Seems highly unlikely to be honest. What theme are you running?  What version did you install exactly? 32 or 64 bit? What browser are you using?

You actually do want all those things, you just want an add-on module that creates them all for you for that one simple use scenareo you described.  Alas…  I'm no dev.

@stephenw10: I presume at that point the console is completely non-responsive, it's not possible to login? It doesn't matter what shell the admin user is set to run if you can't login as admin. Yeah, the shell is correct, I just wanted to check whether toggling the GUI checkbox does actually does something or not… Sounds like completely different problem. Rather then hunting for gremlins, a quick reinstall and backup restore should sort it out if it worked before.

Here's what I finally did on my setup: I created a subinterface (VLAN interface) with a "random" VLAN ID on one of my physical interfaces and assigned a /32 to it. It can basically be used the same way as a loopback can, but the benefit is that you can assign it and use it in menu selections such as GRE tunnel source in my case.

Fixed! Changed: Interfaces : Wan Static IP config: changed the  "/1" to "/24" I hope this helps someone!

Using VMs you are effectively using the same NIC/driver combination for every case but I guess that includes pfSense. Interesting that m0n0wall shows less latency. It's based on FreeBSD 8.2 last time I checked. pfSense 2.0.x is build on 8.1 and 2.1RC on 8.3 so all different versions. You could try an older pfSense, 1.2.3 was built on FreeBSD 7.3 (I think). It can only support one PPPoE session though so limited. You could try PC-BSD which is easy to setup. Various versions built on various FreeBSD versions are available. I agree though that testing a VM of FreeBSD 8.3 is probably the best test you could do. I've no idea how to setup a PPPoE session directly in FreeBSD though.  ::) Steve

This works perfectly. FYI, anyone who is doing this, you must disable any previous NAT & firewall rules for 443 aside from the OpenVPN 443 rule. So far so good, all exchange services are working. (Exchange 2013*)

made an SH script to accomplish what I needed. thought I would share it. #! /bin/sh timeout=$1 sleeptime=$2 command=$3 # test pid is still around PIDActive() { pid=$1 test=`ps -p $pid | grep $pid` if [ -z "$test" ]; then return 1 fi return 0 } # run command & capture pid $command& commandpid=$! # What happens first? pid exits or timeout counter=0 while PIDActive $commandpid && [ "$counter" -le "$timeout" ]; do     sleep $sleeptime     counter=`expr $counter + $sleeptime` done # if we get to this point and the pid is still active, kill it PIDActive $commandpid && kill -s KILL  $commandpid

Exactly. I'm sure the dev team have thought about doing this before (the last time I suggested it perhaps!). There would be no point in starting anything without some sort of official sanction I think. Steve

ok, makes sense, it is leaving the lan interface OUT to the lan PC/client like you said. yes, there is a vlan interface that i didnt add the statistics for since it is rarely used.

Yeah - Don't go too crazy with how much RAM you give squid cache.  The Docs recommend no more than 1/2 and I've tried it higher and it was sort of flakey.  I'm only running 4GB on my home router.  Perhaps if you have 8 or 12 GB or more, you can allocate alot more than half.  Not sure.

No on 2.0.1. You can do that on 2.1 though. (System > Advanced, Misc tab, box is right under the sticky checkbox)

If you're using the built-in load balancer, it's unlikely to work in that way. You'd be better off with a package like HAproxy that has several different methods of maintaining a persistent client-server relationship.

You probably need to check System > Advanced, Firewall Tab, "Bypass firewall rules for traffic on the same interface"

Yup! I have 1000/1000 and speed betwen around 70 MB/s :)

i know. lack of time and some private stuff. have not worked on pfsense for a long time so i am starting from the  beginning.

OK, that's why I thought. This is a regression before our previous FW but all other stuff on pfsense make this nothing. Thanks you.

@Jason: @ilaurens: No idea, I do not have much experience with pfsense, nor how it works. But as far I know you can use pf_ring with snort to use multi cores. Why not give it a try, if you have 10gbit stuff laying around. https://www.google.nl/search?q=pfring+snort&oq=pfring+snort&aqs=chrome.0.69i57j0l3j69i62.1732j0&sourceid=chrome&ie=UTF-8#fp=aba73ede39cbb7b9&q=pf_ring+snort&safe=off&spell=1 Interesting.  Would this work with FreeBSD?  If so, I'd be in for a bounty on anyone who would be willing to integrate this into the pfSense package for Snort.  I'm actually less interested in this for 10Gbe speeds than I am for running on low-power hardware with multiple cores. Anyway, I think I've decided to go with a pair of Cisco Nexus 5548UP switches with the L3 modules to solve my routing issue.  I've talked to a few people who have installed them and they've all had solid experiences. I did read something about SnortSP Beta Shell-based user interface with embedded scripting language Native IPv6, MPLS and GRE support (This feature is now included in 2.9.x) Native support for inline operation (This feature is now include in 2.9.x) More subsystem plugin types such as data acquisition modules, decoders and traffic analyzers Multithreaded execution model - multiple analysis engines may operate simultaneously on the same traffic (There are certain subsystems of 2.9.x that are now multi-threaded) Performance increases The purpose of this program is to Source: http://www.snort.org/snort-downloads/snortsp/

Pretty standard stuff.  Looks fine, though I haven't actually tried sticking vLANs on a LAGG before. One thing to note is that depending on how much traffic passes between those vLANs you might find yourself bandwidth starved on 1Gbe links.