https://blog.crox.net/ en Serendipity 2.5.0 - http://www.s9y.org/ Thu, 16 Sep 2010 21:28:12 GMT https://blog.crox.net/templates/2k11/img/s9y_banner_small.png https://blog.crox.net/ 100 21 https://blog.crox.net/archives/68-pfSense-dropping-packets-from-specific-hosts-outdated-bogons-lists.html https://blog.crox.net/archives/68-pfSense-dropping-packets-from-specific-hosts-outdated-bogons-lists.html#comments https://blog.crox.net/wfwcomment.php?cid=68 0 https://blog.crox.net/rss.php?version=2.0&type=comments&cid=68 nospam@example.com (crox) After a fresh <a href="http://www.pfsense.org/" title="pfSense">pfSense</a> install, I found out that traffic from specific hosts was being dropped when it should have been allowed based on the firewall rules I defined.<br /> <br /> It turned out that the option "block bogon networks" was activated on the WAN interface, and that fresh pfSense images come with a slightly outdated <a href="http://en.wikipedia.org/wiki/Bogon_filtering" title="bogon">bogon</a> list.<br /> <br /> If you are facing this problem, you have three options:<br /> <br /> 1. disable the "Block bogon networks" option at the bottom of the WAN interface page<br /> <br /> 2. after at most one week, the list will be updated automatically as long as the box is online (there is a cron entry, grep your config file for bogon)<br /> <br /> 3. if you don't want 1. and can't wait for 2, you can trigger the update process manually by running:<pre>/etc/rc.update_bogons.sh 0</pre>Check the output from the Status -> System Logs -> System page (I ran it from a serial console, but it should work fine by ssh or from the exec.php page too)<br /> <br /> <br /> Thu, 16 Sep 2010 21:14:52 +0000 https://blog.crox.net/archives/68-guid.html adsl network pfsense https://blog.crox.net/archives/31-Linksys-WAG200G-EU-stops-routing-UDP-after-a-while-scripted-reboot-how-to.html https://blog.crox.net/archives/31-Linksys-WAG200G-EU-stops-routing-UDP-after-a-while-scripted-reboot-how-to.html#comments https://blog.crox.net/wfwcomment.php?cid=31 1 https://blog.crox.net/rss.php?version=2.0&type=comments&cid=31 nospam@example.com (crox) It seems that after having been up for a couple of days, the WAG200G starts having issues routing UDP packets properly. This particularly affects VoIP traffic (here IAX2 on port 4569). The symptoms are that "regular surfing" works flawlessly, but the registration with the asterisk server fails. <a href="http://en.wikipedia.org/wiki/Tcpdump" title="tcpdump">tcpdump</a> shows no traffic on the server side. Restarting the WAG200G immediately solves the problem.<br /> <br /> Here is how I restarted the router from the command line:<br /> <pre>wget --http-user=admin --http-password=pa55w0rd \<br /> --post-data='reboot=1&save=Enregistrer+les+param%E8tres&todo=reboot&h_reboot=1&this_file=Reboot.htm&next_file=index.htm&message=' \<br /> http://192.168.0.1/setup.cgi</pre><br /> (replace password and IP address as appropriate)<br /> Fri, 07 Mar 2008 10:04:25 +0000 https://blog.crox.net/archives/31-guid.html adsl linksys network wlan