Maybe a blog post about this?
-- Jim
On Sep 18, 2014, at 10:01, Jim Pingle li...@pingle.org wrote:
On 9/18/2014 8:55 AM, Martin Fuchs wrote:
Does CVE-2004-0230 affect pfSense 2.1.5 ?
As Vick mentions, practically the answer is 'no'.
There are some rare cases when it might, however. It
On Sep 9, 2014, at 9:37 PM, Ryan Coleman ryanjc...@me.com wrote:
Hi Tom!
You would be better suited contacting Electric Sheep Fencing
(http://www.electricsheepfencing.com/) directly for your how-to but you can
start with a few basic concepts:
1) This system is running FreeBSD 8.3 at
:43
Asunto: Re: [pfSense] menu bar in safari on 2.1.5
On Fri, Aug 29, 2014 at 11:17 AM, Jim Thompson j...@netgate.com
mailto:j...@netgate.com wrote:
Have you reloaded (the CSS changed) and/or cleared the browser cache?
Yeah, just did that and it cleared up. Sorry for the noise.
My
again, the CSS changed, and the browsers love to cache that stuff.
On Fri, Aug 29, 2014 at 8:47 AM, Peder Rovelstad provels...@comcast.net wrote:
I did note the Code Red color scheme wraps the page header bar, putting
Help under System. I have such problems...
It did this for me a well,
Have you reloaded (the CSS changed) and/or cleared the browser cache?
(I use Safari, too.)
On Fri, Aug 29, 2014 at 10:15 AM, Vick Khera vi...@khera.org wrote:
In 2.1.5 pfsense_ng theme, you added a new menu bar item for the Gold
support subscription.
What this does in Safari is make the
On Aug 29, 2014, at 10:19 AM, Vick Khera vi...@khera.org wrote:
On Thu, Aug 28, 2014 at 3:37 AM, Ulrik Lunddahl u...@proconsult.dk wrote:
Is there a difference in the software (firmware image)
Is there a difference in the bundled support.
From what I can tell, the difference between
Not ‘DBAs’. (Technically ‘Netgate’ is a DBA on “Rubicon Communications, LLC”,
and pfSense is really “Electric Sheep Fencing, LLC”. There is no “pfSense” DBA
(though I’ve considered it.)
On Aug 29, 2014, at 10:23 AM, Ryan Coleman ryanjc...@me.com wrote:
It is the same product - they are
asked.
There is allways better cheaper and faster tech just around the corner.
27. aug. 2014 21:26 skrev Jim Thompson j...@smallworks.com følgende:
SD cards are storage, but not “disks” nor “drives”.
Beyond m-SATA, eMMC is your best option. Not only are they faster than SD
cards (speeds
Ryan,
Don't troll.
On Aug 27, 2014, at 7:33 AM, Ryan Coleman ryanjc...@me.com wrote:
Wait, so the SDHC slot on this board is simply for show?
On Aug 26, 2014, at 13:56, Sergii Cherkashyn ser...@accurategroup.com
wrote:
Thank you Espen,
Squid is for filtering purpose only, not
to carry two different SKUs (one with, one without).
Jim
On Aug 27, 2014, at 7:57 AM, Ryan Coleman ryanjc...@me.com wrote:
Why not answer the question?
On Aug 27, 2014, at 7:56, Jim Thompson j...@netgate.com
mailto:j...@netgate.com wrote:
Ryan,
Don't troll.
On Aug 27, 2014
on the features page it can be
booted off the SD slot - is that true? If so I have to change a few quotes I
have in play as they will need to get mSATA SSDs instead.
On Aug 27, 2014, at 9:20, Jim Thompson j...@smallworks.com
mailto:j...@smallworks.com wrote:
The SD (SDHC describes some
Coleman
ryanjc...@me.com
m. 651.373.5015
o. 612.568.2749
On Aug 27, 2014, at 9:24, Jim Thompson j...@netgate.com wrote:
Yes, the system can be booted from an SD (or SDHC) card. Or from USB, or
from the m-SATA.
