1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    perikoP
    @aGeekhere dns_v4_first...have years and they still don't clean the code. But won't affect.

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    bmeeksB
    @NRgia said in Suricata on Pfsense: @bmeeks Thank you for what you did for Snort or Suricata. I'm not sure what you want me to do on Redmine, due to is a bug tracker. My question is for Product Management, which I will ask it here to be public: What is the plan for these 2 packages, Suricata and Snort? Thank you Yes, Redmine is for both bug reports and feature requests. Asking for the Suricata binary to be updated to the latest 7.0.11 version from upstream is a legitimate Redmine request. I would suggest simply asking for the binary version update instead of asking about future Netgate strategy (such as the support plans for the packages). Strategy discussions typically don't get very far because they deal with proprietary information or plans that a company may not want to publicly discuss. Redmine is where the Netgate developer team tracks all the code changes they make for pfSense. They will see Redmine reports much quicker than a forum post.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    571 Topics
    3k Posts
    dennypageD
    @Leon-Straathof Data retention settings are handled inside of ntopng. Documentation here. Pay attention to the RRD note. Also, if you've turned on some of the slice and dice time series information (is off by default), I'd suggest turning them back off. These balloon the storage requirements and are of little actual use.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    keyserK
    @jrey Thank you so much for the detailed explanation and help. I will adapt and apply the patch to move the job timing like suggested at 01:35 Are you just a user or are you also involved in package maintenance on one or more packages?

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    101 Topics
    2k Posts
    dennypageD
    @jhg said in NUT fails to start after 2.7.2 -> 2.8.0 upgrade: Interesting. I would have thought the initial reboot, which occurred as part of the upgrade, would have done the trick, but it took a second reboot, just now, to get things working. Glad you have it sorted. There was no difference in the output of usbconfig show_ifdrv at any point -- before or after unplugging/replugging the USB cable, nor after rebooting. ... Question: What would tell me whether or not a driver was loaded? If there were an attached driver, it should have shown up with the show_ifdrv command. If you use the command and look at the other usb devices, I think they will show attached drivers. I don't expect to see a driver attached to the ups, because there is a quirk that tells the OS to ignore that device (and not attach a driver). Look for idVendor and idProduct in the above output. The Vendor ID for your device is 0764, which corresponds to Cyber Power Systems, and the Product ID for your device is 0601, which is registered as "PR1500LCDRT2U UPS" (don't sweat an exact match for the name). You can see the quirk with the following command: [25.07-RC][root@fw]/root: usbconfig dump_device_quirks | grep 0764 VID=0x0764 PID=0x0005 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE VID=0x0764 PID=0x0501 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE VID=0x0764 PID=0x0601 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE [25.07-RC][root@fw]/root: Your device is third on the list. The HID_IGNORE quirk says to ignore the device and not attach a driver. @jhg said in NUT fails to start after 2.7.2 -> 2.8.0 upgrade: You might consider adding this resolution to the release notes for 2.8. LOL... sorry, I don't have input to the release notes (I don't work here). While I wrote and maintain various packages, including NUT, I'm still just a volunteer. Most packages are actually written by volunteers.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    495 Topics
    3k Posts
    M
    @raidflex said in updating to acme 1.0 breaks system beyond repair: need to restore from backup: maybe uninstall Crowdsec when applying other updates first. It seems like it doesn't help at least from what I see on my system... it changes something.. so it must be definitely reported to their github. I have never experienced that before and crowsec was installed.. maybe with 2.8.0 something have changed

  • Discussions about the FRR Dynamic Routing package on pfSense

    294 Topics
    1k Posts
    yon 0Y
    said in Please update frr on Pfsense+ to FRR 10.3: https://redmine.pfsense.org/issues/15785 now frr 10.4.1

  • Discussions about the Tailscale package

    90 Topics
    597 Posts
    ryan.goodfellowR
    Upgraded 25.07 and Tailscale is broken in the way users here describe. I can manually log in using sudo /usr/local/bin/tailscale login, but the tailscale service in pfSense does not pick this up and restarting the service clobbers the login state. Given 16004 was logged 7 months ago with zero activity, this is an indication that Netgate devices no longer support Tailscale.

