headers
Scott Nasuta | 10 Mar 2005 01:52
Picon

Benchamrking and import Rules?

I am interested in doing benchmarks on m0n0 (1.11 & betas) vs pfsense
and would like to incrementally increase the firewall rules to guage
performance impact of increasing rules between these two awesome
platforms. I also will look to see If I can find a good CD based Linux
firewall to throw in as well.

I have the machine all ready with latest version of each and my two
client PC's running QCheck. But I wonder if there are any of you that
can submit large rules for me to import to do my testing. Also is this
possible to do or will I have to manually add 25,50,100 rules?

I am also open to suggestions on what to test/change, better benchmark
software, etc. QCheck seems like a good utility for being free. I plan
on testing throughput of course, plus latency and UDP streaming. My
guess is that there will be little difference bewteen the combatants
since I an unable to hardly tax the systems (unless someone has 1000
rules or something), but I am curious nonetheless if there are
differences between IPFilter & PF.

--
Best regards,
 Scott N                          mailto:tcslv <at> cox.net
Permalink | Reply | 0 comments |
headers
Mircea Rimbu | 15 Mar 2005 07:56
Picon

Re: ftp-proxy issue

Good news for me ,
Anyway the individual host traffic stats is in my vision
just an informational tool ( to see who eat the bandwidth or
if our traffic shaper work as we wish) not for long term accounting.
Package or integrated  I think is useful for traffic shaper administration.
Any plan for an zebra / quagga routing software package ?

Best regards
Mircea Rimbu

----- Original Message ----- 
From: "Bill Marquette" <bill.marquette@...>
To: "Mircea Rimbu" <mircea@...>
Cc: <support@...>
Sent: Tuesday, March 15, 2005 6:10 AM
Subject: Re: [pfSense Support] ftp-proxy issue

> Static arp code imported with some small changes.  I'm about to
> convert it to be interface specific though to be more inline with how
> the dhcp server code works.
>
> Not ready to import the individual hosts traffic stats yet though.
> Need to test it out a bit and see if it's in line with what we want to
> do with pfSense.  Might be something we can add as a package though
> since it's seperated out.
>
> --Bill
>
>
> On Mon, 14 Mar 2005 12:03:28 +0200, Mircea Rimbu
(Continue reading)

Permalink | Reply | 1 comment |
headers
Michael Mee | 15 Mar 2005 07:52
Picon
Favicon
Gravatar

Nokia IP110 report - problem booting

Thanks to help earlier from Bill and Chris, I took a stab at getting 
pfSense running on the Nokia IP110 (see 
http://chrisbuechler.com/m0n0wall/nokia/ip110.html and 
http://www.socalfreenet.org/nokiaip110 for more info on the box).

The short version is... It boots but crashes - see full bootlog way below.

Steps I Did:

*** Attempt 1 - Soekris Image using PhysDiskWrite

I tried the easy way first. After a little digging, in the Downloads -> 
Extra Files, I found the file 
http://www.pfsense.com/downloads/pfSense-128-meg-soekris-0.52.2.img 
which I took to be a physdiskwrite / dd compatible image.  I downloaded 
it to my XP box, plugged in the USB-IDE adapter I recently bought ($21 
with shipping from www.byterunner.com, search for USB-IDE-ADAP) and ... 
completely stuffed up my XP box for 20 mins because I moved my USB 
devices around (including the keyboard) so I could use the USB 2 port.

After I put everything back, except the USB-IDE adapter and got it all 
working, I then plugged it into a USB 1.1 port, ignored the warnings 
that it wouldn't run full speed and ran physdiskwrite -u <imgfilename>. 
This worked wonderfully and only took a couple of minutes. (Note that I 
was incredibly cautious about this - first running physdiskwrite both 
with and without the USB-IDE adapter plugged in so I could be reasonably 
sure that the new disk that appeared was the correct one to write to).

Excited, I removed the CF adapter with m0n0wall 1.2b6 (which booted 
fine) and added the hard disk and screwed everything back together (the
(Continue reading)

Permalink | Reply | 1 comment |
headers
Bill Marquette | 15 Mar 2005 15:03
Picon
Gravatar

Re: ftp-proxy issue

On Tue, 15 Mar 2005 08:56:06 +0200, Mircea Rimbu
<mircea@...> wrote:
> Good news for me ,

Todays build (whenever it happens) will likely have the static arp
code.  Thinking about it more, I do wish to unlink it from the DHCP
code.  I think it deserves it's own screen (with maybe an option to
import DHCP hosts) as I don't want DHCP in my DMZ, but it would be
useful to have static arp entries (and enforcement) of them in the
DMZ.  Static arp and no enforcement (for instance) on the WAN...etc.

