly support this on one
Yup, I have SBC's static offering. With the Cayman router that
comes with that offering you can terminate PPPOE on the modem and allow
for the 5 addresses to be used on the ethernet side with pfSense.
You then have the option of bridging those IPs to inside (or DMZ) and
putting real addresses on
a
standard Speedstream 5360 modem that has no routing or firewall
capabilities.
Bill Marquette wrote:
Yup, I have SBC's static offering. With the Cayman router
that
comes with that offering you can terminate PPPOE on the modem and allow
for the 5 addresses to be used on the ethernet side
.
--BillOn 9/9/05, Darin [EMAIL PROTECTED] wrote:
Its just a bridge. Its a pretty old modem with very basic functions.
About 3-4 years old.
http://www.chipweb.de/dsl/index.php?menu=2id2=33
Darin -
Bill Marquette wrote:
Right now I'm running on a borrows 5100a which bridges the
PPPOE
only
Username 'admin' works too.
--BillOn 9/10/05, Scott Ullrich [EMAIL PROTECTED] wrote:
Use the username root and the pfsense webConfigurator password.On 9/10/05, Robo.K. [EMAIL PROTECTED] wrote: When I use a PUTTY for Windows and I`m tying acces pfesnese via SSh,Putty
ask for me user name and for
I'm still somewhat working on the shaper and since I've taken about a
much needed 2 month break from it, I'm going to have to do a little
re-education.
Here's a little info right from the pf.conf man page:
The hfsc scheduler supports some additional options: realtime _sc_
Are you using traffic shaping and filling the downstream queue?
--BillOn 9/10/05, Robo.K. [EMAIL PROTECTED] wrote:
Why is so slow
response from menu of PF ? Time is from 3 to 5 seconds on 100TX 3COM
cardfull duplexin PFsense drop down menu.
In mettalic is
responses more slower.
Classic
On 9/12/05, Tom Müller-Kortkamp [EMAIL PROTECTED] wrote:
What about pound as LB? It works greate on several Sites !(http://www.apsis.ch/pound/)
One of the requirements was that we didn't proxy the traffic. It
appears that pound proxies the traffic. Feel free to make a
package for this.
--Bill
Tier 2 platform, don't even both with it until it's a Tier 1 platform unless you like fixing things.
http://www.freebsd.org/platforms/ppc.html
I'd also like to point out that we've had nothing but issues with usb
keyboards and that's all that currently works in the PPC port.
Wait another year and
ack, I'll poke at this shortly. I had some interesting
experiences with the bandwidth fields when writing the wizard.
They shouldn't be needed - realtime/upperlimit/linkshare are supposed
to be better. What I found was that bandwidth is needed so that
pfctl doesn't bitch about bandwidth being over
On 9/15/05, Mojo Jojo [EMAIL PROTECTED] wrote:
So, if I am reading you right, this is something I
should mostly ignore and not worry about too much?
Mostly, don't worry about it too much. I'd keep an eye on them as
it's possible it's part of a stealth scan. But I wouldn't put too
much
On 9/16/05, Robo.K. [EMAIL PROTECTED] wrote:
Version
0.84.6
1./
In traffic shaper is
still problem as described here -
http://marc.theaimsgroup.com/?l=pfsense-supportm=112662324102230w=2
Fixed in CVS, must have missed the 0.84.6 release.
2./
In Queues
isn`t displayed three boxes for
On 9/16/05, Robo.K. [EMAIL PROTECTED] wrote:
Version
0.84.6
If I have connected
computer /Celer 2.4Ghz, 256MB RAM, 100Mbps 3COM TX interface/ directly to test
computer via crossover cable, or both are in some switch,
ping time response
is from bellow 1ms to 9-10 msand abou 700 - 900ms
Please create a ticket, this has been reported before.
--BillOn 9/16/05, Robo.K. [EMAIL PROTECTED] wrote:
0.84.6
After attempt to
configure PFSTAT after save options there i gett screen with error
messages:
$value =
$_POST['location0'];$value = $_POST['counters0'];$value =
On 9/16/05, Robo.K. [EMAIL PROTECTED] wrote:
I know that kernel in monowall 4.xx is faster than 5.xx
used in PFSENSE. But from this
For the archives. pfSense uses FreeBSD 6, not FreeBSD 5.
