pfSense Gold Subscription

Recent Posts

Pages: [1] 2 3 4 5 ... 10
1
OpenVPN / Re: openvpn 2.3.8 and pfsense 2.2.4 no working
« Last post by khairy.boub on Today at 07:16:09 am »
thinksssssss
2
OpenVPN / Re: openvpn 2.3.8 and pfsense 2.2.4 no working
« Last post by johnpoz on Today at 07:06:51 am »
Create Server cert, or just use the openvpn wizard tab that walks you through setting up openvpn... 
3
Portuguese / Modulo Squid LoadBalance para alunos do Sys Squad!
« Last post by JackL on Today at 07:05:44 am »
Buenas!

Acaba de ser liberado, para os alunos da aula sobre LoadBalance e/ou FailOver com Squid no mesmo server do firewall, do Curso pfSense Intranet no Sys Squad, código do Squid LoadBalance, assim como, uma vídeo-aula extra mostrando como aplicar este código no seu ‪‎pfSense‬!

Os alunos tem direito de testar a aplicação gratuitamente por 3 meses! ;)


Abraços!
Jack
4
If you were going to use pfsense to route your traffic to firewall your VMs then package is clickity clickity..  But to be honest if you want to really run snort, etc.  And have full control and power and feature set, etc.. Better to run it on your own VM not the package integrated into pfsense.
5
Portuguese / Re: wpad no pfsense
« Last post by reinaldo.feitosa on Today at 06:57:08 am »
Reinaldo bacana seu script

você o tomas recomendo usar como, tenho sites e ips não não vão usar o proxy, é melhor usar no script ou fazer uma outro processo no pfsense se houver

como posso usar aptar uma parte do Tomas
Code: [Select]
// Dominio sem proxy
  //if (shExpMatch(host, "site.a.b.c") || shExpMatch(host, "site.x.y.z")) return "DIRECT";

  // IP sem proxy
  //if (myIpAddress(), "0.0.0.0.0", "255.255.255.0") return "DIRECT";
podes dar uma dica

Tem várias formas pra fazer isso é uma questão de lógica.

Fiz uma alteração na primeira rede com o exemplo do Tomas junto.
Code: [Select]
function FindProxyForURL(url, host){
   var host_ip;
 
   host_ip= dnsResolve(host);
   if (isInNet(myIpAddress(), "192.168.7.0", "255.255.255.0"))
      if (isInNet(host_ip, "127.0.0.1", "255.255.255.255"))
         return "DIRECT";
      else if (isInNet(host_ip, "192.168.7.0", "255.255.255.0"))
         return "DIRECT";
      else if (shExpMatch(host, "site.a.b.c") || shExpMatch(host, "site.x.y.z"))
         return "DIRECT";
      else if myIpAddress() = "0.0.0.0.0"
         return "DIRECT";
      else
         return "PROXY 192.168.7.1:3128";
   else if (isInNet(myIpAddress(), "192.168.12.0", "255.255.255.0"))
      if (isInNet(host_ip, "127.0.0.1", "255.255.255.255"))
         return "DIRECT";
      else if (isInNet(host_ip, "192.168.12.0", "255.255.255.0"))
         return "DIRECT";
      else
         return "PROXY 192.168.12.1:3128";
   else if (isInNet(myIpAddress(), "192.168.13.0", "255.255.255.0"))
      if (isInNet(host_ip, "127.0.0.1", "255.255.255.255"))
         return "DIRECT";
      else if (isInNet(host_ip, "192.168.13.0", "255.255.255.0"))
         return "DIRECT";
      else
         return "PROXY 192.168.13.1:3128";
   else if (isInNet(myIpAddress(), "192.168.14.0", "255.255.255.0"))
      if (isInNet(host_ip, "127.0.0.1", "255.255.255.255"))
         return "DIRECT";
      else if (isInNet(host_ip, "192.168.14.0", "255.255.255.0"))
         return "DIRECT";
      else
         return "PROXY 192.168.14.1:3128";
   else if (isInNet(myIpAddress(), "192.168.15.0", "255.255.255.0"))
      if (isInNet(host_ip, "127.0.0.1", "255.255.255.255"))
         return "DIRECT";
      else if (isInNet(host_ip, "192.168.15.0", "255.255.255.0"))
         return "DIRECT";
      else
         return "PROXY 192.168.15.1:3128";
   else if (isInNet(myIpAddress(), "192.168.16.0", "255.255.255.0"))
      if (isInNet(host_ip, "127.0.0.1", "255.255.255.255"))
         return "DIRECT";
      else if (isInNet(host_ip, "192.168.16.0", "255.255.255.0"))
         return "DIRECT";
}

Eu separei o proxy por rede, mas poderia ser mesmo pra todas as redes. Seria o exemplo do Tomas com uma observação o proxy teria que ser a primeira linha, pois na ultima sem nenhum condição ele vai retornar o proxy para os ips e redes que passou para direct nas condições acima
o correto seria:
[/code]
function FindProxyForURL(url,host){

  // Regra deafult com proxy em ordem de fail-ver
  return "PROXY 1.2.3.4:3128; PROXY 5.6.7.8:3128";

  // If the requested website is hosted within the internal network, send direct.
  if (isPlainHostName(host) ||
    isInNet(dnsResolve(host), "10.0.0.0", "255.0.0.0") ||
    isInNet(dnsResolve(host), "172.16.0.0",  "255.240.0.0") ||
    isInNet(dnsResolve(host), "192.168.0.0",  "255.255.0.0") ||
    isInNet(dnsResolve(host), "127.0.0.0", "255.255.255.0"))
  return "DIRECT";
[/code]   
  // Dominio sem proxy
  //if (shExpMatch(host, "site.a.b.c") || shExpMatch(host, "site.x.y.z")) return "DIRECT";

  // IP sem proxy
  //if (myIpAddress(), "0.0.0.0.0", "255.255.255.0") return "DIRECT";

}
6
Yes you make a good point, thanks for the response
7
OpenVPN / Re: openvpn 2.3.8 and pfsense 2.2.4 no working
« Last post by khairy.boub on Today at 06:49:11 am »

how i can fix please
8
Portuguese / Re: pfsense com GW
« Last post by marcosmassa on Today at 06:49:06 am »
resumo do procedimento

instale o pfsense,
desative a interface que foi configurada como WAN
configure a interface LAN, configure o Default Gateway dessa interface,
Configure o proxy ( squid ou squid3)

e claro, configure a parte de DNS do seu pfsense para usar o dns de sua rede ...
9
Hardware / Re: Hardware advice for new pfsense
« Last post by BlueKobold on Today at 06:47:11 am »
Quote
No accessories to buy.
M.2 SSD, miniPCIe cards and USB to Serial cable could be also accessories, or?
10
OpenVPN / Re: openvpn 2.3.8 and pfsense 2.2.4 no working
« Last post by johnpoz on Today at 06:44:54 am »
"error=unsupported certificate purpose"

What part is confusing about this to you??  Did you run through the openvpn wizard and let it create the CA and server cert for you..

Look on your cert
Pages: [1] 2 3 4 5 ... 10