Newbie: some questions and report about pfsense…
-
- Embedded images have no video and keyboardsupport, they will have output at the serial console. There is also no package support. No matter how big your cf-card is it will only use 128 mb. Buying a bigger one won't get you any advantages currently.
-
- Embedded images have no video and keyboardsupport, they will have output at the serial console. There is also no package support. No matter how big your cf-card is it will only use 128 mb. Buying a bigger one won't get you any advantages currently.
Instead of the embedded flavour, If I install the livecd onto the CF through the option 99 from the console, would have the CF a short life? Is the main problem the swap partition or what? The installation from livecd requires 2GB or is it recommended? Because I tried on VMWare with a 800MB virtual hard drive and it seems to be no error or performance issue, but I didn't investigate further.
Hoba, I followed your advice to set a longer statetimeout in the firewall rules and now eMule Kad status stays on 'Open' all the time, yeahh! :) I put 360 seconds. Do you think that can be an issue?
I still had no luck to build up a working virtual pfsense machine as described in previous point number 9. If somebody can give me some more ideas, I'd happy to try your tips! ;D I need a sandbox to test out in deep pfsense and its latest snapshots keeping the other 24h pfsense machine working.
-
Lifetimes of CF-cards nowadays are not that short but packages that do a lot of logging or caching will wear it out more quickly. We do not recommend running a full install on a flashdrive.
The longer statetimeout shouldn't be too much of an issue and as this application seems to need it you don't have a choice anyway. You might want to try a lower setting and see if this works as well though.
For installing pfSense as VM have a look at http://pfsense.org/mirror.php?section=/tutorials/vmware_install/vmware.html
-
Today I've been testing the latest snapshot:
1.2-BETA-1-TESTING-SNAPSHOT-05-02-07
built on : Wed May 2 20:06:34 EDT 2007
Platform: cdromI've been trying to restore the configuration from the .xml configuration file because I had no floppies avaiable nor a USB pen, only the LAN link and this is the unhandled error message shown in the webConfiguration:
Warning: touch(): Unable to create file /needs_package_sync because Read-only file system in /usr/local/www/diag_backup.php on line 157
Should be possible restoring from the xml configuration file also for the livecd (platform cdrom)? Isn't the xml directly loaded in RAM? ???
-
Thanks, I just commited a fix for this. Try a snapshot 2+ hours from now.
-
Try a snapshot 2+ hours from now.
I'm unsure how to update a previous pfsense fully installed on a hd. Have I to boot the fresh iso livecd and choose the option number 99 in the console setup or there is a best way to do it with the latest pfSense.iso.gz? In the docs I've found the steps for embedded systems.
Thanks :)
-
Download full update from here:
http://snapshots.pfsense.org/FreeBSD6/RELENG_1_2/updates/Go to Firmware page in GUI and choose the file you downloaded.
-
@cmb:
Download full update from here:
http://snapshots.pfsense.org/FreeBSD6/RELENG_1_2/updates/
Go to Firmware page in GUI and choose the file you downloaded.I've just tried to upload the latest .tgz snapshot by using the Firmware page in webConfiguration and before carrying out the step it says:
The digital signature on this image is invalid.
This means that the image you uploaded is not an official/supported image and may lead to unexpected behavior or security compromises. Only install images that come from sources that you trust, and make sure that the image has not been tampered with.
Do you want to install this image anyway (on your own risk)?10- Have final versions only got that digital signature?
I did a test with my WLAN equipment and I setup WPA-PSK TKIP instead of WPA2-PSK AES and wifi connection is very instable (I restored the old wireless config). This is the system log:
hostapd:ral0: STA xx:xx:xx:xx:xx WPA: group key handshake completed (WPA) hostapd:ral0: STA xx:xx:xx:xx:xx WPA: received EAPOL-Key Error Request (STA detected Michael MIC failure) hostapd:ral0: STA xx:xx:xx:xx:xx WPA: received EAPOL-Key with invalid MIC hostapd:ral0: STA xx:xx:xx:xx:xx IEEE 802.11: deassociated hostapd:ral0: STA xx:xx:xx:xx:xx IEEE 802.11: associated
11- What does 'Michael MIC failure' exactly mean? I think the wifi card I have isn't well supported and I need to put an Atheros based one. I took a look at http://madwifi.org/wiki/Compatibility/TP-Link, but I still have some questions:
11a- Should Madwifi driver support virtually all PCI wifi cards based on any Atheros chipset or specific ones?
