• Pfsense or vyatta

    Locked
    4
    0 Votes
    4 Posts
    7k Views
    C

    Yeah speed is definitely not an issue with adequately sized hardware, two 100 Mb connections is nothing. The couple links posted are good resources, and there are many, many others on here who have pushed a lot more than 200 Mb. Yours truly included.

  • Possible Bug - VLANS

    Locked
    10
    0 Votes
    10 Posts
    4k Views
    W

    Thanks for the confirmation CMB  ;D

  • [HELP] some info!…

    Locked
    6
    0 Votes
    6 Posts
    2k Views
    H

    If you don't enter a keepalive IP it's on demand by default.

  • Microtec v.s pfsense

    Locked
    3
    0 Votes
    3 Posts
    3k Views
    S

    I think he might be refering to RouterOS that comes with RouterBOARDs from Mikrotik.

    Here's a reference I found: http://www.mikrotik.com/software.html

    Saw them at this supplier, http://www.xagyl.com/catalog/index.php?cPath=57_30 might be others too.

    Anyway, it seems it is a linux based router/firewall. Seems somewhat similar to Vyatta, but there doesn't seem to be a free/community edition.

    From what I can tell from a quick look at the demo, a lot of the functionality is only available from the telnet interface, with only a selected subset being available from the web interface.

    I don't know how this would compare to pfSense, I'm sure someone around here might have a better idea though.

  • MOVED: WPA AES Bridged WDS

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • Division by zero error

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    M

    I had this issue when one of the CPUs in the Dell Powerline server would overheat, this was fixed by simply mounting a fan on top of the heatsink. Check to see if heat is becoming an issue. A ram check wouldnt do harm either so try that if you will.

    Hope any of this helped,

    Matt

  • Advice needed: Is this possible?

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    H

    pfSense doesn't support modemtype interfaces. Only ethernet. You could live with a single interface if you create vlans but that would require a vlan-capable switch to make sense for a firewall.

  • PFSENSE Read Additional Switch Info Off of Packet

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    U

    i am contacting our web admin that works with the softwarre to find out more how the software works and grabs the information.  I will post a reply with the new information in a day or so.

  • VoIP and Windows 2003 server loose connectivity over ADSL renew

    Locked
    5
    0 Votes
    5 Posts
    4k Views
    J

    Ok, I applied the workaround, and so far so good. It works.

    Change /conf/config.xml

    <system>... .... <afterfilterchangeshellcmd>/usr/local/bin/reset_states.sh</afterfilterchangeshellcmd></system>

    Create /usr/local/bin/reset_states.sh

    #!/bin/sh sleep 60 /sbin/pfctl -F state sleep 40 /sbin/pfctl -F state

    chmod 755 /usr/local/bin/reset_states.sh

  • Vmstat showing blocking processes

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • Ettercap?

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • Pfsense bignerz

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    GruensFroeschliG

    @fredde:

    this have been discussed several times, so best would be to just search for it on the forum
    you can also check this link where tutorials and wiki are located
    http://www.pfsense.org/index.php?option=com_content&task=view&id=50&Itemid=78

  • Access broadband modem from lan

    Locked
    11
    0 Votes
    11 Posts
    16k Views
    H

    You can add the last 2 lines manually to your config.xml as hidden shellcommands. Search the forum, there are some examples on how to use hidden config.xml options.

  • Pfsense WAN pppoe isp account desapeard

    Locked
    4
    0 Votes
    4 Posts
    4k Views
    R

    The problem came back.

    something made it restart and after the ISP PPPOe account (user and password) vanished .
    Please not that there is a gap in 19:46 ,the system rebooted @ this time

