@doktornotor: Remove and reinstall the package. I should have mentioned that I've done this 5 or 6 times.  After the uninstall the dashboard was fine, but I got the same error as soon as I reinstalled it. It looks like I ended up resolving my own issue.  I moved the file, ".widget-snort.inc.uIzi3Hvkv9Po" out of the widgets/include folder, and everything went back to normal.  It looks like it was probably a temp file created during my system upgrade, and for some reason it wasn't deleted after the upgrade finished.  It was causing the PHP function, "widget_snort_uninstall()" to be declared twice, which caused the dashboard code to fail to compile.  Uninstalling and reinstalling the package didn't help, as the uninstall still left the widget temp file behind in the folder and caused the issue to reemerge after re-installation.  I held on to the file just in case, but its contents are identical to those of "widget-snort.inc," so I'm sure I don't need it. Anyway, if you ever get a "previously declared…" error on the dashboard page with regard to a widget, check your /usr/local/www/widgets/include/ folder for stray temp files.  ;D

I've order a new NIC today which will arrive on Saturday. However, if it was the USB NIC at fault then the fault would switch from LAN to WAN and not disconnect all LAN machines all the time; they would stay connected but I just wouldn't be able to get to the outside world. I NEVER have an issue from my pfSense server to to the outside world just internally on all machines when it happens and thus can't get to the outside world when it does happen. Why would it start happening all of a sudden and so intermittently? Let's see after my new NIC arrives and see if that solves the issue!

[image: all-your-base-ws2445.jpg]

remove the arp cache entry and until it shows back it should show offline and be able to delete it.

Thanks, Kpa.

ssh open to the world is going to get massive amounts of traffic..  Yup going to try and bruteforce you til the sun comes up..

Those are root name servers for the gtld (Generic top-level domain) .net -> https://www.iana.org/domains/root/db/net.html

Need the 3 router setup to replace my fios router with a router with more features and better wifi and keep Caller ID and Remote DVR access on my FIOS system. The PFSense would be primary and the directly connected to the internet.  http://www.dslreports.com/faq/16858  if you want to see more about it.  Hopefully I replace the secondary router with one of the Ethernet ports on the PFSense and have control of what uses the VPN and what doesn't.

will try it. but scared its gonna go to 2.3.4

Normally that element would be removed from the configuration after you restore the configuration file. It shouldn't be in there persistently. Is there an error on the console or in the system log about it not being able to import the RRD info?

OK will upgrade later and revisit

I didn't read the linked article to find out what you are trying to accomplish but regardless I can make a recommendation. Buy a used server pull (preferably from not-China, but even that's really not important) i340-t4 off of eBay http://www.ebay.com/itm/IBM-49Y4242-I340-T4-4-Port-Gigabit-PCI-E-Server-Network-Adapter-Card-/361940630659?hash=item544557bc83:g:VSQAAOSwc-tY3XdW Something along those lines. Just use those NIC's and disregard the Realteks. The Realteks will probably work perfectly fine for 5-600Mbps throughput, might not work at all, might give you a bunch of headaches? That's why they aren't recommended, they are just a mixed bag which is not what you want for NICs on a networking device. So, since you are already planning on buying another NIC, just get a good one and use it.

https://forum.pfsense.org/index.php?topic=112335.0

Agreed..  And thanks for the info it holds my curiosity cat at bay ;) I send alerts from my pfsense box to google over 587..  Depending the server your sending to and connectivity to it, and who the sending email is saying its from and address its going to.. Its quite possible not to auth at all, etc. I have not looked too deep into how exactly pfsense is sending the alerts.  But I would think it possible to send to the server directly accepting the mail for the domain your sending too without any need to auth at all.  Only reason you would have to auth if sending to an email server that would be sending the email to where its going for you.  So sure such a mail server you would want to auth who is trying to get "me" the server to send mail for.. Making sure it really is you and not just some spammer. But sure in such a scenario it should be easier to pin or trust in pfsense a private ca or self signed cert for secure auth to your sending email server - in this I do agree..  They prob have not gotten around to it as of yet since its prob not a lot of requests for it.. Since if sending through some public email domain the certs should be signed by some common public CA.  If sending your own email server, its quite possible the server is actually internal to where pfsense sits and auth should not need to be via tls for security reasons, etc. etc. I would think if was brought enough attention there is lots of need and not just a few one offs in setups that require trusting self signed or non public ca certs in the pfsense user community it would get more attention.  If something you really want done - there is always the bounty program to have some put it together.

I had some similar issues as well, turns out I set three things: I enabled SNORT as the IDS I had Automatically checked the block systems from SNORT The SNORT IDS automatically blocked some web pages that had been flagged by innocuous http inspect errors ( BYTE BLOCK etc) Once I suppressed the false flags http inspect, I then reset (cleared) all the blocked sites and poof I could get to where I had been unable to previously. ~Zackis