Port-blocking via the firewall can do that but, depending on the service, you may end up playing whack-a-mole.  Depending on how tight a network you want to run, you could block everything outgoing except approved ports, and even that's not perfect.

pfBlocker -> dead. 2.1.4 -> dead. Good luck. Thanks for the prod, now running 2.2.1 and pfblockerNG. The upgrade went quite well, my IPTV multicast over the iGMP proxy is still working which is what I was scared of.

Thanks again KOM. Another instance of me owing you a beer.  I needed this for another customer firewall.

Use Snort + AppID? http://blog.snort.org/2014/04/openappid-application-rules.html Just an idea….

When FTTC is available in your area, you can just swap the Netgear for the Openreach modem. I run my home setup like that, works great :)

To set up the UML295 you should do the following: On your Windows 7 PC follow these instructions to enable IP passthrough: http://pcdn2-download.vzw.com/win/UML295/UML295_IPPT_UserGuide-v2.pdf 1. Plug the UML295 into the pfsense box 2. Go to the Interfaces drop down and click (assign) 3. Select the ue0 Interface from the Available network ports dropdown and press the add button 4. Enable the interface' 5. Select DHCP for the IPv4 dropdown and save 6. Apply the configuration At this point the interface should work. You may want to ensure that it still works after a reboot, as I've found that it will not. https://forum.pfsense.org/index.php?topic=91907.0 https://redmine.pfsense.org/issues/4589 Let me know how it goes for you.

Yeah, sorry about that. I read it my self and saw how incomprehensible it is. I'll be back.

What version of OS X Server? What is your end goal?  Not what certificates you think you want where, but what do you want to be able to do with them? Certificate handling in OS X Server has always been, shall I say, squirrelley.

check out the zillion other threads with the exact same question on this subsection of the forum: https://forum.pfsense.org/index.php?board=60.0 (search: multi-wan ) or https://forum.pfsense.org/index.php?board=21.0 (search: squid) you'll soon notice that it's a pain and not "easy' :))

Jumbo frames are totally pointless on any remotely modern network. Building TCP/IP headers for lots of packets hasn't been a CPU bottleneck issue for ages and routers can do much more PPS now than they could 10 years ago. Same for switching hardware.

I used  : pkg install perl5.20-5.20.2

Either it has some CPU/cache/memory hardware problem that is causing page table references or some critical bit of the kernel got corrupted on the CF card - "page fault while in kernel mode" should never "just start happening". The easiest thing to do is to take out the CF card and re-write it a new good pfSense nanoBSD image. If that works then you are in luck. If the CF card gives errors when writing it, then you know to get another CF card. If you still get "page fault while in kernel mode" on a clean pfSense boot, then there has to be some hardware problem on the board. Since the CPU, memory is all fixed to the Alix board there is not much benefit in knowing if it is CPU or memory or…

Did you get a chance to power cycle everything, if so did it "fix" the problem?

I am using 2 to test currently, although will be using 3 when I go live. At the moment I have set the non-active one to not be in the "allconnections" gateway group so only the 2 active ones are in there.

Yeah, I think I might do that