$ ssh root@SG1000.fw.example.com 'pkg search -o ".*"' | awk '{print $1;}' | sort > armv6.list $ ssh root@SG8860.fw.example.com 'pkg search -o ".*"' | awk '{print $1;}' | sort > amd64.list $ diff amd64.list armv6.list | grep '^>' > not-on-amd64.txt $ diff amd64.list armv6.list | grep '^<' > not-on-armv6.txt $ cat not-on-amd64.txt > sysutil/pfSense-u-boot $ cat not-on-armv6.txt < archivers/cabextract < archivers/gtar < archivers/libarchive < archivers/liblz4 < audio/beep < databases/ldb < databases/mysql56-client < databases/redis < databases/tdb < devel/argp-standalone < devel/binutils < devel/cmake < devel/cmake-modules < devel/ding-libs < devel/git < devel/icu < devel/jansson < devel/jsoncpp < devel/libhtp < devel/libinotify < devel/libpci < devel/libunistring < devel/nasm < devel/nspr < devel/py-babel < devel/py-backports_abc < devel/py-botocore < devel/py-dateutil < devel/py-enum34 < devel/py-futures < devel/py-Jinja2 < devel/py-jmespath < devel/py-msgpack-python < devel/py-pytz < devel/py-singledispatch < devel/py-six < devel/py-yaml < devel/swig13 < devel/talloc < devel/tevent < devel/yajl < dns/bind99 < dns/c-ares < emulators/open-vm-tools-nox11 < emulators/pfSense-pkg-Open-VM-Tools < emulators/qemu-user-static < graphics/graphviz < lang/p5-Error < mail/p5-Net-SMTP-SSL < math/mpc < math/mpfr < misc/pciids < misc/py-progressbar < net/daq < net/freeradius2 < net/libdnet < net/libpcap < net/ndpi < net/ntopng < net/p5-IO-Socket-IP < net/p5-Socket < net/pfSense-pkg-freeradius2 < net/pfSense-pkg-ntopng < net/py-libcloud < net/py-pyzmq < net/rsync < security/barnyard2 < security/broccoli < security/nss < security/p5-Authen-SASL < security/p5-Digest-HMAC < security/p5-GSSAPI < security/p5-IO-Socket-SSL < security/p5-Net-SSLeay < security/pam_ldap < security/pam_mkhomedir < security/pfSense-default-config-azure < security/pfSense-default-config-bhyve < security/pfSense-default-config-ec2 < security/pfSense-default-config-ec2-csm < security/pfSense-default-config-kvm < security/pfSense-default-config-openstack-csm < security/pfSense-default-config-serial-alix < security/pfSense-default-config-vmware < security/pfSense-pkg-snort < security/pfSense-pkg-suricata < security/py-certifi < security/py-pycrypto < security/snort < security/sssd < security/suricata < shells/bash < sysutils/blinkled < sysutils/dmidecode < sysutils/flashrom < sysutils/grub2-bhyve < sysutils/htop < sysutils/lcdproc < sysutils/lsof < sysutils/pfSense-builder < sysutils/pfSense-pkg-blinkled < sysutils/pfSense-pkg-gwled < sysutils/pfSense-pkg-LCDproc < sysutils/py-salt < sysutils/screen < sysutils/smartmontools < sysutils/u-boot-ufw < sysutils/vm-bhyve < sysutils/vmdktool < sysutils/wrapalixresetbutton < sysutils/xe-guest-utilities < sysutils/xen-guest-tools < textproc/flex < textproc/libyaml < textproc/py-docutils < textproc/py-MarkupSafe < textproc/xmlstarlet < www/p5-Mozilla-CA < www/py-requests < www/py-tornado < x11-fonts/libfontenc < x11-fonts/mkfontdir < x11-fonts/mkfontscale < x11-fonts/webfonts < x11/xproto The packages that are not on ARM are mostly missing because they either do not compile or do not make sense on the platform, or they are dependencies of packages that are not there. For example, no need for VM guest tools if we know it's real hardware, not enough horsepower for snort/suricata even if they did compile. To boil it down to user-facing stuff: $ grep 'pfSense-pkg' not-on-armv6.txt | cut -f2- -d '/' | sort pfSense-pkg-blinkled pfSense-pkg-freeradius2 pfSense-pkg-gwled pfSense-pkg-LCDproc pfSense-pkg-ntopng pfSense-pkg-Open-VM-Tools pfSense-pkg-snort pfSense-pkg-suricata

Any suggestions? I am having the same problem. Once before it corrected when I reboot pfSense. But not this time.

First: Ditch NanoBSD. It's not doing you any favors and it has been removed from pfSense 2.4. Second: Disable the dashboard update check (System > Update, settings tab) and also if you have the packages widget active, remove it.

