It's not the syslog process that is the problem, you can see that reports 'done'. It's whatever is next causing the issue. It's more likely the package reinstall process if you are restoring onto a box that doesn't have a valid WAN connection. There were a number of things put in to improve that situation though, what pfSense version are you restoring into? Are you in fact doing that without a WAN connected? Steve

Aha! That would do it. They will be applied via a firewall rules on the DMZ interface. You will see it gas advanced options set. Though your floating rule should have applied before that so check for other floating rules that might apply. Steve

I mean I've hardware never tested that but I would expect it to.

@nogbadthebad You're right, I'd delete this if I could. Windows doesn't normally do that but on this build it's acting up. Thank you

That output looks fine for the igb NICs. You might want to disable hardware checksum offloading in Sys > Adv > Networking. That will apply it globally. It should be fine on the Intel NICs but has been known to give problems on other hardware, like the Realtek. You appear to have bridged igb2 and igb3 they have IP addresses in different subnets which looks wrong. Steve

@gertjan yes that is so

@gertjan said in SG1100 - Disk Full - Help: By looking at the logs, one of the first things you'll find out is : what's in them. Yeah, if those are the things you're sending then it's almost certainly the firewall logs filling it. Really you should not be storing that data on the eMMC in an 1100. Apart from anything else you are going to be significantly increasing the write wear on the storage. That level of logging should be exported off he firewall to a dedicated log server. It could be that is what's intended and it's storing them locally unintentionally. Steve

It's possible to run all those packages in 2GB or RAM but I would not recommend doing so. You have to tune them carefully to avoid exhausting the RAM. You cannot just enable all the signatures and lists in each and expect that to work. I run Snort and pfBlocker-ng in a 3100 as my edge here. But I use only basic ad blocking in pfBlocker and only the ET Open sigs in Snort (not in blocking mode). With that setup I could probably also run Squid (very carefully). But I would not! last pid: 2837; load averages: 0.67, 0.60, 0.62 up 5+18:13:34 16:40:10 81 processes: 1 running, 80 sleeping CPU: 0.0% user, 0.4% nice, 0.6% system, 0.0% interrupt, 99.0% idle Mem: 140M Active, 1285M Inact, 223M Wired, 84M Buf, 344M Free PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND 52379 root 2 40 20 271M 248M bpf 1 182:38 0.73% snort 73496 root 1 52 0 129M 49M accept 0 1:22 0.00% php-fpm 3052 root 1 35 0 129M 49M accept 1 1:56 0.00% php-fpm 67066 root 1 52 0 129M 47M accept 0 1:11 0.00% php-fpm 42460 root 1 52 0 129M 47M accept 0 0:49 0.00% php-fpm 81284 root 1 52 0 129M 46M accept 1 0:47 0.00% php-fpm 38356 root 1 52 0 127M 46M accept 1 1:29 0.00% php-fpm 45364 root 1 52 0 126M 44M accept 1 0:02 0.00% php-fpm 12066 unbound 2 20 0 61M 40M kqread 0 23:14 0.00% unbound 70717 root 1 20 0 46M 36M nanslp 0 3:57 0.04% php 1390 root 1 20 0 89M 29M kqread 1 0:16 0.00% php-fpm 4115 root 17 52 0 42M 21M sigwai 1 4:47 0.01% charon 34517 root 157 20 0 64M 16M uwait 0 1:06 0.00% filterdns 19905 dhcpd 1 20 0 13M 10M select 0 0:41 0.01% dhcpd That's with next to no traffic passing. However this may be a moot question since the 3100 is now EoS and unlikely to return. You would have to find one second hand at this point. Steve

Ouch! We ship to Canada all the time and I've not heard of anything like that kind of delay. We also have partners in Canada you can order from: https://www.netgate.com/partner-locator#canada Steve

Thank you all

@rwq891 Post a screenshot of a VLAN's settings from the article, and firewall rules for it. Firewall rules evaluate as traffic enters an interface. So on VLAN3 add a rule allowing traffic to go from that subnet to VLAN4. The default for new interfaces is no rules, hence no traffic...except LAN where the default is LAN to any.

Ah, that sort of adapter. Nice catch. Yeah weird set of faults, glad you found it though.

@dridhas Block from North America to that IP address as the destination.

@dridhas said in Wireless with VLAN not allowing traffic: TPLink The name for "quality" network gear! Yeah, right!

So where are you actually stuck here? I don't see a question. It sounds like you are going to setups pfSense as 'router on a stick', a single NIC with VLAN interfaces. So you are going to havbe to configured the DDWRT device to handle those VLANs to separate switch ports. Or use some other managed switch for that purpose. Steve

@tac57 said in pfSense -> Ubiquiti EdgeRouter X VLAN Help?: Any Ubiquiti EdgeRouter ER-X experts out there? I am very much not that! But it looks like you're trying to use the same subnet on two ports of a router which would normally not work. They would have to be configured as a bridge or as switch ports. Steve

Mmm, I wouldn't expect to see an issue with any of that. Do you see anything using a lot of CPU in System Activity when this happens?

How are you testing? 941Mbps is the limit of what I expect to see there so if you are seeing 950 there is probably some averaging errors happening. It could be some hardware off-loading issues. I would disable all hardware off-loading at least as a test. If you compiled your own driver to get i219V support I assume the i350s are using that too? Have you tried the in kernel driver in setup 2, without the i219V? Steve

Are you running 2.5.2? Do clients connect but just can't pass traffic? Are you routing traffic just to local resources or all traffic? Do you see ant thing blocked in the firewall logs? Steve