[pfSense] Upgrade to 2.3
Ive been following the forum discussions on 2.3 and was confident the packages I used were ready for 2.3 so I bit the bullet and upgraded. I find all my failed packages with the same error on attempt to reinstall. Can't create anydbm file.pm all per related. Has anyone solved this yet? Attempts at freeradius2, lightsquid, squid, and squid guard all have this exact error. Sent from my U.S. Cellular® Smartphone ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Schedule
Can someone tell me why this doesn't work in the free radius plugin? Mo,Tu,We,Th1500-2000,Fr1500-2200,Sa0800-2200,Su0800-2000 The schedule isn't enforced but if I use Al0900-2100 it works. Sent from my iPad ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] 2.2.5 squidGuard fails to start
I can confirm I have see this a well. Started with the 2.2.x series. Happens with almost every reboot or upgrade of package. re-downloading the blacklist fixes it until the next cycle. On 11/11/2015 12:08 AM, Volker Kuhlmann wrote: After squid and squidguard updates it is neccessary to re-download the blacklist before attempting to restart squid/guard. Done. When applying the squidguard config https://xxx/pkg_edit.php?xml=squidguard.xml=0 An error results and squid isn't running. No change after several iterations of squid and squidguard config saving, followed by a reboot. cache.log contains 2015-11-11 17:59:23 [27438] logfile not allowed in acl other than default 2015-11-11 17:59:23 [27438] logfile not allowed in acl other than default 2015-11-11 17:59:23 [27438] logfile not allowed in acl other than default 2015-11-11 17:59:23 [27438] logfile not allowed in acl other than default 2015-11-11 17:59:23 [27438] logfile not allowed in acl other than default This is a long-standing bug of an incorrect squidguard config being generated. Attempting to start squid succeeds. Saving the squidguard config (which recreates SG config and restarts squid) fails. Attempting to start squid succeeds. Saving the squidguard config fails. Starting squidguard fails. Starting squid succeeds. Not really good :-(( Volker ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Access control
Using captive portal and free radius package. Is there a way to block a user name from a specific device? User has access to any device while logged in but can't login if on device b? Trying to limit kids internet which works but their sneaky and use common guest account which I don't want to block so wondering if I can prevent their devices from connection with guest account. DJ-BrianC(207) 212-6560 www.djbrianc.us ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Dynamic Caching
So if the dynamic caching option is turned on in squid Netflix doesn't work. Took me awhile to nail this one down. Any idea how to resolve this issue? Sent from my iPad ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] How to restrict certain websites for certain computers during certain times of the day?
Squid lock is the way to go. This is what I use at home. We set the categories to block and no one can get to those sites. I've just recently played with scheduling so now we can enable or disable categories at will. I no we could open it up so mom and dad have full access to the net but honestly I have no interest in accessing anything we've blocked. Not to mention is keeps everyone safe. Get one infect computer in the house and we're all screwed. Been there done that! Not fun because you have to take everyone offline until all pcs are clean other wise you keep re infecting yourself. Sent from my iPad On Jul 31, 2015, at 2:13 PM, Wue Bob fa_sec_...@wuergler-consulting.ch wrote: On 31/07/15 17:36, Tim Koop wrote: I have installed pfsense and I would like to block certain websites during certain times of the day for certain computers. I've looked around pfsense as well as a plugin or two, and this looks very difficult or impossible to do. Anyone have any ideas? For home use (considering spoofing etc. ...) it might be sufficient to try a combination of firewall rule schedules [1] and firewall aliases to be used in firewall rules. One alias might contain IP/FQDN of your computers. You'll use them as source in the firewall rule/s allowing full access all the time. Similarly, another alias would define your kids' computers. This alias will again be the source in two firewall rules blocking some domains or limiting times of the day. Then, in a third alias you would list all domains you want to block. Obviously, this alias will be used as destination in another firewall rule and the source in this rule will be your kids' alias. In yet another firewall rule you would define a pass rule during certain times of the day, applying a schedule in this rule (= advanced features). As source you'd again apply your kids' alias. (Since your kids connect with DHCP and you don't, it should probably be ok to use a LAN range instead of a kids' alias as source and placing this firewall rule after the full access rule.) Carefully designing aliases, schedules and rules, and also considering firewall rule processing order [2] should probably get you reasonably close to what you want ... Regards, Bob [1] https://doc.pfsense.org/index.php/Firewall_Rule_Schedules [2] https://doc.pfsense.org/index.php/Firewall_Rule_Processing_Order ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Lightsquid
Has anyone else notice lightsquid no longer updates according to schedule since update to 2.2.3? If i click refresh now all is well but it doesn't follow the configuration of hourly. I've tried 10 minites, 20, 30 as well. Only manual updates are working. Brian Caouette(207) 212-6560 Visit my websites:www.djbrianc.uswww.proprintmaine.comwww.realtruth.biz and Michelle's:www.msphotographymaine.comwww.ltaphoto.com ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] squid squidgard
I see this all the time. Have it re-download the database. This should fix it. Sent from my iPad On Jul 5, 2015, at 5:49 PM, Dito dimitri...@gmail.com wrote: hello, I have configured pfsense 64 bit version on kvm machin. I installed squid and squidguard with shallalist.tar.gz. squid is transparent. blocking sites, redirecting everything is working but after pfsense reboot squid and squidguard not starting. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Clock errors
Update of the clock problem. I've corrected the time zone as was mentioned by another list member. Apparently there was a glitch with the .3 update. Although the time on the dash board is correct the logs all have bad times in them. Brian Caouette(207) 212-6560 Visit my websites:www.djbrianc.uswww.proprintmaine.comwww.realtruth.biz and Michelle's:www.msphotographymaine.comwww.ltaphoto.com ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Squid not logging traffic
bbs.dlois.com:/lightsquid/day_detail.cgi?year=2015month=02day=16 Dell wired and Roku are the busiest devices yet report almost no traffic. Sent from my iPad On Feb 15, 2015, at 11:09 PM, Volker Kuhlmann list0...@paradise.net.nz wrote: On Mon 16 Feb 2015 03:53:55 NZDT +1300, Brian Caouette wrote: I just noticed squid is not logging all traffic. The last few nights I've used plex on my roku connected to my friends server. The only thing showing in light squid Are you talking about squid or light squid? Aren't they different packages? Squid logs the number of bytes transferred, which means it can write the log entry only after the connection is closed the time stamps seems to be the one of when the log entry was written, not when the connection was opened. When is a streaming connection closed? Perhaps more to the point, what port does the stream use? Is it one handled by squid in the first place? Volker -- Volker Kuhlmann http://volker.top.geek.nz/Please do not CC list postings to me. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Squid not logging traffic
I also notice it doesn't log torrents. Is there a way to tell it to log everything so I can get an accurate picture of what each device on the network is using? Sent from my iPad On Feb 15, 2015, at 11:09 PM, Volker Kuhlmann list0...@paradise.net.nz wrote: On Mon 16 Feb 2015 03:53:55 NZDT +1300, Brian Caouette wrote: I just noticed squid is not logging all traffic. The last few nights I've used plex on my roku connected to my friends server. The only thing showing in light squid Are you talking about squid or light squid? Aren't they different packages? Squid logs the number of bytes transferred, which means it can write the log entry only after the connection is closed the time stamps seems to be the one of when the log entry was written, not when the connection was opened. When is a streaming connection closed? Perhaps more to the point, what port does the stream use? Is it one handled by squid in the first place? Volker -- Volker Kuhlmann http://volker.top.geek.nz/Please do not CC list postings to me. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Squid not logging traffic
I looked at cacti a few days ago. It looks real nice but I have no clue how to set this up on the pfSense box. Sent from my iPad On Feb 16, 2015, at 6:27 PM, Walter Parker walt...@gmail.com wrote: For the real time monitor, if you switch from WAN to LAN, you can see who is doing spikes. For the other items, you can see how much bandwidth each internal IP addresses has used in one of those packages. Unless you have servers in a DMZ outside of the firewall or are doing some sort of traffic reflection to internal hosts, all traffic to/from a desktop to the firewall is traffic to the internet. I might do some screenshots to show what I mean (if I can find the time). For netflow, I setup a Windows application in a VM (from ManageEngine I think). It had simple instructions to tell the netflow generator (the firewall) to send the stats traffic to the Windows box. Then I used the the reporting features in the application to view how much data each host was sending/receiving. I was able to tell that one web server had way to much traffic and that a music streaming server was running 800% of normal. I understand that there are open source versions of this program that run on Linux/FreeBSD. Setting one of these up is on my todo list. With a bit of programming, I'm sure you do this with Cacti/RRD, but then again, I've been a perl programmer for 20 years, so my idea of a bit of programming might radically differ from yours :) If I can find the time, I'll see if I can find any notes. Walter On Mon, Feb 16, 2015 at 2:58 PM, Volker Kuhlmann list0...@paradise.net.nz wrote: On Tue 17 Feb 2015 10:33:21 NZDT +1300, Walter Parker wrote: In Realtime, you can use the dashboard app. The pfsense dashboard? I don't think so. traffic going through a particular interface is not so interesting. For plugins, BandwidthD and Darkstat have some information. Unfortuntely the info is of no value. I am not interested in any traffic volume between LAN, DMZ, WIFI, LAN2, etc. I am only interested in the traffic going through WAN, and with which *internal* host. The above packages can only tell me which *Internet* sites had how much traffic through WAN, but that side of the connection is of no interest to me. I want to know which of my clients have created the traffic for which I have to pay my ISP, so I can work out which flatmate has to pay for it, or fix the computer with a problem that wastes my money. I realise those in the USA and a few other countries don't have this problem, but it sure exists where I live and I'm sure it's not the only country. In any case it's good to know what gobbles up resources, even if they're free. I've used netflow on other systems to get this sort of information, but for pfSense you would have to setup a second box that ran the netflow visualizer to see the traffic information from one of the netflow plugins. Copying a file onto another computer to look at its content isn't too much of a problem. Do you know of a good tutorial that lists the software needed, and basic config for each part? Thanks, Volker -- Volker Kuhlmann http://volker.top.geek.nz/ Please do not CC list postings to me. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold -- The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandeis ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Squid not logging traffic
I just noticed squid is not logging all traffic. The last few nights I've used plex on my roku connected to my friends server. The only thing showing in light squid for my roku is the calls home to the roku domain. Not of the traffic from streaming movies all night was recorded. I believe netflix does the same thing. Am i missing something? If i watch the pfsense dashboard I can see the traffic on the rrd graphs. Sent from my U.S. Cellular® Smartphone ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Lightsquid
When the Lightsquid update the other day didn't resolve the issue of a blank reports tab I uninstalled and reinstalled it. I now get this error. Software error: Can't locate /usr/local/etc/lightsquid/lightsquid.cfg in @INC (@INC contains: /usr/local/lib/perl5/5.14/BSDPAN /usr/local/lib/perl5/site_perl/5.14/mach /usr/local/lib/perl5/site_perl/5.14 /usr/local/lib/perl5/5.14/mach /usr/local/lib/perl5/5.14 . /usr/local/www/lightsquid/) at /usr/local/www/lightsquid/index.cgi line 17. For help, please send mail to this site's webmaster, giving this error message and the time and date of the error. Sent from my iPad___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Lightsquid
How do you clean left overs? I have an all but new 2.1.5 Netgate apu4 that I left upgrade to 2.2. Will that fix the blank page when I try to view reports? What's steps are needed for the fix? I have the support that came with the unit. Would somebody connect and fix it? Sent from my iPad On Feb 11, 2015, at 5:24 PM, Jim Pingle li...@pingle.org wrote: On 2/11/2015 9:24 AM, WolfSec-Support wrote: lightsquid seems broken since release v2.2 on our v2.1.5 pfsenses it worked fine It works fine on 2.2 under the right circumstances. Those being that before installing lightsquid, /usr/local/lib/perl5 doesn't exist, and /usr/local/bin/perl is something valid or a link to something valid. If you clean up the leftovers from older broken installations it works fine. The package tries to do some cleanup but it can't do too much without potentially harming other packages. Jim ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Lightsquid
I noticed an update posted yesterday. I installed it but when I click the report tab the screen is still white. I let it go over night as well so it would continue to collect data and nothing. Myschedule is hourly so on 2.1.5 and prior i would see results change every hour. Did i miss something? Sent from my U.S. Cellular® Smartphone ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Unbound error in 2.2
Last 50 system log entries Feb 3 08:19:42 check_reload_status: Reloading filter Feb 3 08:19:41 php-fpm[69134]: /pkg_edit.php: Reloading Squid for configuration sync Feb 3 08:19:33 php-fpm[69134]: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Feb 3 08:19:33 check_reload_status: Syncing firewall Feb 3 07:57:26 php-fpm[60269]: /services_unbound_advanced.php: The command '/usr/local/sbin/dhcpleases -l /var/dhcpd/var/db/dhcpd.leases -d dlois.com -p /var/run/unbound.pid -u /var/unbound/dhcpleases_entries.conf -h /var/etc/hosts' returned exit code '2', the output was 'dhcpleases: illegal option -- u Wrong number of arguments given.: No such file or directory' Feb 3 07:57:20 check_reload_status: Syncing firewall Feb 3 07:55:54 check_reload_status: Reloading filter Feb 3 07:55:53 php-fpm[18170]: /pkg_edit.php: Reloading Squid for configuration sync Feb 3 07:55:53 check_reload_status: Syncing firewall Feb 3 07:55:44 php-fpm[18170]: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Feb 3 07:54:40 syslogd: kernel boot file is /boot/kernel/kernel Sent from my iPad___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Squid guard
What's the best way to handle custom sgerror.php pages with squidguard? Any time the package updates my custom page is over written. Sent from my U.S. Cellular® Smartphone ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] 2.2 Packages
Where is a good place to monitor for package updates for 2.2? I had to revert back to 2.1.5 after a fatal error shut me down. Sent from my U.S. Cellular® Smartphone ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] 2.2-RELEASE now available!
