Re: [pfSense] pfSense 2.3.2-RELEASE-p1 cannot check for updates / no packages installed
seems to be fixed now! thanks Am 18.10.2016 um 10:08 schrieb J. Echter: Hi, i have the following issue: pfSense dashboard tells me that it cannot check for updates, also i cannot retrieve list of available / installed packages. If i switch from stable release in the updater settings the 2.3.3-x release is shown and my packages are shown too. pkg update -f in the shell gives the following: Updating pfSense-core repository catalogue... pkg: https://pkg.pfsense.org/pfSense_v2_3_2_amd64-core/meta.txz: Internal Server Error repository pfSense-core has no meta file, using default settings pkg: https://pkg.pfsense.org/pfSense_v2_3_2_amd64-core/packagesite.txz: Internal Server Error Unable to update repository pfSense-core Updating pfSense repository catalogue... pkg: https://pkg.pfsense.org/pfSense_v2_3_2_amd64-pfSense_v2_3_2/meta.txz: Internal Server Error repository pfSense has no meta file, using default settings pkg: https://pkg.pfsense.org/pfSense_v2_3_2_amd64-pfSense_v2_3_2/packagesite.txz: Internal Server Error Unable to update repository pfSense Seems its a server error on pfSense update server side. Thanks Juergen ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] pfSense 2.3.2-RELEASE-p1 cannot check for updates / no packages installed
Hi, i have the following issue: pfSense dashboard tells me that it cannot check for updates, also i cannot retrieve list of available / installed packages. If i switch from stable release in the updater settings the 2.3.3-x release is shown and my packages are shown too. pkg update -f in the shell gives the following: Updating pfSense-core repository catalogue... pkg: https://pkg.pfsense.org/pfSense_v2_3_2_amd64-core/meta.txz: Internal Server Error repository pfSense-core has no meta file, using default settings pkg: https://pkg.pfsense.org/pfSense_v2_3_2_amd64-core/packagesite.txz: Internal Server Error Unable to update repository pfSense-core Updating pfSense repository catalogue... pkg: https://pkg.pfsense.org/pfSense_v2_3_2_amd64-pfSense_v2_3_2/meta.txz: Internal Server Error repository pfSense has no meta file, using default settings pkg: https://pkg.pfsense.org/pfSense_v2_3_2_amd64-pfSense_v2_3_2/packagesite.txz: Internal Server Error Unable to update repository pfSense Seems its a server error on pfSense update server side. Thanks Juergen ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] pfSense NUT package and snmp ups
Hi, i have the exact same issue as mentioned in this forum post: https://forum.pfsense.org/index.php?topic=111572.0 Does anyone have a hint what's going on here? Here's what's inside of this forum topic: manually start nut: [2.3-RELEASE][r...@pfsense-vdmz1.fft]/usr/local/pkg: /usr/local/etc/rc.d/nut.sh start starting snmp-ups Network UPS Tools - UPS driver controller 2.7.3 Error: no UPS definitions found in ups.conf snmp-ups failed to start whats inside of ups.conf: [2.3-RELEASE][r...@pfsense-vdmz1.fft]/usr/local/pkg: cat /usr/local/etc/nut/ups.conf user=root [APC SRT 8000] driver=snmp-ups port=192.168.0.190 mibs=ietf snmp_version=v1 community=public pollfreq=30 Thanks Juergen ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] 502 Bad Gateway
i forgot to mention: pfSense 2.3.1. It works again if i restart php-fm. J ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] 502 Bad Gateway
Am 05.07.2016 um 19:19 schrieb Bill Arlofski: > Hi everyone... > > I noticed after one of the recent upgrades to the 2.2.x "RELEASE" series > everything works perfectly fine for a while but then, I get "502 Bad Gateway" > message when I attempt to access the web GUI. > > Up until recently, I had been "fixing" this by physically powering off the > firewall by pushing the power button which causes a clean shutdown. Then I > would power it back up and it works fine for a random amount of time - usually > days or weeks, sometimes even months - but this last time it only lasted about > 23 hours. > > I am currently running the 2.3.1-RELEASE-p5 (amd64) nanobsd (4g) distribution. > > Today, I have enabled the ssh service and checked the nginx*.log files and I > see: > > [2.3.1-RELEASE][usern...