> Anyway the individual host traffic stats is in my vision
> just an informational tool ( to see who eat the bandwidth or
> if our traffic shaper work as we wish) not for long term accounting.
> Package or integrated  I think is useful for traffic shaper administration.

We'll take a look, it's in my checked out source tree right now.  I
need to dig up a copy of dummynet.ko and I'll play around with it.

> Any plan for an zebra / quagga routing software package ?

A routing package is on the table - I'm not sure where it is on the list though.

--Bill
Permalink | Reply | 0 comments |
headers
Scott Ullrich | 15 Mar 2005 15:13
Picon
Gravatar

Re: WebGUI still rebooting box

Sorry to hear this.   What type of hardware do you have?    Do you
have any packages installed on pfSense?

Scott

On Mon, 14 Mar 2005 18:12:11 -0800, Scott Nasuta <tcslv@...> wrote:
> Hello support,
> 
>   I wiped the troublesome 0.53 from my box and reverted back to 0.48
>   from install and everything was fine regarding the WebGUI. I was
>   able to make changes and browse the GUI with no problems. So then I
>   invoked Auto Update to bring me to latest as of today
>   {0.53.1-Feliz-Gravitas-%231} and now it is back to rebooting.
> 
>   Entering in the credentials it goes to authenticates then reboots. With
>   the latest version I can't even get INTO the gui without it
>   rebooting. I see nothing before I hear the box reboot. The version
>   from yesterday I was able to browse the GUI but it would reboot upon
>   *changes*. Again, version 0.48 was fine until I updated. I can't even
>   now access the WebGUi without a reboot. My next update of pfsense
>   will have to be from ISO/Scratch again (UGH).
> 
> --
> Best regards,
>  Scott                          mailto:tcslv@...
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: support-unsubscribe@...
> For additional commands, e-mail: support-help@...
>
(Continue reading)

Permalink | Reply | 2 comments |
headers
Scott Ullrich | 15 Mar 2005 15:23
Picon
Gravatar

Re: Pfsense OS Base

On Mon, 14 Mar 2005 18:16:56 -0800, Scott Nasuta <tcslv@...> wrote:
> Hello support,
> 
>   I noticed that we have switched to FreeBSD 5.4 "PreRelease"
>   recently. Most likely making PFsense double buggy now with PFsense
>   in deep beta PLUS now running ontop of highly evolving
>   'prerelease'/beta of FreeBSD. Is there a reason for jumping into
>   Prerelease?
> 
>   Also, Since pfsense uses PF from OpenBSD camp, why not just have PfSense
>   based on OpenBSD since PF would seem to work better/faster on its
>   own native platform instead of wrestling with FreeBSD 5x.

We have been on the same version of FreeBSD PreRelease #1 for about
2-3 weeks now and have not updated the code.   With that said however,
we will be resyncing the code base this weekend to make way for some
new patches for ALTQ/VLAN and the SIS patch to handle interrupts
better.

Scott
Permalink | Reply | 0 comments |
headers
Scott Nasuta | 16 Mar 2005 00:27
Picon

Re[2]: WebGUI still rebooting box

Hello Scott,

Tuesday, March 15, 2005, 6:13:38 AM, you wrote:

> Sorry to hear this.   What type of hardware do you have?    Do you
> have any packages installed on pfSense?

It is an old Compaq Deskpro2000 5200MMX with 64mb ram and two 3com
NICs. Pretty standard stuff for its time.

No packages installed, just a basic PFSense install. Like I mentioned,
I install 0.48 (last iso I have) and everything is fine. I can do all
webGUI stuff without problem. As soon as I update it to latest I can
no longer get into the GUI without reboot within 10-20 seconds. This
was a scratch .48 install updated to .53-1. What is even weirder is
that the newest one seem to have made it worse. .53 I was able to get
into the GUI but commits would reboot it. The box runs fine if I don't
bother going into the GUI after the initial setup using .48 and then
update to .53.

I looked for some crash dumps but couldn't find any. I am not very
developer verse and don't know the first thing to do to help diagnose
it. I have m0n0 back up and running and will wait a little while to
try pfsense again since I will have to redue from scratch and the
latest iso is the one giving me problems.

