It depends on what is in your overlay. That error might suggest that you had customized beastie.4th somehow but it failed to build properly.

As far as I know things in the builder are OK, we build images for customers almost daily and they have been OK.

I had to go in the admin settings and re-save on the default columns setting, then it came back.

I could swear I brought over the robots.txt when I upgraded it this last time, but apparently not. :-)

@jimp:

We've been trying to track that down but there is an easy workaround,

cd /usr/ports/sysutils/cdrtools; make install clean

Then go back to doing the build

Thank you @jimp

@Aydin:

i think you need this:

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html

No.

xogoc: you'll have to script your change to firewall_rules_edit.php and then trigger a filter reload.

you can try this (in turkish forums):

http://forum.pfsense.org/index.php/topic,41243.0.html

maybe you need change freebsd package name in url..

If you want 2.0.1 exactly, use RELENG_2_0 then edit pfsense-build.conf and change the PFSENSETAG to RELENG_2_0_1

That said, using RELENG_2_0 is fine. We only include beneficial safe fixes in the RELENG_2_0 branch so at the moment that gets you what may eventually be 2.0.2 (if we ever decide to release another 2.0.x release before 2.1 is out)

I wanted a set as well but it seems my country is not listed in the registration page :(

@ermal:

check interface link negotiation or force it to the configured speed!

You're right! I've found it by myself, autonegotiation wins in this case, forcing speed and duplex can cause troubles.

Now I'm on 2.0.1, at last!

Thanks
A.

maybe this month..  :)

http://forum.pfsense.org/index.php/topic,44583.msg233413.html#msg233413

I think what you want is XMLRPC. As far as I know, there is no reference for it. There is a DevWiki but I didn't see any info there on XMLRPC. There are some packages that use it for config sync, and of course pfSense itself uses it for config sync. I don't know what else it supported but I would like to know as well.

In 2.0+ you can create users in the user manager and control exactly which pages they have access to but there aren't any ACLs on things like firewall rules to where it would owned by a user. You would probably have to keep track of this in your own application; maybe use the description of the firewall rule to store some info that's parseable to you (@@ownerid=45261903@@) just an example.

No, just standard unix host template. I'm not graphing anything exotic.

If you want to graph pf bits, check out the pf mib
http://files.pfsense.org/jimp/BEGEMOT-PF-MIB.txt

Well - that's the quickest fix ever! I have downloaded the pFsense 2.0.1 2GB nanobsd image and written it to a Sandisk Ultra 2GB CompactFlash card. It fits - success. The size is now less than 2,000,000,000 decimal bytes, so hopefully it will forevermore fit on anyone's definition of a 2GB card. Thanks.

AFAIK setfib does multiple routing tables, it doesn't do multiple arp tables. You still can't have the same IP+MAC on two interfaces with multiple routing tables unless they can also separate based on interface.

ECMP lets you talk to the same destination via multiple paths, which is better for that scenario.

Ahh, I'm glad I found your posts! Coming from a Linux background I just assumed it was natural to be able to apply a nat rule to all interfaces and so thought I was totally ignorant as I tried to figure out how to make pfSense do it!
(I'm still using 2.0-RELEASE (i386) built on Wed Sep 14 00:39:34 EDT 2011 –- Is the feature I need already available?)

In any case, I agree - supporting groups for NAT, or multiple interface selection for nat, or even just an ALL interface option in nat (That should be easy if pf is anything like iptables) would be really great.

My scenario is relatively simple and normal for a small ISP:

We have several vlans bringing in customer traffic from different geographical locations, and a vlan for our server room, for example:

10.0.0.0/16: IPs for our server room - mail, web, etc.
10.1.0.0/16: East side of town
10.2.0.0/16: West side of town
10.3.0.0/16: Center of Town (You get the idea..)

Let's say the public IP is 4.4.4.4.

All vlans come into the pfSense box which then nats out through a real public IP. (Actually several real public IPs.)

So obviously some of our servers - like our main webpage and email servers - need to be reached by all users -- regardless of whether they are at home or traveling -- we configure their mail clients to connect to 4.4.4.4 (via domain name) and it should just work whether they be at home or work or anywhere in the world.