@vai.revpol.com]: clog -f /var/log/nginx-error.log > > 8< > 2016/07/05 12:40:01 [error] 48883#0: *257237 upstream timed out (60: Operation > timed out) while reading response header from upstream, client: 192.168.254.4, > server: , request: "GET /getstats.php HTTP/1.1", upstream: > "fastcgi://unix:/var/run/php-fpm.socket", host: "vai.revpol.com:4443", > referrer: "https://vai.revpol.com:4443/; > clog: ERROR: could not write output (Bad address) > 8< > > > At that same time, system.log shows that the php-fpm.socket socket does not > exist: > 8< > Jul 5 12:47:00 vai vai.revpol.com nginx: 2016/07/05 12:47:00 [crit] 48883#0: > *257442 connect() to unix:/var/run/php-fpm.socket failed (2: No such file or > directory) while connecting to upstream, client: 192.168.254.4, server: , > request: "GET /getstats.php HTTP/1.1", upstream: > "fastcgi://unix:/var/run/php-fpm.socket:", host: "vai.revpol.com:4443", > referrer: "https://vai.revpol.com:4443/; > 8< > > > From the console menu, I can choose option 16 (Restart PHP-FPM), and then the > web gui is accessible again. > > Enter an option: 16 > 8< Killing php-fpm Starting php-fpm > *** Welcome to pfSense 2.3.1-RELEASE-p5 (amd64 nanobsd) on vai *** > 8< > > So, I am suspecting that the php-fpm process is dying (forgot to run a ps > command before restarting it). > > Right now, /tmp/php_errors.txt is a zero byte file but I suspect that may be > due to the restart of php-fpm due to its timestamp. I will take a look at this > file the next time the gui dies. > > > Is there anything I can do to increase debugging to help identify why this > process is dying? > > Additional info: Typically I have a Firefox tab "idling" on the dashboard > page which includes the "Traffic Graphs" widget with 4 graphs, > Autoscale=Follow and 1 second updates. > > > Thanks! > > Bill > Hi, same issue here. I cannot access OpenVPN after a while and locally i get bad gateway when connecting to pfSense webui. J ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Blocking non-SSL mysql traffic?
Am 07.06.2016 um 01:47 schrieb Jason Pyeron: > I am curious if anyone has though of trying this yet. > > Looking at https://dev.mysql.com/doc/internals/en/connection-phase.html , it > would seem to be a process of tracking the connection contents up and until > a SSL handshake or "client response" > > Is this in the capabilities of pfSense? > > -Jason > > -- Hi, suricata (pfsense package) might be able to do this. Greetings Juergen ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] pfSense 2.3_1 ntpd isn't restarting
Hi, it doesn't matter if i restart via WebGUI or directly in Terminal. Logs say ntpd is starting but nothing happens, and on cli it just says nothing, no error, no warning. Greetings Juergen Am 06.05.2016 um 23:34 schrieb WebDawg: > I would try running ntpd from shell and see what happens. > > On Fri, May 6, 2016 at 3:45 PM, J. Echter > <j.ech...@echter-kuechen-elektro.de> wrote: >> Am 06.05.2016 um 22:43 schrieb WebDawg: >>> Anything in the logs? >>> >>> On Fri, May 6, 2016 at 3:42 PM, J. Echter >>> <j.ech...@echter-kuechen-elektro.de> wrote: >>>> Hi, >>>> >>>> i did the 2.3_1 update and all seemed fine, but my ntpd service isn't >>>> coming back up. >>>> >>>> I even rebooted the machine and it still doesn't start. >>>> >>>> There's also nothing in the logs. >>>> >>>> sockstat -l | grep 123 shows nothing. >>>> >>>> Where is the ntpd binary located? I found nothing. >>>> >>>> Where should i look at next? >>>> >>>> Thanks >>>> >>>> Juergen >>>> ___ >>>> pfSense mailing list >>>> https://lists.pfsense.org/mailman/listinfo/list >>>> Support the project with Gold! https://pfsense.org/gold >>> ___ >>> pfSense mailing list >>> https://lists.pfsense.org/mailman/listinfo/list >>> Support the project with Gold! https://pfsense.org/gold >>> >> >> No, theres nothing, only gui says ntpd is restarted, nothing else. >> >> >> ___ >> pfSense mailing list >> https://lists.pfsense.org/mailman/listinfo/list >> Support the project with Gold! https://pfsense.org/gold > ___ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] pfSense 2.3_1 ntpd isn't restarting
Am 06.05.2016 um 22:43 schrieb WebDawg: > Anything in the logs? > > On Fri, May 6, 2016 at 3:42 PM, J. Echter > <j.ech...@echter-kuechen-elektro.de> wrote: >> Hi, >> >> i did the 2.3_1 update and all seemed fine, but my ntpd service isn't >> coming back up. >> >> I even rebooted the machine and it still doesn't start. >> >> There's also nothing in the logs. >> >> sockstat -l | grep 123 shows nothing. >> >> Where is the ntpd binary located? I found nothing. >> >> Where should i look at next? >> >> Thanks >> >> Juergen >> ___ >> pfSense mailing list >> https://lists.pfsense.org/mailman/listinfo/list >> Support the project with Gold! https://pfsense.org/gold > ___ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > No, theres nothing, only gui says ntpd is restarted, nothing else. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] pfSense 2.3_1 ntpd isn't restarting
Hi, i did the 2.3_1 update and all seemed fine, but my ntpd service isn't coming back up. I even rebooted the machine and it still doesn't start. There's also nothing in the logs. sockstat -l | grep 123 shows nothing. Where is the ntpd binary located? I found nothing. Where should i look at next? Thanks Juergen ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Upgrade from 2.2.x to 2.3 - upgrading formware since almost 7 hours.