Lightsquid and vnstat2 do not work with 2.2 Can anyone else confirm? Sent from my iPad On Jan 24, 2015, at 8:39 PM, Jon Gerdes gerd...@blueloop.net wrote: 2.2 Cheers cmb 'n' troops. Great piece of work. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Filter over vpn
I'm playing with openvpn. I notice squidguard and HAVP are not functional when connected to local lan via vpn and surfing the net. The vpn is configured for all traffic and so far has been able to run everything but these two options. Can someone give me some pointers on what I need to do? Sent from my iPad ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Voipo
Does this affect any other port forwards? Sent from my iPad On Dec 22, 2014, at 3:14 AM, J. Echter j.ech...@echter-kuechen-elektro.de wrote: Am 22.12.2014 um 00:17 schrieb Brian Caouette: From: DJ-BrianC djbrianc...@gmail.com Date: December 21, 2014 at 5:43:19 PM EST To: pfSense Support and Discussion Mailing List list@lists.pfsense.org Subject: Voipo Has anyone had success with Voipo and pfSense? I'm not sure if this is a pf issue or their issue but out going calls work fine. Incoming are very spotty and fail most of the time. I've port forwarded the ports as marked here: http://www.voip-info.org/wiki/view/NAT+and+VOIP Suggestions? Sent from my iPad ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list Hi, try this: Firewall - NAT - Outbound click Manual Outbound NAT rule generation add this mapping: Interface = WAN Source = your voip server for example 192.168.3.2/32 Source Port = udp/* Destination = IP of your provider Destination Port udp/* NAT Address = WAN address NAT PORT = * Static Port = yes this works for us, and you don't need the port forwarding anymore. greetings juergen ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Voipo
I have not but its worth a shot. Sent from my iPad On Dec 22, 2014, at 4:21 AM, Jens Tautenhahn sho...@tausys.de wrote: Has anyone had success with Voipo and pfSense? I'm not sure if this is a pf issue or their issue but out going calls work fine. Incoming are very spotty and fail most of the time. I've port forwarded the ports as marked here: http://www.voip-info.org/wiki/view/NAT+and+VOIP Have you tried siproxd? Siproxd sets port forwarding and firewall rules dynamically. With siproxd it is possible to use multiple SIP devices behind pfSense. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Voipo
From: DJ-BrianC djbrianc...@gmail.com Date: December 21, 2014 at 5:43:19 PM EST To: pfSense Support and Discussion Mailing List list@lists.pfsense.org Subject: Voipo Has anyone had success with Voipo and pfSense? I'm not sure if this is a pf issue or their issue but out going calls work fine. Incoming are very spotty and fail most of the time. I've port forwarded the ports as marked here: http://www.voip-info.org/wiki/view/NAT+and+VOIP Suggestions? Sent from my iPad ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Recomend
Just tracked my order and its suppose to arrive today. Can't wait! I went with the SSD they offer. What drive project are you referring too? I don't understand your comment about get it now before it has any issues. Brian On 11/30/2014 3:07 PM, Walter Parker wrote: If you are getting the Netgate kit, I'd suggest just getting the Intel m525 SSD that they offer. This is a modern SSD with wear leveling that keeps software like a squid cache from burning out the drive early. It will fit and work without having to build a custom cable and have to tape a drive to the case. IIRC, your setup is for a home network, so the amount of data that is likely to flow will be quite a bit below the SSD's limits. Also, I think the guys at Netgate picked that specific SSD from Intel because tested different SSD drives and found that the Intel drive worked well and has a good reputation for quality and longevity. Why are you moving to the kit? If it because you want a small, low energy box that you can put in a corner and then forget about the hardware because it just works, then get the SSD and buy a backup device (SD card or SSD). Then in 5-10 years, if the SSD fails, you will have a replacement device on hand to replace the SSD that went out. I suggest you get the SSD now. Before the SSD has any issues, Jim's new drive project will be complete and that one should last for life of the router. Walter On Sun, Nov 30, 2014 at 11:16 AM, Volker Kuhlmann hid...@paradise.net.nz mailto:hid...@paradise.net.nz wrote: On Fri 28 Nov 2014 13:56:32 NZDT +1300, Ryan Coleman wrote: Have you considered a small 2.5 SATA HD for the machine? If you're talking APU, of course. You can run it off 5V from the board (I THINK?) I know there are SATA headers there. There is one SATA header on the board, and you get 5V power from a 2-pin header close-by. Butcher a SATA power cable and solder something up yourself, or better buy the specially-made short SATA/power cable from PC Engines. A tip from PC Engines was to tape the disk under the lid, so all fits into the box. Might pay to check disk temperature afterwards. I noticed the latest revision of the APU board has a 2x3 test header missing to make more space for a 2.5 disk. I am about to try an SSD for pfsense and a 2.5 for the squid cache. Currently it all runs fine off a 2.5. I can't comment on the other hardware mentioned by the OP because of lack of experience. Volker -- Volker Kuhlmann is list0570 with the domain in header. http://volker.top.geek.nz/ Please do not CC list postings to me. ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandeis ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] More ports
So I broke down and bought an apu4 due to arrive wednesday. It is replacing my dell 2850 which is now a freenas box with plex. I believe this apu4 has 3 gig ports. I'm curious if i can plug one into and old hub i have to give me more. Also if the hub is 100 meg will it bring down the lan port or just affect this one port and everything on the old hub? In the future I'd like to get a gig switch and pull cat 5 thru the house to complement the wireless. Is there an advantage to a managed switch? I'm not sure what I'd gain with it? Sent from my U.S. Cellular® Smartphone ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] More ports
Thank you for the info. By more ports I ment the ability to plug in more devices. Computers, printers, VoIP, etc... Not 100% what you mean by interfaces in pfsense. In my current setup we are 99% wireless. With pfSense I've been able to limit bandwidth per device as well as content filtering and hours of use for the kids. Now that we're playing with plex I'm finding we flood the wifi pretty easily. There is also a big difference with the network shares. 2.5 meg wifi to 15 meg plugged in. The terms you mention for management I'm not familiar with. This is a home network so not sure we'd have a use? Sent from my iPad On Dec 13, 2014, at 9:06 PM, Chris Bagnall pfse...@lists.minotaur.cc wrote: On 14/12/14 1:56 am, Brian Caouette wrote: I believe this apu4 has 3 gig ports. I'm curious if i can plug one into and old hub i have to give me more. More physical ports, yes. More interfaces in pfSense, no. If you want the latter, you'll need a VLAN-capable switch. But things like the HP 1810-8G (gigabit on all 8 ports) are so cheap these days you might prefer just to buy new. Also if the hub is 100 meg will it bring down the lan port or just affect this one port and everything on the old hub? Only everything attached to it - the other ports on the APU wouldn't be affected. But see above, I don't think it's going to give you what you want (more interfaces to configure, I presume). In the future I'd like to get a gig switch and pull cat 5 thru the house to complement the wireless. Is there an advantage to a managed switch? I'm not sure what I'd gain with it? VLAN capability and ability to enable/disable ports remotely are the obvious ones in a small network. In larger networks, things like span ports (for IDS), 802.11x port authentication (to stop people plugging dodgy things into your network), LACP (bonding links between switches), flow control, etc. etc. make managed switches worth their weight in gold. As above, though, the cost difference between a decent (light-) managed switch and an unmanaged switch is pretty negligible these days, so there's only a very marginal cost saving to be made, and you never know when those management features come in really handy. I use an HP 2510-24G at home, which is probably an overkill. The cheaper 1810-24G has the basic management capabilities listed above, and is fanless, which makes it a good choice for a home or small office environment. (I've listed HP models because that's what I've experience with, no doubt other manufacturers have similar models. Just watch out for some of the cheap Netgears that claim to be 'managed' (model beginning J I think) - they have a horrible Adobe Air management app that only works from a Windows PC, and only on the subnet the device is connected to) Kind regards, Chris -- This email is made from 100% recycled electrons ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Recomend
I've been looking at the kit at Netgate for $199 to replace my poweredge 2850 for pfSense. My concern is the sd/flash memory and the use of squid primarily for content filtering but also limited caching. My understanding is the SSD or SD card will have its life limited by the extensive r/w. Can anyone with experience with the 2850 and this device comment as to how it will compare beyond the obviously smaller sizer and lower power consumption. Is there anything I should know consider? Sent from my iPad ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Limit bandwith pr user / ip
Good question! I'd be interested in this myself. Sent from my iPad On Nov 1, 2014, at 7:07 PM, Morten Christensen mc-m...@g.mc.cx wrote: I am going to setup pfSense as gateway/firewall in front of a small wireless broadband system with 10 to 20 houses connected. We want to prevent one single house from taking up all bandwith, when other users can use their share, but not to restrict anyone unnessessary, when demand is low. I have found howto's that make permanent limits on each users or ip-numbers bandwith, They seems to make that limitation without taking care of, if the limitations is needed. Other howto's shows how to make smarter QOS limitations based on different applications like telephones versus http-download that is only active, when a service actually needs the bandwith. Do you know of howto's that can limit users bandwith, when the line is under heavy use, but not, when that user is alone on the line, and that do not care if the user is downloading an ISO, streaming HDTV or making a video-conference ? -- Morten Christensen ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] a notification is not sent when a gateway is down[https://redmine.pfsense.org/issues/3306]
I don't get emails either. On 10/8/2014 12:09 PM, Jason Pyeron wrote: -Original Message- From: Brian Caouette Sent: Wednesday, October 08, 2014 11:59 On 10/8/2014 11:39 AM, Jason Pyeron wrote: I think I am being hit by the same issue. Here is what I tried: Version: 2.0.2-RELEASE (i386) built on Fri Dec 7 16:30:25 EST 2012 FreeBSD 8.1-RELEASE-p13 Test email is recived when hitting save on the notifications page. snip/ As shown above, I pulled the uplink for about 10 seconds. No email. Email, DNS, etc are LAN side resources. Any suggestions? snip/ If i'm understanding your message this is expected behavior. You pull the uplink and the pings will fail. Thats the whole point. And then an email should be sent, which it is not being sent. -Jason -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100- - +1 (443) 269-1555 x333Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] HAVP and Netflix
What would cause Netflix to fail when HAVP is active? The box to check streaming is not checked. Sent from my iPad ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Adding Ethernetports
