[pfSense] http traffic block and redirect
I need to block all http and https traffic through the WAN connections and redirect the traffics through a server on the LAN. How can I achieve this?___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Squid package syslog
I am trying to setup Cyberoam iView for squid. It appears it simply is setup as a destination syslog server. I cannot find in the squid package where to setup the syslog server at. Is there somewhere special I need to go, or is this function simply not available? Sorry if I seem a little impatient. I know this is more of a squid question and less of a PFsense question. Who is the dev for squid?Maybe he will be able to help me. ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Squid package syslog
From: list-boun...@lists.pfsense.org [mailto:list-boun...@lists.pfsense.org] On Behalf Of Ryan Rodrigue Sent: Monday, July 16, 2012 7:27 AM To: 'pfSense support and discussion' Subject: Re: [pfSense] Squid package syslog I am trying to setup Cyberoam iView for squid. It appears it simply is setup as a destination syslog server. I cannot find in the squid package where to setup the syslog server at. Is there somewhere special I need to go, or is this function simply not available? Sorry if I seem a little impatient. I know this is more of a squid question and less of a PFsense question. Who is the dev for squid?Maybe he will be able to help me. OK so I solved this myself. I googled this all day Friday with no positive results. Today, I found it. Proof My brain does work better in the morning. I figured I'd post what I found in case anybody else was interested In the Services Proxy Server settings of the PFsense GUI, at the bottom of the General settings there is a Custom Options field. I added the following access_log syslog:local:4 I then went to Status System Logs Settings I setup my syslog server and selected portal auth events. ( I found this by trial and error. ) Checked my syslog server and everything seems to work fine. Thank you very much everybody for your help. Ryan ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Squid package syslog
Do you perhaps have any idea if it's possible to do this with some configuration items in the squid-config ? If there's something in the docs it might be easier... Von: list-boun...@lists.pfsense.org [mailto:list-boun...@lists.pfsense.org] Im Auftrag von Ryan Rodrigue Gesendet: Montag, 16. Juli 2012 14:53 An: 'pfSense support and discussion' Betreff: Re: [pfSense] Squid package syslog From: list-boun...@lists.pfsense.orgmailto:list-boun...@lists.pfsense.org [mailto:list-boun...@lists.pfsense.org]mailto:[mailto:list-boun...@lists.pfsense.org] On Behalf Of Ryan Rodrigue Sent: Monday, July 16, 2012 7:27 AM To: 'pfSense support and discussion' Subject: Re: [pfSense] Squid package syslog I am trying to setup Cyberoam iView for squid. It appears it simply is setup as a destination syslog server. I cannot find in the squid package where to setup the syslog server at. Is there somewhere special I need to go, or is this function simply not available? Sorry if I seem a little impatient. I know this is more of a squid question and less of a PFsense question. Who is the dev for squid?Maybe he will be able to help me. OK so I solved this myself. I googled this all day Friday with no positive results. Today, I found it. Proof My brain does work better in the morning. I figured I'd post what I found in case anybody else was interested In the Services Proxy Server settings of the PFsense GUI, at the bottom of the General settings there is a Custom Options field. I added the following access_log syslog:local:4 I then went to Status System Logs Settings I setup my syslog server and selected portal auth events. ( I found this by trial and error. ) Checked my syslog server and everything seems to work fine. Thank you very much everybody for your help. Ryan ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
[pfSense] ipsec HA
Hi all, I try to set up multiple VPN gateways in a redundant configuration, allowing for transparent failover of VPN connections without any loss of connectivity. But, if the master goes down, I lose all my connections. Is there something like sasyncd in pfsense ? BR Pedro ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] PFsense blocking https for one IP
Answered my own question guys...the user was locked out. She tried logging into the firewall too many times with a failed password. this added her to the webConfiguratorlockout table under Diagnostics Tables On Mon, Jul 16, 2012 at 6:41 PM, Brad Otto brad.o...@p3ctech.com wrote: This is the message I get in the logs for why it is being blocked: The rule that triggered this action is: @12 block drop in log quick proto tcp from webConfiguratorlockout:1 to any port = https label webConfiguratorlockout [image: Inline image 1] * * * * On Mon, Jul 16, 2012 at 5:57 PM, Brad Otto brad.o...@p3ctech.com wrote: Hi PFSense community - I've got an odd one for you! One of the admin users with access to the firewall says she was adding a user to our VPN, and after that point, she was unable to use HTTPS on her office computer. She could not get to https websites - period. This was the only computer exhibiting this behavior. Other computers on the same network did fine. I've run through every troubleshooting guide imaginable for Windows, and when that failed, I even rebuilt her computer. But nothing did the trick until I switched her reserved IP address to another address on the same network. I checked firewall rules, aliases, etc. but did not see anything in pfsense that the user might have touched which would bring this type of behavior. Any tips? Thanks! -Brad image.png___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] PFsense blocking https for one IP
On Mon, Jul 16, 2012 at 7:41 PM, Brad Otto brad.o...@p3ctech.com wrote: This is the message I get in the logs for why it is being blocked: The rule that triggered this action is: @12 block drop in log quick proto tcp from webConfiguratorlockout:1 to any port = https label webConfiguratorlockout Means that host has tried to log into the web interface with a bad user/pass too many times so it's been blocked. ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list