Just upgraded to latest, 2.0-RC1-IPv6 (i386)
built on Fri Jun 17 22:47:41 EDT 2011 and package
reinstallation screen doesn't seem to want to go away.
Any way to purge the packages, or trigger reinstallation?
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
This being the World IPv6 day, I enabled IPv6 on three pfSense
instances, using the excellent http://iserv.nl/files/pfsense/ipv6/
(thanks, Seth!) without problems.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
on line 754
Any idea how to blow away these without screwing up the system?
Command line, perchance? Thanks.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http
On Thu, Mar 03, 2011 at 05:03:28PM +0100, Eugen Leitl wrote:
Preparing upgrade of our production firewall to 2.0RC
I've purged all the packages.
However, I'm stuck with the following three which are
broken:
Lightsquid
Warning: main(squid.inc): failed to open stream: No such file
-
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
On Wed, Feb 02, 2011 at 01:11:19PM +0100, Eugen Leitl wrote:
http://www.newit.co.uk/shop/proddetail.php?prod=DreamPlug
According to a /. thread the GuruPlug was a POS. Major thermal
issues, inability to drive two GBit ports at the same time, etc.
Sheevaplug was purportedly quite usable.
So
FYI, I've decided to not risk Netgear (more advanced features,
and likely partly or mostly broken, bad support, bad documentation)
and decided to connect the two storeys via 10G over 50 um MMF,
using a pair of X130 10G SFP+ LC SR and a pair of HP E4210-48G
(HP, former 3Com).
--
Eugen* Leitl
.
-Adam Thompson
athom...@athompso.net
-Original Message-
From: Eugen Leitl [mailto:eu...@leitl.org]
Sent: Wednesday, January 12, 2011 15:11
To: discussion@pfsense.com
Subject: [pfSense-discussion] anyone using Netgear GSM7352S-200 ?
This is offtopic, but I figured this would
currently using Netgear and HP ProCurve, and
thought to upgrade to Juniper, or at least ProCurve, but have
severe budget issues: 6 kEUR for 2 48-port switches).
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100
want to pick a particular
WAN? By host IP, by traffic type (e.g. ftp) or
by creating a different gateway in the LAN, and
switching the downloading host to said gateway
manually? There are probably more elegant ways
to do it.
How do you solve this?
--
Eugen* Leitl a href=http://leitl.org;leitl
, that would be manually adding gateway to host.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
I'm screwed up after yesterday's update. The firewall
stopped routing after yesterday's upgrade
to 2.0-BETA5 built on Sat Jan 1 17:53:01 EST 2011
The firewall seems to see everthing
(with the exception of package updates:
Unable to communicate with www.pfsense.com. Please
verify DNS and
On Sun, Jan 02, 2011 at 12:23:13PM +0100, Alexander Lesle wrote:
Guten Tag Eugen Leitl,
Thanks Alexander. I've put up my backup ALIX meanwhile,
which I keep around for such just purposes. I'll try
to download the latest snapshot .iso, and reinstall
from scratch. Resetting to factory defaults
, after take and nuke from orbit (reinstall latest
snashot .iso) it's Just Working.
Apparently there's some configuraction cruft accumulating
on boxes which have been around for a while and been
updated several times which isn't nuked when reset to
factory defaults.
--
Eugen* Leitl a href=http
and upgrade two firewalls
I have at the colo. I'll report if there are problems.
The failure almost certainly had something to do with their inability to
be resync'd after the upgrade.
I think I found the cause of that though, trying to get it going again now.
--
Eugen* Leitl a href=http
or should I wait?
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
. :)
--
Leo Bicknell - bickn...@ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
- End forwarded message -
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820
improvising something
on the OS X box with its native firewalling?
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A
On Fri, Nov 26, 2010 at 01:19:15PM +0100, Eugen Leitl wrote:
I have a single (OS X) box on home LAN, which I would like
to block all traffic against a specific country, or several
countries.