The problem is we have to add a forward rule for pop3s (port 995)  not only on the WAN interface for the mail server, but also on each and every customer access vlan interface.

So if we have a web, a mail, a DNS server, a backup DNS and mail server, each with several ports listening, we could end up with having to add a lot of rules.

So yes, being able to apply a NAT rule to a group or to ALL would be a most splendid and powerful feature!

Thanks a million for a great product and keep up the good work!

~Jesse

(I was working up a reply, and you responded before I could hit submit… but there is still something I can add:

You can also control the tag, or get a message in from another command like so:

echo Hello World | logger -t mytag -p local0.info

Still no ETA. I post snapshots every now and then from 2.1 on FreeBSD 8.1 here: http://files.pfsense.org/jimp/ipv6/ but there are none for 9 yet.

hhm ok after some testing around i will come to the result that i need to change some sed command's inside the builder_common.sh

after changing all sed ""  (all sed's with double quotes) to sed (without double quotes) it works and the errors are gone :)

sed ""
change to
sed

example:
sed "" -e /ttyd0/s/off/on/ ${PFSENSEBASEDIR}/etc/ttys
change to
sed -e /ttyd0/s/off/on/ ${PFSENSEBASEDIR}/etc/ttys

now the pfSense 2.0.1-RELEASE-nanobsd (i386) with vga is booting yoohooo :)

hope someone else can need this info

best regards
ren22

portsnap fetch && portsnap extract
cd /home/pfsense/tools/builder_scripts
./clean_build.sh
./set_version.sh RELENG_8_1 cvsup.de.freebsd.org
./update_git_repos.sh
./apply_kernel_patches.sh
./build_iso.sh
./build_nano.sh

Using /usr/home/pfsense/tools/builder_scripts/remove.list.iso.8 …
Operation ./build_nano.sh has started at Sat Nov 19 21:10:51 CET 2011

Remove list: /usr/home/pfsense/tools/builder_scripts/remove.list.iso.8
                  Copy list: /usr/home/pfsense/tools/builder_scripts/../builder_scripts/copy.list.RELENG_8_0
            MAKEOBJDIRPREFIX: /usr/obj.pfSense
          pfSense build dir: /usr/pfSensesrc/src
            pfSense version: 2.0-RELEASE
                    CVS User: sullrich
                  Verbosity:
                    BASE_DIR: /usr/home/pfsense/tools/builder_scripts/../..
                    BASEDIR: /usr/local/pfsense-fs
                Checkout dir: /usr/home/pfsense/tools/builder_scripts/../../pfSense
                Custom root: /usr/home/pfsense/tools/builder_scripts/../../pfSense
              CVS IP address: cvs.pfsense.org
                Updates dir: /tmp/builder//updates
                pfS Base dir: /usr/local/pfsense-fs
              FreeSBIE path: /usr/home/pfsense/tools/builder_scripts/../../freesbie2
              FreeSBIE conf: /dev/null
                  Source DIR: /usr/pfSensesrc/src
                  Clone DIR: /usr/local/pfsense-clone
              Custom overlay:
            pfSense version: 8
              FreeBSD branch: RELENG_8_1
                pfSense Tag: RELENG_2_0
                EXTRAPLUGINS: customroot
                EXTRAPLUGINS: customscripts
                EXTRAPLUGINS: pkginstall
                EXTRAPLUGINS: buildmodules
            MODULES_OVERRIDE: i2c
            MODULES_OVERRIDE: ipmi
            MODULES_OVERRIDE: acpi
            MODULES_OVERRIDE: ndis
            MODULES_OVERRIDE: ipfw
            MODULES_OVERRIDE: ipdivert
            MODULES_OVERRIDE: dummynet
            MODULES_OVERRIDE: fdescfs
            MODULES_OVERRIDE: cpufreq
            MODULES_OVERRIDE: opensolaris
            MODULES_OVERRIDE: zfs
            MODULES_OVERRIDE: glxsb
            MODULES_OVERRIDE: runfw
            MODULES_OVERRIDE: if_stf
              Git Repository: https://github.com/bsdperimeter/pfsense.git
                  Git Branch:
              Custom Config:
                    ISOPATH: /tmp/builder//pfSense.iso
                    IMGPATH: /tmp/builder//pfSense.img
                MEMSTICKPATH: /tmp/builder//pfSense-memstick.img
                  KERNELCONF:
        TARGET_ARCH_CONF_DIR: /usr/pfSensesrc/src/sys/i386/conf/
    FREESBIE_COMPLETED_MAIL:
        FREESBIE_ERROR_MAIL:
                    OVFPATH: /tmp/builder/
                    OVFFILE: pfSense.ovf
                    OVAFILE: pfSense.ova
                    OVFVMDK: pfSense.vmdk
                  OVFSTRINGS:
                      OVFMF:
                    OVFCERT:
                    SRC_CONF: /usr/home/pfsense/tools/builder_scripts/conf/src.conf.embedded.8
CROSS_COMPILE_PORTS_BINARIES:
            SPLIT_ARCH_BUILD:
    UPDATES_TARBALL_FILENAME: /tmp/builder//updates/pfSense-Full-Update-2.0-RELEASE-i386-20111119-2110.tgz
        PKG_INSTALL_PORTSPFS:
  CUSTOM_CALL_SHELL_FUNCTION:

