For redirects, use "External URL Found" and redirect it to your own error page. The client browser is less likely to (but still can) cache a 302.

Ron,

Thanks for responding.  Reboot does not fix the behavior either.  I'm going to try a fresh install at this point.  I believe there is an issue with my install.  I will report back later this evening.

Thanks,

Ryan

Is the system running pfSense a full install or NanoBSD? NanoBSD's drive would be kept read only and thus wouldn't be good for working as a receiver.

Also I can't remember if the server on pfSense works the same, but often a file must exist first on the server before a client can upload and write it out. Try uploading something via the GUI with the same target name and then see if the upload from the device works.

What kind of permissions are you talking about?
Do you mean different groups should be allowed to visit different websites? then this isn't possible with freeradius.

If you want to give users different times or dates to access the internet then this can be done by freeradius.

Changeing the password using the users file on freeradius ist not possible until the user has access to the GUI. So you can try with SQL database as user backend and check these documentation:
https://doc.pfsense.org/index.php/FreeRADIUS_2.x_package#CaptivePortal_Self-Registration:FreeRADIUS.2B_MySQL
Captive Portal Self Registration.

Uninstall freeradius2 package and the delete this folder:
/var/log/radacct/

Reinstall freeradius package.

I seem to have solved my own issue by selecting transparent proxy mode under HAVP - not sure how i managed to do it right for squid but not for HAVP!

Case closed I guess.

No worries dude!

Running smooth on all the boxes at the hosting site and privately!

HAHAHAHAHAHAHAHAAHAHA fooking hell! :D

I need glasses….............. HEEEEEEEEEEEELP! HAHAHAHA

Sorry for the "noise" :D

Tried this again today and get the following log:

php-fpm[40792]: /pkg_mgr_install.php: The command '/usr/local/etc/rc.d/postfix.sh stop' returned exit code '1', the output was 'kill: 12044: No such process Shared object "libsasl2.so.3" not found, required by "master" Shared object "libsasl2.so.3" not found, required by "master" Shared object "libsasl2.so.3" not found, required by "master" Shared object "libsasl2.so.3" not found, required by "master" Shared object "libsasl2.so.3" not found, required by "master"'

@jwsmiths:

@KOM:

There is a dashboard widget for Installed Packages, but I don't know if it shows available upgrades or not.

It does.  If there is an upgrade the package is highlighted in red and IIRC there is a button to click for upgrade right on the dashboard.

Cool! Having just updated all my packages I couldn't tell… Doh!

I just found a work around for the problem but I'll leave this up incase soemone has a better idea, or solution.

WHat I did to remedy the issue was to create an exception in: Services -> Proxy Server -> Cache Mgmt -> Do not cache.

Here I added:
Google.com
www.Google.com

It is not a good idea to offer more than 50% of your 8192 MB RAM for squid cache.

Squid uses RAM for in transit objects for the disk cache.
This process needs around 100MB of RAM per GB of disk cache.
It is dynamically allocated depending on the object stored in the cache, so this is not an exact science.

If you have a large disk cache set, 100GB for instance.
You will need, when the disk cache is in full use, 10GB of RAM!

Depending on your disk cache, set the memory cache to such a size you know will remain available after the disk cache is in full use.
(other process also use RAM, bind etc.)

I use around 25% of my RAM for the memory cache and use the 100MB per GB rule to size the disk cache.

thans ,, after i update squid3-dev
the script mised up  , i copy it from your post and every thing work perfectly
thanks again

@BBcan177:

wcrowder was leading you in the right direction  :)

Take for example this Range from the IBlock BT Spyware List

Range Format
221.181.73.214-221.181.73.221:

Converts to the following in CIDR Notation
221.181.73.214/31
221.181.73.216/30
221.181.73.220/31

So comparing Line Count in Range to CIDR is not going to be exact depending on the Ranges in a particular list.

Hope this makes it clearer.

BBcan177 - Thanks, and I guess that settles that. :)  So it looks like the only way I have to validate that lists are updating is just if they change from time to time.

wcrowder - Sorry, & Thank you.  I guess I had that backwards.

Ash,

I would love to test it if anyone is working on this package…

so whats the problem  ??? i clear cache , swap-state , nothing help
and i think it cause some delay in browsing

Hi..
I right now already uninstalled and uncheck the save config after deinstalled and then reinstalled snort fresh… but it shows the same error when i try to start it...
anyway that I need to search all snort config file and delete manually by using the ssh?

thanks..

@Heli0s:

Thanks for all of your responses! Out of curiosity, what packages do you personally use (Snort or Suricata) and what rulesets do you use (Snort VRT or ET)?

Just because it is what I originally started with, I'm still using Snort on my home firewall.  I have a paid VRT subscription (the $29.95/year version) and so use those rules.  I also use some of the ET-Open (free) rules.  I run the IPS Balanced Security Policy on my LAN along with some of the ET Trojan and Malware rules.  On the WAN side, just so I have something to observe working, I run some of the ET drop rules for suspicious IPs (ET CINS, ET DROP, etc.).  I don't really need those ET rules on the WAN, but I loaded them just to watch the activity and to help me test things when I do package updates.

Bill

I solved the problem. I have the version 2.1.5 . On BlackList tab - > Restore default- > Download, on General Settings  tab Apply and voila !!!! The categories of BL are there again !!!

Good luck!!!!!!!!1