There's a pfSense 2.0 package for that (which I haven't been
able to make to work yet
- Forwarded message from Joel Jaeggli joe...@bogus.com -
From: Joel Jaeggli joe...@bogus.com
Date: Tue, 16 Nov 2010 19:36:10 +0800
To: Eugen Leitl eu...@leitl.org
CC: Jason Lewis jle...@packetnexus.com, NANOG list na...@nanog.org
Subject: Re: Low end, cool CPE.
User-Agent: Mozilla/5.0
handling needs a chapter on it's
own
The point is: We've been asking for IPv6 for too long. That's just
one bit in a packet header. We need to start asking for the features we
expect, which is a lot more than that bit.
Bjørn
- End forwarded message -
--
Eugen* Leitl a href
/20101006 Thunderbird/3.1.5
On 11/12/2010 01:24 AM, Eugen Leitl wrote:
On Thu, Nov 11, 2010 at 05:41:00PM -0800, Leo Bicknell wrote:
I've run into a number of low end CPE situations lately where I
haven't found anything that does what I want, but I have to believe
it is out there. I'm hoping NANOG
AS?
How would one go about to make sure one's modifications
do not get published by mistake? I'd rather try to avoid
screwing up somebody's routes by a rookie mistake, for
obvious reasons. This is just a lab.
Thanks!
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
On Tue, Oct 26, 2010 at 11:53:19PM -0400, Chris Buechler wrote:
On Tue, Oct 26, 2010 at 3:59 PM, Eugen Leitl eu...@leitl.org wrote:
It would probably still beat my 4x NIC 1.6 GHz dual-core Atoms
(about Pentium 3 level of performance)
You'd be surprised - a dual core Atom is considerably
On Tue, Oct 26, 2010 at 11:53:19PM -0400, Chris Buechler wrote:
On Tue, Oct 26, 2010 at 3:59 PM, Eugen Leitl eu...@leitl.org wrote:
It would probably still beat my 4x NIC 1.6 GHz dual-core Atoms
(about Pentium 3 level of performance)
You'd be surprised - a dual core Atom is considerably
On Wed, Oct 27, 2010 at 11:14:47AM +0200, Eugen Leitl wrote:
On Tue, Oct 26, 2010 at 11:53:19PM -0400, Chris Buechler wrote:
On Tue, Oct 26, 2010 at 3:59 PM, Eugen Leitl eu...@leitl.org wrote:
It would probably still beat my 4x NIC 1.6 GHz dual-core Atoms
(about Pentium 3 level
.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
still beat my 4x NIC 1.6 GHz dual-core Atoms
(about Pentium 3 level of performance), albeit not by
much, and not by pps/W.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com
kraut
http://www.heise.de/ct/inhalt/2010/22/178/
/kraut
Four-page article by Karsten Violka.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
.
Anyone here doing that? Works well? Care to share details of
your setup?
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3
On Wed, Jul 28, 2010 at 09:58:00AM -0400, Scott Ullrich wrote:
On Wednesday, July 28, 2010, Eugen Leitl eu...@leitl.org wrote:
http://www.freebsd.org/releases/8.1R/announce.html is out. Will
pfSense 2.0 get this?
We already have FreeBSD 8.1 on 2.0 snapshots.
Thanks.
Is boot from zfs
On Sun, May 02, 2010 at 04:36:00PM -0400, Chris Buechler wrote:
On Sun, May 2, 2010 at 2:30 PM, Scott Lambert lamb...@lambertfam.org wrote:
On Sun, May 02, 2010 at 01:03:50PM +0200, Eugen Leitl wrote:
I'm attempting to simulate a production network 88.198.238.112/28
with gateway
On Sun, May 02, 2010 at 09:48:02AM -0400, Evgeny Yurchenko wrote:
Eugen Leitl wrote:
I'm attempting to simulate a production network 88.198.238.112/28
with gateway 88.198.238.113 on the OPT1 interface (set to 88.198.238.113)
but I'm too dense to figure out how override the default route, which
), uid 0: exited on signal 11
pid 976 (radiusd), uid 0: exited on signal 11
pid 579 (racoon), uid 0: exited on signal 11 (core dumped)
in the logs. Time to uninstall all the packages...
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
.
I'd rather not burn more than a TByte or two traffic/month right now,
though.
Any other suggestions?
