Some rules dont apply to some clients?

DestekTeknik · May 6, 2009, 2:19 PM

Hello folks;

First of all the problem is somehow different, I mean really different. I am going to tell it in a timeline so it should be clearly understandable.

Squid, squidguard, installed and turned on, captive portal off. Only 80 443 and messenger ports are open, everything is fine here.
There are static pc's which belongs to us, and other computers which belongs to customers. So in order to do it in a clear way, we add our pc's to the static pool of DHPC, turned on Captive Portal, and added their Mac's to the pass through list. Still seems to be fine.
Our pc's needed to access webcam's in msn, so we added these ports to, and also WOW ports and WC3 ports added, still seems to be fine.
First problem occured. Our pc's are able to use all the rules that are defined at any time, but the dynamic clients are only able to use the first 3 rules (80 443 msn) defined.

Now I'm getting confused here. Is this happening because of static pool of DHCP? or because of Captive Portal?

Please someone, I need an urgent advice…

DestekTeknik · May 7, 2009, 5:04 PM

People are reading but noone is posting anything…

DestekTeknik · May 11, 2009, 8:26 PM

71 views 0 replys…

GruensFroeschli · May 11, 2009, 8:42 PM

This wont motivate anyone to help you.
I suggest you read this:
How To Ask Questions The Smart Way

You could start motivating people by drawing a diagram what you have where.
Then provide infos how you test.

Also what do you mean with "the dynamic clients are not able to use the rules" ?
Do you get blocks in the firewall log?

DestekTeknik · May 13, 2009, 11:06 PM

First of all I do apologize for my bad English.

And secondly, I mean "the clients which has dynamic ip, assigned by DHCP".

And thirdly, we had a power failure yesterday, and our pfSense box has restarted, and guess what? The problem no more exists…

It is strange that, I have already restarted all the services but not rebooted the machine. Because we have a very high traffic on our network, so rebooting was not an avalible option for me to do, and I never thought I need to do a reboot, cause I restarted the services couple of times...

Anyway, thats my experience I would like to share with the community...
And I believe that information grows by sharing, and I dont need to be motivated to share my experiences or knowledge with someone...

If I do have ANY tiny bit of info about ANYthing, I throw it on the desk, just to lighten up an idea...

Thanks for your advices anyway, I will be careful indeed with asking questions.

Hope that this experience helps someone.