I'm brand new here so this may not be of much use...

I'm doing something similar to you, but with different software, except for the ubiquiti equipment and controller. In my setup, I had checked the checkbox in the unifi controller, wireless networks, advanced options; "Block Wireless LAN to WLAN Broadcast and Multicast Data" in the hopes that the avahi package on the pfsense router would handle all mDNS traffic. However I was not able to get anything on my wireless networks to resolve under mDNS until I cleared that checkbox and reprovisioned the unifi AP. I have a vm host set up on the NoT, which I installed the "avahi-tools" package and ran avahi-resolve -n somehost.local. That started working after I cleared the checkbox. I ran pftop and set up filter for port 5353 while I ran the avahi-resolve command and started seeing the requests come through. I have the dns forwarder set up to a local adguard host. When the pfsense box forwards the request, the ip shows that of the pfsense vlan adapter. When the devices make the request themselves, the ip origin in pftop is the device that makes the request.

Our setups aren't exactly the same, but if you'd like me to try something out on my network, let me know.

welbo97
R710 x5650 72GB
pfsense 2.4.4-p3 router in proxmox 6 vm
OVS and Ubiquiti for tagging VLAN's (no hardware switch)
isolated NoT, IoT, guest and general networks

Yes I tried that, it seems to only accept 'UserParameter=' entries however and crashed the service when I added the Include line.

Have figured things out, from trying. So, I am answering my own questions :-)

I don't see any zone files created ... is this to be expected?

Zone files are not created, until a view has been created and attached to the zone configuration screen

Is it essential that at least a view must be created ?

Yes, a view is required ... just create a default one. Without a view associated with the zone definition, the zone files will not be generated.

What is the best practice for defining zone files, so the settings stick, even when the package is updated or changes in the UI are saved ?

Steps:

Create a view ... this is essential create a zone ... using the DNS record fields to add entries you want. If you have a lot of hosts to add, there is a text field that can be used to paste in entries in bulk. The zone files are generated in the filesystem under/cf/named/etc/named/master/<name-of-view>/<name-of-zone>.DB Any changes to the underlying zone files content from a CLI session will be lost the next time the zone files are updated. So, longer time, one needs to get comfortable with using the entry fields in the zone configuration page for adding all zone records.

@vito hi,
There already a gui block special for user certs, did you tried enable it for one of your frontends?
If this not enough you can configure custom settings for frontend for user certificate validation usind native haproxy syntax. Good to have in bookmarks: https://cbonte.github.io/haproxy-dconv/ and read what you need. Please use devel package due another one is too old. I even say that devel package is old, waiting for 2.5.x stable with haproxy 2.0 ✌

E2guardian is an unofficial package, most of us don't even know what is it
you should ask @marcelloc , last seen 4 days ago

@admins said in LCDModkit use with LCDProc package:

lcdmodkit

Which specific display do you actually have? Is it compatible with LCDproc?

Steve

Issue resolved for me : I remove 127.0.0.1 from General Setup / DNS Servers.
redis and ntop are working

@costanzo That's about what I made mine but also added source fe80:: as /10 with port 5353

Screenshot 2019-08-19 at 8.30.49 PM.png

What was the outcome of this, I'm hitting the same issue! Any help appreciated.

I don't have anything else to add since you're way past what I know about FreeBSD packages & ports. Maybe the pfSense Development forum might have some folks who know more.

Hmm. Odd. I can ping it from my machine, but not the firewall. Lm see wassup.

There are details here on the content of the LCDd.conf file. You can do some manual edits and see how it goes:

CwLnx-howto

Double check the KeyMap(s) and try to line them up with the script above. You might have to run the script alone to double check the mapping. It looks like this iBase device did not implement the same keypad mapping as the Cwlinux device.

Also check the [server] and [menu] sections. The keypad should let you navigate the built-in menu system and manually change the backlight and a few other options.

Best of luck, keep us posted.

If SSL inspection is not a feasible option for your organization, you can block traffic to sites that use HTTPS connections through: Using a Global HTTPS Block: You can globally block access to HTTPS sites in predefined or custom URL categories for all the configured locations.

To help anyone else doing this, I suggest downloading the entire contents of https://files00.netgate.com/pfSense_v2_4_4_amd64-pfSense_v2_4_4/All/ as it's only 400~Mb and copying it onto your pfsense appliance.
When you run pkg add blah.txz it'll automatically install the dependancies required from the same directory.

I've noticed that the packages installed aren't showing up in the GUI or apparently running (open-vm-tools) but I've made a seperate topic:
https://forum.netgate.com/topic/145351/cli-installed-pfsense-packages-not-showing-up-in-gui

@mike69 said in NUT (or APCUPSD): Connect QNAP NAS as slave:

Uuuh, you exhume an old thread. :)

@Cino said in NUT (or APCUPSD): Connect QNAP NAS as slave:

Now to find the setting/config file on the QNAP NAS so I can change the UPS name to something other than "qnapups"

After an Update, QNAP overwrite the custom configs. It`s better to use the default values of QNAP.

I try not to reply to old/stale threads but being this one was a how-to. It made sense too.

You are right about the settings would get overwritten after an update. My OCD doesn't like the name tho.. lol. Maybe someday QNAP will allow that setting to be user-configurable.

Yes I mean of pfsense. That’s why I have installed the packages lldpd on pfsense. And if I connect a fluke network analyzer at the ports of pfsense, I don't get VLAN information anywhere.

Don't install an MTA on the firewall.

If you install the arpwatch package, it comes with a small script which pretends to be sendmail so it can send mail using the pfSense notification settings.