System completely locked up and denied me the ability to log back in when I did bridge mode. I have to format and reinstall and configure everything. That was a tedious nightmare. I did try using the port as a standalone. I assigned it an ip. Was able to ping it. Plugged in a netgear set to dhcp and it did not receive an ip. pfSense did have dhcp active on this card and it had a range of ip's. I also notice that the range I assigned to this card was being used on my other subnet even though it wasn't configured that way. I'm confused as to whats happening and why i'm having such a hard time getting another lan card to work. On 10/3/2014 1:10 PM, Espen Johansen wrote: Pfsense ?interfaces ?add bridge and add lan and your new interfaces to it. You will then have multiple lan interfaces acting the same as your lan. Or same as as router with multiple lan ports would. 3. okt. 2014 18:42 skrev Brian Caouette bri...@dlois.com mailto:bri...@dlois.com følgende: Where do I find that? Which of my issues does it solve? On 10/3/2014 12:08 PM, Espen Johansen wrote: Bridge to LAN. 3. okt. 2014 18:05 skrev Brian Caouette bri...@dlois.com mailto:bri...@dlois.com følgende: Just wanted to thank those of you who replied. Finally got the card noticed in pFsense. Had to use the add hardware feature on the VM. Now the problem is getting it to route traffic. I am able to ping the two ports from the pfsense diag menu but am not able to ping outside the network. I did create a rule to pass all traffic but still nothing. Is there something special I need to do to get the two new ports to work? Also is there a way to have the dhcp range the same as the lan so that it works like a consumer of the shelf router? Basically additional ports in the same net range. On 9/19/2014 1:37 PM, Adam Thompson wrote: There's also the unofficial VMware ESXi white-box HCL, but it hasn't really been updated since v4.x. Agreed that if this is anything more than a test system, stick with the HCL and a support contract. Been there, done that, have the scars to prove it ... -Adam On September 19, 2014 12:18:31 PM CDT, Paul Beriswill paul.berisw...@pdfcomplete.com mailto:paul.berisw...@pdfcomplete.com wrote: I have had mixed results trying to find support for hardware that is not on the vmWare HCL and often spend way too much time hunting for solutions. You are *much* better off sticking with officially supported hardware. That being said, This link *may* have the drivers that you are looking for ... https://my.vmware.com/web/vmware/details?downloadGroup=DT-ESXI55-INTEL-IGB-42168productId=353 Should probably take this to one of the vmware support groups. Paul On 09/19/2014 11:28 AM, Brian Caouette wrote: Yes VM. I do not see the card listed there either. I do not understand VM and all the plugs and drivers. Can you point me in the right direction? On 9/19/2014 11:17 AM, Paul Beriswill wrote: Your pfSense is running on a VM ... correct? Does vmware recognize the nic? I know some versions of esx need custom drivers for even some intel NIC's. Paul On 09/19/2014 09:31 AM, Brian Caouette wrote: I added a dual port nic to my pfsense box and it doesn't show the additional ports. The new nic doesn't show anywhere. I am using a PowerEdge 2850 and an Intel Card. I am also using vmware on the machine. Any ideas what may be going on? ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- *Paul Beriswill* PDF Complete Inc | www.pdfcomplete.com http://www.pdfcomplete.com/ 550 Club Drive, Ste. 477 | Montgomery, TX 77316 512.263.0868 x 707 tel:512.263.0868%20x%20707 direct | paul.berisw...@pdfcomplete.com mailto:paul.berisw...@pdfcomplete.com PDF Complete http://www.pdfcomplete.com/ ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- *Paul Beriswill* PDF Complete Inc | www.pdfcomplete.com http://www.pdfcomplete.com/ 550 Club Drive, Ste. 477 | Montgomery, TX 77316 512.263.0868 x 707 tel:512.263.0868%20x%20707
Re: [pfSense] a notification is not sent when a gateway is down [https://redmine.pfsense.org/issues/3306]
On 10/8/2014 11:39 AM, Jason Pyeron wrote: I think I am being hit by the same issue. Here is what I tried: Version: 2.0.2-RELEASE (i386) built on Fri Dec 7 16:30:25 EST 2012 FreeBSD 8.1-RELEASE-p13 Test email is recived when hitting save on the notifications page. One gateway. Monitor IP is set [64.221.77.118]. From pfSense shell ping 64.221.77.118: snip/ 64 bytes from 64.221.77.118: icmp_seq=68 ttl=255 time=0.861 ms 64 bytes from 64.221.77.118: icmp_seq=69 ttl=255 time=0.844 ms 64 bytes from 64.221.77.118: icmp_seq=70 ttl=255 time=0.820 ms ping: sendto: No route to host ping: sendto: No route to host ping: sendto: No route to host ping: sendto: No route to host ping: sendto: No route to host ping: sendto: No route to host ping: sendto: No route to host 64 bytes from 64.221.77.118: icmp_seq=71 ttl=255 time=13581.729 ms 64 bytes from 64.221.77.118: icmp_seq=72 ttl=255 time=12573.693 ms 64 bytes from 64.221.77.118: icmp_seq=73 ttl=255 time=11565.238 ms 64 bytes from 64.221.77.118: icmp_seq=85 ttl=255 time=0.764 ms 64 bytes from 64.221.77.118: icmp_seq=86 ttl=255 time=0.874 ms 64 bytes from 64.221.77.118: icmp_seq=87 ttl=255 time=0.841 ms snip/ --- 64.221.77.118 ping statistics --- 145 packets transmitted, 134 packets received, 7.6% packet loss round-trip min/avg/max/stddev = 0.755/282.375/13581.729/1864.098 ms Weight: 1 Latency thresholds: 1 to 2 Packet Loss thresholds: 0.001 to 0.001 Frequency Probe: 1 Down: 1 As shown above, I pulled the uplink for about 10 seconds. No email. Email, DNS, etc are LAN side resources. Any suggestions? -Jason -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100- - +1 (443) 269-1555 x333Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list If i'm understanding your message this is expected behavior. You pull the uplink and the pings will fail. Thats the whole point. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Adding Ethernetports
Just wanted to thank those of you who replied. Finally got the card noticed in pFsense. Had to use the add hardware feature on the VM. Now the problem is getting it to route traffic. I am able to ping the two ports from the pfsense diag menu but am not able to ping outside the network. I did create a rule to pass all traffic but still nothing. Is there something special I need to do to get the two new ports to work? Also is there a way to have the dhcp range the same as the lan so that it works like a consumer of the shelf router? Basically additional ports in the same net range. On 9/19/2014 1:37 PM, Adam Thompson wrote: [pfSense] Adding Ethernetports There's also the unofficial VMware ESXi white-box HCL, but it hasn't really been updated since v4.x. Agreed that if this is anything more than a test system, stick with the HCL and a support contract. Been there, done that, have the scars to prove it ... -Adam On September 19, 2014 12:18:31 PM CDT, Paul Beriswill paul.berisw...@pdfcomplete.com wrote: I have had mixed results trying to find support for hardware that is not on the vmWare HCL and often spend way too much time hunting for solutions. You are *much* better off sticking with officially supported hardware. That being said, This link *may* have the drivers that you are looking for ... https://my.vmware.com/web/vmware/details?downloadGroup=DT-ESXI55-INTEL-IGB-42168productId=353 Should probably take this to one of the vmware support groups. Paul On 09/19/2014 11:28 AM, Brian Caouette wrote: Yes VM. I do not see the card listed there either. I do not understand VM and all the plugs and drivers. Can you point me in the right direction? On 9/19/2014 11:17 AM, Paul Beriswill wrote: Your pfSense is running on a VM ... correct? Does vmware recognize the nic? I know some versions of esx need custom drivers for even some intel NIC's. Paul On 09/19/2014 09:31 AM, Brian Caouette wrote: I added a dual port nic to my pfsense box and it doesn't show the additional ports. The new nic doesn't show anywhere. I am using a PowerEdge 2850 and an Intel Card. I am also using vmware on the machine. Any ideas what may be going on? ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- *Paul Beriswill* PDF Complete Inc | www.pdfcomplete.com http://www.pdfcomplete.com/ 550 Club Drive, Ste. 477 | Montgomery, TX 77316 512.263.0868 x 707 direct | paul.berisw...@pdfcomplete.com mailto:paul.berisw...@pdfcomplete.com PDF Complete http://www.pdfcomplete.com/ ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- *Paul Beriswill* PDF Complete Inc | www.pdfcomplete.com http://www.pdfcomplete.com/ 550 Club Drive, Ste. 477 | Montgomery, TX 77316 512.263.0868 x 707 direct | paul.berisw...@pdfcomplete.com mailto:paul.berisw...@pdfcomplete.com PDF Complete http://www.pdfcomplete.com/ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- Sent from my Android device with K-9 Mail. Please excuse my brevity. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Adding Ethernetports
Where do I find that? Which of my issues does it solve? On 10/3/2014 12:08 PM, Espen Johansen wrote: Bridge to LAN. 3. okt. 2014 18:05 skrev Brian Caouette bri...@dlois.com mailto:bri...@dlois.com følgende: Just wanted to thank those of you who replied. Finally got the card noticed in pFsense. Had to use the add hardware feature on the VM. Now the problem is getting it to route traffic. I am able to ping the two ports from the pfsense diag menu but am not able to ping outside the network. I did create a rule to pass all traffic but still nothing. Is there something special I need to do to get the two new ports to work? Also is there a way to have the dhcp range the same as the lan so that it works like a consumer of the shelf router? Basically additional ports in the same net range. On 9/19/2014 1:37 PM, Adam Thompson wrote: There's also the unofficial VMware ESXi white-box HCL, but it hasn't really been updated since v4.x. Agreed that if this is anything more than a test system, stick with the HCL and a support contract. Been there, done that, have the scars to prove it ... -Adam On September 19, 2014 12:18:31 PM CDT, Paul Beriswill paul.berisw...@pdfcomplete.com mailto:paul.berisw...@pdfcomplete.com wrote: I have had mixed results trying to find support for hardware that is not on the vmWare HCL and often spend way too much time hunting for solutions. You are *much* better off sticking with officially supported hardware. That being said, This link *may* have the drivers that you are looking for ... https://my.vmware.com/web/vmware/details?downloadGroup=DT-ESXI55-INTEL-IGB-42168productId=353 Should probably take this to one of the vmware support groups. Paul On 09/19/2014 11:28 AM, Brian Caouette wrote: Yes VM. I do not see the card listed there either. I do not understand VM and all the plugs and drivers. Can you point me in the right direction? On 9/19/2014 11:17 AM, Paul Beriswill wrote: Your pfSense is running on a VM ... correct? Does vmware recognize the nic? I know some versions of esx need custom drivers for even some intel NIC's. Paul On 09/19/2014 09:31 AM, Brian Caouette wrote: I added a dual port nic to my pfsense box and it doesn't show the additional ports. The new nic doesn't show anywhere. I am using a PowerEdge 2850 and an Intel Card. I am also using vmware on the machine. Any ideas what may be going on? ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- *Paul Beriswill* PDF Complete Inc | www.pdfcomplete.com http://www.pdfcomplete.com/ 550 Club Drive, Ste. 477 | Montgomery, TX 77316 512.263.0868 x 707 tel:512.263.0868%20x%20707 direct | paul.berisw...@pdfcomplete.com mailto:paul.berisw...@pdfcomplete.com PDF Complete http://www.pdfcomplete.com/ ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- *Paul Beriswill* PDF Complete Inc | www.pdfcomplete.com http://www.pdfcomplete.com/ 550 Club Drive, Ste. 477 | Montgomery, TX 77316 512.263.0868 x 707 tel:512.263.0868%20x%20707 direct | paul.berisw...@pdfcomplete.com mailto:paul.berisw...@pdfcomplete.com PDF Complete http://www.pdfcomplete.com/ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- Sent from my Android device with K-9 Mail. Please excuse my brevity. ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Adding Ethernetports
