Usually that ends up being an MTU issue. Try lowering the MTU to be <= 1492 and/or MSS to be <= 1452.

May take some trial and error, might end up being inthe 1480's somewhere.

The shellcmd package only manages shellcmd tags, it doesn't actually add support for running those commands, that's already baked into pfSense, we just don't offer a GUI to do it out of the box.

There are several types of shellcmd, and you can use an earlyshellcmd to make sure something runs early in the boot process so it's set sooner.

Or you can set that in /boot/loader.conf.local or system tunables (System > Advanced, Tunables tab) which also get set at bootup.

Not sure how much that might help though, but it's worth trying.

I'm guessing he's talking about this from the Status: Interfaces: page.

WAN interface (pppoe0) Status up PPPoE up   Uptime 436:38:06 MAC address 00:00:00:00:00:00 IP address xxx.xxx.xxx.xxx   Subnet mask 255.255.255.255 Gateway 195.166.128.194 ISP DNS servers 127.0.0.1 8.8.8.8 8.8.4.4 In/out packets 14654088/14590085 (13.48 GB/1.55 GB) In/out packets (pass) 14590084/11209042 (13.48 GB/1.55 GB) In/out packets (block) 64004/1 (8.30 MB/98 bytes) In/out errors 0/0 Collisions 0

I think those stats are only kept as long as the interface remains up. Hence they are lost on reboot.

I'm surprised that bandwidthd does that though. Are you running Nano?

Maybe try one of the other suggestions here: http://doc.pfsense.org/index.php/How_can_I_monitor_bandwidth_usage%3F

Steve

Interesting results, thanks for sharing.  :)
I would point out though that the biggest gains using Powerd are when your CPU has some sort of dynamic cpu frequency/voltage control that has a freebsd driver, Enhanced Intel Speedstep or AMDs powernow for example. The D2500 does not have speedstep. The Pentium-M does and it showed an overall reduction of system power of 5W (15%) in my testing at idle. I agree though that the lowest power state is in the higher 'C states' and if you have that enabled in the bios, and your ACPI table is complete and correct then you are probably already running at least power. Speedstep 'P states' become important if your CPU is running at a moderate load continuously when there is not much time to use C states. http://www.overclock.net/t/1058894/intel-acpi-guide-c-g-s-p-states-and-ocs
It worth noting that the Pentium-M is a special case here because the frequency/voltage values are hard coded into the est(4) driver and hence cpufreq can use them even if the ACPI table does not play nicely with FreeBSD (many, many bioses!).

I have a box in which I replaced the CPU, a P4 2.8GHz, to save power. I didn't need that much processing power. You can save quite a bit by simply using a lower speed P4. I then used a P4-M, which is pin compatible, and saved some more. The P4-M has speedstep though it is very crude, only two steps, but my own board doesn't support it. You are using a laptop though so I would investigate that.

Steve

Normally if a package doesn't start, by running the startup script in /usr/local/etc/rc.d/ via command line, you'll get something spit out that says why.

Ah okay, just the settings being saved/restored.  For some how I had gotten the impression that it was saving the log data, similar to how it saves the RRD data.  Thanks for the clarification.

If
@waheedsami:

WAN is working in PPPoE mode and getting the live IP from ISP

but
@waheedsami:

i am unable to ping any website from WAN

then, assuming you are trying to ping from the pfsense box itself, you either have a routing problem of some sort or your ISP is blocking your connection requests, possibly because you have changed devices. It may be you have the wrong subnet mask. pfSense strictly adheres to the rules when it comes to talking to devices in a different subnet, other OSs do not (Windows). Hence it may be that your ISP is giving you IP information which worked fine with your previous router but is actually incorrect.
This is pure speculation.  ;)
As Podilarius said please give us more information. Answering Wallabybob's questions above would be a good start.

Steve

@stephenw10:

In your firewall rules check the box "Log packets that are handled by this rule". Any traffic that is caught by that rule will then appear in the firewall log.

When you have finished debugging you should uncheck the box to prevent your firewall logs being filled which will hide more relevant hits.

Steve

hello,thanks your reply
you mean's in Status> System logs> Firewall? it just log act,time,if,source,destination,proto,but don't have rule
how can i know which rule?

Uncheck "Block private networks" on your WAN connection as it's inside one and now blocks all traffic.

What about the logs? Where can I increase the amount of logs stored? I do not want to setup a syslog server.

^ I just added details from that forum post to the docs under howtos

http://doc.pfsense.org/index.php/Samba

Will clean it up and verify it works as stated later

sftp from what I recall is on by default - I don't think I had to configure anything to allow for it?  Just connected to it using root as name which is spelled out in the above doc link - well I use public key auth, so I am sure I set that up and turned off password auth..  That is just plain common setup practice for any ssh device - at least for me.

I don't recall ever not being able to scp or sftp to any bsd/linux box that has ssh enabled as long as had creds to auth with.  Sure you can disable them on sshd config, but I believe they are part of default features allowed.

Fire up your fav sftp client, be it winscp, filezilla, etc. and point it to your pfsense box that has ssh enabled and use root with admin users password and you should be good to go be it you use scp or sftp as protocol

@elshentenawy:

hey everybody

I want to try pfsense . but I didn't know ^^which version 2 download there is alot of stuff in the download page^^
I have an old computer and I wanne 2 install pfsense just to try it
I dont really remember the spasifecation but I think
cpu: intel celeron 3/1
ram/ 512

if i need a higher computer !! can i try it on a vmware !!
thanQ

And, yes, any Celeron with 512MB of RAM will run pfSense as a simple router.  It may not route a huge amount of data, but it should be able to saturate what is available at most homes and many businesses.  (Although, a first generation Slot 1 Celeron 266Mhz with no cache might be… slow, it should run and route a decent amount.)  Try it, see if it does what you need.

I would imagine that you would want the i386 versions, btw (while there are some Celerons that support 64 bit instructions, a Celeron with 512MB of RAM would have no use for them even if it did.)

Like johnpoz said, you probably want the the LiveCD iso, which will let you run it straight from the CD or install it to a hard drive.

Ah, thanks a lot!

Yeah even if 1 is faster than the others at the start in handing out leases - once he hits 50, he is done and the others can fill up.  But what should happen is a random here or there until full.

Test this if you want before the party, setup 2 and make very small scopes like 3 each and connect some machines and see what happens.

One of the suggestions here should work
http://doc.pfsense.org/index.php/I_locked_myself_out_of_the_WebGUI,_help!

If you are stuck and can't access the GUI, check this doc wiki article:
http://doc.pfsense.org/index.php/I_locked_myself_out_of_the_WebGUI,_help!