Are you resetting the modem after moving the laptop? Most cable
modems are locked to a single MAC address on the ethernet side and
will only allow the first device seen after power on. Outside of
that, I can only see us caching if you are using the squid proxy
package.
--Bill
On Nov 19, 2007
Try 1.2RC3.
--Bill
On Nov 23, 2007 2:41 AM, Vinton McClure [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello,
I installed pFSense 1.0.1 this afternoon, and the Intel GigE adapters
are not recognized on my motherboard. The motherboard is a Supermicro
X7DBE -
You might look at the code a little closer. It happens on the first
day of the month at 2:01am. In fall the worst that would happen if it
happens to fall on the same day is the code will run twice. In
spring, we could potentially miss the run _if_ the time zone change
occurs on the first.
So what's the melp.com in your network settings?
--Bill
On Nov 27, 2007 7:29 PM, Raleigh Guevarra [EMAIL PROTECTED] wrote:
Hi,
I need your help on how to fix it coz I still can't get resolve the local
IPs
When I ping the server, gateway.elp.com locally this what it returned
Yes. You'll need to create a subnet alias - say dynamicip and
populate it with the addresses (you can use cidr blocks here to reduce
the number of entries you need in the alias) that are dynamic, then
create a rule that uses the alias as the source address.
--Bill
On Nov 29, 2007 4:53 PM,
..
192.168.99.199/32
(or some variant of this if I get fancier with the subnet mask)
Am I understanding correctly?
Dimitri Rodis
Integrita Systems LLC
-Original Message-
From: Bill Marquette [mailto:[EMAIL PROTECTED]
Sent: Thursday, November 29, 2007 3:14 PM
To: support
On Nov 30, 2007 3:14 AM, Linus Nordberg [EMAIL PROTECTED] wrote:
Hi,
How are security issues in upstream software like the FreeBSD kernel
handled by the pfSense project? In the particular case of
If we determine there is a security issue in upstream software that
impacts pfSense we'll roll a
On Dec 11, 2007 2:43 PM, Russ Bennett [EMAIL PROTECTED] wrote:
Hello,
I've setup a 1:1 nat and entered in the rules. Nothing was getting
through so I looked at the log and I can see the rule getting hit
properly except within the log I get the following message
You are probably seeing
On Dec 12, 2007 3:40 PM, Tim Nelson [EMAIL PROTECTED] wrote:
Does pfSense (any version) support any of Intel's quad port gigabit cards for
PCI-E? I'm looking specifically at the PRO/1000PT that uses the 82571GB
chipset. The FreeBSD HCL lists this controller but I was hoping to see if
anyone
On Dec 26, 2007 12:13 PM, James Kusler [EMAIL PROTECTED] wrote:
It gave the choices 'CARP', 'Web Proxy', and 'Other'. So if that has
changed in the newer version that may help.
If it truly says Web Proxy, you didn't get an official release from
us! It should read, CARP, Proxy ARP, and Other.
On Dec 26, 2007 1:30 PM, James Kusler [EMAIL PROTECTED] wrote:
Or I can bridge the modem and connect using the firewall on PPPoE.
With PPPoE and pfSense terminating the connection, 'other' is the
option you want for virtual IPs.
--Bill
Your reply traffic from 192.168.12.0/24 is bypassing the pfsense box
and returning directly to your PC. This breaks stateful inspection.
You are better off moving 192.168.12.0 behind the pfsense box on
another nic, or adding a static route on your PC tht points
192.168.12.0 at the same place you
On Jan 16, 2008 8:04 PM, Richard Sperry [EMAIL PROTECTED] wrote:
Does anyone know if 802.11x is enabled on the WAN? I have really slow
speeds on comcrap, and I know this is an issue if your running windows.
Not that I'm aware of and I've never had issues with either of my
current Comcast wans
On Jan 16, 2008 10:06 PM, Curtis LaMasters [EMAIL PROTECTED] wrote:
I guess I'm failing to put this together802.11x is a wireless standard
that has not yet been defined...and 802.1x is network access control...does
Comcast require this?