  • Discussions about WireGuard

    693 Topics
    4k Posts
    L
    @boyan1 said in Wireguard Gateway not coming up after reboot.: W Hey man, im trying to make the SITE A use internet of SITE B as you did, but there is no means of making that works. How did you make that works? Could you tell me please? Thanks!
Log in to post
Load new posts
  • K

    LCDProc 0.5.5 and Temp?

    2
    0 Votes
    2 Posts
    2k Views
    L
    I too would like to have the temps displayed via LCDProc. I also have coretemp running with the temps displayed on the dashboard and a working lcdproc-dev package feeding a CFA-735. I agree with kilthro's placement too with having the temp displayed in the bottom, static region but since my CPU down-clocks when needed, i wouldn't want to lose that particular item but the states portion i could live without. So, in short, I second this request.
  • L

    Squid & Sarge - more than port 80?

    4
    0 Votes
    4 Posts
    2k Views
    jimpJ
    There isn't a way to store that info long-term on pfSense directly. ntop can get some but probably not the detail you want, it would be more for a summary or graphing. pfflowd (or softflowd, see the doc wiki) can export netflow data to a separate netflow server which then logs and records that information in a database, and you can then query or graph from there. The netflow server would be separate software, there have been several forum threads and mailing list threads discussing various free and commercial netflow server options. While ntop is capable of acting as a Netflow collector and server, I haven't had a ton of luck getting it to do what I wanted in the past. It's also fairly heavy in terms of dependencies and resource requirements.
  • D

    Installing antivirus and Squid

    3
    0 Votes
    3 Posts
    2k Views
    N
    AntiVirus: If you do not want to use HAVP anymore you can try the new squid 3.3.5 package which includes actual antivirus. Search the forum for the squiod 3.3.x thread. Mobile devices: How are these connected? Via VPN or via W(LAN) interface on your pfsense? In general you can use transparent proxy on squid and select the interfaces where squid should listen to. If the devices are connected via OpenVPN for example then you must OpenVPN to an interface (Interfaces –> assign) and then select this interface on squid. squid in transparent mode filters only http port 80 non-transparent squid filters http and https port 443 but you need to configure the proxy IP on all devices. squid 3.3.5 can filter http and https in transparent mode.
  • C

    Squid in transparent bridge mode, what's the last working version of pfsense?

    3
    0 Votes
    3 Posts
    2k Views
    C
    @cmb: It's never worked, just not something that can work. thanks for the confirmation. i've been trying to find a distro that can do it. so far i have not found any, let along a few options that i can choose from…
  • N

    Can Snort block when connected to a span port?

    2
    0 Votes
    2 Posts
    2k Views
    bmeeksB
    @newbieuser1234: I have never used a span port with an IPS.  Is snort able to block traffic via a span port, or do I have to use an inline connection with two nics?  I want to have my snort box on a WAN switch if I can use a port span.  If not, I will use the dual nic and plug in before the router.  I have multiple static IP addresses.  Thanks. Snort on pfSense is not truly "inline".  Instead, it adds rules to the existing firewall set to block particular IP addresses.  Technically a third-party output plugin called Spoink works within Snort on pfSense to stick offending IP addresses into the pf engine's blocking table. So when used on pfSense, a SPAN port would really not be of much use.  Unless the traffic is coming through the pfSense firewall Snort is running on, any blocks put in place would be meaningless. Now if all you want is just to get alerts, then a SPAN port connection would do that.  Just be aware that no actual blocking would happen for every offending IP.  Only those which actually needed to traverse the firewall would be impacted by any block. Bill
  • N

    NRPE Issues

    3
    0 Votes
    3 Posts
    2k Views
    J
    Check logs. It might happen due to ssl issues
  • C

    Transparent proxy don't work properly

    3
    0 Votes
    3 Posts
    2k Views
    C
    Thanks for your reply! I did as your guide, it works. But the squid proxy log is disabled.
  • S

    Need help understanding logging options, esp with proxy related packages

    3
    0 Votes
    3 Posts
    1k Views
    S
    Is there a config file for the squidguard (proxy filter) page that I can modify how many blocked entries are displayed in the GUI? It limits it to 50 by default. The file squidguard_configurator.inc has a define statement that sets max log lines at 500. Is this meaning max gui entries or max entries to the block.log file? I cannot seem to find the file that has this value in it. Anyone know the location of the file, if it exists and this is possible?
  • R

