@stephenw10 Thanks for that!

@gstlouis
I'm also using the apcupsd package on an pfSense installation. The UPS supplies a Proxmox server. On this I installed apcupsd as well.
The service connects to pfSense via NIS and gets the UPS status from it and triggers its shutdown on its own.

The shutdown of the server works as expected on power outages this way.
Just ensure that the other hosts shutdown before pfSense.

@stephenw10 ok I will try it later on my test machine

@chpalmer so I have to reboot the modem to connect a new device to the modem Ethernet, that was one thing that wasn't happening today. Got it.

Still no uptream support for the 113 version as far as I can see.

But personally I'd choose an x520 over that every time. 😉

@james-braga said in after upgrade to 24.11: squid doesn´t start:

https://github.com/pfsense/FreeBSD-ports/commit/009dc5f68e0cf1d1a767d1a9119bcbaface44823

It's a patch to ports so you need to adjust the Path Strip Count to 4.

@bmeeks Thanks for the post, but I saw that too. I searched high and low and so far nothing to explain why the “top -aSHm io -o write” command will not show details, only the header. I really need to find how to get the details of what is writing to the SSD (no EMMC here). Many others have done so.

@bmeeks @stephenw10 @michmoor

Just an update. I removed SNORT package and swap usage went down to %7

@bmeeks as you pointed I was using SNORT on a few vlan interfaces and subscribed to paid rules. Since SNORT is not going to be moving to newer releases in PFSENSE anytime soon and I have no technical justification to use it in my home network (LOL - I know, "But I wanted to learn"). Other real world problems take priority.

Will open another thread about file useage, thank you all for the pointer hopefully others will benefit from this thread.

@SteveITS said in Is it *always* good to update pfSense?:

https://docs.netgate.com/pfsense/en/latest/releases/25-03.html#dashboard

Thanks Steve,
The Redmine log appears to be quite positive. Meanwhile I reversed this patch:

which made it a little bit better, but I am pleased to see that 25.03 will bring a definitive fix.

@26289 said in pfsense openvpn status:

Any advice on how to fix this?

tell use what you found here :

0a77966c-1f14-4b59-8563-631fd0bbc741-image.png

the log messages always tell you when things go 'wrong'.

@Gertjan said in Day of week not accepted on Cron package:

would work fine for some, not most of us ^^

I agree but that is what cron natively supports.

@comet424 said in my openvpn site to site i cant seem to ping or access other site doesnt stay stable:

it always defaults to 137

It does that if you click on the state count on the rule to reach the states screen. But if you just go to Diag > States from the menu it should not have anything. If it does I'd check you don't have some auto-fill enabled that's adding it in the browser.

But I don't see any pings in those tables. What we want to see is the pings states created by a failing ping. So start a continuous (or very long!) ping sources from the camera interface address then check the state table at each pfSense to see what it's doing.

@marchand-guy I would say most firewalls have a deny by default setup. However most/many software firewalls have a rule to allow their own subnet. Windows for instance accounts for that by defining different rules for public or private marked networks.

@patient0
Ohh.
I got it.Thanks a lot.

@joseb as @marcg pointed out, it depends.

If the unmanaged switch is connected to a managed switch access port configured to pass only traffic for one specific vlan the unmanaged switch should continue to pass that traffic down to it’s connected nodes and any traffic coming back from those nodes via the unmanaged switch will get tagged by the managed switch on the way to wherever they’re going.

This should be true whether or not the unmanaged switch strips tags or not. But you’ll only get traffic to and from the one vlan you configured at the managed switch port for all of your unmanaged switch. No different than plugging your computer into the managed switch port.

@marcg has a point: managed switches can be had brand new, cheaply. I use Netgear gs308ep managed switches and they work well. And I don’t have to worry about the distinction. I send a trunk line down to my access switches and then set the ports up as access ports for the specific vlans I want for each endpoint or a trunk for a Wi-Fi access point.

@ngr2001 said in Web Traffic Reporting Question:

Perhaps this could be a feature request for PFSense ?

Reply

You could install it their way with an appropriate license key that will give you the features you want.

https://www.ntop.org/guides/ntopng/third_party_integrations/pfsense.html

@Gertjan

It works!

You need to turn on the new machine and check in which order the network cards are recognized.
You edit the backup file of the old machine with the names of the interfaces in the right order you want and then perform the restore.

Issue was the isp router modem combo, bridge mode was trying to give private ip after initially assigning public ip. It would drop the public and then assign a private ip. I reset the modem to factory and re applied bridge mode after and seems to be wiring fine now.

@stephenw10 I agree. I think I did iperf-tests some months ago that looked much better than the scp/sftp-stuff. Sure, it has to be faster, but it was way better.

I will repeat that asap.