--Bill
Oddly, the upgrade should have moved that setting to the right
place. :-/ I'll look into this a little more as this
shouldn't have bitten you.
--BillOn 9/16/05, Damien Dupertuis [EMAIL PROTECTED] wrote:
It is done thank you...--- Scott Ullrich [EMAIL PROTECTED] a écrit : Rerun the EZ Shaper
This works for me, can you try your update_file.sh again?
# update_file.sh /usr/local/www/services_dhcp_edit.php
trying to fetch latest /usr/local/www/services_dhcp_edit.php
#
--BillOn 9/16/05, Damien Dupertuis [EMAIL PROTECTED] wrote:
Okay,I've done it but it didn't worked...here is what
over the static mappingregards..Damien
--- Bill Marquette [EMAIL PROTECTED] a écrit: This works for me, can you try your update_file.sh again? # update_file.sh
/usr/local/www/services_dhcp_edit.php trying to fetch latest /usr/local/www/services_dhcp_edit.php # --Bill On 9/16/05, Damien Dupertuis
You might be able to create a proxy arp address on that interface
(virtual IPs screen) and then create an outbound nat that matches your
dsl modems IP address and source it from the proxy arp address.
--BillOn 9/17/05, Jeroen Geusebroek [EMAIL PROTECTED] wrote:
Hi,I have an DSL modem with a web
One of the two PPPOE connections will need to be terminated on a router unless I missed a major change recently.
--BillOn 9/18/05, [EMAIL PROTECTED] [EMAIL PROTECTED]
wrote:
hello
I read the archives and found 2 posts in
relation with my question :
On 9/19/05, Mojo Jojo [EMAIL PROTECTED] wrote:
Any idea why my Pf died in the middle of running? I didn't do an upgrade, itwas a system running on a fresh install of 0.84 days before.Also, besided the booting problem, I am wondering why it just stopped
working which is what caused me to reboot it
On 9/20/05, raphael [EMAIL PROTECTED] wrote:
Does anyone already tested and validated the dual wan using pppoe on thefirst link ?
Yes, that's my configuration at home. PPPOE on WAN and DHCP
(cable) on OPT1. LAN is my internal network (gee imagine that)
and OPT2 is my DMZ.
BTW, I downgraded my
Nope, it's not possible to aggregate a single TCP flow over multiple
connections. With load balancing you can at least get number of WAN
link TCP flows going at full speed, but you won't bet a single flow
at the speed of all connections.
--Bill
On 9/22/05, Robo.K. [EMAIL PROTECTED] wrote:
Hi,
On 9/25/05, Jeroen Hermans [EMAIL PROTECTED] wrote:
I have the following situation at a site:
- 1 pfsense box connected to the internet and lan (194.1.1.41)
- lan behind pfsense box (nat) (194.1.1.0/24)
- proxy (squid) box in lan (194.1.1.31)
- a few clients in the lan
The last few weeks
On 9/25/05, Matt Fanady [EMAIL PROTECTED] wrote:
Hello,
I've got a PC with 3 identical NIC's in it. I have a landline internet
connection and a satellite internet connection. I would like to use PFsense
to use the landline when it's up, and then fail over to the satellite if the
On 9/25/05, Jeroen Hermans [EMAIL PROTECTED] wrote:
Hmmm...slow the first time and fast the second possibly sounds like an
issue in DNS resolution somewhere. Are you using pfSense as your DNS
server for the LAN? Can you telnet to any host via IP address and see
if the results differ?
On 9/25/05, Mojo Jojo [EMAIL PROTECTED] wrote:
Ever heard of CARP? We have that you know.
Yes, it's one of the reasons I chose your product over others.. However, I
was going to set it up in case of unplanned failure of hardware or software.
