I will try that later because I really can't now.
Thanks for helping

If you didn't have the problems you encountered, I'd have been very worried.

Figured it out… it was something so basic as flushing dns on the pfsense box.  :-[

Try the "urlsnarf" package, it's run from the command line but you could output it to a log file.

Thanks :). subscribed to the mailing list.

Thanks BBcan177

I clear cache on Chrome and there is no 500 error.

Easily done.  ;)

Steve

So you're booting from the CF card with a Nano image on it, yes?
Two issues. Nano doesn't use the fstab to mount the filesystems. The Nano image disables DMA so disk access is slow. Fortunately others have been here before you.  :) Have read through this thread:
https://forum.pfsense.org/index.php?topic=67823.0

Steve

That sort of restriction I would be looking for a connection issue, probably a duplex mismatch. Check the Status: Interfaces: page for errors.

Steve

You're right.  Looks like it's rolling 500KB log files!  Thanks!

@stephenw10:

The pfSense logs are already kept in a rotating format with a fixed size. I wouldn't have thought it would be that difficult to increase that size. Not tried it though.

Looks like they're generated here in /etc/rc

DISABLESYSLOGCLOG=`/usr/bin/grep -c disablesyslogclog /cf/conf/config.xml` ENABLEFIFOLOG=`/usr/bin/grep -c usefifolog /cf/conf/config.xml` LOG_FILES="system filter dhcpd vpn pptps poes l2tps openvpn portalauth ipsec ppp relayd wireless lighttpd ntpd gateways resolver routing" for logfile in $LOG_FILES; do if [ "$DISABLESYSLOGCLOG" -gt "0" ]; then /usr/bin/touch /var/log/$logfile.log else if [ ! -f /var/log/$logfile.log ]; then if [ "$ENABLEFIFOLOG" -gt "0" ]; then # generate fifolog files /usr/sbin/fifolog_create -s 511488 /var/log/$logfile.log else /usr/local/sbin/clog -i -s 512144 /var/log/$logfile.log fi fi fi done

There is a package for running a syslog server on the pfSense box you might also look at.

Steve

Ah, I decided to go with a different board actually guys.. (I posted that earlier.) But I do intend on getting this board for myself. It's just such a beautiful board and would make such an amazing pfsense box that I want to give it a shot in my free time. :D But I will be broke for a while..

Hi Guys,Thanks for your advice !

interesting… :)

Thank you all for Answers!

But may be no need to use VLANs at all. Get the config file form the old GW and don't see any VLAN configurations there. May be ISP admins think that they have active VLAN.

First Ill tray IP configuration without VLAN.

I'm moving this thread over to here.

@Derelict:

You can't use 10.0.0.0/8 and 10.X.X.X/16. those subnets conflict.

facepalms  Doh, I knew I forgot something.  I've given the non-VLAN'd LAN 10.0.0.0/16 and left the rest as it was, and tweaked the config on the switch itself so it has the right net mask.

Anyways, weird discovery: Apparently there was a static DHCP assignment that got added for the client system and somehow THAT broke VLAN routing of information.  Either that, or dhclient decided to go and break itself.  It looks like the issue might've been related to that, because now data's being routed correctly.  shrugs

@AIMS-Informatique:

Why are you telling him to switch from trunk to general

This is due to the way some switchs understand and handle this spécific Trunk mode. And no, Trunk isn't like general, as a Trunk would assume to carry and forward all VLANs, even thoses not configured. So the behavior of a Trunk is slightly different. Generally a Trunk config will be necessary if you plan to enable GVRP.
Plus, for my point of view, it is better to know your network and set up only what needed.

It is true that ciscos switchports in trunk mode can carry all VLANs, but you can also limit them only to specific VLANs with "switchport trunk allowed vlan add XXX,YYY,ZZZ" like I described. This has the effect of making the trunkport only forward traffic for the allowed vlans and discarding any received frames tagged for unconfigured VLANs.

Yes you can. This is called Squid + SquidGuard as PF packages.

Good luck.

Mark,
You are not displaying the good RULE interface. What you need for playing, is INCOMMING connection. What shows your DMZ tab in your FW rules are your OUTGOING trafic (pass or block).
On your WAN tab, specify an allow all rule to DMZ subnet destination. So that your DMZ play its role : being demilitarized…

I'm afraid you will have to deal with AON to... (manual NAT). Unless you struggle with port forwarding from each of your game support (Nintendo / Sony / steam...), and configure the good ports to be forwarded for each service.
Believe me, you'de better work on Manual NAT (and static ports) rather thant seeking for editor's information about port forwarding.