All of these require proper preparation of the requisite ‘disk’ (-like
. 612.568.2749
On Aug 27, 2014, at 9:24, Jim Thompson j...@netgate.com wrote:
Yes, the system can be booted from an SD (or SDHC) card. Or from USB, or
from the m-SATA.
All of these require proper preparation of the requisite ‘disk’ (-like
device).
Jim
On Aug 27, 2014, at 9:21 AM, Ryan
Coleman
ryanjc...@me.com mailto:ryanjc...@me.com
m. 651.373.5015 tel:651.373.5015
o. 612.568.2749 tel:612.568.2749
On Aug 27, 2014, at 9:24, Jim Thompson j...@netgate.com
mailto:j...@netgate.com wrote:
Yes, the system can be booted from an SD (or SDHC) card. Or from USB, or
from the m
On Jul 30, 2014, at 3:21 PM, Stefan Baur newsgroups.ma...@stefanbaur.de
wrote:
Am 30.07.2014 um 22:09 schrieb Espen Johansen:
ZFS = FS+LVM. Its efficient in many ways. Its highly resillient to
things like silent data corruption ( disk FW bugs, power spikes). It has
on the fly checking
On Jul 30, 2014, at 4:40 PM, Stefan Baur newsgroups.ma...@stefanbaur.de
wrote:
Am 30.07.2014 um 23:34 schrieb Jim Thompson:
tl;dr: I wouldn’t run ZFS… yet.
I didn’t see the error message, you’re barking up a tree attempting to use
it right now.
Again, I don't care what FS pfSense
, Jim Thompson wrote:
On Jul 30, 2014, at 3:21 PM, Stefan Baur newsgroups.ma...@stefanbaur.de
wrote:
Am 30.07.2014 um 22:09 schrieb Espen Johansen:
ZFS = FS+LVM. Its efficient in many ways. Its highly resillient to
things like silent data corruption ( disk FW bugs, power spikes). It has
On Jul 30, 2014, at 7:20 PM, Paul Mather p...@gromit.dlib.vt.edu wrote:
Despite all that FreeBSD ZFS love, I still would not recommend it on
FreeBSD/i386-based installations (as the OP said he was using). It is
much more of a headache to use in that milieu, and, IMHO, doesn't get
the
On Jul 27, 2014, at 13:06, Matthias May matth...@may.nu wrote:
Am 27.07.2014 18:32, schrieb Kenward Vaughan:
On 07/22/2014 02:19 PM, Rainer Duffner wrote:
Am 22.07.2014 um 21:29 schrieb Nickolai Leschov nlesc...@gmail.com
mailto:nlesc...@gmail.com:
The difference is not $200, but
On Jul 22, 2014, at 16:19, Rainer Duffner rai...@ultra-secure.de wrote:
Am 22.07.2014 um 21:29 schrieb Nickolai Leschov nlesc...@gmail.com:
The difference is not $200, but about $100 with 8GB Sandisk Extreme Secure
[sic!] SDHC card included.
1. What's secure about this card? I
We're doing some performance work with pf, and have issued a call for pf and
ipfw rule sets.
http://lists.freebsd.org/pipermail/freebsd-net/2014-July/039373.html
If you wish to help, please get in-touch with George.
-- Jim
___
List mailing list
Ryan,
Your point is entirely lost, I’ve already shown where your words are false by
any measure.
Time to close this thread.
Jim
On Jul 27, 2014, at 9:08 PM, Ryan Coleman ryanjc...@me.com wrote:
Nickolai,
I don’t know about you but I get my 8GB SDHC Class 10 cards for between $5
and
On Jul 22, 2014, at 10:58, Ryan Coleman ryanjc...@me.com wrote:
I asked the differences in the two line items from netgate.
Perhaps you should ask sa...@netgate.com
Jim
___
List mailing list
List@lists.pfsense.org
On Jul 22, 2014, at 17:19, Nickolai Leschov nlesc...@gmail.com wrote:
I wonder why they wouldn't just build the board with some appropriate Atom
CPU?
:-)
And maybe even more performant, to boot? E3815, probably?
Bay Trail? Why? That's for tablets.
C2xx8 more likely.
