• Alix APU baud rates?

    12
    0 Votes
    12 Posts
    9k Views
    K

    The kingstons in the raid have been great so far - They have to go 5 years before I call them officially great.

    Right now, they are only at year one.  But TRIM is set up correctly - I think that is key.

  • Amazon.com pages stall while loading

    1
    0 Votes
    1 Posts
    516 Views
    No one has replied
  • DDNS Showing correct WAN IP but updating with incorrect IP

    5
    0 Votes
    5 Posts
    2k Views
    F

    Well, got this one sorted out.  :P

    I found a router which I had plugged back in and was using as a switch which was calling dyndns.org with updates. Because it was not going through the FW rules, it was picking up the w rong gateway and hence, IP address. Disabled it and all is well….

  • PfSense and Asterisk and SIP trunks not working

    2
    0 Votes
    2 Posts
    746 Views
    K

    Yes - Snort will often just protect you to death…

    I often recommend it to people I really dislike.

  • Extending LAN Subnet Between 2 Datacenters?

    10
    0 Votes
    10 Posts
    2k Views
    K

    Yep - Its pretty cool for what you need.

    There is another guy who is trying to get 3 or 4 separate sites communicating well - For him, this is probably also the best / easiest option.

    But easy is relative - Maybe he will see your post and ask your instruction.

  • Newb alert: Can I run 2 pfsense firewalls

    3
    0 Votes
    3 Posts
    937 Views
    S

    OK. Gotcha. Thank you. I look into it

  • Bridge across LAN ports

    9
    0 Votes
    9 Posts
    2k Views
    stephenw10S

    It's been answered plenty of times, the OP has done it correctly here. If you bridge the interfaces and move filtering from the bridge members to the bridge interface then the resulting interfaces will behave like switch. It will be much slower than even the cheapest switch (in most cases) but there are advantages. You can filter traffic between the ports for example. There are legitimate reasons to do this, buying a quad port nic just yo bridge them is not one of them.
    I have 3 interfaces bridged on my home box here. It has 10 NICs, they aren't removable and I don't need 10 subnets. The box cost me £40.  ;)

    Steve

  • Anonymouse-Proxy

    8
    0 Votes
    8 Posts
    2k Views
    K

    Yep - Now you have to block every proxy service on earth by name or IP also….  Good luck.

  • L2TP/IPsec question

    3
    0 Votes
    3 Posts
    838 Views
    R

    Thanks jimp

  • For school; students blocked from sites that teachers are allowed. How to?

    Locked
    10
    0 Votes
    10 Posts
    3k Views
    H

    you could indeed block https intirely for students ….

    in the schools i work, the students NEED access to dozens of https sites to be able to do their tasks, because teachers implement new educational websites that require login/passwords.

    This would force me to "white list' a couple  of https site's on a weekly basis. I don't have the time for that.

  • PfSense throtteling WAN bandwidth?

    24
    0 Votes
    24 Posts
    5k Views
    K

    Sorry - Mixed my apples and oranges.

    Did he try switching LAN and WAN?

  • RUDP?

    2
    0 Votes
    2 Posts
    869 Views
    jimpJ

    I suppose that depends on how it's implemented.

    It looks like it can run over standard UDP just with its own payload format, in which case it would look no different to pfSense than normal UDP and wouldn't require any special handling.

  • Constant HDD activity

    4
    0 Votes
    4 Posts
    1k Views
    jimpJ

    There are parts of the system that write periodically. Logs, gateway status, graphs, and several other things could be getting written to the disk, though it shouldn't be completely constant.

    If you run "top -aSH", press 'm' to switch to i/o view which will show you which active processes are writing/reading at the time. The normal top view is CPU only and wouldn't tell you much about the disk.

  • Set maximum login attempts HTTPs admin

    3
    0 Votes
    3 Posts
    2k Views
    jimpJ

    The system tracks failed logins and if there are two many (I believe it's 15 in 5 minutes) then it blocks the offending IP for a couple hours to discourage brute force attacks.

  • Weird RRD Graphs average 40% packet loss normal? - Optus Cable AUS

    13
    0 Votes
    13 Posts
    3k Views
    K

    OK.
    Thanks everyone for their input.  It seems there does seem to be an issue with apinger….but...
    the main issue seems to stem from an ip phone plugged into the network (SNOM 720).  Once it was disconnected.. BAM! problem disappeared.  still waiting for enough time for the RRG graphs to verify this, but this seems to be the case.
    here is the graph from bandwidth (obviously from later than OP post):
    Traffic graphBTW.. My ISP plan with Optus Cable is 100Mbit/1.5Mbit
    :(

  • Stupid noob config question..!

    4
    0 Votes
    4 Posts
    1k Views
    A

    Well I have no idea what happened.. I changed nothing yet over night suddenly it's working… very strange indeed. I think maybe my DNS hadn't updated.

    Not ideal but at least it's working. I just need it for an assignment for uni.

    Thanks guys

  • Can`t bind squid to loopback

    2
    0 Votes
    2 Posts
    1k Views
    F

    Noones any explanation for this issue?
    I just want to understand where the problem is, even if the solution is pretty obvious (that is, dont bind squid to loopback)
    If someone maybe can explain to me why this problems occurs, that would help me a lot :)

  • Adding pfSense web certificate into Google Chrome

    6
    0 Votes
    6 Posts
    6k Views
    KOMK

    I played with transparent HTTPS proxy a few months ago but I'm not running it at the moment.  Yes, when I did go to HTTPS sites I didn't get any MitM warnings.

  • Traffic shaping went wrong

    1
    0 Votes
    1 Posts
    698 Views
    No one has replied
  • Kernel error on IP change of OpenVPN link

    1
    0 Votes
    1 Posts
    645 Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.