    10.6.30.254 04/05/08 19:45:13 04/05/08 19:45:07 pfsense system Info mpd [pt0] LCP: Down event
    10.6.30.254 04/05/08 19:45:13 04/05/08 19:45:07 pfsense system Info mpd [pt0] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:45:13 04/05/08 19:45:07 pfsense system Info mpd [pt0] pausing 7 seconds before open
    10.6.30.254 04/05/08 19:45:13 04/05/08 19:45:07 pfsense system Info mpd [pt0] device is now in state DOWN
    10.6.30.254 04/05/08 19:45:20 04/05/08 19:45:14 pfsense system Info mpd [pt0] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:45:20 04/05/08 19:45:14 pfsense system Info mpd [pt0] pausing 2 seconds before open
    10.6.30.254 04/05/08 19:45:20 04/05/08 19:45:14 pfsense system Info mpd [pt0] device is now in state DOWN
    10.6.30.254 04/05/08 19:45:22 04/05/08 19:45:16 pfsense system Info mpd [pt0] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:45:22 04/05/08 19:45:16 pfsense system Info mpd [pt0] pptp originate option is not enabled
    10.6.30.254 04/05/08 19:45:22 04/05/08 19:45:16 pfsense system Info mpd [pt0] device is now in state OPENING
    10.6.30.254 04/05/08 19:45:22 04/05/08 19:45:16 pfsense system Info mpd [pt0] device: DOWN event in state OPENING
    10.6.30.254 04/05/08 19:45:22 04/05/08 19:45:16 pfsense system Info mpd [pt0] device is now in state DOWN
    10.6.30.254 04/05/08 19:45:22 04/05/08 19:45:16 pfsense system Info mpd [pt0] link: DOWN event
    10.6.30.254 04/05/08 19:45:22 04/05/08 19:45:16 pfsense system Info mpd [pt0] LCP: Down event
    10.6.30.254 04/05/08 19:45:22 04/05/08 19:45:16 pfsense system Info mpd [pt0] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:45:22 04/05/08 19:45:16 pfsense system Info mpd [pt0] pausing 9 seconds before open
    10.6.30.254 04/05/08 19:45:22 04/05/08 19:45:16 pfsense system Info mpd [pt0] device is now in state DOWN
    10.6.30.254 04/05/08 19:45:31 04/05/08 19:45:25 pfsense system Info mpd [pt0] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:45:31 04/05/08 19:45:25 pfsense system Info mpd [pt0] pptp originate option is not enabled
    10.6.30.254 04/05/08 19:45:31 04/05/08 19:45:25 pfsense system Info mpd [pt0] device is now in state OPENING
    10.6.30.254 04/05/08 19:45:31 04/05/08 19:45:25 pfsense system Info mpd [pt0] device: DOWN event in state OPENING
    10.6.30.254 04/05/08 19:45:31 04/05/08 19:45:25 pfsense system Info mpd [pt0] device is now in state DOWN
    10.6.30.254 04/05/08 19:45:31 04/05/08 19:45:25 pfsense system Info mpd [pt0] link: DOWN event
    10.6.30.254 04/05/08 19:45:31 04/05/08 19:45:25 pfsense system Info mpd [pt0] LCP: Down event
    10.6.30.254 04/05/08 19:45:31 04/05/08 19:45:25 pfsense system Info mpd [pt0] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:45:31 04/05/08 19:45:25 pfsense system Info mpd [pt0] pausing 9 seconds before open
    10.6.30.254 04/05/08 19:45:31 04/05/08 19:45:25 pfsense system Info mpd [pt0] device is now in state DOWN
    10.6.30.254 04/05/08 19:45:40 04/05/08 19:45:34 pfsense system Info mpd [pt0] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:45:40 04/05/08 19:45:34 pfsense system Info mpd [pt0] pptp originate option is not enabled
    10.6.30.254 04/05/08 19:45:40 04/05/08 19:45:34 pfsense system Info mpd [pt0] device is now in state OPENING
    10.6.30.254 04/05/08 19:45:40 04/05/08 19:45:34 pfsense system Info mpd [pt0] device: DOWN event in state OPENING
    10.6.30.254 04/05/08 19:45:40 04/05/08 19:45:34 pfsense system Info mpd [pt0] device is now in state DOWN
    10.6.30.254 04/05/08 19:45:40 04/05/08 19:45:34 pfsense system Info mpd [pt0] link: DOWN event
    10.6.30.254 04/05/08 19:45:40 04/05/08 19:45:34 pfsense system Info mpd [pt0] LCP: Down event
    10.6.30.254 04/05/08 19:45:40 04/05/08 19:45:34 pfsense system Info mpd [pt0] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:45:40 04/05/08 19:45:34 pfsense system Info mpd [pt0] pausing 9 seconds before open
    10.6.30.254 04/05/08 19:45:40 04/05/08 19:45:34 pfsense system Info mpd [pt0] device is now in state DOWN
    10.6.30.254 04/05/08 19:45:49 04/05/08 19:45:43 pfsense system Info mpd [pt0] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:45:49 04/05/08 19:45:43 pfsense system Info mpd [pt0] pptp originate option is not enabled
    10.6.30.254 04/05/08 19:45:49 04/05/08 19:45:43 pfsense system Info mpd [pt0] device is now in state OPENING
    10.6.30.254 04/05/08 19:45:49 04/05/08 19:45:43 pfsense system Info mpd [pt0] device: DOWN event in state OPENING
    10.6.30.254 04/05/08 19:45:49 04/05/08 19:45:43 pfsense system Info mpd [pt0] device is now in state DOWN
    10.6.30.254 04/05/08 19:45:49 04/05/08 19:45:43 pfsense system Info mpd [pt0] link: DOWN event
    10.6.30.254 04/05/08 19:45:49 04/05/08 19:45:43 pfsense system Info mpd [pt0] LCP: Down event
    10.6.30.254 04/05/08 19:45:49 04/05/08 19:45:43 pfsense system Info mpd [pt0] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:45:49 04/05/08 19:45:43 pfsense system Info mpd [pt0] pausing 7 seconds before open
    10.6.30.254 04/05/08 19:45:49 04/05/08 19:45:43 pfsense system Info mpd [pt0] device is now in state DOWN
    10.6.30.254 04/05/08 19:47:06 04/05/08 19:47:04 system Info mpd mpd: pid 229, version 3.18 (root@freebsd6.geekgod.com 12:32  6-Jan-2008)
    10.6.30.254 04/05/08 19:47:07 04/05/08 19:47:05 secur/auth Error sshlockout[243] sshlockout starting up
    10.6.30.254 04/05/08 19:47:07 04/05/08 19:47:04 system Info mpd [pppoe] ppp node is "mpd229-pppoe"
    10.6.30.254 04/05/08 19:47:07 04/05/08 19:47:04 system Info mpd [pppoe] exec: /sbin/ifconfig fxp0 up
    10.6.30.254 04/05/08 19:47:07 04/05/08 19:47:04 system Info mpd [pppoe] using interface ng0
    10.6.30.254 04/05/08 19:47:07 04/05/08 19:47:04 system Info mpd [pppoe] IPCP: peer address cannot be zero
    10.6.30.254 04/05/08 19:47:07 04/05/08 19:47:04 system Info mpd [pppoe] IFACE: Open event
    10.6.30.254 04/05/08 19:47:07 04/05/08 19:47:04 system Info mpd [pppoe] IPCP: Open event
    10.6.30.254 04/05/08 19:47:07 04/05/08 19:47:04 system Info mpd [pppoe] IPCP: state change Initial –> Starting
    10.6.30.254 04/05/08 19:47:07 04/05/08 19:47:04 system Info mpd [pppoe] IPCP: LayerStart
    10.6.30.254 04/05/08 19:47:07 04/05/08 19:47:04 system Info mpd [pppoe] bundle: OPEN event in state CLOSED
    10.6.30.254 04/05/08 19:47:07 04/05/08 19:47:04 system Info mpd [pppoe] opening link "pppoe"…
    10.6.30.254 04/05/08 19:47:07 04/05/08 19:47:04 system Info mpd [pppoe] link: OPEN event
    10.6.30.254 04/05/08 19:47:07 04/05/08 19:47:04 system Info mpd [pppoe] LCP: Open event
    10.6.30.254 04/05/08 19:47:07 04/05/08 19:47:04 system Info mpd [pppoe] LCP: state change Initial –> Starting
    10.6.30.254 04/05/08 19:47:07 04/05/08 19:47:04 system Info mpd [pppoe] LCP: LayerStart
    10.6.30.254 04/05/08 19:47:07 04/05/08 19:47:04 system Info mpd [pppoe] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:47:07 04/05/08 19:47:04 system Info mpd [pppoe] device is now in state OPENING
    10.6.30.254 04/05/08 19:47:07 04/05/08 19:47:04 system Info mpd [pppoe] rec'd ACNAME "far-br1"
    10.6.30.254 04/05/08 19:47:07 04/05/08 19:47:04 secur/auth Info sshd[242] Server listening on :: port 22.
    10.6.30.254 04/05/08 19:47:07 04/05/08 19:47:04 secur/auth Info sshd[242] Server listening on 0.0.0.0 port 22.
    10.6.30.254 04/05/08 19:47:16 04/05/08 19:47:13 system Info mpd [pppoe] PPPoE connection timeout after 9 seconds
    10.6.30.254 04/05/08 19:47:16 04/05/08 19:47:13 system Info mpd [pppoe] device: DOWN event in state OPENING
    10.6.30.254 04/05/08 19:47:16 04/05/08 19:47:13 system Info mpd [pppoe] device is now in state DOWN
    10.6.30.254 04/05/08 19:47:16 04/05/08 19:47:13 system Info mpd [pppoe] link: DOWN event
    10.6.30.254 04/05/08 19:47:16 04/05/08 19:47:13 system Info mpd [pppoe] LCP: Down event
    10.6.30.254 04/05/08 19:47:16 04/05/08 19:47:13 system Info mpd [pppoe] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:47:16 04/05/08 19:47:13 system Info mpd [pppoe] pausing 4 seconds before open
    10.6.30.254 04/05/08 19:47:16 04/05/08 19:47:13 system Info mpd [pppoe] device is now in state DOWN
    10.6.30.254 04/05/08 19:47:20 04/05/08 19:47:17 system Info mpd [pppoe] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:47:20 04/05/08 19:47:17 system Info mpd [pppoe] pausing 2 seconds before open
    10.6.30.254 04/05/08 19:47:20 04/05/08 19:47:17 system Info mpd [pppoe] device is now in state DOWN
    10.6.30.254 04/05/08 19:47:22 04/05/08 19:47:19 system Info mpd [pppoe] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:47:22 04/05/08 19:47:19 system Info mpd [pppoe] device is now in state OPENING
    10.6.30.254 04/05/08 19:47:22 04/05/08 19:47:19 system Info mpd [pppoe] rec'd ACNAME "far-br1"
    10.6.30.254 04/05/08 19:47:31 04/05/08 19:47:28 system Info mpd [pppoe] PPPoE connection timeout after 9 seconds
    10.6.30.254 04/05/08 19:47:31 04/05/08 19:47:28 system Info mpd [pppoe] device: DOWN event in state OPENING
