It's not a false positive, the AVAHI service on your pfSense is really advertising SFTP even if you don't have the SSH service running. To turn it off you have to edit the AVAHI configuration.

my pfsense ip is 192.168.2.1 i tried using isp dns and google ip 8.8.8.8 all websites open perfect but one new problem cant ping any thing other then google dns and isp provided dns ip. it looks like they are restricting us from using third party dns and not allowing us to ping any ip what wrong dig :( im so frustrated you asked me for "dig @pfsenseIP www.whatever.com" lubuntu@lubuntu-:~$ dig @192.168.2.1 www.facebook.com ; <<>> DiG 9.10.3-P4-Ubuntu <<>> @192.168.2.1 www.facebook.com ; (1 server found) ;; global options: +cmd ;; connection timed out; no servers could be reached lubuntu@lubuntu-:~$ Tushars-MacBook-Pro:~ tushar$ ping 208.67.222.222 PING 208.67.222.222 (208.67.222.222): 56 data bytes Request timeout for icmp_seq 0 Request timeout for icmp_seq 1 Request timeout for icmp_seq 2 Request timeout for icmp_seq 3 Request timeout for icmp_seq 4 ^C --- 208.67.222.222 ping statistics --- 6 packets transmitted, 0 packets received, 100.0% packet loss Tushars-MacBook-Pro:~ tushar$ ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8): 56 data bytes 64 bytes from 8.8.8.8: icmp_seq=0 ttl=58 time=8.675 ms 64 bytes from 8.8.8.8: icmp_seq=1 ttl=58 time=11.394 ms 64 bytes from 8.8.8.8: icmp_seq=2 ttl=58 time=10.896 ms ^C --- 8.8.8.8 ping statistics --- 3 packets transmitted, 3 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 8.675/10.322/11.394/1.182 ms

I think you might be on the wrong forum.

You don't set source port requirements in the NAT rules. What the rule is now saying is "Perform the RDR only if the source port in the incoming packet is 80" (and of course the other requirements have to be met as well). This is never going to be true for regular HTTP traffic arriving to your end, the source port is going to be a randomly chosen port from range 1024:65535.

thank you

Correct, Dirty COW only affects Linux.  BSD's (Net/Open/Free)BSD are not affected because they are not Linux.

You can configure that on the client, or if you're using WPAD you can include the IP ranges and DIRECT keyword.  If you're using Transparent mode, you can use the Bypass Proxy for These Destination IPs option on squid's General page.  Lastly, the proper forum for squid & squidguard questions is the Cache/Proxy forum.

Hi folks, Wondering if anyone is using Cisco SMB switch for the QoS setup for the Google fiber.  If so, it would be much appreciated if the setup/configuration can be shared. -rsa

https://www.google.co.za/url?sa=t&rct=j&q=&esrc=s&source=video&cd=2&cad=rja&uact=8&ved=0ahUKEwjinL_jqPjPAhWFF8AKHZbGCg0QtwIIJjAB&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DnMMFxn7Z3nk&usg=AFQjCNF3_0_xk3YlNLxCwbp_UcTtuWdtyw&sig2=qXkDLFwOIuOzdye8MLpygA&bvm=bv.136593572,d.bGg

Please read the seventh entry in this post: https://forum.pfsense.org/index.php?topic=119731.msg663026#msg663026

What would cause the issue with devices not getting automatically added to the ARP table on pfSense? Not getting the ARP broadcast from the switch. Diagnostics > Packet Capture on LAN_1 and see what's really going on.

I'm more than happy with our new ownCloud versus our crappy old FTP server.

Harvy66, thanks for your reply. I didn't mention it, but my gateways are pretty stable, so it's definitely not the case. Also in the example I provided states was cleared for SSH connection which was made from local LAN to the BACKUP node only. No other states were affected.

1. Yes. Backup the config, reinstall, and restore the config. When reinstalling, use the gmirror option in the installer to make the array. 2. There is a widget for gmirror status, and Diag > GEOM mirrors for status and disk management. If you have SMTP notifications enabled, it notifies on any status change of the mirror. The diag page also offers a way to forget disks, add disks, rebuild arrays, and so on. It doesn't let you create new mirrors, however.

It's under the Firewall menu. https://doc.pfsense.org/index.php/What_are_Virtual_IP_Addresses

what can i check to fix this?

redis is only used by ntopng, and would only be exposed if the WAN rules were really sloppy or if the scanner was on LAN. Your LAN rules might be too permissive for you environment if the latter case is true. You should be blocking all access to the firewall's LAN interface except for services which must be accessed from LAN, such as DNS, icmp echo, maybe the GUI port and ntopng ports if you don't have a dedicated management network.