If you are under attack again use the packet capture from diagnostics>packet capture to download some of the traffic. You can then open it with wiresharp for further analysis.

Thanks Hoba,

Easy to see in the gui but if I am looking at the syslog and I try to find Rule 53 in the rules.debug, there is no way to easily pinpoint which rule is allowing this to pass through.

Thanks,

Mark

Okay I think the block has taken effect cuz there is no traffic to the restricted address.

@Kapara nice tips I will do that (maybe create a .bat file for that registry tweak) or just disable the automatic update from the GUI

i think this is a good idea

Hi,

i reinstalled everything and it's working now

Thanks

http://forum.pfsense.org/index.php/topic,8514.msg50584.html#msg50584

thanks

I have succeeded in getting the Linksys PAP2T and SPA942 phones working with Trixbox and Freeswitch from in and out of the office. I also have a Cisco 7940 and have used it successfully in the office. However I don't count any phone that requires a TFTP server to pickup its config as a really good choice for an out of office phone. Its probably possible but more complex because of the TFTP server. If I were to attempt this with the 7940 one method would be to setup a TFTP server and install that inside the external network. Then copy TFTP files to the TFTP server. Next choice is to setup a remote firewall that establishes a VPN and use the main TFTP server. Another choice is to use a phone that doesn't require TFTP Server like the Linksys SPA942. Perhaps the final choice is to put a bounty for SIPProxyD, OpenSer, or a step by step tutorial specifically for external Cisco TFTP Phone.

Some people have mentioned in this thread that SIP was designed poorly. I thought the same thing for a period of time. However the design allows for a SIP session to be setup and maintained at one location (useful for billing purposes). While the RTP (audio) can be moved to an another provider or in other words you can initiate the call and skip the man in the middle. That can mean better audio.

@hoba:

@ahpaul:

All my UDP being blocked!!!

Yes, and you should be happy about that because that means the firewall is working!!! Check the ports that get blocked. They don't have to do anything with your portforwards at all.

Well, I know it's working fine, but why my eMule KAD still getting blocked?

Wifi clients will be behind pfsense. They already got another server for  router + web cache (squid? not so sure), they only need captive portal function for wifi client.

Oh god!

I tried to leave the gateway blank.
If I put a blank in it, pfsense doesn't accept. If I leave it empty, then it works without a gateway (yes, I am a newbie in pfsense).

So now have no gateway in OPT1 and now it works!

Thank you very much!

thanks.

YEA! Now they are all works after change MTU to 1472 not the 1500 by default from my ISP.

Cheers and Thanks!  ;D ;D

Yes,

I am pretty sure about hbci, as I entered the value "3000" into the input field.

But your hint with the antilogout worked. Now the second machine cannot
access the ntop status page any longer.

Would nerver have found this myself! Many thanks to you!!!

kind regards,
Marcus

I just remembered, I also have another network on OPT3 (192.168.6.0/24) I could not access the web gui via 192.168.6.1 (OPT3 IP). Do I need to open up rules to the web gui on that interface also?

Just for fun I downloaded the latest live iso and used it with another machine and entered the rule, it did not work either.  :'(

Proto    source    port    destination    port    gateway    Schedule    Description
*        *          *        *                *        *                              DMZ

So setting the above for an interface ('Choose on which interface packets must come in to match this rule.') will mean that interface is no longer firewalled.

Thanks :)

PS. It's also worth mentioning, in case anyone uses this, that it would be important to stop the above interface 'talking' to the LAN like this:

Proto    source    port    destination    port    gateway    Schedule    Description
*        DMZ net  *        ! LAN net      *        *                              Permit DMZ to any BUT LAN

this work perfectly thank a lot of !

It's in 1.3 already.