@periko said in Unofficial E2guardian package for pfSense:

Hello marcelloc or other e2guardian users, does e2guardian is already support for pfsense 2.5.2?
Regards!!!

I've been using it on 2.5.2 for months now, no issues.

@dennypage Nah, I can live with that :) But that only adds to another thing that packages should have more specific hooks like the XY interface instead of "any" interface, as theres no need otherwise. Or OpenVPN that gets restarted pretty often while listening on localhost so would be completely unphased by any changes. Also it'd be nice to have those notifications selectable and expandable so we can get more/specific notifications and disable others :)

But I'll push that in another thread. Thanks for getting back :)

Cheers
\jens

@robnitro That sounds really good.

@stephenw10

Could the voltage calculation have something to do with this? values are off... seem to need to divide by 4 to get in the right ballpark. i will keep looking though

Meaning of the fid and vid
The frequency ID (fid) is the multiplier for the reference clock (e.g. the FSB clock). The voltage ID (vid) is processor specific.

Unfortunately Intel publishes no information about the meaning of this value but the conversion formula for Core CPU's seems to be

UCpu = 700 mV + vid x 12.5 mV

and for Core 2 CPU's it seems to be

UCpu = 800 mV + vid x 12.5 mV

@patrick-pesegodinski maravilha ... sucesso!

@winsonfa

It should still work?

Those errors are just cosmetic, you can ignore.

On my machine, it gives that error but still works.

@stephenw10 Yes it's confusing. I am merely following advice from FreeBSD UPDATING

20170109: The igb(4), em(4) and lem(4) ethernet drivers are now implemented via IFLIB. If you have a custom kernel configuration that excludes em(4) but you use igb(4), you need to re-add em(4) to your custom configuration.

In any case the rx_process_limit tweak was only a 1-2% improvement (at least with previous versions).

Hi guys, I know this is a super old thread - but just wondering if anyone in here could share me the a copy of the last x32 bit via DD configured for the x700 - Please see here for the actual thread with the background as to why: https://forum.netgate.com/topic/133044/pfsense-image-for-firebox-x700

If you change pFSense / Services / Squid Proxy Server / GEneral tab Then check the SSL Man In The Middle Filtering area and change the SSL/MITM Mode from Splice WhiteList, Bumb OtherWise to the Splice ALL

the problem can be solve with a this shape.

OR

With a default value of the SSL/MITM Mode with Splice WhiteList, Bumb OtherWise you can goto ACLs atb and add desıred web site url to the WhiteList area ie: online.kktcmaliye.com

Hello Stephenw10

Thanks much for the message. I will check it, although the service can't start, not with that config.
Anyway, I am also trying to use parallel port configuration since it doesnt' need any interface in between. (I have another display hd44780 compatible with no USB interface)
Will post the results here after all.

Thanks
Fabricio.

@shred yup, I've been there, I also got confuse about that. but that rule is to block other interface to access management port. some of the link or pictures of this guide did not retrieve when netgate upgrade their forum.

02268e4d-4c47-4b6c-b5ed-0cdbe7ee2a20-image.png

@bigjohns97

When passing the nic, the netgraph method works for dealing with eapol.

I was testing NOT passing the nic but creating a bridge specifying .0 as a bridge member as indicated in the proxmox link (https://forum.proxmox.com/threads/how-to-pass-vlan-0-priority-tags-to-pfsense-for-dhcp.112374/ post 2). Which did not work. I got no auth.

Also tested specifying different interface drivers (virtio, vmxnet3, and e1000). The eapol data was just not coming through.

Yes the actual fan speed should vary with temperature. The value you set there is the minimum fan speed, the actual speed is determined by the minimum plus a value proportional to the CPU temp above a minimum temp value.

if you really need ClamAV, use Squid 3-Dev. Works for me using i386 firmware..

I've read the link you sent but still dont get this statement: The "core team" now compile the packages.

try https://lists.pfsense.org/mailman/listinfo/dev if you want to send an email to the pfsense developers or post a bug on redmine.pfsense.org

@marcelloc

Hello, Marcelo:

Do you know how to install SARG in
Hello, Marcelo:

Do you know how to install SARG in pfsense 2.4.4, FreeBSD 11.2-RELEASE-p3 ?

Thanks,
Yosvany

Ok, clear and understood.  8)

@stephenw10 said in How to get pfSense WAN to accept VLAN 0:

I would go with plan 2. Reviewing plan 1 again I can't see how that would work unless it's only DHCP that fails? If so then I guess a static IP might work for some time.... it might not though!