Cleaning build directories: pfsense-fs pfsense-clone Done!
Using GIT to checkout RELENG_2_0
Checking out tag RELENG_2_0...Done!
Making sure we are in the right branch... [OK] (RELENG_2_0)
Creating tarball of checked out contents…Done!
Building world and kernels for Embedded... 8  RELENG_8_1 ...
+++ NO_BUILDWORLD set, skipping build
Ensuring that the btxld problem does not happen on subsequent runs...
Installing world for i386 architecture...
Making hierarchy
Installing everything
Building embedded VGA kernel...
Not adding D-Trace to Kernel...
KERNCONFDIR: /usr/pfSensesrc/src/sys/i386/conf
ARCH:        i386
SRC_CONF:    src.conf.embedded.8
Kernel build for pfSense_wrap_vga.8.i386 started on Sat Nov 19 21:11:25 CET 2011
stage 1: configuring the kernel
stage 2.2: rebuilding the object tree
stage 2.3: build tools
stage 3.1: making dependencies
stage 3.2: building everything
Kernel build for pfSense_wrap_vga.8.i386 completed on Sat Nov 19 21:11:55 CET 2011
Installing embedded VGA kernel...
Installing kernel
Installing kernels to LiveCD area....done.
Phase populate_extra...
Making devd... Done.
Mounting devfs /usr/local/pfsense-fs/dev ...
Merging extra items...
Running plugins: customroot customscripts pkginstall buildmodules Done!
Using /usr/home/pfsense/tools/builder_scripts/../builder_scripts/copy.list.RELENG_8_0...
Populating newer binaries found on host jail/os (usr/local)...
Installing collected library information (usr/local), please wait...
Fixing up NanoBSD Specific items...
Creating md5 summary of files present...Done.
Copying config.xml from conf.default/ to cf/conf/
Testing PHP installation in /usr/local/pfsense-fs: FCGI-PASSED PASSED  [OK]
Installing packages listed in /tmp/pfspackages
Finding origins… 2 found
Finding dependencies... 2 found
Sorting 4 packages by dependencies... done.
Copying 4 packages
[0….]
Cloning /usr/local/pfsense-fs to /usr/local/pfsense-clone…Done!
Using TAR to clone...
Deleting files listed in /usr/home/pfsense/tools/builder_scripts/remove.list.iso.8
[nanoo] sandisk 1g
[nanoo] NANO_MEDIASIZE: 1947518
[nanoo] NANO_HEADS: 16
[nanoo] NANO_SECTS: 63
[nanoo] NANO_BOOT0CFG: -o packet -s 1 -m 3
Configuring NanoBSD /etc
Configuring NanoBSD setup
Using TAR to clone setup_nanobsd()…
Pruning NanoBSD usr directory...
building NanoBSD disk image (i386)...
30912+0 records in
30912+0 records out
997097472 bytes transferred in 15.441514 secs (64572520 bytes/sec)
******* Working on device /dev/md0 *******
fdisk: invalid fdisk partition table found
fdisk: Class not found
******* Working on device /dev/md0 *******
parameters extracted from in-core disklabel are:
cylinders=1932 heads=16 sectors/track=63 (1008 blks/cyl)

