Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FreeBSD Security Advisories

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    10 Posts 4 Posters 4.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rds_correia
      last edited by

      Hi there,
      I believe we don't need to worrie about the 11-1-06 SAs, do we?
      Namely this one ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:04.ipfw.asc.
      Cheers

      pfSense 2.2.4 running on a HP DL385 G5
      WAN bce(4) + LAN em(4) + OPTn em(4) with 10 VLANs + Snort + PPTP VPN soon to be trashed by OVPN

      1 Reply Last reply Reply Quote 0
      • S
        sullrich
        last edited by

        Already addressed and will be included in beta2.

        1 Reply Last reply Reply Quote 0
        • L
          Leoandru
          last edited by

          @sullrich:

          Already addressed and will be included in beta2.

          I'm not sure im following. Does pfSense include ipfw?

          1 Reply Last reply Reply Quote 0
          • S
            sullrich
            last edited by

            Yes, for captive portal.

            1 Reply Last reply Reply Quote 0
            • R
              rds_correia
              last edited by

              @sullrich:

              Yes, for captive portal.

              Why don't we use pf for captive portal too?
              It just doesn't make much sense…

              pfSense 2.2.4 running on a HP DL385 G5
              WAN bce(4) + LAN em(4) + OPTn em(4) with 10 VLANs + Snort + PPTP VPN soon to be trashed by OVPN

              1 Reply Last reply Reply Quote 0
              • S
                sullrich
                last edited by

                We had this setup w/ PF but we ran into a problem of not being able to query when the last time a user hit the rule from the webGUI so we put it back to IPFW after everyone kept complaining.

                1 Reply Last reply Reply Quote 0
                • R
                  rds_correia
                  last edited by

                  I see.
                  Thanks :).

                  pfSense 2.2.4 running on a HP DL385 G5
                  WAN bce(4) + LAN em(4) + OPTn em(4) with 10 VLANs + Snort + PPTP VPN soon to be trashed by OVPN

                  1 Reply Last reply Reply Quote 0
                  • L
                    Leoandru
                    last edited by

                    I c. thats interesting, guess I could make use of dummynet then.

                    Is the ipfw moduled loaded at all times? and if loaded will it be unloaded when captive portal is disabled?

                    1 Reply Last reply Reply Quote 0
                    • S
                      sullrich
                      last edited by

                      It's loaded and unloaded as needed.

                      1 Reply Last reply Reply Quote 0
                      • B
                        billm
                        last edited by

                        We shouldn't be vulnerable to this anyway as PF loads and will match first before ipfw.  PF will drop or otherwise scrub the ICMP before ipfw ever sees it.

                        –Bill

                        pfSense core developer
                        blog - http://www.ucsecurity.com/
                        twitter - billmarquette

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.