Hi, maybe the squid cache was a reason for this. 7 hours was really lomg, i had to stop myself from 'interrupting' it :D But now all runs smooth. Keep up the good work! Greetings Juergen Am 15.04.2016 um 08:38 schrieb Chris Buechler: > On Thu, Apr 14, 2016 at 1:57 PM, WebDawg <webd...@gmail.com> wrote: >> On Thu, Apr 14, 2016 at 1:53 PM, J. Echter < >> j.ech...@echter-kuechen-elektro.de> wrote: >> >>> Am 14.04.2016 um 19:32 schrieb J. Echter: >>>> Hi, >>>> >>>> here, everything works as expected. :) >>>> >>>> But i have a upgrade running since round about 7 hours... >>>> >>>> >>>> I didn't check full backup before upgrade. >>>> >>>> 7 hours seem long... :) >>>> >>>> Is this still expected behaviour? >>>> >>>> Thanks >>>> >>>> J. >>>> ___ >>>> pfSense mailing list >>>> https://lists.pfsense.org/mailman/listinfo/list >>>> Support the project with Gold! https://pfsense.org/gold >>>> >>> >>> seems normal, i have a reboot mail now :D >>> >>> >> I think I had this problem when I had a bunch of sarge reports and stuff. >> For some reason one of the upgrade steps was to look through the entire FS. > > It does an mtree on all the installed files, which can take quite some > time, but it goes through a specific list of files that are installed. > Having a huge number of files on the filesystem could slow it down > some. Hours is really excessive though. > ___ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Upgrade from 2.2.x to 2.3 - upgrading formware since almost 7 hours.
Am 14.04.2016 um 19:32 schrieb J. Echter: > Hi, > > here, everything works as expected. :) > > But i have a upgrade running since round about 7 hours... > > > I didn't check full backup before upgrade. > > 7 hours seem long... :) > > Is this still expected behaviour? > > Thanks > > J. > ___ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > seems normal, i have a reboot mail now :D ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Upgrade from 2.2.x to 2.3 - upgrading formware since almost 7 hours.
Hi, here, everything works as expected. :) But i have a upgrade running since round about 7 hours... I didn't check full backup before upgrade. 7 hours seem long... :) Is this still expected behaviour? Thanks J. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] FTP trouble.
Am 13.02.2016 um 17:22 schrieb WebDawg: > On Fri, Feb 12, 2016 at 11:24 AM, J. Echter > <j.ech...@echter-kuechen-elektro.de> wrote: >> Hi, >> >> dont laugh. it was the f. antivirus >> >> thanks for your inrerest :) >> > > > AV on the server system? > ___ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > Hi, no on the client. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] FTP trouble.
Hi, dont laugh. it was the f. antivirus thanks for your inrerest :) Am 11.02.2016 um 20:25 schrieb J. Echter: > Hi, > > i have a tool which uodates its data by ftp. Nothing sepcial... > > But, i cant use it as i get errors like 'no data', error 227 'entering > passive mode' and so on. > > As far as i know should passive mode be working without any afford. > > Where can i have a look what is going wrong? > > I read about FTP helper and FTP CLient Proxy, but imho FTP Helper isn't > in 2.2 anymore and was more for ftp servers behind pfsense. > > > Please, any hints are welcome :) > > Thanks. > > Juergen > ___ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] FTP trouble.
