pfSense Support Subscription

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - morph0

Pages: [1]
1
Gaming / Re: Multiple Xbox playing the same game (Call of Duty WWII)
« on: November 28, 2017, 05:13:24 am »
Some games just really don't like being on the same network with uPNP.

Not sure about WW2 yet but if its like a few of the other games in this situation, you just need to create separate Outbound NAT rules for each console individually.

So set console 1 to,

WAN / InternalIP/32 / * / * / * / WAN / * / Static Port

Then set Console 2 to,

WAN / InternalIP/32 / * / * / * / WAN / * / Random Port.

The first console is turned on and will get Open Nat, the second console is turned on and will get Strict Nat. Both consoles will be able to join party chat and multiplayer lobbies together.

Some games like Overwatch (fixed now), warframe, destiny and black ops 3 just hate pFsense uPNP implementation and refuse to connect properly when both consoles achieve Open NAT together. It is a pain, but you can either just leave it like this or once WW2 is finished just switch back to both being Static Port when you need open for different games.

2
2.4 Development Snapshots / Re: New 502 Bad Gateway
« on: October 29, 2017, 08:53:23 pm »
I made some additional mods to the code.  Run the following command to download the patched version from my Github Gist:

Code: [Select]
fetch -o /usr/local/pkg/pfblockerng/pfblockerng.inc "https://gist.githubusercontent.com/BBcan177/7ff15715be0f02afdbe0a00c676aedce/raw"
Recommend a reboot after downloading the patch.

Please let me know your feedback!

I installed this today and after 6 hours of running my pFsense VM increased disk usage of over 20gb and crashed the VM and needed to be rebuilt.
Works on my machines since 4 days without a hassle and without filling up the disks.
What was filled up, did you have had a look on the files?

I checked BBcan's pm and started the process again and keeping check on a few things this time. I couldn't check when it happened though as it had reached 109% storage and the VM crashed and when I rebooted it, it took everything with it. Configs for all services where 95% lost (like 3 DHCP mappings remained of a list of 200+, lost all NAT/Rules). So I ended up just factory resetting and am now attempting to replicate the findings. I will keep everyone updated as the day progresses.

3
2.4 Development Snapshots / Re: New 502 Bad Gateway
« on: October 29, 2017, 04:50:25 am »
I made some additional mods to the code.  Run the following command to download the patched version from my Github Gist:

Code: [Select]
fetch -o /usr/local/pkg/pfblockerng/pfblockerng.inc "https://gist.githubusercontent.com/BBcan177/7ff15715be0f02afdbe0a00c676aedce/raw"
Recommend a reboot after downloading the patch.

Please let me know your feedback!

I installed this today and after 6 hours of running my pFsense VM increased disk usage of over 20gb and crashed the VM and needed to be rebuilt.

4
2.4 Development Snapshots / Re: New 502 Bad Gateway
« on: October 27, 2017, 08:19:46 pm »
Running 2.4.1 and 2.1.2_1 and still getting 502 but also getting a few crash reports to send in each day as well.

Code: [Select]
PHP ERROR: Type: 1, File: /usr/local/pkg/pfblockerng/pfblockerng.inc, Line: 2496, Message: Allowed memory size of 536870912 bytes exhausted (tried to allocate 8192 bytes) @ 2017-10-28 07:02:39

5
Gaming / Re: Multiple Xbox Ones, Open NAT Failure
« on: October 21, 2017, 02:26:34 am »
I have been having this same issue on and off again since the release of xbox ones. I tried having another crack at this over the weekend since I now have the latest dashboards on every xbox and can select which port to use instead of 3074.

The issue is the same, I have NAT Open on every box using all forms of NAT Reflection mode for port forwards, disabled, pure NAT and NAT + Proxy and have had Automatic create outbound NAT rules checked and unchecked. The issue is it works for most games but then there are a few that just refuse to multiplayer up. They can party and chat and play majority of the games.

Games like Warframe that don't connect with NAT Open just require you to set a manual outbound NAT with sticky port disabled. This will set the second xbox to NAT Strict and you will be able to play together. Once you switch games you can leave it and xbox 1 sticky and xbox 2 random port but this might affect matchmaking in other games if you don't switch back to sticky on both when not partied together.

6
pfBlockerNG / Re: Easylist seems not to be working
« on: January 13, 2017, 01:14:31 am »
Thanks for reporting....

EasyPrivacy had a similar issue a few months back since they changed the format of the list.

