Re: [pfSense Support] User with limited privileges
To my belief there are no users to create in 1.2.3 ! This would only work on a 2.0 platform... unless there is a hidden way to make this work ofcourse :) On Fri, Feb 25, 2011 at 3:25 PM, RB aoz@gmail.com wrote: On Fri, Feb 25, 2011 at 05:53, Carlos Vicente cjpvice...@gmail.com wrote: My question is: is there a way of creating a user, without elevated privileges, to give access only to the reports of LightSquid. I don't want any client to have access the others features of pfSense. No, not in pfSense 1.2.3. Multi-user authentication and user-specific privileges were introduced in 2.0 and have worked quite well for nearly as long as the 2.0 development has been going on. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] User with limited privileges
oops, didn't see that the same response has been given already... sorry On Mon, Feb 28, 2011 at 1:55 PM, Michel Servaes mic...@mcmc.be wrote: To my belief there are no users to create in 1.2.3 ! This would only work on a 2.0 platform... unless there is a hidden way to make this work ofcourse :) On Fri, Feb 25, 2011 at 3:25 PM, RB aoz@gmail.com wrote: On Fri, Feb 25, 2011 at 05:53, Carlos Vicente cjpvice...@gmail.com wrote: My question is: is there a way of creating a user, without elevated privileges, to give access only to the reports of LightSquid. I don't want any client to have access the others features of pfSense. No, not in pfSense 1.2.3. Multi-user authentication and user-specific privileges were introduced in 2.0 and have worked quite well for nearly as long as the 2.0 development has been going on. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Traffic that is explicitly allowed occasionally blocked
2.0-BETA5 (i386) built on Mon Feb 21 15:43:32 EST 2011 I am seeing the above occur maybe once a day or once every other day, but the source IP address is in an alias that is a list of aliases (and that list contains my mail server aliases). Whenever I see this, I manually try to telnet to the same IP on port 25 and the traffic is passed, yet the mail server shows a failed connection attempt in the logs which coincides with the firewall log as above. I have a rule that explicitly allows port tcp/25 as a destination from my inbound mail servers alias group, and then there is a rule right beneath that rule that explicitly blocks outbound SMTP from all IP addresses on the subnet, and I have logging turned on for that rule. So, the rule beneath the one that should be triggered is being triggered instead. Is there a Bug/Race condition in rule evaluation?? Dimitri Rodis Integrita Systems LLC http://www.integritasystems.com inline: image001.png
Re: [pfSense Support] Traffic that is explicitly allowed occasionally blocked
On Mon, Feb 28, 2011 at 12:51 PM, Dimitri Rodis dimit...@integritasystems.com wrote: *2.0-BETA5 *(i386) built on Mon Feb 21 15:43:32 EST 2011 I am seeing the above occur maybe once a day or once every other day, but the source IP address is in an alias that is a list of aliases (and that list contains my mail server aliases). Whenever I see this, I manually try to telnet to the same IP on port 25 and the traffic is passed, yet the mail server shows a failed connection attempt in the logs which coincides with the firewall log as above. I have a rule that explicitly allows port tcp/25 as a destination from my inbound mail servers alias group, and then there is a rule right beneath that rule that explicitly blocks outbound SMTP from all IP addresses on the subnet, and I have logging turned on for that rule. So, the rule beneath the one that should be triggered is being triggered instead. Is there a Bug/Race condition in rule evaluation?? No, those are RSTs and FINs coming after the state is closed, expected behavior. http://doc.pfsense.org/index.php/Logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection,_why%3F http://doc.pfsense.org/index.php/Logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection,_why%3F image001.png
RE: [pfSense Support] Traffic that is explicitly allowed occasionally blocked
No, those are RSTs and FINs coming after the state is closed, expected behavior. http://doc.pfsense.org/index.php/Logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection,_why%3F Ok, but unless I'm misunderstanding, I am not logging packets blocked by the default rule, so why would this be logged? And how do I know which rule was applied to this traffic like in the screenshot above? [cid:image001.png@01CBD738.2C9B5970] inline: image001.png
Re: [pfSense Support] OpenNTP
On Thu, Feb 24, 2011 at 3:22 PM, Fabian Abplanalp fabian.abplan...@bug.ch wrote: Sawadeekap Is it possible to connect a serial DCF or GPS clock to a pfSense box, or are the drivers missing in the OpenNTP package? Is it possible to set the parameters manually in a config File? Haven't tried it, though we do have the PPSSYNC kernel bits so it should work. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] restart command
Hi, i've been searching in the internet for a linux command that can send a restart command to a windows PC, i'm not quite sure if this could be achieved but i'm having a pfsense 1.2.3 box that is connected to 10 PC's in a LAN and i'm just trying to build up a sequence here on how could each PC on the LAN restart itself after ending their internet session. Something similar to TCP/IP ports when the internet sesion is ended from pfsense each TCP/IP port activate a command to tell the PC to restart. I have been trying some batch file or DOS command process but could not complete the requirements. Has anyone ever tried this application before. Appreciate any advise on how I could test it out. Thanks Joseph.
Re: [pfSense Support] restart command
This may help you a bit: http://lifehacker.com/#!5275652/shut-down-your-windows-pc-remotely-from-linux http://lifehacker.com/#!5275652/shut-down-your-windows-pc-remotely-from-linux Moshe -- Moshe Katz -- mo...@ymkatz.net -- +1(301)867-3732 On Mon, Feb 28, 2011 at 6:18 PM, Joseph Rotan joseph.ro...@gmail.comwrote: Hi, i've been searching in the internet for a linux command that can send a restart command to a windows PC, i'm not quite sure if this could be achieved but i'm having a pfsense 1.2.3 box that is connected to 10 PC's in a LAN and i'm just trying to build up a sequence here on how could each PC on the LAN restart itself after ending their internet session. Something similar to TCP/IP ports when the internet sesion is ended from pfsense each TCP/IP port activate a command to tell the PC to restart. I have been trying some batch file or DOS command process but could not complete the requirements. Has anyone ever tried this application before. Appreciate any advise on how I could test it out. Thanks Joseph.
[pfSense Support] 2.0-RC1 now available!
http://blog.pfsense.org/?p=585 - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org