It's also mentioned at the downloadpage at pfsense.com and even at the shell after assigning the interfaces the first time.

Please use something more descriptive the next time you start a thread. This one sounds like you are drowning and need a baywatch babe.

@techatdd:

There are too different bugs:

(Configuration: 192.168.1.2 pfsense Beta3 with a PPPOE Wan Connection as the default gateway and 192.168.1.4 pfsense running squid with a second PPPOE Wan connection.)

First. When I configure a Nat rule on the 192.168.1.2 for redirecting http traffic to 192.168.1.4:3128(squid) I get simply no HTTP Respond back so nothing works. The same NAT rule works fine, when I configure it on 192.168.1.4 and set this box as the default gateway.

You can't redirect to an internal server from inside.  With reflection, it might work, but will be horribly slow.  PF isn't designed for it and the NAT hooks aren't in the correct place to allow for it.  We won't be changing that behaviour, it's a limitation in the OS.

@techatdd:

The second bug has nothing to do with squid (it dos not works with or without a transparent squid).
Second. When I configure on 192.168.1.2 the second box (192.168.1.4) as a rulebased loadbalancing gateway and create a firewall rule selecting this gateway for port 80 traffic, the inbound traffic works fine, but the outbound traffic is terribly slow (<1 kb/s) after something like 64 kb.

See above.  Same problem.

–Bill

@fuzzy:

Will pfsense be a participating mentoring organization in the google summer of code 2006? If so, when will there be ideas posted on the google participating mentoring organization links?

Unlikely.  But FreeBSD will be.  Don't let our lack of participation prevent you from implementing any of these ideas:
http://wiki.pfsense.com/wikka.php?wakka=BillM
http://wiki.pfsense.com/wikka.php?wakka=GeekGod
http://wiki.pfsense.com/wikka.php?wakka=IdeasThatAreGoodButNotReadyQuiteYet

–Bill

haha that robot from LExx would be great. Man i havn't watched that show sense highschool i use to rush home from college classes at night just to watch it.

um, if we had a large enough floppy array could run pfsense;)

And how about bothering looking for FAQ answers before asking ?
http://faq.pfsense.org/index.php?action=artikel&cat=1&id=16&artlang=en

ta - i think it helps when doing themes and stuff to know what the important parts of the logo etc. are so you don't accidentally stomp on people's toes ;)

DON'T GET PWN3D

Gee, thanks Scott :).
I mean, thanks to all devs ;D.
Cheers

Thank you and all the best to all of you  :)

@sullrich:

@maunded:

Yes, the client software reports the errors, I believe they were all request timeouts, when I say 10+ I mean there were on average about 10-15 errors in 9000 requests

I dont have the vmtools loaded on any of the servers, I will try that next week.

Any idea why the request/sec was so low for pf?  I thought that it may be because the client software I am using is sending all requests from one machine?  Does pf have some sort of connection throttling?  Is it trying to defend itself against a SYN flood? Is there anywhere I might start to look for errors?

D.

In a nutshell: VMWare + FreeBSD networking performance sucks.  I would try these tests with real hardware.  I know this is not what you want to hear but its true.

There's also a possibility that it's state table collisions (pf flushes expired states every 10 seconds by default).  In the real world you'll see connections from a larger number of IP addresses so this tends to be less of an issue.  This may, or may not be the problem here, just offering up another suggestion ;)

FWIW, I've got hosts that do 1000 state table insertions and removals / second with 90K active states w/ no problems.  This is on PF's native platform though, I can't speak for FreeBSD although a number of people have mentioned similar numbers to me personally.

–Bill

In reality, it's not an old box, Its an "old" HP DL-380 G4 (about 1 year of life)…
I see on the BIOS and they support boot by the usb port.

thanks again

@Cyrandir:

…Only drawback would be if the turkey actually made it's saving throw....

HAHAHAH now THAT is humor!!!

@submicron:

I saw that lighty has been moved back into the tree, which is great news.  As I understand it, using lighty will make captive portal really snappy but what are the other benefits we can expect to enjoy from the transition?

Have you followed the mini_httpd bugs threads?  That alone makes it worth it.

Other than that:

fast-cgi

additional caching

bsd license

output-compression

doesnt need to fork for every incoming connection

Hi ZGamer,
Take a look here http://www.routerboard.com/rb44.html.
This ain't low profile but at least it's multiport…
Hope it helps.
Cheers

@smoked1:

Mailing lists are a bit of a pain. I think everything should be on the forums.

What you think is different from what others think.  A forum allows people to be "loose" whereas a mailing list makes you think twice before blabbering.  Not saying your blabeering, just pointing out the differences that I have noticed.

@sullrich:

@Cyrandir:

That's dirt cheap!  Too bad I don't really have a good excuse to buy one…. Good tip for the community though!

How about a 9.99$ one?  Just wait until black friday…

http://www.blackfridayads.com/stores.php?sid=6

Ya, I was looking around on the black friday stuff. For the stuff for Black friday there were 1 gig compact flash cards for like $30ish….heck compusa has 160gig sata drives for $19

sounds good!  we'll take it!