You should be able to enter hostnames as aliases and the firewall will resolve them if Unbound is configured to resolve DHCP leases. Then you would only need update aliases. That is updated every 300s by default but you can change that in Sys > Adv > Firewall&NAT.

Steve

https://redmine.pfsense.org/issues/14174

@josephchrzempiec

View status without having to login?

I'm not telling you you should, but I can show you what I have : this.
This permits me to see some basic pfSense parameters with the 'tap of a finger' wherever I am on the planet.
It's not a click here, click there solution, as it implies that you temporarily ( ! ) activate FreeBSD package source to install a FreeBSD package called Munin (it will pull in a boatload of dependencies - this was fine, but can be 'dangerous'), and then you have to set it up (some script coding is needed).
Munin isn't the most beautiful grapher out there, it's the one I use for .... many years.

@josephchrzempiec said in View status without having to login?:

Is it possible to run python on pfsense?

I guess it's there in the basic install. I'm not sure.
But install pfBlockerNG-devel or pfBlockerNG :

fa349811-b3d2-4c71-8c66-64bbee3c48af-image.png

and that will pull in Python for sure.

@gertjan

pfBlockerNG, by default, right after installing, does contain an 'example' DNSBL feed

DNSBL isn’t enabled by default. There are plenty of DNSBL feeds that appear on the Feeds tab, but none of those are enabled either.

Hello all, Thank you for replying back to my post. I'm only trying having one server connected to my pfsense router that is all. I was looking for the minimum requirements to run a pfsense router. I have found a few. Sense I only have one server and no need of more I have a small computer with 2gb of memory and 32gb of hard drive on a computer I have should be perfect for it.

Joseph

@steveits Thanks a lot!! it worked!! I wish i could buy you a cup of coffee.

@deanfourie Normally MITM is achieved by installing a CA cert on each device and then creating "certificates" on the fly. Can be done on a PC but you can't really install your cert on an IoT device.

Easier to just block DoH per the above and then if you need to, allow a device to use it.

@patryan I like the simple ones!

Ted Quade

@pf-sense-help here is a quick walk thru I did years ago, that still valid

https://forum.netgate.com/post/831783

This is how you would create a CA, sign a cert and have your browser trust it. You can use whatever sections of it you need if parts have already been accomplished.

@rcoleman-netgate
Am I correct that the i915 kmod video driver would not help with this as it not loaded at the time boot menu shows?

Btw I tested booting 2.7CE (feb 15th build) from usb-drive and it had the visually correct boot menu.
For proper testing, I would need to swap in another ssd and make a test install with 2.7CE, but I don't think I'll waste time at that...

@johnpoz Thanks! That worked just fine. I am not knowledgable about certificates and was nervous about changing anything that might break web access.

@stephenw10 Yeah, it's recurring, still nothing in a Zpool scrub.

@stephenw10

LOL me 2
ill have to reload the old settings on the old hardware and load the patches 1 by 1 and see what fixed it i guess.

pfSense itself must already have a static IP address on that interface. The DHCP server would not be able to run there if it didn't.

The 'Copy my MAC' function there is the MAC for client you're accessing the gui from, not the pfSense MAC.

Steve

I work for IPinfo. If we are not providing accurate IP geolocation data for you, consider submitting an IP correction request: https://ipinfo.io/corrections

The request goes through the verification process. If the correction is verified within 24-48 hours the geolocation data gets updated.

@johnpoz @dobby_ Thank you I will explore

@rcoleman-netgate Sorry, can not reproduce now this error to make screenshots. Did fresh reinstall of Windows 11 and for this moment no any warnings. That was standard error warning "your connection is not secure and site can steeling your sensitive data."))) Took a look on certificate of this site and was intercept with additional certificate from my ISP! No any idea , how it possible during using of VPN. My laptop was connected with VPN client (ExpressVPN) throw home router ((Router not from ISP and firmware is OpenWRT ) to pfSense box (pfSense plus 23.01 is installed on old laptop). But this warning start coming not immediately on fresh copy of Windows but a few days later. Now after reinstalling will watching out this situation again(((

@ffuentes said in Logs Settings and OpenVPN:

After upgrading from the latest 22 branch to 23.01 I lost my logs settings page
Also OpenVPN no longer wants to start for nether client or server.

I fixed the OpenVPN issue with the patch: https://redmine.pfsense.org/issues/13963

@Stugots open a ticket at https://go.netgate.com and include your current Netgate ID and the order number from your original CE->Plus upgrade token.