Documentation:

wiki style
http://doc.pfsense.org/index.php/Tutorials
http://doc.pfsense.org/

forum
http://forum.pfsense.org/index.php

knowledgebase
http://centipedenetworks.com/support/index.php?_m=knowledgebase&_a=view&parentcategoryid=1&pcid=0&nav=0

Qwest DSL supports PPPoE at most, if not all locations. So you should try using that.

This conversation has been had already in the forums, please use the search function.

After 3 days of messing around with various ways to work around the problem of pfSense not being able to work with a PPPoA QWest ADSL line I hunted down the tech support for DrayTek in the US and talked to the guy about the Vigor 110.

It really sounds like the right device. It is an ADSL modem and PPPoE/PPPoA bridge. It lets the ethernet device (my pfSense WAN interface in this case) pass authentication information to it in PPPoE and it re-encapsulates the information in PPPoA and sends it up to the DSLAM. From then on the ethernet device is directly bridged to the ADSL line and gets the public IP address by DHCP.

The problem now is that the one place I found in the U.S. that sells them wants a minimum order of 1000 pieces. About 999 more than I have a need for right now. Has anyone found a U.S. source for these?

Thanks, Bill

@nocer:

You're missing what version your running so I checked on my 1.3-AA, but it seems that those are not exist anymore…I only found below.

sysctl net.inet.ip.fw.curr_dyn_buckets=256

sysctl: unknown oid 'net.inet.ip.fw.curr_dyn_buckets'

sysctl net.inet.ip.fw.dyn_buckets=2048

sysctl: unknown oid 'net.inet.ip.fw.dyn_buckets'

sysctl -a|grep bucket net.inet.tcp.hostcache.bucketlimit: 30
net.inet.tcp.syncache.bucketlimit: 30

Are those still exist in 1.2* ? Then how about to put those into /boot/loader.conf, or very end of /etc/rc ??

cheers,

Thanks for your help , my pfsense version is 1.2.1 rc3.
If you want to see sysctl net.inet.ip.fw.dyn_buckets , you need use the captive portal feature.
I cannot active the change of value by(set in shell, /boot/loader.conf /etc/rc)

Ok,  so I reconfigured the network so that the test PC is connected DIRECTLY to the LAN port on the firewall.  When I turn off "Enable filtering bridge" everything works.  At this point my assumption is simply that I have not configured my rules correctly.

Is there any guide for basic rules and how to set them up?  To start with, how can I make basic rules for everything OPEN?

Changing the ports from 6970/udp - 9999/udp did the trick…. dont ask me why.... ??? it may be an issue with Nokias Realplayer...

PayPal is really the only way to donate money right now. You don't need a Paypal account though, you can use a credit card through paypal without having an account. Just click the Donate button here: http://www.pfsense.org/donate.html and you can proceed to donate with a credit card without signing up for a PayPal account.

@nocer:

Okay,
Really simple way: Why don't you try adding some lines for static arp or ifconfig in the very end of /etc/rc or
equivalent rc scripts? That helps assign your desired MAC every boot.

Thanx,  I use the simple way. But I hope to get a official method.

Is your WAN DHCP or Static?  If Static did you put the correct CIDR for the subnet?

Traffic is filtered inbound on an interface.
If you test connectivity with a ping you have to allow the ICMP protocol.
The only reason why you're getting an answer on "some" interfaces at all, is probably because the anti-lockout-rule is enabled.
Add a rule on the LAN on top that allows the prtocol ICMP and it should work.

Also you should move the IP range of your DMZ_10.
11.x.x.x isnt an allowed RFC1918 range.

allowed ranges are:
192.168.0.0/16  - (192.168.0.0 to 192.168.255.255)
172.16.0.0/12    - (172.16.0.0 to 172.31.255.255)
10.0.0.0/8        - (10.0.0.0 to 10.255.255.255)

@cinepro:

@Perry:

Maybe you can get local support if you provide country and city information.

I'm in Los Angeles, but I'd be willing to use a remote session.  But I think I'll give Centipede a try.

Thanks!

We also offer full support for pfSense installations.  However, I would give Centipede a try first.

The point is that if you back up your config, when you restore the config it'll install the required packages too (from what I've read here - I've not had to do it myself yet).  That and the fact that the installation size is aimed at working for all hardware, not just brand new stuff.

My solution was to install rsync and then use rsnapshot (which runs rsync over SSH) to back the pfSense host up across the network.

the overall big picture here is you are worried about heat / power usage etc.   the issue is not about installing torrent junk on pfsense.   so get to the root of the problem

a 1200mhz duron wasn't designed to be a 24/7 routing chip, its a desktop processor u could cook your eggs on with big noisy fans etc
yank the power sucking, heat generating firewall pc.   put pfsense on a silent passive cooled embedded device with compact flash. 
then  get another one and install linux and run it just for file serving/torrents

theres even 1u rackmount cases and such that will accommodate two separate mini itx motherboards, then you can have your "one pc" powered on 24/7 but have two independent pc's

bummer nvm maybe one day

OK I will contact my hardware-dealer and ask for freeBSD compatible fibreoptic-card.

Thanks foru your help so far.

@tester_02:

@Sh4:

Install ntop or bandwithd package to keep history

Problem right now in 1.2.1 is bandwithd does not work.

bandwidthd works for me: See last reply in http://forum.pfsense.org/index.php/topic,11053.0.html