Mmm, my limited scripting skills are failing me but you can set the status LED on the 1100 to 9 flashing speeds. Like:
[22.05-RC][root@1100.stevew.lan]/root: echo f1 > /dev/led/ok
[22.05-RC][root@1100.stevew.lan]/root: echo f5 > /dev/led/ok
[22.05-RC][root@1100.stevew.lan]/root: echo f9 > /dev/led/ok
So it would not be that hard to update that to reflect the load average using a script.
Steve
@stephenw10 yes mikrotik switches are very complex and difficult I did the vlans on edge switch and ubiqiti and went good .
this mikrotik switchess made lost me
Ok, looking at that it appears the installed and running kernel is correct but the userland is still at 12.2.
pkg upgrade didn't offer you any updates?
Try running pkg info -x pfSense and see if anything there still shows 22.01.
I would not expect a ZFS mirror to be capable of booting a different kernel. I've only ever seen it on separate boot devices.
Steve
@stephenw10,
I disabled UPnP on the router and I still have access to the server.
@SteveITS,
Thanks for the information about the Domain Overrides. I entered the server's domain and IP address into the table, changed the client's adapter setting to automatically obtain the DNS address and restarted the client. The client was able to access the server files and the Internet - problem solved!
Thanks to all for sticking with my situation until it got resolved.
Bridging and VLANs can be.... interesting!
But what you're doing isn't that complex you should be able to create a bridge with the two VLAN 36 interfaces in it.
Steve
Ok, it's incomplete so the firewall cannot connect to the gateway at all. It is not responding to ARP requests.
A layer 2 failure like that usually means something basic like a cable in the wrong port or an incorrect VLAN config in the switch maybe.
Steve
I did lot of testing. Really pulled out my hairs out.
TL;DR: After I let my WAN interface DHCP lease to expire I changed interface MAC address to make sure that I got another IP. With new IP everything is working as should.
Really nice :)
I just added this line
$tmp = str_replace("utf-16", "utf-8", $data);
under line
$tmp = str_replace("^M", "", $data);.
It's rather crude, but it works :))
edit:
This could work too: $tmp = str_replace("utf-16\"?>", "utf-16\"?>\n", $data);
It's possible that happened during the upgrade before the package was updated. The crash shows the dumptime as: Sun Jul 3 152927 2022.
However is also shows 5 crashes and all the logged panics look to be the same. That seems unlikely to be from the upgrade.
If the crash report returns that will confirm it's current, yes.
Steve
It's easy to lock yourself out during the creation of the bridge because you would usually reassign LAN and bridge. So if you are connected via the LAN you must take care.
As long as you have access via some other means, such as the console, you can just roll-back.
Steve
So you have couple options:
• Setup any VPN on pfsense or your NAS and use it to file sharing (NextCloud) service.
• Setup NextCloud through Nginx on NAS and setup correct access policies in nginx to access only to share links, and with other access to admin/sharing only from local network or VPN IPs.
• Setup NextCloud on NAS and haproxy on pfsense. And do same as above but on haproxy side.
Last two options are pretty complicated, and required good knowlege in nginx or haproxy configs.
There are no way to limit file sharing service only on firewall/nat. If you open access to share links you automatically open access to admin panel.
You must understand that almost all hacked and cryptolocked NASes on web was hacked through file sharing services that expose whole file sharing service to web. And you need limit unrestricted access only to file shares. Any links that not fall into allowed category should be dropped without any access to NextCloud server.
