I did not get things working with siproxd and asterisk. Maybe I am feeling slow to day, but I am not getting it. Where should my asterisk box be pointing. I have a connection with iconnecthere and sipphone, and fortunately these are my only 2 SIP based providers. So what I need to do to the asterisk side so I can route my SIP accounts through siproxd on the pfsense box?

K

@Leoandru:

@billm:

The client connection limit and max connections/second are for the rule.  Soooo if client connection limit is set to 10, you can have 10 state entries total, it could be 10 from one host, or one each from 10 hosts.  New connections/second works the same way.

–Bill

Is it possible to have the Simultaneous client connection limit work on a per host basis? It would be a nice feature. I have been having problems lately with persons running bittorrent opening many connections all at the same time.

EDIT:

What about an option for limiting the total number of connections per source? "max-src-conn"
In other words, limit the maximum number of simultaneous TCP connections which have completed the 3-way handshake that a single host can make.

Work up a GUI + filter.inc patch and we will entertain it.

Ok… I wait...

Thank!!

Let me know if you need any test...

do you have setup the firewall rulles for ping ?
if you put on the lan tab the opt1 tab and the opt2 tab this rule
icpm * * * * *

then they can ping lan network opt1 netwerk opt2 network and the internet

It works
Thanx a lot

@sullrich:

Aren't you comparing apples to oranges?  Last time I checked m0n0wall doesn't support atheros.

True, m0n0wall doesn't support Atheros. I need to check this with the atheros card removed.

apparently now works fine, thk sullrich :D

Wait for beta2 which has a static port option.  Search the forums for more information as this has been talked about already.

Yep.

In my experience blocking 6881-6999 will help in most cases.  A more effective solution involves squid.  Look at one of the squid threads for my suggestion of this feature.

This is the same problem like here: http://forum.pfsense.org/index.php?topic=293.0
You have to use advanced outbound nat to create additional nat mappings for the internal networks pfsense doesn't see directly (in the webgui at Firewall>NAT, outbound tab).

Also make sure you have all routes setup accordingly.

Don't worry, my NIC can't support 802.1q ;-)

delete this

Thank you

Merry Christmas ;-)

Use the virtual ip option and setup the ips as CARP or PARP.

Although inputting 8 class c's is not going to be fun!

Be carefule with update_file.sh … It pulls from CVS HEAD and not RELENG_1.

Speaking of which, it's time to fix this problem.

LOL … nope!  ;)  Guess I should go back to my roots of just trying to click on everything!

Thanks again...

-- Phob

Determined that the problem was due to a software firewall glitch on the workstation, not the fault of pfSense.

Thanks!

– Phob

Ok, read that too quick. you are right. TTL is not configurable.

@charles.regan:

PFSENSE thinks both network are on the same subnet, but they are not!!!

Sure they are! 149.217.134.0/24 includes 149.217.134.184/29. There is no router in the whole wide world that can handle this  ;)

Nice :-)

would be an interesting idea…

keep on to the release state !!!