The only place that TRIM is activated automatically is on 2.4 when choosing ZFS, because ZFS has TRIM support built-in.

"but I really like how the NAT redirect works." Why??  If you block dns, your teenagers can try until they are blue in the face to use some other dns.. Just not going to work..  This is honest, sorry we do not allow that.. Redirection is oh you want to use 8.8.8.8 here is answer to your dns query to 8.8.8.8… Didn't tell you I sent it to opendns instead.. If you want to use redirection you still can, but you can not have the thing your redirecting to use redirection.. You have a loop..

M.2 disk only, the miniPCIe socket isn't capable of mSATA IIRC.

My connection is currently 100Mbps/10 and will soon have 250Mbps/50. There are some nice matching units to get success. APU2C4 & mSATA Chinese J1900 box Jetway NF9HG-2930 Supermicro C2558/C2758 Alternatively I would more have a look on the SG-2440 units from the pfSense shop.

you can create a new macro an execute that from commandline https://doc.pfsense.org/index.php/Using_the_PHP_pfSense_Shell#Recording_and_Playback

Ok, it would seem it is a known Bug. It was due to the fact I was running CODELQ on both parent interface and VLAN.

Thanks! Not sure how I managed to not find that page…

Hello, I'm looking at my syslog server and I find the following log entries around every time the wan connection goes down: Dec 15 10:59:59 10.1.1.65 Dec 15 11:00:00 /usr/sbin/cron[93325]: (root) CMD (/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/snort/snort_check_cron_misc.inc) Dec 15 10:59:59 10.1.1.65 Dec 15 11:00:00 /usr/sbin/cron[93770]: (root) CMD (/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 webConfiguratorlockout) Dec 15 10:59:59 10.1.1.65 Dec 15 11:00:00 /usr/sbin/cron[94091]: (root) CMD (/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout) Dec 15 10:59:59 10.1.1.65 Dec 15 11:00:00 /usr/sbin/cron[94344]: (root) CMD (/usr/local/pkg/swapstate_check.php) Dec 15 10:59:59 10.1.1.65 Dec 15 11:00:00 /usr/sbin/cron[94545]: (root) CMD (/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot) Dec 15 10:59:59 10.1.1.65 Dec 15 11:00:00 cron[93249]: (root) MAIL (mailed 46 bytes of output but got status 0x0001 ) Dec 15 11:00:00 10.1.1.65 Dec 15 11:00:00 cron[92957]: (root) MAIL (mailed 74 bytes of output but got status 0x0001 ) Dec 16 11:00:00 10.1.1.65 Dec 16 11:00:00 /usr/sbin/cron[30482]: (root) CMD (/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/snort/snort_check_cron_misc.inc) Dec 16 11:00:00 10.1.1.65 Dec 16 11:00:00 /usr/sbin/cron[31532]: (root) CMD (/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 webConfiguratorlockout) Dec 16 11:00:00 10.1.1.65 Dec 16 11:00:00 /usr/sbin/cron[32008]: (root) CMD (/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout) Dec 16 11:00:00 10.1.1.65 Dec 16 11:00:00 /usr/sbin/cron[31725]: (root) CMD (/usr/local/pkg/swapstate_check.php) Dec 16 11:00:00 10.1.1.65 Dec 16 11:00:00 /usr/sbin/cron[32172]: (root) CMD (/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot) Dec 16 11:00:00 10.1.1.65 Dec 16 11:00:00 cron[30438]: (root) MAIL (mailed 46 bytes of output but got status 0x0001 ) Dec 16 11:00:00 10.1.1.65 Dec 16 11:00:00 cron[30168]: (root) MAIL (mailed 74 bytes of output but got status 0x0001 ) any idea what could be happening?

"By not mixing T and U traffic on one IF it is likely more overseeable, don't you think?" To be honest I don't see it as an issue, while I completely agree with KISS and why over complicate things.  Not having any settings on a interface tends to confuse new users..  So if they can think of that as network ABC, and then adding vlans on top of that its pretty simple. But you have a talking point sure.  But then your doing it opposite to the end machines - you don't tag the port that end device is connected too.  if you do then you have to set the end device to understand the tag..  So no matter how you look at it your going to be running tagged and untagged when you start to vlan.  So how is it any different for your router vs your workstation.  Just in the router you need to tagg the traffic for the other vlan lans its routing, etc..

@roy2019: My switch just normal unmanaged Gigabit switches Then you need to replace it with a proper one.

Oh right, I forgot you have to authorize apps to access your Google stuff.  Thanks for the reminder.

Before we had a proper pkg building system someone must have hand configured the options for the version it pulled, I didn't see anywhere we set them. I pushed a change to fix the options up so it'll come through with the next update. pkg is smart enough to pick up that the options changed and it needs a nudge on the client side.