Thank you all for your replies. It turned out to be Bitdefender antivirus suite causing this. I added an exception and its now working. Sometime this antivirus products causes more issues than they solve lol.

Do you have a complex Unbound config? pfBlocker with DNSBL?

To throughput issue after upgrading to 2.6?

From what? On what hardware? What sort of slow down are you seeing?

Good point! Yeah we can't be converting that all the time but it might serve as a useful example.

@rico Thanks a lot. I was beginning to get worried a little bit.

@stephenw10

Good news is, I now have one more quick thing to add to my post-update checklist. Thanks for the assist!

@stephenw10 as always, you are a star!

That worked. I am now on a fresh install of 23.01, with the boot loader value disabling the ichsmb device. And yes, the webgui works as well.

Now on to more mundane things, such as why the package manager doesn't show any branch to select, etc....

Thanks!!

@johnpoz said in Changed both SSH and HTTP ports (and forgot to adjust my rules)...:

@furom so was the antilockout disabled? Were you coming in on a different interface then where the antilock is?

Exactly it. I was connecting through another interface. I wish I had remembered that, but thankfully not that often I need it... :)

@deanfourie Are there any errors logged for those services?
“Nslookup hostname pfSenseIP”
…will test DNS directly.

Hmm, something must be connected there.

Try running a pcap on each to see if that traffic is actually there.

When the WAN pulls a lease from pfSense does it show the other interface as the DHCP server MAC?

Steve

Nice. Thanks for following up. 👍

It's more that it doesn't get updated under some circumstances still to be determined.
A clean install is not affected.

Steve

@jonathanlee yep I agree. The new status icons are extremely helpful. I love it

@netboy Never mind....

This worked.

Removed CNAME x.mydomain.com Configured Dynamic DNS in google domain for x.mydomain.com Used pfsense SERVICES -> DYNAMIC DNS and selected "google domains" and entered username and password and voila x.mydomain.com works and points to my server

Sorry for the confusing post.

After some discussion with their support they disabled CGNAT for me. :-)

-Rico

@gertjan said in How to detect P2P traffic and block it using pfSense:

I still doubt that a app on some pc somewhere on some LAN will 'cooperate' by having it's activity detect by some upstream device running snort and the OpenAppID detector.
I should really try it out, as I have, in theory, a device (4100 MAX) that would be able to do so.

It is a cat and mouse game between the p2p software developers and the IDS/IPS Layer 7 detection software developers. The goal of p2p is to "elude" detection, and the goal of stuff like OpenAppID is to "detect" p2p. Currently there are some things that do still happen in the clear during initial session setup, and that allows detection. Of course tomorrow some p2p variant will make a change to foil that detection, and then the OpenAppID folks will respond. So, back and forth the game continues.

@johnpoz No it's not that not sure how that got there.

@vpittman

One other thing is with a VLAN, you could give VoIP priority over other traffic. However, that's not much of an issue these days, with Gb switches.

Problem resolved : https://redmine.pfsense.org/issues/12834

You can install the System Patches package and then apply this patch directly from the built-in Recommended Patches list.

The patch is available in the System Patches package version 2.0_4 or later, no need to create a manual entry.