do you have a cable modem?

Folks -

I am just now looking over all the posts and I thank you all for the valuable information. It's not likely that I will lose my job over this, as we have been shrinking though attrition for years now and all it takes is for two people to call in sick to make it hard to staff the library desks, so I am needed if for no other reason than to provide a warm body to answer patron questions like "where's the books on butterflies?" and such. If the library wants to pay me to sit and answer dumb questions, then hey - it's their dime. Customer service is important, too.

The ease of which pfsense is installed and managed should be a great selling point to my supervisor when she realizes that she won't be able to make a cisco configuration change by pointing and clicking a mouse on a web page, but rather has to call up the firm that installed the Ci$co firewall to do it, then charge us for the change.

Since the starting of this topic, the director of the library has seen the report on the state of our network that the consultants have concocted. He has (correctly) come to the realization that it's a sales tool first and foremost, and that we, my boss and I, get to decide what proposals we feel will work for our organization, not the consultants. That's a relief.

We are doing battle with another outside firm right now over a web tool they wrote for us that is failing miserably, so it might leave management with a bad taste in it's mouth for contractors.

Again - thanks to all who contributed to this conversation. It will be useful to me.

LibraryMark

Yeah I would not call such low amount of traffic any sort of attack..  The torrent theory fits, does not have to be that you jut got a new IP.  If your using UPnP for your client and it changed ports on you - you going to see traffic to old port for days and days and days.

If it bothers you, or fills up your logs - prob best to just create a rule to not log it.

I have a clean up rule that does not log udp – there is just way to too much noise to worry about.

@Klaws:

Try unckecking "block bogon networks". Perhaps your public IP address is one of the very new ones which is still regarded as bogon.

I don't really remember how bogon block are applied within pfSense, but I think I remember that it might have been that they are loaded very shortly after the interface goes "up". Well - very vague, I know.

That didn't work, I unchecked the block bogon networks checkbox, saved and applied the changes and I'm still not getting any ping replies from x.x.x.102 nor 8.8.8.8

Now suddenly spiegel.de works again.
strange.  ???

Easy!

RRD data is in /var/db/rrd

Just rm the data you no longer need.

e.g.
[2.0.2-RELEASE][admin@pfsense.domain]/root(1): cd /var/db/rrd
[2.0.2-RELEASE][admin@pfsense.domain]/var/db/rrd(2): ls
GW-quality.rrd      ovpns1-traffic.rrd  system-states.rrd
WAN-quality.rrd      ovpns1-vpnusers.rrd  updaterrd.sh
ipsec-packets.rrd    ppp-cellular.rrd    wan-packets.rrd
ipsec-traffic.rrd    system-memory.rrd    wan-traffic.rrd
ovpns1-packets.rrd  system-processor.rrd
[2.0.2-RELEASE][admin@pfsense.domain]/var/db/rrd(3):rm ovpns1*.rrd
[2.0.2-RELEASE][admin@pfsense.domain]/var/db/rrd(4):

to drop the OpenVPN interface stats

If you only give it one interface in the initial CLI setup it will be labelled WAN and it will be open for connections to the webgui.
However that is a special case, as soon as you add another interface it will default back to blocking all incoming connections on WAN.

Steve

I was able to fix it.  First i tried removing the prompt altogether via http://doc.pfsense.org/index.php/Remove_F1_Boot_Prompt .  I didn't really expect it to work since it wasn't defaulting incorrectly (it didn't work).

I got my install disk and just reinstalled the bootloader from it.  All is well now.

might be solved now. doing testing atm.

i had at one time lvl 1 at 256 and when i change to 128 / 64 and so on the cache disk still had the old dirs
dont know if that was the problem. but i deleted all folder in cache and did squid -z when i have the default 16 on the lvl 1

hope that was the problem.

Thank you guys, I'll report to them.

Thanks for replying, I also had this feeling but hoped that someone might have tackled it somehow.

It doesn't work Mutual PSK + Xauth for vpnc:

http://forum.pfsense.org/index.php/topic,59385.msg319238.html#msg319238

Use ike-qtgui (Shrew Soft VPN Access Manager) package.

update: last couple of days it seems to be going ok.
Did not update yet to 2.0.3 prerelease, also reverted back from all previous modifications.

What seems to be working: in "System\Routing\GW_WAN" under 'Advanced' I increased the value 'Down' to 60 (default was 10). This action seem to have helped for the dyndns update, I haven't had the nasty 'curl' error anymore since modification. So either it actually helped, OR I have been lucky until' now. I still sometimes see the GW as Offline, so maybe I should double it. (maybe I need some better understanding of the apinger mechanism  :-[ )

As 2nd backup mod, I installed the cron package & modified the nightly scheduled DynDns check to run every 30 minutes. It does pollute the system log a bit, but good side effect is I can check how it is working, and so far it seems I haven't needed the cron mod yet.

before I forget: Tnx Tim & Phil for the given suggestions! Really appreciated…

Nope. I also haven't got an iPhone :)

Hi,

And did you added firewall allow rules for your dvr ports? And what is/are your dvr port(s) And if you want to connect default port (80) it might be conflict witrh your pfsense box port. You should change web access port on your dvr device.

Regards,
SGTR

Very good point!

Hmm I will give it a try and see what happens. Sounds a lot more simple anyway.