    10.6.30.254 04/05/08 19:47:31 04/05/08 19:47:28 system Info mpd [pppoe] device is now in state DOWN
    10.6.30.254 04/05/08 19:47:31 04/05/08 19:47:28 system Info mpd [pppoe] link: DOWN event
    10.6.30.254 04/05/08 19:47:31 04/05/08 19:47:28 system Info mpd [pppoe] LCP: Down event
    10.6.30.254 04/05/08 19:47:31 04/05/08 19:47:28 system Info mpd [pppoe] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:47:31 04/05/08 19:47:28 system Info mpd [pppoe] pausing 6 seconds before open
    10.6.30.254 04/05/08 19:47:31 04/05/08 19:47:28 system Info mpd [pppoe] device is now in state DOWN
    10.6.30.254 04/05/08 19:47:37 04/05/08 19:47:34 system Info mpd [pppoe] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:47:37 04/05/08 19:47:34 system Info mpd [pppoe] device is now in state OPENING
    10.6.30.254 04/05/08 19:47:37 04/05/08 19:47:34 system Info mpd [pppoe] rec'd ACNAME "far-br1"
    10.6.30.254 04/05/08 19:47:46 04/05/08 19:47:43 system Info mpd [pppoe] PPPoE connection timeout after 9 seconds
    10.6.30.254 04/05/08 19:47:46 04/05/08 19:47:43 system Info mpd [pppoe] device: DOWN event in state OPENING
    10.6.30.254 04/05/08 19:47:46 04/05/08 19:47:43 system Info mpd [pppoe] device is now in state DOWN
    10.6.30.254 04/05/08 19:47:46 04/05/08 19:47:43 system Info mpd [pppoe] link: DOWN event
    10.6.30.254 04/05/08 19:47:46 04/05/08 19:47:43 system Info mpd [pppoe] LCP: Down event
    10.6.30.254 04/05/08 19:47:46 04/05/08 19:47:43 system Info mpd [pppoe] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:47:46 04/05/08 19:47:43 system Info mpd [pppoe] pausing 4 seconds before open
    10.6.30.254 04/05/08 19:47:46 04/05/08 19:47:43 system Info mpd [pppoe] device is now in state DOWN
    10.6.30.254 04/05/08 19:47:47 04/05/08 19:47:45 local 0 Info pf tcpdump: WARNING: pflog0: no IPv4 address assigned
    10.6.30.254 04/05/08 19:47:47 04/05/08 19:47:45 local 0 Info pf tcpdump: listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size 96 bytes
    10.6.30.254 04/05/08 19:47:50 04/05/08 19:47:47 system Warning openvpn[349] Use –help for more information.
    10.6.30.254 04/05/08 19:47:50 04/05/08 19:47:47 system Error openvpn[349] Options error: Unrecognized option or missing parameter(s) in /var/etc/openvpn_server0.conf:14: lport (2.0.6)
    10.6.30.254 04/05/08 19:47:50 04/05/08 19:47:47 system Info mpd [pppoe] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:47:50 04/05/08 19:47:47 system Info mpd [pppoe] pausing 2 seconds before open
    10.6.30.254 04/05/08 19:47:50 04/05/08 19:47:47 system Info mpd [pppoe] device is now in state DOWN
    10.6.30.254 04/05/08 19:47:51 04/05/08 19:47:49 system Warning openvpn[353] Use –help for more information.
    10.6.30.254 04/05/08 19:47:51 04/05/08 19:47:49 system Error openvpn[353] Options error: Unrecognized option or missing parameter(s) in /var/etc/openvpn_client0.conf:14: remote (2.0.6)
    10.6.30.254 04/05/08 19:47:52 04/05/08 19:47:49 system Info mpd [pppoe] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:47:52 04/05/08 19:47:49 system Info mpd [pppoe] device is now in state OPENING
    10.6.30.254 04/05/08 19:47:52 04/05/08 19:47:49 system Info mpd [pppoe] rec'd ACNAME "far-br1"
    10.6.30.254 04/05/08 19:48:00 04/05/08 19:47:58 system Notice snort2c[520] snort2c running in daemon mode pid: 520
    10.6.30.254 04/05/08 19:48:01 04/05/08 19:47:58 system Notice pftpx[530] listening on 127.0.0.1 port 8021
    10.6.30.254 04/05/08 19:48:01 04/05/08 19:47:58 system Notice pftpx[538] listening on 127.0.0.1 port 8022
    10.6.30.254 04/05/08 19:48:01 04/05/08 19:47:58 system Info mpd [pppoe] PPPoE connection timeout after 9 seconds
    10.6.30.254 04/05/08 19:48:01 04/05/08 19:47:58 system Info mpd [pppoe] device: DOWN event in state OPENING
    10.6.30.254 04/05/08 19:48:01 04/05/08 19:47:58 system Info mpd [pppoe] device is now in state DOWN
    10.6.30.254 04/05/08 19:48:01 04/05/08 19:47:58 system Info mpd [pppoe] link: DOWN event
    10.6.30.254 04/05/08 19:48:01 04/05/08 19:47:58 system Info mpd [pppoe] LCP: Down event
    10.6.30.254 04/05/08 19:48:01 04/05/08 19:47:58 system Info mpd [pppoe] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:48:01 04/05/08 19:47:58 system Info mpd [pppoe] pausing 4 seconds before open
    10.6.30.254 04/05/08 19:48:01 04/05/08 19:47:58 system Info mpd [pppoe] device is now in state DOWN
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:01 system Info dhcpd Internet Systems Consortium DHCP Server V3.0.5
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:01 system Info dhcpd Copyright 2004-2006 Internet Systems Consortium.
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:01 system Info dhcpd All rights reserved.
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:01 system Info dhcpd For info, please visit http://www.isc.org/sw/dhcp/
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 local 7 Info dhcpd Internet Systems Consortium DHCP Server V3.0.5
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 local 7 Info dhcpd Copyright 2004-2006 Internet Systems Consortium.
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 local 7 Info dhcpd All rights reserved.
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 local 7 Info dhcpd For info, please visit http://www.isc.org/sw/dhcp/
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 local 7 Info dhcpd Wrote 0 deleted host decls to leases file.
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 local 7 Info dhcpd Wrote 0 new dynamic host decls to leases file.
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 local 7 Info dhcpd Wrote 10 leases to leases file.
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 local 7 Info dhcpd Listening on BPF/fxp1/00:d0:b7:81:7c:75/10.6.30/24
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 local 7 Info dhcpd Sending on  BPF/fxp1/00:d0:b7:81:7c:75/10.6.30/24
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 local 7 Info dhcpd Sending on  Socket/fallback/fallback-net
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info dnsmasq[626] started, version 2.39 cachesize 150
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info dnsmasq[626] compile time options: IPv6 GNU-getopt ISC-leasefile no-DBus no-I18N TFTP
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info dnsmasq[626] reading /var/dhcpd/var/db/dhcpd.leases
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info dnsmasq[626] reading /etc/resolv.conf
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info dnsmasq[626] using nameserver 208.67.222.222#53
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info dnsmasq[626] using nameserver 208.67.220.220#53
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info dnsmasq[626] read /etc/hosts - 2 addresses
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info mpd mpd: pid 639, version 3.18 (root@freebsd6.geekgod.com 12:32  6-Jan-2008)
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info mpd [pt0] ppp node is "mpd639-pt0"
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info mpd mpd: local IP address for PPTP is 0.0.0.0
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info mpd [pt0] using interface ng1
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info mpd [pt1] ppp node is "mpd639-pt1"
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info mpd [pt1] using interface ng2
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info mpd [pt2] ppp node is "mpd639-pt2"
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info mpd [pt2] using interface ng3
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info mpd [pt3] ppp node is "mpd639-pt3"
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info mpd [pt3] using interface ng4
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info mpd [pt4] ppp node is "mpd639-pt4"
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info mpd [pt4] using interface ng5
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info mpd [pt5] ppp node is "mpd639-pt5"
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info mpd [pt5] using interface ng6
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info mpd [pt6] ppp node is "mpd639-pt6"
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info mpd [pt6] using interface ng7
    10.6.30.254 04/05/08 19:48:04 04/05/08 19:48:02 system Info mpd [pt7] ppp node is "mpd639-pt7"
    10.6.30.254 04/05/08 19:48:05 04/05/08 19:48:02 system Info mpd [pt7] using interface ng8
    10.6.30.254 04/05/08 19:48:05 04/05/08 19:48:02 system Info mpd [pt8] ppp node is "mpd639-pt8"
    10.6.30.254 04/05/08 19:48:05 04/05/08 19:48:02 system Info mpd [pt8] using interface ng9
    10.6.30.254 04/05/08 19:48:05 04/05/08 19:48:02 system Info mpd [pt9] ppp node is "mpd639-pt9"
    10.6.30.254 04/05/08 19:48:05 04/05/08 19:48:02 system Info mpd [pt9] using interface ng10
    10.6.30.254 04/05/08 19:48:05 04/05/08 19:48:02 system Info mpd [pt10] ppp node is "mpd639-pt10"
