Are you able to share this package? Interested in the same thing.

yeah that is what it seems like to me as well.  I for now have just turned off logging of the auth.  Maybe I am just having a brain fart but I don't see a way to log just failures and not log good auth which would be better than no logging at all.

While they are not doing it like every minute its does produce quite a bit of spam in the logs when you have 2 of them doing it every few minutes all night long, etc.

Or be nice if you could set it somewhere on the phone to only do it say every hour or something when they are sleeping.  I will have to look through the iphone settings, but what is odd is not seeing it from the ipad and its on the same eap-tls network.  When I get a chance I will explore the difference in settings on the ipad vs the iphones.

We have generated them in a while and we stopped using them completely in 2.3.2. So if you're on 2.3.2 and working fine, you're ahead of the curve.

Only a few people have had issues that we've seen. Most all of them easily solved by a client software upgrade or tweak in the settings.

@cmb:

There almost certainly won't be a 2.3.3 release. There will be 2.3.2_x updates no doubt, especially since that's the end of the road for 32 bit.

Hmmmm, Would have thought 2.6.4 would be more fitting end of the road for 32 bit. ;)

I would also appreciate any insight into logging from pfsense to security onion now that snortby is depreciated from the security-onion iso.

She was. She had a Masters and PHD related to computer systems security. We'd talk for hours after class since she mostly taught just a handful of high level courses. She taught 4 of my courses, server administration, securing servers, network design, and network security. Something like 5-6 credits per class and something I enjoyed, so easy As. GPA boost! I graduated with a little more than 2x my required credits for my major.

I got to work with her husband who was head of IT security. Now my brother is working with him on a research project for AI learning intrusion detection. He's working towards a PHD in AI. My brother is leader("because no one else knows what they're doing") for like 4 different research projects at the same time while helping my University redesign their datacenter for their own personal cloud, while doing an intern project for programming a super computer. And he has exclusive access to the super computer and is allowed to pretty much program whatever he wants.

He and I rarely talk, but when we do, it's a total geek fest. Not many people understand us. He's a lot more ambitious than I am.

Lol 😊

Go to Firewall->Schedules. Add a schedule for the days and times that you want to allow access. Add a rule at the top of the rules for the interface that allows (pass) all traffic, click "Display Advanced" at the bottom of the rule settings, choose the schedule. After the pass rule, put a block rule that blocks the traffic at all times.

During the schedule period the pass will be in effect. Outside of the schedule, the pass rule will be disabled and the block rule will be in effect.

If you have no other rules on the interface, then you can omit the block rule at step (3), if you like. The default action is to block anyway.

@jdillard:

article not found.

Sorry about that…I had a problem where the article kept reverting to draft. When I re-published, it was the next day which chaged the url.

Thanks mhab12, for posting the right link.

Steve

With phil on this dns has nothing to do with ping at all..  When you say you can not ping IP, that points to you tried to ping the IP address, not resolve some name that never resolved..

I would want to do know what he is trying to use for dns in pfsense.  It default to using unbound that would actually try to resolve.. Did you change it to the forwarder?  You have a static IP on your wan that is rfc1918 and your asking it?  Do you have the block rfc1918 set?

Your nat device in front of pfsense could be blocking dns to the authoritative servers which is what resolver does, your isp could be doing that, etc.

Thanks, that's half the problem solved.  If someone could make a suggestion as to best practices for storing/backup/recovery of custom scripts that would be much appreciated.

That board pictured would make a killer FreeNAS rig.

Lightning strike nearby a site. Lost more than the switch..

no one know ????????????????

I've just completed tests… I let 2-3gb trough each port :)
Found 5 faulty on walls...