1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    N
    @andrew_cb Thank you very much for this, I just tried your proposed solution and it did work! That was driving me crasy! Way simpler than deleting the haproxy_server_state file.

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    bmeeksB
    @NRgia said in Suricata on Pfsense: @bmeeks Thank you for what you did for Snort or Suricata. I'm not sure what you want me to do on Redmine, due to is a bug tracker. My question is for Product Management, which I will ask it here to be public: What is the plan for these 2 packages, Suricata and Snort? Thank you Yes, Redmine is for both bug reports and feature requests. Asking for the Suricata binary to be updated to the latest 7.0.11 version from upstream is a legitimate Redmine request. I would suggest simply asking for the binary version update instead of asking about future Netgate strategy (such as the support plans for the packages). Strategy discussions typically don't get very far because they deal with proprietary information or plans that a company may not want to publicly discuss. Redmine is where the Netgate developer team tracks all the code changes they make for pfSense. They will see Redmine reports much quicker than a forum post.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    571 Topics
    3k Posts
    K
    @pulsartiger The database name is vnstat.db and its location is under /var/db/vnstat. With "Backup Files/Dir" we are able to do backup or also with a cron.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    GertjanG
    @rasputinthegreatest said in pfBlockerNG not logging anything by default?: its made up of multiple sources so it does make sense that it resolves some of these weird private hosts An public NTP pool like pool.ntp.org would not list host names with weird random paddings that reference local devices. "domaincontroller-gPHvwjYS.local,192.168.1.86" is a reverse PTR, and is requested by one of your local devices. Why , I don't know. @rasputinthegreatest said in pfBlockerNG not logging anything by default?: I find them in pfblockerNG dns_reply log under Logs No URLs there, only host names. [image: 1754736735409-c09607c2-c95a-4971-bdb4-f63fe08bebe8-image.png]

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    101 Topics
    2k Posts
    dennypageD
    @jhg said in NUT fails to start after 2.7.2 -> 2.8.0 upgrade: Interesting. I would have thought the initial reboot, which occurred as part of the upgrade, would have done the trick, but it took a second reboot, just now, to get things working. Glad you have it sorted. There was no difference in the output of usbconfig show_ifdrv at any point -- before or after unplugging/replugging the USB cable, nor after rebooting. ... Question: What would tell me whether or not a driver was loaded? If there were an attached driver, it should have shown up with the show_ifdrv command. If you use the command and look at the other usb devices, I think they will show attached drivers. I don't expect to see a driver attached to the ups, because there is a quirk that tells the OS to ignore that device (and not attach a driver). Look for idVendor and idProduct in the above output. The Vendor ID for your device is 0764, which corresponds to Cyber Power Systems, and the Product ID for your device is 0601, which is registered as "PR1500LCDRT2U UPS" (don't sweat an exact match for the name). You can see the quirk with the following command: [25.07-RC][root@fw]/root: usbconfig dump_device_quirks | grep 0764 VID=0x0764 PID=0x0005 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE VID=0x0764 PID=0x0501 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE VID=0x0764 PID=0x0601 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE [25.07-RC][root@fw]/root: Your device is third on the list. The HID_IGNORE quirk says to ignore the device and not attach a driver. @jhg said in NUT fails to start after 2.7.2 -> 2.8.0 upgrade: You might consider adding this resolution to the release notes for 2.8. LOL... sorry, I don't have input to the release notes (I don't work here). While I wrote and maintain various packages, including NUT, I'm still just a volunteer. Most packages are actually written by volunteers.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    493 Topics
    3k Posts
    GertjanG
    @EChondo What's your pfSense version ? The instructions are shown here : [image: 1753262126227-1acdc586-cb29-4148-9e36-81ade4e5e60c-image.png] A restart of a service will start by re creating their config files. If a certificate changed, it will get included. When the process starts, it will use the new certificate. @EChondo said in Issue with ACME Certificates Refresh & Restarting HAProxy: I haven't been able to confirm if the above works(mine just renewed, don't feel like doing it again just to test), so we'll see in 60 days I guess. No need to wait x days. You can re test / renew right away, as you are 'allowed' to renew a couple (5 max ?) of times per week.

  • Discussions about the FRR Dynamic Routing package on pfSense

    294 Topics
    1k Posts
    yon 0Y
    said in Please update frr on Pfsense+ to FRR 10.3: https://redmine.pfsense.org/issues/15785 now frr 10.4.1

  • Discussions about the Tailscale package

    90 Topics
    594 Posts
    E
    @totalimpact Tailscale 1.54.0 is 2+ years out of date. Tailscale has made quite a number of changes since Tailscale 1.54.0, likely rendering it incompatible with their servers. I would consider manually updating the Tailscale FreeBSD package. FreshPorts does not maintain an archive of all the releases, only the latest compiled by the volunteer maintainers. The key to manually upgrading is knowing which FreeBSD version your pfSense release is running, i.e. 14 or 15. You can following along here.

