1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    N
    @andrew_cb Thank you very much for this, I just tried your proposed solution and it did work! That was driving me crasy! Way simpler than deleting the haproxy_server_state file.

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    bmeeksB
    @NRgia said in Suricata on Pfsense: @bmeeks Thank you for what you did for Snort or Suricata. I'm not sure what you want me to do on Redmine, due to is a bug tracker. My question is for Product Management, which I will ask it here to be public: What is the plan for these 2 packages, Suricata and Snort? Thank you Yes, Redmine is for both bug reports and feature requests. Asking for the Suricata binary to be updated to the latest 7.0.11 version from upstream is a legitimate Redmine request. I would suggest simply asking for the binary version update instead of asking about future Netgate strategy (such as the support plans for the packages). Strategy discussions typically don't get very far because they deal with proprietary information or plans that a company may not want to publicly discuss. Redmine is where the Netgate developer team tracks all the code changes they make for pfSense. They will see Redmine reports much quicker than a forum post.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    571 Topics
    3k Posts
    dennypageD
    @Leon-Straathof Data retention settings are handled inside of ntopng. Documentation here. Pay attention to the RRD note. Also, if you've turned on some of the slice and dice time series information (is off by default), I'd suggest turning them back off. These balloon the storage requirements and are of little actual use.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    R
    I finally got around installing a new pfsense firewall and the first connections I am seeing right of the bat are lets say strange. I don't know what they are: https://otx.alienvault.com/indicator/ip/178.250.1.11 https://www.abuseipdb.com/check/178.250.1.11 https://www.virustotal.com/gui/ip-address/178.250.1.11/community https://viz.greynoise.io/ip/178.250.1.11 Aug 10 11:07:09 WAN Default deny rule IPv4 (1000000103) 178.250.1.11:443 192.168.178.21:18414 TCP:PA Its incoming from WAN trying to get to the firewall. Very mixed results here. Never heard of criteo and it is flagged by some people despite being whitelisted on otx alienvault. I remember seeing the same the first time I installed pfsense on my other machine I think. Any idea what it could be? I also did a packetcapture and there are losts of ACKed Unseen segments. Does this indicate anything? On my other firewall I don't see anything coming from WAN to LAN but on the new one there is so much IPs. What can it be?

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    101 Topics
    2k Posts
    dennypageD
    @jhg said in NUT fails to start after 2.7.2 -> 2.8.0 upgrade: Interesting. I would have thought the initial reboot, which occurred as part of the upgrade, would have done the trick, but it took a second reboot, just now, to get things working. Glad you have it sorted. There was no difference in the output of usbconfig show_ifdrv at any point -- before or after unplugging/replugging the USB cable, nor after rebooting. ... Question: What would tell me whether or not a driver was loaded? If there were an attached driver, it should have shown up with the show_ifdrv command. If you use the command and look at the other usb devices, I think they will show attached drivers. I don't expect to see a driver attached to the ups, because there is a quirk that tells the OS to ignore that device (and not attach a driver). Look for idVendor and idProduct in the above output. The Vendor ID for your device is 0764, which corresponds to Cyber Power Systems, and the Product ID for your device is 0601, which is registered as "PR1500LCDRT2U UPS" (don't sweat an exact match for the name). You can see the quirk with the following command: [25.07-RC][root@fw]/root: usbconfig dump_device_quirks | grep 0764 VID=0x0764 PID=0x0005 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE VID=0x0764 PID=0x0501 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE VID=0x0764 PID=0x0601 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE [25.07-RC][root@fw]/root: Your device is third on the list. The HID_IGNORE quirk says to ignore the device and not attach a driver. @jhg said in NUT fails to start after 2.7.2 -> 2.8.0 upgrade: You might consider adding this resolution to the release notes for 2.8. LOL... sorry, I don't have input to the release notes (I don't work here). While I wrote and maintain various packages, including NUT, I'm still just a volunteer. Most packages are actually written by volunteers.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    493 Topics
    3k Posts
    GertjanG
    @EChondo What's your pfSense version ? The instructions are shown here : [image: 1753262126227-1acdc586-cb29-4148-9e36-81ade4e5e60c-image.png] A restart of a service will start by re creating their config files. If a certificate changed, it will get included. When the process starts, it will use the new certificate. @EChondo said in Issue with ACME Certificates Refresh & Restarting HAProxy: I haven't been able to confirm if the above works(mine just renewed, don't feel like doing it again just to test), so we'll see in 60 days I guess. No need to wait x days. You can re test / renew right away, as you are 'allowed' to renew a couple (5 max ?) of times per week.

  • Discussions about the FRR Dynamic Routing package on pfSense

    294 Topics
    1k Posts
    yon 0Y
    said in Please update frr on Pfsense+ to FRR 10.3: https://redmine.pfsense.org/issues/15785 now frr 10.4.1

  • Discussions about the Tailscale package

    90 Topics
    594 Posts
    E
    @totalimpact Tailscale 1.54.0 is 2+ years out of date. Tailscale has made quite a number of changes since Tailscale 1.54.0, likely rendering it incompatible with their servers. I would consider manually updating the Tailscale FreeBSD package. FreshPorts does not maintain an archive of all the releases, only the latest compiled by the volunteer maintainers. The key to manually upgrading is knowing which FreeBSD version your pfSense release is running, i.e. 14 or 15. You can following along here.

