I've read a lot about how windows and linux are vulnerable, but not
much info regarding FreeBSD. Does anyone know how worried we should
be? Any comment on possible corrective measures being implemented by
the dev team?
-
To
On Fri, Oct 3, 2008 at 11:06 AM, BSD Wiz [EMAIL PROTECTED] wrote:
And how could the dev team implement a fix if we don't know the specifics of
the exploit? This will be something that the freebsd dev team will need to
fix and I'm sure they will asap.
So, I need to know everything you know or
On Fri, Oct 3, 2008 at 3:02 PM, Chris Buechler [EMAIL PROTECTED] wrote:
We had a discussion on it on our private developer list a couple days
ago, end result is there isn't anything we can do without knowing
more, and even at that nothing we can do until FreeBSD fixes it if it
is a problem.
On Mon, Sep 29, 2008 at 7:22 AM, Sean Cavanaugh
[EMAIL PROTECTED] wrote:
technically this can already can be done if you use the developers build.
or even 1.2.1 RC. i was pleasantly surprised to see IPv6 info from
the network status pages.
of course, this was after
On Mon, Sep 29, 2008 at 10:58 AM, Ryan Rodrigue [EMAIL PROTECTED] wrote:
Will PF sense work with a P4 using hypthreading? I know I can disable it in
the BIOS, but i was just wondering if I could use it. If I can, in the
install, should I tell it I have a single CPU or a multi CPU setup?
On Mon, Sep 29, 2008 at 12:03 PM, Rainer Duffner [EMAIL PROTECTED] wrote:
Hi,
my WRAP died and I finally managed to order an ALIX from PC-Engines.
But I think I can't find a backup of my config - can I just take the
config.xml from the old CF card and use the restore-option with that?
Or can
On Mon, Sep 29, 2008 at 11:15 AM, Ryan Rodrigue [EMAIL PROTECTED] wrote:
Thanks for the super quick reply. I thought as much, but just wanted to
confirm. Is there a limit to the number of processors it supports? Will a
dual zeon quad core (8 processors) work? i really don't have a need for
On Mon, Sep 29, 2008 at 2:08 PM, RB [EMAIL PROTECTED] wrote:
On Mon, Sep 29, 2008 at 10:03, Bill Marquette [EMAIL PROTECTED] wrote:
HyperThreading or not though - the FreeBSD SMP scheduler isn't exactly
optimized for HTT.
Did FBSD ever post a 'fix' for the HT cache vuln? I've been under the
On Fri, Sep 26, 2008 at 8:45 AM, lartc [EMAIL PROTECTED] wrote:
hi all,
i've got a small internet cafe on a lan behind pfsense (soekris net
4801). works great.
yesterday (not the first time) someone connected up their laptop, that
started spewing spam mail.
Just plain disallow direct to
On Thu, Sep 25, 2008 at 10:51 AM, RB [EMAIL PROTECTED] wrote:
Personally I don't like the idea of two separate firewalls, pfsense for IPv4
and whatever else for IPv6. But, sadly, this is what I am doing now.
Yet you still do not answer the question - what value is v6 providing
you now? Would
On Wed, Sep 24, 2008 at 11:03 AM, Matias Surdi [EMAIL PROTECTED]wrote:
Hi,
I'm experiencing random crashed with 1.2, sometimes happens when saving a
rule, other times when saving advanced settings.No reply from the pfSense
box, no ping replies.nothing.Completly dead.
I'll point at hardware
I've tried both UDP and TCP tunnels with the same result. The setup is
nothing special, just plain old SIP to an Asterisk box using G.711u codec.
Any ideas on what I can do to decrease the effect OpenVPN is having on the
traffic? All suggestions welcome and appreciated!
Is the CPU capable
Depending on bandwidth requirements, we may eventually use G.729 but we're
currently testing in our lab on a completely unloaded 100mbit network.
G.729 also handles higher latency well. But still, your latency is under
150, which shouldn't affect G.711u so much.
On Jul 11, 2008, at 5:22 AM, Paul Mansfield wrote:
Openvpn works perfectly for me on the n800; just be sure you have it
start up when you want it too, as it will start up by default.