    10.6.30.254 04/05/08 19:48:05 04/05/08 19:48:02 system Info mpd [pt10] using interface ng11
    10.6.30.254 04/05/08 19:48:05 04/05/08 19:48:02 system Info mpd [pt11] ppp node is "mpd639-pt11"
    10.6.30.254 04/05/08 19:48:05 04/05/08 19:48:02 system Info mpd [pt11] using interface ng12
    10.6.30.254 04/05/08 19:48:05 04/05/08 19:48:02 system Info mpd [pt12] ppp node is "mpd639-pt12"
    10.6.30.254 04/05/08 19:48:05 04/05/08 19:48:02 system Info mpd [pt12] using interface ng13
    10.6.30.254 04/05/08 19:48:05 04/05/08 19:48:02 system Info mpd [pt13] ppp node is "mpd639-pt13"
    10.6.30.254 04/05/08 19:48:05 04/05/08 19:48:02 system Info mpd [pt13] using interface ng14
    10.6.30.254 04/05/08 19:48:05 04/05/08 19:48:02 system Info mpd [pt14] ppp node is "mpd639-pt14"
    10.6.30.254 04/05/08 19:48:05 04/05/08 19:48:02 system Info mpd [pt14] using interface ng15
    10.6.30.254 04/05/08 19:48:05 04/05/08 19:48:02 system Info mpd [pt15] ppp node is "mpd639-pt15"
    10.6.30.254 04/05/08 19:48:05 04/05/08 19:48:02 system Info mpd [pt15] using interface ng16
    10.6.30.254 04/05/08 19:48:05 04/05/08 19:48:02 system Info mpd [pppoe] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:48:05 04/05/08 19:48:02 system Info mpd [pppoe] pausing 1 seconds before open
    10.6.30.254 04/05/08 19:48:05 04/05/08 19:48:02 system Info mpd [pppoe] device is now in state DOWN
    10.6.30.254 04/05/08 19:48:06 04/05/08 19:48:03 system Info mpd [pppoe] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:48:06 04/05/08 19:48:03 system Info mpd [pppoe] device is now in state OPENING
    10.6.30.254 04/05/08 19:48:06 04/05/08 19:48:03 system Info mpd [pppoe] rec'd ACNAME "far-br1"
    10.6.30.254 04/05/08 19:48:10 04/05/08 19:48:08 system Info dhcpd Internet Systems Consortium DHCP Server V3.0.5
    10.6.30.254 04/05/08 19:48:10 04/05/08 19:48:08 system Info dhcpd Copyright 2004-2006 Internet Systems Consortium.
    10.6.30.254 04/05/08 19:48:10 04/05/08 19:48:08 system Info dhcpd All rights reserved.
    10.6.30.254 04/05/08 19:48:10 04/05/08 19:48:08 system Info dhcpd For info, please visit http://www.isc.org/sw/dhcp/
    10.6.30.254 04/05/08 19:48:10 04/05/08 19:48:08 local 7 Info dhcpd Internet Systems Consortium DHCP Server V3.0.5
    10.6.30.254 04/05/08 19:48:10 04/05/08 19:48:08 local 7 Info dhcpd Copyright 2004-2006 Internet Systems Consortium.
    10.6.30.254 04/05/08 19:48:10 04/05/08 19:48:08 local 7 Info dhcpd All rights reserved.
    10.6.30.254 04/05/08 19:48:10 04/05/08 19:48:08 local 7 Info dhcpd For info, please visit http://www.isc.org/sw/dhcp/
    10.6.30.254 04/05/08 19:48:10 04/05/08 19:48:08 local 7 Info dhcpd Wrote 0 deleted host decls to leases file.
    10.6.30.254 04/05/08 19:48:10 04/05/08 19:48:08 local 7 Info dhcpd Wrote 0 new dynamic host decls to leases file.
    10.6.30.254 04/05/08 19:48:10 04/05/08 19:48:08 local 7 Info dhcpd Wrote 10 leases to leases file.
    10.6.30.254 04/05/08 19:48:10 04/05/08 19:48:08 local 7 Info dhcpd Listening on BPF/fxp1/00:d0:b7:81:7c:75/10.6.30/24
    10.6.30.254 04/05/08 19:48:10 04/05/08 19:48:08 local 7 Info dhcpd Sending on  BPF/fxp1/00:d0:b7:81:7c:75/10.6.30/24
    10.6.30.254 04/05/08 19:48:10 04/05/08 19:48:08 local 7 Info dhcpd Sending on  Socket/fallback/fallback-net
    10.6.30.254 04/05/08 19:48:11 04/05/08 19:48:08 system Error routed[934] possible netmask problem between rl0:10.6.0.0/17 and fxp1:10.6.30.0/24
    10.6.30.254 04/05/08 19:48:11 04/05/08 19:48:08 system Error routed[934] Send mcast sendto(rl0, 224.0.0.9.520): Network is unreachable
    10.6.30.254 04/05/08 19:48:11 04/05/08 19:48:08 system Error routed[934] Send mcast sendto(fxp1, 224.0.0.9.520): Network is unreachable
    10.6.30.254 04/05/08 19:48:11 04/05/08 19:48:09 local 0 Info pf 000000 rule 448/unkn(8): pass out on fxp1: (tos 0x0, ttl  1, id 5839, offset 0, flags [none], proto: IGMP (2), length: 32, options ( RA (148) len 4 )) 10.6.30.254 > 224.0.0.9: igmp v2 report 224.0.0.9
    10.6.30.254 04/05/08 19:48:11 04/05/08 19:48:09 local 0 Info pf 001638 rule 449/unkn(8): pass out on rl0: (tos 0x0, ttl  1, id 52372, offset 0, flags [none], proto: IGMP (2), length: 32, options ( RA (148) len 4 )) 10.6.35.254 > 224.0.0.9: igmp v2 report 224.0.0.9
    10.6.30.254 04/05/08 19:48:11 04/05/08 19:48:09 local 0 Info pf 000319 rule 449/unkn(8): pass out on rl0: (tos 0x0, ttl  1, id 60666, offset 0, flags [none], proto: IGMP (2), length: 32, options ( RA (148) len 4 )) 10.6.35.254 > 224.0.0.2: igmp v2 report 224.0.0.2
    10.6.30.254 04/05/08 19:48:11 04/05/08 19:48:09 local 0 Info pf 000173 rule 448/unkn(8): pass out on fxp1: (tos 0x0, ttl  1, id 32222, offset 0, flags [none], proto: IGMP (2), length: 32, options ( RA (148) len 4 )) 10.6.30.254 > 224.0.0.2: igmp v2 report 224.0.0.2
    10.6.30.254 04/05/08 19:48:11 04/05/08 19:48:09 local 0 Info pf 716251 rule 448/unkn(8): pass out on fxp1: (tos 0x0, ttl  1, id 29876, offset 0, flags [none], proto: IGMP (2), length: 32, options ( RA (148) len 4 )) 10.6.30.254 > 224.0.0.9: igmp v2 report 224.0.0.9
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd [pppoe] PPPoE connection successful
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd [pppoe] device: UP event in state OPENING
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd [pppoe] device is now in state UP
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd [pppoe] link: UP event
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd [pppoe] link: origination is local
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd [pppoe] LCP: Up event
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd [pppoe] LCP: state change Starting –> Req-Sent
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd [pppoe] LCP: phase shift DEAD –> ESTABLISH
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd [pppoe] LCP: SendConfigReq #1
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd MRU 1492
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd MAGICNUM bd4093e9
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd [pppoe] LCP: rec'd Configure Request #153 link 0 (Req-Sent)
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd MRU 1492
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd AUTHPROTO PAP
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd MAGICNUM 3283f015
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd [pppoe] LCP: SendConfigAck #153
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd MRU 1492
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd AUTHPROTO PAP
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd MAGICNUM 3283f015
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd [pppoe] LCP: state change Req-Sent –> Ack-Sent
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd [pppoe] LCP: rec'd Configure Ack #1 link 0 (Ack-Sent)
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd MRU 1492
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd MAGICNUM bd4093e9
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd [pppoe] LCP: state change Ack-Sent –> Opened
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd [pppoe] LCP: phase shift ESTABLISH –> AUTHENTICATE
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd [pppoe] LCP: auth: peer wants PAP, I want nothing
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd [pppoe] PAP: using authname ""
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd mpd: empty auth name
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd Warning: no secret for "" found
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd [pppoe] PAP: sending REQUEST
    10.6.30.254 04/05/08 19:48:12 04/05/08 19:48:09 system Info mpd [pppoe] LCP: LayerUp
    10.6.30.254 04/05/08 19:48:14 04/05/08 19:48:11 system Info mpd [pppoe] PAP: using authname ""
    10.6.30.254 04/05/08 19:48:14 04/05/08 19:48:11 system Info mpd mpd: empty auth name
    10.6.30.254 04/05/08 19:48:14 04/05/08 19:48:11 system Info mpd Warning: no secret for "" found
    10.6.30.254 04/05/08 19:48:14 04/05/08 19:48:11 system Info mpd [pppoe] PAP: sending REQUEST
    10.6.30.254 04/05/08 19:48:14 04/05/08 19:48:12 local 0 Info pf 2. 999542 rule 448/unkn(8): pass out on fxp1: (tos 0x0, ttl  1, id 16795, offset 0, flags [none], proto: IGMP (2), length: 32, options ( RA (148) len 4 )) 10.6.30.254 > 224.0.0.2: igmp v2 report 224.0.0.2
    10.6.30.254 04/05/08 19:48:15 04/05/08 19:48:12 system Info dnsmasq[626] reading /var/dhcpd/var/db/dhcpd.leases
    10.6.30.254 04/05/08 19:48:15 04/05/08 19:48:13 local 0 Info pf 199981 rule 449/unkn(8): pass out on rl0: (tos 0x0, ttl  1, id 12970, offset 0, flags [none], proto: IGMP (2), length: 32, options ( RA (148) len 4 )) 10.6.35.254 > 224.0.0.9: igmp v2 report 224.0.0.9
    10.6.30.254 04/05/08 19:48:15 04/05/08 19:48:13 local 0 Info pf 200003 rule 449/unkn(8): pass out on rl0: (tos 0x0, ttl  1, id 9978, offset 0, flags [none], proto: IGMP (2), length: 32, options ( RA (148) len 4 )) 10.6.35.254 > 224.0.0.2: igmp v2 report 224.0.0.2