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
have to run a very large number of Tor instances
throttled behind that, which would overwhelm my current
hardware resources. This is probably not what you had
in mind. Can you explain a bit more please? Thanks.
Greg
From: Eugen Leitl [eu...@leitl.org
for these.
I wish I had a problem with bandwidth to spare. :)
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779
On Mon, Mar 08, 2010 at 01:30:08PM +0100, Matthias May wrote:
You can download a pre-moddified 1 Gbyte version here:
https://home.zhaw.ch/~maym/pfSense-1.2.3-RELEASE-1g-nanobsd_WRAP.img.gz
Thanks! Much appreciated.
Greetings
Matthias May
Eugen Leitl wrote:
Does anyone have the 1 GByte
Does anyone have the 1 GByte 1.2.3 image modified for WRAP
around? Thanks.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3
I've seen on the forums quite a few people have been having
snort rules issues like
Feb 26 15:22:14 pfsense snort[9427]: FATAL ERROR: Warning:
/usr/local/etc/snort/rules/smtp.rules(62) = Unknown keyword '
detection_filter' in rule!
Is that fixed in snort-dev? Any known workarounds?
--
Eugen
On Fri, Feb 26, 2010 at 11:21:52AM -0500, Jim Pingle wrote:
On 2/26/2010 10:26 AM, Eugen Leitl wrote:
There's no way to get snort to run on an ALIX, am I correct?
It should work but you must be _very_ frugal in choosing the (few) rule
sets you want to load. Also setting it to lowmem
. Compare that to an ALIX...
seems like a great placa for a pfSense :)
Would think so, too. The only problem is that's it has only
two physical NICs. Many things in pfSense need at least one OPT.
let's hope pfSense guys have plans and resources for this ;)
--
Eugen* Leitl a href=http://leitl.org
I see there are no multiple fields for subnets in the WAN interface.
My ISP doles out networks as /24 as the largest chunk. Does this mean
I can't add a second subnet in the pfSense GUI and have to use the
command line, or do it in FreeBSD?
--
Eugen* Leitl a href=http://leitl.org;leitl/a http
What do you people use to do IDS/IPS with pfSense? Which packages
do you use (snort, etc) and how do you use them?
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http
was formerly free will have a yearly fee starting with
2010.
least 2 upstreams.
An upstream is at least several hundred euros/month. It will
be a while before I can afford that.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
pigeons bearing
flash, the logic is the same.
Arguably L2 stuff like MAC assigment would do for spatial/geographic
routing, at least coarsely. Much simpler than meshing L3/L4 switches.
Ok, where are my meds now?
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
of authentication will the BGP need, and how difficult is
it to screw up (not just for me, I can recover from that --
I worry about screwing up somebody else's routes).
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100
public IPs and can be fully routed
even though then directly exposed to the hostile
Internet).
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE
. Of course
by the time I will add a second Ethernet line from the router
I will have enough critical systems up so that service down
time should be down at a minimum.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM
credit cards.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
Just ordered mine.
http://www.amazon.com/gp/product/0979034280?ie=UTF8tag=pfsense-20linkCode=as2camp=1789creative=9325creativeASIN=0979034280
Now up on Amazon.
Finally, comprehensive documentation for pfSense is available in print!
Table of contents is available here.
More Wednesday when I
, but I need to get IPsec working as well.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
On Tue, Nov 03, 2009 at 10:33:40AM -0500, Scott Ullrich wrote:
On Tue, Nov 3, 2009 at 7:45 AM, Eugen Leitl eu...@leitl.org wrote:
Anyone has a working IPsec config with a virtual OPT device (VIP or similar)
you could share?
I've made a tunnel (one end is transparent bridge, terminated
On Thu, Oct 15, 2009 at 10:10:59AM +0200, Eugen Leitl wrote:
I've updated 1.2.3RC3 on a SunFire X2100 M2 yesterday without
a hitch. Same upgrade on ALIX takes now about an hour. What's
the name of the upgrade process? bsdtar isn't running according
to ps -aux
Update: the system crashed
to the .tgz update file:
/root/pfSense-Full-Update-1.2.3-RC3.tgz
One moment please... Invoking firmware upgrade...
