Please have a look as i'm not really sure if it's looking right. These are my system.php and status.php.  Thanks again guys.

System.php

/* $Id$ */ /* system.php part of m0n0wall (http://m0n0.ch/wall) Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1\. Redistributions of source code must retain the above copyright notice,   this list of conditions and the following disclaimer. 2\. Redistributions in binary form must reproduce the above copyright   notice, this list of conditions and the following disclaimer in the   documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ require("guiconfig.inc"); $pconfig['hostname'] = $config['system']['hostname']; $pconfig['domain'] = $config['system']['domain']; list($pconfig['dns1'],$pconfig['dns2']) = $config['system']['dnsserver']; $pconfig['dnsallowoverride'] = isset($config['system']['dnsallowoverride']); $pconfig['username'] = $config['system']['username']; if (!$pconfig['username']) $pconfig['username'] = "admin"; $pconfig['webguiproto'] = $config['system']['webgui']['protocol']; if (!$pconfig['webguiproto']) $pconfig['webguiproto'] = "http"; $pconfig['webguiport'] = $config['system']['webgui']['port']; $pconfig['timezone'] = $config['system']['timezone']; $pconfig['timeupdateinterval'] = $config['system']['time-update-interval']; $pconfig['timeservers'] = $config['system']['timeservers']; $pconfig['theme'] = $config['system']['theme']; if (!isset($pconfig['timeupdateinterval'])) $pconfig['timeupdateinterval'] = 300; if (!$pconfig['timezone']) $pconfig['timezone'] = "Etc/UTC"; if (!$pconfig['timeservers']) $pconfig['timeservers'] = "pool.ntp.org"; $changedesc = "System: "; $changecount = 0; function is_timezone($elt) { return !preg_match("/\/$/", $elt); } if($pconfig['timezone'] <> $_POST['timezone']) { /* restart firewall log dumper helper */ require_once("functions.inc"); $pid = `ps awwwux | grep -v "grep" | grep "tcpdump -v -l -n -e -ttt -i pflog0"  | awk '{ print $2 }'`; if($pid) { mwexec("kill $pid"); usleep(1000); } filter_pflog_start(); } exec('/usr/bin/tar -tzf /usr/share/zoneinfo.tgz', $timezonelist); $timezonelist = array_filter($timezonelist, 'is_timezone'); sort($timezonelist); if ($_POST) { $changecount++; unset($input_errors); $pconfig = $_POST; /* input validation */ $reqdfields = split(" ", "hostname domain username"); $reqdfieldsn = split(",", "Hostname,Domain,Username"); do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); if ($_POST['hostname'] && !is_hostname($_POST['hostname'])) { $input_errors[] = "The hostname may only contain the characters a-z, 0-9 and '-'."; } if ($_POST['domain'] && !is_domain($_POST['domain'])) { $input_errors[] = "The domain may only contain the characters a-z, 0-9, '-' and '.'."; } if (($_POST['dns1'] && !is_ipaddr($_POST['dns1'])) || ($_POST['dns2'] && !is_ipaddr($_POST['dns2']))) { $input_errors[] = "A valid IP address must be specified for the primary/secondary DNS server."; } if ($_POST['username'] && !preg_match("/^[a-zA-Z0-9]*$/", $_POST['username'])) { $input_errors[] = "The username may only contain the characters a-z, A-Z and 0-9."; } if ($_POST['webguiport'] && (!is_numericint($_POST['webguiport']) || ($_POST['webguiport'] < 1) || ($_POST['webguiport'] > 65535))) { $input_errors[] = "A valid TCP/IP port must be specified for the webGUI port."; } if (($_POST['password']) && ($_POST['password'] != $_POST['password2'])) { $input_errors[] = "The passwords do not match."; } $t = (int)$_POST['timeupdateinterval']; if (($t < 0) || (($t > 0) && ($t < 6)) || ($t > 1440)) { $input_errors[] = "The time update interval must be either 0 (disabled) or between 6 and 1440."; } foreach (explode(' ', $_POST['timeservers']) as $ts) { if (!is_domain($ts)) { $input_errors[] = "A NTP Time Server name may only contain the characters a-z, 0-9, '-' and '.'."; } } if (!$input_errors) { update_if_changed("hostname", $config['system']['hostname'], strtolower($_POST['hostname'])); update_if_changed("domain", $config['system']['domain'], strtolower($_POST['domain'])); update_if_changed("username", $config['system']['username'], $_POST['username']); if (update_if_changed("webgui protocol", $config['system']['webgui']['protocol'], $_POST['webguiproto'])) $restart_webgui = true; if (update_if_changed("webgui port", $config['system']['webgui']['port'], $_POST['webguiport'])) $restart_webgui = true; update_if_changed("timezone", $config['system']['timezone'], $_POST['timezone']); update_if_changed("NTP servers", $config['system']['timeservers'], strtolower($_POST['timeservers'])); update_if_changed("NTP