11b- Do you use an Atheros wifi card and what is your experience?
11c- Is there no problem using them with WPA/WPA2 encryption (if supported as written in their datasheet) under pfSense, is it right?12- Which scripts I have to edit to modify the sequence of beeps coming from the internal speaker (at the boot/shutdown/reboot)?
Thank you! ;)
-
10- Have final versions only got that digital signature?
Yes.
I did a test with my WLAN equipment and I setup WPA-PSK TKIP instead of WPA2-PSK AES and wifi connection is very instable (I restored the old wireless config).
The ral driver seems to be unstable. We don't develop the drivers, we just use what's available, so nothing we can do other than say "yeah, it sucks."
11a- Should Madwifi driver support virtually all PCI wifi cards based on any Atheros chipset or specific ones?
It's not madwifi (this isn't Linux, it's FreeBSD) but virtually all Atheros cards should be supported by the HAL we inherit from FreeBSD.
11b- Do you use an Atheros wifi card and what is your experience?
Yes. Works great.
11c- Is there no problem using them with WPA/WPA2 encryption (if supported as written in their datasheet) under pfSense, is it right?
I use WPA, works great.
12- Which scripts I have to edit to modify the sequence of beeps coming from the internal speaker (at the boot/shutdown/reboot)?
Don't know that one.
-
I've updated the firmware of the testbox to:
1.2-BETA-1-TESTING-SNAPSHOT-05-11-2007
built on Mon May 14 11:30:09 EDT 2007I noticed these lines in the System logs-OpenVPN:
openvpn[304]: Use --help for more information. openvpn[304]: Options error: Unrecognized option or missing parameter(s) in /var/etc/openvpn_client0.conf:14: remote (2.0.6) openvpn[300]: Use --help for more information. openvpn[300]: Options error: Unrecognized option or missing parameter(s) in /var/etc/openvpn_server0.conf:14: lport (2.0.6)
I never used or configured VPN/OpenVPN and in the other pfSense machine running the stable 1.0.1 version, the system log is obviously blank. Maybe a bug in snapshots?
I've further questions:
13a- I've seen that new submenu 'OpenNTPD' appeared in 'Services', which has additional options to set this service. Does this new submenu use the 'Time zone' and 'NTP time server' fields from 'System: General Setup'?
13b- Do you plan to move 'Time zone' and 'NTP time server' from 'System: general setup' to 'OpenNTPD'?
13c- Why don't add also a button like 'Syncronize time now!' in 'OpenNTPD' section? It can be useful to update without a restart.
13d- How time is currently managed by OpenNTPD in pfSense? How many time a day is updated or in which circumstances?Regards
-
I've updated the firmware of the testbox to:
1.2-BETA-1-TESTING-SNAPSHOT-05-11-2007
built on Mon May 14 11:30:09 EDT 2007I noticed these lines in the System logs-OpenVPN:
openvpn[304]: Use --help for more information. openvpn[304]: Options error: Unrecognized option or missing parameter(s) in /var/etc/openvpn_client0.conf:14: remote (2.0.6) openvpn[300]: Use --help for more information. openvpn[300]: Options error: Unrecognized option or missing parameter(s) in /var/etc/openvpn_server0.conf:14: lport (2.0.6)
I never used or configured VPN/OpenVPN and in the other pfSense machine running the stable 1.0.1 version, the system log is obviously blank. Maybe a bug in snapshots?
This was a previous bug that has been fixed but the only way to fix it is to remove the blank entries from config.xml.
To do this enter the pfSense PHP shell and run these commands:
unset($config['installedpackages']["openvpnserver"]['config']);
unset($config['installedpackages']["openvpnclient"]['config']);
write_config();
exit