Well, err… My bad... You're right perry, many thanks. I got an issue in the script with and semi-colon i added... Now the SH script is ok. ;) And is correctly executed at startup. He must be executed correctly before, but did not ran inetd because of syntaxes errors. Many and HUGE thanks. And btw thanks for the status.php page, didn't knew about it.

I am on vacation now and will be slow to respond.  Hopefully the book can help you in the meantime.

My previous response was meant to be qualitative rather than quantitative, indicative rather than exhaustive. I don't currently have access to FreeBSD sources on a local system so it would be quite time consuming to do the necessary trolling through the source files to get detailed answers to your questions. Here's a bit of quantitative speculation to help illustrate why a fair bit of memory might be needed to "manage" 2GB. A common thing an operating system wants to do is allocate and free pages. Pages can be in a number of different states: free, locked in memory (can't be swapped or paged, example: kernel code, kernel data, active i/o buffers), swappable/pageable etc. We might want to keep some flags about pages (example: a page is shared by a number of users, shared data or code) and a reference count (of sharers) to avoid "freeing" a page which has been released but is still in use by other sharers. So, for each page we might want a data structure with a couple of pointers (to allow quick insertion and removal from doubly linked lists of free pages, locked pages etc, (2 x 4 bytes), flags (say 32 bits), reference counter (say 32 bits). Thats 16 bytes. In a kernel for multiprocessor systems we might also want to add a lock to prevent multiple CPUs trying to change characteristics of the same page at the same time. We might also want to add some debugging information, say 32 bytes all up. On a system with 2GB and a page size of 4kB there are 512K pages. So an array of page structures (one element per page) will occupy 325121024 bytes = 1610241024 bytes (16MB). Suppose the kernel is allowed to grow to 1GB and it is decided to preallocate the page map pages for the kernel to avoid the complication of having an attempt to grow the kernel fail. The preallocated page tables require a little more than 1MB of RAM. (Note this is not the same as preallocating the 1GB kernel space.) @houms: Thank you for your response… though I am not sure I understand all of it :). If I understand it correctly, your saying the kernel is allowed to preallocated page tables for its own use? Yes. something like caching? yes (f preallocation is like caching) Is 500 MB reasonable in that regard? Don't know. I haven't done an exhaustive calculation. i mean if BIOS reports say 2014MB, then this is real memory, but is it supposed to use +500MB to manage 2014MB? See previous answer. and if so, then is it really only managing the avail memory? My list of examples of the likely use of that 500MB memory was not meant to be an exhaustive list. I am just trying to understand if it is actually using all the ram? I know that question is a bit of an oversimplification, but is that "unavailable" ram being utilized as ram or for kernel functions? If FreeBSD swaps or pages its probably using all the available RAM. If it is not swapping and not paging its probably not using all the available RAM. The default FreeBSD kernel build in FreeBSD 6.x allowed for a maximum kernel size of 1GB. (I don't know about pfSense nor about FreeBSD 7.x.) If the same applied to pfSense in basic firewall applications there would be little point in having much more than 1GB RAM because the basic firewall application generally does most of its work in the kernel. Of course some applications run sometimes so it would be good to have a bit more than 1GB. In a lot of cases, 2GB will be the next practical step up from 1GB. If the firewall runs applications that use a lot of RAM (snort is reportedly one of those) then additional RAM could be useful.

Thanks - I'll give that a try… sounds like it work work perfectly.

I'm not familiar with NRPE, but if it's anything like the main install of Nagios, you should be able to write a custom shell script for it to call. To check the mirror status, execute: /sbin/gmirror status And then parse the output from that. Should be fairly simple, if you see COMPLETE, it's ok, if not, it's broken in some way. (you can get fancier than that if you want)

There is a FreeBSD port of bacula. Install away…. On your own risk. (No official support, you're on your own)

Yep, and the 1.2.3 release is actively being rolled.

I don't think there's enough there for anybody to answer that question. Are you replacing an existing box with a pfSense host? Are you using pfSense as a primary or secondary DNS server?

without knowing what the IP address is that is being complained about, we can't really help you.

You can do this with a Cisco ASA 5510, but that's only a little bit more expensive than pfSense.  ;D

Got a 4GB pfsense box, and seems everything is used (or at least 3.5Gb). Disable sound, serial port, LPT port, and other useless thing like IDE or floppy if you dont use it right now, it takes IRQ and mabe some adressable space too.

cool!

Thanks for replying. At last I configured the modem as bridge, disabled firewall filtering, NAT and DHCP on it. Connected PFSense to port 1 (I guess any should work as stated by Gob) and confired the WAN interfase as PPPoE, after entering the the username and password, all worked out of the box!. Another question, if the conexion is dropped or the modem is restarted, PFSense should be aware of that and reconnect? Regards,

Are you running pfSense on an ALIX 2/3 machine? Because they don't have a clock battery, the clock resets every time it's rebooted (though you can add a battery if you want to get your soldering iron out). If you're not using ALIX, then chances are your CMOS battery is dead. However NTPd is there precisely for the reason to compensate for the lack of a hardware clock. However, when a clock is out of sync but a HUGE margin like this, NTP sort of goes into a panic mode and starts wondering whether to believe the system clock or reset it. The reason is NTP under normal operation will only fix drift by up to 2 seconds per second (this is at least under Linux, not sure about FreeBSD). When the date is completely out of whack, like 1970 vs 2009, it 'panics' (not a kernel panic, just an NTP panic) and its behaviour isn't really 100%. The best way to deal with this is for pfSense to actually save the time at shutdown somewhere, and reset it (even if it's not totally accurate) at boot time, so NTP can then fix the time from this less-drifted reference rather than from 1970. The only way to fix it really is to manually set the time and then let NTP do it's thing. Finally, pfSense also uses OpenNTPD, which is a cut down and considerably simpler and smaller version of NTP, which is more than fine if you're only running stratum2/3 with a pool.ntp.org reference. However if you want 'proper' NTP (especially with sub 1.0us accuracy and GPS/10MHz reference or being a pool host), then not having a dedicated box tuned for NTP and accuracy would be silly.

@Supermule: Why not use the switch feature in the phone then??? But PFsense is very easy with 7940…. If you know teamviewer I can give you a quick hand via live messenger... I'm not familiar with that software sorry. In Q1 next year we will be upgrading to bridged PPOE + Cisco router which should eliminate any complications, post-firewall (our network diverges into two separate networks behind the modem currently) However if you wouldn't mind helping me figure out whats wrong with the phone when behind the firewall drop me a PM and i'll pass you the details. Regards, Mike.

Thanks for the feedback.

There is a package for nut, a UPS daemon. If your UPS is supported via NUT, then it should work fine.