1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    J
    @qupfer What did I bang my head over this strange 502 issue. Your solution did it! Thank you so much, even 2.5 years later!

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    M
    Hi, I had a problem with my home network today, so I checked pfsense and discovered that suricata had blocked the wan ip. After some tests and triggering some suricata alerts, the wan ip was blocked. I restarted pfsense and ran some more tests, but the problem no longer occurred. I then checked the wan interface settings and indeed the ip list does not include the wan ip, both now that it's working and before, when it was blocked. I'm using pfsense 2.8.0 and suricata 7.0.8_2. I use PPPoE to access the Internet.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    571 Topics
    3k Posts
    dennypageD
    @Leon-Straathof Data retention settings are handled inside of ntopng. Documentation here. Pay attention to the RRD note. Also, if you've turned on some of the slice and dice time series information (is off by default), I'd suggest turning them back off. These balloon the storage requirements and are of little actual use.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    fireodoF
    @tinfoilmatt said in Failed or invalid Mime Type: [application/SIMH-tape-data|0]: (ASN data is IPinfo, not Maxmind) Thats correct but "GeoLite2-Country" is from Maxmind ... (that confused me) I'm considering simply adding "application/SIMH-tape-data" to the list to test. Thats what i tought too ... I'll try when I have the time for it ... Edit: I can confirm - adding "application/SIMH-tape-data" to the list at line 257 in /usr/local/pkg/pfblockerng/pfblockerng.inc did the trick - no more error! Edit: OK, problem resolved but I would like to know, whats the cause for that error! (SIMH-tape-data sounds like a "blast from the past" ...) Thanks a lot!

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    101 Topics
    2k Posts
    dennypageD
    @jhg said in NUT fails to start after 2.7.2 -> 2.8.0 upgrade: Interesting. I would have thought the initial reboot, which occurred as part of the upgrade, would have done the trick, but it took a second reboot, just now, to get things working. Glad you have it sorted. There was no difference in the output of usbconfig show_ifdrv at any point -- before or after unplugging/replugging the USB cable, nor after rebooting. ... Question: What would tell me whether or not a driver was loaded? If there were an attached driver, it should have shown up with the show_ifdrv command. If you use the command and look at the other usb devices, I think they will show attached drivers. I don't expect to see a driver attached to the ups, because there is a quirk that tells the OS to ignore that device (and not attach a driver). Look for idVendor and idProduct in the above output. The Vendor ID for your device is 0764, which corresponds to Cyber Power Systems, and the Product ID for your device is 0601, which is registered as "PR1500LCDRT2U UPS" (don't sweat an exact match for the name). You can see the quirk with the following command: [25.07-RC][root@fw]/root: usbconfig dump_device_quirks | grep 0764 VID=0x0764 PID=0x0005 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE VID=0x0764 PID=0x0501 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE VID=0x0764 PID=0x0601 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE [25.07-RC][root@fw]/root: Your device is third on the list. The HID_IGNORE quirk says to ignore the device and not attach a driver. @jhg said in NUT fails to start after 2.7.2 -> 2.8.0 upgrade: You might consider adding this resolution to the release notes for 2.8. LOL... sorry, I don't have input to the release notes (I don't work here). While I wrote and maintain various packages, including NUT, I'm still just a volunteer. Most packages are actually written by volunteers.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    496 Topics
    3k Posts
    M
    @jimp said in ACME pkg v1.0: Check again now. The ACME 1 package came out after the 25.07.1 branch was frozen for the release, I picked it over there now and it should have just finished building. Version 25.07 includes Acme 1.0. Version 25.07.1 includes only Acme 0.9_1. If you do a fresh install of 25.07.1, you get only Acme 0.9_1. If you upgrade to 25.07.1 from 25.07 and had already updated the Acme package to 1.0 in 25.07, you’ll still have Acme 1.0.