    10.6.30.254 04/05/08 19:48:16 04/05/08 19:48:13 system Info mpd [pppoe] PAP: using authname ""
    10.6.30.254 04/05/08 19:48:16 04/05/08 19:48:13 system Info mpd mpd: empty auth name
    10.6.30.254 04/05/08 19:48:16 04/05/08 19:48:13 system Info mpd Warning: no secret for "" found
    10.6.30.254 04/05/08 19:48:16 04/05/08 19:48:13 system Info mpd [pppoe] PAP: sending REQUEST
    10.6.30.254 04/05/08 19:48:28 04/05/08 19:48:25 system Error snort2c[520] SIGTERM received - exiting
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Var 'fxp1_ADDRESS' defined, value len = 23 chars
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] , value = 10.6.30.0/255.255.255.0
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Var 'lo0_ADDRESS' defined, value len = 19 chars
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] , value = 127.0.0.0/255.0.0.0
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Parsing Rules file /usr/local/etc/snort/snort.conf
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Var 'AIM_SERVERS' defined, value len = 132 chars
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074]
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] [64.12.24.0/24,64.12.25.0/24,64.12.26.14/24,64.12.28.0/24,64.12.29.0/24,64.12.161.0/24,64.12.163.0/24,205.188.5.0/24,205.188.9.0
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] /24]
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Var 'HTTP_PORTS' defined, value len = 2 chars
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] , value = 80
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Var 'SHELLCODE_PORTS' defined, value len = 3 chars
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] , value = !80
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Var 'ORACLE_PORTS' defined, value len = 4 chars
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] , value = 1521
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Var 'HOME_NET' defined, value len = 54 chars
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] , value = [10.6.30.0/24,208.67.220.220,208.67.222.222,127.0.0.1]
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Var 'TELNET_SERVERS' defined, value len = 54 chars
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] , value = [10.6.30.0/24,208.67.220.220,208.67.222.222,127.0.0.1]
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Var 'SQL_SERVERS' defined, value len = 54 chars
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Error snort[1074] command line overrides rules file alert plugin!
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] , value = [10.6.30.0/24,208.67.220.220,208.67.222.222,127.0.0.1]
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Error snort[1074] command line overrides rules file alert plugin!
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Var 'HTTP_SERVERS' defined, value len = 54 chars
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] , value = [10.6.30.0/24,208.67.220.220,208.67.222.222,127.0.0.1]
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Var 'SMTP_SERVERS' defined, value len = 54 chars
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] , value = [10.6.30.0/24,208.67.220.220,208.67.222.222,127.0.0.1]
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Var 'DNS_SERVERS' defined, value len = 54 chars
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] , value = [10.6.30.0/24,208.67.220.220,208.67.222.222,127.0.0.1]
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Var 'EXTERNAL_NET' defined, value len = 55 chars
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] , value = ![10.6.30.0/24,208.67.220.220,208.67.222.222,127.0.0.1]
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Var 'SSH_PORTS' defined, value len = 2 chars
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] , value = 22
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Var 'RULE_PATH' defined, value len = 26 chars
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] , value = /usr/local/etc/snort/rules
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Detection:
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Search-Method = Low-Mem
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] ,–---------[Flow Config]–--------------------
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] | Stats Interval:  0
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] | Hash Method:    2
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] | Memcap:          10485760
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] | Rows  :          4099
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] | Overhead Bytes:  16400(%0.16)
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] `–--------------------------------------------
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Frag3 global config:
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Max frags: 8192
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Fragment memory cap: 4194304 bytes
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Frag3 engine config:
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Target-based policy: BSD
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Fragment timeout: 60 seconds
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Fragment min_ttl:  1
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Fragment ttl_limit: 5
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Fragment Problems: 0
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Frag3 engine config:
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Target-based policy: LAST
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Fragment timeout: 60 seconds
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Fragment min_ttl:  1
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Fragment ttl_limit: 5
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Fragment Problems: 1
    10.6.30.254 04/05/08 19:48:31 04/05/08 19:48:29 system Notice snort[1074] Bound Addresses: 0.0.0.0/0.0.0.0
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Stream5 global config:
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Track TCP sessions: ACTIVE
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Max TCP sessions: 8192
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Memcap (for reassembly packet storage): 8388608
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Track UDP sessions: ACTIVE
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Max UDP sessions: 131072
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Track ICMP sessions: ACTIVE
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Max ICMP sessions: 65536
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Stream5 TCP Policy config:
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Reassembly Policy: BSD
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Timeout: 30 seconds
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Min ttl:  1
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Options:
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Static Flushpoint Sizes: YES
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Reassembly Ports:
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 0 client (Footprint) server (Footprint)
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 1 client (Footprint) server (Footprint)
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 2 client (Footprint) server (Footprint)
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 3 client (Footprint) server (Footprint)
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 4 client (Footprint) server (Footprint)
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 5 client (Footprint) server (Footprint)
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 6 client (Footprint) server (Footprint)
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 7 client (Footprint) server (Footprint)
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 8 client (Footprint) server (Footprint)
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 9 client (Footprint) server (Footprint)
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 10 client (Footprint) server (Footprint)
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 11 client (Footprint) server (Footprint)
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 12 client (Footprint) server (Footprint)
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 13 client (Footprint) server (Footprint)
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 14 client (Footprint) server (Footprint)
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 15 client (Footprint) server (Footprint)
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 16 client (Footprint) server (Footprint)
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 17 client (Footprint) server (Footprint)
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 18 client (Footprint) server (Footprint)
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 19 client (Footprint) server (Footprint)
