Yes!  Please if you can make that public, it would be very helpful.

Thank you for your reply and the new link.

2.0.3 for now for most people, but there's not much left to do on 2.1 either before it moves to RC1.

No. 2.0.3 is frozen for anything but bug fixes. Why not 2.1? It's about to go RC1, and it's been stable for a while. It doesn't make much sense to resist it at this point if your hardware works there.

Well, no reason, it just "feels" right. I know both IP addresses are valid, but somehow I think that the subnet is mine and the tunnel endpoint is not. I just want to control which IP address the firewall uses. The firewall has got two IPv6 addresses from the subnet, one being on a bridged interface (two physical ports and one vlan), the other a vlan. It also drives me crazy that after I deprecated the local tunnel endpoint the firewall now uses the IP address from the vlan, and not the bridge  :( and I have no clue how to change that. I tried to change the metric of the vlan interface but that didn't help. So, if you don't want to implement such a thing, is there a playce where I can put that command so that it is executed everytime the firewall boots up (or better, everytime the interface is brought up)?

@ifconfig: @simontkk: Hi, Can anyone help me ? I have keep tried for this for last 2 week but still successful. Although I was successfully built the ISO out, but I still see there is some port error for syslog-ng ,  openssl  and IONCUBE ? May I know why ISO still able to built although there are some error on ports ? I want to know some logical concept behind this. May I know how to settle the error at above ? Thank you very much if anyone could help me. Best Regards, SIMON TIONG Hi. Building ports and building iso are individual. Building ports step builds and installs ports to computer you work in. In the next steps, the essential binaries and other files for pfSense are copied to pfSense's root by using copy.list.WHATEVER. If a file doesn't exist to copy, they are listed in the /tmp/pfPort/copy.list file. Hi ifconfig, First of all, thank you for your valuable information. I found that inside my /tmp/pfPort/copy.list it stated some error like following. May I know, do you any idea of what causing the error ? Could not locate lib/libgeom.so.4 Could not locate usr/local/sbin/syslog-ng Could not locate sbin/rtsold Could not locate usr/local/lib/libxml.so Could not locate usr/local/sbin/slbd.sh Could not locate usr/local/bin/verifysig Could not locate usr/local/bin/radns Could not locate usr/local/bin/sqlite3 Could not locate usr/local/bin/zmq_forwarder Could not locate usr/local/bin/zmq_streamer Could not locate usr/local/bin/zmq_queue Could not locate usr/local/sbin/dhclient Could not locate usr/local/sbin/dhcpleases6 Could not locate usr/local/sbin/bpalogin Could not locate usr/local/sbin/haproxy Could not locate usr/local/lib/libevent-1.3e.so.1 Could not locate usr/local/lib/php/20060613/pdo_pgsql.so Could not locate usr/local/lib/php/20060613/ioncube/ioncube_loader.so Could not locate usr/local/lib/php/20060613/ioncube/ioncube_loader_ts.so Could not locate usr/local/lib/olsrd_dyn_gw.so.0.4 Could not locate usr/local/lib/olsrd_secure.so.0.5

thanks, that put me in the right direction.

Thanks!.. Mine mistake was shared secret. Actually I forgot it to configure in CP.

Great, it works … thanks a lot

And a little tip to who wants to use Freeradius 2 with PostgreSQL: Accounting operations work correctly with MySQL but with PostgreSQL, don't update the radacct table. So, some attributes like Session-Timeout don't work.

I'm half way of making samba pkg work. @Marcelloc, I have problem. In pfsense 2.1 packages are installing in /usr/pbi/*. While creating tbz package, can I change the installation destination directory of package to /usr/pbi/samba? By default it is installed in /usr/local with it's all dependencies. Here is link to repository where I'm creating package - https://github.com/pszafer/SambaForFreeradiusPFSENSE

I finally figured out what went wrong. There where 2 issues. The XML tag isn't used by PFSense at all, below a copy of the method PFSense uses to generate the rules (https://github.com/bsdperimeter/pfsense/blob/master/etc/inc/filter.inc). You should not use a subdirectory for your package; leave it in '/usr/local/pkg'. Otherwise the system won't find your 'generate_rules' function. function discover_pkg_rules($ruletype) { global $config, $g, $aliases; /* Bail if there is no pkg directory, or if the package files might be out of sync. */ if(!is_dir("/usr/local/pkg") || file_exists('/conf/needs_package_sync')) return ""; $rules = ""; $files = glob("/usr/local/pkg/*.inc"); foreach($files as $pkg_inc) { update_filter_reload_status(sprintf(gettext('Checking for %1$s PF hooks in package %2$s'), $ruletype, $pkg_inc)); $pkg = basename($pkg_inc, ".inc"); $pkg_generate_rules = "{$pkg}_generate_rules"; if (!function_exists($pkg_generate_rules)) require_once($pkg_inc); if(function_exists($pkg_generate_rules)) { update_filter_reload_status(sprintf(gettext('Processing early %1$s rules for package %2$s'), $ruletype, $pkg_inc)); $tmprules = $pkg_generate_rules("$ruletype"); file_put_contents("{$g['tmp_path']}/rules.test.packages", $aliases . $tmprules); $status = mwexec("/sbin/pfctl -nf {$g['tmp_path']}/rules.test.packages"); if ($status <> 0) { $errorrules = sprintf(gettext("There was an error while parsing the package filter rules for %s."), $pkg_inc) . "\n"; log_error($errorrules); file_put_contents("{$g['tmp_path']}/rules.packages.{$pkg}", "#{$errorrules}\n{$tmprules}\n"); continue; } $rules .= $tmprules; } } return $rules; } I hope that this info will help someone figuring it out a lot faster than I did  ;)

Yep, that's normal.

HI Jimp, Thanks for reply, i will check on my VM and may try on another cvsup server. Once again, thx for ur guide

On 2.0.x and before, and on 2.1 up until late December, that's just a normal text file not a special database file. On recent 2.1 snapshots it is actually an sqlite database.