A Mohan Rao schreef:
now i think pfsense end time is start its starting misbehave like
after some times content filtering not working logs not generates etc
problems having with pfsense .
that why i move to another free bsd.
Thnx
Mohan
Well i do not think that is the case, there is nothing so complex as
firewalling and make a nice gui around that.
Secondly i think that the main part of the firewall is your packet
filter/balancer, in this case pfsense.
The other part of your whole firewall infrastructure are the proxies and
so on.
It is nice that you can install squid, squidguard and i do not know what
on pfsense, but i want to keep the packet filter/balancer seperated from
my proxy's, Snort machines and so on.
I use pfsense as the packet filter/balancer, and let a stock FreeBSD
machine do the other things like proxying and so on.
Packet filtering/balancing should be the main focus for pfsense, the
rest is nice if you want to, but does in my opinion not belong on the
same box.
And in another way it is understandable that thing do not work, or stops
working as there are so many more nice things put in pfsense that it
will take some time to get those out.
And that is where we regular people like me who can not code can play a
role in making pfsense better than before.
Let the developers know where we find problems.
Switching away to other solutions like monowall is an option, but does
not benefit pfsense.
I am struggling with this pptp thing for over two months now.
On and off, but i learnd a lot, and that is a nice bonus also.
But now i would like this thing become fixed ASAP :D
regards,
Johan
On Thu, Sep 15, 2011 at 6:50 PM, Johan Hendriks
<[email protected] <mailto:[email protected]>> wrote:
Ermal Luçi schreef:
On Thu, Sep 8, 2011 at 1:34 PM, Johan Hendriks
<[email protected]
<mailto:[email protected]>> wrote:
Once more
I am running the latest snapshot of today.
I do use the old pptp adsl way to make connection with our
provider.
It works for us a really long time very well.
This works great on all versions of monowall and pfsense
1.2.3 and before.
But now with pfsense 2.0 i can not get traffic over the line.
At least no real data.
I can ping, but websites do not load or part of it, but
most will not.
I am struggling with this for about 2 months now.
The thing is i see a lot of dropped packages on the vr1
interface.
This is the interface my modem is connected to and it runs
on a 5501 soekris
board.
these drops looks like i have disabled the block rule of
private networks
vr1 10.0.0.138 10.0.0.100 GRE
vr1 10.0.0.138 10.0.0.100 GRE
10.0.0.138 is the modem
10.0.0.100 is my WAN addres.
i have disabled the block rule of private networks
also tried all kinds of mtu settings.
Do you have your vr1 interface assigned in any way or any address
configured in it?
Afaik it should work as is, but its long time i have not used
pptp as
a client so might have somthing wrong.
The way to test is to manually modify the rules.debug and
include the
vr1 interface as in 1.2.3, load that ruleset and see if it works.
Well i finally made it work!!!
The downside is that it does not survive reboots.
I did the following
via the webinterface go to edit file.
I edited like you said the /tmp/rules.debug file and changed wan =
{ pptp1 } to wan = { vr1 pptp1}, where vr1 is my actual WAN interface
then i executed the command through the webinterface pfctl -f
/tmp/rules.debug
I did open some tabs in Firefox, they all were timed out before
the pfctl reload.
I did a reload all tabs and all the sides loaded.
To make sure it was this firewall, i opened the traffic graph and
started downloading a iso file from an ftp server.
The graph showed the peak as long as the download lasted.
So the only thing missing is the actual interface in the wan
assignment.
How can i make this through the gui !
regards
Johan Hendriks
_______________________________________________
List mailing list
[email protected] <mailto:[email protected]>
http://lists.pfsense.org/mailman/listinfo/list
--
This message has been scanned for viruses and
dangerous content by *MailScanner* <http://www.mailscanner.info/>, and is
believed to be clean.
_______________________________________________
List mailing list
[email protected]
http://lists.pfsense.org/mailman/listinfo/list
_______________________________________________
List mailing list
[email protected]
http://lists.pfsense.org/mailman/listinfo/list