I discovered this when I didn't realise it was running, and when I
was actually directly on the network
I just ordered up an N810 for myself, and was wondering if anyone had
success with the vpn solutions for it. There is a package for it
called VPNC (garage: VPNC Maemo Port: Project Info) which is described
as:
VPN client compatible with Cisco's EasyVPN equipment. Supports IPSec
(ESP)
On Jun 16, 2008, at 6:11 AM, Patrick M. Murray, M.F.A. wrote:
just crap. But my ALIX board has 2 miniPCI slots on it that I have
yet to mess with. I need something super powerful in regards to
range, speed, and multicast. And I know you can't throw 2 wireless
cards in there, so what can
On Jun 3, 2008, at 11:10 AM, Scott Ullrich wrote:
I manage too many firewalls with pfsense and i´d like to know if
there is a way to automate the backup of the configuration (the XML
config file)!!!
Yes, search the archives. I have given wget syntax in the past.
And when you find it,
On May 10, 2008, at 11:16 AM, Dean Larson wrote:
computer kept near perfect time before under different o/s. this
seems real strange.
A long long time ago, in a galaxy far far away, I had a box that ran
100% fine with linux under load. under FreeBSD and BSD/OS it would
lock up
On May 10, 2008, at 4:13 PM, Chris Buechler wrote:
3) ACPI issues - try disabling ACPI, sometimes it causes time
keeping issues.
You can also selectively disable the ACPI timer device without turning
ACPI off entirely. Add the following to your /boot/loader.conf file:
This one is precious:
quote
Description:
The remote host appears to be running a PPTP (VPN) service.
This service allows remote users to connect to the internal network
and gain a trusted user role. This service should be protected with a
strong encryption scheme like IPSEC. By default the
On Apr 29, 2008, at 2:46 PM, Adam Van Ornum wrote:
Does anyone have any ideas that don't include having multiple WAN
IPs? :) I only have one WAN IP and I'm having the same problem as
the original message poster. I can connect fine to World and
Regional games but can't connect to or host
On Apr 28, 2008, at 9:16 PM, Tom wrote:
I can connect to Worldwide and Regional events with Mario Kart, but
I can't connect to Friends.
Nintendo says they are different types of connections so connecting
to Worldwide and Regional events doesn't necessarily mean connecting
to Friends
On Apr 14, 2008, at 3:14 AM, Chris Buechler wrote:
1.2.1 will include some improvements in the upgrade process. Largely
to accommodate 1.2 to 1.3 full install upgrades, though it may help
embedded. We haven't had a chance to work with embedded much yet, not
sure if it's made any difference.
I
On Apr 9, 2008, at 12:38 PM, Paul Cockings wrote:
RULES : IPSEC : TCP SRC:192.168.8.0/24 * DST 192.168.101.0/24 * *
RULES : IPSEC : UDP SRC:192.168.8.0/24 * DST 192.168.101.0/24 * *
RULES : IPSEC : ICMP SRC:192.168.8.0/24 * DST 192.168.101.0/24 * *
For my IPSEC rules, I have just a single
On Apr 9, 2008, at 4:46 PM, Tim Nelson wrote:
pfSense/FreeBSD shows the interface names as hme0-3. I can only
assume hme stands for Happy Meal Ethernet
man hme on a freebsd 6.3 system tells me this:
NAME
hme -- Sun Microelectronics STP2002-STQ Ethernet interfaces
device driver
On Feb 28, 2008, at 4:07 AM, Christos Pelekis wrote:
Hi,
i have 2 pfsense installs (both have 1.2 release)
I have setup in aggressive mode a vpn channel and work fine.
But if i change this to main (only this change, all the remain
config is the same) then i have this errors:
What kind of
On Feb 22, 2008, at 5:02 AM, Paul M wrote:
Scott Ullrich wrote:
On 2/21/08, Paul M [EMAIL PROTECTED] wrote:
apparently since kernel 2.6.17 linux auto-tunes, so this advice is
a bit
out of date... in fact it might be really bad advice because usign
setsockopt and setting RCVBUF and SNDBUF
On Feb 6, 2008, at 3:03 PM, Trave Harmon wrote:
Now when I telnet the public IP that the 1st virtual is assigned, it
just sits there and times out. This is making it impossible to send
messages from domain to domain within the network.
configure your servers to bypass the default MX
On Feb 4, 2008, at 10:44 AM, Lance Cotton wrote:
Does phydiskwrite work to write the non-embedded image to a
Microdrive CF device?
there is no non-embedded image. It is an ISO file which makes a
bootable CD which can run live, or can install to a hard drive.
