If the repeater clones his mac for all clients connected to it it can break things anyway. However I don't have a wrt54g to test anyway  ;) but there were a lot of discussions at the m0n0 list concerning that device and problems with captive portal with several different firmwares. If you really want to shut that down you have to change your wireless setup to prevent this. The pfSense only can see a macadress and an IP. If something of this or even both is faked how should it tell which one is the original and which one is the fake? Your problem is a wireless authentication/association problem, not a pfSense problem or at least nothing that can be fixed/workaround from the pfSense side in this setup.

Removing the static route seemes to have done it.  Thank you!

Patches accepted.

just sharing some interesting concepts i found on this topic…

http://software.othello.ch/mod_dnsbl/
http://www.frws.com/squid_block/

btw...
can we have some local dnsbl server that can do zone transfer from our selected dnsbl zone when needed?

rgds,
rex

Done, thanks!

/var is a memory disk.  /var/dhcpd/dev is a devfs mount.

Some things to try (though I'm pretty tired atm so if I talk nonsense please forgive me):

enable nat reflection at system>advanced. This way your server should be accessable even by it's WAN IP enable "Register DHCP leases in DNS forwarder" at services>dns forwarder. this way your dhcp clients should be resolvable via their hostname add forwarding DNS-Servers for your clientsdomain if you are running another dns server for these clients at services>dns forwarder

Yes, I caught that immediately.

Cool, thanks!!

I actually added that into mine, and that made it work a-ok!!  8)

Man, you're fast!! :D ;)

Thanks!!

Is this something to do with the DNS forwarder? why would using an IP address suddenly allow the whole network to have access to the internet?

i think you have to configure the modem to set it to Bridging mode.

maybe this one will give you the idea
http://local.sprint.com/home/local/dslhelp/walkthroughs/advanced/nonsprintdynamic645.pdf

These problems where just fixed.

@sullrich:

You used the REAL IP instead of the CARP IP?

Sorry, thing got better… CARP was working fine, but synchronisation config was broken...

Now it is OK.

/jan

rules LAN2
allow all from LAN2 net ( gateway = gateway_pool)
allow from LAN2 net to LAN interface ( gateway = gateway_pool) port = dns

Sorry, it was right under my eyes. I just looked in the wrong place :-[
What I was looking for more specifically was the next-server and filename options to do some pxe stuff with either anywhereTS.com or thinstation.org, obviously I can do that right out of the box just by modifying config.xml

[code]

<dhcpd>- <lan><enable>- <range><from>192.168.1.100</from>
  <to>192.168.1.199</to></range> <winsserver>xxx.xxx.xxx.xxx</winsserver>
<defaultleasetime></defaultleasetime>
<maxleasetime></maxleasetime>
<gateway>xxx.xxx.xxx.xxx</gateway>
<domain></domain>

<filename></filename>

--></enable></lan>
-</dhcpd>

http://forum.pfsense.org/index.php?topic=381.0

I believe it does.

We use: http://thekelleys.org.uk/dnsmasq/doc.html