source could also be 192.168.0.0 / 24 Where this block rule is? in LAN and first or second rule from the top? Have you resetted your states?(Diagnostics: States: Reset states)

I think it's every 5 minutes, might be a little lower. Probably no real good reason to set it much lower than that.

answering to very last question from you questions: top-to-down and ingress is used => first matching packet win

In the firewall allow ICMP to your WAN interface.

Trying without CARP will be hard to try, but i will as soon as i can. After deeper inspection, it seems that only idle TCP connections encounter this problem. For exemple, only SSH sessions without any traffic will be closed after a few minutes. That is the same thing for LDAP or IMAP connections. Is there something wrong with timeouts in pf ?

i'm doing what you want to do just set the rules  for the ports mentioned above and also make adjustment to your DNS file so Your ips point to the right mail server. and your mx record is set to the right level

use squid and squidguard for filtering/blocking facebook connections. as far as I know squidguard is able to block only on certain times. another possibility could be that you use cron and write a script which redirects facebook.com to google.com in the times you want to block facebook. but I think this is really tricky.

Metu/Cry,     Once I turned on the "Register DHCP leases in DNS forwarder" and "Register DHCP static mappings in DNS forwarder", the hostname lookup started working. I am now able to ping through hostname across the subdomains. Thanks a lot for your help guys. Regards, Sai

Thanks Wendo for your reply. I have secured our VoiP ports using ALIAS and putting as source the ip of our voip providers. From my external phone would be cool to put a rule for allow just the range of my mobilephone provider ip range. Do you know how to do that? (i mean insert an ip class range) Im interested also in this: You can also firewall by country so as to only allow SIP connections from your own country which should cut down on malicious connections. It takes a little work to do this but isn't that hard How i can do that? In the alias it seem that i can insert just single hosts, not ranges… Thanks!

I have resolved the issue, I posted that I did resolve it, but for some reason it did not stick to the forum, probably my fault, but I forgot to add a port forward for that specific IP address that I needed to forward. Thank you for your reply though :)

I think it depends on what you want to achieve with the ARP Poisoning/Spoofing. When i had 100/100 Mbit in a citynet the network got attacked with ARP Spoofing, and it broke the connection with the ISP sporadically. You could clearly see this the Pfsense logs, but i don't think Pfsense has any other problem with this type of attack other than the connection to the ISP gets broken. I'm not too good with the technical but if you have questions, please ask.

Cat going around a table.. I tried to offer pre-emptive solution. Well, can't please everyone  ;)

it should be -D not -L to run on socks

binary_dreamer, There are two Pfsense books out there that are very helpful. I suggest reading them. You will understand better how to set up the router. It can be a bit hard in the beginning for a newb. Take some time and play with it.

what snapshot of pfsense? if you type vmstat -i you can see what is running on that irq

Now that i've read your first post atleast 5 times i still don't know your problem. You have those "holes" what you see in portforwards and wan rules. But do you have anything which concerns you?

@Metu69salemi: smb and ftp might need some more knowledge, try to use search. There is lot of discussion already in this forum here is some info regarding SMB i'm in the proccess to allow file share between ubuntu and windows through pfense this might help on the ports to open netbios- ns -137/tcp # NETBIOS Name Service netbios- dgm -138/tcp # NETBIOS Datagram Service netbios- ssn -139/tcp # NETBIOS Session Service microsoft-ds -445/tcp #if you are using Active Directory some other ports that might help Ports 389/tcp For LDAP port 445/tcp  NETBOIS was move to 445 after 2000 (CIFS) port 901/tcp for SWAT service (web gui to configure Samba) here is a link that i got most of the info i needed also there is a sample ip table http://www.cyberciti.biz/tips/connecting-linux-unix-system-network-attached-storage-device.html i know this doesn't have a sample for pfsense but you can get what rules to create from the ip tables