@zedbra That was an issue that cropped up a while ago. That’s basically the fix. https://redmine.pfsense.org/issues/13132

Yes the gateway is almost always inside the WAN subnet so most of the IP address will be the same.

@michmoor said in netflow and graylog: Few things ive been able to do with GROK parsing is not to clean up my unbound log files and create fields that are important to me and good for tracking. I'm running Graylog 5.2 now, had to build gcc 11.1.0+ from source, it took a few hours in my raspberry pi 4 but it is working :) @michmoor said in netflow and graylog: I just dont know how to enrich data using dns for IP lookups but thats ok I'm using PTR for that purpose, if there is something I can help, just let me know. @michmoor said in netflow and graylog: Few things ive been able to do with GROK parsing is not to clean up my unbound log files and create fields that are important to me and good for tracking. Ow, that is really nice :) If it is possible, can you share how you are getting those statistics from Unbound ?

@NollipfSense I know. Ours is set to reject. We hardly see any spam at all.

@coxhaus said in PFsense hardware recommendation HELP!: Why 12th gen? Is the CPU instruction set that much different? It was the OP's choice and I just affirmed...

@uber949 2100 or the new 4200

@Popolou thanks

@heisenberg352 Thank you. This did the trick for me as well.

What’s weird is my safexcel cipher chip shows id errors in 23.09.01 and no info. Like it’s having issues.

@johnpoz I Hera you, just trying different doors … I guess it’s ok as is after all

It worked for the old package!!! I needed to install the dependency first. It is installed and working but I can't see it in the package manager is that ok if it is not listed in that area? pkg install -f -y /tmp/snort-2.9.20_3.pkg [image: 1705024768044-screenshot-2024-01-11-at-5.59.10-pm.png] pkg install -f -y /tmp/pfSense-pkg-snort-4.1.6_11.pkg [image: 1705024743146-screenshot-2024-01-11-at-5.58.48-pm.png] working [image: 1705024803959-screenshot-2024-01-11-at-5.59.45-pm-resized.png] Only Issue: No snort listed.. [image: 1705024880615-screenshot-2024-01-11-at-6.00.56-pm-resized.png] However it is detected with pkg upgrade [image: 1705024993004-screenshot-2024-01-11-at-6.02.34-pm-resized.png]

Yeah it must be auto-negotiated. Which NIC are you trying to use? Do you know what the ISP device is set to? Was it previously connected to something else?

@stephenw10 Thanks, I will look forward to when it's released.

They should close this Redmine the templates are listed in 23.09.01 now correctly.

Unless you use a TAP connection to make an even bigger layer 2 segment spanning it all. Which would be bad!

@stephenw10 A cosmic event. Ted

@stephenw10 I completely removed Suricata and it's been up for almost 6 days at this point.

@chudak If NGINX runs on a device behind pfSense within a private subnet you have to forward 80 and 443 to it, of course. Firewall > NAT > port forwarding. Add a rule: interface: WAN protocol: TCP/UDP destination: WAN address destination port: HTTP Redirect target IP: NGINX IP Redirect target IP: HTTP Add a second rule for port 443 (HTTPS). Ensure that the webGUI is not listening on port 80/443. System > Advanced > Admin Access > TCP port

@stephenw10 Thanks alot It is working properly now ! You saved me

Ok. You still need to do something to avoid route asymmetry. So that would be either putting LAN onto a pfSense interface or moving the pfSense WAN to a different interface on the Mikrotik router.