Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    N

    Can I use pgblockerng aliases in Haproxy?

    80758505-9bad-4dad-a80b-c159be1045a2-image.png

    If it was a firewall rule, typing pfb would produce a dropdown to select.

    Here it has to be written, but will it work? Is it supported?

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    cyb3rtr0nianC

    @bmeeks So after upgrading to the newest PfSense 2.8.0 everything is now working like a charm!

    Suricata no longer seems to strip off tags like it did before! Which means I can now use my network segmented by VLANs and still use the benefits of Suricata Inline IPS! Very niiize!

    I checked in the Alerts section and it is indeed generating the correct alerts from the different VLAN sections, I put Inline IPS on the parent interface of all the VLANs.

    I assume this is because the FreeBSD version is also updated with the new PfSense 2.8.0 version?

    Because before, as soon as I selected Inline IPS mode, my entire VLAN tagging would break and nothing was reachable until I switched back to Legacy mode.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    571 Topics
    3k Posts
    K

    @pulsartiger
    The database name is vnstat.db and its location is under /var/db/vnstat.
    With "Backup Files/Dir" we are able to do backup or also with a cron.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    GertjanG

    @AlexK-0 said in Can't receive GeoIP databases updates anymore, banned:

    Days ago, I received from MaxMind an email, notifying me that my country has been banned to receive GeoLite City database updates.

    You've found a reason to use a VPN.

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    99 Topics
    2k Posts
    K

    @elvisimprsntr thanks for your suggestion. I will give it a try.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    493 Topics
    3k Posts
    GertjanG

    @EChondo

    What's your pfSense version ?
    The instructions are shown here :

    1acdc586-cb29-4148-9e36-81ade4e5e60c-image.png

    A restart of a service will start by re creating their config files. If a certificate changed, it will get included. When the process starts, it will use the new certificate.

    @EChondo said in Issue with ACME Certificates Refresh & Restarting HAProxy:

    I haven't been able to confirm if the above works(mine just renewed, don't feel like doing it again just to test), so we'll see in 60 days I guess.

    No need to wait x days.
    You can re test / renew right away, as you are 'allowed' to renew a couple (5 max ?) of times per week.

  • Discussions about the FRR Dynamic Routing package on pfSense

    294 Topics
    1k Posts
    R

    I had a similar issue with Routed VTI over IPsec recently. FRR lost its neighbors after rebooting or when a tunnel went down. It never re-discovered it automatically. Only restarting FRR (either in GUI or via CLI) brought the neighbors back.

    When I manually added those under the OSPF neighbors tab in the GUI it seems to solve the problem as well.

  • Discussions about the Tailscale package

    89 Topics
    574 Posts
    A

    Hello,
    I am unable to get the Tailscale package to work. The page at VPN > Tailscale > Authentication is stuck. It displays the error "Tailscale is not online," but also shows a "Logout and Clean" button, with no option to log in.
    link text

    This state persists even after performing the following troubleshooting steps:

    Rebooting the pfSense router.

    Completely uninstalling and reinstalling the Tailscale package multiple times.

    Clearing browser cache and using a private browser window.

    Toggling the main "Enable Tailscale" checkbox in the settings.

    Checking the logs, which show the service gets a "terminate" signal and shuts down cleanly; it does not crash.

    Manually trying to delete the state file with rm /var/db/tailscale/tailscaled.state, which failed because the file does not exist.

    It appears that the package's configuration is corrupted in a way that persists even after reinstallation. Can anyone advise on how to perform a complete manual cleanup of all Tailscale files and settings?

  • Discussions about WireGuard

    689 Topics
    4k Posts
    P

    @patient0 Thanks for further suggestions. The tunnel is definitely up and so I don't think this is a CGNAT issue after all. WAN firewall rule is in place for UDP on port 51823 (otherwise the tunnel wouldn't work, right?). I can ping from client 1 -> client 2 and visa versa and also ping all points in between like you suggest. I just can't open an HTTPS connection from pfSenseB from Client 1 using a browser. But I can do this the other way round i.e. from Client 2 to pfSenseA

    I will try and do some packet capture to see if that reveals anything.

