Here is the main thread where people normally post these things:

http://forum.pfsense.org/index.php/topic,57028.0.html

Hi to all.

Please give me an advise how to use the mac filtering of pfsense.

Thank you in advance.

http://www.techexams.net/forums/

I absolutely love the Tech Exams forums and have gotten good advice there on everything related to certifications and recommended study materials.  There's a very active CCNA/CCNP/etc subforum there.

@jflsakfja:

Snort in a bridge can't assign proper IP addresses to the network variables.

Solution:http://forum.pfsense.org/index.php/topic,65858.msg358457.html#msg358457

More importantly: why is your ssh port of your firewall open to the internet at all?

If you REALLY have to have it open, at least move it to something else than 22.

thanks for your answer…

After a few weeks after i posted the previous message - i have restarted pfSense (with the usb keyboard connected) and i somehow had another Kernel Panic with the same message, so i guess connecting that USB keyboard wasn't really the solution.

After googling around i found that if i add

"hw.pci.enable_msix=0"

in the loader.conf should bring the system up to bootable state. And indeed it did, although i still keep the USB keyboard connected to have peace of mind.

I'll keep your proposition at hand just in case i experience the problem again.

Thanks again.

I can't really answer your question. But why are those addresses 192.169?
That is public address space - 192.169.1.1 shows as being in Kansas, USA.
I'm sure you mean to use 192.168.n.n - so maybe you have some entries in your configs with 192.168 and some with typo 192.169?

Como informan esto es en ingles, pero te escribo esta respuesta que te puede servir.
Crea un alias para el equipo interno
menu superior >firewall > aliases
creas un nombre ejemplo serverDVR y lo relacionas con una IP estática de tu red privada.

Luego te diriges a:
menu superior >firewall > nat
y creas una regla donde con la siguiente configuración
interface: wan
protocols: tcp
destination : WAN ADDRESS
DESTINATION PORT: ESCOGER EL PUERTO DONDE LA LA GENTE SE COMUNICA GENERALMENTE ES HTTP
REDIRECT TARGET: COLOCAS EL ALIAS QUE CREASTE
REDIRECT PORT: DIGITAS EL PUERTO DONDE SE PUBLICA EL DVR PUEDE SER DIFERENTE AL HTTP REVISAR.

Espero te sirva.

Not more than 180 at maximum.
Around 15Mbit/s downloading from the internet.

Xeon with quad core 2.1GHz
8GB RAM with Intel Gigabit NICs.
72GB HDD 10k SAS RAID1

Most time the CPU usage is around 2-3%. Some time increases up to 10%. RAM usage around 85%. Swap space 0%.

Latest Squid2.7
Squid 40GB HDD cache size
2GB RAM for caching
Squidguard with www.shallalist.de as blacklist

After using Squid3, I had bad experience while using gmail.com, before login in it needs url needs to be refreshed and also after loging out from Gmail it does not to the home screen of gmail, for that url has to be again refreshed.
Even while using any banking HTTPS sites after completing any transactions, it does not shows any thing. And  in banking sites url are not allowed to be refreshed.

Please resolve the issue of Squid3

Thanks & Regards,
Prashant

Thanks, that makes sense. The server has an LSI controller with year old firmware on it. I've updated it and I've yet to have the error again (cross fingers!)

Thanks again.

It may work but it would be super confusing. Why not just replace an RJ45 jack with an RJ11 jack? Rewiring the jack isn't hard, and then you won't have to even remember which is a data port and which is a phone port or keep special cables around.

Alternately, an RJ11 plug will fit into an RJ45 jack, so just wire it up like an RJ11 at the jack. Still confusing, but less confusing than needing a special cable. Just remember to label the jack appropriately.

The next person who has the house after you may want to shoot you either way you go, though. :-)

I had the same problem but still haven't received any thing to my question which is on the pfsense forum. Therefore I have work out my self and found some kind of a solution. I suggest you to switch off transparent mode and configure your browser for proxy. use the DNS as your PFsense local IP address and add a dns forwarders in your pfsense. use squid guard to mange url filtering. It will also filter https too. There is a small problem with this. the block pages may not display the error message that you have entered.

@heirkeyso:

Sir,

The diagram what I present to you is not a good practice?

I want to use the pfsense for the purpose to serve as a internet or the pfsense is the giving an internet connection to the user and in the same time I can block the website the are using like the social media(facebook, tweeter and etc)., instant messenger, torrent and etc. for the users and I want also to control whose user will I block or gave a full access for the website or url.

Below are my concern:
-> documentation or manual for setting up pfsense
-> if I already finished set-up the box how can I block the https://www.facebook.com and https://www.twitter.com?
-> setting up port forwarding. is it the same in configuring in link-sys router?
-> Is the i7 processor with 8gb ram will enough for the around 60 users?

Sorry for these questions. I'm just new to pfsense and I just want to know everything before I deploy to our office network.

Thank you in advance for your response.

Precious