In this case, I am basically planning on
Oddly I haven't seen this on my wrap installs :-/
There was a broken commit of /etc/filter.inc that would have exhibited
this behavior on a wrap, but that didn't make it into 0.85.2 (just
confirmed on one of my installs)
Warning: touch(): Unable to create file /filter_dirty makes me think
we
PROTECTED] wrote:
update_file.sh /etc/inc/filter.inc
On 9/26/05, Rodolfo Vardelli [EMAIL PROTECTED] wrote:
Scott Ullrich wrote:
Where? So I can fix on my board
regards
Rodolfo
Yep, there was a small typo in filter.inc. It's fixed now.
Scott
On 9/26/05, Bill
Probably not when certain people split a dozen or so functions out
into their own file :) 0.85.4 has all the latest fixes. At this
time, there isn't much patched post 0.85.4 (unless you try running
ipv6 tunneling :)), I'd recommend moving to it.
--Bill
On 9/27/05, Dan Swartzendruber [EMAIL
Only problems I've had with carp recently weren't actually due to
carp, but the dhcp daemon. There's a hold down timer somewhere that
won't let it come up as primary for 300 or 360 seconds (my bet is
there two different timeouts, a 60 second timeout and a 300 second
one). So if you're running a
On 9/27/05, Frimmel, Ivan (ISS South Africa) [EMAIL PROTECTED] wrote:
HI
PPPoe is on WAN .. CARP is on LAN with carp sync on OPT1.
OK so you guys are going to laugh at me. I do feel stupid. As a fault finding
procedure and just to get connectivity back I halted router2, which is UTP
Are both supposed to be selected? I suspect for this to work we'll
need to convert those to the hex values and do a bitwise AND on them.
I trust you'll be able to test any changes we make?
--Bill
On 9/27/05, William Armstrong [EMAIL PROTECTED] wrote:
The error is not on TF wizard..
I try
Are these two logical networks on the same physical network? I'm
noticing the request came in on both fxp0 and xl0 - that seems kinda
odd.
Sep 28 14:35:03 dhcpd: DHCPREQUEST for 192.168.2.254 (192.168.2.4)
from 00:12:79:ad:c6:fc (TRC-dc5100) via fxp0: wrong network.
Sep 28 14:35:03 dhcpd:
Well, it's not supposed to work. I'm still not sure how it was made
to work in this fashion. But, I can offer one suggestion on a way
that it might work. On the outbound NAT screen, you'll need to create
a NAT bound to the LAN interface NATing everything from LAN destined
for LAN to the LAN IP
Is the switch port configured for tagging, or did you configure it to
allow vlans 1-4 to talk to port 2? The VLAN setup in pfSense utilises
802.1q tagging, enabling vlans on a port doesn't necessarily configure
that port for tagged frames.
--Bill
On 9/29/05, alan walters [EMAIL PROTECTED]
This used to work, but our config has significantly diverged from
m0n0. I suspect if you used a config from where we forked it'd
probably work, but assuming m0n0 changed _anything_ in their config
file since then, it's unlikely to convert over. I think we're at the
point where either someone
On 9/29/05, Dan Swartzendruber [EMAIL PROTECTED] wrote:
i assumed he had all that correct, since he said
he could see the traffic going into the pfsense
port. i was going to ask the same question,
myself. this has to be a config problem, as i'm using this exact same setup.
I agree, which is
Wrong. A parent queue denotes a child queue. Create 4 queues and
assign your rules to the two child queues. Better yet, use the
ezshaper wizard, it's there so you don't have to try and figure out
how it all works.
--Bill
On 9/29/05, Audun Brekke [EMAIL PROTECTED] wrote:
There seems to be
Not unique, we just don't have an easy way to implement ratio based
load balancing at this time. BTW, it'd be connection based anyway,
not true bandwidth balancing. I'd recommend putting some clients on
one connection, some on the other and manually balance the links using
rules.
--Bill
On
http://img.m0n0.ch/docbook-current/faq-hiddenopts.html
I'm assuming beep is in our standard build (I don't have one in front
of me). Just add:
shellcmd/usr/local/bin/beep/shellcmd to the system tree in config.xml
--Bill
On 9/30/05, Jonathan Woodard [EMAIL PROTECTED] wrote:
LOL, thanks bill.
