@kiokoman Thank you for the reply. I will try and use a log parser before sending them to papertrail then (until we have a native way to do it). I think it may be worth my time to setup a cron job to ftp the pfblocker-ng logs rather than the system logs. I need to look at those logs to see if they containt the DNS name.

I forgot to include both of these servers are esxi's. Multiple vms that sit on each network. I used LAN as a generic term. LAN in this case is a segregated VM network for devices that need access to the lan but are not accessible by the internet. As for 10gig need, I really only need 10gig for the dmz on server1, which could free up one port on the firewall for server 2 dmz, except I currently have another hardware device that sits in the dmz.

@bmeeks said in Division by zero in /usr/local/www/widgets/widgets/system_information.widget.php on line 373: running the pfSense-2.5 Snapshot release Ahhh. I was mislead (mis read). "2.5" messages are ment to be posted here [Home > pfSense Software > Development](Home pfSense Software Development) - that's where the bleeding edge battle is taken place. This is the general pfSense section, 2.4.5-p1. Anyway .... living on this edge means : updating ..... and wait if something fails. And re update.

@mogarchy said in LDAP auth via SSH: @jimp Thanks for the info, do you have the power/ability to make it happen? If so what's your price? (not a joke) Otherwise, can I use any external authentication server like RADIUS or am I stuck with local authentication for SSH sessions? RADIUS shell authentication is implemented in 2.5: https://redmine.pfsense.org/issues/10545

@bingo600 I'm not advocating that as the only method, just a small table lookup for existing MAC addresses with a failover to the current way of working if not in the table. A clone would therefore work as before since none of the MAC addresses would exist.

@snigy No it is not normal=ARC: 6461M Total, 5004K MFU, 6430M MRU, 4128K Anon, 15M Header, 7302K Other 6231M Compressed, 8693M Uncompressed Swap: 2048M Total, 20M Used, 2028M Free-I don't even use swap. Probably a pkg. running wild or misconfigured.

There are legitimate reasons for bridges such as bridging two interfaces to create a transparent proxy. That is a legitimate purpose (and it works just fine). You are attempting the equivalent of driving a screw with a carrot. Your switch is a perfectly good screwdriver and it's right over there.

Hi, What are your LAN firewall rules ? Is the rule you showed the LAN interface ? WAN firewall rules ? Floating rules ? DHCP on LAN works - you got an IP ? /mask ? / DNS ? / Gateway ? Why are you hiding lines in your log file ? Are some LAN devices working well = having normal 'Internet' access ? Default settings will work. Did you try the classic solution : save the config. Switch to default. Everything will be fine. Now rebuild your settings 'by hand' and you know now what step not to repeat. Also : Where did you get that version from ? ( to get that one, I have to 'borrow' if from the local ancient science museum )

@johnpoz said in Lan errors in with vlan: " the TPLINK TL-SG108PE itself that emits the bogus packet. Something about the way this device drops the tagged 802.11q packet causes the packet to be transformed in such a way as to be seen by as this rouge/bogus packet." Of course, TP-Link is well known as an expert on VLANs.

@Raffi_ thanks for that. I've been advised to try disabling the pfblocker snort rules elsewhere som in trying that now. If it doesn't work I'll try this next :)

add this to /boot/loader.conf.local and reboot # allow multi queue support on vmx hw.pci.honor_msi_blacklist="0"

Thank you. Now I can log in again.

Yes, and knowing how to do that and what it looks like if you're in that situation is a useful skill that may well save your ass! They other situation I see it in commonly is when a network is switching subnets, because the previous one was too small and couldn't enlarged or it conflicts with a remote subnet over a VPN say. Both subnets may be run for some time during the switch over because there are always some systems that have some issue. Still better to avoid it if you can. Steve

There is a bug in pkg that you may be hitting in 2.4.5p1 where the pkg process never closes preventing subsequent packages installing after a restore. Only some packages hit it, notably Squid and FRR may. You can get past it by either killing and package process that has frozen or making a change in the package settings. It should then continue to install other packages. https://redmine.pfsense.org/issues/10610 It's fixed in 2.5. I restore stuff all the time and only occasionally hit that though. If you want complete filesystem backups consider installing ZFS and using snapshots. https://www.freebsd.org/doc/handbook/zfs-zfs.html#zfs-zfs-snapshot Not a GUI option, yet. Steve

@kiokoman I tried that editing directly. It worked, but did not survive a reboot. But this did work: at the very end of "/etc/skel/dot.tcshrc" I added: ... if ( id -u != 0 ) then /etc/rc.initial endif thanks for your help, done!