Good point...I kinda assumed the 1x was meant and not
On Jan 18, 2008 4:06 AM, Paul M [EMAIL PROTECTED] wrote:
Curtis LaMasters wrote:
I have a client that that has an application server being installed very
soon that will require them to send and email to a server that is on the
can't you use a different DNS server (or use views -
We're a first match system. Make sure your ACL allowing access to the
DMZ is in front of the load balancer rule.
--Bill
On Jan 18, 2008 6:04 AM, David Barbero [EMAIL PROTECTED] wrote:
Hello everyone.
I have a question regarding the load balancer system, the ip monitor
has to be the router
On Jan 18, 2008 9:02 AM, Curtis LaMasters [EMAIL PROTECTED] wrote:
I'm doing a 1:1 NAT for each of these servers; they are on the same VLAN if
that matters. But it doesn't seem to matter weather or not NAT reflection
is enabled.
The 1:1 NAT will do it, I assumed it was a port forward. It's
Huh? Consider me annoyed, what the hell is this referring to? It
certainly isn't the return receipt crap.
--Bill
On Jan 22, 2008 3:30 AM, Richard Sperry [EMAIL PROTECTED] wrote:
This is just a message to annoy everyone stating that I did learn to read,
and don't need to have a nanny telling
On Jan 23, 2008 9:47 PM, Richard Sperry [EMAIL PROTECTED] wrote:
Your NIC must support VLAN tagging. I'm sure the dev's would love to take
your money, any open source project could use support (although I don't
think this is GPL or other, I thinks it is directly under Scott Ulrich) .
BSD
On Jan 25, 2008 2:47 PM, Anil Garg [EMAIL PROTECTED] wrote:
Ok. I will leave paging on. I just kind of think its silly that for one
user at home I still hear my hdd constantly make noise of read-write... But
then I am not technical enough to know what is causing that..
I'm reasonably
FWIW, this method of install does work with 1.2RC4 as I just did it in
VMWare Server 1.0.4 on a 64bit Ubuntu host. Install was to a Sandisk
Extreme III 2G card that I no longer have any use for (too small for
my camera) via generic (slow) pile of crap USB - CF card reader (not
sure where my good
If editing on the box, rm /tmp/config.cache to make sure you load up a
pristine copy of config.xml
--Bill
On Jan 28, 2008 9:40 PM, Michael Richardson [EMAIL PROTECTED] wrote:
On 1.2 RC4 :(
Really no other ideas but to reset? I have sooo much config time in this box
that might make me cry.
None known. I used to run pfflowd on OpenBSD for quite some time in
high throughput environments. It's worth noting that it only sends
events from the master box in the cluster.
--Bill
On Jan 29, 2008 7:16 AM, Angelo Turetta [EMAIL PROTECTED] wrote:
The description says that pfflowd uses the
On Feb 11, 2008 9:25 AM, Holger Goetz [EMAIL PROTECTED] wrote:
Hi Anders,
This is no recommendation, just a FYI, but:
Did you come across this website: http://www.myus.com/ - i never tried, but
it might be a way. I know there are US based mail order companies willing to
ship to such a
On Feb 7, 2008 12:03 PM, Chris Buechler [EMAIL PROTECTED] wrote:
You can accommodate for switch failure with CARP. Plug one firewall into
one switch and the other into another.
FWIW, I do exactly this at work. A machine in each datacenter (a few
miles apart), connected to switches in their own
I'm not sure what you are asking here so I'll give a couple possible answers.
a. I've used pfSense to connect to Nortel Contivities using branch
office tunnels - took longer to setup on the Nortel side than the
pfSense side.
b. Not sure if the Contivity client software could use pfSense as a
On Sat, Mar 22, 2008 at 7:22 PM, Eric Baenen [EMAIL PROTECTED] wrote:
The VPN connections from each lab to the core are OpenVPN, UDP, shared key,
AES 128bit (for now), LZO compression enabled.
