One more is always better.  They're cheap.  If you don't need 3 go with 2.

OK, Just add .radiotunes.com/ in the HAVP for proxy (I use proxy) in whitelist. Voila.

Not quite.  You create your wpad.dat and proxy.pac files on a web server (you can use pfSense for this if it's running in HTTP mode, HTTPS doesn't work for this).  You then create an entry in your DNS for wpad that points to the webserver.  Then you set all clients to autodiscover the proxy. https://doc.pfsense.org/index.php/WPAD_Autoconfigure_for_Squid You can search online for example wpad.dat files so you can see how the javascript inside can redirect based on source or destination.

Thanks – my bad for not doing a search.  Glad to know it's a known issue. M

Try interrupting the boot loader to get to the OK prompt and do: set hint.ahci.0.msi="0" boot As refrerrenced here: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195349#c24 Steve

Which pfSense version are you running? If it's 2.2 are you using the DNS forwarder or resolver? What error is given on sites you can't access? Have you checked this: https://doc.pfsense.org/index.php/Unable_to_Access_Some_Websites Steve

Or set up a syslog server and log to that. https://doc.pfsense.org/index.php/Full_Install_and_NanoBSD_Comparison Log files are not retained across reboots

Easy answer is PlayOn, more specifically the PlayLater app. It allows you to download the videos for personal use onto a PC. I use it to download entire seasons to watch on my PVR and to get some shows for the kids too. The nice thing is they currently have a sale going on. http://www.playon.tv/playon

Not entirely sure what you meant there,  :-\ If you've added more firewall rules can we see screenshots of those? Steve

The panic is in something related to the packet filter. It looks a lot like what happens with schedules, but there is another similar panic in some unusual edge case. If the backtraces all look similar to that one, it's a near-certainty it's not a hardware problem. That would exhibit itself in a diff bt, or or varying ones.

Final followup here for me (I hope): Unbound 1.5.2rc1 has just been released, http://www.unbound.net/pipermail/unbound-users/2015-February/003774.html Interesting part of the release notes in our case: This release fixes a DNSSEC validation issue when an upstream server with different trust anchors introduces unsigned records in messages. Harden-glue when turned off allows potentially poisonous records in the cache in the hopes of that enabling DNS resolution for 'impossible to resolve' domains, it is fixed to have 'less cache poisoning', quotes added because it is by definition not secure to turn off harden-glue.  New features are that "inform" can be used to see which IPs lookup a domain, and unbound-control can use named unix pipes. According to Chris in Redmine, this should be fixed in 2.2.1.

If you don't have an old computer handy one of the $100 refurbished ones from NewEgg.com or the like does well. You might even decide to just keep using it for your main machine.

@fraglord: Thanks for the quick reply. Actually I was more like referring to the topic in general. Unfortunately use of a proxy isn't an option for my scenario here. Would it be easier to accomplish this task by using a given IP range (like 95.211..) that is supposed to be accessed through a specific gateway? If you know the IP addresses and/or subnet ranges, then the functionality is all in the base pfSense. Make an Alias with 95.211.0.0/16 etc… Then use it in firewall rules to block, or to pass and direct to a particular gateway/gateway group or traffic shape it or apply a limiter... If you know the actual names in the subdomain then you can put all those in an Alias also: server1.example.com www.example.com mail.example.com The problem, as you are well aware, is when you do not know all the names in the subdomain.

I thought about some inbuilt notification like the "You are on the latest version." check in the dashboard.

@BBcan177: So where do I submit a bug for the "pfSense Bug Tracker" ?  ;D In Redmine's redmine. :)

Hello CMB, The problem must have been hardware related, I picked up a base computer, threw in my NIC cards and installed fresh, then restored from the backup. Been running like a champ. The processor graph had me worried (one spike), the memory one just looks like a system that is restarting. I appreciate you looking into it. Thank you all for your help.

Are you talking to me? There's a saying about only getting one chance to make a first impression. I deployed about a half-dozen engenius CPEs a few years ago.  Constant lockups. Resetting them by disabling and enabling PoE, utter lack of support.  The software in these bridges absolutely sucked. Switched them out for Ubiquiti Nano M5s and have barely touched them since.  The software in the Ubiquitis blew the enidiot crap out of the water - and at a comparable price point. Never looked back.  Maybe they got better or bought another wireless company that could write code.

No.

Nice write-up.  :) Steve