I upgraded from RC3 to RC4 last night using the snapshots. Embedded
platform on a WRAP.
I copied the tar file to /tmp then ran option 13 on the console.
After it asked me which kernel to install, it had a failure writing
some .txt to /boot/kernel directory with a complaint of read only file
On Jan 26, 2008, at 5:02 PM, Michael Richardson wrote:
I was once given a command (or series of commands really) that
fetched, unpacked, and installed (or coppied files anyway) that let
me do an update from 1.0.1 to 1.2 RC4, but I’ve misplaced it. Could
someone provide that again? As best
On Jan 26, 2008, at 10:32 AM, [EMAIL PROTECTED] wrote:
I am having trouble with this point and would appreciate a example
configurational file that will allow at least one of the ethernet
ports to grab an IP via DHCP, or just have a static IP...
something... anything. The basic problem is
On Jan 25, 2008, at 1:46 PM, Anil Garg wrote:
I have a machine with 1GB of Ram on which I wish to install pfsense
1.2rc4.
Does anyone know how to disable paging after installation since we
have much more memory than we need.
Essentially, is there a way to run pfsense entirely from ram.
On Jan 25, 2008, at 3:47 PM, Anil Garg wrote:
Ok. I will leave paging on. I just kind of think its silly that for
one user at home I still hear my hdd constantly make noise of read-
write... But then I am not technical enough to know what is causing
that..
login to your box (ssh [EMAIL
On Dec 17, 2007, at 7:49 PM, Chris Buechler wrote:
on my other (recently setup) BSD system, which is: FreeBSD 6.2-
RELEASE #0: Fri Jan 12 10:40:27 UTC 2007
I see in /usr/src/sys/dev/usb that uftdi.c and usbdevs contain a
definition for this device.
I'm not sure exactly what kernel change
On Dec 16, 2007, at 9:14 AM, Tim Korves wrote:
I'm facing problems while routing traffic trough an IPSec tunnel.
This is my configuration:
Branch 1 pfSense IPSec server (HQ) Branch 2
|
|
Branch 3
You need to set
Wow! I finally successfully did a firmware update on my embedded
platform which didn't require a reflash. I updated from 1.2-RC2 to
1.2-RC3 downloaded a few minutes ago. The process I used was:
upload tgz file to /tmp/firmware.tgz
select option 13, and used local file for upgrade
... sat
On Nov 29, 2007, at 12:14 PM, Scott Ullrich wrote:
The *only* thing not right, and this has been reported before but
never reproduced it seems, is that the /etc/ttys file was for the
full
version. Thus, there was no menu on the serial port console.
Copying
over the ttys_wrap file from
On Oct 30, 2007, at 4:31 PM, Jared B. Griffith wrote:
Is it possible to upgrade to RC2 on the Embedded platforms without
having to reflash the image?
upgrade from what version?
of late, I've had no end of trouble upgrading embedded without re-
flashing. i know that the rc2 can't
On Oct 31, 2007, at 12:26 PM, Jared B. Griffith wrote:
From version 1.0.1 to 1.2-RC2
i got a 1.0.1 embedded to upgrade once, but i think that was luck.
you're better off prepping a new CF card and swapping it out.
On Oct 29, 2007, at 11:37 AM, Eugen Leitl wrote:
I'm going to remove the CFs from my twin mini-ITXen, and substitute
them
I just replaced the CF adapter thingy from my mini-ITX box and
replaced it with one of these, so upgrade are trivial -- just swap CF
cards from the back of the box.
