easyrule is not intended to be used as an API of sorts. It's meant to be an easy way to add a simple rule from the logs or console and not an all-purpose configuration manipulator. It isn't going to be given advanced capabilities such as this.

So if that is the case is the prefered method to have the multiple nic ports on separate subnets and have Pfsense route all ther traffic between the different machines rather than bridging ?. Blue screen was inaccurate.  It kernal paniced and locked up refusing remote access at all.  I had to hard reboot it and go back to the last known good config. It occured multiple times as soon as I added the webmanagement interface to a LACP group.  Without adding this interface, LACP works fine. Would love to hear for anyone with advise on how best to make all ports available for a home network.  Perfect is nto required.  Working well is good enough. Thanks Update:  It is a hard crash reboot not a hang and it was when I just added 3 of my 4 Intel i340-T4 ports to a LAGG (LACP).  As soon as I saved the server rebooted.  Port 1 (interface 0) was not added as it is my admin interface.

mount /dev/ada1 /mnt        >  Operation not permitted mount /dev/ada1s1a /mnt    > Device busy mount /dev/ada1s1 /mnt      > Operation not permitted mount /dev/ada1s1b /mnt    > Invalid arguement

You could back up your config and try a fresh install but honestly this sounds like a hardware issue.

If you apply the schedules in the inverse way, set scheduled rules to allow traffic, the states created by that schedule should be dropped when it ends. You can prevent that by setting "Do not kill connections when schedule expires" in    System > Advanced > Miscellaneous. Steve

Thank you Very Much KOM your a big help its working now… i just reset.

to add on, from the pfsense i can ping successfully the client ip 10.0.0.6, and from the client pc to pfsense LAN ip 10.0.0.1. i also have enable the option [14] secure shell option in pfsense.

Not possible with the console driver FreeBSD has, neither with the old sc(4) driver or the newer vt(4) driver. You would need X for dual head set up and pfSense doesn't include anything X related.

Glad I could assist.

so untag it on the switch, ie set it to the native vlan if its a trunk port.  Your typical access port would not be tagged anyway.  If your looking for cisco command help.. You better of RTFM or check the cisco forums.. FE8 on some other switch?  On the mikrotik itself? draw up your connectivity and where you want tagged or untagged.  Just set the port to access and set its pvid and that would normally be untagged traffic.

UTM-1 570 Intel Celeron M 1.5 GHz 1 GB RAM 160 GB ATA HDD Firewall Throughput: 2.5 Gbps VPN Throughput: 300 Mbps IPS Troughput: 1.7 Gbps But according to your screenshot it looks more like UTM-1 270 specs UTM-1 270 Intel Celeron M 600 MHz 1 GB DDR2 RAM 400 MHz 160 GB ATA HDD Firewall Throughput: 1.5 Gbps VPN Throughput: 120 Mbps IPS Troughput: 1.0 Gbps Even if its written in specs that it can do 'Throughput: 1.5 Gbps" I am not sure what does it mean without test specification. The CPU is very low end for gigabit anyway.

Alright - problem resolved.  My ISP uses the cable infrastructure of another local ISP.  The local ISP had some issue going on that was preventing ICMP for some users.  They must have made some changes to fix things up - just had to reset my modem after and all is well.    It's being discussed over at DSLReports as well.

@jimp: Status > System Logs, Settings tab. Enable the extra column or row to show the rule description in the log. That only affects what you see on the Firewall log tab in the GUI. Hi jimp, a little better now, at least it's on logs Thanks!

A reboot is not necessary.