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Bound Addresses:0.0.0.0/0.0.0.0
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Stream5 UDP Policy config:
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Timeout: 30 seconds
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Stream5 ICMP Policy config:
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Timeout: 30 seconds
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] HttpInspect Config:
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] GLOBAL CONFIG
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Max Pipeline Requests:    0
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Inspection Type:          STATELESS
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Detect Proxy Usage:      NO
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] IIS Unicode Map Filename: /usr/local/etc/snort/unicode.map
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] IIS Unicode Map Codepage: 1252
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] DEFAULT SERVER CONFIG:
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Server profile: All
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Ports: 80 3128 8080
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Flow Depth: 0
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Max Chunk Length: 500000
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Inspect Pipeline Requests: YES
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] URI Discovery Strict Mode: NO
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Allow Proxy Usage: NO
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Disable Alerting: YES
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Oversize Dir Length: 0
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Only inspect URI: NO
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Ascii: YES alert: NO
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Double Decoding: YES alert: YES
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] %U Encoding: YES alert: YES
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Bare Byte: YES alert: YES
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Base36: OFF
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] UTF 8: YES alert: NO
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] IIS Unicode: YES alert: YES
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Multiple Slash: YES alert: NO
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] IIS Backslash: YES alert: NO
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Directory Traversal: YES alert: NO
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Web Root Traversal: YES alert: YES
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Apache WhiteSpace: YES alert: YES
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] IIS Delimiter: YES alert: YES
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] IIS Unicode Map: GLOBAL IIS UNICODE MAP CONFIG
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Non-RFC Compliant Characters: 0x00
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Whitespace Characters: 0x09 0x0b 0x0c 0x0d
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] rpc_decode arguments:
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Ports to decode RPC on: 111 32771
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] alert_fragments: INACTIVE
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] alert_large_fragments: ACTIVE
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] alert_incomplete: ACTIVE
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] alert_multiple_requests: ACTIVE
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Portscan Detection Config:
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Detect Protocols:  TCP UDP ICMP IP
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Detect Scan Type:  portscan portsweep decoy_portscan distributed_portscan
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Sensitivity Level: Low
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Memcap (in bytes): 1048576
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Number of Nodes:  3869
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] Ignore Scanner IP List:
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 10.6.30.0 / 255.255.255.0
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074]
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 208.67.220.220 / 255.255.255.255
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074]
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 208.67.222.222 / 255.255.255.255
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074]
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074] 127.0.0.1 / 255.255.255.255
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074]
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Notice snort[1074]
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Info mpd [pppoe] LCP: authorization timer expired
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Info mpd [pppoe] LCP: authorization failed
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Info mpd [pppoe] device: CLOSE event in state UP
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Info mpd [pppoe] device is now in state CLOSING
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Info mpd [pppoe] device: DOWN event in state CLOSING
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Info mpd [pppoe] device is now in state DOWN
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Info mpd [pppoe] error writing len 12 frame to bypass: Network is down
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Info mpd [pppoe] link: DOWN event
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Info mpd [pppoe] LCP: Down event
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Info mpd [pppoe] LCP: state change Opened –> Starting
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Info mpd [pppoe] LCP: phase shift AUTHENTICATE –> DEAD
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Info mpd [pppoe] LCP: LayerDown
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Info mpd [pppoe] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Info mpd [pppoe] pausing 4 seconds before open
    10.6.30.254 04/05/08 19:48:32 04/05/08 19:48:29 system Info mpd [pppoe] device is now in state DOWN
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Tagged Packet Limit: 256
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Loading all dynamic preprocessor libs from /usr/local/lib/snort/dynamicpreprocessor/…
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor//libsf_dcerpc_preproc.so…
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] done
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor//libsf_dns_preproc.so…
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] done
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor//libsf_ftptelnet_preproc.so…
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] done
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor//libsf_smtp_preproc.so…
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] done
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor//libsf_ssh_preproc.so…
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] done
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Finished Loading all dynamic preprocessor libs from /usr/local/lib/snort/dynamicpreprocessor/
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor/libsf_ftptelnet_preproc.so…
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] done
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor/libsf_smtp_preproc.so…
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] done
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] FTPTelnet Config:
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] GLOBAL CONFIG
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Inspection Type: stateless
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Check for Encrypted Traffic: OFF
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Continue to check encrypted data: NO
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] FTP CONFIG:
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] FTP Server: default
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Ports: 21
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Check for Telnet Cmds: OFF
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Identify open data channels: NO
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] FTP Client: default
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Check for Bounce Attacks: OFF
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Check for Telnet Cmds: OFF
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Max Response Length: 100
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] SMTP Config:
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Ports:
