Good to hear - yeah this is why its a good idea to use non common networks for tunnel and your local networks.. For example 192.168.0 and 192.168.1 are very common! Good tunnel networks are in the 17.16/12 rfc1918 space... Like say 172.29.14/24 or something ;) Many hot spots that you might be at where you want to go home so using common networks locally.. Can cause you problems from your remote location when your wanting to vpn home... So good to use odd networks at home too.. I use 192.168.9/24 for my normal lan, have yet to run into an issue with that.. But yeah you never know what network you might be on ;) Also why good to not use large networks.. When you see someone using 192.168/16 or 10/8 they prob going to have issues trying to vpn out or in ;)

On 2.4.4 here and Twitch works fine.

Thank you! That solved my problem.

Mmm, interesting. Two states are created in the firewall, one on WAN and one on LAN. It could be the WAN state still giving a problem since the NAT happens before the ACL there so both have the same destination. However the NAT is included in the state so I expect it to still be unique. Clearly something is still conflicting. Not really anything else we can do there. Steve

...and https://docs.netgate.com/pfsense/en/latest/book/index.html -Rico

Great. Now you can access your switches.

many thanks for checking /helping and fixing it, to all. Really appreciated!

Port 1010 which they are using now is commonly used by malware as discussed above. It's probably that triggering whatever is adding it to the blacklist. They can forward from any port so just choose some higher unknown port. If his Router is open to the internet he has bigger problems! But it might be because you are coming from a known subnet he has opened rules for. Steve

lol no. I don't give a damn about voracle. It's a theoretical attack that will not affect me at all.

Solved..... I spent 2 weeks to find this issue, posted here... then I cleared my cache and it did the trick.

@alphar3c0n Hey arpresolve: can't allocate llinfo for %d.%d.%d.%d The route for the referenced host points to a device upon which ARP is required, but ARP was unable to allocate a routing table entry in which to store the host's MAC address. This usually points to a misconfigured routing table. It can also occur if the kernel cannot allocate memory.

@johnpoz That was like a year ago. @Web2Print Yeah you can increse that further to, say, 1M. However that error is not due to table size or memory exhaustion. It's because the table defined by pfBlocker has not been populated. That would normally be updated automatically but you should force an update in pfBlocker to be sure. Steve

@alveszer said in How to DNS registration: IPv6 reverse dynamic dns registration IS available but also not working. How are you testing that? If with a browser, you will not likely get reverse DNS, due to privacy addresses. Privacy addresses are used for outgoing connections. They are based on a random number and change daily. There's no way you're going to track that.

Thanks for the suggest.

The diff is against the current config version so you can see exactly what changed. That's the only config record there is though. If you need something more you can open a feature request: https://redmine.pfsense.org Steve

Thanks, this seems to be a good assistance. :-) Will try to adapt this to my issue in the next couple of days. As i said, im not into web/Http/html and so one. Maybe, i will ask for help one more time .

Something something beowolf cluster of those! I assume he means his desktop PC is using cloudflare DNS. Steve

@johnpoz "dhcpleases kqueue error: unkown" @jimp there is a bug listed from Jim for 2.5 which seems to be the same as with 2.4.4_p2 https://redmine.pfsense.org/issues/9383 it appears on a vanilla install with only DHCP / DNS Resolver turned on on 2.4.4_p2 "DNS Query Forwarding" - Enable/Disabled - makes no difference to the error "Register DHCP static mappings in the DNS Resolver" - Enable/Disabled - makes no difference to the error the trigger for the error is "Register DHCP leases in the DNS Resolver" checked error occurs, unchecked no error Error first appears immediately after boot and any time unbound is re-started In 2.3.4 there was the same error, but for a different reason. But this can be ignored. https://redmine.pfsense.org/attachments/2097/unbound-stop.diff

If you edited the Limiters you may need to re-apply them in the rules. Unless you created that rule specifically there is not normally a way to edit the Negate Networks rule. I would still try disabling it as I said and then reload the rules in Status > Filter Reload and see if it comes back without errors. Steve