Skip to content

pfSense dropping packets from specific hosts (outdated bogons lists)

After a fresh pfSense install, I found out that traffic from specific hosts was being dropped when it should have been allowed based on the firewall rules I defined.

It turned out that the option "block bogon networks" was activated on the WAN interface, and that fresh pfSense images come with a slightly outdated bogon list.

If you are facing this problem, you have three options:

1. disable the "Block bogon networks" option at the bottom of the WAN interface page

2. after at most one week, the list will be updated automatically as long as the box is online (there is a cron entry, grep your config file for bogon)

3. if you don't want 1. and can't wait for 2, you can trigger the update process manually by running:
/etc/rc.update_bogons.sh 0
Check the output from the Status -> System Logs -> System page (I ran it from a serial console, but it should work fine by ssh or from the exec.php page too)


  • Twitter
  • Bookmark pfSense dropping packets from specific hosts (outdated bogons lists) at del.icio.us
  • Facebook
  • Google Bookmarks
  • FriendFeed
  • Digg pfSense dropping packets from specific hosts (outdated bogons lists)
  • Mixx pfSense dropping packets from specific hosts (outdated bogons lists)
  • Bloglines pfSense dropping packets from specific hosts (outdated bogons lists)
  • Technorati pfSense dropping packets from specific hosts (outdated bogons lists)
  • Fark this: pfSense dropping packets from specific hosts (outdated bogons lists)
  • Bookmark pfSense dropping packets from specific hosts (outdated bogons lists) at YahooMyWeb
  • Bookmark pfSense dropping packets from specific hosts (outdated bogons lists) at Furl.net
  • Bookmark pfSense dropping packets from specific hosts (outdated bogons lists) at reddit.com
  • Bookmark pfSense dropping packets from specific hosts (outdated bogons lists) at blinklist.com
  • Bookmark pfSense dropping packets from specific hosts (outdated bogons lists) at Spurl.net
  • Bookmark pfSense dropping packets from specific hosts (outdated bogons lists) at NewsVine
  • Bookmark pfSense dropping packets from specific hosts (outdated bogons lists) at Simpy.com
  • Bookmark pfSense dropping packets from specific hosts (outdated bogons lists) at blogmarks
  • Bookmark pfSense dropping packets from specific hosts (outdated bogons lists) with wists
  • wong it!
  • Bookmark using any bookmark manager!
  • Stumble It!
  • Print this article!
  • E-mail this story to a friend!
  • Identi.ca

Numéro pour vérifier la présélection téléphonique (opérateurs en Suisse)

Composer le 0868 868 868.
  • Twitter
  • Bookmark Numéro pour vérifier la présélection téléphonique (opérateurs en Suisse) at del.icio.us
  • Facebook
  • Google Bookmarks
  • FriendFeed
  • Digg Numéro pour vérifier la présélection téléphonique (opérateurs en Suisse)
  • Mixx Numéro pour vérifier la présélection téléphonique (opérateurs en Suisse)
  • Bloglines Numéro pour vérifier la présélection téléphonique (opérateurs en Suisse)
  • Technorati Numéro pour vérifier la présélection téléphonique (opérateurs en Suisse)
  • Fark this: Numéro pour vérifier la présélection téléphonique (opérateurs en Suisse)
  • Bookmark Numéro pour vérifier la présélection téléphonique (opérateurs en Suisse) at YahooMyWeb
  • Bookmark Numéro pour vérifier la présélection téléphonique (opérateurs en Suisse) at Furl.net
  • Bookmark Numéro pour vérifier la présélection téléphonique (opérateurs en Suisse) at reddit.com
  • Bookmark Numéro pour vérifier la présélection téléphonique (opérateurs en Suisse) at blinklist.com
  • Bookmark Numéro pour vérifier la présélection téléphonique (opérateurs en Suisse) at Spurl.net
  • Bookmark Numéro pour vérifier la présélection téléphonique (opérateurs en Suisse) at NewsVine
  • Bookmark Numéro pour vérifier la présélection téléphonique (opérateurs en Suisse) at Simpy.com
  • Bookmark Numéro pour vérifier la présélection téléphonique (opérateurs en Suisse) at blogmarks
  • Bookmark Numéro pour vérifier la présélection téléphonique (opérateurs en Suisse) with wists
  • wong it!
  • Bookmark using any bookmark manager!
  • Stumble It!
  • Print this article!
  • E-mail this story to a friend!
  • Identi.ca

Scanner permissions in Ubuntu Karmic (udev libusb saned problem with udev-acl)

In Ubuntu Karmic (and possibly Jaunty ?), when you install libsane, it adds a file /lib/udev/rules.d/40-libsane.rules which contains rules that match on supported scanners and set the environment variable "libsane_matched" to "yes".

