PfSense configuration issues



  • Hi,
    I have Pfsense 2.1-release x64 installed running Dansguardian + squid3 + Snort + a TFTP server. I finally got it all setup where my NAT feeds port 80 traffic to Dansguardian, which blocks ads and does a virus check, then passes that to squid for my transparent proxy. I have a slight issue of whenever I boot Pfsense the folder I create at /var/run/clamav disappears and clamd fails to load, causing Dansguardian to block all http pages. I have to SSH into the box and manually create the folder and set Permissions in order to get everything back up.

    The other issue I'm having is that I cannot get my tftp server to run properly. I installed the tftp server from the available packages, set it to listen on my lan, added my PXE files, but I couldn't connect to it. Then I tried to restart the service but it went into the stopped state and wouldn't go back to running. There was no error I could see in the log file. I can manually start it by adding it to /etc/inetd.conf then running /etc/rc.d/inetd onestart but I still can't fetch the file. I disabled the tftp proxy from System -> advanced -> NAT then setup a NAT rule to redirect port 69 traffic to 127.0.0.1 port 69 and in the system log what shows up is "tftpd[]: Timeout #0 on ACK 1 pfsense". If I remove that NAT rule  what I get is
    Mar 28 19:58:59 tftp-proxy[34643]: pf connection lookup failed (no rdr?)
    Mar 28 19:58:59 inetd[31314]: /usr/libexec/tftp-proxy[34643]: exited, status 1
    Mar 28 19:59:07 tftp-proxy[37972]: 192.168.1.100:63497 -> 127.0.0.1:6969/192.168.1.1:58514 -> 192.168.1.1:69 "RRQ test"
    Does anybody have any ideas how to get this working? I would like to setup a PXE boot environment on my LAN side.



  • Never mind, I disabled "TFTP Proxy" from System -> Advanced -> Firewall / NAT, Then did a UDP port forward from 69 to 127.0.0.1 on port 69. I then set the TFTP server to listen on the LAN, uploaded my PXE files, and used TFTP GET and transferred the file perfectly.


Log in to reply