On Oct 17, 2007, at 4:16 PM, Ugo Bellavance wrote:
Are TCP packets automatically accepted by pfsense or should I open
TCP/53 at wide? I query DNS servers directly, I don't use my ISP's
DNS servers for many reasons, so I can't just open TCP/53 for these
DNS servers.
enable the DNS
On Oct 7, 2007, at 11:37 AM, Gabriel Green wrote:
I just got a new T1 from Sprint in the office. My other WAN
connections are SDSL and ADSL from ATT; at my remotes I have IPSEC
devices capable of running RIP as well. I was wondering if I even
need to run *any* routing protocols, and if
On Sep 22, 2007, at 7:05 AM, tester wrote:
min etc)
This was the command I typed from the shell:
echo shutdown -r now | at xx:yy
why not more simply shutdown -r xx:yy
shutdown has its own timing mechanism.
-
To
On Sep 13, 2007, at 5:11 AM, Jonathan GF wrote:
Bearing this in mind, will pfSense keep on providing images for WRAP
or will leave that arm?
pfSense's embedded image is not specific to the WRAP. i doubt that
just because you can't buy them that they won't keep working for many
years to
On Aug 29, 2007, at 6:20 AM, Tortise wrote:
we had a lot of problems with linux drivers and the intel giga nics
onboard our tyans; we turned off power management in the intel's
eeprom.
maybe the same problem affects freebsd?
I've not had any issues with Intel NICs across several dozen
On Aug 27, 2007, at 4:58 AM, Tortise wrote:
That restores the connection. (I initially did it on the LAN, but
reconnected the LAN and did the same with the WAN, as soon as
ifconfig XXX up was run it was up again.)
What does that tell us?
the NIC's don't like each other. replace one
On Aug 26, 2007, at 5:35 PM, David Strout wrote:
Try using the console upgrade method (option 13)
... I had the very issues w/ a Soekris box some
time ago and the console option was the only way I
could get that box to upgrade.
I alread tried it as noted in my original message... it also
On Aug 27, 2007, at 6:27 AM, Eugen Leitl wrote:
We definitely need to get away from fixed partition size on the
embedded. A way to grow the filesystem would seem to be required,
or at least images which can handle larger flash cards (1 GByte CF
is a dime a dozen these days). It's too bad
On Aug 27, 2007, at 2:51 AM, Eugen Leitl wrote:
Try switching from https to http. There seems a bug which prevents
firmware upgrades via https.
on my home lan, I don't have https enabled for management. i doubt
my wife will be snooping on it :-)
thanks for the suggestion.
On Aug 26, 2007, at 4:37 PM, David Strout wrote:
wondering if you can edit the
/var/dhcpd/etc/dhcpd.conf
file directly to delete these 40 entries in
bulk
I'd download the config file via the web interface for the DHCP
component, edit that, then upload it back. I wouldn't trust editing
I don't know if my fingers are emitting some radiation that makes it
fail, but the last three upgrades I've attempted have all ended in
disaster, requiring a re-flash and restore on my WRAP boxes.
My prior upgrade brought my personal firewall up to the July 29
snapshot. This was an
On Aug 23, 2007, at 3:15 PM, Tortise wrote:
Why would rebooting pfsense fix that? Perhaps cause the modem to
re-negotiate its connection? Cause the ISP end to wake up?
what if you just force pfsense to bring down and back up your WAN port?
ifconfig XXX down; ifconfig XXX up
where XXX
On Aug 21, 2007, at 7:31 AM, Tortise wrote:
I am running wireshark - however the connection has yet to
misbehave whilst doing so. (Now I know why I kept those old 100M
hubs!)
Well, perhaps your switch and your NIC don't agree with each other?
I've had that problem before...
On Aug 15, 2007, at 8:15 AM, RB wrote:
That said, if you really want to try it you could always go for a
Soekris 1401 - relatively cheap ($73 apiece for two). They're about
the cheapest crypto acceleration cards I've seen that were worth
trying. Then again, unless you're doing bulk crypto
On Aug 10, 2007, at 11:29 AM, jamona perez wrote:
Also, there was a long thread about pfsense on PE 860, how did the
test finally came up ?
and finally which version would be best (was planning to get 1.2RC1)
I've not run pfSense on my 860's but freebsd 6.1 runs just
wonderfully. we
On Jul 20, 2007, at 3:23 PM, Tortise wrote:
Yes they are already on a LAN with a switch. I didn't realise
TCPDump could be run from another machine other than the one being
dumped from. From what you suggest it can. I'll study it up and
see if I can get it to! (Unless someone here knows
On Jul 23, 2007, at 9:04 PM, Anil garg wrote:
Thanks a ton for taking a moment to respond. I am just not the HDD
guy. I feel besides being silent, flash will perhaps save some
energy too but I am not that sure.
why not just boot from CD and use a USB stick to save the config?
