pfSense Support Subscription

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - robi

Pages: [1] 2 3 4 5 ... 61
2
Packages / Re: ACME client renewal cronjob - any logs?
« on: Today at 10:31:00 am »
You don't get it....

What other logs to chek? There's no entry anywhere in any log, unless the renewal number of days has been reached. Since this is next due 3 months later, I don't think that it's an unusual expectation that somebody really wants to be sure that the cron job really does its job.

If I run that command in the web-based command prompt, I get this straight in the webpage after the run:
Code: [Select]
Checking if renewal is needed for: mydomain
Renewal number of days not yet reached.

Can't the script echo these in the system logs too? It's really not such a big deal, +2 more lines a day.

3
General Questions / Re: System logs time interval?
« on: Today at 10:14:42 am »
Thanks. How long are the system logs kept by the way? I tried to search for log entries from Dec 11, and no results... (logs from today appear fine).

4
Packages / Re: ACME client renewal cronjob - any logs?
« on: Today at 10:11:33 am »
I know that. I meant the output of the cron command
Code: [Select]
/usr/local/pkg/acme/acme_command.sh "renewall" cannot be seen anywhere while the renewal number of days not yet reached. I would have expected that the command produces some log entry (in the main system log for example) in that case too. Just to confirm that the script really runs at the requested time.

5
If you'd change all the clients, you could easily do the job with OpenVPN inside pfSense.

6
General Questions / System logs time interval?
« on: December 12, 2017, 01:54:53 pm »
I see that Sytem logs there's a filter functionality, but the 'Regular expression reference' doesn't contain any sensible information on how to simply filter out a time interval.
For example, I'dl like to see logs beween 2AM and 4AM. Any quick and dirty hints to check this out?

7
Packages / ACME client renewal cronjob - any logs?
« on: December 12, 2017, 01:51:31 pm »
How to prove if it ran successfully? Couldn't find any log entries related to the client renewal cron. Neither in the system logs, nor in /tmp/acme.
I'd check if this really runs as expected - certs expire in 90 days, but I really think I shouldn't need to wait that much time to confirm that the cron job actually does something.

8
Hardware / Re: Help with Serial GPS Configuration
« on: December 06, 2017, 05:21:00 am »
AHA!!!
Yep, ran into that too, it was the next thing I would have recommended to check against, however, this applies only to internal headers, external D-SUB connectors are everywhere the same. If you say you had partial success with USB, then after the ACPI trick you should have noticed success on the rear D-SUB too. And only after that, try the internal header...  8)

This is not SuperMicro-specific, this dates from the 1990's, there were always two flavours of interal header pinout: IBM/DTK WIRING SCHEME and EVEREX/ASUS WIRING SCHEME.
It's only a question of which manufacturer adopts which standard, nothing more.

Code: [Select]

                 SERIAL MOTHERBOARD CABLE 10 PIN DIL TO DB-9
                        (IBM/DTK WIRING SCHEME)
                  This is the ribbon cable from the MB serial
                     connector to the DB-9/DB-25 COM connector
                  DIL               DB-9            DB-25
                   1 -------------- 1  DCD __________ 8
                   6 -------------- 2  RX ___________ 3
                   2 -------------- 3  TX ___________ 2
                   7 -------------- 4  DTR __________ 20
                   3 -------------- 5  GND __________ 7
                   8 -------------- 6  DSR __________ 6
                   4 -------------- 7  RTS __________ 4
                   9 -------------- 8  CTS __________ 5
                   5 -------------- 9  RI ___________ 22
                   10 ------------- 10  N/C OR KEY




                 SERIAL MOTHERBOARD CABLE 10 PIN DIL TO DB-9
                         (EVEREX/ASUS WIRING SCHEME)
                  This is the ribbon cable from the MB serial
                     connector to the DB-9/DB-25 COM connector
                  DIL               DB-9            DB-25
                   1 -------------- 1  DCD __________ 8
                   2 -------------- 2  RX  __________ 3
                   3 -------------- 3  TX  __________ 2
                   4 -------------- 4  DTR __________ 20
                   5 -------------- 5  GND __________ 7
                   6 -------------- 6  DSR __________ 6
                   7 -------------- 7  RTS __________ 4
                   8 -------------- 8  CTS __________ 5
                   9 -------------- 9  RI  __________ 22
                   10 ------------- 10  N/C OR KEY

 

9
Did you try a fresh pfSense install without restoring your config? Just install it vanilla and configure manually only the PPPoE interface, forget your config for now.

10
Hardware / Re: Help with Serial GPS Configuration
« on: December 05, 2017, 03:08:01 pm »
Did you follow correctly the steps described in my link above, especially step2? Are the names 100% correct? Maybe you could post here the outputs of the commands.

You'd be faster by reinstalling the whole thing from scratch and try again from the beginning.

11
Hardware / Re: Help with Serial GPS Configuration
« on: December 05, 2017, 06:20:54 am »
Check this out: https://forum.pfsense.org/index.php?topic=93999.0

I've ran into this several times. FreeBSD handles serial ports strange in many cases, it looks to me as if it would be some kind of "misunderstanding" between motherboard implementations and FreeBSD approach on how to access the serial ports. For basic things like serial console etc. it should work fine, but more advanced usage often turns out to be a wrong ACPI approach from FreeBSD.

And avoid using USB-Serial adapters with GPS/PPS. USB introduces serious latency and jitter - making your NTP server imprecise.

12
Feedback / Re: Share your pfSense stories!
« on: December 04, 2017, 12:34:56 pm »
While the ability for any software and your hardware/system to run for such a long time is nice.

That you would run your firewall on software that is no longer updated or maintained is BAD security..  2.1.5 should of been updated when it went EOL..  Its still running esxi 3.5 that went end of extended support back in 2013 and end of even technical guidance back in 2015 is not good practice from any point of view especially security.
Agree with everything! This box, however, was only handling internal routing between some private networks. Didn't have access to the internet either - updating wasn't easily possible. Was also a low-priority segment - it's now being killed forever and nothing comes in place.

13
Feedback / Re: Share your pfSense stories!
« on: December 04, 2017, 05:09:19 am »
Gonna kill this beast this week, just wanted to share it as a good memory of an outstanding reliable piece of software.
Runs inside VMware ESXi 3.5.0, on a recycled HP DL380 G4, originally put in operation in 2005.  8)
The physical machine was only stopped for a couple of minutes about 10 years ago, to add RAM. The 32 GB SCSI drives have been replaced 2 times (with used ones).

14
General Questions / Re: V2.4.2 screensaver
« on: November 28, 2017, 11:55:42 am »
Switch off the CRT while you're not using it:
- it eats a lot of electricity even when idle, by unplugging it or switching it off you care for environment
- you can extend the CRT lifetime, also protecting the environment by throwing it away later
- you can also save the close environment from lots of RF pollution, old CRTs create quite a lot of interfering radio-frequencies
- if someone has to use the physical console has to go there anyway, so pushing a button two times for the reasons above requires zero effort

15
Hardware / Re: Successful Install on HP t5730 Thin Client
« on: November 22, 2017, 01:28:33 pm »
Same with 2.4.2.  8)

Pages: [1] 2 3 4 5 ... 61