Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    N

    Can I use pgblockerng aliases in Haproxy?

    80758505-9bad-4dad-a80b-c159be1045a2-image.png

    If it was a firewall rule, typing pfb would produce a dropdown to select.

    Here it has to be written, but will it work? Is it supported?

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    bmeeksB

    I saw where the Netgate kernel developer updated the Suricata package in the pfSense 25.07 development branch to work with the new kernel PPPoE driver. But so far as I know that updated package has not been migrated to 2.8 CE.

    Here is the commit into the DEVEL branch: https://github.com/pfsense/FreeBSD-ports/commit/68a06b3a33c690042b61fb4ccfe96f3138e83b72.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    571 Topics
    3k Posts
    K

    @pulsartiger
    The database name is vnstat.db and its location is under /var/db/vnstat.
    With "Backup Files/Dir" we are able to do backup or also with a cron.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    GertjanG

    @AlexK-0 said in Can't receive GeoIP databases updates anymore, banned:

    Days ago, I received from MaxMind an email, notifying me that my country has been banned to receive GeoLite City database updates.

    You've found a reason to use a VPN.

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    99 Topics
    2k Posts
    K

    @elvisimprsntr thanks for your suggestion. I will give it a try.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    493 Topics
    3k Posts
    EChondoE

    @fxandrei Found this thread via Google. And I figured out what OP did, so here's the explanation:

    In the pfSense webpage do:

    Click on "Services" Select "Acme Certificates" Edit any of your certificate entries by clicking on the pencil icon. Scroll to the bottom of the certificate edit page and find the "Actions list" section. Click on "Add" to add a new action and fill out the information as needed. For HAProxy restarting do: Mode: Enabled Command: /usr/local/etc/rc.d/haproxy.sh restart Method: Shell Command And finally "Save" at the bottom of the cert edit page.

    As far as I can tell, the above action seems to propagate to all certificates that I have, not just a single one. I am not sure if this is just a visual bug, but just something to be aware of.

    I haven't been able to confirm if the above works(mine just renewed, don't feel like doing it again just to test), so we'll see in 60 days I guess.

    Hopefully this helps you and anyone else that finds this thread via searching.

  • Discussions about the FRR Dynamic Routing package on pfSense

    294 Topics
    1k Posts
    R

    I had a similar issue with Routed VTI over IPsec recently. FRR lost its neighbors after rebooting or when a tunnel went down. It never re-discovered it automatically. Only restarting FRR (either in GUI or via CLI) brought the neighbors back.

    When I manually added those under the OSPF neighbors tab in the GUI it seems to solve the problem as well.

  • Discussions about the Tailscale package

    89 Topics
    574 Posts
    A

    Hello,
    I am unable to get the Tailscale package to work. The page at VPN > Tailscale > Authentication is stuck. It displays the error "Tailscale is not online," but also shows a "Logout and Clean" button, with no option to log in.
    link text

    This state persists even after performing the following troubleshooting steps:

    Rebooting the pfSense router.

    Completely uninstalling and reinstalling the Tailscale package multiple times.

    Clearing browser cache and using a private browser window.

    Toggling the main "Enable Tailscale" checkbox in the settings.

    Checking the logs, which show the service gets a "terminate" signal and shuts down cleanly; it does not crash.

    Manually trying to delete the state file with rm /var/db/tailscale/tailscaled.state, which failed because the file does not exist.

    It appears that the package's configuration is corrupted in a way that persists even after reinstallation. Can anyone advise on how to perform a complete manual cleanup of all Tailscale files and settings?

  • Discussions about WireGuard

    689 Topics
    4k Posts
    P

    @patient0 Thanks for further suggestions. The tunnel is definitely up and so I don't think this is a CGNAT issue after all. WAN firewall rule is in place for UDP on port 51823 (otherwise the tunnel wouldn't work, right?). I can ping from client 1 -> client 2 and visa versa and also ping all points in between like you suggest. I just can't open an HTTPS connection from pfSenseB from Client 1 using a browser. But I can do this the other way round i.e. from Client 2 to pfSenseA

    I will try and do some packet capture to see if that reveals anything.

