Looking for syslogs with external host data (i.e. public internet facing)

I have internal network logs and can collect without an issue.

This topic has been readen 1177 times. It means that many people interested in this technology, really good thing to drop NPt away in IPv6 Multihoming.

@huzbub:

Can PFBlockerNG DNSBL be used in conjunction with OpenDNS?  I realize this may be a little redundant as OpenDNS does much of what PFBlocker does but I like the multiple layers of protection and additional customization of PFBlocker.

I used the guide below to get OpenDNS setup and it indicates that DNS Resolver must be disabled.  And if I understand correctly the DNS Resolver is required for PFBlocker to work.

https://forum.pfsense.org/index.php?topic=112288.0

DNS Resolver & Forwarder

Once you completed the above process, you need to disable DNS Resolver and enable DNS Forwarder.
(I am not sure if DNS Resolver can be configured with OpenDNS, I tried to configure it but no luck. With DNS Forwarder, everything work well. Maybe someone can help out to explaining it WHY)
To do this, you need to go to Services > DNS Resolver > Enable: (Unchecked)
After that, Go to Services > DNS Forwarder > Enable: Checked
Interfaces: All
Click Save

Any help appreciated!

The DNS Resolver (Unbound) can be enabled in Resolver or Forwarder mode. Don't confuse that with the DNS Forwarder (DNSMasq).

So you can check the DNS forwarder option in the Resolver. And add the OpenDNS servers to the pfSense General tab settings to utilize both DNSBL and OpenDNS.

sorry i guess you didn't understood what i said. I have made a custom pfsense iso which doesnt boot so i was wondering if anyone can help with that . The iso i made is bootable , but it shows the error " cant find kernel".

@renato.nogueira:

@doktornotor:

If you do not want the webgui, just don't install it.

pkg remove pfSense-pkg-squid pkg install squid

sorry, the pfsense is 2.0.1

No, there is no formal spec or XSD.

Thanks for raising Rajko and thanks for the fix devs.

Thank you both for the helpful replies. Might not be a bad idea to add a note about that to the Developer Style Guide (e.g. Whenever possible, the preferred way to reference interfaces is by using the logical interfaces name eg opt2 yada yada…)

@thallam08:

Issue is still there in 2.3.3 and 2.3.3_p1

Not really, don't necropost.

https://github.com/pfsense/pfsense/blob/RELENG_2_3/src/usr/local/bin/dhcpd_gather_stats.php

I made a small test patch (have not submitted a PR yet because I wanted feedback first) that seems to solve the issue for me. At least in my case it was caused by Console opt 16 restart php-fpm, killing that made check_reload_status go into a nosedive.  So I wrapped it with a start/stop. Been testing that for a couple days and so far it has helped. Any thoughts?

Side note: since it doesn't seem possible to build a "pfSense" platform from source, what is the recommended method for trying to make & test changes to check_reload_status.c in case it needs to be worked on?

edit: didn't get any comments here so I submitted PR#3637

I think it's fairly obvious that it's broken on purpose and you won't get any assistance from pfSense guys here, whatsoever.

https://forum.pfsense.org/index.php?topic=109089.0

Dude dunno what are you after here. There's no user-configurable stuff in there and in general nothing of user interest in there either. The file was split to one per PHP extension. There's nothing to patch, fix, add, edit or invent there.

And no, there's is no easy way to look.

Ok so i figured out the problem. It should probably be noted in the documentation that in order for accounting to work FreeRADIUS needs an interface set to listen on port 1813 for Accounting packets.

But now i have a new problem. According to the documentation to reset the counter you simply have to delete the used-octets- <username>file. Well for some reason that does not work. When it regenerates the file it simply picks up where it left off.

At this point i dont think i will even use radius to handle the data caps i will just use it as a counter and handle everything with scripts. But its going to make things a lot more complicated if i cant reset the counter.

Edit: Im also noticing something odd about the accounting. It seems the usage counter continues to increase at a rate of a few hundred KB per minute even when the user is no longer connected to the network. Meaning a user can login then disconnect their machine from the network and until their login session times out they will continue to use data at a relatively slow rate. That will get rather annoying if i cant figure out how to fix it…

Edit2: Its worse that i thought. A user that isnt even connected to the network just used around 20MB in about 10 minutes. Thats going to make this completely unusable...

Edit3: Unless im just missing something stupid i think radius accounting may just be broken on PFSense. I just tried a fresh pfsense install on a different system and its doing the exact same thing...
So... Any ideas?

Oh and what i said about it showing 20MB used in 10 minutes... It got worse than that. It seems a bit random but after a bit more testing i left the test user connected and went to bed. In the morning the user had been disconnected for reaching the 100GB limit set...</username>

I know this is off topic. But does this device support inline IPS?

Also do you know where can I get updated firmware for this device.

Thanks in advance!

My favorite is: http://php.net/manual/en/pcre.pattern.php

Along with:

$regex_sub_pattern_x = "something_x"; $regex_sub_pattern_y = "something_y"; $regex_sub_pattern_z = "something_z"; $regex_pattern = $sub_pattern_x . $sub_pattern_y . $sub_pattern_z;

Kind of torn between the alternatives.

Found this quote interesting.  Never thought of the opcache.
http://stackoverflow.com/questions/7147305/performance-of-variable-expansion-vs-sprintf-in-php

Ultimately the 1st is the fastest when considering the context of a single variable assignment which can be seen by looking at various benchmarks. Perhaps though, using the sprintf flavor of core PHP functions could allow for more extensible code and be better optimized for bytecode level caching mechanisms like opcache or apc. In other words, a particular sized application could use less code when utilizing the sprintf method. The less code you have to cache into RAM, the more RAM you have for other things or more scripts. However, this only matters if your scripts wouldn't properly fit into RAM using evaluation.

Sounds like single quote (nowdocs) catenation may be fastest when only a single var.  But then there is that opcache thing and memory mentioned in the quote.