update interval", $config['system']['time-update-interval'], $_POST['timeupdateinterval']); /* pfSense themes */ update_if_changed("System Theme", $config['theme'], $_POST['theme']); /* XXX - billm: these still need updating after figuring out how to check if they actually changed */ unset($config['system']['dnsserver']); if ($_POST['dns1']) $config['system']['dnsserver'][] = $_POST['dns1']; if ($_POST['dns2']) $config['system']['dnsserver'][] = $_POST['dns2']; $olddnsallowoverride = $config['system']['dnsallowoverride']; unset($config['system']['dnsallowoverride']); $config['system']['dnsallowoverride'] = $_POST['dnsallowoverride'] ? true : false;                 if ($_POST['password']) {                         $config['system']['password'] = crypt($_POST['password']); update_changedesc("password changed via webConfigurator"); sync_webgui_passwords();                 } if ($changecount > 0) write_config($changedesc); if ($restart_webgui) { global $_SERVER; list($host) = explode(":", $_SERVER['HTTP_HOST']); if ($config['system']['webgui']['port']) { $url="{$config['system']['webgui']['protocol']}://{$host}:{$config['system']['webgui']['port']}/system.php"; } else { $url = "{$config['system']['webgui']['protocol']}://{$host}/system.php"; } } $retval = 0; config_lock(); $retval = system_hostname_configure(); $retval |= system_hosts_generate(); $retval |= system_resolvconf_generate(); $retval |= system_password_configure(); $retval |= services_dnsmasq_configure(); $retval |= system_timezone_configure(); $retval |= system_ntp_configure(); if ($olddnsallowoverride != $config['system']['dnsallowoverride']) $retval |= interfaces_wan_configure(); config_unlock(); // Reload filter -- plugins might need to run filter_configure(); $savemsg = get_std_save_message($retval); if ($restart_webgui) $savemsg .= " One moment...redirecting to {$url} in 10 seconds."; } } $pgtitle = "System: General Setup"; include("head.inc"); ?> <form action="system.php" method="post"> | Hostname | name of the firewall host, without                     domain part                     e.g. _firewall_ | | Domain | e.g. _mycorp.com_ | | DNS servers |                       IP addresses; these are also used for                       the DHCP service, DNS forwarder and for PPTP VPN clients                       >                       **Allow DNS server list to be overridden by DHCP/PPP                       on WAN**                       If this option is set, will use DNS servers assigned                       by a DHCP/PPP server on WAN for its own purposes (including                       the DNS forwarder). They will not be assigned to DHCP and                       PPTP VPN clients, though. | | Username |                     If you want                     to change the username for accessing the webGUI, enter it                     here. | | Password |                      (confirmation) If you want                     to change the password for accessing the webGUI, enter it                     here twice. | | webGUI protocol | >                     HTTP     >                     HTTPS | | webGUI port |                     Enter a custom port number for the webGUI                     above if you want to override the default (80 for HTTP, 443                     for HTTPS). Changes will take effect immediately after save. | | Time zone | <select name="timezone" id="timezone">                                            <option value="<?=htmlspecialchars($value);?>" <?php="" if="" ($value="=" $pconfig['timezone'])="" echo="" "selected";="" ?="">></option>                                           </select> Select the location closest                     to you | | NTP time server | Use a space to separate multiple                     hosts (only one required). Remember to set up at least one                     DNS server if you enter a host name here! |   | Theme |   |     <select name="theme">$files = return_dir_as_array("/usr/local/www/themes/"); foreach($files as $f) { if ( (substr($f, 0, 1) == "_") && !isset($config['system']['developer']) ) continue; if($f == "CVS") continue; $selected = ""; if($f == $config['theme']) $selected = " SELECTED"; if($config['theme'] == "" and $f == "pfsense") $selceted = " SELECTED"; echo "\t\t\t\t\t"."{$f}\n"; }?></select> **This will change the look and feel of** | |   |                   | </form> // restart webgui if proto or port changed if ($restart_webgui) { echo ""; } ?> if ($restart_webgui) { touch("/tmp/restart_webgui"); } ?></mk@neon1.net>