I have posted a Pull Request to fix this issue for EasyList. Waiting for the Devs to merge it...

    https://github.com/pfsense/FreeBSD-ports/pull/253/files

Thanks!

Cheers for the prompt response/patch release :D

7
pfBlockerNG / Re: Easylist seems not to be working
« on: January 12, 2017, 08:29:26 am »
I just set this up today and I am also experiencing the same problem. The time out is the first time it has errored but normally it just says no domains found like in the OP. I have highlighted under Categories All and half of the list to test and neither fixed it, I also have nothing under DNSBL Feeds as I just wanted to test the Easylist and EasyPrivacy first.

I checked under logs, Original DNS Files | EasyList.orig looks as it should, but under DNSBL Files it only has EasyPrivacy.ip & EasyPrivacy.txt


Code: [Select]
UPDATE PROCESS START [ 01/13/17 01:19:06 ]

===[  DNSBL Process  ]================================================

[ EasyList ] Downloading update . cURL Error: 28
Operation timed out after 15000 milliseconds with 0 out of 0 bytes received Retry in 5 seconds...
.. 200 OK
 No Domains Found

[ EasyPrivacy ] exists. [ 01/13/17 01:19:47 ]
[ DNSBL_IP ] Updating aliastable...
  no changes.
  Total IP count = 14


===[  Continent Process  ]============================================


===[  IPv4 Process  ]=================================================

[ AdblockWarningRemovalList ] exists.

===[  IPv6 Process  ]=================================================


===[  Aliastables / Rules  ]==========================================

No changes to Firewall rules, skipping Filter Reload
No Changes to Aliases, Skipping pfctl Update

 UPDATE PROCESS ENDED

8
General Questions / Re: How to stop torrents at work?
« on: December 17, 2011, 02:26:33 am »
If you can get to the machines when there not around, access the advanced options of the torrent client and force it to use specific ports under net.outgoing_port & net.outgoing_max_port. Then all you need to do is create a rule for the port range you specify to block/shape into oblivion. Generally they won't be aware of the advanced options let alone what a port is.

If this is not an option simply shape them/block there PC and send them to HR to explain why they need to steal all the network bandwidth instead of working.

9
Wireless / Re: Wifi to Lan Bridge problems
« on: October 16, 2009, 09:08:36 am »
Sorry for my late reply. Been to frustrated to continue playing with the configs.

I have Manual Outbound NAT rule generation enabled with

Code: [Select]
  WAN    192.168.10.0/24  *  *  *  *  *  YES Auto created rule for LAN   
 
 
  WAN1    192.168.10.0/24  *  *  *  *  *  YES Auto created rule for LAN   
 
 
  WLAN1    192.168.10.0/24  *  *  *  *  *  YES Auto created rule for LAN   


I also enabled bridge to LAN from the WLAN interface. So far i have been able to get windows laptops all talking and Nokia E series phones talking but the iPhone still refuses to talk properly.

10
Wireless / Re: Wifi to Lan Bridge problems
« on: September 14, 2009, 03:27:36 am »

Have you tried using pfSense as the DHCP server for the wireless clients? It might not be where you want to go long term, but it could give some information relevant to to this problem.


In actual fact I have spent the last week and a half on this bloody thing. I also decided Windows has DHCP and DNS provided me with no added benifit really and dumped them both and installed DHCP and DNS onto my pFsense box.

After little configuration I managed to get all laptop clients accepting there IP address and what not.

How ever I have still hit one wall. The Apple iPhone is not allowing me to browse the internet from wireless. I have setup rules to pass all traffic from the IP address and it doesnt matter if its static or DHCP it refuses to go out.

The iPhone is showing up in the logs blocking

Sep 14 17:07:48 WAN   192.168.10.253    224.0.0.252  IGMP
Sep 14 17:24:15 WAN   192.168.10.1    224.0.0.252  IGMP
Sep 14 17:24:33 WAN   192.168.10.1:138    192.168.10.255:138  UDP


For the life of me I don't know where to add acceptable rules to allow this traffic and it seems to be ignore a permit all traffic under rules.

11
Wireless / Re: Wifi to Lan Bridge problems
« on: September 08, 2009, 09:29:32 am »
192.168.10.1 is the 2k3 dhcp server, laptop is running vista with a intel card and the iphone is is doing the same symptoms. Signal strength is full bars.