This in turn triggers the following in /lib/udev/rules.d/70-acl.rules:
# USB scanners
ENV{libsane_matched}=="yes", ENV{ACL_MANAGE}="1"
<snip>
# apply ACL for all locally logged in users
LABEL="acl_apply", ENV{ACL_MANAGE}=="?*", TEST=="/var/run/ConsoleKit/database", \
RUN+="udev-acl --action=$env{ACTION} --device=$env{DEVNAME}"

In the end, the result is that an ACL is created for the device, which allows locally logged in users to use it (read/write permission). eg for my scanner:
~# lsusb
Bus 001 Device 005: ID 04b8:011c Seiko Epson Corp. Perfection 3200
~# ls -l /dev/bus/usb/001/005
crw-rw-r--+ 1 root root 189, 4 2009-12-28 00:11 /dev/bus/usb/001/005
~# getfacl /dev/bus/usb/001/005
getfacl: Removing leading '/' from absolute path names
# file: dev/bus/usb/001/005
# owner: root
# group: root
user::rw-
user:crox:rw-
group::rw-
mask::rw-
other::r--
~#

However, I also wanted to allow access to the scanner from other workstations through saned. In older Ubuntu versions, you could just add saned (or whatever user the service runs as) to the scanner group. This no longer works since the device belongs to root:root, and ACLs are added for specific users. The solution that works for me is to create a file /etc/udev/rules.d/99-sane-group.rules with the following contents:
# change group to scanner for sane devices
ENV{libsane_matched}=="yes", GROUP="scanner"

Then you just need to run
sudo udevadm trigger
and the group of the device magically changes to scanner.

Of course you could also add a similar rule specifically for a certain device instead, in my case this would work too:
ATTRS{idVendor}=="1d6b", ATTRS{idProduct}=="0002", GROUP="scanner"


To check that it worked, run the following:
sudo su -s /bin/bash -c 'scanimage -L' saned



  • Twitter
  • Bookmark Scanner permissions in Ubuntu Karmic (udev libusb saned problem with udev-acl) at del.icio.us
  • Facebook
  • Google Bookmarks
  • FriendFeed
  • Digg Scanner permissions in Ubuntu Karmic (udev libusb saned problem with udev-acl)
  • Mixx Scanner permissions in Ubuntu Karmic (udev libusb saned problem with udev-acl)
  • Bloglines Scanner permissions in Ubuntu Karmic (udev libusb saned problem with udev-acl)
  • Technorati Scanner permissions in Ubuntu Karmic (udev libusb saned problem with udev-acl)
  • Fark this: Scanner permissions in Ubuntu Karmic (udev libusb saned problem with udev-acl)
  • Bookmark Scanner permissions in Ubuntu Karmic (udev libusb saned problem with udev-acl) at YahooMyWeb
  • Bookmark Scanner permissions in Ubuntu Karmic (udev libusb saned problem with udev-acl) at Furl.net
  • Bookmark Scanner permissions in Ubuntu Karmic (udev libusb saned problem with udev-acl) at reddit.com
  • Bookmark Scanner permissions in Ubuntu Karmic (udev libusb saned problem with udev-acl) at blinklist.com
  • Bookmark Scanner permissions in Ubuntu Karmic (udev libusb saned problem with udev-acl) at Spurl.net
  • Bookmark Scanner permissions in Ubuntu Karmic (udev libusb saned problem with udev-acl) at NewsVine
  • Bookmark Scanner permissions in Ubuntu Karmic (udev libusb saned problem with udev-acl) at Simpy.com
  • Bookmark Scanner permissions in Ubuntu Karmic (udev libusb saned problem with udev-acl) at blogmarks
  • Bookmark Scanner permissions in Ubuntu Karmic (udev libusb saned problem with udev-acl) with wists
  • wong it!
  • Bookmark using any bookmark manager!
  • Stumble It!
  • Print this article!
  • E-mail this story to a friend!
  • Identi.ca

Making a Dell computer running Linux silent (Dell Precision noise problem)

Faced with a noisy Dell Precision 490 computer running Ubuntu Karmic, I found an easy way to reduce the noise level to an acceptable threshold. (fancontrol did not help since it seems not to be compatible with the chipset used by Dell at least on this computer.)

