Most of your questions are answered here:

http://doc.pfsense.org/index.php/Why_can%27t_I_view_view_log_files_with_cat/grep/etc%3F_%28clog%29

As for the clear button, it clears the entire log file, not just what you see.

If you don't have snort installed and your box has previously been working fine on that port then I would suggest your ISP is blocking it for whatever reason. Try asking them.  ;)

Steve

I have never had to do this but I know other people have.
In order to spoof the MAC on a PPPoE connection you have to do the spoofing on the underlying ethernet interface, em0, in your case. However normally em0 is not assigned in a setup such as yours which presents a problem. To work around this create a new interface and assign em0 to it. Set it up as type 'none' and spoof the MAC there.

Steve

Not a secure one, not easily.

The OpenVPNManager option in the client export installs an alternate GUI that runs OpenVPN as a service, and does not require admin-level rights for the client to run.

Also you might look into the Windows Viscosity client for OpenVPN.

Use a <service>tag in the config, as packages do.

Look in the package repo code for packages such as squid that add services and see what ends up in your config after installing one of them. then follow the same format for your own services.</service>

FYI- it was moved to /var/run because that is always a RAM disk, on NanoBSD or a full install. Saves one disk write per second that way…

Run

And then for good measure

Found it !!
Under settings on the logs page I had show raw filter logs checked.

I know this doesn't resolve the question itself but if you are downloading 2G files in Firefox, I would recommend installing the DownThemAll extension to assist you with it.  It does a great job of multi-threading, error recovery and will search for mirrors of commonly downloaded files.

The problem with your current design is double-NAT - never a good idea.  A second NIC in the ESXi host will save you from potential hassles related to that.  Well worth the investment.

Unless you have told pfSense that the 172 network is its LAN, you probably just need some rules in pfSense to allow traffic in on that interface so they they can get access to the Internet.  Only LAN has an "allow any" rule by default.  All others are "deny all" by default.

If you've told pfSense that 172 is the LAN, you're going to have to allow traffic through its WAN interface in order to access your VMs from the PCs in the 192 network.  You'll also have to allow traffic from private networks, specifically your 192 network, on its WAN interface.

There are almost certainly other things you'll need to do as well but I can't think of them just now.

@cmb:

though unless you're changing your config around a lot you won't see it much.

I am running

2.0.1-RELEASE (i386)
built on Mon Dec 12 17:53:52 EST 2011
FreeBSD 8.1-RELEASE-p6

my system has been up a bit under 11 hours and the system log is littered with these messages:
[2.0.1-RELEASE][admin@pfsense.example.org]/root(15): clog /var/log/system.log | grep "Bump sched" | wc -l
    326
[2.0.1-RELEASE][admin@pfsense.example.org]/root(16):

About 30 times an hour seems excessive!

Is there a sysctl that could be tweaked to significantly reduce the frequency?

Does anyone know if pfSense NTP passes the local timezone or does it pass UTC time?

NTP only deals with UTC.  Hosts are responsible for adapting it to their own timezone/

You should never use a VM to set the time on a ESXi.   Either have ESXi sync the time on the VMs through VMware Tools or have ESXi and each of the VMs sync themselves to an external time source.

The HP 1810G (J9449 at least) has a pretty crappy implementation of SNTP and so does the Netgear GS108T.   They poll the NTP server too frequently and eventually get a Kiss of Death.  Luckily, switches don't really provide much that's worth logging anyway.  If you're not logging, accurate timestamps are a bit pointless.

EDIT:  You really should not use a Stratum 1 server as a reference unless you own it or it's part of pool.ntp.org

It depends how it's connected. I would expect it to be some sort of USB connected adapter in which case it would appear as /dev/da*

Steve

@jimp:

See the last line of my last post.

I didn't know what gitsync meant  :-[

I did the gitsync that also fix the ntp server timeout … great tool  ;D

Thanks for all

There are no build/compile tools in pfSense. To install all the required components is a complex task that will likely break something. If you want to compile something to use in pfSense do it on an appropriate FreeBSD install and move it across.

See: http://doc.pfsense.org/index.php/Can_I_compile_software_on_pfSense

Steve

Thanks Exolon

Thanks stive all are working fine thanks for your valuable suggestion

reachrishikh

you can set up pfsense with help of youtube .search how to in youtube ,if trouble occurs post in forum