Where do I find that? Which of my issues does it solve? On 10/3/2014 12:08 PM, Espen Johansen wrote: Bridge to LAN. 3. okt. 2014 18:05 skrev Brian Caouette bri...@dlois.com mailto:bri...@dlois.com følgende: Just wanted to thank those of you who replied. Finally got the card noticed in pFsense. Had to use the add hardware feature on the VM. Now the problem is getting it to route traffic. I am able to ping the two ports from the pfsense diag menu but am not able to ping outside the network. I did create a rule to pass all traffic but still nothing. Is there something special I need to do to get the two new ports to work? Also is there a way to have the dhcp range the same as the lan so that it works like a consumer of the shelf router? Basically additional ports in the same net range. On 9/19/2014 1:37 PM, Adam Thompson wrote: There's also the unofficial VMware ESXi white-box HCL, but it hasn't really been updated since v4.x. Agreed that if this is anything more than a test system, stick with the HCL and a support contract. Been there, done that, have the scars to prove it ... -Adam On September 19, 2014 12:18:31 PM CDT, Paul Beriswill paul.berisw...@pdfcomplete.com mailto:paul.berisw...@pdfcomplete.com wrote: I have had mixed results trying to find support for hardware that is not on the vmWare HCL and often spend way too much time hunting for solutions. You are *much* better off sticking with officially supported hardware. That being said, This link *may* have the drivers that you are looking for ... https://my.vmware.com/web/vmware/details?downloadGroup=DT-ESXI55-INTEL-IGB-42168productId=353 Should probably take this to one of the vmware support groups. Paul On 09/19/2014 11:28 AM, Brian Caouette wrote: Yes VM. I do not see the card listed there either. I do not understand VM and all the plugs and drivers. Can you point me in the right direction? On 9/19/2014 11:17 AM, Paul Beriswill wrote: Your pfSense is running on a VM ... correct? Does vmware recognize the nic? I know some versions of esx need custom drivers for even some intel NIC's. Paul On 09/19/2014 09:31 AM, Brian Caouette wrote: I added a dual port nic to my pfsense box and it doesn't show the additional ports. The new nic doesn't show anywhere. I am using a PowerEdge 2850 and an Intel Card. I am also using vmware on the machine. Any ideas what may be going on? ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- *Paul Beriswill* PDF Complete Inc | www.pdfcomplete.com http://www.pdfcomplete.com/ 550 Club Drive, Ste. 477 | Montgomery, TX 77316 512.263.0868 x 707 tel:512.263.0868%20x%20707 direct | paul.berisw...@pdfcomplete.com mailto:paul.berisw...@pdfcomplete.com PDF Complete http://www.pdfcomplete.com/ ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- *Paul Beriswill* PDF Complete Inc | www.pdfcomplete.com http://www.pdfcomplete.com/ 550 Club Drive, Ste. 477 | Montgomery, TX 77316 512.263.0868 x 707 tel:512.263.0868%20x%20707 direct | paul.berisw...@pdfcomplete.com mailto:paul.berisw...@pdfcomplete.com PDF Complete http://www.pdfcomplete.com/ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- Sent from my Android device with K-9 Mail. Please excuse my brevity. ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Autostart
I know pfsense will autoboot when power is turned on but in vmware it doesn't seem to be the case. We just lost power at home and pfsense never came back up until I connected to vmware to turn the virtual system back on. Is there a way to autostart on occasions like this when we loose power? A step by step would be VERY appreciated. I'm not very fluent in vmware and its use. Still haven't been able to get it to work with a new network card I added to the machine. Someone suggested I check to see if the bios recognizes it. Not even sure were that option is. I have a dell poweredge 2850. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Reports
Is there a way to do a weekly report based on MAC address showing times used, total time and date for the period? Trying to prove a point how much the kids use and that they are still online after bedtime. Sent from my iPad ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Adding Ethernetports
I added a dual port nic to my pfsense box and it doesn't show the additional ports. The new nic doesn't show anywhere. I am using a PowerEdge 2850 and an Intel Card. I am also using vmware on the machine. Any ideas what may be going on? ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Adding Ethernetports
There is only one slot that this card plug into. I will check those commands when I get home. Thank you. On 9/19/2014 10:35 AM, Espen Johansen wrote: check dmesg and pciconf -lv. If its not seen at all then try different slots and try to verify that card/slot is working. -lsf On Fri, Sep 19, 2014 at 4:31 PM, Brian Caouette bri...@dlois.com mailto:bri...@dlois.com wrote: I added a dual port nic to my pfsense box and it doesn't show the additional ports. The new nic doesn't show anywhere. I am using a PowerEdge 2850 and an Intel Card. I am also using vmware on the machine. Any ideas what may be going on? ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Adding Ethernetports
Yes VM. I do not see the card listed there either. I do not understand VM and all the plugs and drivers. Can you point me in the right direction? On 9/19/2014 11:17 AM, Paul Beriswill wrote: Your pfSense is running on a VM ... correct? Does vmware recognize the nic? I know some versions of esx need custom drivers for even some intel NIC's. Paul On 09/19/2014 09:31 AM, Brian Caouette wrote: [pfSense] Adding Ethernetports I added a dual port nic to my pfsense box and it doesn't show the additional ports. The new nic doesn't show anywhere. I am using a PowerEdge 2850 and an Intel Card. I am also using vmware on the machine. Any ideas what may be going on? ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- *Paul Beriswill* PDF Complete Inc | www.pdfcomplete.com http://www.pdfcomplete.com/ 550 Club Drive, Ste. 477 | Montgomery, TX 77316 512.263.0868 x 707 direct | paul.berisw...@pdfcomplete.com mailto:paul.berisw...@pdfcomplete.com PDF Complete http://www.pdfcomplete.com/ ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] How do I fix this?
The price was right but yes it consumes some power. Its loud and warms the room. Should be good in another month or so when we turn the furnace on. As for the nics I have no idea if their intel or not. Don't recall that detail. I'll try your suggestion and change the time and see what happens. On 9/3/2014 3:40 PM, compdoc wrote: I have tried the alternate IP. No change. Not sure what the other two do? Some connections might be slow to respond occasionally, or not handle constant pings well. You can send fewer pings, (every 3 seconds for instance) and wait a longer period of time before declaring the link is down. (like 30 seconds or so) The hardware is a dell 2850, i have a 15x1 cable connection. If you have nothing better to do with the PowerEdge, might as well use it. They look like they might consume some watts, though. Yours has only Intel nics? ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] How do I fix this?
2.1.4 Just one version behind. I haven't updated to the announced a few days ago. On 9/3/2014 2:14 PM, Bob Gustafson wrote: What version pfsense? On 09/03/2014 12:30 PM, Brian Caouette wrote: Sep 3 09:00:58 apinger: ALARM: dlois(192.254.233.145) *** loss *** Sep 3 08:59:55 apinger: alarm canceled: dlois(192.254.233.145) *** delay *** Sep 3 08:59:47 apinger: alarm canceled: dlois(192.254.233.145) *** down *** Sep 3 08:59:43 apinger: ALARM: dlois(192.254.233.145) *** down *** Sep 3 08:59:31 apinger: alarm canceled: dlois(192.254.233.145) *** down *** Sep 3 08:59:29 apinger: ALARM: dlois(192.254.233.145) *** down *** Sep 3 08:59:19 apinger: alarm canceled: dlois(192.254.233.145) *** loss *** Sep 3 08:59:19 apinger: alarm canceled: dlois(192.254.233.145) *** down *** Sep 3 08:59:18 apinger: ALARM: dlois(192.254.233.145) *** down *** Sep 3 08:59:04 apinger: ALARM: dlois(192.254.233.145) *** delay *** Sep 3 08:37:19 apinger: ALARM: dlois(192.254.233.145) *** loss *** Sep 3 08:36:07 apinger: alarm canceled: dlois(192.254.233.145) *** loss *** Sep 3 08:36:07 apinger: alarm canceled: dlois(192.254.233.145) *** down *** Sep 3 08:35:50 apinger: ALARM: dlois(192.254.233.145) *** down *** Sep 3 08:20:18 apinger: ALARM: dlois(192.254.233.145) *** loss *** Sep 3 08:19:06 apinger: alarm canceled: dlois(192.254.233.145) *** loss *** Sep 3 08:19:06 apinger: alarm canceled: dlois(192.254.233.145) *** down *** Sep 3 08:18:47 apinger: ALARM: dlois(192.254.233.145) *** down *** Sep 3 08:02:31 apinger: ALARM: dlois(192.254.233.145) *** loss *** Sep 3 08:01:19 apinger: alarm canceled: dlois(192.254.233.145) *** loss *** Sep 3 08:01:19 apinger: alarm canceled: dlois(192.254.233.145) *** down *** Sep 3 08:01:02 apinger: ALARM: dlois(192.254.233.145) *** down *** Sep 3 07:38:57 apinger: ALARM: dlois(192.254.233.145) *** loss *** Sep 3 07:37:46 apinger: alarm canceled: dlois(192.254.233.145) *** loss *** Sep 3 07:37:46 apinger: alarm canceled: dlois(192.254.233.145) *** down *** Sep 3 07:37:29 apinger: ALARM: dlois(192.254.233.145) *** down *** Sep 3 07:22:20 apinger: ALARM: dlois(192.254.233.145) *** loss *** Sep 3 07:21:09 apinger: alarm canceled: dlois(192.254.233.145) *** loss *** Sep 3 07:21:09 apinger: alarm canceled: dlois(192.254.233.145) *** down *** Sep 3 07:20:51 apinger: ALARM: dlois(192.254.233.145) *** down *** ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] How do I fix this?
This problem has been here since I began using pfsense. Even on another hardware box. Not sure its a version problem but I will be upgrading soon as I always stay current. On 9/3/2014 2:30 PM, Bob Gustafson wrote: Why not try the upgrade. Maybe the problem will go away.. On 09/03/2014 01:20 PM, Brian Caouette wrote: 2.1.4 Just one version behind. I haven't updated to the announced a few days ago. On 9/3/2014 2:14 PM, Bob Gustafson wrote: What version pfsense? On 09/03/2014 12:30 PM, Brian Caouette wrote: Sep 3 09:00:58 apinger: ALARM: dlois(192.254.233.145) *** loss *** Sep 3 08:59:55 apinger: alarm canceled: dlois(192.254.233.145) *** delay *** Sep 3 08:59:47 apinger: alarm canceled: dlois(192.254.233.145) *** down *** Sep 3 08:59:43 apinger: ALARM: dlois(192.254.233.145) *** down *** Sep 3 08:59:31 apinger: alarm canceled: dlois(192.254.233.145) *** down *** Sep 3 08:59:29 apinger: ALARM: dlois(192.254.233.145) *** down *** Sep 3 08:59:19 apinger: alarm canceled: dlois(192.254.233.145) *** loss *** Sep 3 08:59:19 apinger: alarm canceled: dlois(192.254.233.145) *** down *** Sep 3 08:59:18 apinger: ALARM: dlois(192.254.233.145) *** down *** Sep 3 08:59:04 apinger: ALARM: dlois(192.254.233.145) *** delay *** Sep 3 08:37:19 apinger: ALARM: dlois(192.254.233.145) *** loss *** Sep 3 08:36:07 apinger: alarm canceled: dlois(192.254.233.145) *** loss *** Sep 3 08:36:07 apinger: alarm canceled: dlois(192.254.233.145) *** down *** Sep 3 08:35:50 apinger: ALARM: dlois(192.254.233.145) *** down *** Sep 3 08:20:18 apinger: ALARM: dlois(192.254.233.145) *** loss *** Sep 3 08:19:06 apinger: alarm canceled: dlois(192.254.233.145) *** loss *** Sep 3 08:19:06 apinger: alarm canceled: dlois(192.254.233.145) *** down *** Sep 3 08:18:47 apinger: ALARM: dlois(192.254.233.145) *** down *** Sep 3 08:02:31 apinger: ALARM: dlois(192.254.233.145) *** loss *** Sep 3 08:01:19 apinger: alarm canceled: dlois(192.254.233.145) *** loss *** Sep 3 08:01:19 apinger: alarm canceled: dlois(192.254.233.145) *** down *** Sep 3 08:01:02 apinger: ALARM: dlois(192.254.233.145) *** down *** Sep 3 07:38:57 apinger: ALARM: dlois(192.254.233.145) *** loss *** Sep 3 07:37:46 apinger: alarm canceled: dlois(192.254.233.145) *** loss *** Sep 3 07:37:46 apinger: alarm canceled: dlois(192.254.233.145) *** down *** Sep 3 07:37:29 apinger: ALARM: dlois(192.254.233.145) *** down *** Sep 3 07:22:20 apinger: ALARM: dlois(192.254.233.145) *** loss *** Sep 3 07:21:09 apinger: alarm canceled: dlois(192.254.233.145) *** loss *** Sep 3 07:21:09 apinger: alarm canceled: dlois(192.254.233.145) *** down *** Sep 3 07:20:51 apinger: ALARM: dlois(192.254.233.145) *** down *** ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] How do I fix this?