On 10/3/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
All-
Today I upgraded my Wrap .84 to .86 via the Mini-Wrap Upgrade file.
My Cisco VPN (software client on my laptop to connect to my office) no
longer connects.
Logs from the pfsense firewall (forwarded to a server via syslog) show
OK, this is now fixed in CVS. Expect this fix in the next release.
--Bill
On 10/3/05, Scott Ullrich [EMAIL PROTECTED] wrote:
upgrade.tgz is a safe bet if you have a full install. upgrade.tgz is
used by the BSD Installer to have an easy upgrade path although that
may be slated for removal
Yeah, the bandwidth in the queue screen doesn't really work quite
right :-/ Try setting the upperlimit field. It's kind of difficult
for me to test some of this stuff out any more - my home network is
under strict change control and I don't have all the equipment needed
to keep a test network
On 10/4/05, Robo.K. [EMAIL PROTECTED] wrote:
Sorry, i am crazy. Now its working. But I don`t know what
happens. :-}}}
The shaper is stateful. Changes to it will not impact in-flight
connections, only new.
--Bill
-
To
Hmmm...was the queue128klienti,zhlt ??? I don't think comma's are
allowed in queue names, I'll have to fix (hrm, or create!) the input
validation on that field.
--Bill
On 10/4/05, Robo.K. [EMAIL PROTECTED] wrote:
After running ezshaper wizard is all ok.
When i create new queue 128kbit/s and
Hmmm, maybe I'm missing something here. What's wrong with the 128M
image? It fits on my 256M flashes w/out problems. And seeing as the
WRAPs no longer support packages it's kind of pointless to add more
space to them (I think - but then I'm obviously missing something :))
--Bill
On 10/7/05,
On 10/7/05, Dan Swartzendruber [EMAIL PROTECTED] wrote: allowable protocol can be tcp/udp, and it add separate rules for tcp and udp.cool.unfortunately, you then have to add one manually for
icmpassuming one wants to be able to ping outside hosts.how about tcp/udp/icmp also/instead?
tcp and udp
On 10/7/05, Dan Swartzendruber [EMAIL PROTECTED] wrote:
p.s. the reason i bumped into this was looking at my ntop data, i noticed a
small amount of non-IP data going out the WAN port. no idea what - i have a
windows box (XP) but it should be doing NETBIOS over TCP (or whatever the
option
That's because you added them wrong and I'm not 100% positive the
existing shaper will work in that configuration. Bottom line is
that only the EZ-Shaper output is supported at this time. I'm
working on more shaper changes (stuff that will likely break whatever
custom stuff you do anyway), but I
(parent and child).
--BillOn 10/9/05, Bill Marquette [EMAIL PROTECTED] wrote:
That's because you added them wrong and I'm not 100% positive the
existing shaper will work in that configuration. Bottom line is
that only the EZ-Shaper output is supported at this time. I'm
working on more shaper changes
On 10/9/05, Szasz Revai Endre [EMAIL PROTECTED] wrote:
So it should be possible to create 2 parentqueues(overall_lan,overall_wan), which under them would contain theactual shaper wizard config, or create 2 more separatequeues(overall_lan,overall_wan) aside from what the shaper wizard
created..