On Jul 22, 2014, at 17:19, Nickolai Leschov nlesc...@gmail.com wrote:
Just like the others: dissipation through the aluminum case
How does the CPU connect to the aluminum case? Is there some thermal
interface involved? Maybe an interface between CPU heatsink and aluminum case?
Yes, there
Very little if this thread is related to pfSense.
Please stay on topic.
-- Jim
On Jul 22, 2014, at 17:32, Chris Bagnall pfse...@lists.minotaur.cc wrote:
On 22/7/14 11:17 pm, Nickolai Leschov wrote:
I didn't notice this page. So it looks like it's some kind of thermal paste
allows for
Ryan,
Profanity and personal attacks have no place on this list.
-- Jim
On Jul 22, 2014, at 20:12, Ryan Coleman ryanjc...@me.com wrote:
Look fuck nut: branded and shipped hardware is 100% on topic. Thank you.
On Jul 22, 2014, at 20:10, Jim Thompson j...@netgate.com wrote:
Very
On Jul 22, 2014, at 16:30, Nickolai Leschov nlesc...@gmail.com wrote:
Bay Trail? Why? That's for tablets.
What's the difference, in practical terms?
First: Rangeley has an integrated i354 10/100/1000 quad Ethernet MAC. Bay
Trail requires one to add Ethernet
Second: Rangeley has a
and shipped hardware is 100% on topic. Thank you.
On Jul 22, 2014, at 20:10, Jim Thompson j...@netgate.com wrote:
Very little if this thread is related to pfSense.
Please stay on topic.
-- Jim
On Jul 22, 2014, at 17:32, Chris Bagnall pfse...@lists.minotaur.cc
wrote:
On 22/7/14 11:17
On Jul 21, 2014, at 8:18 AM, Nickolai Leschov nlesc...@gmail.com wrote:
What is the status of pfSense 2.2?
alpha snapshots
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list
there is no 802.11ac support in FreeBSD (and thus pfSense) as yet.
802.11n support is in FreeBSD 10 (and thus pfSense 2.2)
On Jul 20, 2014, at 11:08 PM, Ryan Coleman ryanjc...@me.com wrote:
The compatibility is strictly up to the software drivers. Is the driver for
the card you’re looking
On Jun 4, 2014, at 2:29 PM, mayak ma...@australsat.com wrote:
i really want to love this board, but, it it is simply a heater -- my
problems are thermal.
i have now completely removed the the board from the case and put a huge
copper heat sync on it -- i'll take a picture -- i placed it
On Jun 2, 2014, at 13:18, Brian Caouette bri...@dlois.com wrote:
As much as I like pfSense it
and packages are really prone to glitches and over all bugs.
PfSense has bugs, and packages have bugs, but it is a mistake to conflate the
two.
___
On Jun 2, 2014, at 10:02 PM, Ryan Coleman ryanjc...@me.com wrote:
It’s also a mistake to not report them to the maintainers. :)
That’s true, and the maintainers for Squid, Snort and Silicata are very good
about fixing said bugs.
Jim
___
List
On May 20, 2014, at 9:30 AM, Giles Coochey gi...@coochey.net wrote:
On 20/05/2014 12:28, Ryan Coleman wrote:
On May 20, 2014, at 1:59, Giles Coochey gi...@coochey.net wrote:
s
Not to mention that if I ran a PE 2850 at home there would probably be
complaints about the noise!!! Those
If you had purchased something more modern, (even an APU, which uses 5-10% of
your 2850, and is completely silent) bhyve would be an option.
Which is the general direction I'm headed with pfSense for being able to run a
media center or NAS on top.
Refurb c1100s are $600 on fleabay with 8
On May 17, 2014, at 5:16 PM, Leon Volfson l...@one.co.il wrote:
Hi guys,
I had lots of issues in the past with the performance
and as I understood then - one of the biggest problems was
the Giant lock in pf.
Since the 2.2 version is going to be FreeBSD 10 based I looked it up and
saw
On May 8, 2014, at 12:04 PM, b...@todoo.biz wrote:
Hi we are french resellers of Alix / APU
Le 6 mai 2014 à 21:16, Vick Khera vi...@khera.org a écrit :
I have the dual ALIX RM1U box from netgate which is a bit over 2 years old
now (and an older one too!)