SNIP
As I said before - all is working fine - except: when doing rsync's over
ssh/scp from the lab
On Thu, Mar 27, 2008 at 9:44 AM, Paul M [EMAIL PROTECTED] wrote:
Eric Baenen wrote:
Using scp -c blowfish definitely improved things - went from 60Mbps
transfer to 70Mbps and cpu load on the pfSense firewalls varied from 50%
to 70%.
interesting, I tried this across our lanex and got
On Tue, Apr 1, 2008 at 9:44 AM, Anil Garg [EMAIL PROTECTED] wrote:
However most examples are for WAN side traffic and for keeping internet
alive. I will keep trying to find something that shows how servers can be
balanced.
If balancing is what you need, then use the load balancer built into
On Sun, Apr 6, 2008 at 10:17 PM, Jared B. Griffith
[EMAIL PROTECTED] wrote:
That's what we have already, which I would really prefer to not do this as
it's more machines to maintain and more possiblities of something going
wrong.
I don't know why it's not part of it already since I know that
Sun engineers have a McDonalds down the hall.
http://blogs.sun.com/mikebelch/entry/ethernet_interfaces_what_s_in
--Bill
On Wed, Apr 9, 2008 at 3:46 PM, Tim Nelson [EMAIL PROTECTED] wrote:
I'll have to check a few of my systems when I arrive home to double check
the part number. The chipsets
On Wed, Apr 9, 2008 at 6:36 PM, Andy Dills [EMAIL PROTECTED] wrote:
On Wed, 9 Apr 2008, Chris Buechler wrote:
Andy Dills wrote:
Good news, it appears my assumption was correct. There exists a flaw in
the realtek chipset (as quoted earlier in the thread), and it appears
that a
On Thu, Apr 17, 2008 at 9:00 PM, Chris Buechler [EMAIL PROTECTED] wrote:
On Thu, Apr 17, 2008 at 8:50 PM, Dimitri Rodis
[EMAIL PROTECTED] wrote:
One last thing:
Is there currently any way to *not* assign an IP directly to the WAN
interface in a CARP config?
No, not at this
On Wed, Apr 23, 2008 at 9:27 AM, Gary Buckmaster
[EMAIL PROTECTED] wrote:
For public-facing services like email or web service, create a policy route
to ensure that all traffic for those services from those services egresses
your network on the Interface listed by your DNS response.
pfSense
On Wed, Apr 23, 2008 at 6:31 PM, Tortise [EMAIL PROTECTED] wrote:
Hi
I have been testing NAT with UDP and a port range of 10001 - 16383. This
is on 1.2 final, embedded on i386.
You might want to disable NAT reflection (System-Advanced if my
memory serves) if you need to redirect that
On Wed, Apr 23, 2008 at 7:15 PM, Tortise [EMAIL PROTECTED] wrote:
As always thank you again Bill
Now I think the penny has dropped and I now understand that message Not
installing nat reflection rules for a port range 500
duh, yeah :) So yeah, the reflection rules aren't enabled for large
On Thu, Apr 24, 2008 at 4:22 AM, Martin Kruse Jensen [EMAIL PROTECTED] wrote:
The /tmp/rules.debug can be found at http://pastebin.com/m39a0c097
Before getting /tmp/rules.debug i did the following:
- Created failover gateway in Services - Load-balancer (loadbalancetowan)
- Set the default
we aren't installing the reply-to logic on WAN for
some reason (probably cause nobody had a setup where machines on wan2
tried to connect to services on wan). Can you file a bug on
cvstrac.pfsense.com for this, please? Thanks
--Bill
Martin
Bill Marquette skrev:
On Thu, Apr 24, 2008
On Wed, Apr 30, 2008 at 12:30 AM, Martin Kruse Jensen [EMAIL PROTECTED] wrote:
I created Ticket #1706 regarding the load-balancing issue. Does anyone have
an estimate of how long time before bugs are fixed? Could I do a workarround
meanwhile?
Thanks for filing the ticket. I just got back
On Mon, May 12, 2008 at 4:23 AM, Tortise [EMAIL PROTECTED] wrote:
The above issue (and the earlier pfSense hanging...) have not recurred
since the upgrade.
