Please don't double-post questions: https://forum.pfsense.org/index.php?topic=77730.0

@pfissedoff: Good morning, I am having trouble with configuring this scenario… I have squid + dansguardian authenticating users with LDAP, what i would like to do is implement different levels of filtering depending on what group they are a member of, but the documentation is scarce, i have set up dansguardian with the ACLS that i need to apply to a user depending on what group (eg student, staff etc) they are in. Please could somebody point me in the right direction? or documentation? Thankyou for your time! BUMP Running PFSense 2.1 Squid 2.7.9 Dansguardian 2.12.0.3 Would like to implement multiple groups (Default and one extra group) to apply a stricter set of ACLs to one group Need documentation or step by step tutorial… I have created ACL's but when i create the group based on my LDAP group it does not populate users and DG service fails to start again until the group is removed.

@trads: Question is:  If buying PFsense installed on an EMBEDDED device with 4 LAN holes and 1 or 2 for WAN -  instead of using a PC - are the access to the PFSense firewall and its data then completely physically separate from the LAN ports? No. PfSense running on embedded hardware is not much different to a standard PC. It's still X86 hardware. If the attack you are describing was at the BIOS level I imagine it via some out-of-band management facility. If that is the case then it's a config issue. IPFire is a mature firewall, i'd be surprised to find they had some huge security hole. Steve

Yep, did not know that. Thanks.  :) Ready for eeconfig though! Steve

You could try the 'memstick' image. That is identical to the install CD but written for running from a USB stick. It will not attempt to write to the USB stick. You could attempt to run it with the config file on a separate drive like the original m0n0wall install used to, though I think that used a floppy drive. I think I remeber reading it's no longer a supported install type but that doesn't mean it's not possible. Steve

If the IPs are in a file in the right format you can just copy and paste them into an alias. The pf-blocker package can import an alias from a file directly. Steve

Easily missed.  ;)

@stephenw10: It could be the Sonicwall device is using the same subnet on it's LAN that the pfSense box is using which is killing routing. Steve Went with 10.0.0.x on pfsense interface and 192.168.0.x on sonicwall.  It was pulling ip/subnet mask/etc from pfsense not still no actual internet connectivity.  Leaning towards the sonicwall being the issue here.

You're okay Stephen:) I was just thinking out loud and somehow it managed to get on the boards. Take care:)

In my IT experience, BSODs(I'm from mostly Windows, but it should apply to kernel panics also) are mostly caused by memory and hardware like HD, graphics, NIC. Sudden shutdowns, in my experience, seem to be more caused by PSU, CPU, chipset, heat(air flow, dead fan, whatever) issues. PSU and memory are the easiest to replace and test. If you have two or more sticks of memory, there is a good chance you can just remove one of the sticks, but I'd recommend just doing a memtest for 24-48 hours. My guess is it's not your memory if it causes a power down, but it is easy to check.

@BBcan17: This shell command will report free space for the file system. **    df -h** This shell command will report the Directory Tree **  du -sk /*** If you use Suricata, or want to use Suricata, I would suggest increasing the Size of the Drive or you won't be able to use its logging and file extraction system very well with a small drive. If you use Squid, you can also delete the cache or logs. Awesome help, thanks. After some info swaps with Bill, I'm going to stay in the Snort camp until Suricata gets true inline features.  I've got the drive back to 20% with little or no effort so I think things are happy for now. Rick

Well, it's not the E3110, as it works fine on an Optiplex 755.  Apparently I stumbled upon 2 motherboards PowerD does not like.

In the RRD graphs 'm' means milli (10^-3). It uses that for numbers smaller than 1. 'M' means Mega (10^6). Steve Edit: Typo

So is this UDP or TCP.. You have both setup in the forward and firewall rules. Nat reflection IMHO should always be last option..  Clients on the local network, should resolve the host of the service your trying to use to its local IP.  Clients on the outside should resolve to your public, and then yes be forwarded in. AFIAK udp reflection doesn't even work, or there were issues with it that may have been resolved?  As to details your missing - for starters what version of pfsense are you using?  Is this pfsense a physical box or a VM?

You don't need a firewall rule. That traffic doesn't go through the firewall. But if that interface is wireless then you need to enable communication between wireless clients. If it's a wifi NIC in the pfSense box that setting is called 'Allow intra-BSS communication' and it's on the interface setup page. If you have a wifi access point connected then it will probably also have a similar setting. Edit: Typed too slow!  ::) Steve

@stephenw10: Have a read through this thread: https://forum.pfsense.org/index.php?topic=76538.0 Steve @razzfazz: If you're on 2.1.3, you can use the "System Patches" package to either either revert the original commit, or to apply my fix until a new build is released. I went in and changed the two files in https://github.com/pfsense/pfsense/commit/d973a602abeab78803fce467198c571ba25ec0cb Everything is working perfectly now. Thanks again everyone. This case can be closed and marked as solved. Remember to make note of this if others come in with the same issue.

The RRD graph will be displayed as long as the relevant log file exists. Reset RRD data will remove all log files and resolve your issue. If you want to remove a single log file and keep the other data you have to remove it manually. To do so, in Diagnostic > Command prompt execute "ls /var/db/rrd/*.rrd" to display all existing RRD log files. Then remove the one you want by executing "rm /var/db/rrd/<rrd file="">.rrd".</rrd>