  • Discussions about WireGuard

    692 Topics
    4k Posts
    M
    This is still an issue as of 2.8.0 / 25.07, and it drives me crazy. Gateway failure works as expected, the wireguard tunnels will fail over to the backup gateway and continue on as normal, but will never recover once the failed gateway comes back online. While a reboot will (usually) fix it, I usually just go into my routing settings and mark the secondary gateway as down, forcing it to revert back to the primary... the users tend to dislike it when I reboot the firewall in the middle of the day
Log in to post
Load new posts
  • E

    Netgate pfSense Plus 23.05.1-RELEASE Repo Down

    6
    0 Votes
    6 Posts
    962 Views
    johnpozJ
    @eroji well you have from the gui some previous process running.. What you see via some browser and a url isn't always going to be what is going on in the background.. Kill off that old upgrade process, and try with the gui.. edit: I just fired up my 23.05.1 VM and installed package just fine [image: 1697823628547-works.jpg]
  • K

    Package Manager is not loading on PfSense+

    3
    0 Votes
    3 Posts
    563 Views
    K
    My problem was resolved by messaging one of the admins who work for Netgate. The issue was due to the fact I had to change out my 4 port NIC on my home built pfsense plus for a new one and it changed my NDI. Once I gave that to them and they updated it to the registered e-mail on file, the Available Packages came back. I hope this helps.
  • M

    Wake On LAN works but CRON command fails

    6
    0 Votes
    6 Posts
    1k Views
    M
    @Gertjan Thanks for all of your help with this issue. I'm unsure why yours is working when you use the actual ip address of your server in CRON, but mine is not. Because of what I saw in the packet capture, I decided to imitate what the GUI is doing. I changed the command in CRON to: /usr/local/bin/wol -i 192.168.2.255 bc:ee:7b:db:fc:f4 The above command works in CRON to wake up my server. From what you said, I'm guessing this is because "192.168.2.255" is the "broadcast address" of the LAN interface of the $(bcip) as described in your post. /usr/local/bin/wol -i 192.168.2.4 bc:ee:7b:db:fc:f4 The original command above did nothing and didn't even show up in "packet capture" until after the server was already up and running, then I would get something similar to what you got in your packet capture in your screenshot above, as you can see from my previous post. However, the command with the actual ip address reserved for my server in Pfsense fails to wake-on-lan my server, but 192.168.2.255 does work. Thanks for all of your advice and help which resulted in changing "4" to "255" and now it works.
  • T

    Zabbix Proxy 6.2 - Is it posible to install the package manualy on pfsense vRelease 2.7

    Moved
    1
    0 Votes
    1 Posts
    414 Views
    No one has replied
  • ?

    RFC (make up a number not in use) - Blueprint for setting up snort + pfblocker

    171
    1 Votes
    171 Posts
    189k Views
    G
    It's relevant for me too, thank you for explanation
  • J

    2.6->2.7 PHP Error in status_traffic_totals

    Moved
    2
    0 Votes
    2 Posts
    549 Views
    jimpJ
    That error was probably from when the package was being removed. That particular error has been fixed in the 2.7.0 package for quite a long time: https://redmine.pfsense.org/issues/13775
  • T

    [SOLVED] Unable to Install or Upgrade Packages

    Moved
    44
    1 Votes
    44 Posts
    40k Views
    M
    Just wanted to post as I ran into this issue today. I was able to fix this by submitting a TAC ticket with my NDI and SN. The team found a mismatch in their database to which they fixed, and I was able to update all my packages.
  • V

    telegraf / influxdb | Upgrade to 2.7 issues

    1
    0 Votes
    1 Posts
    538 Views
    No one has replied
  • S

    Is something wrong with arpwatch?

    3
    0 Votes
    3 Posts
    697 Views
    S
    @NogBadTheBad I just did that and it stopped, and i think I know why. Those cams use L2 for discovery. Thank you very much!
  • D

    Where are the configurations of the various packages?

