hi!

try running snort in lowmem mode. there seems to be troubles with the other modes.

regards

cc

@modis:

pfff my router have same problem

Please don't hijack threads. If your firewall rules aren't working the way you want them to, you have them misconfigured. You need to start a new thread and describe your problem.

I say resets… The modem loses connection and all the lights go out.. Then it trys to reestablish connection and that can take anywhere from 20 seconds to what ever.... most of the glitches that caused the problem the modem usually is just down for about 20-60 seconds.  I had to wait until I knew it happened again.  I was playing online last night and the modem dropped me off the net.  I did not reboot the router. So first thing this morning I tried to connect and I had no problems... I didn't have the latest patches/firmware.. whatever it is called.. so perhaps that was my problem.  If it doesn't fix it ..  I guess I will post another message.. thanks for the suggestions  that will be the first thing I look at if it happens again.

Naelr

i have a friend and it`s using pfsense too.He has same problem after he made the upgrade.

Please test a new snapshot and report back, this should be resolved now.

http://snapshots.pfsense.org/FreeBSD6/RELENG_1_2/

I'm not aware of anything that describes what you're after.

In a nutshell - firewall rules affect what can go where, except in cases where the traffic is redirected to a local daemon, because the traffic is then sourced from the firewall itself and your rules do not apply in that case.

I'd like to see an additional tab in the firewall rules page for traffic from localhost to other destinations, which would remove this limitation. Maybe something we'll see in a future release.

I did it. Burnt the CD with Imgburn, and after setting the harddisk on LBA in the BIOS the installation was succesfull. Thanks for the help, GruensFroeschli!

Thanks a lot for your excellent answer.

In fact I thought "WAN Address" was similar to everything on the other side of the WAN interface like on the SonicWall firewall I was administrating before. Your description is very clear and I think the NOT LAN is an excellent idea in my situation.

Your extra comment on the rule processing was very instructive as well. I am certain to reach my objectives now.

Regards,
Chris

Without some details of what you did and what is not working, error messages, etc. this sounds like crazy talk. If the OS got toasted during an upgrade, try re-loading and restoring your config.

hi again

lowering the MTU didn't help also.

the strange thing is i can log on using copete on linux easely. but when it comes to crapy windows, all clients starts complaining.

Seeing as how source ports are generally random, you probably only want to be filtering on destination port.

Go to Advanced and uncheck the box 'Disable NAT reflection'
This is kind of a hack, but D-Link, Linksys, etc. use ugly hacks to do this. If you are hosting a web site/mail server, you really should use the internal DNS instead of the external DNS. IMO, If you are running public servers, you can handle running a DNS server.

yes it will  :D
http://forum.pfsense.org/index.php/topic,6516.0.html

Nailed it.

NATting on the WAN interface is enabled by default.  Switch NAT off (and remember to apply the changes because I did try switching NAT of earlier, but hadn't realised I hadn't applied it)

God, I've spent ages trying to figure out why that was!

Thanks for that- very helpful

While i got you here, quick question - is there any way to we can get Nagios to monitor pfSense? I've looked around but the SNMP stuff seems mostly performance & stats related

Thanks

I'd like to add that upgrading to 1.2 RC-3 has fixed all the log viewer issues I was previously having.  Six boxes fixed and counting…... :)

hi all!

thanks to this post i also managed to get things working, but something i am still wondering about:

i am loosing 2 of my official ip's on the pfsense machine.

does this have to be this way or am i just having a configuration black out, but when i use private ip's on the machine nothing is going thru.

best regards

CC