Yeah, that is true.  Kinda a catch-22 in that regard, I guess.

Solved:
http://forum.pfsense.org/index.php?topic=677.msg6547#msg6547

Just your system, reinstall.

@Sharaz:

how can i assign more than 1 search domain via DHCP to clients?

I dont think thats possible with the current standard for DHCP.

Depending on your client Microsoft have an article here about a possible work-around:

http://support.microsoft.com/kb/275553/en-us

If the repeater clones his mac for all clients connected to it it can break things anyway. However I don't have a wrt54g to test anyway  ;) but there were a lot of discussions at the m0n0 list concerning that device and problems with captive portal with several different firmwares. If you really want to shut that down you have to change your wireless setup to prevent this. The pfSense only can see a macadress and an IP. If something of this or even both is faked how should it tell which one is the original and which one is the fake? Your problem is a wireless authentication/association problem, not a pfSense problem or at least nothing that can be fixed/workaround from the pfSense side in this setup.

Removing the static route seemes to have done it.  Thank you!

Patches accepted.

just sharing some interesting concepts i found on this topic…

http://software.othello.ch/mod_dnsbl/
http://www.frws.com/squid_block/

btw...
can we have some local dnsbl server that can do zone transfer from our selected dnsbl zone when needed?

rgds,
rex

Done, thanks!

/var is a memory disk.  /var/dhcpd/dev is a devfs mount.

Some things to try (though I'm pretty tired atm so if I talk nonsense please forgive me):

enable nat reflection at system>advanced. This way your server should be accessable even by it's WAN IP enable "Register DHCP leases in DNS forwarder" at services>dns forwarder. this way your dhcp clients should be resolvable via their hostname add forwarding DNS-Servers for your clientsdomain if you are running another dns server for these clients at services>dns forwarder

Yes, I caught that immediately.

Cool, thanks!!

I actually added that into mine, and that made it work a-ok!!  8)

Man, you're fast!! :D ;)

Thanks!!

Is this something to do with the DNS forwarder? why would using an IP address suddenly allow the whole network to have access to the internet?

i think you have to configure the modem to set it to Bridging mode.

maybe this one will give you the idea
http://local.sprint.com/home/local/dslhelp/walkthroughs/advanced/nonsprintdynamic645.pdf

These problems where just fixed.

@sullrich:

You used the REAL IP instead of the CARP IP?

Sorry, thing got better… CARP was working fine, but synchronisation config was broken...

Now it is OK.

/jan

rules LAN2
allow all from LAN2 net ( gateway = gateway_pool)
allow from LAN2 net to LAN interface ( gateway = gateway_pool) port = dns

Sorry, it was right under my eyes. I just looked in the wrong place :-[
What I was looking for more specifically was the next-server and filename options to do some pxe stuff with either anywhereTS.com or thinstation.org, obviously I can do that right out of the box just by modifying config.xml

[code]

<dhcpd>- <lan><enable>- <range><from>192.168.1.100</from>
  <to>192.168.1.199</to></range> <winsserver>xxx.xxx.xxx.xxx</winsserver>
<defaultleasetime></defaultleasetime>
<maxleasetime></maxleasetime>
<gateway>xxx.xxx.xxx.xxx</gateway>
<domain></domain>

<filename></filename>

--></enable></lan>
-</dhcpd>

http://forum.pfsense.org/index.php?topic=381.0

I believe it does.

We use: http://thekelleys.org.uk/dnsmasq/doc.html

Hi Scott,

As per your request I run it with the following result.
##############
$ pfctl -vvsa | grep 316
@316 pass in quick on ng0 inet proto ah from 194.143.xxx.yyy to 87.97.aaa.bbb keep state label "IPSEC: OfficeDMZ - inbound ah proto"

##############
…BUT ... probably it is not the same  rule #316 anymore. (It seem to me changes time to time, maybe when  I reboot.)

Meanwhile I solved it, so that I created an
" UDP  *  68  *  67  *" rule on my OPT1 (ath0) interface.

I don't know what security hole creates it, if any?
I don't know that after applying your new filter.inc yesterday night, why worked without this rule?
Is ARP filtering is on when interface is bridged?
This static arp enabling is on the dhcp server tab originally, but since now it is bridged, that's no more available.
(Of course it is enabled on LAN as well)

Install 1.0beta1. We are not looking into old errors that might already be solved. If the problem persists with 1.0beta1 report back.

Ufff,thanks :).
Big relief here.

@TheRAt:

@sullrich:

Run from a shell:

update_file.sh /etc/cron && shutdown -r now

Should be

update_file.sh /etc/crontab && shutdown -r now

Yes, my apologies.

#1 -  No.  Use reservations for this range and make the range broader.
#2 - Services -> DHCP Relay
#2 - Not going to work, you cannot split up ranges, you need to add reservations for the items that you wish to not be handed out

check presence of "dhcpd" by running "top" at diagnostics>command

ok thanks!

@skimtat:

Anyway to do it.  I noticed it is not listed in the currect dynamic DNS providers.

Sure, hack up a patch and submit  :o