Archive for the ‘Computers’ Category

How to update pfSense to the latest testing snapshot…

2006/02/27

As some of my regular readers may remember I switched my home firewall over to pfSense a few weeks ago. I installed the latest version shown on the web site at the time — pfSense 1.0 BETA.

One of the cool features pfSense offers is Traffic Shaping. Since I use Vonage as my VOIP phone provider I wanted to prioritize my Vonage network traffic so that file uploads would not cause dropped audio during phone calls.

After running through the pfSense Traffic Shaper Wizard I noticed that my Vonage traffic was not prioritized as promised. After doing some research I noticed that the port range set for Vonage by the Traffic Shaper Wizard was wrong. I submitted a bug report on the incorrect port range here and was impressed at how quickly the pfSense team responded. The port range fix should be included in the next test image.

I also learned that the Traffic Shaper in pfSense 1.0 BETA is broken. It was recommended that I upgrade to the latest testing snapshot if I wanted a working Traffic Shaper.

It was not immediately obvious to me how to actually upgrade my installation. After a bit of fumbling I was able to figure out what to do so I will now share that information with you, my loyal reader. It turns out that the pfSense project considers it a “firmware upgrade”.

  1. Get the latest pfSense stable release up and running (1.0 BETA at the time of this post).
  2. Visit here and download the latest testing snapshot (it will be a .gz file) to your Management PC.
  3. Log into the pfSense web console from your Management PC and click System -> Firmware -> Click “Enable firmware upload” -> Click “Browse” -> Select your .gz file from the previous step -> Click “Upgrade Firmware”.
  4. After a few minutes you will need to confirm the upgrade. The machine will then reboot and you will have the latest testing snapshot installed!

OS X 10.4 Tiger VPN Connection Problem Fixed

2006/02/11

I’ve been playing around with an iMac over the past week and have been very impressed so far.

One problem I ran into though was that the VPN client that comes with OS X 10.4 (Tiger) was not able to connect into my office Windows PPTP server. My Windows machines at home were able to successfully connect though so the problem was not with my network (or so I thought).

After I replaced my router with a different firewall tonight the VPN client started to work! So if you have a Linksys RT31P2 router and are having problems connecting into your work VPN try taking the router out of the picture to see if that solves your problem.

It is always nice for a System Administrator like me to be occasionally reminded not to make assumptions when troubleshooting a problem. I’m just glad that it happened at home instead of at work where a ton of people would have find out about my lapse… er… wait a minute…

Mad Props to pfSense

2006/02/10

I decided to replace my existing Linksys router with a new firewall tonight.

I wanted to learn how use FreeBSD’s pf (packet filter) application. Since I use Vonage for my telephone service I also wanted a solution that implemented QoS/Traffic Shaping so that my phone call network traffic would be prioritized over other traffic. This necessitated learning about the ALTQ application. According to the FreeBSD Handbook pf is included in the base system but installing ALTQ requires recompiling the FreeBSD kernel.

While not overly complicated, installing and configuring those packages was going to take time. I would rather just jump to the fun stuff of configuring and playing with a new firewall.

Just then I ran across the pfSense project. These guys have already spent the time setting up FreeBSD with pf, ALTQ, and a whole bunch of other stuff and released it on a bootable CD. There was no sense in reinventing the wheel so I slapped the CD into an old computer and within 15 minutes I had a new firewall with a snazzy web interface and more features then my old router.

This is a great example of being able to stand on the shoulders of other people. A great big thank you to the pfSense team for allowing me to get to the “fun stuff” sooner.

Mac fan boys…

2006/02/09

My roommate Bill is a diehard Mac fan boy. I say that with all due respect because his fandom is the reason why there is a nice shiny new Intel Core Duo iMac sitting in the common room. Since Bill already has a high end Power Mac for his main computer that means that there is never a line to use the iMac.

The OS X operating system is very nice. I can see why Bill likes it so much. It is true when they say that with a Mac everything “just works.”

A case in point is the OS X Address Book. The Address Book can store a picture of each contact. Coming from a Windows world I just “knew” that I would need to first resize/crop any pictures that I wanted to put into the address book — after all that is how adding a photo to an Outlook Contact works. Imagine my surprise when I decided to try dropping an unedited picture onto an Address Book entry. The Address Book allowed me to resize/crop the photo from right within the application. That was a very nice touch. Kudos.