/etc/rc.firmware: Input/output error
*** Welcome to pfSense 1.2.2-pfSense on pfsense ***
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
On Thu, Oct 15, 2009 at 11:40:50AM +0200, Eugen Leitl wrote:
Aargh -- you might have found the real culprit there.
Unfortunately, meanwhile I figured out that the error
message was due to a corrupt /etc/rc.upgrade (read error,
I presume the flash is fried). I've copied it over from
a known
a VIA crypto engine wouldn't outperform the Atom.
Apparentely, next-generation Intel and AMD chips will support e.g. AES
directly in hardware. Don't know what took them so long.
yeah, you'd have thunk it. maybe intel have shares in Rainbow Technologies?
--
Eugen* Leitl a href=http://leitl.org
Anyone aware of commercial seller of ALIX with pfSense preinstalled,
preferrably in Europe? A customer of mine needs one, and I'm not
feeling like rolling one myself.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
Anyone tunnelling Teredo through pfSense? Does it work?
What do I have to do to use it?
Thanks.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
commands, e-mail: discussion-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
that the setup works?
Thanks.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
On Sat, Jun 27, 2009 at 11:12:54PM +0200, Holger Bauer wrote:
Usually they should be forwarded as is but I have seen some switches
also dropping them. I have used this kind of setup several times
already successfully. for example I had a completely dumb unmanaged
netgear poe switch that was
in
general? Any pointers?
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
if you're worried about running out.
What can be some of the problems with a private /16 address space?
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http
.
(we do something similar, vlan N is 192.168.N/24. it's bad practise to
use vlan1 so we start at 2)
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
On Fri, Apr 03, 2009 at 12:34:26PM -0700, David Rees wrote:
(we do something similar, vlan N is 192.168.N/24. it's bad practise to
use vlan1 so we start at 2)
I'm fairly new to VLANs - why is it bad practice to use vlan1?
Because VLAN ID 1 is the default VLAN?
--
Eugen* Leitl a href=http
I've added a VLAN (VLAN 802.1q tag 3) interface BACKUP with 10.10.10.1/24
and defined the VLAN on the switch.
I've put a host 10.10.10.10 on that switch VLAN:
backup:~# ifconfig
eth1 Link encap:Ethernet HWaddr 00:e0:81:5e:4b:37
inet addr:10.10.10.10 Bcast:10.10.10.255
On Tue, Mar 03, 2009 at 08:25:16AM -0700, RB wrote:
On Tue, Mar 3, 2009 at 03:11, Eugen Leitl eu...@leitl.org wrote:
I can ping LAN fine from that host but no WAN address. That is not
a huge problem, but I'd like to patch the box and install software
WAN-side.
snip
Any idea what is wrong
and self-healing functions. Btrfs might be there
eventually, but for time being if FreeBSD gets great zfs support with a
nice m0n0-like front end that would work for me.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM
occasional read-mostly single
or couple users access.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443
A customer/friend of mine needs a large (some 10 TByte) online storage.
So far the optimal match looks like FreeNAS + zfs + RAID-Z, which
is currently in pre-alpha (0.7 nightly builds). No firewall or VPN,
though.
IIRC one developer (Chris?) mentioned a number of different pfSense
possible
look like the best match, and since FreeNAS has a nice web
admin interface it's a better match than OpenSolaris.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http
On Sat, Jan 24, 2009 at 04:16:07PM +0100, Rainer Duffner wrote:
Ten TB?
Starting with about four, expandable to ten or higher. I've
seen SuperMicro SATA boxes which take 12 hotplug SATA drives
in 2U, twice that with 2.5 drives.
Right now WD consumer TByte drives go for 80 EUR, RE3 for 130.
I
be able to handle 12/80 aggregate trafic, or will I peak
before?
Will this still work with traffic shaping (I'm not currently using it)?
What about dyndns? Is it possible to track two IPs with two different
DynDNS names?
Thanks.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
My ALIX just arrived. I've had issues with the 1.2.1 1GB ad0
image from http://www.hacom.net//catalog/pub/pfsense/
Anyone knows which images work on ALIX? Sandisk Extreme III 1.0 GB
here.
