@bmeeks:

I assume this is on a 2.0.x box?  Shared libraries such as pcap, MySQL and others can be a real pain.  That's what is so nice about the PBI setup on 2.1 boxes.  In effect each app has its own sort of "application jail" where it can install and remove shared libraries as necessary without impacting other applications that may have some of the same shared libraries.  In actuality, these libraries are no longer "shared" in the classic sense with the PBI setup. Each application has its own independent copy of them.

Bill

Thank you for your answer, Bill, and yes, you are right, this is 2.0.3. I can really appreciate what is in 2.1, and that is why I am eagerly awaiting that it is officially released  :P

Hi,

everything on the "Users" tab just works for local configured users.
The accounting features like BANDWIDTH and AMOUNT OF TRAFFIC on the GUI are just working for local configured users.

If you want to connect freeradius with MS AD you should check the wiki:
http://doc.pfsense.org/index.php/FreeRADIUS_2.x_package
There are some discussions - not sure if the connection is working without having samba installed and configured on pfsense.

When using LDAP for authentication then you need an external *sql database to do the accounting. Then you can do BANDWIDTH and AMOUNT OF TRAFFIC - but you need to configure this on the database but not on freeradius GUI itself anymore.

@cdx304:

Do i have to run snort on the ipv6 interface or just the ipv4 interface .

It will run on either or both (if desired).

Bill

Did you try clearing your browser cache!? And accessing the same site!

Through trial and error, I have found that if I use the wan interface IP + Mac address it will open my firewall up and I was very lucky to shut it down before a hacker took control of everything. Basically, I have a router/firewall from my isp that connects to my pfsense box and then it connects to my computer from the Lan side. The attack that I experienced almost immediately which just shows you how vicious these hackers can be. Somehow they punched right through everything using my wan ip address and attacked port 5022 which I looked up and it's called a mice server. Apparently it's main vulnerability is that it can be used for denial of service attacks. Besides that everything else was fine. As soon as I removed my wan ip address coming off the isp router it immediately started blocking 1 ip address from France and 2 ip addresses from the United States. But yes, ipguard-dev is a very serious tool and if there is any real documentation on it could someone please point me to the right direction.

A can confirm that making the changes helped MBUF.  No more issues.  I didn't have any erratic behaviour so I didn't apply the NIC specific fixes.  Just the increased MBUF.

@ccarreraalza:

hello again, my problem persists, I have installed squid3 but does not solve the problem, I have the dansguardian 2.12.0.3 v0.18. How do I update dansguardian without losing data configuration and webconfig?

You can simply pull the DG executable out of the package you download from Marcelo's site.

That said, I see no reason why a newer version would solve your problem. 2.12.0.3 DG should be able to connect to Squid and I highly suspect that something else is wrong with your configuration. Can you forget about DG for the moment, make sure squid is running stable and that you can stay connected to it? So… setup squid on the lan interface and manually connect to it as a proxy? Just trying to eliminate variables...

Yes, that is unfortunately a problem with freeradius2. You can use the one or the other security mode but if you are using both together then it could make problems because it could switch to an unwanted method.
This is because when configuring freeradius2 by hand you would create different virtual servers, every server with different configuration. (…/sites-enabled/...) but on pfsense freeradius2 uses just one server called defauolt (.../sites-enabled/...).

So if you would like to do what you described in you post you need to modify the /usr/local/pkg/freeradius.inc file.
There you find somewhere the eap.conf part and there just comment the line you do not need, save and then you can use the GUI to do any other changes with getting the eap.conf overwritten with "wrong" code.

No problems, i moved mostly because of easily findable thread inside the topic.
But the same is for all versions as of today you need IAS.

What you just explained sounds pretty close to what I am discovering.

For your 8GB system I would have expected that allocating 2GB "Memory cache" and 40GB HD cache
would have resulted in:

4% of 40GB = 1.6GB

The 2GB you allocated to Memory cache

= 3.6GB minimum ram used by squid as the caches fill which is very near what you show.
I like simple formulas for determining such things.

Maybe 5% or even 6% would be a safer start point than 4% based on your post.

Thanks for the post.

:D sorry…

@jfoshee:

I try to install HAVP Antivirus BETA 0.91_1 pkg v1.01 platform: 1.2.2 on PFSense 2.0.3 but it hangs every time.

Beginning package installation for HAVP antivirus…
Downloading package configuration file... done.
Saving updated package information... done.
Downloading HAVP antivirus and its dependencies...
Checking for package installation...
Downloading http://files.pfsense.org/packages/amd64/8/All/havp-0.91_1.tbz ...  (extracting)

Downloading http://files.pfsense.org/packages/amd64/8/All/libltdl-2.4.2.tbz ...  (extracting)

Downloading http://files.pfsense.org/packages/amd64/8/All/unzoo-4.4_2.tbz ...  (extracting)

Downloading http://files.pfsense.org/packages/amd64/8/All/lha-1.14i_6.tbz ...  (extracting)

Downloading http://files.pfsense.org/packages/amd64/8/All/arj-3.10.22_4.tbz ...  (extracting)

Downloading http://files.pfsense.org/packages/amd64/8/All/arc-5.21p.tbz ...  (extracting)

Downloading http://files.pfsense.org/packages/amd64/8/All/clamav-0.97.5_1.tbz ...  (extracting)
Loading package configuration... done.
Configuring package components...
Additional files... done.
Loading package instructions...
Custom commands...
Executing custom_php_install_command()...done.
Executing custom_php_resync_config_command()...

It will not go any futher then that.

I check the logs and this is what I found

Jul 1 14:21:25 php: /pkg_mgr_install.php: Beginning package installation for HAVP antivirus.
Jul 1 14:21:53 php: /pkg_mgr_install.php: The command '/usr/local/etc/rc.d/havp' returned exit code '1', the output was 'Usage: /usr/local/etc/rc.d/havp fast|force|one'
Jul 1 14:21:53 php: /pkg_mgr_install.php: The command '/usr/local/etc/rc.d/clamd.sh' returned exit code '127', the output was '/usr/local/etc/rc.d/clamd.sh: not found'
Jul 1 14:21:53 check_reload_status: Syncing firewall
Jul 1 14:21:53 php: /pkg_mgr_install.php: Stopping HAVP

I have tried uninstalling and re-installing along with rebooting but nothing fixes it. This is a fresh box install with no other packages installed.

Anyone have any ideas?

Did you have an old version installed before?
Uninstall it and go to the console and open a comand line type "pkg_info" and see what shows up.  It sounds like an old version or something else is confilicting with it.  If you do see and old version type "pkg_delete -f package_name" reboot and try to reinstall.

Hi

thanks

problem is fixed with last unbound update ;)

I have not seen development for over a year (1.2.X pfsense).  I think the developer moved to to his own site where he develops freeswitch on stand alone machines.