Not forgetting that, normally, syslog runs on UDP.  If anything is corrupted it will be just discarded.  Have you checked for errors on the network between machines? Edit:  Or maybe run a packet capture to see if pfSense is actually sending them?

@charliem: Generally this is caused by something sending data to the serial port while getty is running.  getty is expecting nothing but username/password pairs but seeing 'garbage' from your console switch.  This is  a unix thing, not a pfSense thing … I can't speak to the apparently successful logins shown in your logs.  Are you saying the logins are false positives, and you didn't really log in at those times? that is correct…i am NOT trying to login at any of those times, and NO ONE knows my password except myself, and console access from the outside is not allowed. since i unplugged my console switch....nada.... i will look into the console switch config...

Yes, fixed my problem. haven't had to reboot since. Thank you!

I think I figured out the errors reported on my switch. I enabled EEE on my switch and it seems my Intel i350 is the only NIC that actually supports EEE. There seems to be a correlation between my error count incrementing and the ports being idle. This would explain why I saw a few errors on my ports shortly after restarting PFSense from the upgrade, no traffic. Recently, my ISP did an upgrade late at night, and my switched showed the ports going up an down a few times because they turn off when no traffic and an EEE device is plugged in. The next morning, I saw 2 more errors. I can't get a causational link, but it seems highly correlated. Even after 9 days of uptime, I only have 5 total errors and they were only spotted shortly after something would have caused WAN traffic to cease.

@vishibalo: So I been messing around with an old NIC that I picked up of eBay, it seems I got it to "work"  I think my main problem now is that I have no idea how to set up my interfaces or firewall or anything, I was suggested previously to set them up similarly to my 1st LAN interface but that didn't work well, I have a mess of things that probably got me all sorts of confused. But here is what I want to do, I have 1 WAN port on my MOBO, and 4 LAN ports on my PCI NIC, so basically I want WAN port work as such, and 4 LAN ports be essentially identical to each other as far as doing same thing (nothing fancy just work) I just don't understand how to set it up as a normal router/firewall.  That and because the NIC is so old I have to access WebGUI via WAN port by assigning it as a LAN (using mobo Ethernet port as a LAN port) making everything that much more confusing for me. So I am hopping that there is perhaps a thread that I missed that someone has a clear explanation of step by step on how to set it all up. Thanks. I am not sure (and am afraid  :-[) I understand your question right. Did you do a google? As there are a 1001 tutorials on how to set up pfSense from scratch, and, if I may: most of them are not really more than a bunch of 'click here' screenshots of what the most excellent installer itself will show you once you run it. Did you try to run the installer? Where did it go wrong?

@hakkatil: I guess I did not make myself clear. What I am trying to say is make all the ports invisible on the WAN interface not on the webserver or any other device behind the firewall. If someone scans my public IP address, they won't be able to see any ports open. Just I need to know if this is even possible. I am prety sure that all the ports were not seen (may be open in pfsense) by outsiders but the webserver was still accessible when I use the pfsense 1.x. At least what grc.com showed all of the ports were stealth. Thank you Unless your WAN IP is different for your web server, there is no way to both make port 80 invisible to a scan and allow HTTP to work. Now if you had one IP for your firewall and one IP for your web server, you could have your firewall be all stealth and your web server would show up on a port scan as having port 80 open. What it comes down to is, what ever public IP address your web server is using, you will see port 80 opened, unless you block it, which will make HTTP not work.

Wonderful. That'll do it for me. Thank you for this good news vindenesen and taking time to explain it. Nice one.

perhaps CN=Users,DC=latticee,dc=com instead of OU=Users,DC=latticee,dc=com but thats definitively the wrong section for your request. (no bounty :) )

I use https://forum.pfsense.org/index.php?action=unread;all;start=0 when I read. (woo, 15,000th post!)

Upgrade.

@cmb: On rare occasions I've seen a host that wouldn't enable those settings properly until a host reboot, usually turning it off and back on suffices. How right you were. Both the servers I have tried this on have the exact same patchlevel of ESXi. One is a Proliant DL380G6, the other a SuperMicro whitebox. The proliant had no problem to enable promisc just by changing the setting. But the SM (which was the one i ran on primarily) did in fact require a reboot.

The better option is limiters if you are OK with giving them a fixed pipe.  There is a burst option in there for allowing people to exceed that limit for a short amount of time. https://doc.pfsense.org/index.php/Traffic_Shaping_Guide#Limiter To limit each device to a specific amount of bandwidth you'll need two limiters, one for download and one for upload.  When setting up the limiters, the download one should be set to "Destination addresses" and the upload one set to "Source addresses" in the "Mask" setting.  You'd then apply those limiters to your pass rule on the LAN firewall rules.

Glad to see you have the top man on the case.  ;) Steve

hey there, I contacted them about 2 weeks ago, they replied pretty fast so yours might be lost in the spam filter..?

@smildev: Hi, http/https filtering: http://www.youtube.com/watch?v=C1jNEC8QmL4 Port Forward: very easy, menu -  firewall > NAT > first tab Port Forward Hi, I cant seem to find how to do captive portal at the same time configure the WAN-LAN to be under bridge/transparent mode…. the video only shows the proxy aspect, which I was able to follow.

With the latest releases of pfsense (2.1.1 and 2.1.2)… When 'Allow ipv6' is unchecked there is an implicit QUICK rule that goes before any floating rules that blocks ipv6.  If 'Log packets blocked by the default rule' is also checked then those block rules will also log the ipv6 packets.  No floating rule with ipv6 will change that behavior because floating rules come after the implicit.  I don't know why you are not seeing the same behavior if 'Allow ipv6' is unchecked. if(!isset($config['syslog']['nologdefaultblock'])) $log = "log"; else $log = ""; if(!isset($config['system']['ipv6allow'])) { $ipfrules .= "# Block all IPv6\n"; $ipfrules .= "block in {$log} quick inet6 all label \"Block all IPv6\"\n"; $ipfrules .= "block out {$log} quick inet6 all label \"Block all IPv6\"\n"; } If default logging of blocked packets is enabled and 'Allow IPv6' is unchecked the following rules will be inserted before any user configurable rules… # Block all IPv6 block in log quick inet6 all label "Block all IPv6" block out log quick inet6 all label "Block all IPv6" This comes before any user rules (floating or otherwise) so no user rules should be able to change the logging when both of those conditions are met ('Log packets blocked by the default rule' checked and 'Allow IPv6' unchecked).  If 'Log packets blocked by the default rule' is not checked then all ipv6 packets would be blocked without logging.  You could not add any floating rule that would change the implicit QUICK behavior rules.

Loved the slides. That guy knows how to make a technical presentation entertaining.  :) Worrying though. Obviously not that worrying for me. Steve

After the reboot, sysctl did show eee_setting as 0. Edit: I tried changing the link speed and duplex of the connecting PC, and that made no difference. There are some tests included in the Windows nic driver that I ran, and during the time the problem occurs, they all succeed except for the connection test.    

There is no easy way of clearing disk space in the pfSense webgui. However using 11% is not a problem.  3GB is more than a normal install as Johnpoz said above. Are you running Squid? Even if you manually remove any surplus caching etc you won't get to 0%. pfSense requires ~500MB to run. Steve