Good to hear, thanks for the update.
I was not aware of a particular fix that might have addressed this, however
looking around it is
On Thu, May 15, 2008 at 11:05 AM, Ron Lemon [EMAIL PROTECTED] wrote:
I would like to take a reasonable machine and run some virtualization
software on it so that I can run both pfSense and a copy of a standard
workstation image so I can use it for remote testing. The workstation image
will
On Tue, May 6, 2008 at 5:30 PM, David Rees [EMAIL PROTECTED] wrote:
OK, attached is a patch to /etc/config.inc that makes sure that the
config.xml and config.cache is updated atomically. The patch adds a
function function write_safe_file with 3 arguments: $file, $content,
$force_binary.
On Tue, Jun 17, 2008 at 4:34 AM, Matias Surdi [EMAIL PROTECTED] wrote:
In our current firewall (using iptables) we have a set of rules that makes a
DNAT redirectin ALL outgoing udp port 53 (DNS) traffic to an internet DNS
server, so that everybody is forces to use it.
Is it possible to
On Tue, Jun 17, 2008 at 10:34 AM, Patrick M. Murray, M.F.A.
[EMAIL PROTECTED] wrote:
I'm going to run the CF card and see how long it lasts :) they are cheaper
each day - wouldn't be a big loss and i can always yank the card and back it
up anytime.
It's not great uptime yet and I'm not
On Tue, Jun 17, 2008 at 2:54 PM, Patrick M. Murray, M.F.A.
[EMAIL PROTECTED] wrote:
is there any noticeable speed increase or decrease?
Over an hdd given the box it's on, it boots WAY faster. I'm using a
2GB Sandisk Extreme II card, so it's pretty blazing fast for pfSense.
For normal
On Tue, Jun 24, 2008 at 8:39 AM, Angelo Turetta
[EMAIL PROTECTED] wrote:
I know there's a huge overhaul of the build system ongoing, I just wanted to
be sure the obvious didn't go unnoticed. From
http://snapshots.pfsense.com/FreeBSD6/RELENG_1_2/old/?C=M;O=A
pfSense-20080524-1842.iso.gz
On Tue, Jun 24, 2008 at 2:46 PM, Scott Ullrich [EMAIL PROTECTED] wrote:
On Tue, Jun 24, 2008 at 9:54 AM, Bill Marquette
There was a number of items in CVS (binaries) that have been nuked.
Instead of just pointing out that the sizes are smaller, what is wrong
with the latest snaps
Two things...try your build again, you might have gotten tripped up
during an upstream FreeBSD commit. Second, check the kernel make flag
(MAKEJ_KERNEL) and lower it. I think we default to 4, it's been known
to cause (us) issues during kernel build, you might try -j1 or -j2.
--Bill
On Wed, Jun
On Thu, Jun 26, 2008 at 3:43 AM, Hiren Joshi [EMAIL PROTECTED] wrote:
After a bit of investigation, our ISP has admitted to a routing problem
with their switch. Thanks for the suggestions, it looks like pfsense was
doing the correct thing!
I do a have a slightly related question: does the RDD
I'm not sure how up to date that document is (and it looks like we
have a couple of 'build' docs on the wiki). This one
http://devwiki.pfsense.org/DevelopersBootStrapAndDevIso has been gone
through a number of times by myself and had various fixes applied to
it. You might try it out.
--Bill
On
On Tue, Jul 1, 2008 at 4:02 AM, Ahmed Abdallah [EMAIL PROTECTED] wrote:
Is there no way of building pfSense now ? I need to do that urgently, so plz
if anyone knows how to build it in this state advice me ?
Did you bother to try the document I pointed you at?
--Bill
I'm guessing this is more likely a bad regexp, looking at the fact
that all block rules listed are @2.* - it may or may not be related
to shaper changes, if so, it's likely that it's a trigger for the bug,
not the cause of the bug.
