New user so bear with me.
I've installed on 2 boxes, gotten pfsync/carp working
with VLANs and all, thanks for this great piece of
work.
However, I am wondering why the permissions on
config.xml file are so open (world-read, and the
backup/config*xml files are world-writable!). Given
that
I have updated to RELENG_1_SNAPSHOT_03.
I am concerned about having plain text passwords in
the config.xml file, especially the one used by pfsync
to get to the webgui interface of the second pfsense
box. What extra precautions can be taken to avoid
this, or to at least mitigate the risk?
JR
Thanks, all those suggestions help and have been
observed.
But I still worry about some remote attacker tricking
the firewall into somehow sending or exposing the
contents of the config.xml file. It kind of feels
like having an /etc/passwd or /etc/shadow file where
the password fields are
I am running the latest snapshot:
1.0-SNAPSHOT-09-14-06
Whenever I tick the
Enable Static Arp Entries box on the DHCP server
I get the following complaint in my logs:
dhcpd: failover peer dhcp6: invalid argument
I've tried to search the support archives, as well as
check dhcp man pages, but
I have 2 pfsense firewalls (both running
1.0-SNAPSHOT-09-14-06) CARP'ed together and supporting
several VLANs. They also provide DHCP service, and I
specify the failover peer IP of the other pfsense
firewall in order to keep the DHCP leases in sync.
(Minor issue: why is the box for this item a
I am running into problems with my failover dhcp peer configuration:
peer holds all free leases
appears in the logs as several clients can't get a dhcp lease, even when there
is lots of room in the dynamic pool. The package that comes with pfsense 1.0.1
is still version 3.0.4. I am hoping
Hi,
How can I tell that my pfsense firewalls are DST 2007-ready? What to do if
not? I am running 1.0.1-SNAPSHOT-01-19-2007.
JR
Have a burning question?
Go to www.Answers.yahoo.com and get answers
: [pfSense Support] DST 2007-ready?
Both FreeBSD 6.1 and 6.2 are already ready for this change IIRC.
If you are in doubt, update to this months snapshot which is based on
6.2 and definitely has support for congresses half-brained decision.
Scott
On 2/23/07, LJ Rand [EMAIL PROTECTED] wrote:
Hi,
How
/share/ http://www.pfsense.com/~sullrich/zoneinfo.tgz
Reboot the firewall and you should be set.
Scott
On 2/26/07, LJ Rand [EMAIL PROTECTED] wrote:
I've downloaded and rebooted to latest snapshot (2-21-2007), firewall
rebooted, /etc/localtime already updated. But when I ran:
# date -r
What you want to see, regardless of your timezone, is when it switches from ?ST
to ?DT. So for 2007, more precisely, you want:
# date -r 1173607199
Sun Mar 11 01:59:59 PST 2007
# date -r 1173607200
Sun Mar 11 03:00:00 PDT 2007
- Original Message
From: stephan peterson [EMAIL
I am running 1.2-beta-1 snapshot 05-11-2007 on 2 pfsense firewalls carp'ed
together.
I configured dhcp server in failover mode for both firewalls, following
instructions.
I do not see on the web interface how to set the second firewall as secondary
dhcp, so when I check the resultant
PM
Subject: Re: [pfSense Support] dhcp failover--missing parameter in web
interface?
On 7/9/07, LJ Rand [EMAIL PROTECTED] wrote:
I am running 1.2-beta-1 snapshot 05-11-2007 on 2 pfsense firewalls carp'ed
together.
I configured dhcp server in failover mode for both firewalls, following
I think this may be related, or another 1.2.2 upgrade woe to add to your list:
I have 2 firewalls that were running 1.2, carped together with fw1 (master)
syncing to fw2.
Before upgrading fw1 to 1.2.2, I backed up the config files on both firewalls.
I have verified that the rules section
I think my problem may be related, or may be another 1.2.2 upgrade woe to add
to your list:
I have 2 firewalls that were running 1.2, carped together with fw1 (master)
syncing to fw2.
Before
upgrading fw1 to 1.2.2, I backed up the config files on both
firewalls. I have verified that the
14 matches
Mail list logo
