Categories

  • 465 Topics
    1k Posts
    A
    @Said.Fathy , Hi Said .. I'd strongly recommend Lawrence Systems' youtube channel... it's the best as far as pfsense is concerned.. from beginner to pro https://www.youtube.com/@LAWRENCESYSTEMS
  • 121k Topics
    769k Posts
    W
    @stephenw10 You are correct. I plugged a windows laptop into the same switch and set an IP address of 10.1.2.50 (netmask 255.0.0.0) and it would not see either 10.1.1.50 or 10.1.0.50.. The other network does not show up in the arp list.
  • 20k Topics
    128k Posts
    bmeeksB
    You show a VLAN configured on the LAN physical interface. VLANs and netmap (the underlying FreeBSD kernel device used to support inline IPS mode operation) are not great friends . While it can work, a VLAN interface requires the use of an emulated netmap adapter which is a software construct that is much less efficient than the hardware adapter netmap interfaces. Another issue that can severely affect throughput is the number of enabled rules. More rules means more CPU work and less throughput. Lastly, you may need to fine-tune settings for the NIC adapter using sysctl variables. You would need to perform your own research for that. I have no experience with that and thus no tips to offer. Legacy Mode uses the PCAP library to simply grab copies of packets traversing an interface. Suricata is then fed those copied packets to digest while the original packets continue on to the host. That means Legacy Mode will leak the initial packets and let the connection be made. Then, after Suricata has time to compare the packet or packets to the signatures and there is a match, a pfctl firewall API call is made to place the offending IP address into a pf table for subsequent blocking. Another API call is then made to flush any active states that are associated with the blocked IP. Also noticed that you posted this same issue on the upstream Suricata forum. That will not help. The Suricata package on pfSense is highly customized and the developers upstream are not privy to the inner workings of the Suricata setup used in pfSense (nor in OPNsense, for that matter). Both *Sense products use a GUI front-end for managing Suricata. Suricata itself (the binary used on Linux and Windows) has no GUI. It is managed completely at the command line level. But that is not true on pfSense as the GUI code manages the underlying binary and controls the creation of the suricata.yaml file.
  • 43k Topics
    267k Posts
    M
    @TheStigh Nei, det har aldri gått for seg sånn hos meg. Det har bare vært NRK som har trøblet etter noen døgn uten bruk. Det har ikke gitt feilmelding, bare svart skjerm, mener jeg å huske. Det er en stund siden sist.
  • Information about hardware available from Netgate

    3k Topics
    21k Posts
    GertjanG
    @Joe0x7F said in How to read CPU temperature on 1100, 2100, and 4200?: I did not see another command I'll highlight : [image: 1760544076523-38d06610-3002-45d2-963c-5571f28839fe-image.png] But why looking, as it seems that a RISC processor doesn't have/need a temperature measurement device. These use so little power that they can't heat. Intel/AMD processors are called "irons" for a reason.
  • Information about hardware available from Netgate

    44 Topics
    211 Posts
    AriKellyA
    It looks like unified web management could be coming soon. It would be great if it means easier control and management of all web services in one place. Let's see if any companies announce more details about it!
  • Feel free to talk about anything and everything here

    4k Topics
    19k Posts
    O
    When configured propertly Nginx.... For Netgate seems to be an issue
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.