    Quagga "no redistribute" bug

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • R

    Unbound package : 6core bug/patch

    7
    0 Votes
    7 Posts
    2k Views
    W
    Added in the latest Unbound package - thanks @Reiner030
  • S

    Unbound - small DNS Rebinding Security Issue

    4
    0 Votes
    4 Posts
    2k Views
    W
    A bit late on this thread - but adding 127.0.0.0/8 would hinder mail servers making use of RBLs.
  • R

    URGENT: latest Unbound Update 1.4.20_6 crashes on 2.0.x

    4
    0 Votes
    4 Posts
    2k Views
    W
    I just pushed some changes which should fix the empty element and your multiple core problem. Thanks for your input.
  • Z

    OpenVPN Client Export - problems with certificate export

    2
    0 Votes
    2 Posts
    2k Views
    Z
    The box was upgraded from 2.0.1 to 2.0.3 last night.  The php errors listed were from when the box was on 2.0.1.  The timestamp on system_certmanager.php has remained at "Feb 26  2011", if that means anything.
  • F

    I have a problem with squid

    8
    0 Votes
    8 Posts
    2k Views
    F
    Answer After searching online and especially here in the forums I saw that you can fix the problem if you delete and create squid libraries squid makes some problems if the computer not turn off normally ssh to your pfsense and use this squid -z
  • G

    Squid reverse proxy ssl problem

    3
    0 Votes
    3 Posts
    2k Views
    G
    Unistalled stable and installed squid-dev(3.3.5 pkg 2.1.2). Still the same behaviour. Any further idea? Thanks, grassu
  • F

    Problem installing squid

    3
    0 Votes
    3 Posts
    2k Views
    jimpJ
    It installs OK here in a test VM on 2.0.3. Try it again, it may have been a temporary failure.
  • bmeeksB

    Snort Package Wish List

    14
    0 Votes
    14 Posts
    3k Views
    G
    @bmeeks: @gogol: I have three wishes: When editing rules and after for instance disabling a rule the page reloads at the top and not where you were editing I tried this once without much success.  It gets to be a real issue with the large rule sets.  I did add sorting columns in the last update to make it easier to locate a particular rule.  I can experiment with some other approaches.  It needs some type of dynamic bookmarking. I didn't even notice that the columns could be sorted. That's already something to make life easier ;) @bmeeks: @gogol: Would it be possible to reload the snort2c table with the blocked IP addresses after it has been cleared by the system; fi snort is monitoring this table and writing it to /tmp? This has come up from several users, but I really don't know a good way to do this.  Snort the binary does not and cannot monitor the table.  At least it can't without adding significant customized code to the baseline source code from Sourcefire.  I don't think that is wise because then staying current with updates becomes a big problem.  The GUI does not run fulltime either, and launching some kind of independent process in the background seems messy. I also thought that another process would be needed. No problem. @bmeeks: @gogol: The rule update time is hardcoded in snort.inc as a function: snort_rules_up_install_cron. Now all those pfSense boxes in the same timezone connect simultaneously and that causes timeouts I guess, because when I change the time to something else I never get those timeouts. Can this be made a random time? I can address this, but instead of random times how about the ability to set either the offset in minutes from the top of the hour, or set a specific time of day? A specific time of the day has my preference, but the user must be remembered to set it at installation time. So not all pfSense boxes in a timezone try to connect at the same time. Maybe a small note for the user to explain.
  • A

    Postfix: Cant seem to whitelist

    4
    0 Votes
    4 Posts
    2k Views
    marcellocM
    @ant2ne: I made that change and I'm asked the person to resend the email. Ask him to include iatpnt2.iltech.org on externa dns too. That's why this message was blocked.
  • A

    Postfix errors connect to private/anvil

    3
    0 Votes
    3 Posts
    1k Views
    A
    Anvil Daemon currently set to disabled. Changed it to enabled and I will wait to see if the message appears in the log again.
  • L

    SquidGuard + Ldap (AD) (Patch - Updated)

    6
    0 Votes
    6 Posts
    11k Views
    L
    @jimp: OK this should now be integrated and available on 2.0.x and 2.1 with the current squidGuard package. I don't have a way to test, however. Thanks Jim !
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.