Oh, and happy new, to all of you.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
On Tue, Dec 30, 2008 at 07:01:48PM +0100, Eugen Leitl wrote:
My ALIX just arrived. I've had issues with the 1.2.1 1GB ad0
image from http://www.hacom.net//catalog/pub/pfsense/
Ok, the issues were probably that it just didn't echo the boot
messages on serial. I took the long route via a 1.2
On Mon, Dec 22, 2008 at 05:26:24PM +, Paul Mansfield wrote:
we've been a close observer of low-power CPUs and chipsets, because a
lot of our costs are colocation fees which are mainly about power.
In theory Pouslbo/US15W is much more efficient than the usual atom +
desktop chipset, but
manually. It doesn't seem a big problem so far.
Any specific settings I should use for future occurences of syn
flood DoS (assuming, it's a syn flood)?
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100
a bounty issue I'm willing to chip in with an additional $50.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0
On Sun, Oct 26, 2008 at 05:56:58PM +0100, Eugen Leitl wrote:
I've been trying to get 1.2 full install to boot on my WRAP
from a 4 GByte Transcend CF, unfortunately unsuccessfully
(when installing from physical desktop I've gotten a LUA
install error, in VMWare the result was not bootable
.
Thanks!
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
I'm thinking about trying the full instead of embedded
install on WRAP/ALIX devices, on compact flash. With increased
sizes and better flash it seems a year or a couple is a reasonable
lifetime to expect in a domestic usage pattern these days.
Have any of you made especially good/bad
on an OPT
interface this will work fine.
Unfortunately, I have only WAN and LAN. a) Is there a way to set
up a routed subnet via Virtual IPs?
b) assuming yes, how I do that?
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
bridging LAN, like I would recommend disabling the webGUI
antilockout rule.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014
I have a pair of pfsense 1.2.1-RC1 working in a poor man's
failover (a parallel pair of transparent bridges).
Had a problem with DNS lookup blockage, the problem is that
LAN was on a different subnet. Put them on the same network
(different from WAN) and things work now. Failover is some 20-30
.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
server has closed connection
ftp
Does this ring a bell? Any easy fixes?
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014
forward to 1.3, since my IPsec VPNs still don't work :(
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443
not
solely rely on random source sources.
There is a little bit more information about this security problem on Dan
Kaminsky's blog.
Should be we getting worried now?
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM
I'm highly clueless about *BSD matters, does anyone know
of ongoing projects to make either http://code.google.com/p/obstcp/
or BTNS (IETF draft) happen on FreeBSD, so that pfSense
can ultimatively profit from it?
(In regards to BTNS, I've been told that connection latching has
been in Solaris
would be best. But any small brick or 19 1U form factor
ok, too.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A
),
doesn't have decent NICs (it seems Atom boards have Realteks?),
especially 2-3 of these onboard.
(I know, I know http://i-want-a-pony.com/ ).
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820
the recipient
request headers out?
The correct course of action is to boot him off on first offense.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
Service
was received by: [EMAIL PROTECTED]
at: 03/06/2008 09:22:47 EST
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014
be picky with memory.
I would go for any low-power system, but I need good crypto
(IPsec/OpenVPN) support -- pfsense 1.2 claims massive improments
here.
What are you people using? Complete system suggestions are fine,
too, as long they ship to EU.
--
Eugen* Leitl a href=http://leitl.org;leitl
Unfortunately, it seems that I need to support VPN warriors on
Vista. Do I have a chance to terminate IPsec tunnels directly in
Vista, or should I skip that, and do OpenVPN instead?
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
inside my
home firewall (NATted).
Is there a trick to it, or does this configuration simply not work?
Thanks,
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http
daughtercard,
but I'm not at all sure it would fit. http://www.mini-itx.com/store/?c=3
says Jetway C7 boards will fit, but backplates are not available..
Anyone tried fitting Jetway C7 boards in there? Did it work?
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
be available soon at prices similar to the WRAP boards.
...
Anyone knows how well AMD Geode LX does accelerated IPsec on FreeBSD?
My web searches so far are inconclusive.
--
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
1 - 100 of 147 matches
Mail list logo