Status.php

/* $Id$ */ /* Run various commands and collect their output into HTML tables. * Jim McBeath <jimmc@macrovision.com>Nov 2003 * * (modified for m0n0wall by Manuel Kasper <mk@neon1.net>) * (modified for pfSense by Scott Ullrich geekgod@pfsense.com) */ /* Execute a command, with a title, and generate an HTML table * showing the results. */ /* include all configuration functions */ require_once("guiconfig.inc"); require_once("functions.inc"); function doCmdT($title, $command) {     echo " \n";     echo "<a name="\&quot;&quot;" .="" $title="" "\"="">\n";     echo "\n";     echo "\n";     echo "\n";     echo " | " . $title . " | | ``` "; /* no newline after pre */ if ($command == "dumpconfigxml") { $fd = @fopen("/conf/config.xml", "r"); if ($fd) { while (!feof($fd)) { $line = fgets($fd); /* remove sensitive contents */ $line = preg_replace("/<password>.*?<\\/password>/", "<password>xxxxx</password>", $line); $line = preg_replace("/<pre-shared-key>.*?<\\/pre-shared-key>/", "<pre-shared-key>xxxxx</pre-shared-key>", $line); $line = preg_replace("/<rocommunity>.*?<\\/rocommunity>/", "<rocommunity>xxxxx</rocommunity>", $line); $line = str_replace("\t", "    ", $line); echo htmlspecialchars($line,ENT_NOQUOTES); } } fclose($fd); } else { $execOutput = ""; $execStatus = ""; exec ($command . " 2>&1", $execOutput, $execStatus); for ($i = 0; isset($execOutput[$i]); $i++) { if ($i > 0) { echo "\n"; } echo htmlspecialchars($execOutput[$i],ENT_NOQUOTES); } }     echo "</rocommunity></pre-shared-key></password> ``` | \n"; } /* Execute a command, giving it a title which is the same as the command. */ function doCmd($command) {     doCmdT($command,$command); } /* Define a command, with a title, to be executed later. */ function defCmdT($title, $command) {     global $commands;     $title = htmlspecialchars($title,ENT_NOQUOTES);     $commands[] = array($title, $command); } /* Define a command, with a title which is the same as the command, * to be executed later. */ function defCmd($command) {     defCmdT($command,$command); } /* List all of the commands as an index. */ function listCmds() {     global $commands;     echo "</a> <a name="\&quot;&quot;" .="" $title="" "\"="">This status page includes the following information:\n";     echo "</a> <a name="\&quot;&quot;" .="" $title="" "\"="">\n";     for ($i = 0; isset($commands[$i]); $i++ ) {         echo "</a> * <a name="\&quot;&quot;" .="" $title="" "\"=""></a>**[" . $commands[$i][0] . "](\"#")**\n";     }     echo " \n"; } /* Execute all of the commands which were defined by a call to defCmd. */ function execCmds() {     global $commands;     for ($i = 0; isset($commands[$i]); $i++ ) {         doCmdT($commands[$i][0], $commands[$i][1]);     } } global $g; /* Set up all of the commands we want to execute. */ defCmdT("System uptime","uptime"); defCmdT("Interfaces","/sbin/ifconfig -a"); defCmdT("Routing tables","netstat -nr"); defCmdT("top | head -n5", "/usr/bin/top | /usr/bin/head -n5"); defCmdT("sysctl hw.physmem","/sbin/sysctl hw.physmem"); defCmdT("ipfw show", "/sbin/ipfw show"); defCmdT("pfctl -sn", "/sbin/pfctl -sn"); defCmdT("pfctl -sr", "/sbin/pfctl -sr"); defCmdT("pfctl -ss", "/sbin/pfctl -ss"); defCmdT("pfctl -si", "/sbin/pfctl -si"); defCmdT("pfctl -sa"," /sbin/pfctl -sa"); defCmdT("pfctl -s rules -vv","/sbin/pfctl -s rules -vv"); defCmdT("pfctl -s queue -v","/sbin/pfctl -s queue -v"); defCmdT("pfctl -s nat -v","/sbin/pfctl -s nat -v"); defCmdT("netstat -s -ppfsync","netstat -s -ppfsync"); defCmdT("pfctl -vsq","/sbin/pfctl -vsq"); defCmdT("pfctl -vs Tables","pfctl -vs Tables"); defCmdT("Load Balancer","/sbin/pfctl -a slb -s nat"); defCmdT("pftop -w 150 -a -b","/usr/local/sbin/pftop -a -b"); defCmdT("pftop -w 150 -a -b -v long","/usr/local/sbin/pftop -w 150 -a -b -v long"); defCmdT("pftop -w 150 -a -b -v queue","/usr/local/sbin/pftop -w 150 -a -b -v queue"); defCmdT("pftop -w 150 -a -b -v rules","/usr/local/sbin/pftop -w 150 -a -b -v rules"); defCmdT("pftop -w 150 -a -b -v size","/usr/local/sbin/pftop -w 150 -a -b -v size"); defCmdT("pftop -w 150 -a -b -v speed","/usr/local/sbin/pftop -w 150 -a -b -v speed"); defCmdT("resolv.conf","cat /etc/resolv.conf"); defCmdT("Processes","ps xauww"); defCmdT("dhcpd.conf","cat /var/etc/dhcpd.conf"); defCmdT("ez-ipupdate.cache","cat /conf/ez-ipupdate.cache"); defCmdT("df","/bin/df"); defCmdT("racoon.conf","cat /var/etc/racoon.conf"); defCmdT("SPD","/usr/local/sbin/setkey -DP"); defCmdT("SAD","/usr/local/sbin/setkey -D"); defCmdT("last 200 system log entries","/usr/sbin/clog /var/log/system.log 2>&1 | tail -n 200"); defCmdT("last 50 filter log entries","/usr/sbin/clog /var/log/filter.log 2>&1 | tail -n 50"); defCmd("ls /conf"); defCmd("ls /var/run"); defCmd("/sbin/mount"); defCmdT("cat {$g['tmp_path']}/rules.debug","cat {$g['tmp_path']}/rules.debug"); defCmdT("VMStat", "vmstat -afimsz"); defCmdT("config.xml","dumpconfigxml"); defCmdT("DMESG","/sbin/dmesg -a"); defCmdT("netstat -mb","netstat -mb"); defCmdT("vmstat -z","vmstat -z"); exec("/bin/date", $dateOutput, $dateStatus); $currentDate = $dateOutput[0]; $pgtitle = $g['product_name'] . ": status"; include("head.inc"); ?> **Note: make sure to remove any sensitive information (passwords, maybe also IP addresses) before posting information from this page in public places (like mailing lists)!** Passwords in config.xml have been automatically removed.</mk@neon1.net></jimmc@macrovision.com>