Step 1, install i8kutils:
sudo apt-get install i8kutils

Step 2, add i8k to /etc/modules:
sudo sh -c 'echo i8k >> /etc/modules'

Step 3, edit /etc/default/i8kmon so that it looks like this:
# /etc/default/i8kmon

# Change to one enable i8kmon
ENABLED=1
I8KMON_ARGS="--daemon --nouserconfig --auto"

Step 4, reboot and enjoy!

  • Twitter
  • Bookmark Making a Dell computer running Linux silent (Dell Precision noise problem) at del.icio.us
  • Facebook
  • Google Bookmarks
  • FriendFeed
  • Digg Making a Dell computer running Linux silent (Dell Precision noise problem)
  • Mixx Making a Dell computer running Linux silent (Dell Precision noise problem)
  • Bloglines Making a Dell computer running Linux silent (Dell Precision noise problem)
  • Technorati Making a Dell computer running Linux silent (Dell Precision noise problem)
  • Fark this: Making a Dell computer running Linux silent (Dell Precision noise problem)
  • Bookmark Making a Dell computer running Linux silent (Dell Precision noise problem) at YahooMyWeb
  • Bookmark Making a Dell computer running Linux silent (Dell Precision noise problem) at Furl.net
  • Bookmark Making a Dell computer running Linux silent (Dell Precision noise problem) at reddit.com
  • Bookmark Making a Dell computer running Linux silent (Dell Precision noise problem) at blinklist.com
  • Bookmark Making a Dell computer running Linux silent (Dell Precision noise problem) at Spurl.net
  • Bookmark Making a Dell computer running Linux silent (Dell Precision noise problem) at NewsVine
  • Bookmark Making a Dell computer running Linux silent (Dell Precision noise problem) at Simpy.com
  • Bookmark Making a Dell computer running Linux silent (Dell Precision noise problem) at blogmarks
  • Bookmark Making a Dell computer running Linux silent (Dell Precision noise problem) with wists
  • wong it!
  • Bookmark using any bookmark manager!
  • Stumble It!
  • Print this article!
  • E-mail this story to a friend!
  • Identi.ca

SIP support in Nokia phones (S60 VoIP / S40 VoIP)

Thanks to Luca who provided me with a link to this table detailing VoIP (SIP) support in Nokia devices.
  • Twitter
  • Bookmark SIP support in Nokia phones (S60 VoIP / S40 VoIP) at del.icio.us
  • Facebook
  • Google Bookmarks
  • FriendFeed
  • Digg SIP support in Nokia phones (S60 VoIP / S40 VoIP)
  • Mixx SIP support in Nokia phones (S60 VoIP / S40 VoIP)
  • Bloglines SIP support in Nokia phones (S60 VoIP / S40 VoIP)
  • Technorati SIP support in Nokia phones (S60 VoIP / S40 VoIP)
  • Fark this: SIP support in Nokia phones (S60 VoIP / S40 VoIP)
  • Bookmark SIP support in Nokia phones (S60 VoIP / S40 VoIP) at YahooMyWeb
  • Bookmark SIP support in Nokia phones (S60 VoIP / S40 VoIP) at Furl.net
  • Bookmark SIP support in Nokia phones (S60 VoIP / S40 VoIP) at reddit.com
  • Bookmark SIP support in Nokia phones (S60 VoIP / S40 VoIP) at blinklist.com
  • Bookmark SIP support in Nokia phones (S60 VoIP / S40 VoIP) at Spurl.net
  • Bookmark SIP support in Nokia phones (S60 VoIP / S40 VoIP) at NewsVine
  • Bookmark SIP support in Nokia phones (S60 VoIP / S40 VoIP) at Simpy.com
  • Bookmark SIP support in Nokia phones (S60 VoIP / S40 VoIP) at blogmarks
  • Bookmark SIP support in Nokia phones (S60 VoIP / S40 VoIP) with wists
  • wong it!
  • Bookmark using any bookmark manager!
  • Stumble It!
  • Print this article!
  • E-mail this story to a friend!
  • Identi.ca