@hdavy2002: Hi, I have a dual core dell server with 4 GB Ram and 37 GB drive in Raid 0 My memory use is about 9 to 25% most of the time. I have Snort, Squid (Transparent), Ntop, Nmap, Bandwidth running. Once in a while, my GUI freezes and from outside, I cannot do any RDP or SSH into the box, the internet is working as I can use logmein.com to get inside and then do a reboot using ssh. I cannot understand why is it doing? Can someone point out anything weird Thanks all i have a problem too.. the problem is after i'm implementing the pfsense.. the effect is my router interface always up and down.. and i have to reboot the router every 1 hour.. my memory usage also bout 20% i think the problem is because the filter reload.. but i still can't figure it out yet

check for an update under system>firmware. check to see where its coming from under the current states, when you get it or shortly afterwords or start logging connections and see if you notice a trend

Blocking TCP:R (Resets) and TCP:F (Fin) can be normal, and not indicative of the actual problem. http://doc.pfsense.org/index.php/Logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection%2C_why%3F

I can't explain why it's doing it. WAN2's modem isn't pinging it's LAN port, so I'm at a loss.

Hello, firstly sorry for my bad english but i'm from Argentina and in the spanish post anyone response me. I need help with my firewall. I have installed pfSense+Squid+Squidguard and i have a problem, i need to block some HTTPS. The Https to block is https://imo.im. Already probe writing in "domain list", "expression" and "url list" of the option Destination if the squidguard. I have a ACL configured to block this "Destination Ruleset". With other URL work perfectly. Thanks for your time i hope your response

Oke found the problem I hard resetted the modem and now everything works fine Thanks for the reply's

Thanks! I had pondered that idea at one time tried to do it with NAT and stuff since that seemed like it should have been the most straightforward.  Glad you confirmed that this works and got me back on that track! Note: I didn't even need the load balancer.  Just set the squid box up as a gateway and I set rules for anything on port 80 to use it.  Seems to work like a charm! On the other hand, I am using the load balancing for multi-wan, and squid is plugged into that. I probably will end up using the load balancing for multiple squid boxes… so that's a really nice idea/side benefit! One of my next tasks will be to learn about CARP. I wonder if I can get failover pfSense boxes running to smoothly hand off my increasingly complex setup...

sorry case closed.. the problem is when u don't need the interface.. unplug the NIC and "make sure you deleted it" it is that caused the problem.. case is solved TQ

If you've got squid running in transparent mode, then the rules are applied AFTER the redirect takes place at the firewall - the same as incoming port forwarding. So you apply a rule that governs access to squid itself - see attached file. [image: rules.png] [image: rules.png_thumb]

allow port 80

I finnaly figured it out. In firewall rules for OPT1 I changed Gateway from OPT1  to  Default, also created a static route for OPT1 DNS, everything works flowless, very happy, thank  you, thank you to all the developers of PFSenese.

bump?

Isn't there a simpler method? I'd need a bit of coaching to complete this endeavour

@kirmou: Thanks! We upgraded last friday to 1.2.2 and the CPU load in Site1 seems to be lower now. No problems so far. I'll report… Kirmo Uusitalo The problems still exist in site1. Hangs / reboots every now and then. We switched on "Use device polling" setting in Advanced settings. I'll report… Kirmo Uusitalo

louis-m has a point. It depends on how far you want to go. If you really have a lot of programs accessing the Internet through many different ports then you would have to set those up to explicitly allow outbound traffic only on those ports. It all depends on what you consider more important.