Has anyone attempted
On May 2, 2014, at 23:42, David Newman dnew...@networktest.com wrote:
It's possible this is related to this being 4G Sandisk CF cards, and
modern 2G and 4G Sandisk cards producing alignment errors.
Unlikely.
___
List mailing list
On Apr 22, 2014, at 10:39, Stefan Baur newsgroups.ma...@stefanbaur.de wrote:
In fact, I'd be petty disappointed, too, if a newer pfSense release
stopped working on my hardware and it the whole issue appeared out of the
blue (== no hwe driver no longer supported or similar notice in the
On Apr 20, 2014, at 5:32 PM, Volker Kuhlmann list0...@paradise.net.nz wrote:
I've been running pfsense for many years (and been very happy with it)
on scrapped PCs with a Sun 4-port Ethernet PCI card because I need 5
Ethernet ports.
Now freebsd dieing on the hme driver effectively turns
On Apr 22, 2014, at 12:27 PM, Stefan Baur newsgroups.ma...@stefanbaur.de
wrote:
Am 22.04.2014 18:29, schrieb Jim Thompson:
It's not like we disabled the hme driver.
Nobody accused you of intentionally disabling it. Manure happens. :-) Relax.
We have no ability to test it, since we
On Apr 22, 2014, at 3:42 PM, Volker Kuhlmann hid...@paradise.net.nz wrote:
On Wed 23 Apr 2014 05:02:59 NZST +1200, Jim Thompson wrote:
Are there any USB Ethernet adapters that actually work with pfsense?
Reliably? I am looking for reports from those who have tried, not the
freebsd
On Apr 16, 2014, at 4:34 PM, Brian Candler b.cand...@pobox.com wrote:
On 15/04/2014 20:12, Jim Thompson wrote:
We dropped the price, too.
-- Jim
Which price are you referring to?
On the EC2 instance(s).
I see that a support subscription is now $200 for 2 hours plus $200 per extra
hour
They're built; we're waiting on Amazon.
-- Jim
On Apr 11, 2014, at 22:41, linbloke linbl...@fastmail.fm wrote:
On 11/04/2014 5:23 am, Jim Thompson wrote:
https://blog.pfsense.org/?p=1253
pfSense release 2.1.2 is now available. pfSense release 2.1.2 follows less
than a week after
On Apr 12, 2014, at 18:55, Volker Kuhlmann hid...@paradise.net.nz wrote:
On Fri 11 Apr 2014 18:43:18 NZST +1200, Ryan Coleman wrote:
He gave you an option to subscribe to the list.
You seem to have missed the point I was making: critical security fixes
(the 2.1.2 release in this case,
The final testing (testing updates against the real update servers, which can’t
be effectively simulated) is happening now.
jim
On Apr 10, 2014, at 12:50 PM, k_o_l k_...@hotmail.com wrote:
Any update to when the fix will be released?!
-Original Message-
From: List
https://blog.pfsense.org/?p=1253
pfSense release 2.1.2 is now available. pfSense release 2.1.2 follows less
than a week after pfSense release 2.1.1, and is primarily a security release.
The Heartbleed OpenSSL bug and another OpenSSL bug which enables a side-channel
attack are both covered by
On Apr 10, 2014, at 4:10 PM, Volker Kuhlmann hid...@paradise.net.nz wrote:
On Fri 11 Apr 2014 07:23:52 NZST +1200, Jim Thompson wrote:
pfSense release 2.1.2 is now available.
Thank you for all the quick work!
May I ask though why this isn't simultaneously posted on
pfsense-announce
On Apr 10, 2014, at 4:25 PM, Dimitri Rodis dimit...@integritasystems.com
wrote:
Can we also get information as to which versions of pfSense are affected
aside from 2.1.1? Or is 2.1.1 the only affected version?
https://pfsense.org/security/advisories/pfSense-SA-14_04.openssl.asc
snapshots.
