---

臨時更改 IP, default gw 及 DNS:

 

ifconfig em0 x.x.x.x netmask 255.255.255.0

route add default y.y.y.y

echo "nameserver x.x.x.x" > /etc/resolv.conf

 

---

Temporarily disable firewall

 

# Disable:

pfctl -d

# 重開:

pfctl -e

 

---

pfctl Usage

 

pfctl -sn     Show current NAT rules

pfctl -sr     Show current filter rules

pfctl -ss     Show the current state table

pfctl -sa     Show everything it can show

 

---

# add an "allow all" rule on the WAN:

 

pfSsh.php playback enableallowallwan

 

---

# 加入一條 rule 到 Wan 的 rule list 尾:

 

pf version >= 2

easyrule block wan <source_ip>

easyrule pass <wan|lan|...>[protocol] <source_ip> <dest_ip> [port]

i.e.

# Remote IP(Source): x.x.x.x
# WAN IP: y.y.y.y

easyrule pass wan tcp x.x.x.x y.y.y.y 443

 

---

PW Reset:

 

1. Reboot the pfSense box

2. Choose option 4 (Single User Mode)

3. 行 /sbin/mount -a -t ufs

4. 行 /etc/rc.initial.password

5. Reboot

 

---

Can Not access WEB GUI

 

killall -9 php; killall -9 lighttpd; /etc/rc.restart_webgui

 

 

---

reload config.xml

 

rm /tmp/config.cache

The command viconfig will bring up the config.xml in vi, and upon exiting vi, removes the configuration cache file automatically.

 

---

Disable HTTP_REFERER enforcement check

 

config.xml

<webgui>
    <protocol>http</protocol>
    <nohttpreferercheck>true</nohttpreferercheck>
</webgui>

加入藍色一行

 

---

Service

 

# 有什麼 listen

netstat -p tcp

# show service enable

service -e

# show all

service -l

 

---

Restart web panel

 

killall -9 php; killall -9 lighttpd; /etc/rc.restart_webgui

log:

/var/log/lighttpd.error.log