Category Archives: networking

ProTip: Useful things from @SwiftOnSecurity

Some useful reference things; mostly from @SwiftOnSecurity
(i’l be updating this with more things)

pfSense2

So I recently bought a box to run pfSense2 on, to replace some of the crap on my network
before my home lan was more or less:

[Internets]—>[crappy actioncrap router from fios]—->[linksys running tomato]—>computers
now its   [internets]—>[pfSense]—[gigabit switch(unmanaged)]—>computers    (with linksys on the switch for wifis)

Hardware (total over kill)

  • BIOSTAR IPV10-IA Intel NM10 Mini ITX Intel Atom D525 (Dual core, 1.8 GHz) Server Motherboard
  • Kingston 4GB (2 x 2GB) 240-Pin DDR3 SDRAM DDR3 1066 (PC3 8500) Dual Channel Kit Desktop Memory Model KVR1066D3N7K2/4G
  • APEX MI-008 Black Steel Mini-ITX Tower Computer Case 250W Power Supply
  • Western Digital Caviar Blue WD1600AAJS 160GB 7200 RPM SATA 3.0Gb/s 3.5? Internal Hard Drive -Bare Drive

 

After the initial headaches I’m really starting to like it

Headache one:  For what ever reason pfSense would not boot of a usb drive (tested same usb drive with ubuntu, and booted just fine)   I got around this by just using the sata dvd/cd drive from my desktop…

Headache two: adding a NAT port forward will by default flush your state table, and I like to randomly add port fowards, and being on irc made this quite annoying,

To fix this you need to go to > System: Advanced: Miscellaneous and check the option:

Gateway Monitoring
States By default the monitoring process will flush states for a gateway that goes down. This option allows to override this setting by not clearing states for existing connections.

 

also some graphs :D