@robbiett said in Netgate 8200 and Unifi L3 Switch Configuration:

've had to do something like that before, plus leaving myself # instructions in the file so I know what I did:

Thanks for the suggestion. We have a bunch of ephemeral linux containers spinning up and down so I would not want to have to manage updating the host file in our case I think. I could see this being an option if things weren't moving around so much though.

Thanks again.

@jimp fix confirmed. thanks.

@rcoleman-netgate said in Popups when loggin in to pfsense:

@blankman it will also do it on the first login of the calendar year I believe.

Not quite, but close.

It will display the popup if any part of the text changes. We change the copyright year in the text around the first of the year, so the first time someone logs in after that copyright year gets bumped, they'll see the popup again.

@jimp I was afraid of that. :(

Ah, that would do it. Not sure how that could have changed since 22.05 though.

Steve

Strange. Tested now again, and this time it showed up immediately. The one from yesterday is yet to show though... But that is still a finding, then I know that it in fact does work.

Thanks guys!

For anyone that comes across this, to sum up, using a Spider KVM and attaching virtual media to that is what was not working, at least not with BSD.
Using the servers IPMI virtual functions worked.

You should be able to enter hostnames as aliases and the firewall will resolve them if Unbound is configured to resolve DHCP leases. Then you would only need update aliases. That is updated every 300s by default but you can change that in Sys > Adv > Firewall&NAT.

Steve

https://redmine.pfsense.org/issues/14174

@josephchrzempiec

View status without having to login?

I'm not telling you you should, but I can show you what I have : this.
This permits me to see some basic pfSense parameters with the 'tap of a finger' wherever I am on the planet.
It's not a click here, click there solution, as it implies that you temporarily ( ! ) activate FreeBSD package source to install a FreeBSD package called Munin (it will pull in a boatload of dependencies - this was fine, but can be 'dangerous'), and then you have to set it up (some script coding is needed).
Munin isn't the most beautiful grapher out there, it's the one I use for .... many years.

@josephchrzempiec said in View status without having to login?:

Is it possible to run python on pfsense?

I guess it's there in the basic install. I'm not sure.
But install pfBlockerNG-devel or pfBlockerNG :

fa349811-b3d2-4c71-8c66-64bbee3c48af-image.png

and that will pull in Python for sure.

@gertjan

pfBlockerNG, by default, right after installing, does contain an 'example' DNSBL feed

DNSBL isn’t enabled by default. There are plenty of DNSBL feeds that appear on the Feeds tab, but none of those are enabled either.

Hello all, Thank you for replying back to my post. I'm only trying having one server connected to my pfsense router that is all. I was looking for the minimum requirements to run a pfsense router. I have found a few. Sense I only have one server and no need of more I have a small computer with 2gb of memory and 32gb of hard drive on a computer I have should be perfect for it.

Joseph

@steveits Thanks a lot!! it worked!! I wish i could buy you a cup of coffee.

@deanfourie Normally MITM is achieved by installing a CA cert on each device and then creating "certificates" on the fly. Can be done on a PC but you can't really install your cert on an IoT device.

Easier to just block DoH per the above and then if you need to, allow a device to use it.

@patryan I like the simple ones!

Ted Quade

@pf-sense-help here is a quick walk thru I did years ago, that still valid

https://forum.netgate.com/post/831783

This is how you would create a CA, sign a cert and have your browser trust it. You can use whatever sections of it you need if parts have already been accomplished.

@rcoleman-netgate
Am I correct that the i915 kmod video driver would not help with this as it not loaded at the time boot menu shows?

Btw I tested booting 2.7CE (feb 15th build) from usb-drive and it had the visually correct boot menu.
For proper testing, I would need to swap in another ssd and make a test install with 2.7CE, but I don't think I'll waste time at that...

@johnpoz Thanks! That worked just fine. I am not knowledgable about certificates and was nervous about changing anything that might break web access.

@stephenw10 Yeah, it's recurring, still nothing in a Zpool scrub.

@stephenw10

LOL me 2
ill have to reload the old settings on the old hardware and load the patches 1 by 1 and see what fixed it i guess.