That actually lands you in a special table. The place you'd need to clear is under Diagnostics > Tables, "virusprot" I believe.

Remove the record from that table and you should be able to send packets again, or just wait for the entry to timeout (takes a couple hours)

Thank-You very much Jimp for the very prompt reply. You relieved a lot of stress. Briefly I built a server and mail system mostly for my children on the East Coast and I was using a WRT54G router with DD-WRT and a pgm called WallWatcher to monitor port probes and the like. Someone turned me on to pfSense and I am just starting to learn this stuff for an old man in my mid 60's.
    Again, thanks an awful lot for the help.

QinQ sounds interesting, can't clearly tell if it will work.

I'm running Supermicro X7SPA-HF in a M350 chassis,
I haven't see a compatible riser card / IO Panel so a third nic isn't in the cards.
Currently have em0/em1 dedicated to the modems and LAN via a USB adapter which is very dirty.

wallabybob's #2 looks to be the only solid option at this point.

those are not kept in the config.xml file.

/etc/ssh keys are re-created when the host boots up the first time.

Root's authorized_keys are written out from config.xml using admin's User Manager account entry. Manual changes to files in that directory are not kept and are not needed.

Notifications are used for.. if a WAN connection was to go down if your in a multiwan setup. As far as i am aware. This is also a 3rd party package for emailing RRD graphs, and that package uses those details. So its good to have! I love that 3rd party package. Customers love seeing there data display like it.

Some 3rd party hotspot app.? There are plenty of solutions to enable 'hotspot mode' or similar without going through the official hoops because many operators like to charge extra for that.
Is it jailbroken?

Steve

I don't think your problem has anything to do with bridge mode but rather the interrupt rate on your NICs or the loading on the cpu. When you disable pf completely it reduced the cpu cycles required to forward a packet massively allowing your system to keep up. I would check to see if flow control is enabled.

Steve

aha Okey Thanks .. so i'm working on Pfsense i need a Report about pfsense with Intro,I,II,II …

Probably via outbound firewall/NAT rules they are simply redirecting all outbound requests to UDP 53 to OpenDNs. This should be easily accomplished on pfSense as well.

Quick question why has your isp given you a Lan address? The 182 address is not an a,b,c class address?

that's it. Thanks to all!

Provided everything is correctly configured, your inter-VLAN traffic will go to your pfSense box where it will be routed between the VLANs unless blocked on entry to the box by a firewall rule.

ill keep windows update and symantic antivirus, ill see if better now.

thank for the reply

@garyw:

if I ping from another machine on the LAN to the OPT1 interface I get a reply.

That is the expected behaviour. I assume you mean another machine on the OPT1 subnet but the same would be true for the OPT1 interface itself.

There is a default firewall rule on LAN that allows all traffic to anywhere. 'anywhere' includes the OPT1 subnet so pings from a LAN client can reach an OPT1 client. The ping response is allowed back because the state has been opened already. If you tried to do the same in reverse, ping a LAN client from the OPT1 subnet, you'll find it is blocked.
If you don't want that to hapen you have to modify the default LAN rules to be more restrictive.

Steve

Hmm, yes I agree the text is confusing.

I don't know whether or not that adapter will work, but pfSense doesn't support 802.11n.