  • Discussions about WireGuard

    692 Topics
    4k Posts
    P
    SOLVED. Turns out nothing wrong with my tunnel setup and not due to CGNAT. The reason PING works and other traffic doesn't is due to packet size and MTU. Something on the wireless network means that the default MTU doesn't work, forcing a smaller MTU to 1280 on pfSenseB fixed this. This Reddit thread has more details of this issue: https://www.reddit.com/r/WireGuard/comments/qmsa2n/ping_works_but_sites_arent_loading/
Log in to post
Load new posts
  • M

    New snort fatal error

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • C

    PfBlocker duplicate rules

    Locked
    9
    0 Votes
    9 Posts
    3k Views
    C
    @marcelloc: if you do not have any service published on wan, then no need to use pfblocker for inbound restriction. Excellent point!  Thanks again!
  • C

    Snort Netlist for IPv6 subnets

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    C
    I don't expect this being fix until IP6v6 is fully implemented in pfSense. But wanted it to be known, that snort is ignoring IPV6 addresses and/or subnets when they are added to NETLIST and WHITELIST it seems. I'm thinking this is probably a snort issue and not pfSense since it is in the conf file looks right… Still re-searching tho..
  • T

    Squid with upstream proxy on same lan

    Locked
    5
    0 Votes
    5 Posts
    4k Views
    marcellocM
    Did you monitored the traffic using tcpdump on console to be sure nothing was been redirected to opt proxy server?
  • N

    HAVP Antivirus Explanation?

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    D
    HAVP explore http traffic only.
  • B

    SSL proxy server in pfsense squid package, how to

    Locked
    3
    0 Votes
    3 Posts
    3k Views
    N
    I am not sure if everyone is understanding your question. with squid3 package it is possible to run squid as proxy and as reverse-proxy.
  • C

    Snort-2.9.2.3.tbz hasnt build yet, please revert last commit

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    T
    Thank you for explanation an I wonder if snort 2.9.3 will bring update packages
  • S

    Darkstat

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • N

    Squid & SquidGuard

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    N
    squid2 and squidguard is working stable. squid3 and squidguard is probably working stable, too but you need to first intall squidguard and after that squid3. Blocking facebook.com: Remember that squid in transparent mode is only filtering http traffic. If someone uses https://www.facebook.com this will not be filtered and so squidguard cannot block this. To filter and block https traffic your squid needs to run in non-transparent mode. Another possibility would be to create a host-alias and put facebook.com in this alias. Then pfsense will regularly check and resolve the IPs to this DNS entry. Now create a firewall rule and put this alias as destination ip and select "block" for this rule. you have to place this rule on top of all other firewall rules.
  • Q

    Can't Change Squid Cache Size

    Locked
    7
    0 Votes
    7 Posts
    3k Views
    Q
    Thanks for the info! I copied and pasted the info over the existing file (not sure if there is a better method to for this) and it appears to be working now. Tried restarting the service = worked. Tried stopping and then starting = works. I believe that did it. :) Cheers!
  • E

    Squid3 & Squidguard

    Locked
    7
    0 Votes
    7 Posts
    4k Views
    E
    Marcelloc, tried it but failed. Strange, because found that solution to in other posts. Like stated above. Only solution for me was installing the normal squid via the packages and then "upgrading" o Squid3! Do mind that I indeed did a manual install of the Perl package. Thx a lot for the support!
  • T

    User Activity Monitoring on Sarg fo PFSense 2.0.1

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    marcellocM
    what did you configured on sarg?
  • S

    Mail Report: Sending report mail to multiple recipient

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    S
    i have tried the following with no luck: xxx@gxxx.com;yyy@gyyy.com xxx@gxxx.com,yyy@gyyy.com The system log shows that mail is being sent to: php: /system_advanced_notifications.php: Message sent to xxxx@xxxx.com,yyyy@yyyy OK Any other suggestions?
  • B

    Squid Unrestricted IPs gave acess to all class ?

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • S

    Ntop: Missing host / IP?

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • D

    Updated Avahi daemon?

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    D
    Thanks for the reply. Two questions, ps aux is not returning the command line params for the avahi daemon. Is there something I'm missing? This is all I see in the ps output. avahi  58773 100.0  0.3  6112  2948  ??  RNs  24May12 15368:26.33 avahi-daemon: running [rooter.local] (avahi-daemon) Another thing I noticed is that the rooter name is not correct. In the ps output it is showing rooter.local (default for pf) but it is not what is there in the configuration. In some of the issues related to the "Invalid query packet" error they mention that the .local domain may be the cause. I'm assuming that the browse domain and deny interfaces are passed as arguments? Is it possible that these are written to a config file and it is not being read/passed correctly on service startup? I'll keep poking around, I just thought I'd put this here first. Thanks again.
  • rcfaR

    BUG: Dashboard Widget: HAVP & Antivirus Status broken for pfSense 2.1

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    D
    The problem adopted
  • N

    [SOLVED] Squid - A Few Questions

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    N
    Figured it Out. Exclude domain/URL from blacklist In the squidGuard GUI (Services > Proxy Filter): Open Target categories page     Click + to add a new item     Enter a name for the category - 'myWhitelist' for example.     Add domains and/or URL's to the lists as needed. Entries should be separated by a space. The examples on the page show how entries should be formatted.     As with the Common ACL discussed previously, you may set redirect and logging options specific to this category.     Save     Open Common ACL or Groups ACL page (where you want to make an exclusion).     Click Target Rule List to expand the list of categories. The newly created category should show alphabetically in the list, above any blacklist categories. Find the MyWhiteList entry in the list and select white.     Save     Return to the General Settings tab and press Apply.
  • ?

    Package repository and nanobsd

    Locked
    4
    0 Votes
    4 Posts
    1k Views
    D
    I cannot disconnect our WAN interfaces to test this, sorry. You didn't mention whether the pfSense test links work on your repository host. Did you try those URLs? I would also ensure that error_reporting in PHP is disabled as some of the deprecation warnings for the ereg functions may cause issues with the retrieval of package information.
  • W

    New NTOP Install

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    G
    Runs fine on two HP DL360 servers here. Just install and off you go after minimal setup
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.