Hi, i have a tool which uodates its data by ftp. Nothing sepcial... But, i cant use it as i get errors like 'no data', error 227 'entering passive mode' and so on. As far as i know should passive mode be working without any afford. Where can i have a look what is going wrong? I read about FTP helper and FTP CLient Proxy, but imho FTP Helper isn't in 2.2 anymore and was more for ftp servers behind pfsense. Please, any hints are welcome :) Thanks. Juergen ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Upgrade to 2.3
Am 20.01.2016 um 14:35 schrieb Brian Caouette: > > > Ive been following the forum discussions on 2.3 and was confident the > packages I used were ready for 2.3 so I bit the bullet and upgraded. I find > all my failed packages with the same error on attempt to reinstall. Can't > create anydbm file.pm all per related. Has anyone solved this yet? > Attempts at freeradius2, lightsquid, squid, and squid guard all have this > exact error. > > > Sent from my U.S. Cellular® Smartphone > ___ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > Hi, isn't this alpha/beta update? ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Virus Detected
Am 01.04.2015 um 15:26 schrieb Tim Clarke: Ryan I'd appreciate knowing how you did that? Tim Clarke On 01/04/15 14:19, Ryan Coleman wrote: Reference spoofed headers? My email server automatically tags theses messages and then tosses them into a folder called “virii”. Hi Tim, try amavisd-new (contentfilter which uses spamassassin and clamav) greets juergen ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] pfSense 2.2 upgrade experiences
Am 09.02.2015 um 09:53 schrieb Claudio Thomas: Hi, at first: thanks for the great work! 1) After trying to update my pfSense 2.1.5 (i386) to 2.2 over web-interface it reboots as expected... But this was all. The firewall was not working anymore. After a while inspecting the problem I fixed the config, so that it seems to run again. Now I've tried to update by console... so that I could finally find the problem. My disk was full and the update seems to stop somewhere in between :-( I wiped out the harddisk at all to reinstall it and use the config-backup. This is ok for me, but probably not for every one. Maybe it would be a good practise to check the free disk space before starting the upgrade. Even better would be if the installer check it, so that fools like me don't stumble on such an evident error-case :-) 2) I have 2 Phase 1 entries. One for a AVM Fritzbox (still working) an a second for android road warriors. Since the upgrade my android clients can connect anymore. Phase 1 and Phase 2 configurations was not changed since the upgrade. Was anything changed on the IPsec environment? Thanks, Claudio ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold Hi, did you read https://doc.pfsense.org/index.php/Upgrade_Guide#IPsec_Changes already? Have a nice day ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] bacula-client 7.0.5 on pfsense 2.2
Hi, i'm fiddling with bacula-client on upgraded pfsense 2.2. i don't see any error in the logs, i don't see any error with bacula-fd -f (run in foreground) -d 10 (debug level 10) i even don't see it spitting out errors as the config file isn't existant [2.2-RELEASE][root@pfsense.workgroup.local]/conf: ls /usr/local/etc/bacula/bacula-fd.conf ls: /usr/local/etc/bacula/bacula-fd.conf: No such file or directory [2.2-RELEASE][root@pfsense.workgroup.local]/conf: ps aux | grep bacula root59559 0.0 0.2 56420 7364 - Ss1:50PM 0:00.00 /usr/local/sbin/bacula-fd -u root -g wheel -v -c /usr/local/etc/bacula/bacula-fd.conf root99408 0.0 0.1 18884 2384 0 S+1:50PM 0:00.00 grep bacula netstat doesn't show it listening too: Active Internet connections Proto Recv-Q Send-Q Local Address Foreign Address(state) tcp4 0 0 pfsense.https 10.0.1.14.38261TIME_WAIT tcp4 0 0 pfsense.38791 10.0.1.14.40513 ESTABLISHED tcp6 0 0 localhost.3493 localhost.56539 ESTABLISHED tcp6 0 0 localhost.56539localhost.3493 ESTABLISHED udp4 0 0 192.168.100.1.ntp *.* udp6 0 0 fe80::21b:21ff:f.ntp *.* udp4 0 0 192.168.4.1.ntp*.* udp6 0 0 fe80::21b:21ff:f.ntp *.* udp4 0 0 192.168.1.1.ntp*.* udp6 0 0 fe80::21b:21ff:f.ntp *.* udp4 0 0 192.168.3.1.ntp*.* udp6 0 0 fe80::21b:21ff:f.ntp *.* udp4 0 0 pfsense.ntp*.* udp6 0 0 fe80::21b:21ff:f.ntp *.* udp6 0 0 localhost.ntp *.* udp4 0 0 localhost.ntp *.* udp6 0 0 fe80::d227:88ff:.ntp *.* udp4 0 0 192.168.2.1.ntp*.* udp4 0 0 host-62-245-238-.1194 *.* udp4 0 0 localhost.tftp *.* udp4 0 0 localhost.tftp-proxy *.* icm4 0 0 host-62-245-238-.* *.* any hints to solve this? thanks!! ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] bacula-client 7.0.5 on pfsense 2.2