On Jul 19, 2007, at 7:41 PM, Tortise wrote:
1) LAN and WAN traffic dumps to a Centos HDD on the LAN, in an
attempt to catch the traffic that may be causing pf Sense to
intermittently hang and require rebooting.
connect both systems to a hub and run tcpdump on the other machine
logging
On Jul 16, 2007, at 10:30 AM, Lee J. Imber wrote:
Any ideas on how I can reset the webadmin passwd from the command
line?
when you ssh in, the menu has an option 3. select that and follow
the prompts. don't expect the shell's passwd command to update the
webgui password.
On Jul 10, 2007, at 9:47 AM, The Wells Family wrote:
According to what I have read, setting up a NAT rule to forward the
ftp port (21) from the WAN to the internal server and then letting
pfsense create the firewall rules (it created two) and then turning
on the ftp helper (un-checking it
On Jun 28, 2007, at 1:49 PM, Ugo Bellavance wrote:
About SMS, how would you send it?
We usually send an email as per our cell phone service provider's
instructions. In my case [EMAIL PROTECTED]
-
To unsubscribe,
On Jun 29, 2007, at 8:53 AM, [EMAIL PROTECTED]
[EMAIL PROTECTED] wrote:
I'll second this. I tested last week on an 860 just prior to ordering
two more. Everything came up nice and clean. While I can't speak to
what
it will do under load, it does at least install and not fall over on
I
On Jun 28, 2007, at 8:03 AM, Ugo Bellavance wrote:
2- Use a script, using amrstat. But I'd need a direct ssh access
and from what I've seen, when I login using ssh, there is a menu
before having shell access. Could I create another user that
wouldn't have a menu?
write a script that
On Jun 17, 2007, at 4:15 PM, Bill Marquette wrote:
Good...I guess :-/ that patch is eliminated then. So we're down to 6
days, the 5th - 11th of June. I'll keep digging, there was a change
on the 9th that looked somewhat suspicious to me earlier.
Sorry for jumping in late... catching up on
On May 14, 2007, at 11:55 PM, Adam Van Ornum wrote:
After monkeying with things for a while this evening I was finally
able to get things working by unchecking the Block private
networks and Block bogon networks boxes on the WAN settings.
After rechecking those checkboxes it is still
Last week I upgraded from a 1.0.1 snapshot release (embedded) to
1.2beta1 5/9/2007 snapshot using the rc.firmware script. The upgrade
installed nicely and everything seemed to work well (aside from
having to manually fix gettytab and put the ttys_wrap file in place
of ttys).
However,
On May 12, 2007, at 4:38 PM, Adam Van Ornum wrote:
I'm running pfSense as my home firewall and I'm having problems
connecting to my company VPN from my computers at home behind
pfSense. The company VPN product is a SonicWall box and I'm using
the SonicWall VPN Client software. Anyone
On May 7, 2007, at 5:50 PM, Tim Nelson wrote:
That tutorial is aimed at a site to site link although I used it as
a basis to configure my pfSense box...
The configuration on the pfsense server is identical for site-to-
site with non-fixed endpoint of remote, and for site-to-pc with a non-
On Apr 21, 2007, at 3:27 PM, Mike Lee wrote:
I recently discovered that when my internet pipe (either upload
or download (2Mb-down/1Mb-Up)) is saturated with traffic, the ping
time to my remote site pfSense boxes is really high (sometimes
800-1000ms). My office uses pfSense (full)
On Mar 6, 2007, at 3:12 AM, Christian Krützfeldt wrote:
Strange thing is, Monowall has no problem with it.
FreeBSD 4's drivers for NICs are wy different the bge driver
in 6.x seems to have more timing issues, but then it supports way
more chipsets.
smime.p7s
Description:
On Mar 5, 2007, at 11:05 AM, Dan Farrell wrote:
Possible tangent (apologies)- I haven't tried any BSD variants on
the current Dell PowerEdge series, but I have tried Fedora, CentOS,
and Suse, and had problems with the built-in NIC on all of them.