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] 25
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074]
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Inspection Type:            STATEFUL
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Normalize Spaces:          YES
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Ignore Data:                NO
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Ignore TLS Data:            NO
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Ignore Alerts:              NO
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Max Command Length:        0
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Max Header Line Length:    0
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Max Response Line Length:  0
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] X-Link2State Alert:        YES
    10.6.30.254 04/05/08 19:48:33 04/05/08 19:48:30 system Notice snort[1074] Drop on X-Link2State Alert: NO
    10.6.30.254 04/05/08 19:48:34 04/05/08 19:48:31 system Error routed[934] Send mcast sendto(rl0, 224.0.0.9.520): Network is unreachable
    10.6.30.254 04/05/08 19:48:34 04/05/08 19:48:31 system Error routed[934] Send mcast sendto(fxp1, 224.0.0.9.520): Network is unreachable
    10.6.30.254 04/05/08 19:48:36 04/05/08 19:48:33 system Info mpd [pppoe] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:48:36 04/05/08 19:48:33 system Info mpd [pppoe] pausing 1 seconds before open
    10.6.30.254 04/05/08 19:48:36 04/05/08 19:48:33 system Info mpd [pppoe] device is now in state DOWN
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:34 system Info mpd [pppoe] device: OPEN event in state DOWN
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:34 system Info mpd [pppoe] device is now in state OPENING
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:34 system Info mpd [pppoe] rec'd ACNAME "far-br1"
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:34 system Info mpd [pppoe] PPPoE connection successful
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:34 system Info mpd [pppoe] device: UP event in state OPENING
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:34 system Info mpd [pppoe] device is now in state UP
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:34 system Info mpd [pppoe] link: UP event
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:34 system Info mpd [pppoe] link: origination is local
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:34 system Info mpd [pppoe] LCP: Up event
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:34 system Info mpd [pppoe] LCP: state change Starting –> Req-Sent
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:34 system Info mpd [pppoe] LCP: phase shift DEAD –> ESTABLISH
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:34 system Info mpd [pppoe] LCP: SendConfigReq #2
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:34 system Info mpd MRU 1492
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:34 system Info mpd MAGICNUM ba7fe929
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:35 system Info mpd [pppoe] LCP: rec'd Configure Request #202 link 0 (Req-Sent)
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:35 system Info mpd MRU 1492
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:35 system Info mpd AUTHPROTO PAP
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:35 system Info mpd MAGICNUM 4d0c018b
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:35 system Info mpd [pppoe] LCP: SendConfigAck #202
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:35 system Info mpd MRU 1492
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:35 system Info mpd AUTHPROTO PAP
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:35 system Info mpd MAGICNUM 4d0c018b
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:35 system Info mpd [pppoe] LCP: state change Req-Sent –> Ack-Sent
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:35 system Info mpd [pppoe] LCP: rec'd Configure Ack #2 link 0 (Ack-Sent)
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:35 system Info mpd MRU 1492
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:35 system Info mpd MAGICNUM ba7fe929
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:35 system Info mpd [pppoe] LCP: state change Ack-Sent –> Opened
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:35 system Info mpd [pppoe] LCP: phase shift ESTABLISH –> AUTHENTICATE
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:35 system Info mpd [pppoe] LCP: auth: peer wants PAP, I want nothing
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:35 system Info mpd [pppoe] PAP: using authname ""
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:35 system Info mpd mpd: empty auth name
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:35 system Info mpd Warning: no secret for "" found
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:35 system Info mpd [pppoe] PAP: sending REQUEST
    10.6.30.254 04/05/08 19:48:37 04/05/08 19:48:35 system Info mpd [pppoe] LCP: LayerUp
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Error snort[1074] OpenPcap() device fxp0 network lookup:          fxp0: no IPv4 address assigned
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Error snort[1075] OpenPcap() device fxp0 network lookup:          fxp0: no IPv4 address assigned
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074]
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] +–---------------------[thresholding-config]–--------------------------------
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | memory-cap : 1048576 bytes
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] +–---------------------[thresholding-global]–--------------------------------
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | none
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] +–---------------------[thresholding-local]–---------------------------------
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=10183      type=Limit    tracking=src count=1  seconds=300
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=6128      type=Limit    tracking=src count=1  seconds=600
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=9839      type=Limit    tracking=src count=1  seconds=600
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=6223      type=Limit    tracking=src count=1  seconds=300
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=6489      type=Limit    tracking=src count=1  seconds=300
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=5990      type=Limit    tracking=src count=1  seconds=600
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=6336      type=Limit    tracking=src count=1  seconds=300
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=5835      type=Limit    tracking=src count=1  seconds=600
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=6241      type=Limit    tracking=src count=1  seconds=300
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=7646      type=Limit    tracking=src count=1  seconds=300
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=5978      type=Limit    tracking=src count=1  seconds=300
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=6324      type=Limit    tracking=src count=1  seconds=300
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=7547      type=Limit    tracking=src count=1  seconds=600
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=7535      type=Limit    tracking=src count=1  seconds=300
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=6122      type=Limit    tracking=src count=1  seconds=600
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=6271      type=Limit    tracking=src count=1  seconds=300
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=7142      type=Limit    tracking=src count=1  seconds=600
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=6176      type=Limit    tracking=src count=1  seconds=300
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=12693      type=Limit    tracking=src count=1  seconds=300
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=12485      type=Limit    tracking=src count=1  seconds=300
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=12679      type=Limit    tracking=src count=1  seconds=300
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=5945      type=Limit    tracking=src count=1  seconds=300
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=6483      type=Limit    tracking=src count=1  seconds=300
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=6365      type=Limit    tracking=src count=1  seconds=600
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=7732      type=Limit    tracking=src count=1  seconds=300
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=7739      type=Limit    tracking=src count=1  seconds=300
    10.6.30.254 04/05/08 19:48:39 04/05/08 19:48:36 system Notice snort[1074] | gen-id=1      sig-id=8073    &

