You can bond DSL connections from the same provider with MLPPP (if your ISP supports it), but you can't bond VPNs. We tried a few different ways to make that work before, using lagg and such but never did get it working in a way that was functional in a usable way. It's something we've thought about before but unless some major funding shows up for it, I doubt it'll happen any time in the near future. It might be possible to do something like a tap vpn on three separate WANs and then a pppoe server on one side and a bonded mlppp client set for the tap interfaces. Just a guess there though, no idea if that would actually function.

Yes that's right it makes one interface per potential client.

just my $0.02, it seems like a MB issue to me. realtec is some subpar nics imo. I have been burned by alot by the cheaper realtecs and some by the higher end.

Hi, Eight moths later, I'm having the same issue with 2.0.1-RELEASE (i386), using just one layer7 rule (httpvideo), sending this traffic (mostly youtube) to a low priority queue.  I'm getting: ipfw-classifyd: unable to write to divert socket: No buffer space available …about 10 times per minute, with CPU load never reaching more than %20, and near 5% most of the time. I have 3GB ram, although it seems nothing to do with this problem. While seen these errors, the filtering seems to be working fine... and the queue is getting the expected traffic, but only after a while, when the entire VLAN will lost connection.  After removing the layer7 rule, everything works fine again. I have spent days and weeks searching and reading about this error, but I have found no solution yet.  If my cpu and memory are resting most of the time, why I'm still getting this error? what other system/kernel parameter I should look at? Thanks in advance....

Try to follow this guide for either UPnP or Port Forward, personally I use UPnP. http://forum.pfsense.org/index.php/topic,13887.0.html

I am interested in this too. It has been announced that CODL will be finding its way into the Linux kernel very soon.

OK, AICCU did not give the interface another name than tun0. I have patched away "tun" in $vfaces = array (   from /etc/inc/util.inc in the "get_interface_list" function, and it does now recognize the interface and I can use it in pfsense for rules and stuff :) Maybe that helps others ;) Thanks

@arnoldg: i have some problem with one specific lan ip adres, but i don't know how to monitor all of it's trafic on all of it port's If the problem is in interaction with other systems on the same IP network then you can't really do anything on the firewall to help because the traffic goes direct, bypassing the firewall. If the traffic goes through the firewall you can monitor it by running tcpdump from the pfsense shell or through the web GUI at Diagnostics -> Packet Capture and specify the IP address of the system "of interest".

thank you jimp, I googled the wrong ifconfig manpage ;-) a question on creating the bridge from a newbie like me: I currently have a vlan interface, lets call it vlanForMonitoring. There's always only one client connected to it, this client shall be used for analyzing traffic from and to the wan interface. Can I do something like the following? #ifconfig bridge0 create // create the bridge #ifconfig vlanForMonitoring up monitor // set vlan interface to monitoring #ifconfig bridge0 addm wanInterface span vlanForMonitoring up // bridge wan to the monitored interface How about Firewall rules? Is the bridge enough to pass traffic from WAN to vlanForMonitoring or do I still have to create firewall rules? How would they have to look like? Thanks for any hint :-)

@costasppc: Crashes stopped when I removed the specific gateway from the gateway groups that contained it (Load balancer and https failover). I set the tier to Never. I had no crash since. Do I still need to bring the firewall down for memory diagnostic check? It'd be a good idea to run memtest86+ on that system, just in case …

I see Chris already responded to your ticket. We try to respond to tickets ASAP, typically that means within a few hours, up to 24 business hours (weekends don't usually count, but we do respond to some tickets over the weekend). Also depends on the nature and immediacy of the problem as well, obviously issues where a system is down entirely will see a response faster than one that is not urgent. If an issue becomes urgent you can always phone in and if we aren't on the normal support hours someone can still be reached.

If you want to capitalize on the LACP links now, try using Robocopy with MT option.  That turns on multi-threaded mode that allows multiple concurrent connections (provided you are transferring more than 1 file).

Why shouldn't it? Just define two scopes which do not overlap. Client then takes the "first" to respond.

Is there any other way to test the flash drives health?

I've seen it happen with a few of them, firewall logs, service status, and interface status. I don't think it has anything to do with the widget, but without being able to replicate it, it's hard to say.

Yea agree! One thing i would love like in the watchguard products is the custom use of Notifications. So if say an SMTP packet was detected on the LAN was trying to get out, PFsense would email me and let me know. But for each rule you can turn this off and on if you so choose. ONE THING I AM LOOKING FORWARD TO IS PFCENTRE!

I have an ADSL Provider in my area, and they provided me with a router, with 5 useable IP addresses. I swapped it out for a Zyxel router really nice. I used the first IP for that device… And then with my pfsense i used the secondary IP in the range and my gateway was the Zyxel Router (first IP). Then added the rest using Alias in pfsense. The reason for this, is so that i can still access the Zyxel interface if i need. And plus if i was ever outside the network i could ping the Zyxel to make sure the internet was up without compromising the network, and Pfsense.

The easiest way in my opinion is to enable SSH Shell login, and with Filezilla a free SSH/FTP client logon to the box with root and whatever your admin password is and browse to.. usr/local/www/themes Under here is where your find all the themes. When i got bored i downloaded a theme and started to play around with the CSS to change colours etc. My pfsense is now amazing! lol