-- Jim
On Apr 8, 2014, at 21:05, Paul Mather p...@gromit.dlib.vt.edu wrote:
On Apr 8, 2014, at 9:35 PM, Paul Mather p...@gromit.dlib.vt.edu wrote:
On Apr 8, 2014, at 3:04 PM, Jim Thompson j...@smallworks.com wrote:
Well, that’s the point, Paul. (You hit the nail on the head
2.1.2 wasn’t “UP”.
Chris cut a version of something he called “2.1.2” that he indicated *might*
become 2.1.2, but it was incomplete.
So I asked him to pull it back down.
Jim
On Apr 9, 2014, at 4:59 PM, Ryan Coleman ryanjc...@me.com wrote:
There was a post to the list at 0400 central US today
Well, that’s the point, Paul. (You hit the nail on the head.)
If you don’t have an openssl service exposed, the problem doesn’t affect you.
Since normally the web GUI isn’t exposed to the WAN, the attack surface is
minimized.
We are working at cutting a new release.
Jim
On Apr 8, 2014, at
On Apr 8, 2014, at 12:34 PM, Paul Heinlein heinl...@madboa.com wrote:
On Tue, 8 Apr 2014, b...@todoo.biz wrote:
This might not be enough as there are two versions of openssl installed… One
in /usr/bin/openssl and one in /usr/local/bin/openssl
Both should be ok.
Not on 2.1:
On Apr 8, 2014, at 3:39 PM, Rainer Duffner rai...@ultra-secure.de wrote:
Am 08.04.2014 um 21:04 schrieb Jim Thompson j...@smallworks.com:
Well, that’s the point, Paul. (You hit the nail on the head.)
If you don’t have an openssl service exposed, the problem doesn’t affect you
On Apr 5, 2014, at 12:48 PM, Ugo Bellavance u...@lubik.ca wrote:
http://techcrunch.com/2014/04/03/intel-releases-99-minnowboard-max-an-open-source-single-board-computer/?utm_campaign=fbncid=fb
An interesting platform for pfSense?
It looks like it only has 1 NIC though.
I looked at this
Kevin,
Glad you like the update.
You won’t get ‘mutlicore’ PF until pfSense 2.2 (which is based on FreeBSD 10).
Snapshots are available now.
Rangely hardware, you say?
http://store.netgate.com/Firewall/C2758.aspx
Also available “real soon now at the pfSense store. We believe in the C2000,
On Apr 5, 2014, at 5:06 PM, Adam Thompson athom...@athompso.net wrote:
On 14-04-05 02:02 PM, Jim Thompson wrote:
http://techcrunch.com/2014/04/03/intel-releases-99-minnowboard-max-an-open-source-single-board-computer/?utm_campaign=fbncid=fb
An interesting platform for pfSense?
It looks like
On Apr 2, 2014, at 3:17 PM, Thinker Rix thinke...@rocketmail.com wrote:
On 2014-04-02 17:35, Eugen Leitl wrote:
Apu.1c
http://www.heise.de/newsticker/meldung/Embeddded-Mainboard-mit-x86-CPU-und-Coreboot-2160404.html
http://www.pcengines.ch/apu1c.htm
in stock, €105.13
Unfortunately
On Apr 2, 2014, at 3:24 PM, Ryan Coleman ryanjc...@me.com wrote:
Wouldn’t a layer-3 switch be a good investment in this situation? Put the
load on another device instead of, what is for all intents and (definitely)
purpose a thin, light-weight piece of hardware?
It doesn’t even need to be
On Apr 2, 2014, at 5:01 PM, Chris Bagnall pfse...@lists.minotaur.cc wrote:
On 2/4/14 9:17 pm, Thinker Rix wrote:
Unfortunately again only 3 NICs... and Realteks with bad performance.
I would love to see such a board one day with at least 4-8 NICs.
On that subject, we've recently been
What's your time worth?
-- Jim
On Mar 24, 2014, at 9:03, Stefan Baur newsgroups.ma...@stefanbaur.de wrote:
Am 24.03.2014 14:18, schrieb Chris Bagnall:
However, the new tenant found that performance was erratic - certain
websites loaded instantly, but others wouldn't load at all. This
Chris had to rebuild lists.pfsense.org, as one of the databases became
corrupted.