    5
    0 Votes
    5 Posts
    1k Views
    GertjanG
    @darkcorner You said in the other thread : @darkcorner said in Network access blocked after update: that I now have to configure from scratch.. That's a 'noop' ;) When you remove all ('big') packages before upgrading, the upgrade process goes much faster. When you have a copy of that config.xml file, right after the upgrade and reboot, you should import config. All packages that are marked as "installed and configured" in the config file will get downloaded, installed and configured. A final reboot and you're ok. Nothing to reconfigure - with the exception : if there are new options, you should check these packages and make your config choices.
  • A

    radtest not found / Problems with FreeRadius

    9
    0 Votes
    9 Posts
    2k Views
    johnpozJ
    @abuttino said in radtest not found / Problems with FreeRadius: grr, was using the wrong pfSense server. not sure why that should matter running the pkg command, I could see it not having freerad installed as to why radtest not there. But the pkg command? Maybe that just generic sort of error since that pfsense didn't actually have the radtest file because freerad was not installed.
  • S

    LCDProc (/dev/cua1) failed (No such file or directory)

    6
    0 Votes
    6 Posts
    2k Views
    S
    @elvisimprsntr said in LCDProc (/dev/cua1) failed (No such file or directory): @sebr Looks like the Peplink Balance series LCD displays have the ST7066U (or compatible) LCD controller. http://lcdproc.omnipotent.net/hardware.php3 [image: 1685199430941-screenshot-2023-05-27-at-10.55.49-am-resized.png] Is there a /dev/lpt0 port listed? If so, you might try the following: Com port: (/dev/lpt0) Driver: HD44780 and compatible Connection type: Likely 4bit or 8bit, but try each until you find one that works. If not, then it might be connected to a serializer chip, thus /dev/cua* Thanks for your help, I'll go back and test this.
  • D

    FreeRadius with Windows Active Directory

    4
    0 Votes
    4 Posts
    2k Views
    D
    @Gertjan said in FreeRadius with Windows Active Directory: You are using "PAP authentication" ? Should FreeRadius work with Active Direcroty throught NPS Radius or as LDAP autorization? i think it work as LDAP, as there are Base DN Filter and Base Filter attributes. i have configured in pfsense LDAP authentification to web page and there are also Base DN attributes thats why i think it works not throught NPS. Here is my LDAP web authentification Spoiler [image: 1695206363091-e1799302-4e6d-427f-8032-f2001e496b0f-image.png]
  • T

    Snort is blocking gmail attachment download randomly.

    2
    0 Votes
    2 Posts
    479 Views
    bmeeksB
    Find the rule that is false-positive triggering on your Gmail downloads and disable it. To do that you will need to cross-reference IP addresses in your alerts shown on the ALERTS tab. None of the alerts you are showing in your screenshot appear relevant to Gmail.
  • wgstarksW

    ntopng errors in system log

    5
    0 Votes
    5 Posts
    2k Views
    A
    Sorry, i have the same issue. Any fresh ideas?
  • jimpJ

    System Patches package version 2.2.5

    17
    7 Votes
    17 Posts
    4k Views
    jimpJ
    Any further questions about the change in 2.2.6 should go over in the new thread: https://forum.netgate.com/topic/182725/system-patches-package-version-2-2-6
  • jimpJ

    System Patches package version 2.2.6

    1
    6 Votes
    1 Posts
    2k Views
    No one has replied
  • sokeadaS

    Zabbix Agent 2 - Monitor pfSense CPU Temperature

    1
    0 Votes
    1 Posts
    396 Views
    No one has replied
  • keyserK

    HAproxy-devel issue

    3
    0 Votes
    3 Posts
    1k Views
    E
    I know this is an old thread, but it is the only one that matches the issues I have had over past 2 days. I have latest version fully updated pfsense and packages. I was running HAProxy Devel. Again fully up to date (as of 06/09/2023), given dates as I am unsure what versions. All of a sudden our RDS users were not able to open applications. In our setup we have a RDS Gateway, people log into the HTML5 interface for RDS, then they open an app in browser. Accessing and loggining into the HTML5 interface worked fine and always worked, even with fully updated. But when you tried to open an app, it would fail to open. After messing about for a bit, I accidently forwarded 443 to the RDS gateway, and everything was working. Once I learnt this, I had to put 443 back to HAProxy as our intranet was no longer working. WIth this information, I knew it was something to do with HAProxy not handling the connection correctly. So I uninstalled HAProxy Devel, and installed HAProxy package 0.63_1. Now everything is working perfectly as it has been for years. I know its been some time since this thread was made, but what ever that problem ended up being, its happening again. Something is wrong with HAProxy Devel.
  • P

    I did not install these packages

    2
    0 Votes
    2 Posts
    595 Views
    johnpozJ
    @pV5 those are the extra packages that pfsense + gets.. Yeah they would be there by default
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.