Yes it was working on the old pfsense, i checked the config and it still shows the same contents. How do i check for a double install? i already removed and reinstalled the package. thanks Am 08.02.2015 um 18:39 schrieb mehmasa...@gmail.com: You don't mention if you had fd working on the earlier version of pf. You must have checked the config file for password and dir settings. The upgrade might have changed it because this might be a fresh install of fd. You say it is not listening, that sounds like there is an attempt at a new install. Check for multiple installs. Yudhvir ਯੁਧੱਵੀਰ 408 915 9709 tel:408%C2%A0915%C2%A09709 -- Original message-- *From: *J. Echter *Date: *Sun, Feb 8, 2015 4:56 AM *To: *pfSense support and discussion; *Subject:*[pfSense] bacula-client 7.0.5 on pfsense 2.2 Hi,i'm fiddling with bacula-client on upgraded pfsense 2.2.i don't see any error in the logs, i don't see any error with bacula-fd-f (run in foreground) -d 10 (debug level 10)i even don't see it spitting out errors as the config file isn't existant[2.2-RELEASE][root@pfsense.workgroup.local mailto:[root@pfsense.workgroup.local]/conf: ls/usr/local/etc/bacula/bacula-fd.co http://bacula-fd.confls: /usr/local/etc/bacula/bacula-fd.co http://bacula-fd.conf: No such file or directory[2.2-RELEASE][root@pfsense.workgroup.local mailto:[root@pfsense.workgroup.local]/conf: ps aux | grep bacularoot 59559 0.0 0.2 56420 7364 tel:59559%20%20%200.0%20%200.2%20%2056420%20%207364 - Ss1:50PM 0:00.00/usr/local/sbin/bacula-fd -u root -g wheel -v -c/usr/local/etc/bacula/bacula-fd.co http://bacula-fd.confroot99408 0.0 0.1 18884 2384 0 tel:99408%20%20%200.0%20%200.1%20%2018884%20%202384%20%200 S+1:50PM 0:00.00 grepbaculanetstat doesn't show it listening too:Active Internet connectionsProto Recv-Q Send-Q Local Address Foreign Address (state)tcp4 0 0 pfsense.ht http://pfsense.https 10.0.1.14 http://10.0.1.14.38261TIME_WAITtcp4 0 0 pfsense.38791 10.0.1.14 http://10.0.1.14.40513 ESTABLISHEDtcp6 0 0 localhost.3493 localhost.56539 ESTABLISHEDtcp6 0 0 localhost.56539localhost.3493 ESTABLISHEDudp4 0 0 192.168.100.1 http://192.168.100.1.ntp *.* udp6 0 0 fe80::21b:21ff:f.ntp *.* udp4 0 0 192.168.4.1 http://192.168.4.1.ntp*.* udp6 0 0 fe80::21b:21ff:f.ntp *.* udp4 0 0 192.168.1.1 http://192.168.1.1.ntp*.* udp6 0 0 fe80::21b:21ff:f.ntp *.* udp4 0 0 192.168.3.1 http://192.168.3.1.ntp*.* udp6 0 0 fe80::21b:21ff:f.ntp *.* udp4 0 0 pfsense.ntp*.* udp6 0 0 fe80::21b:21ff:f.ntp *.* udp6 0 0 localhost.ntp *.* udp4 0 0 localhost.ntp *.* udp6 0 0 fe80::d227:88ff:.ntp *.* udp4 0 0 192.168.2.1 http://192.168.2.1.ntp*.* udp4 0 0 host-62-245-238-.1194 tel:62-245-238-.1194 *.* udp4 0 0 localhost.tf http://localhost.tftp *.* udp4 0 0 localhost.tf http://localhost.tftp-proxy *.* icm4 0 0 host-62-245-238 tel:62-245-238-.* *.* any hints to solve this?thanks!!___pfSense mailing listhttps://lists.pfsense.org/mailman/listinfo/listSupport the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] bacula-client 7.0.5 on pfsense 2.2
Am 08.02.2015 um 22:37 schrieb Brady, Mike: https://forum.pfsense.org/index.php?topic=85265.msg467805#msg467805 On 2015-02-09 01:53, J. Echter wrote: Hi, i'm fiddling with bacula-client on upgraded pfsense 2.2. i don't see any error in the logs, i don't see any error with bacula-fd -f (run in foreground) -d 10 (debug level 10) i even don't see it spitting out errors as the config file isn't existant [2.2-RELEASE][root@pfsense.workgroup.local]/conf: ls /usr/local/etc/bacula/bacula-fd.conf ls: /usr/local/etc/bacula/bacula-fd.conf: No such file or directory [2.2-RELEASE][root@pfsense.workgroup.local]/conf: ps aux | grep bacula root59559 0.0 0.2 56420 7364 - Ss1:50PM 0:00.00 /usr/local/sbin/bacula-fd -u root -g wheel -v -c /usr/local/etc/bacula/bacula-fd.conf root99408 0.0 0.1 18884 2384 0 S+1:50PM 0:00.00 grep bacula netstat doesn't show it listening too: Active Internet connections Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp4 0 0 pfsense.https 10.0.1.14.38261 TIME_WAIT tcp4 0 0 pfsense.38791 10.0.1.14.40513 ESTABLISHED tcp6 0 0 localhost.3493 localhost.56539 ESTABLISHED tcp6 0 0 localhost.56539localhost.3493 ESTABLISHED udp4 0 0 192.168.100.1.ntp *.