You might have gotten added in that process.
On Mar 19, 2014, at 1:54 PM, Doug Barton do...@dougbarton.us wrote:
Actually I'm sort of curious as to how I got on the list in the first place.
I certainly did
On Mar 6, 2014, at 5:26, Jeremy Bennett jbenn...@hikitechnology.com wrote:
What am I doing wrong?
You're running a more modern card than supported in pfSense 2.1, which is based
on FreeBSD 8.3.
Perhaps 2.2 will fix the issue.
Jim
___
List
On Mar 6, 2014, at 12:51 PM, Jeremy Bennett jbenn...@hikitechnology.com wrote:
I spoke to the good folks at Netgate, and they assured me that the card was
indeed compatible with 2.1. From what I've seen, they've always been very
responsible with the products they sell and they were very
See your link http://www.openbsd.org/faq/pf/carp.html
It's all in there.
-- Jim
On Feb 16, 2014, at 12:03, rajan agarwal rajanagarwa...@gmail.com wrote:
I was about to post the same question. Thanks Brian, been facing a problem
with this in my 2 pfsense setup.
On Sun, Feb 16, 2014
On Feb 14, 2014, at 5:15 AM, Jostein Elvaker Haande jehaa...@gmail.com wrote:
On 14 February 2014 11:54, Brian Candler b.cand...@pobox.com wrote:
On 13/02/2014 19:43, Jostein Elvaker Haande wrote:
The thing that brand names as Netgear now sells out of the box
[..]
I welcome Netgear to
On Feb 13, 2014, at 12:10 PM, Chris Buechler c...@pfsense.org wrote:
On Thursday, February 13, 2014, Andrew Hull l...@coffeebreath.org wrote:
Hi List,
Having purchased several pfSense devices assembled by Netgate (m1n1wall and
FW-7541), I've noticed that the pfSense pre-install image was
and
tunings to make all NICs work and work good (props to ESF staff who
assisted).
Quick history:
BSD Perimeter moved from Kentucky (in 2012) to Texas and reinstated as
ESF. Jim Thompson from Netgate (also Texas) got involved with ESF, he is
actually active in both companies.
In mid-2012, Chris
On Feb 12, 2014, at 9:05 AM, David Burgess apt@gmail.com wrote:
On Feb 11, 2014 5:55 AM, Jim Thompson j...@netgate.com wrote:
Thanks for this.
As before, we'll supply a solution for pfSense on the ERL after 2.2 (based
on FreeBSD 10) after 2.2 drops.
-- Jim
That's great
The reality is “when it’s done”.
I’m hoping for “mid-May”.
On Feb 12, 2014, at 9:28 AM, Brian Caouette bri...@dlois.com wrote:
What is the time frame for 2.2?
On 2/11/2014 7:55 AM, Jim Thompson wrote:
Thanks for this.
As before, we'll supply a solution for pfSense on the ERL after 2.2
On Feb 12, 2014, at 9:41 AM, Eugen Leitl eu...@leitl.org wrote:
On Wed, Feb 12, 2014 at 08:05:17AM -0700, David Burgess wrote:
That's great news. Does anybody care to speculate whether FreeBSD will be
able to take advantage of the packet forwarding acceleration of this
hardware at some
On Feb 12, 2014, at 9:55 AM, Eugen Leitl eu...@leitl.org wrote:
On Wed, Feb 12, 2014 at 09:44:46AM -0600, Jim Thompson wrote:
On Feb 12, 2014, at 9:41 AM, Eugen Leitl eu...@leitl.org wrote:
On Wed, Feb 12, 2014 at 08:05:17AM -0700, David Burgess wrote:
That's great news. Does anybody
On Feb 12, 2014, at 12:16 PM, Brian Caouette bri...@dlois.com wrote:
Sounds good. Is there a planned feature list we can look forward too?
On 2/12/2014 10:43 AM, Jim Thompson wrote:
The reality is “when it’s done”.
I’m hoping for “mid-May”.
On Feb 12, 2014, at 9:28 AM, Brian
Thanks for this.