Are you using this built-in NIC in your
On Mar 1, 2007, at 11:03 PM, stephan peterson wrote:
Vivek,
Here are my results:
# date -r 1175386460 ; date -r 1175486460
Sat Mar 31 19:14:20 CDT 2007
Sun Apr 1 23:01:00 CDT 2007
If it said CST on the first line, you'd have a problem :-)
smime.p7s
Description:
On Feb 28, 2007, at 11:44 PM, stephan peterson wrote:
What can I do to make sure the new zoneinfo file(s) are being used?
I'm not sure from LJ's message what to look for.
in the USA, run this command line:
date -r 1175386460 ; date -r 1175486460
you should get something like this on a
On Feb 23, 2007, at 4:33 PM, Scott Ullrich wrote:
If you are in doubt, update to this months snapshot which is based on
6.2 and definitely has support for congresses half-brained decision.
When you upgrade an existing system, you still need to ensure /etc/
localtime is updated by setting
On Feb 20, 2007, at 11:20 AM, Tim Dickson wrote:
Unless I’ve missed an update along the way… 64bit is not supported.
unless the system in question is an Itanium, the 64-bitness of the
normal intel systems (Pentium + EM64T, or amd64) are 32-bit back
compatible and will boot and run a
On Feb 9, 2007, at 8:17 AM, Andrew Kemp wrote:
I've been experiencing an issue where my connection via PPTP drops
unexpectedly. The connection can't seem to stay connected for more
than
one of my engineers cannot stay connected to PPTP for more than a few
minutes at a time. his home
On Feb 9, 2007, at 10:26 AM, Vivek Khera wrote:
one of my engineers cannot stay connected to PPTP for more than a
few minutes at a time. his home connection is a consumer-level
verizon DSL line. IPSec is actively blocked by verizon DSL, it
seems. customer support tells him to upgrade
On Jan 3, 2007, at 8:57 PM, nix4me wrote:
I have pfsense setup and i have a ftp server on 192.168.1.102. I
set up NAT inbound for the ftp port (2121) and also the passive
ports (4-40100) to go to 192.168.1.102. I let the firewall
rules autogenerate.
On Dec 5, 2006, at 4:08 PM, Holger Bauer wrote:
That's the feature that pfSense doesn't have (yet):
Authoritative DNS Inbound Load Balance
* A built-in authoritative DNS server supports MX, NS, A,
CNAME, and
TXT records. (Screenshot...)
* DNS resolution balances inbound requests
On Dec 4, 2006, at 8:48 AM, Christian Krützfeldt wrote:
First part of the boot is fine, then the option is displayed 0
Default, 1 ... And shortly after that. It happens:
Fatal trap 19: non-maskable interrupt while in kernel mode
Have you run Dell diagnostics on it? I run pfSense on an
is not
responding?
Something like this:
colo -- +-- office IP-1 --+
| |--- load balancer -- pfSense
(sees IP1)
+-- office IP-2 --+
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D
$280 !!!) and finding smaller cards is non-trivial at
this point, but I think the docs should be made consistent and accurate.
Thanks!
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: khera@kciLink.com
On Sep 9, 2006, at 3:47 PM, Robert Carr wrote:
I realize pfsense isn't SMP-capable, but would it run
on a core-duo (or core-solo processor)? Or are these
processors totally unsupported for now?
pfSense surely is SMP capable... it definitely recognizes a P4 with
hyperthreading and runs in
On Jul 20, 2006, at 1:56 PM, Bill Marquette wrote:
I've never seen this on my full installs either (although admittedly
lately my only full installs run HEAD). Firmware upgrades reboot the
machine on completion and config.xml is read on boot, I can't see any
reason for rules to not load on
On Jul 6, 2006, at 2:23 PM, Jeremy Rempel wrote: Is there a feature or add-on module that can recognize and protect our site from aggressive attacks? I'd like to see something like this too. I'm not clueful enough to build it myself. I've seen DOS "lockouts" on other firewalls, particularly the
On Jun 27, 2006, at 5:22 AM, Lee Hetherington wrote:
Im tempted to buy 2x Poweredge 850's with SATA, are their any known
issues installing onto this, im not sure if SATA on these is
supported under FreeBSD...
