Been a steep learning curve for me. Most of all its been a great learning experience. I hope to write some software for it -but first I needed to put it through its paces. See what it is capable of running.

I still need to compile a kernel on for it with debugging off to see what I am missing. All the data from -current can be confusing.

So far the closest to pfSense running on for me is:
pf_enable="YES"
pf_rules="/etc/pf.conf

EDIT:
Let me correct this:
I plan on using Crochet for compiling a refined -CURRENT kernel.

https://doc.pfsense.org/index.php/Limiters

The Limiters feature sets up dummynet(4) pipes. Dummynet was designed to simulate any kind of network connection. Various types of connections can be simulated such as Dialup, T1, a T1 run through a microwave oven, or a satellite connection to the Moon. A side effect of being able to simulate any type of network connection is that they can also be used to limit the amount of bandwidth a host or group of hosts have access to.

(My bad, I should have just stated that limiters are dummynet pipes rather than feigning ignorance.)

I guess we will just need to wait and see how pfSense/FreeBSD incorporates these new algorithms. I am unaware of any ability to control the finer details of dummynet scheduling algorithms.

AFAIK, dummynet was intended for testing network setups (configurable error-rate, bit-rate, delay, etc).

Anyone know if a limiters setup can function the same as a standard ALTQ setup, like ACK prioritization?

I had looked at that but it didn't occur to me that you could add extra disk counters via a command-line.  There sure wasn't a way to do it via its own form.

@doktornotor:

The moment you inadvertently press the "remove shaper" button on a box several hours drive away are certainly priceless. As I noted on the bug, for now it'd suffice to make the button do things in proper order, or (more easily), just force user to do it so that the queues are gone before the shaper itself and making it inactive otherwise.

To add, I did try running a ifconfig <interface>down and up to toggle the interface to no avail through the physical console.

I initially tried running an easy pass rule thinking that the rules on the $if were dumped but that didn't work either so there's that.

This is the first time it has happened to me throughout the years (from 1.2 RC to 2.1.5) so I can't for the life of me figure out what went wrong.</interface>

I just bought motherboard "GIGABYTE GA-Z97N-WIFI" and having a problem with pfsense 2.2.4 not recognizing LAN2 NIC (Atheros 8161B).

pfsense 2.2.4
It is based on FreeBSD 10.1 - which includes Atheros support but for only Atheros AR813x/AR815x NICs (link: https://www.freebsd.org/cgi/man.cgi?query=alc&apropos=0&sektion=4&manpath=FreeBSD+10.1-RELEASE&arch=default&format=html)

For this motherboard NIC2 to work, we need FreeBSD 10.2 or higher.  FreeBSD 10.2 supports (Atheros AR813x/AR815x/AR816x/AR817x) link: https://www.freebsd.org/cgi/man.cgi?query=alc&apropos=0&sektion=4&manpath=FreeBSD+10.2-RELEASE&arch=default&format=html)

I do not want to install nightly experimental builds, so I will try to install if_alc.ko and load into the 10.1 kernel.

@gilberto667:

Hi,

Have a nice day! I am brand newbie from BD. I would like to introduce myself with all of you here. Myself Gilberto. I love to read new books. Also love to swim as well.

Regards

Yes, you really need to know how to swim in Bangladesh - some wet seasons it is hard to find any land :)

Let us know when the SD card dies… :)

Ha! I only have one to worry about.

Cox does a lot of the hospitality Wi-Fi here in Vegas.  I noticed one of them was handing out Public IPs to guest devices by default.

Guaranteed it's a place to park IP space for use later and, perhaps, to use them up so they could justify another block.

This was a couple years ago.  Haven't been back to see if they're still handing out publics.

Hi Kulpreet,

I see in another question your using haproxy also.?. Not sure if that was for the same purpose?

Assuming so ill tell a little about haproxy.
It allows configuring the ciphers and ssl protocols that you want to support. Its possible to get A+ when configured with HSTS and a carefully chosen cipherlist. If you import the intermediate and server cert into the certificate manager separately that should allow the haproxy package to build the right certificate chains to use. Also import the CA cert if you want to use OCSP-stapling.

Regards, PiBa-NL

Thats pretty cool

In my entire life, I don't think I have come across a device with a reset button that didn't locate it at the back or bottom of the unit, usually recessed via pinhole access.  But Cisco knows better, I suppose.

My only complaint was that the default kernel did not have ALTQ enabled.

I should really figure that out…