Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Couple of questions

    Scheduled Pinned Locked Moved General pfSense Questions
    7 Posts 3 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      BenKenobe
      last edited by

      1 : How can I add additional protocols to the list of 'blockable' protocols, I am keen to be able to stop peer to peer file shating such as bittorrent / edonkey, chat services and media streaming i.e. internet radio / you tube on certain addresses (guests who think bandwidth is free), I don't want to stop their access but I do want to tighten things up.

      2 : Too tired to read - how do you access the files on the pFSense box WITHOUT using the console - I have pFSense running on an old dell server in a black hole with no keyboard / mouse screen or otherwise - is it possible somehow to get a 'terminal' window or remote console session going?

      3 : Does any one know of a decent syslog app thats reasonably well featured and uses SQL - and doesn't require a mortgage to buy.

      1 Reply Last reply Reply Quote 0
      • B
        Bern
        last edited by

        "couple" means two ;)

        1 Reply Last reply Reply Quote 0
        • B
          BenKenobe
          last edited by

          ;D

          I thought of another and was too lazy to go back up  ::)

          1 Reply Last reply Reply Quote 0
          • Cry HavokC
            Cry Havok
            last edited by

            1. You mean application protocol?  Snort is probably the only way to do that, if you can signature the protocol you want to block (which is non trivial)

            2. Yes, SSH

            3. For what OS?  ISTR that Syslog-NG will do that.

            1 Reply Last reply Reply Quote 0
            • B
              BenKenobe
              last edited by

              Thanks, I am sure a bit of tracking and packet capture will help the fingerprinting but somebody must have done the common ones - there aren't many in the drop down list anyway.

              ssh - thanks - I knew there must be an easier way.

              as part of the website hosting I have a full cream SQL server and I am hosting using server 2008 currently. I do plan to move across to a linux / apache platform and use some sort of CMS but for now I am stuck with Server 2003 or 2008 as an OS, I will check Syslog-NG out thanks.

              1 Reply Last reply Reply Quote 0
              • Cry HavokC
                Cry Havok
                last edited by

                Those "common ones" are shorthands for well known ports.  That's all - there's nothing to do with the actual application signatures.

                1 Reply Last reply Reply Quote 0
                • B
                  BenKenobe
                  last edited by

                  I guess I was hoping to use port number in combination with IP address since apps like messenger and a few others now try to sneak out on port 80.

                  The problem for me on the port rule is that occassionally apps like the ftp server will try to use these 'banned' ports.

                  So far I have settled for tracert'ing all the well known ones and building their IP address into an alias for blocking.

                  As for the p2p I have gone into traffic shaping and set the upload / download allowance to zero.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.