any dumb switch for <$20 would be better than bridging ports if you ask me ;)

I'd guess that the selection is made from probably the first or last of the XXXX-quality.rrd files in the /var/db/rrd directory in whatever order they are listed by default. That would mean that you'd need to rename the interfaces to change the selection. Again, that's a guess. And I AM an idiot…

Try reading some of the posts in the Traffic Shaping forum, or ask your question there.

Hello, did you find any solution for the same. Thank You.

Actually, someone else is going to be paying for them to go faster, eventually, but not the rest of the CONCACAF nations.  It's all the poor suckers in the US paying the asinine FUSF fees.  Which is pretty much everyone.

Don't think so, no. Active, automatic network diagram spending no time and no money?  Good luck.

@firewalluser: @kevindd992002: @divsys: By default "Pass" rules are not logged (to save log space). If you need to ensure a rule gets logged, check the "Log" box while editing the rule. https://doc.pfsense.org/index.php/Firewall_Rule_Troubleshooting has more info. Got it, thanks! I have an issue with the firewall though. It's been working fine since yesterday. I have different NAT rules to forward connections and other services through NAT (RDP and mail servers included). This is in a test network inside our company. For some reason, I cannot access these services from an external network since yesterday and I've made no changes in the firewall rules. I highly suspect that this is a configuration change in our front end firewall (which I don't have access since my pfsense firewall is just a backend firewall) but I need to confirm if this is really the case. I've been given two public IP's. One public IP is the main WAN connection of my pfsense box and the other is in a NAT 1:1 rule. I don't see any blocks on the firewall logs but when I do a packet capture, I do see that the connections are being logged. That means that the packets do reach my pfsense backend, right? Also setup a separate device running a syslog server of sorts, rsyslog is more compatible, this way if your fw gets targetted you have a separate device with historical logs to check through anything thats been going on as its quite easy to hide activity on pfsense as the gui log only goes back 2000 entries. System log, Settings tab, scroll down the bottom, tick everything and put in the ip address of the syslog server. Dont forget to use a firewall on the device running the syslog server at the very least as well. The more you log everything from every device on your network and isolation the devices on your network, the easier it becomes at spotting anomolies which could be bugs which have exploitable potential, also test how things react when things are not working properly, ie a public facing server when pfsense goes down for example. Sometimes its when things go wrong that new exploits present themselves in conditions which are not usually tested for, aka break things.  :) Thanks for the suggestion but I'll have to plan that for a later date as my pfsense VM is more for personal purposes than for production.

Routinely have thousands of Captive Portal users on a 200M line (Soon 300M) on a 2.1.5 C2758.

Thanks a lot! I think I get it now  ;D

So you say you have reinstalled the box. Did you reconfigure it from scratch? I cannot see any value in reinstalls if you keep importing the same (very likely broken) configuration after that.

Hello, you might to have a look here for some guidance. https://forum.pfsense.org/index.php?topic=98270.0

Dear Johnpz, How do I turn off squid and snort. I am unable to access pfsense through webgui. Should I access the shell from pfsense console and give the following command: killall -HUP squid killall -HUP snort Thank you. Regards, Ashima

I havent had that problem so to avoid resource burn, I'll let someone else step in if google doesnt throw up anything.

Has anyone taken fail2ban and pushed the jailed ips to pfsense.  It does a pretty good job of detecting hacks on the system.  Only problem is I want to move the ip filtering off of my server and on to a pfSense appliance.

@Derelict: This sounds to me like Skype might be checking to see if the private addresses can communicate locally. Only one way to find out and thats to test the scenario, maybe even testing on different subnets behind the same gateway might be interesting.

I would need some wifi devices to have access to the wired file server but I suppose I could set the wired and wireless on different subnet and set specific rules for what can cross over? Tag two SSIDs to the AP.  Put an internal SSID on your internal VLAN and the guest SSID on the guest VLAN. No need for any rules.  Internal wifi clients will be on the same broadcast domain as your LAN.

@jimp: You can set timeouts for TCP on individual rules, just keep in mind you must set the timeout on an interface rule and again on a floating rule (quick, outbound, on the WAN for example) but that gets tricky since by the time the WAN floating rules outbound get parsed NAT has applied, so you may not be able to distinguish based on source address unless you NAT each interface out a different IP address… or if you can match based on destination that would work for certain. Or you can mark the traffic on the LAN in rule and match the mark on the floating out rule.

@dennypage: In my case, it's appears to be the result of the /var/log/dmesg.boot snapshot being created too early in the boot process. Ah, thanks! At least I can work around it with the shellcmd package. Or of course a shell script, but I'm a lazy sod.