[pfSense] CARP Interface doese not sync

Hi there, i run 2 Pfsense boxed which are connected directly on the Sync interface. Pf1 Version is 2.4.1 and pf2 Version is 2.4.0 I created now CARP interfaces wich are not synced to pf1 automaticly. I get some XML errors (Syntax Error in XML) Is there anyway to start the Sync process

[pfSense] Block Install/Update APPs [android / apple].

Hello, I have a guest network and this moment I need to block all access to Install and Update of APPs Android and Apple, I am using squid + squidguard in my proxy. Any idea about that ? Best Regards. -- *Kleber da Silva CarvalhoProfissional Certificado.* *CCNA R** | **CCNA

Re: [pfSense] Block Install/Update APPs [android / apple].

Block the "updatesites" for your guest and then try to update, see if it's works. -- *İbrahim UÇAR* Blogger | https://lifeoverlinux.com On Mon, Oct 30, 2017 at 4:46 PM, Kleber Carvalho wrote: > Hello, > > > I have a guest

Re: [pfSense] Block Install/Update APPs [android / apple].

This isnt a direct solution to your problem, however, Here is a list  of apple domains that you may find useful if you are building a blacklist.http://whitelists.squidblacklist.org/apple.domains I  believe there is significant demand to

Re: [pfSense] CARP Interface doese not sync

For CARP to work, Pfsense boxes should be on same version, you will have to upgrade 2.4.0 to 2.4.1 On Mon, Oct 30, 2017 at 3:33 PM, Daniel wrote: > Hi there, > > > > i run 2 Pfsense boxed which are connected directly on the Sync interface. > > Pf1 Version is 2.4.1 and pf2

Re: [pfSense] Block Install/Update APPs [android / apple].

Hello, We already have the "blk_BL_updatesites" option Denied, unfortunately it's not working for block apps. Thanks. On Mon, Oct 30, 2017 at 11:59 AM, Benjamin E. Nichols < webmas...@squidblacklist.org> wrote: > This isnt a direct solution to your problem, however, Here is a list

Re: [pfSense] ASRock E3C236D2I+Pentium G4560 vs SM A1SRi-C2758F

There are wide-spread reports of ASRock C2750D4I board failures in the FreeNAS forums. I've suffered from it. Not sure if that applies to the board you are considering. There are also wide-spread reports of issues with the Supermicro board you are considering. I have 4 of these in service for 3+

Re: [pfSense] CARP Interface doese not sync

A few thoughts... When upgrading pfSense recommends upgrading the backup router first. For the states to sync the interfaces have to have the same names, i.e. same NICs in both. An XML sync error is usually seen when saving changes on the primary router and it tries to connect to the backup.

Re: [pfSense] malformed packets

I saw your question but didn't see an answer... Have you considered Suricata or Snort to see if they can detect and block off the traffic? -- Steve Yates ITS, Inc. -Original Message- From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of mad.scientist.at.la...@tutanota.com

Re: [pfSense] malformed packets

> -Original Message- > From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of > mad.scientist.at.la...@tutanota.com > Sent: Monday, October 30, 2017 2:27 PM > To: pfSense Support and Discussion Mailing List > Subject: Re: [pfSense] malformed packets > > thank you for your'

Re: [pfSense] malformed packets

thank you for your' reply, i'll try your suggestions.  complete newbe to pfsense, but do know something about firewalls etc. and can basically use wireshark and understand it.  fortunately the problem has become much less severe.  Thank you. mad.scientist.at.large (a good madscientist) -- "The

[pfSense] Error notifications from pfSense 2.4.1

I updated to pfSense 2.4.1 on my SG-2440 a couple of days ago. I got the following notifications: pf_busy PF was wedged/busy and has been reset. @ 2017-10-29 07:25:52 Filter Reload There were error(s) loading the rules: pfctl: DIOCXCOMMIT: Device busy - The line in question reads

[pfSense] Squid in transparent mode and Squidguard external redirection

Dear, I'm using pfSense 2.4 with Squid in transparent mode, SSL enabled / Slice All, and Squidguard as HTTP/HTTPS filter. Everything is OK, except when I want web clients to be redirected to an external Apache web server with an error page...they don't get any error defined in the Apache server.