12
Wireless / Re: Wifi to Lan Bridge problems
« on: September 07, 2009, 09:50:08 am »
I do appologise i did have all that info in notepad and did mean to include it, pFsense version is

Version 1.2.3-RC1
built on Wed Apr 22 15:45:47 EDT 2009
FreeBSD 7.1-RELEASE-p5 i386 

Linksys Wireless-G PCI adapter WMP54G v 4.1

Code: [Select]
# tcpdump -i ral0 udp and host 192.168.10.1
tcpdump: WARNING: ral0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ral0, link-type EN10MB (Ethernet), capture size 96 bytes
23:56:31.014919 IP 192.168.10.1.bootps > 255.255.255.255.bootpc: BOOTP/DHCP, Reply, length 300
23:56:41.448983 IP 192.168.10.1.bootps > 255.255.255.255.bootpc: BOOTP/DHCP, Reply, length 300
23:56:56.442742 IP 192.168.10.1.bootps > 255.255.255.255.bootpc: BOOTP/DHCP, Reply, length 300
23:57:39.048282 IP 192.168.10.1.bootps > 255.255.255.255.bootpc: BOOTP/DHCP, Reply, length 300
23:58:11.094631 IP 192.168.10.1.bootps > 255.255.255.255.bootpc: BOOTP/DHCP, Reply, length 300
23:58:22.770061 IP 192.168.10.1.bootps > 255.255.255.255.bootpc: BOOTP/DHCP, Reply, length 300

# tcpdump -i rl1 udp and host 192.168.10.1
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on rl1, link-type EN10MB (Ethernet), capture size 96 bytes
23:56:31.014559 IP professorfrink.springfield.bootps > 192.168.10.1.bootps: BOOTP/DHCP, Request from 00:0c:f1:06:22:c9 (oui Unknown), length 300
23:56:31.014779 IP 192.168.10.1.bootps > 255.255.255.255.bootpc: BOOTP/DHCP, Reply, length 300
23:56:31.015036 IP 192.168.10.1.bootps > professorfrink.springfield.bootps: BOOTP/DHCP, Reply, length 300
23:56:41.448746 IP professorfrink.springfield.bootps > 192.168.10.1.bootps: BOOTP/DHCP, Request from 00:0c:f1:06:22:c9 (oui Unknown), length 300
23:56:41.448909 IP 192.168.10.1.bootps > 255.255.255.255.bootpc: BOOTP/DHCP, Reply, length 300
23:56:41.449076 IP 192.168.10.1.bootps > professorfrink.springfield.bootps: BOOTP/DHCP, Reply, length 300
23:56:52.225585 IP 192.168.10.1.53025 > 207.46.48.150.3544: UDP, length 61
23:56:52.605929 IP 207.46.48.150.3544 > 192.168.10.1.53025: UDP, length 109
23:56:56.442527 IP professorfrink.springfield.bootps > 192.168.10.1.bootps: BOOTP/DHCP, Request from 00:0c:f1:06:22:c9 (oui Unknown), length 300
23:56:56.442675 IP 192.168.10.1.bootps > 255.255.255.255.bootpc: BOOTP/DHCP, Reply, length 300
23:56:56.442841 IP 192.168.10.1.bootps > professorfrink.springfield.bootps: BOOTP/DHCP, Reply, length 300
23:57:33.346429 IP 192.168.10.1.53025 > 207.46.48.150.3544: UDP, length 61
23:57:33.720987 IP 207.46.48.150.3544 > 192.168.10.1.53025: UDP, length 109
23:57:37.716999 IP 192.168.10.1.53025 > 207.46.48.150.3544: UDP, length 52
23:57:38.218903 IP 192.168.10.1.53025 > tserv3.fmt2.ipv6.he.net.3545: UDP, length 52
23:57:38.219249 IP 192.168.10.1.53025 > 207.46.48.150.3544: UDP, length 52
23:57:38.315670 IP 207.46.48.150.3544 > 192.168.10.1.53025: UDP, length 48
23:57:38.315857 IP 192.168.10.1.53025 > tserv3.fmt2.ipv6.he.net.3545: UDP, length 40
23:57:38.530824 IP tserv3.fmt2.ipv6.he.net.3545 > 192.168.10.1.53025: UDP, length 52
23:57:38.531199 IP 192.168.10.1.53025 > tserv3.fmt2.ipv6.he.net.3545: UDP, length 90
23:57:38.666294 IP tserv3.fmt2.ipv6.he.net.3545 > 192.168.10.1.53025: UDP, length 52
23:57:38.666582 IP 192.168.10.1.53025 > tserv3.fmt2.ipv6.he.net.3545: UDP, length 108
23:57:38.749128 IP tserv3.fmt2.ipv6.he.net.3545 > 192.168.10.1.53025: UDP, length 165
23:57:38.750119 IP 192.168.10.1.53025 > tserv3.fmt2.ipv6.he.net.3545: UDP, length 84
23:57:38.883610 IP tserv3.fmt2.ipv6.he.net.3545 > 192.168.10.1.53025: UDP, length 183
23:57:38.970828 IP tserv3.fmt2.ipv6.he.net.3545 > 192.168.10.1.53025: UDP, length 159
23:57:39.048030 IP 192.168.10.1.bootps > 255.255.255.255.bootpc: BOOTP/DHCP, Reply, length 300
23:57:39.048631 IP professorfrink.springfield.bootps > 192.168.10.1.bootps: BOOTP/DHCP, Request from 00:1f:d0:8a:b3:0d (oui Unknown), length 300
23:57:39.048962 IP 192.168.10.1.bootps > professorfrink.springfield.bootps: BOOTP/DHCP, Reply, length 300
23:57:39.051159 IP 192.168.10.1.53025 > tserv3.fmt2.ipv6.he.net.3545: UDP, length 88
23:57:39.276599 IP tserv3.fmt2.ipv6.he.net.3545 > 192.168.10.1.53025: UDP, length 163
23:58:11.094560 IP 192.168.10.1.bootps > 255.255.255.255.bootpc: BOOTP/DHCP, Reply, length 300
23:58:11.094891 IP professorfrink.springfield.bootps > 192.168.10.1.bootps: BOOTP/DHCP, Request from 00:0c:f1:06:22:c9 (oui Unknown), length 300
23:58:11.095216 IP 192.168.10.1.bootps > professorfrink.springfield.bootps: BOOTP/DHCP, Reply, length 300
23:58:15.143315 IP 192.168.10.1.53025 > tserv3.fmt2.ipv6.he.net.3545: UDP, length 89
23:58:15.361334 IP tserv3.fmt2.ipv6.he.net.3545 > 192.168.10.1.53025: UDP, length 164
23:58:20.192217 IP 192.168.10.1.53025 > 207.46.48.150.3544: UDP, length 52
23:58:20.635392 IP tserv3.fmt2.ipv6.he.net.3545 > 192.168.10.1.53025: UDP, length 52
23:58:22.769789 IP professorfrink.springfield.bootps > 192.168.10.1.bootps: BOOTP/DHCP, Request from 00:0c:f1:06:22:c9 (oui Unknown), length 300
23:58:22.769985 IP 192.168.10.1.bootps > 255.255.255.255.bootpc: BOOTP/DHCP, Reply, length 300
23:58:22.770152 IP 192.168.10.1.bootps > professorfrink.springfield.bootps: BOOTP/DHCP, Reply, length 300
23:58:53.326088 IP 192.168.10.1.53025 > 207.46.48.150.3544: UDP, length 61
23:58:53.702375 IP 207.46.48.150.3544 > 192.168.10.1.53025: UDP, length 109