On 9/3/2014 3:01 PM, compdoc wrote: Why not try the upgrade. Maybe the problem will go away.. There are also three settings for apinger that can be useful: Alternative monitor IP, Probe Interval, and Down Is this a new install, or a machine that recently developed a problem? ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list It's always been like this just never got around to asking anyone about it. The hardware is a dell 2850, i have a 15x1 cable connection. We have 6 people in the house. Should be over kill for us. Not sure why I would be seeing packet loss. Watching the graph on the dashboard i've only hit the 15 meg once. We typically average about half with everyone online. Youtube, Netflix, Growtopia and Mindcraft, Facebook, etc... ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] How do I fix this?
On 9/3/2014 3:01 PM, compdoc wrote: Why not try the upgrade. Maybe the problem will go away.. There are also three settings for apinger that can be useful: Alternative monitor IP, Probe Interval, and Down Is this a new install, or a machine that recently developed a problem? ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list I have tried the alternate IP. No change. Not sure what the other two do? ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Failed Downloads
I use squid and squid guard On 8/1/2014 6:54 PM, compdoc wrote: When i'm connected to pfsense downloads are failing. Are there any other packages installed? ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Failed Downloads
Hapv is off. I can't get it to work. The other settings you mention are the package defaults so those should be as you suggest. Where do you see the scan broken? Sent from my iPad On Aug 7, 2014, at 5:08 PM, compdoc comp...@hotrodpc.com wrote: I use squid and squid guard I don’t think anything in squid would block, but check to make sure everything is set to zero and only 'Throttle only specific extensions' is checked on this page: Proxy server: Traffic management You mentioned HAVP in another post and some downloads don’t work for me unless I uncheck: Antivirus: HTTP proxy: Scan Broken Executables I don’t use squid guard. But Snort is another one that needs some tuning. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Failed Downloads
Squid is set for transparent. Pretty much default settings. I've noticed the downloads appear to work but the files are always 5k. Sent from my iPad On Aug 2, 2014, at 10:10 PM, Moshe Katz mo...@ymkatz.net wrote: On Aug 1, 2014 6:46 PM, Brian Caouette bri...@dlois.com wrote: I subscribe to a karaoke service for my DJ business. When i'm connected to pfsense downloads are failing. This is what it looks like in squid realtime: 01.08.2014 18:41:10 192.168.1.10 NONE/411 http://www.kjmediaservices.com/safefiles/DTC18159%20-%20OneRepublic%20-%20Love%20Runs%20Out.SAF - - I've tried to tell that domain never to cache. I'm at a loss as to why the downloads from this site fail and why the bypass for the domain doesn't appear to be working. Any idea what i'm missing? How are you doing the bypass? How is your traffic going through squid - transparent proxy or explicit proxy? If you are using explicit proxy autoconfigured through wpad.dat, please show us the wpad.dat file that your browser gets. Moshe ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] HAPV
So whats the deal with the hapv package? I can't surf when its active. I also notice on the general tab. File scannerScanner status Path: Enter file path or catalog for scanning. _Squid cache path (scan you squid cache now)._ _Common DB path._ _Temp path._ Start Scanner 2014.07.29 13:18:00 Starting scan file '/var/squid'. -- ERROR: Can't connect to clamd: No such file or directory --- SCAN SUMMARY --- Infected files: 0 Total errors: 1 Time: 0.000 sec (0 m 0 s) Path= /var/squid all three scan.transparent SUGGESTIONS??? http://bbs.dlois.com:/index.php home.dlois.com * System * Interfaces * Firewall * Services * VPN * Status * Diagnostics * Help Antivirus: HTTP proxy (havp + clamav) http://bbs.dlois.com:/pkg_edit.php?xml=havp.xmlid=0help http://bbs.dlois.com:/help.php?page=havp.xml * General page http://bbs.dlois.com:/antivirus.php * HTTP proxy http://bbs.dlois.com:/pkg_edit.php?xml=havp.xmlid=0 * Settings http://bbs.dlois.com:/pkg_edit.php?xml=havp_avset.xmlid=0 Enable Check this for enable proxy. Proxy mode Select interface mode: *standard*- client(s) bind to the 'proxy port' on selected interface(s); *parent for squid*- configure HAVP as parent for Squid proxy; *transparent*- all HTTP requests on interface(s) will be directed to the HAVP proxy server without any client configuration necessary (works as parent for squid with transparent Squid proxy); *internal*- HAVP will listen on the loopback (127.0.0.1) on configured 'proxy port.' Use you own traffic forwarding rules. Proxy interface(s) The interface(s) for client connections to the proxy. Use 'Ctrl' + L. Click for multiple selection. Proxy port This is the port the proxy server will listen on (for example: 8080). This port must be different from Squid proxy. Parent proxy Enter the parent (upstream) proxy settings as PROXY:PORT format or leave empty. Enable X-Forwarded-For If client sent this header, FORWARDED_IP setting defines the value, then it is passed on. You might want to keep this disabled for security reasons. Enable this if you use your own parent proxy after HAVP, so it will see the original client IP. Disabling this also disables Via: header generation. Enable Forwarded IP If HAVP is used as a parent proxy for some other proxy, this allows writing the real user's IP to log, instead of the proxy IP. Language Select the language in which the proxy server will display error messages to users. Max download size, Bytes Enter value (in Bytes) or leave empty. Downloads larger than 'Max download size' will be blocked if not whitelisted. HTTP Range requests Set this for allow HTTP Range requests, and broken downloads can be resumed. Allowing HTTP Range is a security risk, because partial HTTP requests may not be properly scanned. Whitelisted sites are allowed to use Range in any case. Whitelist Enter each destination URL on a new line that will be accessable to the users without scanning. Use '*' symbol for mask. Example: *.github.com/*, *sourceforge.net/*clamav-*, */*.xml, */*.inc Blacklist Enter each destination domain on a new line that will be accessable to the users that are allowed to use the proxy. Block file if error scanning If set, the proxy will block the files on which an error scanning. Enable RAM Disk This option allow use RAM disk for HAVP temp files for more quick traffic scan. RAM disk size depends on 'ScanMax' file size and available memory. This option can be ignored on systems with low memory. ( RAM disk size calculated as [1/4 available system memory] [Scan max file size] * 100 ) Scan max file size Select this value for limit maximum file size or leave '---(5M)'. Files larger than this limit won't be scanned. Small values increace scan speed and maximum new connections per second and allow RAM disk use. NOTE: Setting limit is a security risk, because some archives like ZIP need all the data to be scanned properly! Use this only if you can't afford temporary space for big files. Scan images Check this for scan image files. This option allows you to increase reliability, but also slows down the scanning process. Scan media stream Check this for scan media (audio/video) stream. Use this for additional scan exploits for players. Scan Broken Executables Check this to enable the Heuristic Broken Executable scan. Log Check this for enable log. Syslog Check this for enable Syslog. pfSense https://www.pfsense.org/?gui211is © 2004 - 2014 byElectric Sheep Fencing LLC http://www.electricsheepfencing.com/. All Rights Reserved. [view license http://bbs.dlois.com:/license.php] -- Brian Caouette DJ-BrianC (207) 212-6560 www.djbrianc.us
[pfSense] Squid Problem and DNS?
I had issues upgrading to the new .4 version of pfSense. I was forced to start from scratch. That said I have it all up and running however I have two issues I can't figure out. #1. Initial page lookups are really slow. When I enter a website it will pause for 6-8 seconds then the page is instantly there. I have Googles DNS set in general and currently have stock DNS Forwarder active. It's set to use system defaults. #2. Squid is active and working but hit rate has been zero. It's been running a week now. Prior install I would average a really poor .5 -2%. I'm not sure what to do. I'm on Google over load now trying to find the answers and so far my config seems to be in line with general recommendations. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Squid Problem and DNS?
2.1.3 to 2.1.4 On 7/16/2014 10:33 AM, Ryan Coleman wrote: What version were you upgrading from? 2.1.3? 2.0.x? On Jul 16, 2014, at 9:25, Brian Caouette bri...@dlois.com wrote: I had issues upgrading to the new .4 version of pfSense. I was forced to start from scratch. That said I have it all up and running however I have two issues I can't figure out. #1. Initial page lookups are really slow. When I enter a website it will pause for 6-8 seconds then the page is instantly there. I have Googles DNS set in general and currently have stock DNS Forwarder active. It's set to use system defaults. #2. Squid is active and working but hit rate has been zero. It's been running a week now. Prior install I would average a really poor .5 -2%. I'm not sure what to do. I'm on Google over load now trying to find the answers and so far my config seems to be in line with general recommendations. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Squid Problem and DNS?
I have not tried ISP's dns as I've found Googles to be faster. I can try that test tonight when I get home though to rule out the possibility. As for #2 I understand I just find it odd the prior install although poor hit rate still produce results were the current install is at 0 after a week. Our traffic hasn't changed we still surf the same sites. The kids are typically on facebook, youtube, and game sites and the wife on school and work as I am. On 7/16/2014 10:39 AM, Chris Bagnall wrote: On 16/7/14 3:25 pm, Brian Caouette wrote: #1. Initial page lookups are really slow. When I enter a website it will pause for 6-8 seconds then the page is instantly there. I have Googles DNS set in general and currently have stock DNS Forwarder active. It's set to use system defaults. As a test, have you tried using your ISP's caching DNS servers instead, and does it make any difference? #2. Squid is active and working but hit rate has been zero. It's been running a week now. Prior install I would average a really poor .5 -2%. I'm not sure what to do. I'm on Google over load now trying to find the answers and so far my config seems to be in line with general recommendations. A great many websites these days rely on dynamic content and send cache-control headers to prevent proxies like Squid from caching things. You can play with Squid's settings to ignore some cache-control headers, but obviously there are risks of delivering your clients out of date content by doing that. Kind regards, Chris ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Squid Problem and DNS?
