The simplest thing is plug your modem into 1 Ethernet and your LAN into another one and enable snort. You could use LAN's but you will need a managed switch which isn't over easy unless you know what your doing.

During 2.1 development, there was a time when the "rate" utility returned stats for all IP addresses and I added the "Filter" option to the Traffic Graph GUI - Filter "All", "Local" or "Remote". Some time later, the "rate" utility was put back to just displaying what it was asked to (a subnet specified with the "-c" parameter to "rate"). Reading this got me thinking that actually the Filter option can be fixed up using the current "rate" binary but driving it creatively from bandwidth_by_ip.php This pull request fixes up the Filter option so it works as intended: https://github.com/pfsense/pfsense/pull/906 Hopefully this will be fixed in 2.1.1. From there, it should be relatively easy to add more filter options to display wider sets of IP addresses - people could suggest what groupings of subnets would be useful. [image: TrafficGraphAllFQDN.png] [image: TrafficGraphAllFQDN.png_thumb]

I might have been getting something similar to the crossed out stuff in this post, although I never had the same options checked.

Well can you not add a second nic to your hyperV box?  You could do it with vlans - does your switch(es) support vlans?

There is no conclusive list at the moment, but generally speaking: CARP Events (config sync errors, VIP state transitions, etc) Filter reload errors Gateway failures Corrupt config.xml Inability to upload a config with AutoConfigBackup Basically, anything that makes a notice flash in the upper right, plus a few other things. The notifications will be quite a bit more flexible in the future but probably not until after 2.2 ships.

Did it panic and reboot and offer a crash dump in the GUI? What sort of NICs are in the system?

Ah, of course, that would explain the rules. I'll just use the IP addresses and ranges rather than the pre-defined options. Thanks again!

See 4 posts below yours:  ;) https://forum.pfsense.org/index.php/topic,72307.0.html Steve

Would the Policy rules of Snort Block this? 2012647 tcp $HOME_NET any $EXTERNAL_NET $HTTP_PO… ET POLICY Dropbox.com Offsite File Backup in Use 2012648 udp $HOME_NET 17500 any 17500                         ET POLICY Dropbox Client Broadcasting 2804233 tcp $HOME_NET any $EXTERNAL_NET $HTTP_PO... ETPRO POLICY dl.dropbox Download 2014313 tcp $EXTERNAL_NET $HTTP_PO... $HOME_NET any ET POLICY Executable Download From DropBox 2017015 tcp $EXTERNAL_NET 443 $HOME_NET any ET POLICY DropBox User Content Access over SSL

My ISP's tech support guy said that, if a given MAC address isn't seen for a day or two, it's likely that it will get a different IP address the next time it's connected. Thus, if I ever need to change IP addresses again, I can probably just swap LAN and WAN again. It was very easy and quick with the pfsense GUI.

solved, thank you @phil.davis: Post what you are entering in Host Overrides and/or Domain Overrides and what you want to achieve.

https://forum.pfsense.org/index.php/topic,66908.0.html Long story short-  Try a 2.1.1 snapshot. http://snapshots.pfsense.org/

https://www.google.com/#q=pfsense+log+websites ?

@johnpoz: yeah it is becoming a very recurring issue – maybe we need to create BIG FLASHING RED letters that say do not put a GW on this LAN interface unless you fully understand what that means.  And then rethink it and then don't do it!! ;) Can we just remove the option all together, if you you classify it as LAN interface there is NO option to put a GW on it at all.. ;)  Is this connection used as WAN/INTERNET sort of check mark, and if not checked no GW option is even available?  I am almost positive that the wizard of setup clearly skips over asking the question even - doesn't it?? THIS. Argh. I've been working on getting VLANs to work and part of that was moving DHCP off the pfsense box so I could configure the subnetting correctly. I didn't notice this put a gateway on pfsense's LAN side. And until this thread, didn't realize that was why the internet just turned off. :( Thanks though! I hate having my business behind store bought wifi routers. Chris