also, bug i have with 1.2.3 that almost after every apply on DHCP server one interface freezes (it just do not pass network traffic), is gone with 2.0…

or at least i didnt have problem yet

Well, I did a clean install of 2.0 and it does seem to work, although the manual entries in the config.xml for full-duplex and 100baseTX still seem to be required to get the system to boot normally.  No shell script needed though.

Thanks!

I know this is an old thread but here is a rudimentary way to see the number of active leases.

grep -c "binding state active" /var/dhcpd/var/db/dhcpd.leases

That should output the number of leases at active status.

Hi,
thankyou for unlock topic.

Hi infratek, did you resolve?
I've resolved overriding domains in "Services -> Dns Forwarder" for domains managed by TinyDns.
The section is "Below you can override an entire domain by specifying an authoritative dns server to be queried for that domain".
I've insert 127.0.0.1 inside field "IP address of the authoritative DNS server for this domain".

I know it is not the best solution, but it works and I don't find nothing better than this.

So this is my configuration in order to have a single machine with authoritative dns and dns forwarder:

"General Setup -> Dns Servers": configure external dns ips

"Services -> Dns Forwarder": enable dns forwarder and configure forwarded hosts and forwarder domains (the ones managed by TinyDns): Configure "IP address of the authoritative DNS server for this domain" to 127.0.0.1

"Dns Servers -> Settings": configure Binding IP Address to 127.0.0.1 and enable dns forwarder

"Dns Servers -> Add/Edit record": configure zones

The only thing that doesn't work is dns resolution for CNAME records.

I hope this will be usefull for other users.

Thankyou,
emanuele

@jimp:

Not a stupid question, just an FAQ without an answer other than "when it's ready" :-)

Getting closer every day, but not quite there.

….. i see the FAQ now...... when it's ready is very vage.....But i will wait

So… when I didn't find anywhere in the webgui to put dhcp options (option x "y";) I took some time and added it to my 1.2.3-RELEASE. I needed "root-path". Well I completed it, and I'm happy with the outcome, but I wish I had searched this forums some more,

since this is apparently already in 2.0. doh

Anyway, if anyone would like the /usr/local/www/services_dhcp.php & /etc/inc/services.inc files I will post them.
(only minor changes to services.inc -file, line 284-288)
if (isset($dhcpifconf['dhcp-option'])) {
foreach($dhcpifconf['dhcp-option'] as $key => $dhcpoption) {
if ($dhcpoption != "") $dhcpdconf .= " option $key "$dhcpoption";\n";
}
}

Screens:

Files:
removed

edit: fixed links

edit2: removed links, found some bugs in the code i made. go get pfS 2.0

sorry forgot to mention there is a switch after the server, both network connected to the switch.  what confuses me the client was able to connect all the time to this network, when she started to face this problem, i thought maybe she updated her windows 7 and the driver wasn't good to connect to my AP11b access points so i formated her net-book with fresh installation of win7 but no luck. i also have another client just got herself a new net-book with windows 7 installed not able to connect to 11b so i had to give her a usb wireless so she managed to connect now.

All work now.

Thank

If you have static IP address then you probably won't use DHCP, though I have read of some ISPs who require DHCP but always assign the same IP address in DHCP.

the right answer to that is: no you can't, and as danwartz told you, post what you have in mind, or what do you need that for, may be someone will have better solution for you.

I suspect a configurable web filter such as Dan's Guardian (see http://dansguardian.org but no pfSense package) would be more suitable if you want to prevent download of copyright material.

Dan's Guardian can be configured to block downloads of particular types of files (based on the content description and/or file name extension) and can be configured to apply rules to particular users identified by IP address or login.

pfSense users seem to use squid and squidguard (see http://www.squid-cache.org and http://www.squidguard.org, pfSense packages available) for "web filtering" but this combination doesn't appear to provide a mechanism to block content such as MP3 files and movies.

I have used Dan's Guardian (which defaults to use squid) but not squid with squidguard.

If you have confidence in your son's sense of responsibility, it might be sufficient to explain the possible consequences of downloading copyrighted material and ask him to get your approval before downloading any audio or video or … files.

@ndipiazza:

I am also experiencing the issue. When I turn on the normal DNS Forwarding, the PFSense serves up the internet just fine.

When I install the package for dns-server, de-activate the DNS forwarding, then enable the DNS forwarding from the DNS-server…. it stops resolving addresses.

Anyone have a solution to that?

Did you take a look at http://forum.pfsense.org/index.php/topic,25897.0.html ?

@cmb:

Wow, I'm not sure anyone has put that much thought into it.

You know the old saying, "If I had more time, I would write less code." ;)

Thanks for reporting back.

Nice diagram.

for wallabybob: Thanks man your post is very helpful for me. before your post read my range is 10.0.10.100 - 10.0.10.200. I was thinking client ip address is inside 100 - 200. This is wrong thinking. Now my range is 10.0.10.100 - 110 and I can add manually my client address outside from this range.

ok.. everything seems to be up and running.  i appreciate all the help that was provided.  the ISP figured out how to get my two uplinks working by creating a VLAN or something.  granted, the uplinks are not too redundant (just plugged into separate blades on the switch), but the setup is finally working!!

Support for this is in 2.0.

Perhaps both of you should configure DNS server(s). (In web GUI: System -> General Setup)

King_Rob - In web GUI, System -> General Setup is Allow DNS server list to be overridden by DHCP/PPP on WAN checked?

I'm having same problem. Anyone figure this out?