Think I figured it out.. I had the hostname set to that of my website that is hosted offsite. As soon as I changed it to localhost webpages opened instantly! On 7/16/2014 10:42 AM, Brian Caouette wrote: 2.1.3 to 2.1.4 On 7/16/2014 10:33 AM, Ryan Coleman wrote: What version were you upgrading from? 2.1.3? 2.0.x? On Jul 16, 2014, at 9:25, Brian Caouette bri...@dlois.com wrote: I had issues upgrading to the new .4 version of pfSense. I was forced to start from scratch. That said I have it all up and running however I have two issues I can't figure out. #1. Initial page lookups are really slow. When I enter a website it will pause for 6-8 seconds then the page is instantly there. I have Googles DNS set in general and currently have stock DNS Forwarder active. It's set to use system defaults. #2. Squid is active and working but hit rate has been zero. It's been running a week now. Prior install I would average a really poor .5 -2%. I'm not sure what to do. I'm on Google over load now trying to find the answers and so far my config seems to be in line with general recommendations. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Unbound vs stock
Why is it unbound doesn't report dns name for light squid and if I return to stock it does? In both of them I have enabled register static mappings yet unbound doesn't give the time to light squid in the reports were stock does.. Sent from my iPad ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Unbound vs stock
So the fix to make it work the same would be to add 127.0.0.1 to resolv.conf manually? Sent from my iPad On Jul 11, 2014, at 6:19 PM, Dave Warren da...@hireahit.com wrote: On 2014-07-11 10:04, Brian Caouette wrote: Why is it unbound doesn't report dns name for light squid and if I return to stock it does? In both of them I have enabled register static mappings yet unbound doesn't give the time to light squid in the reports were stock does.. When you use dnsmasq, pfSense adds 127.0.0.1 to the top of resolv.conf, and therefore pfSense itself asks dnsmasq for local resolution and is able to resolve local hostnames. However, when you use unbound, dnsmasq is turned off, so pfSense itself is just using your configured DNS servers (or ISP DHCP provided ones, depending on configuration) Assuming unbound does full resolution and doesn't forward, you can work around this by listing 127.0.0.1 as your primary DNS resolver in pfSense. However, if you do that, you'll have to make sure that pfSense isn't handing out these DNS servers IPs to clients anywhere (DHCP server? OpenVPN?) And if you have unbound forwarding, obviously you can't include 127.0.0.1 or unbound will forward to itself. Finally, pointing to 127.0.0.1 will partially break upgrades since pfSense will come up without packages, and therefore without a DNS server, then it will find itself unable to find pfsense.org to download packages. Ultimately the fix will be for pfSense to recognize unbound as a local DNS server and add it to resolv.conf by default, similar to dnsmasq. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Unbound vs stock
So add 127... to the system general and edit dhcp to use desired dns instead of system dns settings? Sent from my iPad On Jul 11, 2014, at 7:38 PM, Espen Johansen pfse...@gmail.com wrote: Add it to pfsense dns list. Remove it from dhcp etc. If it's used there. 12. juli 2014 01:26 skrev Brian Caouette bri...@dlois.com følgende: So the fix to make it work the same would be to add 127.0.0.1 to resolv.conf manually? Sent from my iPad On Jul 11, 2014, at 6:19 PM, Dave Warren da...@hireahit.com wrote: On 2014-07-11 10:04, Brian Caouette wrote: Why is it unbound doesn't report dns name for light squid and if I return to stock it does? In both of them I have enabled register static mappings yet unbound doesn't give the time to light squid in the reports were stock does.. When you use dnsmasq, pfSense adds 127.0.0.1 to the top of resolv.conf, and therefore pfSense itself asks dnsmasq for local resolution and is able to resolve local hostnames. However, when you use unbound, dnsmasq is turned off, so pfSense itself is just using your configured DNS servers (or ISP DHCP provided ones, depending on configuration) Assuming unbound does full resolution and doesn't forward, you can work around this by listing 127.0.0.1 as your primary DNS resolver in pfSense. However, if you do that, you'll have to make sure that pfSense isn't handing out these DNS servers IPs to clients anywhere (DHCP server? OpenVPN?) And if you have unbound forwarding, obviously you can't include 127.0.0.1 or unbound will forward to itself. Finally, pointing to 127.0.0.1 will partially break upgrades since pfSense will come up without packages, and therefore without a DNS server, then it will find itself unable to find pfsense.org to download packages. Ultimately the fix will be for pfSense to recognize unbound as a local DNS server and add it to resolv.conf by default, similar to dnsmasq. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Update
The update from 2.1.3 to 2.1.4 failed hard for me. I got a unable to load kernel message on reboot. That said I reinstalled and am rebuilding my setup. I noticed a glitch however. On the dashboard it was saying I was on the current version but it's no longer able to obtain update status. I'm wondering what port it uses and what rule may have broke the updates? ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Update
How so? The network has always worked. I discovered pf with 2.1.1 and it gone thru the other two updates with minimal fuss. On the prior sit was package issues. Sent from my iPad On Jul 10, 2014, at 6:22 PM, Oliver Hansen oliver.han...@gmail.com wrote: Usually when I see that message it's because DNS is not configured correctly on the box. On Jul 10, 2014 9:44 AM, Brian Caouette bri...@dlois.com wrote: The update from 2.1.3 to 2.1.4 failed hard for me. I got a unable to load kernel message on reboot. That said I reinstalled and am rebuilding my setup. I noticed a glitch however. On the dashboard it was saying I was on the current version but it's no longer able to obtain update status. I'm wondering what port it uses and what rule may have broke the updates? ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Captive portal and RADIUS authentication
I use the internal radius server with captive portal and it works great. Have you tried that or do you need external? I'm not familiar with the errors you mention so I can't comment much there. I'm also not on the new 2.1.4 yet. I just attempted that update remotely and the box never came back online so I'll have to see what happen when I get home tonight. That's the one thing I find annoying with updates. They take forever and don't always come up and when they do there's always package issues. I've seen this on two different hardware setups now. Other then that pfSense once setup is amazing! On 7/9/2014 12:47 PM, Nicola Ferrari (#554252) wrote: Just send this also on PFSense.org forum, but I'm new to PFSense and also it's community, so don't know if users are usually the same ;) Anyway Hi everybody. I'm Italian so please sorry for my poor english. I just set up a new PFSense 2.1.4. I'm trying to use RADIUS Auth for the Captive portal. Captive Portal with Local Auth is working fine. I set up RADIUS Role on my Win2008R2 DC . It's working. If I add the server in User management - Servers and then try with Diagnostics - Authentication I can see the authentication attempt in my Windows Event Viewer, and PFSense says User authenticated succesfully But if I try to use RADIUS in Captive portal configuration: - with PAP auth I get a red message in the captive portal page after authentication Error sending request. No RADIUS server specified and on the top of the page something such a PHP error: Warning: invalid argument supplied for foreach in /usr/local/captiveportal/radius_authentication.inc line 87 - with MSCHAPv2 auth I get a blank page with the PHP error, plus information about memory allocation Fatal error. Allowed memory size of 268435856 bytes exhausted (tried to allocate 4294967295 bytes) in /etc/inc/radius.inc line 446. Where is my mistake? Thanks! Nick ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] vhost
Can anyone tell me why this isn't working? The service doesn't start. Jul 2 11:10:42php[38007]: /status_services.php: The command '/usr/local/etc/rc.d/vhosts-http.sh stop' returned exit code '1', the output was 'usage: kill [-s signal_name] pid ... kill -l [exit_status] kill -signal_name pid ... kill -signal_number pid ...' Jul 2 11:10:33lighttpd[34110]: (connections.c.137) (warning) close: 12 Connection reset by peer Jul 2 11:09:52check_reload_status: Reloading filter Jul 2 11:09:45php[38007]: /pkg_mgr_install.php: Beginning package installation for vHosts . ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] vhost
Where do I find that log file? On another note it is now opening. The ip range was set wrong. That said it does not server any web pages. The link in the package for docs is not correct. Is there more information on this package somewhere? I notice it requires a host to be set. Is there a way to serve a web page without it? I'm using no-ip so my host would not be correct. For example my no-ip domain is dlois.ddns.net but I use a cname from my hosting provide as a redirect so minecraft.dlois.com forwards to my home network so that kids can play with their friends. The game uses it's own port but I'd like some to open on port 80 if someone were to connect with a browser. Is this doable? Pfsense opens on another port that's not 80. Sent from my iPad On Jul 2, 2014, at 3:23 PM, Ryan Coleman ryanjc...@me.com wrote: It looks like it opens and dies. What does the lighttpd log file say? On Jul 02, 2014, at 02:22 PM, Brian Caouette bri...@dlois.com wrote: Can anyone tell me why this isn't working? The service doesn't start. Jul 2 11:10:42 php[38007]: /status_services.php: The command '/usr/local/etc/rc.d/vhosts-http.sh stop' returned exit code '1', the output was 'usage: kill [-s signal_name] pid ... kill -l [exit_status] kill -signal_name pid ... kill -signal_number pid ...' Jul 2 11:10:33 lighttpd[34110]: (connections.c.137) (warning) close: 12 Connection reset by peer Jul 2 11:09:52 check_reload_status: Reloading filter Jul 2 11:09:45 php[38007]: /pkg_mgr_install.php: Beginning package installation for vHosts . ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] lots of problem with squid3-dev and squidguard-squid3
I had issues with the dev version myself. The prior works well however. Sent from my iPad On Jun 12, 2014, at 3:34 AM, Faisal Gillani faisal.gill...@akesp.org wrote: Well I don’t use squid guard, or any other web filter package on my pfSense. Just plain old squid and its blacklist option if that is I only need to Block couple of websites. For more category based block I use www.opendns.com image001.png HTH Faisal Gillani Pakistan From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of A Mohan Rao Sent: Wednesday, June 11, 2014 10:16 PM To: pfSense Support and Discussion Mailing List Subject: Re: [pfSense] lots of problem with squid3-dev and squidguard-squid3 First thanks for reply my email. for sites blocking i m using proxy filter http://www.shallalist.de/Downloads/shallalist.tar.gz Blacklist options Blacklist [X] Check this option to enable blacklist Blacklist proxy 172.16.100.1:8080 Blacklist upload proxy - enter here, or leave blank. Format: host:[port login:pass] . Default proxy port 1080. Example: '192.168.0.1:8080 user:pass' Blacklist URL http://www.shallalist.de/Downloads/shallalist.tar.gz Enter the path to the blacklist (blacklist.tar.gz) here. You can use FTP, HTTP or LOCAL URL blacklist archive or leave blank. The LOCAL path could be your pfsense (/tmp/blacklist.tar.gz). [Save] On Wed, Jun 11, 2014 at 10:42 PM, faisal.gill...@akesp.org faisal.gill...@akesp.org wrote: How are you blocking websites ? Use blacklist option for the websites you want blocked . HTH Faisal Gillani Pakistan Sent from my Verizon Wireless 4G LTE Smartphone - Reply message - From: A Mohan Rao mohanra...@gmail.com To: pfSense Support and Discussion Mailing List List@lists.pfsense.org Subject: [pfSense] lots of problem with squid3-dev and squidguard-squid3 Date: Wed, Jun 11, 2014 9:54 PM Dear all experts, i install only packages in my pfsense firewall one of squid3-dev then squidguard-squid3 and i alos properly configured it with transparent proxy because i do not need to go client pc and change to proxy settings on any browser.. squid and squid guard services are properly started at status -- services but when i try to check internet at client pc some times it works fine and main problem is google and gmail is not opening other all sites are open properly then i block the https facebook and https youtube its only block http facebook or youtube. https facebook or https youtube are properly works. please give any idea where i m wrong. thanks A Mohan Rao Network Administrator IPS ACADEMY INDORE MADHYA PRADESH +91 98260 61122 ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Disk Space
Mounted Filesystems TypePartition Percent CapacityFreeUsedSize /dev/da0s1a 17%4.38 GB 988.37 MB 5.81 GB /dev/md0 2% 3.26 MB 62.00 KB3.61 MB devfs100% 0.00 KB 1.00 KB 1.00 KB devfs100% 0.00 KB 1.00 KB 1.00 KB Totals : 17%4.38 GB 988.43 MB 5.81 GB I'm guessing this isn't good. How do I fix it? Sent from my iPad___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Disk Space
What concerned me is I got a file system full error last night despite pfSense telling me I was only using 18% of the drive. This was the only thing I could find was the two paths? At 100% full. Being a windows guy this has been a learning curve for me but things are finally starting to come together. Sent from my iPad On Jun 7, 2014, at 6:47 AM, Espen Johansen pfse...@gmail.com wrote: 1kb size should clue you in. This is however completely normal. 7. juni 2014 12:45 skrev Brian Caouette bri...@dlois.com følgende: Mounted Filesystems Type Partition Percent CapacityFreeUsedSize /dev/da0s1a 17%4.38 GB 988.37 MB 5.81 GB /dev/md0 2% 3.26 MB 62.00 KB3.61 MB devfs 100% 0.00 KB 1.00 KB 1.00 KB devfs 100% 0.00 KB 1.00 KB 1.00 KB Totals : 17%4.38 GB 988.43 MB 5.81 GB I'm guessing this isn't good. How do I fix it? Sent from my iPad ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Squidguard Issues
For the past few days I was experiencing issues were squidguard did not always work. Finally this morning I stumble into the problem. It turns out that if you enable the save bandwidth feature in chrome you can access all the adult sites. If you shut the feature off everything is blocked as expected. I've test with android phone and iPad and it works the same. I guess my next question is what port is chrome using for this feature and how to we tell squidguard to also watch for content on this port that also needs to be filtered? ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Report Errors