  • Easier to Upload New Config File Most of the time

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    M

    Thanks hoba. I always keep a copy of the original "last known good" config file just in case I screw up the config file. Of course worst case scenario is a short truck roll, reinstall from scratch, upload last know good config, and we are back in business.

    I am really enjoying working with pfSense. Next project is going to be another NIC with auto-failover to our secondary WAN. If I can get that figured out properly, then it will be time to go redundant… Another pfSense box next to our existing gateway catching automatic backup of the existing, and CARP failover to it. I am sure I will have a question or two once I get into that, lol.

    You guys are doing a great job! I have recommended pfSense to quite a few other operators out there. Please keep up the support.

  • Messenger (msn) messages has an delay up to 30minuttes?

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • Quota Limit / Alarm on Certain Traffic

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    H

    You could use the captive portal with radius accounting for this. Other option is to use the bandwidthd package or something external that receives information from the pfflowd-package. Search the forum, this has actually been discussed a lot and solutions are around.

  • New installation

    Locked
    15
    0 Votes
    15 Posts
    4k Views
    K

    finally now it is working .  with this config :

    <pfsense><version>3.0</version>
      <lastchange><theme>nervecenter</theme> <system><optimization>normal</optimization>
      <hostname>pfSense</hostname>
      <domain>local</domain>
      <dnsallowoverride><username>admin</username>
      <password>$1$GCmX2tUH$tublAsTINLcuehl9l6AJ9.</password>
      <timezone>Etc/UTC</timezone>
      <time-update-interval>300</time-update-interval>
      <timeservers>0.pfsense.pool.ntp.org</timeservers> <webgui><protocol>http</protocol></webgui>
      <disablenatreflection>yes</disablenatreflection>
      <dnsserver>196.192.x.x</dnsserver>
      <dnsserver>213.200.xx.xx</dnsserver></dnsallowoverride></system> <interfaces>- <lan><if>rl0</if>
      <ipaddr>192.168.1.1</ipaddr>
      <subnet>24</subnet>
      <media><mediaopt><bandwidth>100</bandwidth>
      <bandwidthtype>Mb</bandwidthtype></mediaopt></media></lan> <wan><if>vr1</if>
      <mtu><media><mediaopt><bandwidth>100</bandwidth>
      <bandwidthtype>Mb</bandwidthtype>
      <spoofmac>00:1d:60:25:30:72</spoofmac>
      <disableftpproxy><ipaddr>172.30.x.86</ipaddr>
      <subnet>30</subnet>
      <gateway>172.30.x.85</gateway>
      <blockpriv>on</blockpriv>
      <dhcphostname></dhcphostname></disableftpproxy></mediaopt></media></mtu></wan> <opt1><if>vr0</if>
      <descr>OPT1</descr></opt1></interfaces>
      <staticroutes>- <pppoe><username><password></password></username></pppoe> <pptp><username><password><local></local></password></username></pptp> <bigpond><username><password><authserver><authdomain><minheartbeatinterval></minheartbeatinterval></authdomain></authserver></password></username></bigpond> <dyndns><type>dyndns</type>
      <username><password></password></username></dyndns> <dhcpd>- <lan><enable>- <range><from>192.168.1.10</from>
      <to>192.168.1.245</to></range></enable></lan></dhcpd> <pptpd><mode><redir><localip></localip></redir></mode></pptpd>
      <ovpn>- <dnsmasq><enable></enable></dnsmasq> <snmpd><syslocation><syscontact><rocommunity>public</rocommunity></syscontact></syslocation></snmpd> <diag>- <ipv6nat><ipaddr></ipaddr></ipv6nat></diag>
      <bridge><syslog>- <nat><ipsecpassthru>- <advancedoutbound>- <rule>- <source>
      <network>any</network>
     
      <sourceport><descr><target>196.192.xx.x</target>
      <interface>lan</interface> <destination><any></any></destination>
      <natport></natport></descr></sourceport></rule> <rule>- <source>
      <network>any</network>
     
      <sourceport><descr><target>196.192.xx.x</target>
      <interface>wan</interface> <destination><any></any></destination>
      <natport></natport></descr></sourceport></rule> <rule>- <source>
      <network>192.168.1.0/24</network>
     
      <sourceport><descr>Auto created rule for LAN</descr>
      <target><interface>wan</interface> <destination><any></any></destination>
      <natport></natport></target></sourceport></rule>
      <enable></enable></advancedoutbound></ipsecpassthru></nat> <filter>- <rule><type>pass</type>
      <interface>wan</interface>
      <max-src-nodes><max-src-states><statetimeout><statetype>keep state</statetype>
      <os><protocol>tcp</protocol> <source>
      <any>- <destination><any></any></destination></any></os></statetimeout></max-src-states></max-src-nodes></rule> <rule><type>pass</type>
      <descr>Default LAN -> any</descr>
      <interface>lan</interface> <source>
      <network>lan</network> <destination><any></any></destination></rule> <rule><type>pass</type>
      <interface>lan</interface>
      <max-src-nodes><max-src-states><statetimeout><statetype>keep state</statetype>
      <os><protocol>tcp</protocol> <source>
      <any>- <destination><any></any></destination></any></os></statetimeout></max-src-states></max-src-nodes></rule></filter>
      <shaper>- <ipsec><preferredoldsa></preferredoldsa></ipsec>
      <aliases><proxyarp>- <cron>- <minute>0</minute>
      <hour></hour>
      <mday></mday>
      <month></month>
      <wday></wday>
      <who>root</who>
      <command></command>/usr/bin/nice -n20 newsyslog <minute>1,31</minute>
      <hour>0-5</hour>
      <mday></mday>
      <month></month>
      <wday>*</wday>
      <who>root</who>
      <command></command>/usr/bin/nice -n20 adjkerntz -a <minute>1</minute>
      <hour>3</hour>
      <mday>1</mday>
      <month></month>
      <wday></wday>
      <who>root</who>
      <command></command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh <minute>/60</minute>
      <hour></hour>
      <mday></mday>
      <month></month>
      <wday>*</wday>
      <who>root</who>
      <command></command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout <minute>1</minute>
      <hour>1</hour>
      <mday></mday>
      <month></month>
      <wday>*</wday>
      <who>root</who>
      <command></command>/usr/bin/nice -n20 /etc/rc.dyndns.update <minute>/60</minute>
      <hour></hour>
      <mday></mday>
      <month></month>
      <wday>*</wday>
      <who>root</who>
      <command></command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot <minute>/60</minute>
      <hour></hour>
      <mday></mday>
      <month></month>
      <wday>*</wday>
      <who>root</who>
      <command></command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -t 3600 snort2c <minute>/5</minute>
      <hour></hour>
      <mday></mday>
      <month></month>
      <wday>*</wday>
      <who>root</who>
      <command></command>/usr/local/bin/checkreload.sh <minute>/5</minute>
      <hour></hour>
      <mday></mday>
      <month></month>
      <wday>*</wday>
      <who>root</who>
      <command></command>/etc/ping_hosts.sh <minute>/140</minute>
      <hour></hour>
      <mday></mday>
      <month></month>
      <wday>*</wday>
      <who>root</who>
      <command></command>/usr/local/sbin/reset_slbd.sh</cron>
      <wol><installedpackages>- <revision><description>/firewall_nat_out.php made unknown change</description>
      <time>1207288229</time></revision> <rrd><enable></enable></rrd> <virtualip>- <vip><mode>proxyarp</mode>
      <interface>wan</interface>
      <descr><type>single</type>
      <subnet_bits>32</subnet_bits>
      <subnet>196.192.xx.x</subnet></descr></vip></virtualip></installedpackages></wol></proxyarp></aliases></shaper></syslog></bridge></ovpn></staticroutes></lastchange></pfsense>

    tried a lot on NAT outbound + virtual ip then worked .  thanks for helping .

  • No connection possible from LAN to WAN

    Locked
    6
    0 Votes
    6 Posts
    2k Views
    H

    Good to hear it's working now  :D

  • RRD Graphing - Can we define a custom date range through the GUI?

    Locked
    3
    0 Votes
    3 Posts
    4k Views
    P

    Hi fredde,

    Thanks for the tip.  No - I hadn't looked at that because it seems like there is already a database within pfSense which tracks this information… the RRD graphs must be getting their data from somewhere.

    Your suggestion does allow one to see daily summaries which is cool, but all I really want to do is to define a custom period to view the existing RRD traffic graph output - ie. Feb 21 - March 21... possible?

    -- Phob

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.