Ok, figured it out. For some reason my .git/config file was missing the following line:

[remote "origin"]
        fetch = +refs/heads/:refs/remotes/origin/
        url = git://github.com/pfsense/pfsense.git

not always, but since i started using squid, earlier i have no idea

So i got it to work and idk if this is a good/right way to do it but all i did was go to " Services >> Proxy server: General settings " and ticked Transparent proxy "If transparent mode is enabled, all requests for destination port 80 will be forwarded to the proxy server without any additional configuration necessary." & added the ip address of my tv but as i was testing i got it to work with out no ip address in the box.

So idk if this way is the right way to fix this issue but it works.

Same thing here, also affects the traffic graphs. For me it's only the lan out/wan out though.

Running one physical interface with two vlans for wan and lan.

Check all interfaces and rules for IPv6 rules. After deleting these, the logs shouldn't display any new IPv6 related messages.

Yes, the log and packet capture were with WAN set to static IP.  And, I also noticed some inconsistency in the order of log events…

@wallabybob:

Perhaps the carrier signal from the modem is "flapping". Perhaps these messages are coming from independent processes that don't know what the other is doing.

Actually, when first setting up the system and experiencing this issue the WAN was connected to an AP in bridge mode, and was only connected directly to the ISP modem later in the setup/troubleshooting process.  So, while it is possible that the modem and the AP are contributing to this behavior, it's not likely.

Thanks again.

Seems to related to my ipv6 having issues - soon as I disabled that and removed the ipv6 dns it is working again.

You will need to give more information! With what firmware change did it start happening? Did you update from 2.0.n to a current 2.1-BETA1 snapshot, or from some older 2.1 snapshot?
Is the packet loss on WAN or LAN or what?
Post some output of how you are seeing the packet loss…

No , not through the static route.
You would have to add/ modify the hosts file on the computers that need to use windows file sharing.

Maybe you could set up the MAC address filter in the dhcp server.
Mobile devices that work on both sides would need a mac entry on both routers.

Desktops would only get an IP address if their mac is entered in the correct router.

Alix 2D13 256MB real memory
2.1-BETA1 (i386)
built on Mon Mar 11 20:50:42 EDT 2013
4 OpenVPN shared key servers
2 OpenVPN Peer to Peer SSL/TLS clients
bandwidthd package

When connected to a real internet, so that the OpenVPN servers and/or clients start getting/making connections as soon as they start, "Killed" messages appear on the console late in the boot (I guess when enough stuff is all going that it runs out of memory). led_normalise does not happen (the LEDs stay flashing forever after bootup). The file systems are left RW.
Booted twice to make sure the problem repeats.

Made Ermal's change to /etc/rc - move check_reload_status down to after the main startup code in /etc/rc.bootup

Bootup does not have any "Killed" messages. LEDs normalise at end of boot process. Filesystem is RO.
Booted 3 times - all successful.

Put the code back the way it was before - "Killed" problems come back.

Made the change again - booted and it comes up clean.
Looks like a good thing - I'll keep this change!

Console output before the change:

Welcome to pfSense 2.1-BETA1  ... Creating symlinks......done. External config loader 1.0 is now starting... ad0s3 Launching the init system... done. Initializing............................. done. Starting device manager (devd)...done. Loading configuration......done. Updating configuration...done. Cleaning backup cache........done. Setting up extended sysctls...done. Setting timezone...done. Configuring loopback interface...done. Starting syslog...done. Starting Secure Shell Services...done. Setting up polling defaults...done. Setting up interfaces microcode...done. Configuring loopback interface...done. Creating wireless clone interfaces...done. Configuring LAGG interfaces...done. Configuring VLAN interfaces...done. Configuring QinQ interfaces...done. Configuring WAN interface...done. Configuring LAN interface...done. Syncing OpenVPN settings...route: writing to routing socket: No such process route: writing to routing socket: No such process route: writing to routing socket: No such process route: writing to routing socket: No such process route: writing to routing socket: No such process route: writing to routing socket: No such process route: writing to routing socket: No such process route: writing to routing socket: No such process route: writing to routing socket: No such process route: writing to routing socket: No such process done. Configuring firewall.route: writing to routing socket: No such process .DUMMYNET 0 with IPv6 initialized (100409) load_dn_sched dn_sched FIFO loaded load_dn_sched dn_sched QFQ loaded load_dn_sched dn_sched RR loaded load_dn_sched dn_sched WF2Q+ loaded load_dn_sched dn_sched PRIO loaded Bump sched buckets to 256 (was 0) Bump sched buckets to 256 (was 0) ....done. Starting PFLOG...done. Setting up gateway monitors...done. Synchronizing user settings...done. Starting webConfigurator...done. Configuring CRON...done. Starting DNS forwarder...done. Starting NTP time client...done. Starting DHCP service...done. Configuring firewall.route: writing to routing socket: No such process .Bump sched buckets to 256 (was 0) Bump sched buckets to 256 (was 0) ....done. Generating RRD graphs...Killed Starting CRON... done. Killed Bootup complete

and after:

Welcome to pfSense 2.1-BETA1  ... Creating symlinks......done. External config loader 1.0 is now starting... ad0s3 Launching the init system... done. Initializing............................. done. Starting device manager (devd)...done. Loading configuration......done. Updating configuration...done. Cleaning backup cache........done. Setting up extended sysctls...done. Setting timezone...done. Configuring loopback interface...done. Starting syslog...done. Starting Secure Shell Services...done. Setting up polling defaults...done. Setting up interfaces microcode...done. Configuring loopback interface...done. Creating wireless clone interfaces...done. Configuring LAGG interfaces...done. Configuring VLAN interfaces...done. Configuring QinQ interfaces...done. Configuring WAN interface...done. Configuring LAN interface...done. Syncing OpenVPN settings...route: writing to routing socket: No such process route: writing to routing socket: No such process route: writing to routing socket: No such process route: writing to routing socket: No such process route: writing to routing socket: No such process route: writing to routing socket: No such process route: writing to routing socket: No such process route: writing to routing socket: No such process route: writing to routing socket: No such process route: writing to routing socket: No such process done. Configuring firewall.route: writing to routing socket: No such process .DUMMYNET 0 with IPv6 initialized (100409) load_dn_sched dn_sched FIFO loaded load_dn_sched dn_sched QFQ loaded load_dn_sched dn_sched RR loaded load_dn_sched dn_sched WF2Q+ loaded load_dn_sched dn_sched PRIO loaded Bump sched buckets to 256 (was 0) Bump sched buckets to 256 (was 0) ....done. Starting PFLOG...done. Setting up gateway monitors...done. Synchronizing user settings...done. Starting webConfigurator...done. Configuring CRON...done. Starting DNS forwarder...done. Starting NTP time client...done. Starting DHCP service...done. Configuring firewall.route: writing to routing socket: No such process .Bump sched buckets to 256 (was 0) Bump sched buckets to 256 (was 0) ....done. Generating RRD graphs...Bump sched buckets to 256 (was 0) Bump sched buckets to 256 (was 0) Bump sched buckets to 256 (was 0) Bump sched buckets to 256 (was 0) done. Starting syslog...done. Starting CRON... done. Starting package Cron...done. Starting package bandwidthd...done. Bootup complete

Note: An issue for another thread - what are all the "route: writing to routing socket: No such process" messages about? I think they started coming a month or 2 ago?

Look at the raw filter log (clog /var/log/filter.log from Diag > Command or a shell prompt)

It may be getting blocked going 'out' LAN in which case you should be looking at the floating rules tab.

For me, this problem went away after I set "Top Spammers" to Disabled.  All my other lists are still active.

The HP Smart Array P410i is specifically listed as being supported by the ciss(4) driver. This should be in FreeBSD 8.3. Is it not recognised at all?

Steve

@Comexans:

As far as I know, Open VM Tools does not provide drivers for vmxnet 3 (It supports only vmxnet 2). If you need vmxnet 3 support you should install the "official" VMware Tools by following instructions provided by pfSense.User.1138 on this topic http://forum.pfsense.org/index.php/topic,34043.0.html
Watch out at the second page of the thread as there are some hints if the Tools are not loaded properly after a reboot.

thanks … I have overread / mixed it up in this longer thread when checking for problems  that the OpenVM Tools create only the VMXNET2 device but for VMXNET3 there is still the need for the VMware offered package. I would check this then out when I'm back from holiday ;)

thats the whole thing, i dont have a static ip so why not use some coding to feed in ip when it changes to it, mayb a drop down similar to gateway which can be selected and it changes with ip change

try to force file permissions alerted in logs and see if cert dir exists.

@wallabybob:

The printer works now?

Yes, It works now, I forgot to say it does.

@wallabybob:

@stoffix:

Have I done something stupid now, or is this the "proper" way to do this?

Since you moved packet filtering from the bridge interface to member interfaces (none of which is LAN) the default filtering on the bridge member interfaces would likely be "block everything". Hence to get equivalent behaviour you would need to copy your LAN interface rules to all your bridge member interfaces. The "proper" action is to set the firewall rules to what you really want.

After eyeballing the new rules, I see that this is just what I have done (for ipv4, I don't use ipv6).

@wallabybob:

@stoffix:

I also noted this message in the system logs while changing the system tunable back and forth:
php: /system_advanced_sysctl.php: The command '/sbin/sysctl vfs.forcesync="0"' returned exit code '1', the output was 'sysctl: oid 'vfs.forcesync' is read only'

Some sysctls can be changed only at boot time. I suspect this is one of those. This sort of thing can make the system log a bit ugly but I don't think there is an easy fix except perhaps don't set any sysctls to their present value.

Ok, that kind of explains it. I didn't change that sysctl, but I guess all sysctls gets updated when I apply changes, even just to one sysctl.

http://redmine.pfsense.org/issues/2883