Didn't see anything related to squidguard in there. As expected a few minutes after I sent that email the websites were blocked again as they should be. Something very intermittent. Really appreciate the reply! Not sure if its related but squid in general has a very low to non existent hit ratio. I've been googling and searching forums to no avail. Every thing appears correct. I can sit there watching the real time monitor and watching it happen. Everything comes back as a miss even those sites I've been to just moments prior. I don't know if this will help much but: http://www.dlois.com/status.html Brian On 6/3/2014 9:10 AM, Ryan Coleman wrote: What do your logs say? On Jun 3, 2014, at 6:56, Brian Caouette bri...@dlois.com wrote: That is true. It just seems like I get something working then it stops work a few hours later. I've seen packages not start up at on. This morning I can surf to porn sites despite them being blocked last night. With making any changes squidguard just stopped blocking. I've left all settings in place so it should still be blocking. Just getting frustrated is all. Sent from my iPad On Jun 2, 2014, at 8:57 PM, Jim Thompson j...@netgate.com wrote: On Jun 2, 2014, at 13:18, Brian Caouette bri...@dlois.com wrote: As much as I like pfSense it and packages are really prone to glitches and over all bugs. PfSense has bugs, and packages have bugs, but it is a mistake to conflate the two. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Monitoring
Is there a package for pfsense that will watch server availability. Something like servers alive? or even pingdom.com ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Monitoring
I just installed the NRPE package to pfSense. How its it used? Is there a docs page to make this work with pf? On 6/3/2014 2:04 PM, Bruno Martins wrote: NRPE is a package. Nagios is an external monitoring system that you can use to monitor everything. On Jun 3, 2014 6:59 PM, Brian Caouette bri...@dlois.com mailto:bri...@dlois.com wrote: These are pfSense packages? On 6/3/2014 1:54 PM, Bruno Martins wrote: Best approach is to use Nagios and NRPE. On Jun 3, 2014 4:02 PM, Brian Caouette bri...@dlois.com mailto:bri...@dlois.com wrote: Is there a package for pfsense that will watch server availability. Something like servers alive? or even pingdom.com http://pingdom.com ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Report Errors
I have a report page setup at: dlois.com/status.html This page doesn't seem to update: http://bbs.dlois.com:/bandwidthd/index.html This one shows a really low hit rate: http://bbs.dlois.com:/lightsquid/index.cgi I thought Squid was better than this. Suggestions? This page has errors: http://bbs.dlois.com:/phpsysinfo/ Can anyone point me in the right direction? As much as I like pfSense it and packages are really prone to glitches and over all bugs. -- Brian Caouette DJ-BrianC (207) 212-6560 www.djbrianc.us ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Thermal Sensors
What's the trick to get the thermal sensors to work on pfSense? I'm using a power edge 2850 and they clearly show up in VMWare 4.1 Sent from my iPad ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] vmware
I'm looking to use vmware 4.1 on my poweredge 2850 when it arrives. I have a question on how virtual machines work. With a hardware configuration of two nics wan/lan how does each vm use them? Do I need a nic for each vm or as long as each ap is using a different port i'm good to go? I'm thinking a vm for pfsense, another vm for a webserver, etc... ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Setup advice
Not impossible. It ran well with a few packages. Only glitch I saw was the cpu would max out at times. Mostly when I had the dashboard open. Bandwidth bottle neck which I suspect was a result of my P2 433 not being able to handle the 15x1 cable connection and Squid had terrible hit ratios no mater when I tried. The system did work however and I ran it for several months before ordering a poweredge 2850 which i'm told is overkill but hey the price was right and I have room to grow. :-) On 5/28/2014 11:17 AM, Ryan Coleman wrote: I know pfsense will run on very limited specs but 512k(b) is a little extreme and I’m sure impossible :) On May 25, 2014, at 18:59, bri...@dlois.com wrote: Thank you for replying. Why so much? My test machine which I used to introduce myself to Pfsense had 512k ram and 4gig ram and it uses 45% of it. I have terrible hit ratios with squid. Didn't know if maybe it had to do with available storage. Sent from my HTC - Reply message - From: Doug Lytle supp...@drdos.info To: pfSense Support and Discussion Mailing List list@lists.pfsense.org Subject: [pfSense] Setup advice Date: Sun, May 25, 2014 5:32 pm Brian Caouette wrote: How much space should be allocated for pfsense and squid? I don't use squid, but my pfsense VM total disk assigned in 8GB. Doug -- Ben Franklin quote: Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] vmware
4.1 appears to be the newest this hardware can use. On 5/28/2014 11:19 AM, Ryan Coleman wrote: 4.1? in /5.x/ you can assign VLANs to NICs and then different NICs to VMs. I don't know about 4.1. On May 28, 2014, at 10:11, Brian Caouette bri...@dlois.com mailto:bri...@dlois.com wrote: I'm looking to use vmware 4.1 on my poweredge 2850 when it arrives. I have a question on how virtual machines work. With a hardware configuration of two nics wan/lan how does each vm use them? Do I need a nic for each vm or as long as each ap is using a different port i'm good to go? I'm thinking a vm for pfsense, another vm for a webserver, etc... ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Setup advice
ops... hahaha yeah half gig. 512meg. On 5/28/2014 11:32 AM, Ryan Coleman wrote: You meant 512MB, not KILObyte On May 28, 2014, at 10:23, Brian Caouette bri...@dlois.com wrote: Not impossible. It ran well with a few packages. Only glitch I saw was the cpu would max out at times. Mostly when I had the dashboard open. Bandwidth bottle neck which I suspect was a result of my P2 433 not being able to handle the 15x1 cable connection and Squid had terrible hit ratios no mater when I tried. The system did work however and I ran it for several months before ordering a poweredge 2850 which i'm told is overkill but hey the price was right and I have room to grow. :-) On 5/28/2014 11:17 AM, Ryan Coleman wrote: I know pfsense will run on very limited specs but 512k(b) is a little extreme and I’m sure impossible :) On May 25, 2014, at 18:59, bri...@dlois.com wrote: Thank you for replying. Why so much? My test machine which I used to introduce myself to Pfsense had 512k ram and 4gig ram and it uses 45% of it. I have terrible hit ratios with squid. Didn't know if maybe it had to do with available storage. Sent from my HTC - Reply message - From: Doug Lytle supp...@drdos.info To: pfSense Support and Discussion Mailing List list@lists.pfsense.org Subject: [pfSense] Setup advice Date: Sun, May 25, 2014 5:32 pm Brian Caouette wrote: How much space should be allocated for pfsense and squid? I don't use squid, but my pfsense VM total disk assigned in 8GB. Doug -- Ben Franklin quote: Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Setup advice
I will be reinstalling on a new machine. I have 6 73 gig drives which I understand will give me 365 gig usable under raid 5. I'm thinking of using VMware free to create virtual systems. How much space should be allocated for pfsense and squid? This would be for a home network of about a dozen devices and a 15 meg cable connection. I'm thinking the rest would be used for nas. Suggestions there on something simple? Sent from my iPad ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Poweredge 2850
Are we talking fan noise? Hard drive noise? Also a comment was made about power. What are we talking? On 5/20/2014 2:59 AM, Giles Coochey wrote: On 20/05/2014 02:12, Chris Bagnall wrote: Forgive me for saying so, but that's a massive overkill for routing a 15Mbps connection. Granted, it'd be entirely appropriate if you were routing multiple gig transits in a datacentre environment where the power consumption might be justified, but in a home environment, you're just burning through electricity for the sake of it. Of course, if you're going to run pfSense as a VM under a hypervisor with several other VMs, then I take all the above back :-) Kind regards, Chris Not to mention that if I ran a PE 2850 at home there would probably be complaints about the noise!!! Those things *scream* in the audible sense!!! ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Poweredge 2850
For the price paid it can't be beat. I've seen smaller systems go for much more so figured I had room to grow. At some point I maybe be able to have to virtual machines on this unit and use one for a media center or cloud backup for the home business. Are their packages available for this? I don't really see anything that leads me to believe pfSense could be used in the way which is why I'm thinking virtual. What software is available to do virtual machines? On 5/20/2014 12:11 PM, Jason Pyeron wrote: -Original Message- From: Brian Caouette Sent: Tuesday, May 20, 2014 12:00 Are we talking fan noise? Hard drive noise? Also a comment was made about power. What are we talking? The general comments about how a PE2850 is overkill in the described home environment. On 5/20/2014 2:59 AM, Giles Coochey wrote: On 20/05/2014 02:12, Chris Bagnall wrote: Forgive me for saying so, but that's a massive overkill for routing a 15Mbps connection. Granted, it'd be entirely appropriate if you were routing multiple gig transits in a datacentre environment where the power consumption might be justified, but in a home environment, you're just burning through electricity for the sake of it. Of course, if you're going to run pfSense as a VM under a hypervisor with several other VMs, then I take all the above back :-) Kind regards, Chris Not to mention that if I ran a PE 2850 at home there would probably be complaints about the noise!!! Those things *scream* in the audible sense!!! -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100- - +1 (443) 269-1555 x333Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Version 2.1.2 - Thanks for the UNPRECEDENTED Levelof Support
No one has answered but I found that shutting of unbind and using the stock dnsforward fixed it. On 4/14/2014 5:17 PM, Brian Caouette wrote: I'm still not able to surf the net even with the 2.1.2 update if Captive Portal is active. The minute I disable it everything works fine. Not sure what is going on. Can anyone else confirm? On 4/12/2014 11:04 PM, Roberto Tufik wrote: +1 here Ryan Coleman ryanjc...@me.com escreveu na mensagem news:33110045-3714-4e0c-af18-8c24cbba8...@me.com... +1 -- Ryan Coleman ryanjc...@me.com m. 651.373.5015 o. 612.568.2749 On Apr 10, 2014, at 20:18, Mehma Sarja mehmasa...@gmail.com wrote: Thanks go out to Chris, Jim and the whole pfSense team for what must be back breaking work coming on the heels of the 2.1.1 release! This kind of commitment speaks volumes for the quality of products coming out of Netgate. Yudhvir ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list --- Este email está limpo de vírus e malwares porque a proteção do avast! Antivírus está ativa. http://www.avast.com ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Captive Portal Logout
I've spent most of the weekend trying to locate a variables resource that can be used for captive portal custom screens. What i'm looking for is a way to display time remaining for the session on the logout. Can this be done? ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] test
Not receiving list. Test. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] test
Thank you. First email received in almost a month. On 5/17/2014 6:06 PM, Ryan Coleman wrote: Received. On May 17, 2014, at 17:04, Brian Caouette bri...@dlois.com wrote: Not receiving list. Test. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] test
I see that I was just reviewing the archive. On 5/17/2014 6:14 PM, Ryan Coleman wrote: Hmm, that’s unfortunate. There’s been a lot going on here in the last month. On May 17, 2014, at 17:09, Brian Caouette bri...@dlois.com wrote: Thank you. First email received in almost a month. On 5/17/2014 6:06 PM, Ryan Coleman wrote: Received. On May 17, 2014, at 17:04, Brian Caouette bri...@dlois.com wrote: Not receiving list. Test. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Captive Portal Free Radius
I have have pfsense 2.1.3 and just today setup the freeradius2 package in conjunction with the captive portal. I am able to logon just fine and love the time limits and speed limits per user you can setup with the radius option vs the internal database. My problem is the when you try to logout it doesn't. This is what I see in the system log. May 17 17:44:42 radiusd[93753]: rlm_radutmp: Logout for NAS 192.168.1.1 port 4066, but no Login record May 17 17:18:28 check_reload_status: Reloading filter May 17 17:18:27 lighttpd[33618]: (server.c.1558) server stopped by UID = 0 PID = 87238 May 17 17:18:27 minicron: (/etc/rc.prunecaptiveportal) terminated by signal 15 (Terminated: 15) May 17 17:18:13 check_reload_status: Syncing firewall May 17 17:08:24 radiusd[93753]: Login OK: [test/test] (from client admin port 4068 cli 9c:04:eb:5b:86:88) May 17 17:08:10 radiusd[93753]: Ready to process requests. May 17 17:08:10 radiusd[93495]: Loaded virtual server default Is there is a fix for this? Is it a bug of configuration issue? ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] test
Spam assassin on my hosting account. I had to logon an white list and then I got your message. What I found odd was no record in the spam folder. On 5/17/2014 6:17 PM, Ryan Coleman wrote: I suspect your provider/service is at cause. I know Apple’s me.com doesn’t filter out the list so I use that and then have my Mac move the email to my private mail server. On May 17, 2014, at 17:16, Brian Caouette bri...@dlois.com wrote: I see that I was just reviewing the archive. On 5/17/2014 6:14 PM, Ryan Coleman wrote: Hmm, that’s unfortunate. There’s been a lot going on here in the last month. On May 17, 2014, at 17:09, Brian Caouette bri...@dlois.com wrote: Thank you. First email received in almost a month. On 5/17/2014 6:06 PM, Ryan Coleman wrote: Received. On May 17, 2014, at 17:04, Brian Caouette bri...@dlois.com wrote: Not receiving list. Test. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Test
