• Stateful Packet Inspection

    Locked
    4
    0 Votes
    4 Posts
    9k Views
    A

    Thanks for the replies. That cleared things up. For some reason I mistakingly thought layer7 and SPI were the same thing.

  • Bittorrent / DHT / UDP Problem

    Locked
    5
    0 Votes
    5 Posts
    5k Views
    D

    this may be attributed to NAT reflection not being enabled on all configurations.

    The clients checks itself by connecting to the outside port it forwarded and see if it works. eMule has some KAD network issues with this UDP port forward as well. So yes, it would actually work from the outside. But testing from the inside would/could fail.

  • Firewall feature request : users …

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    D

    Starting with version 2 a user manager will be included for administration. That one will be a lot more fine grained. So after 2.0 is released we can do something with this.

    Release schedule for 2.0 is currently quite uknown.

  • What does the '@' in '@184 blocks … ' mean in firewall system logs ?

    Locked
    8
    0 Votes
    8 Posts
    3k Views
    D

    The number is the line number which refers to the rule in /tmp/rules.debug.

  • Connection Losses

    Locked
    12
    0 Votes
    12 Posts
    4k Views
    D

    i've not had the best of experiences with the 3c2000 cards. regardless it should work.

    Did you reboot your box to enforce the ifconfig settings?

    a manual ifconfig sk0 media 100baseTX full-duplex should work anyhow.

    From the console menu, the webgui or ssh, pick one.

  • [Solved] Another ping problem

    Locked
    11
    0 Votes
    11 Posts
    5k Views
    Y

    @KiaN:

    Ok, now I get it :

    @hoba:

    Btw, you should upgrade to 1.0.1. 1.0 had a really annoying bug where rules sometimes were not reloaded.

    Yep, tis why I asked what version you were running. Glad to hear its working now :).

  • Possible solution for bridging and carp (evolved to bridging and STP)

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    P

    Tomorrow already looks promising :)

  • Cannot ping wan ip of another pfsense

    Locked
    6
    0 Votes
    6 Posts
    4k Views
    Y

    No problem. Glad to hear you got it working. Pass the word along about pfsense ;).

  • Remote admin access to WDS network AP's on OPT1

    Locked
    7
    0 Votes
    7 Posts
    3k Views
    H

    remote admin works on the router WAN port only. it works only on port 80 or 8080

    there is a single way to remote admin your routers : setup a PPTP connection to your gateway (pfsense)

    Give me more details to give you more help (I have a similar setup)

    chady

  • Problem with NAT reflection

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    H

    See http://cvstrac.pfsense.com/tktview?tn=1138,6 for how to setup a workaround rule for this problem. At least for natreflection this should work for 1.0.1 without this rule but you will  need it for ftphelper anyway so it won't hurt  ;)

  • Allowing http

    Locked
    9
    0 Votes
    9 Posts
    4k Views
    P

    @jeroen234:

    if port 56 is not open they can not access the dnsserver

    DNS is port 53/UDP (TCP for zone transfers)

  • Simple block of traffic to port 80 on webserver machine

    Locked
    7
    0 Votes
    7 Posts
    3k Views
    M

    Okay, I got it working; it's a tricky if you don't know what you are doing.  Thanks for your help!

  • Blocking access to ntop

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    H

    You have to disable the antilogout rule at lan (system>advanced) which grants access to the lan IP of the pfsense. This rule is in place to make sure you don't log yourself out from the administration. Beware that disabling that rule might log you out if you have incorrect rules at LAN, so verify your settings before applying a new ruleset.

  • Keep finding this address in routes -> 10.18.160.1

    Locked
    9
    0 Votes
    9 Posts
    3k Views
    M

    @sai:

    Port 67 is the port a bootp/dhcp server listens on, port 68 is the port the DHCP server
    sends out information on. So there is a DHCP server on your WAN. These things tend to spew a lot of packets. Very annoying.

    Thanks.

  • Pf tool for evaluating packet's path

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    S

    No idea.  As I told you before, I am not crazy about that patch and you will have to get it into the tree through someone else.  Sorry.

  • Can't ping from subnet to Opt1 subnet

    Locked
    7
    0 Votes
    7 Posts
    3k Views
    M

    I dropped all of the Gateways but still cannot connect to the WAN from my host on the OPT1 network.  I can connect from my LAN to the host on the OPT1 network.

  • Cannot access pfsense box behind a router on the LAN

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    G

    thank u

    works fine

  • After installing 1.0.1 I don´t have firewall logs

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    D

    Yes, sorry, working now!!!

  • Idle connections do not expire

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    P

    Thanks that worked for me.
    I modified the bittorrent rule and set state timeout to 120 seconds and state type to modulate state.

  • Rules not reloading properly

    Locked
    9
    0 Votes
    9 Posts
    3k Views
    E

    My fault it was something else.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.