In general, as my friend said, seven troubles - one reset. The situation was corrected by reinstalling the system and restoring the configuration. This can be written down as a solution to the problem.

Hmm, yeah I'd expect it to only be resolving leases that were present before that change. Like if you add a new static dhcp lease on that interface I'd expect that to fail to resolve.

@detox you should be able to edit your first post and edit title with [solved] in the title, add tag.. If you can not - let me know and can do it for you. There might be some restrictions on rep ports or something - but you have 6, I would think that enough?

@stephenw10

Thanks for the response.

In reviewing your response and looking through my configurations, this one firewall did NOT have a valid Client name set and was missed from my template configuration when the firewall went into service.

I apologize for taking up yours and anyone else's time. I feel like a Newby today.

Does it report the memory usage in both Proxmox and pfSense?

Can you see what's using it in the output of top or ps?

@stephenw10

Thank you, that was what I was not doing and really appreciate the guidance and support here. Thanks

@rasputinthegreatest see my edit about devices sending it out even when they have an IP on the network - my directv appliance does that.. But once you have a mac should allow you to track it down. Especially if you have a smart switch and its wired. Where you can look at the mac address table.

If everything is working and you just don't like the noise in the logs, you can turn those off, either in log settings - I believe new 2.8 allows for not logging link local. Or you could setup a rule not to log it.

@stephenw10 Eventually I was able to read the a cloned disk from a side FreeBSD I setup, then I edited the config.xml to include the correct source IP, replaced the original disk with the cloned-now-edited disk and that how I got my access back and then I enabled the console. Thank you.

@ameinild Yes, I just confirmed at home that it is still working. I had some icon error right after install, but this seems to be fixed now. 👍

@viragomann banally ho quest problem, per riassumere
If you download your pc from the lan dove and install the pfsense with opnvpn site to site client, pingo i server windows o i pc della lan pfsense server, invece dalla parte server non pingo nessun pc, nemmeno il pfsense client. Invece dal ping di pfsense pinggo calmly. What can you control that the server does not function?

@ahole4sure
Maybe the routing table brings dissociation.

However, I'm not familiar with Tailscale. Don't know, what it does.

@dennypage, @maximushugus, @louis2, @jeffscott

Good news!

I have the PIMD version I did compile yesterday working !!
Including the related pfSense gui.

Not I think I can make it running the way it should in the coming week(??).

Note that at this moment I still have the following issues:

The warnings at compile time. Surely NOT OK!
=> I do not have the knowledge to fix this. but it does not be blocking. The man directory issue.
=> I have no idea how to solve that. My actual work around is removing the manual files from package definitions (NOT OK) Pimd does not run using the GUI.
=> At this moment I have to start pimd from the command line in debug mode and restart pimd after each config change. However pimd is running and I can access my media server.
pimd -n -f /var/etc/pimd/pimd.conf --disable-vifs -l debug=all the firewall rules are not yet as they should be, for the test I just opened too much.

So I have to sort out things in the coming week/weeks. But I have good hope that I can solve points 3 and 4.

If someone can solve points 1 and 2, it would be highly appreciated!!

Update auf 2.8 hat jetzt auch funktioniert, danke

Gruß

@JonathanLee said in Seeking Insight on IPV6 Suricata Alerts – "Excessive Retransmissions" and "Wrong Direction First Data":

SURICATA Applayer Wrong direction first Data

Here is the link in the Suricata docs for this stream rule alert: https://docs.suricata.io/en/latest/rules/app-layer.html#applayer-wrong-direction-first-data.

The short version of the story is that even today, after several attempted fixes within Suricata, the coders of client/server software apps seem to still be able via crappy coding to craft network flows that trip up the Suricata parser. This is basically a harmless error.

As @SteveITS said, the best thing is to disable all the Suricata stream event rules. They are informational anyway and don't necessarily indicate malicious traffic.

Yup, what I missed here is that whilst it's not hitting the default block rule it's in fact also not hitting your custom rules. It's actually the hidden block all v6 rules that are added when you unset 'allow IPv6'.

@dennypage Hasn't been a problem.

loopstats.jpg

@maximushugus

I tried to compile pimd for actual FreeBSD15 current, however I am facing issues which I can, given my limited knowledge of c, git and pimd internals, not solve.

At least I did not manage that up to now despite significant effort.

starting a tool like ^script^ and then compiling the source etc, you can see the warnings and some errors in the script generated file. In the file warnings and an error

related to e.g. not longer supported macro's and and a fatal error related to ^man^ which should be an absolute path
I tried to fix the ^man^ error using ^ConfigureOptions="--mandir=/usr/local/share/man",

That does remove the error but not in such a way that there are man8 packages in the stage directory / distribution file or package.

For that reason I did build a package without man files, and installed that pimd package on actual pfSense plus version.
It does not work. Main problem it can not find the interfaces see pfsense systemlog

I would have prefered to test on a fresh pfSense system, however netgate does not make an iso available :( I do not like that, however I do understand netgate!

Troglobit has a significant newer pimd version ^pimd-dense^ which can perhaps been an pimd alternative.
I do not know the difference in functionality!

So ^we have a problem^ !!

Some options:

support from someone with higher c and git knowledge able to solve the actual warnings and man issue in the code try to compile pimdd which because more recent probably has less compile issues and perhaps even has a freebsd ports creating a couple of VM's with the media player. One for each VLAN which needs media files