Suggestions about cool stuff to do with pfSense - Improve learning



  • Hi, i'm really sorry if this seems as a silly thread but i'd like to ask for some suggestions on cool stuff that could be done with the following pfSense setup:

    • Netgate Alix 2D13
    • pfSense 2.2.4
    • Dual WAN circuits
    • Home Network with 6-8 devices (PCs, notebooks, cell phones, access-points, TV set, Chromecast, etc.) Windows, Linux & Mac OS X

    Already have in place/operational (some are very simple stuff):

    • Dual Wan with load-balancing & failover
    • IPv6 on LAN
    • IPv6 with HE Tunnel Broker
    • DHCPv6
    • Squid v3 (cache configured on a USB stick)
    • Transparent caching
    • OpenVPN for Yealink VoIP phones
    • Bandwidthd
    • NTP server/client
    • DNS Forwarder (since Unbound does not work in a Multi-Wan with failover env)
    • pfblocker
    • Bandwidth limits to certain internal IPs
    • Skype blocking and other layer7 blocking
    • Dynamic DNS
    • Wake on Lan
    • SNORT (just tried it for a few days, incredibly slow on ALIX)
    • UPNP
    • played with Console and ALIX Bios (including BIOS upgrade)
    • internal Certificate Authority
    • SSH with certificate-only support
    • NANO BSD fs r/o and r/w
    • WPAD (via DNS and DHCP)
    • Wireless mini-PCI card (2.4 & 5 GHz)
    • Bridging Wireless & LAN interfaces
    • Working as an access-point and as a wifi client
    • nmap
    • iperf
    • routed (RIP)
    • Backup & Restore via web gui

    Any other suggestions of cool things to configure? Something related to Netflow, maybe? Please keep in mind that my intentional is purely for learning purposes and that i have only one ALIX appliance (so CARP or any other sort of redundancy is out of my league). It would be nice to receive suggestions on things that people consider important to be learned regarding pfSense fpr technical support or maintenances purposes.

    Thanks a lot!



  • web content filtering (both http and https).

    It has been my challenge to get it "perfect" without affecting normal user behavior, I still have a long way to go :)