As before, we'll supply a solution for pfSense on the ERL after 2.2 (based on
FreeBSD 10) after 2.2 drops.
-- Jim
On Feb 11, 2014, at 7:25, Eugen Leitl eu...@leitl.org wrote:
http://rtfm.net/FreeBSD/ERL/
FreeBSD 10.0 on Ubiquiti EdgeRouter Lite
The Ubiquiti
It still needs attention in the editing and formatting
departments, but all the tech is there, yes.
-- Jim
On Jan 21, 2014, at 5:00, Michał Karas m.ka...@hafis.pl wrote:
Hi,
than you for your reply. Is the electronically available version already
finished. Does it cover all features of
Turning on UPNP might make things better. It just works for me, too.
-- Jim
On Jan 15, 2014, at 10:00, Vick Khera vi...@khera.org wrote:
On Tue, Jan 14, 2014 at 3:01 PM, Paul Galati paulgal...@gmail.com wrote:
I have tried searching the forums for find a fix to allow Apple Messages app
you lost me at “port forwarding”.
Making NAT work for IPSEC (passthrough) can be … quite challenging.
Hopefully you’re attempting to terminate IPSEC on the pfSense box, and the ISP
router is configured to:
IP Protocol ID 50: For both inbound and outbound filters. Should be set to
allow
Unlikely.
-- Jim
On Dec 9, 2013, at 4:07, Denny Fuchs linuxm...@4lin.net wrote:
hi,
I want to use old two of Sun Fire SPARC v215 for pfsense. FreeBSD 8/98 runs
without any problems, so the only question is, if it does make sense to
compile pfsense on that hosts.
Ram: 12GB
# cat
I was at the FreeBSD Vendor Summit last week, and raised the AES-NI
issue as important to be solved in the next six months.
The issue and fix are understood, it just needs someone to implement
it (and then, presumably, backport it to 8.3, so we can release an
update to 2.1 (2.1.1 or similar).
with the relevant skill were open to a bounty
for implementing the necessary fixes?
On Mon, Nov 11, 2013 at 1:36 PM, Jim Thompson j...@netgate.com wrote:
I was at the FreeBSD Vendor Summit last week, and raised the AES-NI
issue as important to be solved in the next six months.
The issue and fix
On Nov 6, 2013, at 7:22, Vick Khera vi...@khera.org wrote:
pfSense lists the AES-NI as a supported option for crypto acceleration.
pfSense will use it for OpenVPN and IPsec if you tell it to. There's a config
setting for it.
I'm not aware if any performance testing for AES-NI on
On Nov 6, 2013, at 8:06 AM, Thinker Rix thinke...@rocketmail.com wrote:
On 2013-11-06 15:29, Jim Thompson wrote:
On Nov 6, 2013, at 7:22, Vick Khera vi...@khera.org wrote:
pfSense lists the AES-NI as a supported option for crypto acceleration.
pfSense will use it for OpenVPN and IPsec
The issue may not be that easy to fix.
Current theory is that it's is a structural issue in cryptdev.
-- Jim
On Nov 6, 2013, at 20:59, Chris Buechler c...@pfsense.org wrote:
I have done some brief testing of AES-NI a few months back, though I
can't seem to find the results at the moment
The Xeon CPUs are almost idle.
The old Intel 32-bit Pentium 4 2.4GHz dual core server, however is the other
end of that IPSEC tunnel. It's unlikely to be as idle as the Xeon.
-- Jim
On Nov 6, 2013, at 8:04, Thinker Rix thinke...@rocketmail.com wrote:
On 2013-11-06 15:22, Vick Khera
https://doc.pfsense.org/index.php/DMA_and_LBA_Errors
On Mon, Oct 28, 2013 at 12:18 PM, Bob Gustafson bob...@rcn.com wrote:
I installed 2.1 on a SanDisk 4GB Ultra (200x) for use on an Alix board.
I configured the ethernet ports using the serial connection and then left
the connection and
On Oct 24, 2013, at 12:02 PM, Chris Bagnall pfse...@lists.minotaur.cc wrote:
On 24/10/13 5:30 pm, Thinker Rix wrote:
I want to have:
- full Gigabit wire speed between the DMZ and the LAN zone (i.e. 2x
Gigabit at max)
Would have thought you'd be fine here.