Cory,

A complete list of recommended vendors can be found on the web site at http://www.pfsense.org/vendors though I am not sure if any of them are in Canada.

At work, we typically buy ALIX boxes and things of that size from Netgate, and build larger boxes internally. We are in the US, though.

IIRC IPsec from the iPhone will only work with pfSense 2.0 onwards.

Have you tried to leave the "host" field empty and just enter the name over which you access the server drectly in the "domain" field?

Like in the attached screenshot here:
http://forum.pfsense.org/index.php/topic,9440.msg53554.html#msg53554

i am also interested. could you give us more info on the state of this project?
tnks

Did anyone ever figure this problem out on a 2wire?

I have been trying to get my 2wire into bridge mode and working with my pfsense box with no luck. No luck meaning I can not access the internet with any of my machines. Is there some magic trick to getting this done? I am running on a windows 2003 domain with DNS, DHCP, RRAS and Active Directory. I know the pfsense box wants to enable DHCP. I have tried to disable DHCP in the Windows box but with no results. Does bridge work on the 2wire with pfsense?

On a side note, I can get internet out of the pfsense box if I do not enable the bridged setting on the 2wire but this defeats the purpose as the 2wire is still handling routing and firewalling. I have disabled DHCP on the 2wire as my windows machine handles that.

Any help you or anyone else might have would be appreciated.

By the way, I am running dynamic dns with a client application that keeps my ip address and domain name in sync.

Thanks!

@wallabybob:

Using internal DNS servers doesn't control where people can go, it only controls the name to address translations. If you know someone's phone number you don't need a telephone directory to call them.

actually it does, i can make it to where typing in 'help" in my browser takes you to forum.pfsense.org or if you get a denial page (opendns.org) with a custom dns server one can make it so that certain dns names are redirected. remember the dns flaw that was made public a while ago? this was pointed out…
but yes if they know the address its worthless but not many people know help.com's ip (phone #)

Upgrade to 1.2.3 RC3.  There have been a lot of changes and fixes, including underlying freebsd stuff.

Well i wouldn't consider it a problem.
Just something to know :)

You can disable the RRD graphs under:
Status –> RRD Graphs --> Settings
and then uncheck the "Enables the RRD graphing backend." checkbox.

wallabybob, thank you for your reply.

I already validate the version o BIOS and i have the most recent version…
Related with the other test, insert the card in another slot, i only have one pci-e slot available.

Today i will try the boot -v and i will give you some feed back.

Once again,
Thank you

JLN