Thanks KOM, I'm going to post the topic in that forum. Regards,

We don't plan on including SoftEther with pfSense however that shouldn't stop you or anyone else from developing SoftEther package for pfSense.

I like upbeat posts  ;D

@johnpoz: Why would you not just create a firewall rule to stop them from going outbound?  And only allow the stuff you want, and actually limit that as will with a limiter. They are not going to the outbound directly, they are managed by el proxy server wich have full access to the WAN interface of the pfsense (www). I do not want to block them at all, I just want to know whem an user is using NAT before enter to the infraestructure.

Looked into this more, to be honest, I did not see this coming. Have not done any website work for some time, damn. Downloaded the CSV file for complete list. WTF! If you were sleeping at the keyboard like I was, link below for more info. https://freedom-to-tinker.com/2017/11/15/no-boundaries-exfiltration-of-personal-data-by-session-replay-scripts/ Easy Privacy should have all the site domains in the block list. PfBlocker with Easy listings enabled will stop it and UBlock or NoScript would also. Did I ever tell you how much I hate javascript. >:(

https://doc.pfsense.org/index.php/Main_Page https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

Just updated my APU2C4 without issue. Thanks for another great release!

Thanks, I'll do that.

Either General Questions or Traffic Shaping would be a better place for your question.

Anyone have any suggestions .. TIA

i have learned that what i am looking for is called a utm (unified threat management) i can not get a copy to play with for experimentation, and it looks like it is a standalone that will not play with sense OS now, seeing as how this would be a total game changer and everyone would benefit from it, and everyone needs it the #1)  question is why do we not already have it and 2)  what do we have to do in order to get it so this leads me to wonder if there is a plug in, or set of accumulative  plug-ins available that i am not seeing again after all this i want to keep a diligent focus on my end goal i NEED to be able to watch  traffic real time GUI, with a line of data classified how and what you chose to show. the ability to right click on it, stop the flow, and chose what type of restrictions to implement into the firewall for that specific address, or general domain as a incredible volume more effective, faster, and efficient that a CLI table modification.

@Harvy66: Looks like this got pushed back until at least 2.4.4  Makes sense. Lots of bugs fixed in 2.4.3 and no point delaying longer that needed. I would say that this one feature could almost warrant its own release if 2.4.4 starts taking too long. fq_codel is magic for the cares of most who use it. No rules, no priorities, just set your bandwidth and done for most situations. 100% agree with you on this.  There's only a handful of parameters that can be tweaked on the fq_codel algorithm and the performance (from what I've been able to test so far) is excellent given its simplicity.  Including it in the GUI would really drive up adoption and we could then focus just on recommendations for tweaking parameters. In the meantime, setting it up manually doesn't require all too much effort.  All one needs to do is create a pair of limiters, with queues underneath them.  Apply the queues to the appropriate firewall rules and then enable fq_codel for the queues using the CLI.  The changes can easily be made persistent through reboots by using ShellCmd.

Also doesn't pfsense pull rfc1918 out of the bogon? if you look in the pfsense table bogon, the rf1918 networks are not there.. https://github.com/pfsense/pfsense/blob/master/src/etc/rc.update_bogons.sh if [ $ENTRIES_MAX -gt $((2*ENTRIES_TOT-${ENTRIES_V4:-0}+LINES_V4)) ]; then egrep -v "^192.168.0.0/16|^172.16.0.0/12|^10.0.0.0/8" /tmp/bogons > /etc/bogons RESULT=/sbin/pfctl -t bogons -T replace -f /etc/bogons 2>&1

Looks like a failing disk to me.