Netgate SG-1000 microFirewall

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - shinzo

Pages: [1]
2.4 Development Snapshots / pfTop GUi
« on: February 27, 2018, 10:34:46 pm »
Using 2.4.3.a.20180225.2032

So under Diagnostics tab, and selecting pfTop.  On the Filter expression, if i select inside the box and press Enter, it will take me to another window with a text output of everything.  Not sure if its a bug  :)

2.4 Development Snapshots / System tunables [FIXED]
« on: February 14, 2017, 11:46:51 am »
I go to System, Advanced, System tunables. I click on edit tunable and when the window opens up, All 3 boxes are empty.

2.4.0-BETA (amd64)
built on Tue Feb 14 08:25:07 CST 2017

pfBlockerNG / pfBlockerNG 2.1.1_5 / Pfsense 2.4
« on: December 20, 2016, 12:51:12 pm »
I was wondering, is the file still needed or do i have to run the "fetch -o /etc/inc/" command to grab it.

2.4 Development Snapshots / Any updates on implementing fq_codel
« on: November 15, 2016, 04:25:31 pm »
Since we hit 2.4 beta, wanted to see if there was any plans for fq_codel.

2.3-RC Snapshot Feedback and Issues - ARCHIVED / Gui - traffic shaper.
« on: January 30, 2016, 09:52:58 pm »
Using 2.3-BETA (amd64)
built on Fri Jan 29 19:48:32 CST 2016

Possible bug?

Under firewall > traffic shaper.  Click on "by interface" and select WAN, select fairq for the scheduler and save it.  Try to add a new sub queue under it and I get

"Fatal error: Call to a member function addGlobal() on string in /usr/local/www/firewall_shaper.php on line 209 Call Stack: 0.0001 230736 1. {main}() /usr/local/www/firewall_shaper.php:0 PHP ERROR: Type: 1, File: /usr/local/www/firewall_shaper.php, Line: 209, Message: Call to a member function addGlobal() on string"

Using 2.3-ALPHA (amd64)
built on Wed Dec 30 13:38:04 CST 2015

In the dns forwarder window,  I try to set the listening interface to something else and it reverts back to ALL

Services->DNS Forwarder,
Select LAN,Localhost under Interfaces and save
Window refreshes and interfaces still has ALL selected

2.3-RC Snapshot Feedback and Issues - ARCHIVED / Gui - limiter (fixed)
« on: January 03, 2016, 08:14:39 pm »
I can create a new limiter. But when I try to add a new queue to that limiter it gives me a 404 page not found.   :P

2.3-RC Snapshot Feedback and Issues - ARCHIVED / Saving Limiter issue
« on: December 24, 2015, 06:19:28 pm »
2.3-ALPHA (amd64)
built on Wed Dec 23 05:35:02 CST 2015

  Was trying to save a limiter but it just takes me back to the firewall_shaper page without saving.  Then I tried to import them from a save file but that didn't work either.

2.2 Snapshot Feedback and Problems - RETIRED / Unbound
« on: November 06, 2014, 01:12:07 am »
Using build 2.2-BETA (amd64) built on Sat Nov 01 12:24:41 CDT 2014

I notice through the gui that some of the options i turn on through the advanced settings tab don't seem to be changing the default setting.   Went through the unbound.conf files and they seem to stay the same.

I also added some separate options in the advanced box but it doesn't seem to be taking in any of those ether. 

Traffic Shaping / Dummynet tweaks problem
« on: March 09, 2014, 12:33:58 pm »
So i was messing around with the dummynet settings and noticed something.  If i put them in the system tunable tab, it makes the changes but as soon as i reboot the machine it wont pick up the modified setting.   If i put them in /boot/loader.conf file it wont load it from there either when i reboot.   

Using 2.1.1-PRERELEASE (amd64)
built on Tue Feb 25 08:50:01 EST 2014

Packages / Snort Pkg v 2.5.9
« on: June 19, 2013, 02:59:12 am »

Update the Snort pfSense port to version because the current version goes EOL with rules updates on July 2, 2013. This port update should be merged in concert with the Snort GUI package update 2.5.9 in the pfsense-packages repository.