--

-- 
Best regards,
 Scott                            mailto:tcslv@...
(Continue reading)

Permalink | Reply | 1 comment |
headers
Scott Ullrich | 16 Mar 2005 00:35
Picon
Gravatar

Re: Re[2]: WebGUI still rebooting box

On Tue, 15 Mar 2005 15:27:38 -0800, Scott Nasuta <tcslv@...> wrote:
> Hello Scott,
>

Hi!

> 
> It is an old Compaq Deskpro2000 5200MMX with 64mb ram and two 3com
> NICs. Pretty standard stuff for its time.
> 
> No packages installed, just a basic PFSense install. Like I mentioned,
> I install 0.48 (last iso I have) and everything is fine. I can do all
> webGUI stuff without problem. As soon as I update it to latest I can
> no longer get into the GUI without reboot within 10-20 seconds. This
> was a scratch .48 install updated to .53-1. What is even weirder is
> that the newest one seem to have made it worse. .53 I was able to get
> into the GUI but commits would reboot it. The box runs fine if I don't
> bother going into the GUI after the initial setup using .48 and then
> update to .53.
> 
> I looked for some crash dumps but couldn't find any. I am not very
> developer verse and don't know the first thing to do to help diagnose
> it. I have m0n0 back up and running and will wait a little while to
> try pfsense again since I will have to redue from scratch and the
> latest iso is the one giving me problems.

I'll give you some tips on how to recover/downgrade without reinstalling.

1. Visit http://www.pfsense.com/updates/?M=D and figure out which file
you want to back down to
(Continue reading)

Permalink | Reply | 0 comments |
headers
Chris Buechler | 16 Mar 2005 04:13
Picon

Re: Nokia IP110 report - problem booting

On Mon, 14 Mar 2005 22:52:56 -0800, Michael Mee <mm2001@...> wrote:
> Thanks to help earlier from Bill and Chris, I took a stab at getting
> pfSense running on the Nokia IP110 (see
> http://chrisbuechler.com/m0n0wall/nokia/ip110.html and
> http://www.socalfreenet.org/nokiaip110 for more info on the box).
> 
> The short version is... It boots but crashes - see full bootlog way below.
> 

Same here.  I loaded mine up the "traditional" way, putting the HD
into a laptop and running a typical install then putting the drive
into the IP110 and firing it up.

Got pretty much exactly what you got.  Console output at the bottom of
this message.

-Chris

Copyright (c) 1992-2005 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993,
1994
        The Regents of the University of California. All rights
reserved.
FreeBSD 5.4-PRERELEASE #7: Sun Mar  6 00:36:55 UTC 2005
    sullrich@...:/usr/obj/usr/src/sys/FREESBIE.5
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Geode(TM) Integrated Processor by National Semi (266.68-MHz
586-class CPU)
  Origin = "Geode by NSC"  Id = 0x540  Stepping = 0
  Features=0x808131<FPU,TSC,MSR,CX8,CMOV,MMX>
(Continue reading)

Permalink | Reply | 0 comments |
headers
Scott Ullrich | 17 Mar 2005 16:59
Picon
Gravatar

Re: Captive Portal not working

This is due to us syncing our version with the latest tarball posted
to m0n0wall-dev but it was accidently the wrong version lacking these
features.   Pascal is going to repost the code once he is back from
vacation and at that point I will resync.

Regards,

Scott

On Wed, 16 Mar 2005 08:43:53 -0800 (PST), Gene Zienty
<gzienty@...> wrote:
> Good Morning,
>    This is not a complaint, I realize these are Alpha
> Versions but it seems we may have taken a step
> backwards. Version .51 added some great features to
> the captive portal, ie. User Manager, bandwidth
> limiting etc, but with the release of .53 these are
> gone and the captive portal does not seem to work at
> all, no changes to the configuration are now possible,
> Web Gui after save returns Done with Errors and
> changes have not been saved. Is this portion a works
> in progress or have you decided to drop this feature?
> As an aside the captive portal in Ver .51 did not
> start on a reboot, needed to re-save the config for
> that page to start.
> 
> Thanks and again no complaints, you're doing a great
> job and for your info I,m running this on a Netier
> XL2000 K6-400 with 196M Memory and it's been very
> solid.
(Continue reading)

Permalink | Reply | 0 comments |

Gmane