--Bill
On Mon, Jul 7, 2008 at 12:47 AM, sai [EMAIL PROTECTED]
On Tue, Jul 8, 2008 at 1:55 PM, RB [EMAIL PROTECTED] wrote:
Does pfSense offer an alternative to the Juniper SSL VPN solutions ?
rant
snip parts that I'm not interested in arguing :)
Furthermore, the clientless VPN solutions reduce the operator's
control over the endpoints, degrading the
On Tue, Jul 8, 2008 at 6:06 PM, Chris Buechler [EMAIL PROTECTED] wrote:
On 7/8/08, Bill Marquette [EMAIL PROTECTED] wrote:
With OpenVPN, you only have control of the client at time of install.
With the clientless solutions from Juniper, F5, et al, they usually
have the ability to check
On Wed, Jul 9, 2008 at 2:54 AM, Ahmed Abdallah [EMAIL PROTECTED] wrote:
I'm trying to get the HEAD version of pfSense, so I added the HEAD to
PFSENSETAG in pfsense_local.sh. It worked but the resulting iso did not
contain php and the initialization scripts failed to start.
We killed HEAD, it
On Sun, Jul 13, 2008 at 2:40 PM, Boddin Gregory [EMAIL PROTECTED] wrote:
snip
2. I setuped a virtual server with IP 10.85.9.40 (and also tried the
snip
# /sbin/pfctl -a slb -s nat
rdr inet proto tcp from any to 10.85.9.254 port = isi-gl - {
10.85.10.244, 10.85.10.245 } port 80 round-robin
On Mon, Jul 21, 2008 at 3:39 PM, Chris Buechler [EMAIL PROTECTED] wrote:
On Mon, Jul 21, 2008 at 4:10 PM, Beat Siegenthaler
[EMAIL PROTECTED] wrote:
Chris Buechler wrote:
No, pf has randomized source ports on all NATed TCP and UDP traffic for 8
years. I was surprised to find out that's the
On Mon, Jul 21, 2008 at 5:54 PM, Beat Siegenthaler
[EMAIL PROTECTED] wrote:
done a dump on pfSense at the dmz-side. It looks that the source ports from
BIND are very good in random. But at the wan-side, the ports are just
ascending more or less. What about the mentioned UDP timeout?
Shouldn't
On Tue, Jul 22, 2008 at 1:02 AM, Beat Siegenthaler
[EMAIL PROTECTED] wrote:
Chris Buechler wrote:
How is your outbound NAT configured? Even static port won't rewrite
the source ports to something incremental, it just retains whatever
the source port is.
Automatic outbound NAT rule
On Tue, Jul 22, 2008 at 1:17 AM, Beat Siegenthaler
[EMAIL PROTECTED] wrote:
Beat Siegenthaler wrote:
Upps, stop the press...
I apologize for the hype. No cause for alarm.
Packet Dump at the pfSense WAN side shows a excellent entropy.
I did not realize that there is another DSL natting
On Mon, Jul 28, 2008 at 7:19 AM, DLStrout [EMAIL PROTECTED] wrote:
I have been tinkering w/ the Shrew Soft VPN client and was wondering if
there is anyway (maybe I'm missing it) to setup IPsec clients to be dhcp
over IPsec or IKE config pull/push clients? I see in the Shrew docs that
this
On Mon, Jul 28, 2008 at 9:42 AM, DLStrout [EMAIL PROTECTED] wrote:
Though this is a great idea (to test on 1.3) I/we aren't ready to put a 1.3
alpha2x box into production at this site, and have had several scaving
emails this morning at the suggestion from me to do so (ah ha ha, -- go
figure).
I think you ran into something we just noticed ourselves yesterday.
--Bill
On Mon, Jul 28, 2008 at 5:40 PM, DLStrout [EMAIL PROTECTED] wrote:
et al,
So I was inspired to dig into the newest Alpha2X 1.3 today and fired up the
VM and was pleasantly greeted w/ an XML error:
XML error: no
Nope, at this point, nothing necessary. Thanks
On Tue, Jul 29, 2008 at 8:09 PM, DLStrout [EMAIL PROTECTED] wrote:
I see loads of errors when trying to configure interfaces/addresses. I can
fire it up here in a bit and give you more details unless you've pinpointed
the issue and need nothing
On Wed, Jul 30, 2008 at 8:29 PM, Chris Buechler [EMAIL PROTECTED] wrote:
On Wed, Jul 30, 2008 at 7:30 PM, Ted Crow [EMAIL PROTECTED] wrote:
what I can see.