This update includes the config directives "--enable-targetbased" and "--enable-perfprofile". The target-based directive is required to support the new Host Attribute Table option being added to the 2.5.9 Snort GUI package.

Snort Package v 2.5.9 Update
june 18, 2013

This update introduces one new feature and improves on several existing ones. It also supports the updating of the underlying Snort binary code to version

New Features

Support has been added for a Host Attribute Table. This feature allows the run-time import of specific network host attributes to provide auto-configuration of various Preprocessor and rule options. Tools such as nmap and hogger can be used in concert to scan your network, fingerprint all the hosts, and generate a Host Attribute Table file suitable for direct input to Snort. Snort will then auto-configure Preprocessor and rule options to tailor them to your specific network hosts.
Improved Features

The automatic rule update start time is now configurable. Formerly, only the update interval was selectable. But now both the interval and starting time are configurable in the GUI. This change benefits users with multiple firewalls as it allows their updates to be staggered. The starting time must be entered in 24-hour form with hours and minutes only (as in HH:MM).

Two new icon links were added the RULES tab that either Enable All or Disable All rules in the selected category. The table on the RULES tab is also sortable. Clicking the headers will sort the column. The sort will toggle between ascending and descending on each click. A bookmark anchor has been added to each displayed rule row so that when clicking to enable or disable a particular rule, the page will auto-scroll upon return so the last-clicked rule is near the top of the page.

New icons have been added to the ALERTS tab in the SRC and DST IP address columns for displayed alerts. The plus (+) icon, when clicked, will auto-add the generator ID and signature ID (gid:sid) to the Suppression List for the interface using the "suppress gen_id, sig_id, track by_src ip ..." or "suppress gen_id, sig_id, track by_src ip ..." form as applicable for source or destination addresses. As with the SID column icon, if the IP address is already in the Suppression List a disabled icon will be displayed instead. If the GID:SID by itself is in the Suppression List, then the event is suppressed globally and source or destination IP has no meaning. In this case, no plus (+) icon will be displayed under the SRC or DST columns.

The XMLRPC Sync process has been improved by moving the sync job on the remote target host to a background task. This greatly speeds up the sync process when a master must replicate to multiple secondary hosts. The master no longer waits for the entire synchronization process to complete on each target. Instead, the job is deposited on the target host and then executes in the background. The master is then free to proceed to the next target host.

Bug Fixes

The Snort GUI code was run through a HTML validator and several HTML syntax errors were corrected on the various pages. These errors were not materially impacting performance nor functionality, but cleaning them up was a good thing nonetheless.

A bug introduced in version 2.5.8 involving zero-length spaces was fixed in the SUPPRESS tab. When copying and pasting an IPv6 address from the ALERTS tab to a suppression list entry, the zero-length spaces used to signal word-break opportunities to the browser on the ALERTS tab were being copied into and then saved with the suppression list. This corrupted the list and produced a Snort error on restart. Now, prior to saving the list, the contents are scrubbed of any zero-length spaces.

Screenshots and explanations have been added here.,63593.0.html

For those with a
snort[****]: FATAL ERROR: /usr/local/etc/snort/snort_*****_em0/snort.conf(253) Unknown config directive: max_attribute_hosts.

It has been fixed, please uninstall then reinstall the snort package. For more details follow the link below.,63568.msg344067.html#msg344067

IDS/IPS / Snort pkg v.2.5.8
« on: May 30, 2013, 05:14:49 pm »
If i enable snort through the interface tab, it disables the service.  If i enable it through the services tab, it disables it in the snort interface

Packages / Snort enable/disable rules through GUI not working?
« on: March 21, 2013, 10:56:48 pm »
I am using the Emergingthreats rules, I try to enable all the scan.rules through the gui, they turn bright yellow and do a restart.  Do a scan and I get no alerts, if edit the file manually and restart it, then I get the alerts.   :P

Pages: [1]