@michmoor what would it take you 3 seconds to know if pihole is not answering, or unbound is not answering? if dns is not working and I query unbound, and it works - its pretty much a given that pihole is the problem ;) I don't recall pihole ever going down btw ;) And while some users report issues with unbound - I can not recall the last time I had any issues with it, mine never restarts, unless I do it on purpose sort of thing. Nor does it just stop.. Both have been pretty rock solid if you ask me.. Then again I am not loading 47 million things into dnsbl, nor do I forward, and sure and the hell if I did forward it wouldn't be doing it over tls nor would I be having dnssec set if I forwarded. And I don't register dhcp clients either, where unbound needs to restart every few minutes because some update to a dhcp client ;) And my isp is pretty much rock solid.. I always have a cmd prompt open, it takes what 3 seconds to do a dig directly to pfsense IP vs the default dns of unbound. I currently show unbound up for 12 hours, I made some adjustments this morning to my static reservations for some lightbulbs and needed to change some names, so unbound restarted. Other than my changes I pretty sure unbound would be running for the last 20 and half days.. which is the time pfsense has been up.

@stephenw10 said in Installing MC on FreeBDS 11.3 (pfSense 2.4.5): If it's a 3100 (armv7/v6) that makes it even more difficult. It is simply impossible because indeed, the Netgate box has the arm CPU and I run pfSense in a virtual machine on Linux x64 i.e. compiled binaries are absolutely incompatible. Either way, I upgraded 2.3.5 (running mc) to 2.4.4.3 and later to 2.4.5. Obviously I had to change the paths to pfSense repositories before each upgrade but eventually all worked out just fine. I would like to thank Netgate staff for not killing the repositories with deprecated/outdated versions of pfSense and making them available to their users !

@andyrh ah sorry I thought that it ran the same is as the 2930m switches.

6000-WATT AC Power Supply for the Cisco Catalyst 6500 Series Chassis Cisco Astec Aa23200 Power Supply 341-0077-04 Catalyst 6500 Series

@digiguy pfSense Documentation You could have a look in, if you find something you may interested or it is matching your needs or fitting the rest of your network. If you find something configure it out following that docu.

@noplan said in Ideas how to block certain webs (youtube) for kid's PC with possibility to enabling it for some hours.: time based rules [image: 1675882649995-4ef62a83-acbd-41c2-a9ca-b04a60e9379e-grafik.png] configure your time range and add looks like something like that [image: 1675882787882-63cd6497-a933-4056-b845-7c965b2ea1a3-grafik.png] save lets go build a firewall rule but 1st set up an alias for all your kids devices if you have em put not togehter in a VLAN [image: 1675883013986-90e4be13-0378-4f14-837d-72bd779846d9-grafik.png] then [image: 1675883035846-7672a23d-3b1e-4284-90bd-0959cea50e21-grafik.png] Action= Pass Source = ALIAS of your devices DESTINATION = the pfB Alias pfB created [image: 1675883113079-f4d9a175-3d18-4237-9fb2-c14e3f38f53d-grafik.png] Fire and forget ! could be usefull but think about it carefull [image: 1675883629094-6c4c2155-1a73-4208-baf8-e54f29276800-grafik.png] if needed or not [image: 1675883650519-17de044f-4c94-4be7-97c6-837b34d70a9a-grafik.png] **BUT IMPORTANT TO CHECK ** [image: 1675883732800-666900a9-6ef1-49e8-8f18-36f24d0948f7-grafik.png] [image: 1675883776457-db4967b4-ad2a-4043-9e5f-d140c4a55c43-grafik.png] so that should do teh magic have fun and keep us posted !

@patch ok

Firewall Micro Appliance, 6 Port i225 2.5GbE LAN Fanless Mini PC Celeron N5105, No Ram No SSD Gigabit Ethernet AES-NI VPN Router Openwrt Barebone £ 212.34 Micro Appliance 4 Port i226 2.5G LAN Fanless Mini PC Celeron N6005,8GB 2666Mhz DDR4 128GB NVMe SSD Gigabit Ethernet AES-NI VPN £ 350.14

@keyser @keyser said in ntopng helping you troubleshoot: so it’s not worth much when it comes to forensics. Oh i absolutely agree. Im just trying to see how much i can do on a budget of nothing. :) Considering NTOPNG is the community edition and there really isnt much in the way of usefulness that can really be gathered by the traffic identification i figured it was neat that the flows Suricata saw NTOP saw and reported it. That certainly wont be the case all the time. From what i can tell, ntop is really good at figuring out current top talkers. For more historical data im looking at NFSEN but i cant get that to run on Ubuntu 20.04. Documentation is very dated.

I use PVE. Everything is very stable and no problems.

@backspacemild Thank you.

@yasa Instead of a prepackaged FreeBSD, couldn't you download and install pfSense ISO on the VM? I planned on doing this (just waiting to buy a bare metal Lenovo) with OpenStack on VMware ESXI. If your project is for your home/lab, alternatively, you could try TNSR since it's based on Linux and the cloud version (AWS & Azure) starts at $0.127/hr.

@afcarvalho said in Help on rules: If I check the reverse option I am doing what? This is, at least on the english language side, called "Invert" meaning the switcher of NOT. Check the box and it will say the IP is NOT the value of what you entered then do something. If you're using a language translation and it is stating something that does not mean 'opposite' or 'invert' or 'not' then please let us know by opening a redmine :)

@stephenw10 I have just watched the video and its actually might help another issue with a raid card I have been having problems with as well so again extremely appreciated now

Ooops!

@keyser said in IPS external logging: but rather just have full monitoring and alerting of usage, issues and downtime. I use a combination of Zabbix and Graylog for email notifications. You're right, pfelk was more for visualization as i had more than one pfsense out there and wanted a central dashboard. In the end, to be honest, its more cumbersome to get it all set up and sorted out. There is a project out there that i use personally. https://github.com/VictorRobellini/pfSense-Dashboard I got a nice visualization in Grafana. My current dashboard [image: 1673641146492-42b3c220-d41f-4b48-8d35-8977d05de613-image.png]