It
So who's gonna make the sesame street one? I'll put that on my son's firewall! ;-P
--BillOn 10/9/05, Holger Bauer [EMAIL PROTECTED] wrote:
we can start selling ringtones at some point for $1? lolHolger-Ursprüngliche Nachricht-Von: Scott Ullrich [mailto:[EMAIL PROTECTED]]Gesendet: Sonntag,
On 10/9/05, Szasz Revai Endre [EMAIL PROTECTED] wrote:
Okay, so I linked the qWanRoot and qLanRoot to the overallWan andoverallWan respectively, each of them being parent queues (parentsto the real root queue(hfsc))but this is the generated config(rules.debug
)altq on fxp1 hfscqueue {qWANRoot
On 10/10/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Hello,
I've been struggling trying to install pfSense on my
system for several days now. My system only has 1 IDE channel. I am
planning on running off of a Compact Flash through an IDE adapter. This
way, my system will have
On 10/8/05, Szasz Revai Endre [EMAIL PROTECTED] wrote:
1) Is it possible, in the traffic shaper - to create another parent queue (parent to HFSC) - and to add some rules to this queue, so that traffic coming andgoing from specific ip adresses would go through this queue (which
wouldhave separate
On 10/10/05, Bill Marquette [EMAIL PROTECTED] wrote:
I've been thinking a little more about this. Is the MAN part of
your local subnet? IE, if the pfSense WAN interface was on
24.0.0.0/8 is the MAN the same subnet, or is it just something you have
to go through? I think I can make an easy change
On 10/12/05, Kevin Wolf [EMAIL PROTECTED] wrote:
It seems my problems playing GunZ are related to the fact that pfSense
doesn't seem to do UDP consistent translation... is there any way around
this, a hidden option somewhere? I tested with the tool from this site:
On 10/13/05, Rajkumar S [EMAIL PROTECTED] wrote:
Hi,
I have some clarifications about the Outgoing Load Balancing mini-howto. I
assume this is
about sharing two internet links so that outbound traffic flows to both of
them.
1. visit services - load balancer
2. delete any pools
On 10/13/05, Frimmel, Ivan (ISS South Africa) [EMAIL PROTECTED] wrote:
And does CARP have to be running?
Nothing to do with CARP :)
--Bill
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL
On 10/13/05, Rajkumar S [EMAIL PROTECTED] wrote:
Create NAT-Rules for your WAN-POOL
1. visit firewallNATOutbound
2. enable advanced outbound nat
3. check the automatically created rules.
4. create rules for all your internal networks to map to OPT interfaces..
(one rule for
On 10/12/05, Kevin Wolf [EMAIL PROTECTED] wrote:
I'm sorry, your solution actually worked. I forgot to move the new rule
above the default, so it had priority! D'oh!!!
Good to hear...I was actually about to suggest that you double check that ;)
Thank you for the help, it was much
On 10/13/05, Susanto Leman [EMAIL PROTECTED] wrote:
Hi,
Thanks for your reply. The image is with embedded. Because according to
the tutorial in flash, the image should be with wrap.
Will it work with my wrap box ? just need to confirm.
;-)
-santo-
The tutorial is probably a hair out of date
On 10/14/05, Robo.K. [EMAIL PROTECTED] wrote:
Hi,
i use version 0.86.4 and after initial configuration / via wizard/ of
pfsense and choose type of traffic shaper , if i want change type of traffic
shaper later,
for example from FSC to class based, this item in Advanced menu is missing.
In
On 10/14/05, Robo.K. [EMAIL PROTECTED] wrote:
Aha! I`ll be a patient.
Thank you.
Please be aware that the other schedulers may never come back. But
until the HFSC scheduler implementation is solid (and queue/rule
changes are straightforward), we won't even look at priq and cbq. I
am
On 10/15/05, Robo.K. [EMAIL PROTECTED] wrote:
Thanks for notices, because last nigh I was trying set-up pfsense to priq
and cbq without success, because manual creating queue in HFSC don`t work
for the present.
There are good news, that HFSC is your priority.Good for you! :-}
And importatn
On 10/16/05, Tommaso Di Donato [EMAIL PROTECTED] wrote:
On 10/15/05, Bill Marquette [EMAIL PROTECTED] wrote:
Not sure I follow with the redirection part. But if I understand
correctly, yes we can use both ipfw and pf in conjunction for
different tasks. This is how our shaper code used
On 10/16/05, Eric Masson [EMAIL PROTECTED] wrote:
Hello,
I've managed to install and setup ssltunnel-client on my 0.84.6 embedded
image (should I upgrade to 0.86.4, I didn't find any changelog on the
website)
Tunnel goes up, additionnal routes are triggered by ppp, everything's
fine 'til
On 10/16/05, stephan schneider [EMAIL PROTECTED] wrote:
Hello Folks,
i am trying to get a (NATed) connection to an external VPN using
the cisco vpn client. Unfortunately it just doesn't work -
no connection. I added the port 500 (isakmp) and allowed ESP to pass
the firewall. But I think
1 - 100 of 769 matches
Mail list logo