-
Thanks Whosmatt. Yes the NIC is the Startech EC Express single port version (you linked to the dual port version). I'll hook that up to the WAN (Modem) and use the onboard intel nic to connect to my Ubiquiti managed switch.
I wasn't planning on using suricata, but now you have my curiosity peaked (I watched an hour youtube tutorial). If I dont use suricata, is the pf packet filtering good enough? Also, does pf block bad IP addreses automatically? Wasn't sure if it did. My Asus router uses Skynet as an add-on and it blocks known bad IP's. Just curious.
Thanks for the advice.
-
pf blocks EVERYTHING by default :)
There is a package called pfblocker-ng that many (myself included) use for automatically blocking known bad actors with updated block lists and the like. That's probably what you're looking for.
-
Thanks whosmatt.
-
Thanks NollipfSense.
-
@stephenw10 Thanks Stephen. Is the Express Card Slot considered a USB NIC?
-
Nope. Or at least it probably isn't; ignore me!
Express card does provide USB so it can accept modems etc but I would not expect a NIC to use that. This looks like it uses the Realtek RTL8110 which is a PCIe chip.
Steve
-
@FrankZappa it's used like a PCIe slot.
-
@stephenw10 Any idea if I can use this excpress card adapter with pf?
Sonnet Technologies Presto Gigabit Ethernet Pro ExpressCard/34https://www.amazon.com/Sonnet-Technologies-Gigabit-Ethernet-ExpressCard/dp/B00I8MMWTY
It appears to have a Broadcom chip (I think). Not sure if this is compatible. Thoughts?
-
Without knowing what the actual chipset they're using is there's no way to know.
-
@stephenw10 If it's Broadcom, will it work?
-
@FrankZappa I read where it works fine with Linux with it's Broadcom NetXtreme BCM57762 controller. No idea if this is compatible w PF
-
If it is indeed the BCM57762 it should work with the bge driver:
https://www.freebsd.org/cgi/man.cgi?query=bge&sektion=4
-
@whosmatt Thanks whosmatt. Do I need to install the driver or will pf already recognize it ?
-
You shouldn't need to install anything.
-
@FrankZappa I have used Sonnet before on a MacBook Pro I had contemplate using as a pfSense box. Yes, it has Broadcom and it works ... just a little issue running IDS/IPS because it's in emulator mode with Netmap instead of the full interaction with Netmap. BTW - your Intel -82579LM Gigabit is supports the new Intel driver, so no problem.
-
EC1000S is 10EC:8168. It's supported by FreeBSD according to the list of supported device IDs. Also we have a lot of successful probes of this chip in the BSD hardware database.
-
@NollipfSense Thanks. So if I use this card on the WAN side (use internal 82579LM for LAN) shouldn't it work fine if I enable IDS/IPS? I would think using this card on the WAN just passes and receives all traffic, while the 82579LM does all the IDS/IPS, firewall, and OpenVpn traffic...or do I have that backwards?
Thanks -
@aponomarenko Thanks. So I went with another card: Sonnet Technologies Presto Gigabit Ethernet Pro ExpressCard/34 which has a Broadcom chip (BCM57762). I haven't used it yet, but hoping it will work.
-
@FrankZappa said in PfSense on a Dell Latitude E6420:
use internal 82579LM for LAN) shouldn't it work fine if I enable IDS/IPS?
Yes
-
@frankzappa Sorry for the long delay in updating this year old thread. Bottom Line: This setup is working great for almost a year now.
Dell 6420 laptop with i7, 128GB SSD and 8GB RAMPfSense Version 2.4.5-RELEASE-p1 (amd64)
CPU Type Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz
Current: 800 MHz, Max: 2701 MHz
4 CPUs: 1 package(s) x 2 core(s) x 2 hardware threads
AES-NI CPU Crypto: Yes (active)Sonnet Technologies Presto Gigabit Ethernet Pro ExpressCard/34 which has a Broadcom chip (BCM57762) which covers down on LAN connection.
The really nice thing I purchased a new battery for laptop. When the electricity goes out, it still stays running for over an hour, which is a nice feature.
Many thanks to all of you for helping me out on this.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.