* udp6 0 0 fe80::21b:21ff:f.ntp *.* udp4 0 0 192.168.4.1.ntp*.* udp6 0 0 fe80::21b:21ff:f.ntp *.* udp4 0 0 192.168.1.1.ntp*.* udp6 0 0 fe80::21b:21ff:f.ntp *.* udp4 0 0 192.168.3.1.ntp*.* udp6 0 0 fe80::21b:21ff:f.ntp *.* udp4 0 0 pfsense.ntp*.* udp6 0 0 fe80::21b:21ff:f.ntp *.* udp6 0 0 localhost.ntp *.* udp4 0 0 localhost.ntp *.* udp6 0 0 fe80::d227:88ff:.ntp *.* udp4 0 0 192.168.2.1.ntp*.* udp4 0 0 host-62-245-238-.1194 *.* udp4 0 0 localhost.tftp *.* udp4 0 0 localhost.tftp-proxy *.* icm4 0 0 host-62-245-238-.* *.* any hints to solve this? thanks!! ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold I can confirm that this way works on my machine. I created the conf file the webui service would start, this doesn't work. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Voipo
Am 22.12.2014 um 00:17 schrieb Brian Caouette: *From:* DJ-BrianC djbrianc...@gmail.com mailto:djbrianc...@gmail.com *Date:* December 21, 2014 at 5:43:19 PM EST *To:* pfSense Support and Discussion Mailing List list@lists.pfsense.org mailto:list@lists.pfsense.org *Subject:* *Voipo* Has anyone had success with Voipo and pfSense? I'm not sure if this is a pf issue or their issue but out going calls work fine. Incoming are very spotty and fail most of the time. I've port forwarded the ports as marked here: http://www.voip-info.org/wiki/view/NAT+and+VOIP Suggestions? Sent from my iPad ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list Hi, try this: Firewall - NAT - Outbound click Manual Outbound NAT rule generation add this mapping: Interface = WAN Source = your voip server for example 192.168.3.2/32 Source Port = udp/* Destination = IP of your provider Destination Port udp/* NAT Address = WAN address NAT PORT = * Static Port = yes this works for us, and you don't need the port forwarding anymore. greetings juergen ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Voipo
nope Am 22.12.2014 um 13:15 schrieb Brian Caouette: Does this affect any other port forwards? Sent from my iPad On Dec 22, 2014, at 3:14 AM, J. Echter j.ech...@echter-kuechen-elektro.de mailto:j.ech...@echter-kuechen-elektro.de wrote: Am 22.12.2014 um 00:17 schrieb Brian Caouette: *From:* DJ-BrianC djbrianc...@gmail.com mailto:djbrianc...@gmail.com *Date:* December 21, 2014 at 5:43:19 PM EST *To:* pfSense Support and Discussion Mailing List list@lists.pfsense.org mailto:list@lists.pfsense.org *Subject:* *Voipo* Has anyone had success with Voipo and pfSense? I'm not sure if this is a pf issue or their issue but out going calls work fine. Incoming are very spotty and fail most of the time. I've port forwarded the ports as marked here: http://www.voip-info.org/wiki/view/NAT+and+VOIP Suggestions? Sent from my iPad ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list Hi, try this: Firewall - NAT - Outbound click Manual Outbound NAT rule generation add this mapping: Interface = WAN Source = your voip server for example 192.168.3.2/32 Source Port = udp/* Destination = IP of your provider Destination Port udp/* NAT Address = WAN address NAT PORT = * Static Port = yes this works for us, and you don't need the port forwarding anymore. greetings juergen ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] OT: Good network switch for 10 machines?
Am 23.09.2014 19:56, schrieb Chris Bagnall: On 23/9/14 6:46 pm, RB wrote: I'd suggest at least a managed switch that can do LACP. This. Given how small the price difference often is between unmanaged and semi-managed (aka 'smart') switches these days, it just doesn't make sense to buy unmanaged any more. You never know when things like VLANs, LLDP and LACP might just come in handy, and even if you never use them, a managed switch will also allow you to do other interesting things like graph per-port (and sometimes per-port-VLAN) usage, which can be useful for detecting misbehaving network hardware elsewhere. word ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Gateway on a gateway...