- the DMZ speed is 40-60Mbps to the Internet and 50-60Mbps to the LAN.
How are you testing? I've pushed more than that through a 500
Here's a suggestion somewhat out of left field. What about MTU? Any
chance the provider changed it on you? A machine right on the edge
would handle fragmentation somewhat more gracefully than a firewall
that might decide to drop certain inappropriately fragmented frames.
This would also cause
On Sat, Aug 2, 2008 at 5:28 AM, Tortise [EMAIL PROTECTED] wrote:
Hi
When I run a connection thru pfSense (1.2 CF) almost immediately following
successful connection WinSCP loses the connection with an Server
unexpectedly closed network connection error message. Happens with client
LAN side
On Sat, Aug 2, 2008 at 5:07 PM, Tortise [EMAIL PROTECTED] wrote:
Thanks Bill
WAN side for me meant a Path of:
Client WinSCP (WAN side) = Internet = pfSense / NAT = LAN Server
LAN side was indirect, however to me should still work and has done in the
past
Client WinSCP on LAN directed
On Thu, Aug 14, 2008 at 6:11 PM, RB [EMAIL PROTECTED] wrote:
Two suggestions: search the list archives and find the multitude of
answers to this question, and find out what your current PPS and
bandwidth throughput is. Unless you're actually pushing Gig-E speeds,
it's doubtful you'll even
On Thu, Aug 14, 2008 at 10:14 PM, Aliet Santiesteban Sifontes
[EMAIL PROTECTED] wrote:
Well, my pps requirements are 500 kpps, we expect to improve to 400
In lab testing of FreeBSD 6.2, I ran out of horsepower on my two test
boxes (HP DL145G2 - dual core Opteron boxes) generating around 400k
pps
On Tue, Aug 19, 2008 at 4:07 PM, Aliet Santiesteban Sifontes
[EMAIL PROTECTED] wrote:
Hi, all I'm using a new installed pfsense 1.2.1 with three attached
newtoks, wan, lan and optional 1, I have defined rules on lan
interface to allow all outgoing connections on that interface, but
everything
On Tue, Aug 19, 2008 at 7:03 PM, Bill Marquette
[EMAIL PROTECTED] wrote:
On Tue, Aug 19, 2008 at 4:07 PM, Aliet Santiesteban Sifontes
[EMAIL PROTECTED] wrote:
Hi, all I'm using a new installed pfsense 1.2.1 with three attached
newtoks, wan, lan and optional 1, I have defined rules on lan
On Wed, Aug 20, 2008 at 4:55 PM, Aliet Santiesteban Sifontes
[EMAIL PROTECTED] wrote:
People, here I attach you an image with my current settings and the
migration, is just replace one firewall with pfsense, without changing
anything else. Notice that my wan is a private /30 network only for
I think you're dancing all around the solution :)
You need an inbound NAT or port forward for UDP ports 1-65535 pointing
to 10.0.0.1.
Alternately, a 1:1 NAT using YOUR external IP, not the IP of the
service (ie. 216.181.136.7 in your example below should be whatever
your external IP is, not that
On Sat, Sep 6, 2008 at 3:23 PM, BSD Wiz [EMAIL PROTECTED] wrote:
after doing considerable research with tcpdump on my WAN interface and DMZ
interface i see that the traffic is indeed passing but my phone is not
ringing sometimes. i have no idea why this is happening but it appears that
pfsense
On Sat, Sep 6, 2008 at 3:35 PM, Scott Ullrich [EMAIL PROTECTED] wrote:
On Sat, Sep 6, 2008 at 4:23 PM, BSD Wiz [EMAIL PROTECTED] wrote:
after doing considerable research with tcpdump on my WAN interface and DMZ
interface i see that the traffic is indeed passing but my phone is not
ringing
On Sat, Sep 6, 2008 at 3:52 PM, BSD Wiz [EMAIL PROTECTED] wrote:
i should enable static nat on the interface that my voip router is on, which
is my dmz correct?