  • 0 Votes
    7 Posts
    18k Views
    R

    @Stay:

    @Justinw:

    Even in 1.01 and prior versions I've been able to use pkg_add for nagios, nrpe, webmin, and squid.  What packages are you trying to add?  I realize that its not the same as installing from source but its still not bad.

    I need a quagga package and more software, actually not package but port.
    Actually, I need full integration whole of the FreeBSD Ports Collection.  :P

    I've done this before on my pfSense box. All you should have to do is execute the following command. This will install the ports collection from the FreeBSD mirror. Then do a pkg_add -r name

    fetch -o - "ftp://ftp1.us.freebsd.org/pub/FreeBSD/ports/ports/ports.tar.gz" | tar zxf - -C /usr

  • Snort stream4 preprocessor ignores whitelist ?

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • Snort still running even after uninstalled (in GUI)

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    J

    I would just ssh in and go to /usr/local/etc/rc.d  look for the snort startup script and delete it.  I don't imagine it works a whole lot different than other packages…

  • Snort inilization failure

    Locked
    100
    0 Votes
    100 Posts
    56k Views
    Y

    @sdale:

    @sullrich:

    These are rule related problems.  I have no idea how to fix these, you are somewhat on your own here.

    Yea, I'm taking a look into it.

    I found the problem. It lies within my edit rule file. I will send the diff soon as I get it completed.

  • Siproxd???

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    S

    When someone fixes it.

  • Transparent mode for squid 2.5.14_2-p7.1 appears to be broken!!!!

    Locked
    11
    0 Votes
    11 Posts
    5k Views
    H

    hi

    looks like squid is working on some pc's only, i have 4 pf boxes, upgraded to 1.01, only 1 server made it with squid, the other 3 couldn't restart with squid installed,

    just to help.

    oops, spoke too soon, i just had a power failure today, and the only ps box that was running ok, didn't make it too, so none is of the 1.01 ps boxes restarting with squid installed.

  • Install new packages howto?

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    J

    i will give you the first 3 things to do

    1 learn php
    2 learn xml
    3 learn freebsd 6.1 kernels compiling

  • SNORT on embeded

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    S

    Ask the Snort guys.  I really don't know.

  • Error installing Stunnel and FreeRadius (cant read tbz pkg)

    Locked
    5
    0 Votes
    5 Posts
    3k Views
    S

    Try again.  The package was updated.

  • Antivirus status

    Locked
    7
    0 Votes
    7 Posts
    4k Views
    S

    Nobody is working on it currently.  At this rate, years.

  • Widentd package broken - Please confirm

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    J

    Did you already enable it in the rc.d file?  Make sure the enable flag is set to YES and not NO

  • Snort Blocked tab takes an incredibly long time to load.

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    S

    Deinstall and reinstall Snort.  This bug was fixed.

  • Current SNORT packages for pfsense 1.0.1

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    Y

    No, snort is not included. You have to download it after a fresh install.

    I believe most of the snort folders are left alone during an uninstall of the package. If you were to remove snort and then reinstall it at a later time, it will load up with your previous configuration as long as you didn't reformat.

  • How to install wget

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    J

    ssh into your box
    shell>pkg_add -r wget

  • Installing package like squid from the GUI

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    D

    @rdevries:

    Thanks Hola!

    ;D Sory my english. I read quikly and wrong undestanding you post  :-[

  • Spamd - Configuration help needed

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    R

    Thanks bill.

    Sorry I should have checked the man page.

    I see it forwards it directly onto the MTA once it hits the whitelist, meaning firewall rules probably need to be updated to allow Internet –> 172.16.16.7.

  • Snort error after click "Save" botton

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    S

    Upgrade to 1.0.1.

  • NTOP eating my processor :-D

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    H

    darkstat stops also here

  • Quagga

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    M

    @sullrich:

    However donations/bounties are a  good way to speed up a devs interest.

    Can you -or any other interested developer- make an estimate regarding the amount of a quagga bounty.

  • More squid features

    Locked
    7
    0 Votes
    7 Posts
    4k Views
    T

    Just updates the squid-diffs for squid_7.1

    see the links above for download… (or http://pfsense.trendchiller.com/squid/)

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.