You were right on the money going with plan 2. For anyone out there with the same issue as me the best way to upgrade is to edit your backup config file and change the wan interface to your preference. Not only did I change the wan interface but completely removed the shellcmd package and a lot of left over garbage from past package installs. You can really clean up your config file this way. And if you are using an em or igbx interface you can change your shellcmd (if your using one) to disable vlan filtering so you should be able to grab an IP from your ISP dhcp on your wan interface. Thanks

@stephenw10 yea, very strange. It seems to me that the lcdproc service window where you set that information isn't copying and saving that information.
Thanks again

@pigbrother Для конкретных IP. А для других конкретных IP прибиваем гатвей гвоздями и бай-бай Firewall / NAT / Port Forward

@Oleg2017:

Не подскажите как у вас настроено на одном сервере два микротика. У меня при этом пингуется только один (пингуется из сети за  pfsense-ом) . Тот чья сеть указана  в  IPv4 Remote network(s) на сервере.

Так сервер на то и сервер, чтоб обслуживать множество клиентов, не создавать же сервер для каждого.
То, что за клиентом - сеть, значения не имеет.

Сервер
В IPv4 Remote network(s) - обе сети за Микротиками через запятую -  a.a.a.a/24, b.b.b.b/24 (хотя я исторически использую вместо Pv4 Remote network(s) директиву route в advanced).

Сlient Specific Overrides
Обязательно для каждого клиента Микротика в IPv4 Remote Network/s - сеть за этим Микротиком в виде a.a.a.a/24, а в Advanced
push route "b.b.b.b 255.255.255.0 x.x.x.1"
где
b.b.b.b 255.255.255.0 - сеть за другим Микротиком
x.x.x.1 - IP "серверного конца" OVPN туннеля. Это - ключевой момент, без него маршрут в сеть за другим Микротиком не будет воспринят.

В IPv4 Local Network/s сети b.b.b.b быть не должно.

Для второго Микротика - по аналогии

@marcelloc Boa noite Marcelloc... Eu instalei recentemente um Servidor Pfsense na versão 2.5 e fiz a instalação dos pacotes do git, porém eu fiz tudo o que o @lotus disse sobre o arquivo "#syslogsys = on" e continua indo para "off", já apliquei chmod -Rf 777 na pasta /var/log/e2guardian e por fim editei pelo "vi"/usr/local/etc/e2guardian/e2guardian.conf em syslogsys = on .... mas mesmo assim o serviço do e2guardian não inicia... sabe me dizer o que posso fazer para iniciar e2guardian? é permissão mesmo?

OBS: ele não cria access.log na pasta /var/log/e2guardian

Eu desconfio que deva ser um chown:

ef4c4040-0a72-4200-9bb6-d59fdf182693-image.png

Poderia me ajudar?

merhaba,
çok uzun süredir herhangi bir hareket olmamış ama buna tekrar ihtiyacım oldu. kurulum dosyalarının olduğu sıkıştırılmış dosyayı nereden temin edebilirim?

great tutorial, thank you!
are these instructions still valid for the current version of pfSense?

@marcelloc

Hi Marcelloc, i have postfix and mailscanner running on pfsense 2.4.4-p1, i got the following warnings:

MailScanner[64731]: Clamd::ERROR:: UNKNOWN CLAMD RETURN ./lstat() failed: Permission denied. ERROR :: /var/spool/MailScanner/incoming/64731

Permissions looks fine, i did chown -R postfix:postfix /var/spool/MailScanner/incoming/, also chmod -R 6666 to the same folder.

Runas user on MailScanner.conf and clamd.conf is postfix.

Also mailscanner logs display syntax errors:

Mar 6 16:09:51 pfsense2 MailScanner[56749]: Syntax error(s) in configuration file:
Mar 6 16:09:51 pfsense2 MailScanner[56749]: Unrecognised keyword "deliversuspiciouspdf" at line 93
Mar 6 16:09:51 pfsense2 MailScanner[56749]: Unrecognised keyword "pdfidcommand" at line 84
Mar 6 16:09:51 pfsense2 MailScanner[56749]: Unrecognised keyword "pdfidtimeout" at line 87
Mar 6 16:09:51 pfsense2 MailScanner[56749]: Unrecognised keyword "scanpdf" at line 90
Mar 6 16:09:51 pfsense2 MailScanner[56749]: Warning: syntax errors in /usr/local/etc/MailScanner/MailScanner.conf.

Please Help.

Dear , I'm new to this, but fix this problem by simply checking the "Do not verify the remote certificate " located in Man SSL option menu in the filtering.

SSL Man Int the Middle Filtering>Remote cert checks> check "Do not verify remote certificate".