Nope, on your WAN interface. You'll put in a rule that is specific to
your VOIP provider and check the 'static nat' box. That will
On Mon, Sep 29, 2008 at 11:03 AM, Rainer Duffner [EMAIL PROTECTED] wrote:
Hi,
my WRAP died and I finally managed to order an ALIX from PC-Engines.
But I think I can't find a backup of my config - can I just take the
config.xml from the old CF card and use the restore-option with that?
Or can
On Mon, Sep 29, 2008 at 10:15 AM, Ryan Rodrigue [EMAIL PROTECTED] wrote:
Thanks for the super quick reply. I thought as much, but just wanted to
confirm. Is there a limit to the number of processors it supports? Will a
dual zeon quad core (8 processors) work? i really don't have a need for
FWIW, I've said this before, I'll say it again. Open source works
because people have an itch to scratch and they scratch it. None of
the current devs have an IPv6 itch. It's a lot of work to convert a
predomenently IPv4 based system to work in an IPv6 world and none of
use have a need or
On Wed, Oct 1, 2008 at 11:12 PM, Chris Buechler [EMAIL PROTECTED] wrote:
On Wed, Oct 1, 2008 at 11:55 PM, BSD Wiz [EMAIL PROTECTED] wrote:
yep, i looked at it using tcpdump. i just see syn packets going out the
door, i never get any syn-acks back.
22:50:47.417326 IP unixbox.gnet.49330
On Sat, Oct 11, 2008 at 12:39 PM, Chris Buechler [EMAIL PROTECTED] wrote:
2008/10/11 Curtis LaMasters [EMAIL PROTECTED]:
A static route on pfsense for the 2.x network sending traffic to 0.245
should do the trick unless I'm missing something.
And also check Bypass firewall rules for traffic
On Sat, Oct 11, 2008 at 11:28 AM, David McNett [EMAIL PROTECTED] wrote:
On Oct 1, 2008, at 5:18 PM, BSD Wiz wrote:
have rules to allow allow traffic out on port 80 and 443. I have also(just
to be sure) allowed *ALL* traffic out from my static ip on my macbook.
Problem is I can't get to the
On Thu, Oct 30, 2008 at 6:32 AM, Angelo Turetta
[EMAIL PROTECTED] wrote:
Olivier Nicole wrote:
Hi,
I get a bunch of errors like:
acd0: FAILURE - PREVENT_ALLOW timed out
or
acd0: WARNING - SETFEATURES SET TRANSFER MODE taskqueue timeout -
completing reques directly
I am using a Dell
On Fri, Nov 14, 2008 at 9:03 AM, David Meireles [EMAIL PROTECTED] wrote:
Angelo, not joking, not crazy... Before having squid installed in the
pfSense box, there was an IPCop Proxy with a direct connect to the web (2
lan cards, one green, other red). To make the clients pass that server (in
On Wed, Nov 19, 2008 at 8:07 AM, Veiko Kukk [EMAIL PROTECTED] wrote:
Erwan David wrote:
OpenBGPD is in the packages.
Thank you, but is it stable enought (ALPHA)? Are there any plans to make
Quagga package for pfSense?
The software itself is stable. The pfsense wrapper package is marked
On Tue, Nov 25, 2008 at 1:10 PM, mikel [EMAIL PROTECTED] wrote:
Hello
where i can add pf rules in pfsense ( manually editing, or creating one
file), and mantaing this rules if I reload configuration throught web
interface?
You don't (although you might be able to hijack some of our unused
On Tue, Nov 25, 2008 at 5:51 PM, Scott Ullrich [EMAIL PROTECTED] wrote:
On Tue, Nov 25, 2008 at 6:45 PM, mikel [EMAIL PROTECTED] wrote:
Dear Crish/Scot/Developers
I t will be possible modify this patch to adapt to 1.2RCx and 2.0?
http://www.mail-archive.com/[EMAIL PROTECTED]/msg01766.html
On Tue, Nov 25, 2008 at 2:25 PM, mikel [EMAIL PROTECTED] wrote:
Some ideas?
