If you have static IP address then you probably won't use DHCP, though I have read of some ISPs who require DHCP but always assign the same IP address in DHCP.

the right answer to that is: no you can't, and as danwartz told you, post what you have in mind, or what do you need that for, may be someone will have better solution for you.

I suspect a configurable web filter such as Dan's Guardian (see http://dansguardian.org but no pfSense package) would be more suitable if you want to prevent download of copyright material.

Dan's Guardian can be configured to block downloads of particular types of files (based on the content description and/or file name extension) and can be configured to apply rules to particular users identified by IP address or login.

pfSense users seem to use squid and squidguard (see http://www.squid-cache.org and http://www.squidguard.org, pfSense packages available) for "web filtering" but this combination doesn't appear to provide a mechanism to block content such as MP3 files and movies.

I have used Dan's Guardian (which defaults to use squid) but not squid with squidguard.

If you have confidence in your son's sense of responsibility, it might be sufficient to explain the possible consequences of downloading copyrighted material and ask him to get your approval before downloading any audio or video or … files.

@ndipiazza:

I am also experiencing the issue. When I turn on the normal DNS Forwarding, the PFSense serves up the internet just fine.

When I install the package for dns-server, de-activate the DNS forwarding, then enable the DNS forwarding from the DNS-server…. it stops resolving addresses.

Anyone have a solution to that?

Did you take a look at http://forum.pfsense.org/index.php/topic,25897.0.html ?

@cmb:

Wow, I'm not sure anyone has put that much thought into it.

You know the old saying, "If I had more time, I would write less code." ;)

Thanks for reporting back.

Nice diagram.

for wallabybob: Thanks man your post is very helpful for me. before your post read my range is 10.0.10.100 - 10.0.10.200. I was thinking client ip address is inside 100 - 200. This is wrong thinking. Now my range is 10.0.10.100 - 110 and I can add manually my client address outside from this range.

ok.. everything seems to be up and running.  i appreciate all the help that was provided.  the ISP figured out how to get my two uplinks working by creating a VLAN or something.  granted, the uplinks are not too redundant (just plugged into separate blades on the switch), but the setup is finally working!!

Support for this is in 2.0.

Perhaps both of you should configure DNS server(s). (In web GUI: System -> General Setup)

King_Rob - In web GUI, System -> General Setup is Allow DNS server list to be overridden by DHCP/PPP on WAN checked?

I'm having same problem. Anyone figure this out?

yes, the switches in the network are vlan capable, there are over 40 vlans in the network i do believe.

Hello everyone,

Any news on this? Anyone can provide more information?

Thank you

There is no package for bind, so there would be no GUI to manage it.

You could install the FreeBSD package for bind and manage it via ssh if you really must have bind. Check the doc wiki linked in my sig, it has instructions for adding freebsd packages.

I figured out how to do this.  I will be posting something to the wiki once I get it documented.

Ah! Thanks.  :)
That should be no problem then.

Steve

It certainly looks as if your DHCP server on the LAN side is providing the address to your WAN interface but you haven't provided any conclusive evidence. So, to exclude other possibilities, please provide the output of the shell command```
ipconfig -a

Not many details :(  I infer from the vlan refs that there is a single NIC going to a vlan-capable switch?  If so, it almost seems like the switch is screwing up and leaking traffic across the vlan boundaries (at least the broadcasts).

What version of fSense are you using?

Issue 1: Have you checked the pfSense DHCP log. Perhaps dhcpd has died and not been restarted. Are there any other clues to the reported bad name in /var/dhcpd/var/db/dhcpd.leases?

Issue 2: Does this happen before the DHCP lease renewal problem or after?