Am I still on the list? ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Version 2.1.2 - Thanks for the UNPRECEDENTED Levelof Support
I'm still not able to surf the net even with the 2.1.2 update if Captive Portal is active. The minute I disable it everything works fine. Not sure what is going on. Can anyone else confirm? On 4/12/2014 11:04 PM, Roberto Tufik wrote: +1 here Ryan Coleman ryanjc...@me.com escreveu na mensagem news:33110045-3714-4e0c-af18-8c24cbba8...@me.com... +1 -- Ryan Coleman ryanjc...@me.com m. 651.373.5015 o. 612.568.2749 On Apr 10, 2014, at 20:18, Mehma Sarja mehmasa...@gmail.com wrote: Thanks go out to Chris, Jim and the whole pfSense team for what must be back breaking work coming on the heels of the 2.1.1 release! This kind of commitment speaks volumes for the quality of products coming out of Netgate. Yudhvir ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list --- Este email está limpo de vírus e malwares porque a proteção do avast! Antivírus está ativa. http://www.avast.com ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Problem with lots of dhcpleases processes
On 4/9/2014 1:30 PM, Jim Pingle wrote: On 4/9/2014 11:21 AM, Brian Caouette wrote: On 4/9/2014 11:05 AM, Jim Pingle wrote: On 4/9/2014 9:34 AM, Raimund Sacherer wrote: the last weekend I took a new firewall in production, the server is a Dell R210 with 2 port intel card (igb) . today I checked the system and I encountered the following, any idea why I have so much dhcpleases processes? Can I kill them without problems? Usually it's due to a bad/stale PID file in /var/run There's a fix for this coming also along with the heartbleed ssl fix should be later today. Jim ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list Captive Portal bug being fixed too? I had to disable the CP after the 2.1.1 update to be able to surf again. Yes that one too it was a typo that has been corrected. Jim ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list Will it show on dashboard as available or ??? ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Network Traffic Monitoring w/o Webgui
What about using mrtg to graph the various interfaces? Does PF support this? On 4/7/2014 12:54 PM, Jim Pingle wrote: On 4/7/2014 12:29 PM, James Caldwell wrote: Happy Monday list... Does anyone have a preferred way of monitoring over all traffic throughput for various interfaces via shell/putty instead of having to remain logged in to the webgui? I have several alix based appliances that have had their ISP connections upgraded and I am trying to remain outside the web interface as much as possible due to the load that it puts on the system. Any thoughts or experience is appreciated. The iftop package is great for this. Install it from the GUI and then from the shell run it like so: iftop -nNpPi vr0 (Serving suggestion, salt to taste) Jim ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] pfSense version 2.1.1 has been released
I noticed everything stopped working after update. After a few days pulling hair I've found that disabling captive portal allows me to surf the net again. Problem being we no longer have security without the Captive Portal. On 4/4/2014 11:58 AM, Jim Thompson wrote: Please see the blog post https://blog.pfsense.org/?p=1238 or changelog https://doc.pfsense.org/index.php/2.1.1_New_Features_and_Changes for details. Happy upgrading. Jim ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] pfSense version 2.1.1 has been released
I love the CP. Have some nice customs screens made up for it. Not sure what happen. On 4/7/2014 1:26 PM, Ryan Coleman wrote: Good to know - we're pushing the CP at the pub in a few weeks and this would be troubling. On Apr 7, 2014, at 12:25 PM, Brian Caouette bri...@dlois.com mailto:bri...@dlois.com wrote: I noticed everything stopped working after update. After a few days pulling hair I've found that disabling captive portal allows me to surf the net again. Problem being we no longer have security without the Captive Portal. On 4/4/2014 11:58 AM, Jim Thompson wrote: Please see the blog post https://blog.pfsense.org/?p=1238 or changelog https://doc.pfsense.org/index.php/2.1.1_New_Features_and_Changes for details. Happy upgrading. Jim ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Network Traffic Monitoring w/o Webgui
What is Cacti? FOSS? On 4/7/2014 1:42 PM, Walter Parker wrote: I'd expect that you should be able to enable SNMP, set a non default password (please don't use public) and add a firewall rule to allow UDP on port 161 to/from your mrtg server. I'd recommend using Cacti as your mrtg server (if you want a FOSS solution). Walter On Mon, Apr 7, 2014 at 10:23 AM, Brian Caouette bri...@dlois.com mailto:bri...@dlois.com wrote: What about using mrtg to graph the various interfaces? Does PF support this? On 4/7/2014 12:54 PM, Jim Pingle wrote: On 4/7/2014 12:29 PM, James Caldwell wrote: Happy Monday list... Does anyone have a preferred way of monitoring over all traffic throughput for various interfaces via shell/putty instead of having to remain logged in to the webgui? I have several alix based appliances that have had their ISP connections upgraded and I am trying to remain outside the web interface as much as possible due to the load that it puts on the system. Any thoughts or experience is appreciated. The iftop package is great for this. Install it from the GUI and then from the shell run it like so: iftop -nNpPi vr0 (Serving suggestion, salt to taste) Jim ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandeis ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] 2.1 can't auto-update anymore?
I see the same thing. I also notice I can no longer get online. I haven't touched the box in over a month. It went from working to not working. I can only assume its related to the auto update to 2.1.1 On 4/5/2014 2:40 PM, Adam Thompson wrote: On 14-04-05 01:31 PM, Adam Thompson wrote: My own 2.1-release pfSense now can't auto-update. After updating from the console to 2.1.1, the web GUI *still* can't handle auto-update checking. Ordinarily, I'd assume misconfiguration, but the only thing affected is the web UI. WTF? -- -Adam Thompson athom...@athompso.net ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Fwd: lighttpd errors
How can this happen with only two computers powered up on the lan? Any way to get more details? On 3/19/2014 7:58 AM, Brian Caouette wrote: Original Message Subject:lighttpd errors Date: Thu, 13 Mar 2014 12:34:37 -0400 From: Brian Caouette bri...@dlois.com To: pfSense support and discussion list@lists.pfsense.org Any idea why I would have this? Mar 13 09:43:13 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.30 turned away. Too many connections. Mar 13 09:43:12 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.30 turned away. Too many connections. Mar 13 09:43:10 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.30 turned away. Too many connections. Mar 13 09:43:10 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.30 turned away. Too many connections. Mar 13 09:43:10 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.30 turned away. Too many connections. Mar 13 09:43:10 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.30 turned away. Too many connections. Mar 13 09:43:10 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.30 turned away. Too many connections. Mar 13 09:43:10 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.30 turned away. Too many connections. Mar 13 09:43:10 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.30 turned away. Too many connections. Mar 13 09:43:10 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.30 turned away. Too many connections. Mar 13 07:27:01 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.40 turned away. Too many connections. Mar 13 07:26:59 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.40 turned away. Too many connections. Mar 13 07:26:59 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.40 turned away. Too many connections. Mar 13 07:26:59 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.40 turned away. Too many connections. Mar 13 07:26:59 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.40 turned away. Too many connections. Mar 13 07:26:58 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.40 turned away. Too many connections. Mar 13 07:26:46 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.40 turned away. Too many connections. Mar 13 07:26:46 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.40 turned away. Too many connections. Mar 13 07:26:46 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.40 turned away. Too many connections. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Fwd: lighttpd errors
Original Message Subject:lighttpd errors Date: Thu, 13 Mar 2014 12:34:37 -0400 From: Brian Caouette bri...@dlois.com To: pfSense support and discussion list@lists.pfsense.org Any idea why I would have this? Mar 13 09:43:13 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.30 turned away. Too many connections. Mar 13 09:43:12 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.30 turned away. Too many connections. Mar 13 09:43:10 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.30 turned away. Too many connections. Mar 13 09:43:10 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.30 turned away. Too many connections. Mar 13 09:43:10 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.30 turned away. Too many connections. Mar 13 09:43:10 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.30 turned away. Too many connections. Mar 13 09:43:10 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.30 turned away. Too many connections. Mar 13 09:43:10 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.30 turned away. Too many connections. Mar 13 09:43:10 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.30 turned away. Too many connections. Mar 13 09:43:10 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.30 turned away. Too many connections. Mar 13 07:27:01 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.40 turned away. Too many connections. Mar 13 07:26:59 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.40 turned away. Too many connections. Mar 13 07:26:59 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.40 turned away. Too many connections. Mar 13 07:26:59 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.40 turned away. Too many connections. Mar 13 07:26:59 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.40 turned away. Too many connections. Mar 13 07:26:58 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.40 turned away. Too many connections. Mar 13 07:26:46 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.40 turned away. Too many connections. Mar 13 07:26:46 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.40 turned away. Too many connections. Mar 13 07:26:46 lighttpd[58752]: (mod_evasive.c.183) 192.168.1.40 turned away. Too many connections. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Fwd: Firewall Log
Original Message Subject: Firewall Log Date: Thu, 13 Mar 2014 12:48:33 -0400 From: Brian Caouette bri...@dlois.com To: pfSense support and discussion list@lists.pfsense.org Also seeing this in the log: Mar 13 11:37:36 WAN 0.0.0.0:68 255.255.255.255:67 UDP Mar 13 11:37:35 WAN 0.0.0.0:68 255.255.255.255:67 UDP Mar 13 11:37:34 WAN 0.0.0.0:68 255.255.255.255:67 UDP Mar 13 10:38:46 WAN 0.0.0.0:68 255.255.255.255:67 UDP Mar 13 10:38:44 WAN 0.0.0.0:68 255.255.255.255:67 UDP Mar 13 10:38:43 WAN 0.0.0.0:68 255.255.255.255:67 UDP Mar 13 09:58:24 WAN 0.0.0.0:68 255.255.255.255:67 UDP Mar 13 09:58:23 WAN 0.0.0.0:68 255.255.255.255:67 UDP ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Captive Portal: Per-client speed
That connection should be more then sufficient for most people. If it were me I would throttle at 1x512 or even 512 x 512. Web surfing and email by nature are burst traffic so everyone should be happy. Smart phone and tablets are a good match. I serious doubt people are going to be streaming video in a bar so I don't foresee any issues. On 3/5/2014 1:31 PM, Ryan Coleman wrote: It appears I can throttle individual users on the Captive Portal, but how can I limit the speed of that entire network? Is that through Traffic Shaping? And how would I do that? The bar, I’m afraid, only has a 12x1 DSL connection. I might be able to convince them to upgrade the speed but that’s a shot in the dark. And from the looks of the options at their provider it’s slim pickings. TIA, Ryan ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Captive Portal questions - Interstitial page
On 2/27/2014 11:17 AM, Ryan Coleman wrote: Can I have the interstitial page go straight to a website to handle everything? Rather than locally handled on the system? I am activating this feature at a bar where I do tech work and would prefer to manage everything back on our website rather than trying to maintain code on the controller. TIA. — Ryan ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list Why not just provide a link from your current system to that of the user manager of PFS? ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] CPU
Another update. The problem lies with Chrome. When running Chrome under Windows 7 the CPU is stuck at updating in 10 seconds it never changes. Running Firefox on the same PC at the same time I show the CPU does indeed update but never on Chrome. There is something different between these browsers that is preventing the update. Brian On 2/24/2014 7:21 AM, Brian Caouette wrote: That was weird. It just started working again. Just let it sit over night. On 2/23/2014 10:15 AM, Brian Caouette wrote: The CPU readout on the dash board has stopped updating. It's stuck on updating in 10 seconds. I've rebooted thinking it would help reset but it hasn't changed after running all night. Any ideas? Brian ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] CPU
This is 2.1.1 installed yesterday. On 2/24/2014 8:55 AM, Jim Pingle wrote: On 2/24/2014 8:45 AM, Brian Caouette wrote: Another update. The problem lies with Chrome. When running Chrome under Windows 7 the CPU is stuck at updating in 10 seconds it never changes. Running Firefox on the same PC at the same time I show the CPU does indeed update but never on Chrome. There is something different between these browsers that is preventing the update. There was a fix between 2.1 and 2.1.1 for something similar. IIRC it was an old widget that was disabled/removed but still in the config causing a JavaScript error. Try it with 2.1.1 https://forum.pfsense.org/index.php/topic,71546.0.html Jim ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list