Do you understand me?
Can we please keep this to one thread? My mailbox will thank you.
--Bill
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For
Can you post the error at step 10? Or the entire serial boot log so
we can see where you are getting stuck? Thanks
--Bill
On Wed, Nov 26, 2008 at 8:26 AM, Patrick M. Murray, M.F.A.
[EMAIL PROTECTED] wrote:
Hi, I followed these instructions (pasted below), and I cannot get the file
system to
from ufs:da0s1a
Manual root filesystem specification:
fstype:device Mount device using filesystem fstype
eg. ufs:da0s1a
? List valid disk boot devices
empty line Abort manual input
mountroot
END LOG 2
---
-Original Message-
From: Bill
On Mon, Dec 1, 2008 at 2:41 PM, Mike Lever [EMAIL PROTECTED] wrote:
Hi,
Can somebody please explain to me exactly how this works. I am having an
argument with my superior. He is insistent on setting the monitor IP
addresses in my load balancer pool to the same IP address. In his mind it
On Mon, Dec 1, 2008 at 3:06 PM, Mike Lever [EMAIL PROTECTED] wrote:
Thanks for the explanation Bill.
Can you please elaborate where you mention:
You'll actually lose link failure detection
What exactly is link failure detection ? I understand the meaning of the
words in isolation but can
On Mon, Dec 1, 2008 at 3:09 PM, Chris Buechler [EMAIL PROTECTED] wrote:
On Mon, Dec 1, 2008 at 3:41 PM, Mike Lever [EMAIL PROTECTED] wrote:
I have 5 WAN ports. The load balancer will constantly ping WAN1, WAN2,WAN3,
WAN4 WAN5 simultaneously. Depending on which has the quickest response and
On Mon, Dec 1, 2008 at 4:42 PM, Mike Lever [EMAIL PROTECTED] wrote:
Great, thank you very much Bill.
One point for clarification purposes... please define a flow ?
Any given TCP connection (from connection setup, to teardown). Or UDP
(say a VOIP call) stream of sufficient packet frequency to
On Wed, Dec 3, 2008 at 10:12 AM, Gary Buckmaster
[EMAIL PROTECTED] wrote:
It can be done, although not if the proxy machine is inside your LAN. It
would need to live on a separate network segment (ie: DMZ). In this case,
yes, its possible to redirect outbound traffic for TCP 80 to the proxy
On Wed, Dec 3, 2008 at 5:12 PM, Ermal Luçi [EMAIL PROTECTED] wrote:
On Wed, Dec 3, 2008 at 5:40 PM, Bill Marquette [EMAIL PROTECTED] wrote:
On Wed, Dec 3, 2008 at 10:12 AM, Gary Buckmaster
[EMAIL PROTECTED] wrote:
It can be done, although not if the proxy machine is inside your LAN. It
would
On Fri, Dec 5, 2008 at 10:43 AM, Chris Buechler [EMAIL PROTECTED] wrote:
Commodity PC hardware of any type may not be able to push that. It's
not about Gbps, it's about pps and the kind of traffic you're pushing.
You're going to max out at probably 1 Mpps (million packets per
second). 1 Mpps
On Fri, Dec 5, 2008 at 3:14 PM, Chris Buechler [EMAIL PROTECTED] wrote:
Along those lines - one of the in the future items on the list for
the autoconfigbackup is an option to email when the configuration
changes. For some environments that would be nothing more than an
annoyance, but could be
On Mon, Dec 8, 2008 at 2:32 PM, Tim Roberts [EMAIL PROTECTED] wrote:
SNIP
Do VHIDs have to be unuique per IP on the same physical wire to avoid
conflicts with other CARP servers? We had similar floods when we first setup
Pair1 to carp sync on LAN. It was flooding certain linksys and belkin WAPs
601 - 700 of 769 matches
Mail list logo