so driving 200 miles is cheaper for you than buying a $150 UPS?!?!?
man, you
On Jun 21, 2006, at 12:08 PM, Steve Harman wrote:Sorry to bother the list again – Martin; are you able to post the model number of the Intel multiport NICs you’re using please? Just to improve my chances of success.get the Intel *server* NICs. These are awesome. I've had dual-port ones (no idea
On May 30, 2006, at 12:35 PM, [EMAIL PROTECTED]
[EMAIL PROTECTED] wrote:
Server is a Dell 1850 1u, 2GB RAM, 2x146GB scsi in mirror off Perc 4
card, single 3GHz proc. No bios options nor boot time options off
the CD
appear to have any effect of import.
FWIW, I have pretty much the
On May 10, 2006, at 1:48 PM, Paul Haddad wrote:
2k+ connections and 15Mbps down at the same time.
these boxes have been clocked at 30Mbps and have 128MB of RAM, so
should be able to handle that many connection states.
smime.p7s
Description: S/MIME cryptographic signature
On May 10, 2006, at 4:26 PM, Brian Neufeld wrote:
Does the serial port console functionality of pfSense work on the
standard PC platform or is this an embedded platform only (i.e.
wrap/soekris) feature? I tried with a null modem cable and
couldn't get
it to work...
did you enable the
On May 10, 2006, at 4:56 PM, Brian Neufeld wrote:
Sorry I was not more clear... What I wanted to know is if it is even
possible on the PC platform? I don't want to bang my head against a
wall trying to get something to work that never will...
yes it is. did you do what I stated
I have three offices connected via combinations of pfsense and
m0n0wall. These all do their IPsec tunnels flawlessly and I've never
had any errors or problems with those. I can copy files all day long
without fail.
However things go south when I hook up my powerbook running OS X 10.4
On Apr 13, 2006, at 9:59 AM, Guilherme Oliveira wrote:
Well, I'll do it but I don't know how can pfSense be used in corporate
environments if it can't do RAID. And I don't know a better place of a
firewall other than a corporation.
Hardware RAID is your friend. If you're corporate the cost
On Apr 13, 2006, at 10:33 AM, Guilherme Oliveira wrote:
I think this is a major problem for companies that want a reliable
firewall and is my opinion that pfSense must have gmirror or vinum in
their core. Even if is by a package.
setting up gmirror is not trivial, especially with a simple
On Apr 5, 2006, at 8:35 PM, Scott Ullrich wrote:
Not really. It almost sounds like RELENG_6 is not in sync with
RELENG_6_0 but my understanding is that RELENG_6_0 is the FreeBSD 6
release tree so thats what we really need to track.
RELENG_6_0 is only gonna get you security fixes over
On Apr 5, 2006, at 4:01 PM, Randy B wrote:
OpenNTP's only redeeming factors ATM seem to be it's size and
simplicity; I'm not an NTP hero either, but in my short experiments
today, I find it only good enough as far as time quality. You can't
One of the most important things in forensic
On Apr 3, 2006, at 12:34 PM, Scott Ullrich wrote:
Sam suggestede adding kern.rdntest.verbose=0 to /etc/sysctl.conf.
I've added it to our file so it should show up on the next snapshot.
It just seems curious to me that the FreeBSD driver for hifn would be
testing randomness of the chip's
On Apr 3, 2006, at 10:54 AM, Eric W. Bates wrote:
hifn0: rndtest: zeros interval 4 failed (243, 251-373)
hifn0: rndtest: zeros interval 3 failed (717, 542-708)
This started on Pfsense 0.92 and persists after upgrading to BETA-2. I
had no luck with Google. Can anyone enlighten me?
I see
On Mar 2, 2006, at 2:12 PM, Derrick MacPherson wrote:
Like I said, works fine on the LAN interface, not the DMZ interface.
Perhaps there's something else in the pfsense config i'm missing.
do I have to set a 1:1 NAT for the machines in my non-routable DMZ?
with snapshot 02-20-06 I have
1 - 100 of 130 matches
Mail list logo