Am 17.05.2014 08:25, schrieb faisal.gill...@akesp.org: Thank you for replying MoJo .. So you recommend me removing pfsense acting as static routes router with real hardware routers ? Or ur asking me to add dynamic routing functionality to pfsense ? Thanks Faisal Sent from my HTC - Reply message - From: mOjO m...@thegeekclub.net To: pfSense Support and Discussion Mailing List list@lists.pfsense.org, dragonator dragona...@sleepydragon.net Subject: [pfSense]Gateway on a gateway... Date: Sat, May 17, 2014 10:07 AM On the pfSense firewall? Nothing. You need to change your routers. Ideally, your MPLS routers are using BGP. Then on the site 1 router under the BGP section you can tell it to advertise the 0.0.0.0 route by adding network 0.0.0.0 and make sure you have a static route on that router for 0.0.0.0 to the firewall. Site 2 should then use the MPLS router as their default gateway instead of the firewall. As an added bonus you can have site 2 failover to their local internet when the MPLS is down by adding a lower metric (255) default route that will kick in when the BGP advertised route disappears when the MPLS goes down. - Reply message - From: faisal.gill...@akesp.org faisal.gill...@akesp.org To: dragonator dragona...@sleepydragon.net, list@lists.pfsense.org Subject: [pfSense]Gateway on a gateway... Date: Fri, May 16, 2014 11:27 PM When i try to do this .. Pfsense gives me error that firewall is not local to my subnet which is .. 172.16.1.16 on subnet 255.255.248.0 Branch router is on 172.16.11.0/24 which connects to firewall subnet via MPLS provider router i.e 10.152.8.117/30 So what to do ? Regards Sent from my HTC - Reply message - From: dragonator dragona...@sleepydragon.net To: faisal.gill...@akesp.org, list@lists.pfsense.org Subject: [pfSense] Gateway on a gateway... Date: Sat, May 17, 2014 12:51 AM Change route on the site 2 gateway to route all traffic to that firewall. Sent via the Samsung Galaxy S^(TM) III, an ATT 4G LTE smartphone Original message From: faisal.gill...@akesp.org Date: 05/15/2014 19:39 (GMT-05:00) To: pfSense Support and Discussion Mailing List list@lists.pfsense.org Subject: [pfSense] Gateway on a gateway... II have two networks connected together with an MPLS network all the clients on both networks can access each other. Site 1( 172.16.0.0/21) has a packet filtering multi WAN firewall (172.16.1.16) on its local subnet which local clients connect to use internet. Site 2 (172.16.11.0/24) clients connects to local router (172.16.11.17) which routes all site 1 destend traffic to site 1 router (172.16.0.17). all site 2 clients have the ip of site 2 router which is (172.16.11.17) in their default gateway. Now i want clients on site 2 to use my packet filtering firewall (172.16.1.16) for their internet needs so how do i define this which out breaking the already communication can anyone guide me in this ? Sent from my HTC ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list anyone able to reply to the list? ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] 2.1.2-RELEASE up for testing
Am 10.04.2014 02:12, schrieb Jan: Chris, any idea on the schedule? Cheers On 04/09/2014 05:03 PM Chris Buechler wrote: Scratch that - that just missed a commit for another security fix, it's rebuilding now. On Wed, Apr 9, 2014 at 3:48 AM, Chris Buechler c...@pfsense.org wrote: Normally we wouldn't put these out to the general public at this stage, but a few people are wanting the OpenSSL fix ASAP, and I already posted it to the forum. I've upgraded a handful of production systems and it seems fine, but still a number of things we'll verify before announcing it more widely and sending it to the mirrors and auto-update. I think this is what will become 2.1.2 release. https://files.pfsense.org/cmb/2.1.2-REL-testing/ also mirrored at: http://files.nyi.pfsense.org/cmb/2.1.2-REL-testing/ Those are signed and everything, just a matter of moving them into place if things test out fine. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list any news on that? ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] 2.1.2-RELEASE up for testing
just the right time for me :) ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] no internet access on vlan
unbelievable, but i've overseen the following: php: rc.initial.setlanip: The command '/sbin/ifconfig 'lagg0_vlan3' inet delete' returned exit code '1', the output was 'ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address' Am 28.02.2014 07:32, schrieb J. Echter: Hi, i have 3 vlan's on my LAN interface. 2 of them working nicely. With the third i got trouble. I can access local network devices, but i cannot access internet. traceroute stops at 192.168.4.1 (vlan3 if address). default allow everything to any rule is added, dns forwarder listens on that ip (dns resolution works). Firewall logs don't show anything. pfSense 2.1 also was rebooted. What could be wrong with my setup? regards Juergen ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list -- Mit freundlichen Grssen Jrgen Echter ECHTER Kchen Elektro GmbH Augsburger Str. 49 86529 Schrobenhausen Tel: 08252 / 8976 - 0 Fax: 08252 / 8976 - 10 e-mail: i...@echter-kuechen-elektro.de web: www.echter-kuechen-elektro.de Reg.-Gericht: Ingolstadt Nr. HR B 101907 Ust.-Id. Nr.: DE234419866 Steuernummer: 124/125/51166 Geschftsfhrer: Thomas Echter ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
[pfSense] no internet access on vlan
Hi, i have 3 vlan's on my LAN interface. 2 of them working nicely. With the third i got trouble. I can access local network devices, but i cannot access internet. traceroute stops at 192.168.4.1 (vlan3 if address). default allow everything to any rule is added, dns forwarder listens on that ip (dns resolution works). Firewall logs don't show anything. pfSense 2.1 also was rebooted. What could be wrong with my setup? regards Juergen ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] no internet access on vlan
