By hand - details of the process can be found in a number of threads in the packages forum.  That will not give you a GUI, you'll have to maintain Snort through the config files.  Alternatively, upgrade to 1.2.1 beta and (from what I've read) you'll find Snort available in the package system.

You'll also need some reasonable hardware (at least 1 GB of RAM, a 1 GHz CPU that's currently >90% idle and non Realtek NICs) as running Snort has major performance implications.

Many thanks to itshuge for that solution, I'm a total newbie, when it comes to tinkering under the bonnet of linux, this might help other newbies, I had to change value to 840, not 802

Ok well I was able to successfully establish a proxy session via another machine, so apparently the machines I used in my original tests were experiencing similar problems (most likely user error), but the main machine I use (FreeBSD 6), well it would appear to be something wrong that would require more in-depth troubleshooting.  But, bottom line is it is not a problem with pfsense ssh host.

Not possible on pfSense at the time.
I think i read something somewhere about being able to use names in firewall-rules in the future so it might be possible with a future release.

Hello. Really i dont Know why the forum members are not answering.

Please Brows I need your help.

I dont know why when ever any customer try to use torrent it makes my network toooo slow.
It seems All the bandwidth going to Torrent and other cant do anything.

All the web page takes too long to load when Torrent is running another computer.

And most important if i chek status of Queues(while Torrent is running) its nothing on P2Pup/P2pdown queues.

But on qlandef its always full when torrent is running.

Please please i juset need to limit the bandwidth of torrent.

So that other user can use net well way.

I will wait for answer.

Thank you

Does DNSer support the same method of updating the IP as DynDNS does?
(DynDNS update is just a http call to url
http://username:password@members.dyndns.org/nic/update?…)

You could then have your pfSense box to do all the work of monitoring and updating the IP by using this solution by Perry:

http://forum.pfsense.org/index.php/topic,9729.0.html

Of course needs some modifications.

Hope this helps.

I second the suggestion you try polling. It will probably help squeeze a bit more out of your machine.

What do you mean by a management VLAN for pfSense? Normally, the management VLANs on other devices are just VLANs that the device listens on with management interfaces. You can get to the pfSense interface on any of the VLANs as long as the firewall rules allow it.

This thread hasn't been updated in a while, but worth a look:http://forum.pfsense.org/index.php/topic,7668.0.html

Have you enabled a firewall rule to allow it to be pinged?

As for access to the 192.168.2/24 network from the 192.168.1/24 network, do you need that?  By default the pfSense host will be NATing all traffic from 192.168.2/24.  If you want to route instead you'll need to disable NAT.

Could it be that your WAN and LAN cards are defined to be on the same subnets what confuses the switches?

@cheesyboofs:

Not strictly true as you can force a client to a specific IP then lock down via firewall rule as to what that IP has access to, But I think the point has been made.

Well, I'm using 1.2 and 1.2.1 and my experience differs!

My laptop's OpenVPN endpoint:

6: tun0: <pointopoint,multicast,noarp,up,lower_up>mtu 1500 qdisc pfifo_fast qlen 100
    link/[65534]
    inet 192.168.102.6 peer 192.168.102.5/32 scope global tun0

My client's LAN firewall rule:

(ie. block, protocols = all, source = my OpenVPN ip etc. )

This should block everything where source is my OpenVPN IP, but I can do whatever I like!

lt-bern ~ # telnet 192.168.100.9 25
Trying 192.168.100.9…
Connected to 192.168.100.9.
Escape character is '^]'.
220 mailserver.xxx.com ESMTP Exim 4.63 Fri, 24 Oct 2008 15:47:03 +0100
^]quit

telnet> quit
Connection closed.
lt-bern ~ # ping 192.168.100.1
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data.
64 bytes from 192.168.100.1: icmp_seq=1 ttl=127 time=74.3 ms

--- 192.168.100.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 74.316/74.316/74.316/0.000 ms

Perhaps there's something I've overlooked?</pointopoint,multicast,noarp,up,lower_up>

hi guys,

I achieve block ultra surf through this rule in my LAN interface: reject all protocols, source LAN Subnet, source ports all, to 127.0.0.1, any destination ports on default gateway. I hope help.

see ya.

No disrespect intended but you have also learned how to post in a way that we can all read as well  ;D