1. Home
  2. Off-Topic & Non-Support Discussion

Subcategories

  • Discussions and feedback related to this forum

    610 Topics
    3k Posts
    G
    @stephenw10 This is my final note since it seem you will always look at this as an endpoint. It doesn't appear, it actually is, the facts are the facts. Still, moderator usually have a way to remove posts and ban single users, not just the entire herd, or at least the ones use. Perhaps those are more advance, or perhaps netgate forums lack that functionality. I never said negate took this issue lightly, I was just looking for some feedback. I have seen this process many times and for the looks of it, pfsense CE is very much in maintenance mode. Just because netgate wants to be politically correct does not mean it is not. The fact are there and they are fallowing the same path as others did. Again, this subject is just becoming redundant and it is affecting other users in the forum.

  • Community Hiring and For Hire postings related to jobs that require pfSense software skills

    29 Topics
    117 Posts
    w0wW
    @sef1414 Name it "run.sh", copy to pf and chmod according documentation https://docs.netgate.com/pfsense/en/latest/development/boot-commands.html#shell-script-option You will see messages in the system log like those quoted in the script after logger command.
Log in to post
Load new posts
  • A

    webgi blocking

    1
    0 Votes
    1 Posts
    243 Views
    No one has replied
  • K

    Postfix behind pfSense wrong WAN IP in Received header

    6
    0 Votes
    6 Posts
    836 Views
    K
    1:1 NAT is not providing the outbound mail to the .160 IP address, it remains as .164 Packet Capture is not providing anything remotely useful to ascertain the issue either :(
  • A

    internal external nat problem

    2
    0 Votes
    2 Posts
    226 Views
    KOMK
    https://doc.pfsense.org/index.php/Why_can't_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks Use split DNS.
  • W

    How to shape traffic from floating to LAN interface

    1
    0 Votes
    1 Posts
    228 Views
    No one has replied
  • M

    Monitoring my pfSense box

    4
    1 Votes
    4 Posts
    680 Views
    M
    Changed the new devices to use commands so I can isolate to just the new systems (assuming you assign static IPs to all devices and your DHCP range is 100 - 199. New Devices - date -v-1d '+%b %-d' | grep -f /dev/stdin /var/log/dhcpd.log | grep -E "([0-9]{1,3}[.]){3}[1-9]{3}" | grep "DHCPOFFER"
  • W

    Floating rules Not working with squid installed

    5
    0 Votes
    5 Posts
    870 Views
    W
    can't limit the upload. only working is download. found the tutorial here https://forum.netgate.com/topic/107276/howto-multi-wan-traffic-shaper-with-bandwidth-limits-per-interface [image: 1554631174655-untitled111.jpg]
  • F

    Disk usage ( / ) is 100%

    24
    0 Votes
    24 Posts
    19k Views
    DerelictD
    Almost always enabling squid logging without enabling rotation.
  • J

    Latency spike when pushing GBit LAN<->LAN (vlan issue?)

    5
    0 Votes
    5 Posts
    838 Views
    J
    I just found out it must have something to do with VLANs. My setup: 4core 2ghz / 4gb / 4x I211-AT NIC 2x WAN (1x 250MBit / 1x GBit) 2x LAN 2x Netgear GS724T switches Case1; with vlans (issues) -> Server1 connected to LAN1 (no vlan) -> Server2 connected to LAN2 (with tagged vlan behind the 2 Netgear switches) Doing iperf3 between the two servers is bringing down the WAN1 interface! )(strange bacause there should be no traffic going over that interface) Doing iperf3 from server2 over WAN2 to another iperf3 server brings down WAN1 (note; traffic is going over WAN2, but WAN1 latency spikes and gateway goes down) Latency spikes above 1000ms and then brings down the WAN. Case2; no vlans (no issues) -> Server1 connected to LAN1 (no vlan) -> Server2 connected to LAN2 (NO VLAN behind the 2 Netgear switches) Doing iperf3 between the two servers is giving me GBit. Doing iperf3 from server2 over WAN2 is giving me GBit WAN. Latency doesn't spike above 10ms. So, my conclusion is that the VLANs are causing a lot of problems with high throughput. I couldn't find many tweaks to do with VLANs in pfSense, so I hope someone has an idea about this? Thanks! EDIT: It's not WAN2 that goes down in Case1 but WAN1. So, it's always WAN1 that's going down. Is there something about the default gateway that's used with all VLANs or something?
  • N

    Selective routing?

