• PFSence source code structure

    Locked
    11
    0 Votes
    11 Posts
    4k Views
    jimpJ
    @rcbandit: What framework are you planning to use? Which framework do you find best for pfsence I don't think that has been decided. There has been talk of CakePHP but some people like it and others say it's too slow. Given that it's so far in the future for a topic, it's far too early to say.
  • Using pfsense between ISP and my network (Diagram attchd) NAT?

    Locked
    1
    0 Votes
    1 Posts
    3k Views
    No one has replied
  • Setup with two pfsense machines for troubleshooting.

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    jimpJ
    There is a board just for CARP here, that would be the best place.
  • I'm completely baffled - web pages never fully load

    Locked
    9
    0 Votes
    9 Posts
    5k Views
    G
    Thanks for replying. My ISP is plusnet.  I'm not LLU, I'm on a normal BT exchange with 21C, but not ADSL+ as I'm too far from the exchange to take advantage of it. On plusnet's forums I can see that other folks are using PPPoE just fine with them. They use the standard BT VPI/VCI 0/38. Yup, using PPPoE means my MTU has to be a little less than 1500.  I'm using 1492. I'm on the latest non-US firmware for the DG834Gv4.  It's currently in dumb-modem/bridge mode via the standard url hack. So far, my old d-link dgl4300 gaming router is working fine with the DG834Gv4 in PPPoE mode.  No uncompleted page loads. However, I'd far rather use pfsense.  That's why I'm here :) I'm not pegging the CPU on the 533mhz Via chip that I can see.  Downloading 20 SSL connections from my usenet server works a dream.  Going full rate. It just seems to be spikey web pages loads… like loading a new web page with lots of images that causes things to get lost/go wrong.  Things like page loads aborting... or image loads hanging.  Just regularly enough to be annoying. Note I did have to disable DMA on IDE for the CF chip, or pfsense wouldn't boot. I'm wondering if the network chips need a workaround.  They seem to be that model that everybody's complaining about.  realtek?  I tried disabling the checksum offload, but that didn't make any difference.  I tried device polling, and neither did that. -- gyre --
  • Check Point firewall vs. pfSense

    Locked
    3
    0 Votes
    3 Posts
    7k Views
    M
    We've roughly 70 employees; I guess that's big.  Thanks for the link mhab12.  I will check it out.
  • 0 Votes
    3 Posts
    2k Views
    jimpJ
    You probably just need to copy /usr/bin/tip from a suitable FreeBSD host of the same vintage, and then from the shell you could run: # tip com1 Which would connect you to the serial port. To disconnect, press enter, then type ~. cu might work but I'm partial to tip. If you have a blue "Cisco" serial cable like they include with the router you do not need a null modem adapter.
  • Current State of PFSense V2.0

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    jimpJ
    It's a long ways off from that. 2.0 is getting better and better every day, but in many ways it is still a beta. In most cases it should not be used in production still, but lots of things do work properly (at least for the time being :)) There is no schedule or time frame. It will be ready when it's ready, but hopefully it will be sometime yet this year.
  • Soekris net5501-70

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    L
    Thanks jasonlitka, that worked
  • Network Firewall/Nat Plan Validation

    Locked
    4
    0 Votes
    4 Posts
    1k Views
    Cry HavokC
    That'll be it  ::) I'll go edit that post (if I still can).  Thanks.
  • Saving RRD graph data using nanoBSD

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    M
    Awesome, thanks for the information!
  • SQUID Pros / Cons - Enable offline mode

    Locked
    4
    0 Votes
    4 Posts
    7k Views
    jimpJ
    It periodically checks, yes, depending on whatever settings you have configured. Things don't live in the cache forever, especially for dynamic content pages.
  • Why should Squids "Memory Cache Size" (RAM) not exceed 50%?

    Locked
    3
    0 Votes
    3 Posts
    8k Views
    R
    @jimp: Probably due to this: http://wiki.squid-cache.org/SquidFaq/SquidMemory#I_set_cache_mem_to_XX.2C_but_the_process_grows_beyond_that.21 Thanks for the link.  I looked around but never came up with that link.
  • Snort not blocking SQL Authentication Failures

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    R
    Yeah the attacks come from the same IP over and over and there are zero alerts in snort.  The SQL Server is exposed because I develop outside the local network.  However you are correct…I have got the VPN working now, so maybe I'll close it down and connect via VPN.
  • 4 port ethernet pci

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    K
    Be aware that this is a UIO card and will only fit properly in SuperMicro motherboards with a UIO slot. UIO is apparently just a PCIe slot that is physically reversed, so if you remove the backplate you can mount it 'backwards' (I haven't tested this myself), but it's less than ideal, especially for a NIC where you want the external connections. That said, if you're aware of that, I think this card should work fine. It's basically just a PCIe switch chip (which is standard and 'invisible' to the OS) and a pair of Intel NICs which are well supported in pfSense.
  • PfSence + postgresql on the same computer

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    K
    You could do this, but pfSense is definitely an appliance distribution and doesn't provide any support for this kind of setup. Just getting it installed might be tricky. I would suggest that you either virtualize pfSense and a separate VM for a standard Linux/BSD server to run your Postgres server, or use the routing/firewall facilities of a standard Linux/BSD box instead of pfSense, e.g. a script like Shorewall is fairly nice to use for this.
  • Lost contact with internal webserver

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    Cry HavokC
    Try testing from outside.  If it works you need to search the forum for "NAT reflection" since this has been discussed many times before.
  • NanoBSD - should different slices have independednt configurations?

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    jimpJ
    The two OS slices are independent, but their intention is to be used as alternates for the same master configuration. The layout of the NanoBSD filesystem is thus: Slice 1: pfsense0 - First OS slice Slice 2: pfsense1 - Second OS slice Slice 3: cf - Configuration slice, also has some other persistent files (e.g. ssh keys, rrd graph backup, and so on) The config is always used directly off slice 3.
  • XML error: OPTXXXX at line 128 cannot occur more than once

    Locked
    9
    0 Votes
    9 Posts
    5k Views
    V
    Well its up ruining  working ok now.   Thanks :))) I'm more use to using PF on a old desktop so if i messed up I just reload and the restore  my saved backup. The embeds are all new to me.. saved some bit of worry, specially when someone else paid 200 some for the device.
  • How to setup PFSense as a Secondary DNS server?

    Locked
    6
    0 Votes
    6 Posts
    9k Views
    R
    @danswartz: To be honest, you would be better off setting up a minimal server on your LAN using some linux distro and install a supported DNS server there as a secondary.  While you might be able to get pfsense to do what you want, it is really not intended to work that way, and you are (IMO) setting yourself up for problems down the road. I've actually got is setup as follows now Server NIC 1 = Primary DNS PBX = Secondary DNS PFSense = Tertiary DNS Server NIC 2 = Quaternary DNS (in case the first server nic was simply non-responsive) So I basically have 3 servers distributing DNS.  This is working quite well and dns resolution is very speedy.
  • Authentication with active directory groups in V2?

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    B
    I downloaded and installed the current 2.0 snapshot. Can I test this functionality with the current release? I would love some hints on how to set this up  :D
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.