@bereby said in New machine, Hardware question: XG-7100 you're right: look at its original configuration, which has an i7 CPU and a 200W power supply ..... who is already looking at the XG-7100, wants serious hardware... (many just like to experiment or want a significant reserve in their system) only this "ugly" hardware originally outlined, should be conjured up a bit of a network appliance type 35 -50W power consuption / rack case / all-in-one face / Intel NIC / etc. (and for sure 10 Gig SFP+ WAN or other interface...) jahhh and don't think I'm against Netgate hardware, (since I've already said that) it's also perfect, but you only have a choice if you know what you can do and choose (Intel vs. AMD in network appliance theme)

Not in pfSense. At least not without changing your network configuration. That traffic goes from 192.168.90.3 to 192.168.90.5 directly at layer 3. It probably goes through at least 1 switch at layer 2. It never goes to pfSense at all so there's nothing it can do to see that. What you could do, for example, is configure a mirror port on the switch and then analyse the traffic on that to get flow data. You could bridge two ports in pfSense and make sure those systems were connected to different sides of the bridge. Then traffic would go through pfSense so you could see it and filter it. That is generally considered a bad idea unless you absolutely need it though. Steve

Yup, those Ethernet connected Netgear LTE modems work well. You can use many USB LTE modems directly with pfSense though. What exactly is the device you have? Steve

it’s not a problem, everyone starts somewhere in which slot (on MOBO) do you put the new NIC, what version of HP device do you have? HP Technical Reference Guide according to Google [image: 1589733654843-524afccc-ca32-401f-8050-fc3c4e10e059-image.png] INTEL PRO PT 1000 Quad Port Network Adapter [image: 1589733727921-c285dceb-dba9-415a-883f-93e2e002462d-image.png]

@gyahoo said in DNS domain forwarder stopped working: I am at a loss as to how to proceed. Get on a current version of pfsense - the 2.3 line is DEAD, has been for over a year, shoot Oct will be 2 years... There were like 2 years of warning that 2.3 was going to be DEAD! Once you get on current.. Come back if your having issues. So 2.3.4 is from 2017... You honestly thought it was up to date, with zero updates in like 3 years - on security software? its not a notepad app you downloaded from some guy that wrote something he needed and shared it. How did you not check on that? Simple 2 minute visit to the website would of told you if your current or not, etc.

according to https://docs.netgate.com/pfsense/en/latest/monitoring/raw-filter-log-format.html#bnf-grammar the purpose of the tracker id is <tracker> ::= <integer> -- Unique ID per rule, tracker ID is stored with the rule in config.xml for user added rules, or check /tmp/rules.debug I've written this script to fix my rules and make the tracker id numbers unique import xml.etree.ElementTree as ET ONE_SECOND = 1 def main(): start_epoch = 1585650686 root_element = ET.fromstring(XML_DATA) rule_elements = root_element.findall('rule') for rule_index, rule_element in enumerate(rule_elements): rule_id = str(start_epoch + (rule_index * ONE_SECOND)) tracker_element = rule_element.find('tracker') tracker_element.text = rule_id created_time_element = rule_element.find('created').find('time') created_time_element.text = rule_id updated_time_element = rule_element.find('updated').find('time') updated_time_element.text = rule_id fixed_xml = ET.tostring(root_element, encoding='unicode') with open('fixed-firewall-rules.xml', 'w+') as f: f.write(fixed_xml) XML_DATA = ''' <filter> <rule> ... // copy and paste the exported rules here </filter> ''' if __name__ == '__main__': main()

You will continue to have problems as long as you're on 2.3. That was only current for about 1 month waaay back in April 2016: https://docs.netgate.com/pfsense/en/latest/releases/versions-of-pfsense-and-freebsd.html#id7 You could try creating the file /boot/loader.conf.local (if it doesn't already exist) and adding to it the line: kern.smp.disabled=1 Then rebooting. Otherwise you might have to disable all but one CPU core manually which we did as a workaround at the time for a few systems. It was fixed for 2.3.1. Steve

So I wasn't able to figure out exactly what the problem is because I reinstalled pfsense completely and it did the same thing but I tried using a different old pc and switched my intel network card over and now it's working again, i guess it has something to do with the other pc, no idea what though.

Use policy routing https://docs.netgate.com/pfsense/en/latest/routing/directing-traffic-with-policy-routing.html https://docs.netgate.com/pfsense/en/latest/book/multiwan/policy-routing-configuration.html

Hi, I have upgraded to 2.4.5. please find screenshots requested below. still does not authenticate. [image: 1589561497823-24c8657b-7bef-4d5e-9656-dddeb6686050-image.png] [image: 1589561530662-58141b71-156b-465b-97d7-71340053b0ec-image.png]

There isn't any way for the firewall to tell two MACs apart. You'll need something more. If it's that bad, you need L2 auth (802.1x) in your APs, not firewall controls.

@markgca said in SNORT Enable Performance stats not working: When i check the "enable performance stats' feature on Preproc page of services/snort/interface, the interface restarts but never quite gets there. Turn that feature off, and it works again i have several snort instances running on different vlans and they continue to work. Is this indicative that i need to allocate more space or change some option? i have 24gb of ram, and only about half of that is used. thanks for any thoughts Have you looked in the pfSense system log to see what, if anything, is being logged by Snort when attempting to start it? Are you running the performance stats on those other instances successfully? You will generally have better responses to IDS/IPS package questions when you post your inquiry in the IDS/IPS sub-forum under the PACKAGES section here on the board.

Hi all, Looks like the GPON gateway had locked on to the previous devices hardware address. After power-cycling it the latest version connected without issue. (Piece of junk unnamed cheap manufacturer). May be good to get some output added as to why the process is terminated, to assist others - if there is anything useful that can be logged - just an idea. Very happy now PPPoE is running as it should! :) Please mark as solved and close thanks.

Hello! Maybe some variation of : awk '{print "0.0.0.0|0" > FILENAME}' /cf/conf/dyndns* ...in a cron task? John

@jasonsansone I just acquired a sg-3100 and currently struggling to identify how to implement the hardware. Preferably I would rather replace the Pace hardware from AT&T with the 3100. Note: Currently, I have the Pace in use with a netgear router in bridge mode.

Traffic is neither passed nor blocked. It is matched. You can do things like assign a queue or a tag or log it but it does not change the pass or drop status of the traffic. quick has no bearing on match rules. They always flow though and rule processing continues.

have you checked the wan drivers ? Idk, I have never experienced anything like that. I am playing a lot of CS GO and everything is fine. I am sure that there is a software problem, maybe you should reinstall the drivers. By the way, when you will solve that problem, we could play together a couple of games. If you have a very low rank it's not a problem, you can always use a rank boosting service like eloboss.net. If you are interested, leave me a message! It's going to be really cool! I am waiting for your message, dude!

The driver built in to FreeBSD for Realtek chips will crash under load. You can use the latest official Realtek driver to achieve stability, but if you already got Intel cards you're better off anyway.