    4
    2
    0 Votes
    4 Posts
    571 Views
    DerelictD
    Search for "policy routing" instead of "selective routing" and you will probably get more pertinent search results.
  • KOMK

    New Intel stuff, including 100Gb NIC

    1
    1 Votes
    1 Posts
    268 Views
    No one has replied
  • O

    Blocked all mail ports but i can still send emails

    16
    0 Votes
    16 Posts
    2k Views
    O
    @Grimson i have been blacklisted several times over the past week and cant seem to find which device is spamming from the network,although ran Malwarebytes basically on all client devices
  • J

    DMZ rules

    3
    1
    0 Votes
    3 Posts
    594 Views
    JeGrJ
    I agree, makes no sense to define point to point rules (first 5) and then throw /24 behind it so the whole network can talk to each other. Also those rules are TCP only so if you are that specific, why not also include the ports instead of "all"? I'd also sort the kind of infrastructure rules on top (allow DNS, Ping, NTP and 80/443 for updates or such likes) and make them more specific so it won't interfere with other rules. Normally if that's your DMZ I see no reason why my DMZ hosts should talk to any DNS out there if I have a resolver/forwarder with caching running myself. Same for NTP. I would consider creating a RFC1918 Alias with all private IP space and use that instead of LAN net as a target so to reject all traffic from DMZ to other internal networks. If you specifically need a single IP or subnet, add that with a pass above the reject. So you can't accidentally introduce a new subnet on your firewall and open it up to network segments that it shouldn't be visible. That are the basic thing's I'd consider.
  • J

    Snort alerts

    2
    1
    0 Votes
    2 Posts
    226 Views
    NogBadTheBadN
    You'd be better off setting an IPS policy. Google the error messages, the TMG one is one I've disabled. [image: 1554211853424-screenshot-2019-04-02-at-14.29.01.png]
  • T

    pfsense and mi gateway

    1
    0 Votes
    1 Posts
    420 Views
    No one has replied
  • T

    Pfsense block microsoft store

    3
    0 Votes
    3 Posts
    1k Views
    GertjanG
    @tuyensteven said in Pfsense block microsoft store: I can not connect microsoft store Good news : not pfSEnse related. I just visited https://www.microsoft.com/en-gb/store/b/home?rtc=2 works fine for me - and I'm using pfSense.
  • I

    Blocking internet for few client except skype on pfsense ?

    1
    0 Votes
    1 Posts
    169 Views
    No one has replied
  • T

    Help with PCIe network card issues

    3
    0 Votes
    3 Posts
    587 Views
    T
    @Grimson Thanks for the reply Grimson. I forgot to mention that I had used an ubuntu live boot and ran lspci with no results...so I'm almost positive it's a lower level issue than the bsd kernel. Thanks for the advice though. If I get any additional information from asrock, I'll post it here.
  • M

    This topic is deleted!

    1
    0 Votes
    1 Posts
    32 Views
    No one has replied
  • A

    pfSense hardware selection help

    hardware gigabit fiber pppoe router
    6
    0 Votes
    6 Posts
    3k Views
    A
    @alpineaudio said in pfSense hardware selection help: @akuma1x said in pfSense hardware selection help: firewall black-boxes and more specific, this one's an i5 https://www.amazon.com/QOTOM-Q355G4-Factory-Firewall-Multi-Function-Appliance/dp/B06XNWLR3J/ref=sr_1_fkmr2_2?keywords=pfsense+firewall+black-boxes+i5&qid=1553882807&s=gateway&sr=8-2-fkmr2 This one is a much better choice! I'm going to get up on my soap box here... keep in mind, you should try to support the pfsense open source project as much as you can. With the Qotom box you found, you're only about $60 away from the "official" Netgate SG-3100 box. I'm not trying to guilt you into a purchase, and I'm not saying you're going to get a better experience with name-brand or not, but being that close in price, I would send my money to Netgate and the firewall project itself. Jeff
  • M

    Sangoma or other hosted PBX feedback?

    3
    0 Votes
    3 Posts
    492 Views
    M
    Just VoIP phones, ideally no on premises equipment.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.