Re: [pfSense] Failed Downloads

2014-08-02 Thread Brian Caouette
Squid is set for transparent. Pretty much default settings. I've noticed the 
downloads appear to work but the files are always 5k.

Sent from my iPad

> On Aug 2, 2014, at 10:10 PM, Moshe Katz  wrote:
> 
> 
> On Aug 1, 2014 6:46 PM, "Brian Caouette"  wrote:
> >
> > I subscribe to a karaoke service for my DJ business. When i'm connected to 
> > pfsense downloads are failing. This is what it looks like in squid realtime:
> >
> > 01.08.2014 18:41:10
> > 192.168.1.10
> > NONE/411
> > http://www.kjmediaservices.com/safefiles/DTC18159%20-%20OneRepublic%20-%20Love%20Runs%20Out.SAF
> > -
> > -
> >
> > I've tried to tell that domain never to cache. I'm at a loss as to why the 
> > downloads from this site fail and why the bypass for the domain doesn't 
> > appear to be working. Any idea what i'm missing?
> >
> 
> How are you doing the bypass?  How is your traffic going through squid - 
> transparent proxy or explicit proxy?
> 
> If you are using explicit proxy autoconfigured through wpad.dat, please show 
> us the wpad.dat file that your browser gets.
> 
> Moshe
> ___
> List mailing list
> List@lists.pfsense.org
> https://lists.pfsense.org/mailman/listinfo/list
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Failed Downloads

2014-08-02 Thread Moshe Katz
On Aug 1, 2014 6:46 PM, "Brian Caouette"  wrote:
>
> I subscribe to a karaoke service for my DJ business. When i'm connected
to pfsense downloads are failing. This is what it looks like in squid
realtime:
>
> 01.08.2014 18:41:10
> 192.168.1.10
> NONE/411
>
http://www.kjmediaservices.com/safefiles/DTC18159%20-%20OneRepublic%20-%20Love%20Runs%20Out.SAF
> -
> -
>
> I've tried to tell that domain never to cache. I'm at a loss as to why
the downloads from this site fail and why the bypass for the domain doesn't
appear to be working. Any idea what i'm missing?
>

How are you doing the bypass?  How is your traffic going through squid -
transparent proxy or explicit proxy?

If you are using explicit proxy autoconfigured through wpad.dat, please
show us the wpad.dat file that your browser gets.

Moshe
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] ZFS warning message on local console during boot

2014-08-02 Thread Vick Khera
On Wed, Jul 30, 2014 at 5:47 PM, Jim Thompson  wrote:
> no pfSense we produce has an installer that will make a zfs filesystem.

The default /etc/rc incudes this tidbit:

# Handle ZFS read-only case
if [ "$PLATFORM" = "pfSense" ]; then
if [ -f /usr/bin/grep ]; then
ZFSROOT=`/sbin/zfs mount | /usr/bin/grep ' /$' |
/usr/bin/cut -d ' ' -f 1`
if [ "$ZFSROOT" != "" ]; then
/sbin/zfs set readonly=off $ZFSROOT
fi
fi
fi

which causes the zfs.ko and opensolaris.ko modules to be loaded into
the kernel. Perhaps it should be removed until pfSense actually uses
ZFS for something?
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list


Re: [pfSense] ZFS warning message on local console during boot

2014-08-02 Thread Vick Khera
On Wed, Jul 30, 2014 at 4:23 PM, Paul Mather  wrote:
> I swear by ZFS on my regular FreeBSD systems (though I was having
> trouble with it on FreeBSD/i386 latterly).  I don't think there's any
> "bashing" of ZFS per se, just a wondering why you'd use it on a
> firewall appliance that's basically a nanobsd setup at heart...

Ditto my usage. And precisely the reasoning behind my comments. All it
does in this use is suck up lots of memory for pretty much zero
benefit.

pfSense loads in ZFS during its boot process, but does not actually
use it. I'm sure there is some reason it does this, but I don't see
it.
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list


Re: [pfSense] Transparent Squid with Multiwan on 2.1.3?

2014-08-02 Thread compdoc
> With Squid disabled, fail over works as expected.

 

In the lab I created to test this machine, I have squid with havp set to 
transparent. Also have snort. I don’t use squidguard. 

 

If I disconnect wan #1, most browsers will time out. But I can often just 
refresh to get them going again. Squid never complains.

 

There are a couple of remote clients and programs that have to be closed and 
then opened again after the gateway fails. (maybe because they cache 
something?) 

 

I'm pretty happy with it.

 

 

>(49) Can't assign requested address

 

What is your client connecting to? Is it some sort of secure remote session? A 
disconnect cannot be avoided with any type of secure connection. You're 
changing external ip addresses when it falls over, after all.

 

Are you able to recover normal connections to google or youtube, etc.? Close 
the browser and try again after waiting for the switch to happen. 

 

There are settings for how long it takes pfSense to decide a gateway is down, 
and how it determines its down. I use just 'packet loss'.

 

 

 

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list