I ran the tcp dump command on both the wireless(ral0) and the lan(rl1) and that was the output of the DHCP request the laptop just ends up timing out.

13
Wireless / Wifi to Lan Bridge problems
« on: September 07, 2009, 02:15:44 am »
Hi all, i have been reading different guides and been in mIRC asking for assistance but keep running into a wall.

I am trying to install a WiFi card into an existing pFsense box which is currently running the following,

Load Balanced
Wan1 (ADSL PPPoE Connection)
Wan2(opt1) (Cable DHCP Connection)

Lan (192.168.10.x)

DHCP is being handled by a 2k3 box and i have setup DHCP relay on pFsense to point to the 2k3 box.

I have installed the WiFi card and set it up under the webgui as WLAN1(opt2). I then setup the WiFi as an access point with no security just as a test. I then bridged wlan to lan and also I created rules under

Firewall | Nat Outbound |

WLAN1    192.168.10.0/24  *  *  *  *  *  YES

Firewall | Rules | Wlan1 |

UDP  *  68  255.255.255.255  67  *
UDP  *  68  192.168.10.1  67  *
*  *  *  *  *  *
*  LAN net  *  *  *  *
*  WLAN1 net  *  *  *  *

This has left me what i thought pretty safe to pass everything the WiFi card gets sent but i was wrong. DHCP doesnt work on the wifi card on the laptop or the iphone and setting it to static only works half the time to reach the internet.

Any advice would be muchly appreciated.

Pages: [1]