Figures below won't work with BIOS for partitions not in cyl 1
parameters to be used for BIOS calculations are:
cylinders=1932 heads=16 sectors/track=63 (1008 blks/cyl)

Media sector size is 512
Warning: BIOS sector numbering starts with sector 1
Information from DOS bootblock is:
The data for partition 1 is:
sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD)
    start 63, size 922257 (450 Meg), flag 80 (active)
        beg: cyl 0/ head 1/ sector 1;
        end: cyl 914/ head 15/ sector 63
The data for partition 2 is:
sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD)
    start 922383, size 922257 (450 Meg), flag 0
        beg: cyl 915/ head 1/ sector 1;
        end: cyl 805/ head 15/ sector 63
The data for partition 3 is:
sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD)
    start 1844640, size 102816 (50 Meg), flag 0
        beg: cyl 806/ head 0/ sector 1;
        end: cyl 907/ head 15/ sector 63
The data for partition 4 is:
<unused># /dev/md0s1:
8 partitions:
#        size  offset    fstype  [fsize bsize bps/cpg]
  a:  922241      16    unused        0    0
  c:  922257        0    unused        0    0        # "raw" part, don't edit
/dev/md0s1a: 450.3MB (922241 sectors) block size 4096, fragment size 512
        using 36 cylinder groups of 12.66MB, 3240 blks, 1632 inodes.
super-block backups (for fsck -b #) at:
32, 25952, 51872, 77792, 103712, 129632, 155552, 181472, 207392, 233312, 259232, 285152, 311072, 336992, 362912, 388832, 414752, 440672, 466592, 492512,
518432, 544352, 570272, 596192, 622112, 648032, 673952, 699872, 725792, 751712, 777632, 803552, 829472, 855392, 881312, 907232
Filesystem  1K-blocks Used  Avail Capacity  Mounted on
/dev/md0s1a    453327    1 417060    0%    /tmp/builder/.mnt
283395 blocks
Filesystem  1K-blocks  Used  Avail Capacity  Mounted on
/dev/md0s1a    453327 145586 271475    35%    /tmp/builder/.mnt

Mounting and duplicating NanoBSD pfsense1 /dev/md0s2a /tmp/builder//.mnt
7205+1 records in
7205+1 records out
472195584 bytes transferred in 33.322620 secs (14170422 bytes/sec)
Filesystem  1K-blocks  Used  Avail Capacity  Mounted on
/dev/md0s2a    453327 145586 271475    35%    /tmp/builder/.mnt
/dev/ufs/pfsense1 / ufs ro,sync,noatime 1 1
/dev/ufs/cf /cf ufs ro,sync,noatime 1 1
/dev/ufs/pfsense1 / ufs ro,sync,noatime 1 1
/dev/ufs/cf /cf ufs ro,sync,noatime 1 1
Creating /cf area to hold config.xml
/dev/md0s3: 50.2MB (102816 sectors) block size 4096, fragment size 512
        using 4 cylinder groups of 12.55MB, 3214 blks, 1632 inodes.
super-block backups (for fsck -b #) at:
32, 25744, 51456, 77168
34 blocks
[nanoo] Creating NanoBSD upgrade file from first slice…
7205+1 records in
7205+1 records out
472195584 bytes transferred in 31.662914 secs (14913207 bytes/sec)
Image completed.
/tmp/builder//
-rw-r--r--  1 root  wheel  951M Nov 19 21:13 /tmp/builder//nanobsd_vga.full.img
-rw-r--r--  1 root  wheel  450M Nov 19 21:14 /tmp/builder//nanobsd_vga.upgrade.img
Operation ./build_nano.sh has ended at Sat Nov 19 21:14:10 CET 2011</unused>