Btw, newer snapshots have a states rrd graph. It should log if you reach the limit. Maybe view that graph to see if this really is the case when the problems occur. You even can view it after reboot (if you are not running the embedded version or livecd as you have to do a clean reboot from gui or shell to write the rrds to disk).

@trendchiller:

I created a ticket for that

Thanks, I'll fix it in a bit.

–Bill

You can use a custom port for this, not 22. Also note that we run a script behind the scenes that will block bruteforce attacks against ssh.

Also our head code already has more ssh options to further customize the settings.

To give myself an answer.

The only solution is to configure squid as acceleration proxy and set up a ssl-cert manually. Then squid is able to interrupt ssl connections and handle them by itself. This should ensure logging https connections without having to set anything up withing the client os.

But, unfortunately it seems that the squid package was compiled without the appropriate options.

Cheers,
Manuel

Ha, yeah, it's a busy little machine!! It's been cool being able to test new features shortly after they're added though!!

:D Thanks for all your hard work everyone involved, pfSense rocks!! :D

This is the complete message? There is nothing in front of it telling which service caused the log entry? Also what have been happening before you get that message?

Ok then I won't expect a change till then.  Just wanted to know incase it broke after an update.

Thx - solved

mount -t msdos /dev/fd0 /mnt
cd /mnt
cp config.xml /cf/conf/config.xml
rm /tmp/config.xml
shutdown -r now

Have a look at http://pfsense.trendchiller.com/transparent_firewall.pdf

Thanks Hoba
My mistake that I was trying to logon using admin/pfsense and not roort/pfsense through secure ftp

Regards
Bassam

Yes, try to get PPPoE working, your performance will improve greatly under a heavy load.  Often times the routing tables on modems can't hold all that much, they tend to all but crash after a couple thousand states hit it.  My ISP says they offer PPPoA only.  Here is how you see if you can run PPPoE anyways.  Set your modem to transparent bridge, that makes it just a media converter basically.  Then just set your wan on pfsense to send your PPPoA user/pass.  My experience has been that it works just fine, althought I haven't tested it with that many ISPs.

thanks a lot :D

Either that or FreeNAS (which would be my preferred solution).

Ive started on an Exim package, and although its far from complete its definitely very possible to add this. The only problem is, has Hoba has said, is how to handle the upgrading etc. which I havent even looked at just yet.

Currently the package supports:

Quotas per mailbox
Subnets that are allowed to relay
SMTP Auth (both client side and server side)
Smarthost
ClamAv
SpamAssassin
multiple domains

and numerous other smaller settings. Its not at a point where I am comfortable with it as there is still too many settings that are hard coded and these settings should be configured via the web interface.

It gets tricky when adding users though cos you will need to support aliases, forwarding and possibly store and forwarding. You also then need to decide whether you have to store the mail locally (requires some POP3 or IMAP server) or whether it should just act as a mailhub for an internal mail server(s).

Upgrade to the latest snapshot. There has been some dhclient updates that should fix that situation (see http://forum.pfsense.org/index.php/topic,2645.0.html ).

I think you will need to provide a small diagram with your setup….
but read the info on this site http://www.firewall.cx/vlans-intro.php first

Thanks, hoba!

if you have a vlan switch make a vlan up on one of the nis and put the mail server there