  • 0 Votes
    7 Posts
    18k Views
    R

    @Stay:

    @Justinw:

    Even in 1.01 and prior versions I've been able to use pkg_add for nagios, nrpe, webmin, and squid.  What packages are you trying to add?  I realize that its not the same as installing from source but its still not bad.

    I need a quagga package and more software, actually not package but port.
    Actually, I need full integration whole of the FreeBSD Ports Collection.  :P

    I've done this before on my pfSense box. All you should have to do is execute the following command. This will install the ports collection from the FreeBSD mirror. Then do a pkg_add -r name

    fetch -o - "ftp://ftp1.us.freebsd.org/pub/FreeBSD/ports/ports/ports.tar.gz" | tar zxf - -C /usr

  • Snort stream4 preprocessor ignores whitelist ?

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • Snort still running even after uninstalled (in GUI)

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    J

    I would just ssh in and go to /usr/local/etc/rc.d  look for the snort startup script and delete it.  I don't imagine it works a whole lot different than other packages…

  • Snort inilization failure

    Locked
    100
    0 Votes
    100 Posts
    56k Views
    Y

    @sdale:

    @sullrich:

    These are rule related problems.  I have no idea how to fix these, you are somewhat on your own here.

    Yea, I'm taking a look into it.

    I found the problem. It lies within my edit rule file. I will send the diff soon as I get it completed.

  • Siproxd???

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    S

    When someone fixes it.

  • Transparent mode for squid 2.5.14_2-p7.1 appears to be broken!!!!

    Locked
    11
    0 Votes
    11 Posts
    5k Views
    H

    hi

    looks like squid is working on some pc's only, i have 4 pf boxes, upgraded to 1.01, only 1 server made it with squid, the other 3 couldn't restart with squid installed,

    just to help.

    oops, spoke too soon, i just had a power failure today, and the only ps box that was running ok, didn't make it too, so none is of the 1.01 ps boxes restarting with squid installed.

  • Install new packages howto?

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    J

    i will give you the first 3 things to do

    1 learn php
    2 learn xml
    3 learn freebsd 6.1 kernels compiling

  • SNORT on embeded

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    S

    Ask the Snort guys.  I really don't know.

  • Error installing Stunnel and FreeRadius (cant read tbz pkg)

    Locked
    5
    0 Votes
    5 Posts
    3k Views
    S

    Try again.  The package was updated.

  • Antivirus status

    Locked
    7
    0 Votes
    7 Posts
    4k Views
    S

    Nobody is working on it currently.  At this rate, years.

  • Widentd package broken - Please confirm

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    J

    Did you already enable it in the rc.d file?  Make sure the enable flag is set to YES and not NO

  • Snort Blocked tab takes an incredibly long time to load.

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    S

    Deinstall and reinstall Snort.  This bug was fixed.

  • Current SNORT packages for pfsense 1.0.1

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    Y

    No, snort is not included. You have to download it after a fresh install.

    I believe most of the snort folders are left alone during an uninstall of the package. If you were to remove snort and then reinstall it at a later time, it will load up with your previous configuration as long as you didn't reformat.

  • How to install wget

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    J

    ssh into your box
    shell>pkg_add -r wget

  • Installing package like squid from the GUI

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    D

    @rdevries:

    Thanks Hola!

    ;D Sory my english. I read quikly and wrong undestanding you post  :-[

  • Spamd - Configuration help needed

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    R

    Thanks bill.

    Sorry I should have checked the man page.

    I see it forwards it directly onto the MTA once it hits the whitelist, meaning firewall rules probably need to be updated to allow Internet –> 172.16.16.7.

  • Snort error after click "Save" botton

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    S

    Upgrade to 1.0.1.

  • NTOP eating my processor :-D

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    H

    darkstat stops also here

  • Quagga

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    M

    @sullrich:

    However donations/bounties are a  good way to speed up a devs interest.

    Can you -or any other interested developer- make an estimate regarding the amount of a quagga bounty.

  • More squid features

    Locked
    7
    0 Votes
    7 Posts
    4k Views
    T

    Just updates the squid-diffs for squid_7.1

    see the links above for download… (or http://pfsense.trendchiller.com/squid/)

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.