yep, i think so. all the needed ports have the right tags, also vlan 2 also used on the same ports, just works. switch operates in layer 2 mode. Am 28.02.2014 07:33, schrieb Ryan Coleman: When I set mine up they were pretty straight-forward, I didn’t have to do much inside of pfSense to get it going. So my thought is this: Is your switch configured correctly for VLAN3? On Feb 28, 2014, at 12:32 AM, J. Echter j.ech...@echter-kuechen-elektro.de wrote: Hi, i have 3 vlan's on my LAN interface. 2 of them working nicely. With the third i got trouble. I can access local network devices, but i cannot access internet. traceroute stops at 192.168.4.1 (vlan3 if address). default allow everything to any rule is added, dns forwarder listens on that ip (dns resolution works). Firewall logs don't show anything. pfSense 2.1 also was rebooted. What could be wrong with my setup? regards Juergen ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] no internet access on vlan
btw, dhcp runs on pfsense and all the devices are in the right ip range for vlan3 Am 28.02.2014 07:33, schrieb Ryan Coleman: When I set mine up they were pretty straight-forward, I didn’t have to do much inside of pfSense to get it going. So my thought is this: Is your switch configured correctly for VLAN3? On Feb 28, 2014, at 12:32 AM, J. Echter j.ech...@echter-kuechen-elektro.de wrote: Hi, i have 3 vlan's on my LAN interface. 2 of them working nicely. With the third i got trouble. I can access local network devices, but i cannot access internet. traceroute stops at 192.168.4.1 (vlan3 if address). default allow everything to any rule is added, dns forwarder listens on that ip (dns resolution works). Firewall logs don't show anything. pfSense 2.1 also was rebooted. What could be wrong with my setup? regards Juergen ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Fwd: Issue with states
Am 30.07.2013 08:34, schrieb Hannes Werner: Thank you for the answer, I've Outbound rules for quite some time without success. I added the qualifyfrequency option yesterday to my asterisk settings and the peer registration last till this morning which is much longer than I had since pfSense as router. I hope it helps, but I will leave the outbound rules aswell. A one week test should give stronger results. On Mon, Jul 29, 2013 at 3:34 PM, J. Echter j.ech...@echter-kuechen-elektro.de wrote: Am 29.07.2013 14:45, schrieb Guido Falsi: On 07/29/13 12:06, Hannes Werner wrote: Thank you very much, I tried increasing qualify frequency without any success. I'm not on the site with that installation and I might be able to get there this afternoon. I'll give a feedback after some tests. Untill now I never had a registration for longer than 6 hours. I'm not sure this really fixes the problem...it seems to work for me though, so I shared it. YMMV. Hi, here it worked the following. go to firewall - nat - outbound switch from automatic to manual then there should be lots of rules created. on the first line add something similar: If-src- src port- dest.- dest. port-nat addr.- nat port-static port WAN192.168.0.1/24udp/*sip provider udp/* **yes src = subnet where asterisk sits dest. = provider ip (ask them to be sure) good luck ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list ah i forgot to mention, set this rule on the first place. so it gets hit first. cheers juergen ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] SIP / Asterisk / PFSense - need to reset states of port 5060 connections
Am 10.01.2013 15:14, schrieb Guido Falsi: On 01/09/13 09:16, mayak-cq wrote: On Wed, 2013-01-09 at 08:38 +0100, Jürgen Echter wrote: snip suddenly it occurs that we are no more available from external and i have to reset states from port 5060 from our internal server to our sip provider. after that its working again. where can i look for this really annoying problem? hi jurgen hmmm -- i have the same issue -- thought it was unique to my install. using embedded 2.01 on an Alix appliance with an openvpn tunnel to a remote pfsense running full version (then to an asterisk server) I was seeing the same problem on 2.0.1 on alix just doing NAT/Firewall work on a DSL connection. Now I have upgradted to 2.0.2 and this problem seems to be gone. I have other problems for which I'm inclined to put the blame on asterisk since they show up with peers on the same LAN too, but they do need some more investigation. Hi, im on pfSense 2.0.2. Problem isn't gone, still there. Also if i reboot our modem, same trouble. Not always but often... Cheers Juergen ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
[pfSense] Dansguardian + Squid = using swap.
Hi. I have the following issue: dansguardian + squid running on my machine. On the status screen from pfSense webgui i see physical RAM is used 24%, but swap is used 9%. Where to look why this happens? Both proxy servers running for ~ 65 days. Thanks for your hints. Greetings Juergen ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Dansguardian + Squid = using swap.
Am 13.06.2012 19:19, schrieb J. Echter: Hi. I have the following issue: dansguardian + squid running on my machine. On the status screen from pfSense webgui i see physical RAM is used 24%, but swap is used 9%. Where to look why this happens? Both proxy servers running for ~ 65 days. i forgot to mention, if i restart both proxys swap is used 1%. that indicates to me its coming from proxy usage. cheers. ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