  • Discussions about the FRR Dynamic Routing package on pfSense

    294 Topics
    1k Posts
    yon 0Y
    said in Please update frr on Pfsense+ to FRR 10.3: https://redmine.pfsense.org/issues/15785 now frr 10.4.1

  • Discussions about the Tailscale package

    90 Topics
    599 Posts
    S
    Upgraded to 25.07 and facing the same issue. Tried the "tailscale up" command as suggested above but restarting the tailscale service kills the login again.[image: 1755715824513-tailscale_logged_out_25_07.jpg]

  • Discussions about WireGuard

    694 Topics
    4k Posts
    H
    I have Wireguard installed on my firewalls. I have about 12 firewalls and most of them connect back to the main firewall which allows the connection to the servers in the main building. I setup a tunnel on each and then added each location as a peer on the Main firewall. This seemed to work except that the gateway. unde3r Monitor IP it only allows one IP address. So the first one works and shows connected fine, but the other 2 are red and do not connect. Everything seems to work until I added a 3rd peer and then the 1st peer showed as if it was offline even though it looked fine and I was able to connect to devices on that network. Am I supposed to add multiple gateways to the Main firewall so that shows as up? Is this the right way for the tunnels between the buildings which need access will work - By adding a tunnel at that location and just adding a peer to the main location?
Log in to post
Load new posts
  • J

    Download Manger

    7
    0 Votes
    7 Posts
    1k Views
    J
    @KOM said in Download Manger: Well, there aren't any from the official repo. You might be able to hack something together from FreeBSD ports but I would advise against it. thanx
  • K

    Bind doesn't work after reinstall it

    16
    0 Votes
    16 Posts
    982 Views
    kiokomanK
    good.. for all my hard work don't forget to press "thumb up"
  • K

    E2Guardian Memory usage getting 98% in Pfsense

    9
    0 Votes
    9 Posts
    1k Views
    KOMK
    I can't help you as I've never installed or used that package. Look around in the options. It's to do with SSL interception, but if you turn that off then you can't do HTTPS content inspection I'm guessing.
  • O

    FreeRadius 3: Fall-through vlan assignment.

    4
    0 Votes
    4 Posts
    1k Views
    O
    @awebster Thank you guys so much for your help. I have the mac address authentication working, I think I missed the native-vlan option on the client device. Thanks for pointing me in the right direction.
  • J

    Avahi + Vlans + Cast devices

    4
    0 Votes
    4 Posts
    5k Views
    W
    I'm brand new here so this may not be of much use... I'm doing something similar to you, but with different software, except for the ubiquiti equipment and controller. In my setup, I had checked the checkbox in the unifi controller, wireless networks, advanced options; "Block Wireless LAN to WLAN Broadcast and Multicast Data" in the hopes that the avahi package on the pfsense router would handle all mDNS traffic. However I was not able to get anything on my wireless networks to resolve under mDNS until I cleared that checkbox and reprovisioned the unifi AP. I have a vm host set up on the NoT, which I installed the "avahi-tools" package and ran avahi-resolve -n somehost.local. That started working after I cleared the checkbox. I ran pftop and set up filter for port 5353 while I ran the avahi-resolve command and started seeing the requests come through. I have the dns forwarder set up to a local adguard host. When the pfsense box forwards the request, the ip shows that of the pfsense vlan adapter. When the devices make the request themselves, the ip origin in pftop is the device that makes the request. Our setups aren't exactly the same, but if you'd like me to try something out on my network, let me know. welbo97 R710 x5650 72GB pfsense 2.4.4-p3 router in proxmox 6 vm OVS and Ubiquiti for tagging VLAN's (no hardware switch) isolated NoT, IoT, guest and general networks
  • V

    Zabbix Agent config

    3
    0 Votes
    3 Posts
    1k Views
    V
    Yes I tried that, it seems to only accept 'UserParameter=' entries however and crashed the service when I added the Include line.
  • D

    Bind Package - Any config overview ?

    2
    0 Votes
    2 Posts
    360 Views
    D
    Have figured things out, from trying. So, I am answering my own questions :-) I don't see any zone files created ... is this to be expected? Zone files are not created, until a view has been created and attached to the zone configuration screen Is it essential that at least a view must be created ? Yes, a view is required ... just create a default one. Without a view associated with the zone definition, the zone files will not be generated. What is the best practice for defining zone files, so the settings stick, even when the package is updated or changes in the UI are saved ? Steps: Create a view ... this is essential create a zone ... using the DNS record fields to add entries you want. If you have a lot of hosts to add, there is a text field that can be used to paste in entries in bulk. The zone files are generated in the filesystem under/cf/named/etc/named/master/<name-of-view>/<name-of-zone>.DB Any changes to the underlying zone files content from a CLI session will be lost the next time the zone files are updated. So, longer time, one needs to get comfortable with using the entry fields in the zone configuration page for adding all zone records.
  • V

