Thanks! it's work the name's :ad1 ad1: 152627MB <wdc wd1600aajs-07psa0="" 05.06h05="">at ata0-slave UDMA100 SATA Now I just have a problem to format and mount it.  :) @wallabybob: @zsunol: I added a second hard disk SATA of 160Go. (Bios OK) But I do not see him(it) in Shell SSH. How are you expecting to see it? For it to show in df output you will need to have formatted it and mounted it. To see in the OS thinks the drive is connected you could use either # ls /dev/ad* or # dmesg | grep ad If you want help interpreting the output from these commands post the output as a reply.</wdc>

On 2.0 RC3 I can enable the serial console, and it works (I get a menu on both) and I can also password protect it and it protects both. Not sure what is going on there but at the very least make sure you're using the most current 2.0 snapshots. ssh is protected by the password on ssh - it's not a "console" in the way that vga/serial are.

Yes, otherwise you're going to have no end of problems.

That'll be handled by the WET54G and covered in it's manual ;)

Sounds like what used to happen on older snapshots if you had no functional DNS on the router itself. Upgrade to the most recent 2.0 snapshot and it will probably behave better.

On the official strikeback forum topic I explain that you need to go into the settings and change the user to root. Upcoming updates will do this automatically.

That probably depends on what/how you are testing. PPPoE will add a bit of overhead, both in terms of CPU usage on the router and in terms of adding data to every packet. Though it shouldn't cut it by half I wouldn't think.

In VirtualBox, the virtual environment with which I have some familiarity, it is necessary to establish interconnections between physical interfaces and virtual interfaces. I suggest you draw a network diagram including both virtual and physical machines and interfaces. Use the diagram to help you work out how traffic will get from a particular source to a particular destination. In some cases the link will be a piece of wire, in other cases it will be a link you have specified in your virtual environment. When I last tried pfSense on VirtualBox (some months ago) I found it didn't work well with the default virtual NIC (an emulation of an AMD NIC). I forget the details; it might have been nothing showed up on a packet trace when there should have been ping transmits. I switched to an emulated Intel NIC and all was well.

Go to the pfSense documentation page: http://doc.pfsense.org where you will find links to animated tutorials, How-tos and FAQs.

Those rules are quite wrong. You only need one rule: pass all from (the ip of that box) to any, gw_opt1 It must be above any other rule that would match the traffic, too. Try fixing the rule. If that doesn't help, move the rule to the top of the list.

Most likely that specific chip. If you do a google search for "freebsd re0 promisc" you'll see there is quite a history there :-) Some (most?) of them work fine out of the box though.

tanks for answer but my problem is for time of block a ip in tableblock i find answer in this forums , tanks all –---------------------------- The answer is: First, install crontab package to help changes. then, open services -> crontab change line */60    *    *    *    *    root    /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot to *    *    *    *    *    root    /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 120 virusprot or */2    *    *    *    *    root    /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 120 virusprot The "-t 120" means block ip for two minutes, of course, you can change it to fit your needs. After this, you can limit connections on your pfsense(eg. 10 per second  or 200 per ip or both). if it reaches that limit, in 02 minutes your client can connect again. But if you do not need to free blocked ip, you can change virusprot and sshlockout crontab  rule to check correctly if the default time '-t 3600' has reached. The default rule checks every hour if the blocked ip has been blocked for 60 minutes. But if the ip address is blocked for 59 minutes when cron runs, it will take another 60 minutes to unblock it. Consider a very huge firewall with these rules, if you wait 120 minutes to remove an ip from list you could get a very long list. if you check every minute or every 5 minutes, you will check a smaller list. With these change, you can setup a very huge dynamic rules that prevents DOS without any extra package. Of course Snort, modproxy, and other security tools will improve security on your firewall. I've tested on Pfsense 1.2.3 and 2.0

ok tanks  ;D

Under status - Traffic viewer.

Thanks all… =)

Awesome,  Works like a charm. Thanks again.

The driver is from FreeBSD, iirc. Not sure if Dell/Broadcom actually contribute much at all. The tricks I put on that wiki page have stabilized the cards for most people I've worked with that have bce.

Further update: Perhaps it is already off topic but since it is the same machines I am referring to so I put them here. Finally I have replicated the crash under a test condition and found that it is the NIC that have been causing the problem, all the problematic servers are using the same NIC with the driver: dev.dc.0.%desc: Macronix 98715AEC-C 10/100BaseTX The crash occur after "TX underrun - using store and forward" message appeared during a network stress test(downloading large files). Hence I start looking at the NIC, replaced with another brand and everything works like a bliss, not even TX underrun message popping up. Both RealTek and DLink NIC works happily. Poor thing I have been spending weeks torturing it with CPU and HDD stress test scripts and it end up the real culprit is the NIC :/