- full 450Mbps between the
The topic has wandered away from pfSense.
-- Jim
On Oct 24, 2013, at 18:48, Chris Bagnall pfse...@lists.minotaur.cc wrote:
On 24/10/13 7:31 pm, Adam Thompson wrote:
If I upgraded to a better-quality unit, or switched to licensed
spectrum, I could probably eliminate the variability and
On Oct 15, 2013, at 8:53 AM, Alex DiMarco a...@cs.toronto.edu wrote:
On Tue, Oct 15, 2013 at 8:20 AM, Robert Skinner rob...@robertskinner.com
wrote:
You would have hated the 90s then.
Interesting time that was, no particular hate though for that period..
Now the 80's on the other hand
It occurs to me that being more ‘conversational’ with the community might be a
good thing. Describing what is happening with pfSense, and why, and engaging
the pfsense community in the process could be a good thing. My first attempt
is included herein.
But first, on the tail of the recent
out of
my way to inhibit those who wish to fork.
However, in any case, such a community would be prohibited from naming the
result “pfSense”.
But since 33% of the ESF - namely Jim Thompson
You greatly inflate my ownership interest here.
- prefers bullying, insulting, frightening and muzzling
On Oct 12, 2013, at 3:33 PM, Thinker Rix thinke...@rocketmail.com wrote:
Hello all,
I just performed an upgrade to 2.1 via the Auto update feature in the web
UI, which worked flawlessly.
When studying the Upgrade Guide
(https://doc.pfsense.org/index.php/Upgrade_Guide) prior the
On Oct 12, 2013, at 1:35 PM, Chris L c...@viptalk.net wrote:
On 2013-10-12 01:40, Jim Thompson wrote:
I'm not willing to endure this uninformed Alex Jonesian crapfest.
Nice position to take, except Alex Jones was right.
Sigh. As much as this doesn’t belong on the pfsense list…
I
On Oct 10, 2013, at 4:34 PM, Yehuda Katz yeh...@ymkatz.net wrote:
Since we keep coming back to FreeBSD as it pertains to security:
3) FreeBSD is very mature, and very well reviewed. I've looked into FreeBSD
to my personal satisfaction. OpenBSD may be abrasive as a community at
times,
On Oct 10, 2013, at 5:42 PM, Paul Mather p...@gromit.dlib.vt.edu wrote:
I first started using mailing lists back in the mid/late 1980s,
You’re not the only one. :-)
I too was entertained by the n00b trying to tell grandpa how to use email.
Jim
On Oct 10, 2013, at 6:25 PM, Jim Pingle li...@pingle.org wrote:
You shouldn't need the -archive bits since 8.3 is still a supported release.
Until next April, anyway.
___
List mailing list
List@lists.pfsense.org
On Oct 10, 2013, at 4:49 PM, Giles Coochey gi...@coochey.net wrote:
On 10/10/2013 15:04, Chris Bagnall wrote:
What made you change from AES to Blowfish, and is there any evidence to
suggest that Blowfish is more 'secure' than AES?
My understanding is that AES was championed by an agency
(TIC mode: on)
I think it’s obvious that:
- ESF is a front for the NSA
- the acquisition which closed last year was really just about gaining control
of a critical component of Internet infrastructure.
- the delays getting 2.1 out the door were exclusively about getting some
last-minute
On Oct 9, 2013, at 6:38 PM, Thinker Rix thinke...@rocketmail.com wrote:
My main question was not if the code includes bad things, but if the company
behind pfSense has been approached (yet) by authorities to comply with their
Orwellian global police state phantasy.
already answered.
On Oct 9, 2013, at 6:46 PM, David Burgess apt@gmail.com wrote:
On Wed, Oct 9, 2013 at 10:38 AM, Jim Thompson j...@netgate.com wrote:
So asking the question is stupid(*), because a lie is indistinguishable from
the truth.
I disagree on that point. Even if one is sure to get
101 - 200 of 239 matches
Mail list logo