    HA Proxy Client Cert Setup

    2
    0 Votes
    2 Posts
    338 Views
    dragoangelD
    @vito hi, There already a gui block special for user certs, did you tried enable it for one of your frontends? If this not enough you can configure custom settings for frontend for user certificate validation usind native haproxy syntax. Good to have in bookmarks: https://cbonte.github.io/haproxy-dconv/ and read what you need. Please use devel package due another one is too old. I even say that devel package is old, waiting for 2.5.x stable with haproxy 2.0
  • K

    E2guardian website not opening if its contains symbol " -"

    Moved
    3
    0 Votes
    3 Posts
    366 Views
    kiokomanK
    E2guardian is an unofficial package, most of us don't even know what is it you should ask @marcelloc , last seen 4 days ago
  • F

    Telegraf 1.10.2 package?

    1
    0 Votes
    1 Posts
    299 Views
    No one has replied
  • A

    LCDModkit use with LCDProc package

    4
    0 Votes
    4 Posts
    549 Views
    stephenw10S
    @admins said in LCDModkit use with LCDProc package: lcdmodkit Which specific display do you actually have? Is it compatible with LCDproc? Steve
  • H

    Issue running service ntopng

    4
    0 Votes
    4 Posts
    1k Views
    S
    Issue resolved for me : I remove 127.0.0.1 from General Setup / DNS Servers. redis and ntop are working
  • IsaacFLI

    Avahi with IPv6 bug

    26
    0 Votes
    26 Posts
    4k Views
    A
    @costanzo That's about what I made mine but also added source fe80:: as /10 with port 5353 [image: 1566264800223-screenshot-2019-08-19-at-8.30.49-pm.png]
  • M

    Device's unable connect to chromecast over VLAN

    11
    0 Votes
    11 Posts
    3k Views
    J
    What was the outcome of this, I'm hitting the same issue! Any help appreciated.
  • C

    How to create a simple package for copying custom theme files?

    4
    0 Votes
    4 Posts
    521 Views
    KOMK
    I don't have anything else to add since you're way past what I know about FreeBSD packages & ports. Maybe the pfSense Development forum might have some folks who know more.
  • R

    Zabbix Proxy Advanced Parameters

    7
    0 Votes
    7 Posts
    1k Views
    R
    Hmm. Odd. I can ping it from my machine, but not the firewall. Lm see wassup.
  • O

    LCDproc driver for LCD made by GI FAR TECHNOLOGY CO.,LTD

    13
    0 Votes
    13 Posts
    2k Views
    F
    There are details here on the content of the LCDd.conf file. You can do some manual edits and see how it goes: CwLnx-howto Double check the KeyMap(s) and try to line them up with the script above. You might have to run the script alone to double check the mapping. It looks like this iBase device did not implement the same keypad mapping as the Cwlinux device. Also check the [server] and [menu] sections. The keypad should let you navigate the built-in menu system and manually change the backlight and a few other options. Best of luck, keep us posted.
  • cyber7C

    SquidGUARD - Need to block HTTPS mp3 downloads…

    2
    0 Votes
    2 Posts
    979 Views
    A
    If SSL inspection is not a feasible option for your organization, you can block traffic to sites that use HTTPS connections through: Using a Global HTTPS Block: You can globally block access to HTTPS sites in predefined or custom URL categories for all the configured locations.
  • M

    Offline Package Management

    5
    0 Votes
    5 Posts
    2k Views
    M
    To help anyone else doing this, I suggest downloading the entire contents of https://files00.netgate.com/pfSense_v2_4_4_amd64-pfSense_v2_4_4/All/ as it's only 400~Mb and copying it onto your pfsense appliance. When you run pkg add blah.txz it'll automatically install the dependancies required from the same directory. I've noticed that the packages installed aren't showing up in the GUI or apparently running (open-vm-tools) but I've made a seperate topic: https://forum.netgate.com/topic/145351/cli-installed-pfsense-packages-not-showing-up-in-gui
  • J

    telegraf GROK pattern matching issues

    1
    0 Votes
    1 Posts
    901 Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.