I would highly recommend going with the fiber run.  I have done installs with even shorter runs using fiber.  I would agree with a larger pipe, that way if you need to pull additional fiber, you have the room to do that.  Make sure they put a pull string in that conduit.

As far as the rooms go, I truly feel that wired is a better solution.  I have wireless in the house, which is great for some basic thing.  However, when you start streaming HD/Blue Ray movies across wireless, you will have buffering issues.  I've also tried the Ethernet over Power adapters, which work some, but again when you get to the HD videos you start to buffer.

My wife and I are planning on building a house in the next couple of years.  I'm planning on running a minimum of two runs to each room, some with 4-6 runs.  I won't be running any coax in the house.  You may be asking why so many runs.  My family has no traditional TV in our house, which means we stream everything.  Then I also run a VOIP systems.  The next house will be automated along with Video Cameras for the security system.  Don't get me wrong, I am not your average computer person in the home.

Maybe your provider wants to add their own VLan tag to your traffic and but leave your Ethernet frame in tact. This is called QinQ. Sounds like they are dividing your traffic up for you so that you can have CoS. We do this at Comcast for our Metro Ethernet Service.

I doubt we'll be changing things just to change them.

A GUI refresh isn't entirely out of the question, but if that happens it would probably be a part of some other major GUI-impacting change (we may suddenly decide to move from PHP to Python for some reason, or move to some sort of MVC framework), and not just because we felt like redesigning the GUI.

We like to focus on making things work properly, and we try not to break things unless they're actually broken/unusable. Opinions on that vary, but it's mostly a bikeshed discussion.

Getting volunteers to code the GUI changes isn't quite that simple. In an ideal world, sure, but in the real world, you may have plenty of volunteers and very little follow-through, or people will disappear leaving code abandoned. If something of that scale is to be done, it would have to be closely handled/managed by the core team with assistance from the community in places.

Any of those kinds of changes would likely be a couple versions out though. We have some other significant work to do in the meantime, but in a version or two we'll be looking for more things to change/implement as the major tasks like updating the base OS, wireless updates, and IPv6 and such are completed.

That is some serious equipment  :P

Server is back again…
I am able to install packages now...
Thanks for doing magic.  ;D

Thanks to everyone.
I look Adrian Chadd about this in he's blog and is not possible make this function. In AP mode is possible just one channel at time.

Best Regards

The mail reports package can run any custom command you want and the output is included in the e-mail inline as text, however it can only e-mail to one address (the one configured to receive notifications)

That's not to say it someone couldn't use that code as a base to do what you're after. All the functionality is there to e-mail anywhere there's just not an option in the GUI to set that up. (to e-mail people, not to generate the user reports)

If someone can come up with a way to make the reports per-user using a command line script, then the mail reports package could do what you're after with some modifications.

If I get audited, I'm giving them a link to this post.  :)

I don't think you'll find anyone here who will advocate running pfSense as a web or mail server.
It is a cut-down install of FreeBSD, many of the components you would need are not present and would require installing. By the time you have installed all the software you need to do this you will likely have broken pfSense in some fundamental way or at the very least reduced it's security below what is acceptable for a firewall.
People have done it in the past however and there are some long complex threads about it here. IMHO, it would be far better to use an OS designed to offer all-in-one, like Zentyal or SME Server, or install FreeBSD and configure it to your liking.
A good compromise, if you want to run pfSense and I'm in favour of that  ;), would be to run the box as a VM host with pfSense and your servers as VMs. There are many users running that setup.

Steve

2.0, 2.0.1,2.0.2

all of the Video object from youtube did not cache in memory or in disk, but another object like image are cache very well in memory and or disk. what sould I'do to solve this problem's

@podilarius:

Could you post what all you have done to try to choke it? It would be nice to show what all pfSense can do.

Handled an internal packet storm like a champ.

BIOS is as follows:
for the slave (hdd)
IDE CHANNEL 0 SLAVE = AUTO
Access Mode = Auto
Capacity: 60015
Cylinder: 28728
Head: 16
Precomp: 0
Landing Zone: 28727
Sector: 255

for the master (Original CF Card)
IDE CHANNEL 0 Master = Auto
Access Mode: CHS
Cylinder: 980
Head: 16
Precomp: 0
Landing Zone: 979
Sector: 32

Sorry, I don't have what is written on the drive for it's listed specs. it's a WDC WD600UE-00KVT0

I really struggled at 1st with getting this to work until i found the ata.ata_dma=0 trick. Until i applied that setting pf would try to boot but struggled with accessing the drive.

I am on day 5 of my install and no indication as of yet to any issues with the drive or file system.

OK, thanks guys! There shouldn't be anything running it, so I guess I need to check some of my systems.

Case Closed

On TWC RoadRunner myself.  Setup the firewall rules and I'm seeing pfSense blocking 173.194.55.0/24 when accessing YouTube.  Stream still goes through rather nicely using 720p.  I'll keep this thread updated with my own results after even further testing.

Thanks for the heads up.

We don't have a way to sign a cert in the GUI, since if you have access to the CA in the GUI it's much easier just to create the cert on the box with the CA and export it from there to be imported on the other unit.

Threads lock themselves after a certain time limit to prevent people from hijacking old irrelevant threads.

The last post on that other thread is correct, it is best to separate your switch's management into its own separate VLAN so it is not on LAN. How you do that depends on your switch.

It's also best to move your default user ports to a different VLAN so that VLAN1 is only internal switch traffic.

You can access it on another VLAN by having pfSense's port tagged for both the user VLAN and management VLANs and have pfSense setup an interface on the other VLAN's subnet, and you can route between them.

The advice on the other thread was solid, but it was apparently a different issue than you were seeing, so your solution may or may not actually be relevant to that thread.

@cmb:

Looks like referer spam.
http://en.wikipedia.org/wiki/Referer_spam

Thanks!  Interesting that it suddenly appears so quick from so many different sources… Then it kinda rolls off after a couple of days and I won't see but one or two a week if things follow suit the same way as last time.

Firewall is nowhere close to being saturated but Id like to make sure my webserver isn't infected.

Just add a firewall rule that sends all traffic with destination 'medicover.pl' via a single WAN.
See attached picture for an example. I have an alias 'load balance exceptions' where I have a list of websites that don't work with multiple WAN connections. Traffic destined for those is routed only via the default WAN but you could specify which WAN to use there.

Alternatively if you really want only failover, and not load balancing, then lower the priority of one WAN in the gateway group.

Steve


And another commentary with some added opinions:

http://www.dslreports.com/shownews/West-Virginia-Buries-Study-on-How-They-Screwed-up-Broadband-123577