1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    D
    Retested on 24.11-RELEASE (amd64) all seems to work. So it seems right to file a bug for this issue.

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    S
    So since there is no version 25.03. There is an official 25.07 now but only get a 7.08.2 what happen to the rest up to Suricata 7.0.10 or 7.0.12?

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    571 Topics
    3k Posts
    K
    @pulsartiger The database name is vnstat.db and its location is under /var/db/vnstat. With "Backup Files/Dir" we are able to do backup or also with a cron.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    GertjanG
    @rasputinthegreatest said in pfBlockerNG not logging anything by default?: It is a Ubuntu device Ah, ok. I'm not familiar with Unbuntu but I do use Debian myself. Like pfSense (based upon FreeBSD) there is file called /etc/resolv.conf which contains something like : nameserver 127.0.0.1 nameserver ::1 .... which means that programs process running on that system know where to go with their DNS requests. Guess who listens on port 127.0.0.:53 on pfSense ? Let's ask ;) [25.07-RELEASE][root@pfSense.bhf.tld]/root: sockstat -4 | grep ':53' avahi avahi-daem 61533 13 udp4 *:5353 : unbound unbound 14531 5 udp4 *:53 : unbound unbound 14531 6 tcp4 *:53 : .... If you Ubuntu was told that DNS requests have to send to 127.0.0.53 (probably port 53) then there must be a process that handles DNS requests listening on that address:port. If there is none, then you get a service fail or "SERV FAIL" as no DNS service is avaible. That needs to be set up correced ^^ @rasputinthegreatest said in pfBlockerNG not logging anything by default?: I have my ISP router (running Quad9DNS) I have also a ISP 'upstream' router. Somewhat mandatory for me as that device knows how to talk to the 'laser led wire' (fiber) and handles the login against my ISP. My ISP router probably uses the ISP's DNS servers, I'm not sure. pfSense gets a WAN IP from this ISP router, which will be a RFC1918 like 192.168.10.4. By default, pfSense won't use an DNS suggestion that comes with the lease from the ISP routers DHCP server, as (my) pfSense resolves. Here are my Unbound settings. General Setup I already showed above Pretty default so you're good.

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    101 Topics
    2k Posts
    dennypageD
    @jhg said in NUT fails to start after 2.7.2 -> 2.8.0 upgrade: Interesting. I would have thought the initial reboot, which occurred as part of the upgrade, would have done the trick, but it took a second reboot, just now, to get things working. Glad you have it sorted. There was no difference in the output of usbconfig show_ifdrv at any point -- before or after unplugging/replugging the USB cable, nor after rebooting. ... Question: What would tell me whether or not a driver was loaded? If there were an attached driver, it should have shown up with the show_ifdrv command. If you use the command and look at the other usb devices, I think they will show attached drivers. I don't expect to see a driver attached to the ups, because there is a quirk that tells the OS to ignore that device (and not attach a driver). Look for idVendor and idProduct in the above output. The Vendor ID for your device is 0764, which corresponds to Cyber Power Systems, and the Product ID for your device is 0601, which is registered as "PR1500LCDRT2U UPS" (don't sweat an exact match for the name). You can see the quirk with the following command: [25.07-RC][root@fw]/root: usbconfig dump_device_quirks | grep 0764 VID=0x0764 PID=0x0005 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE VID=0x0764 PID=0x0501 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE VID=0x0764 PID=0x0601 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE [25.07-RC][root@fw]/root: Your device is third on the list. The HID_IGNORE quirk says to ignore the device and not attach a driver. @jhg said in NUT fails to start after 2.7.2 -> 2.8.0 upgrade: You might consider adding this resolution to the release notes for 2.8. LOL... sorry, I don't have input to the release notes (I don't work here). While I wrote and maintain various packages, including NUT, I'm still just a volunteer. Most packages are actually written by volunteers.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    493 Topics
    3k Posts
    GertjanG
    @EChondo What's your pfSense version ? The instructions are shown here : [image: 1753262126227-1acdc586-cb29-4148-9e36-81ade4e5e60c-image.png] A restart of a service will start by re creating their config files. If a certificate changed, it will get included. When the process starts, it will use the new certificate. @EChondo said in Issue with ACME Certificates Refresh & Restarting HAProxy: I haven't been able to confirm if the above works(mine just renewed, don't feel like doing it again just to test), so we'll see in 60 days I guess. No need to wait x days. You can re test / renew right away, as you are 'allowed' to renew a couple (5 max ?) of times per week.

  • Discussions about the FRR Dynamic Routing package on pfSense

    294 Topics
    1k Posts
    J
    @div444 i'm finding the same - did you find a solution or did reverting fix it? Hoping there is a patch fix or something to get it working! Rather not rollback if i can avoid it

  • Discussions about the Tailscale package

    90 Topics
    583 Posts
    L
    Any ideas to why I get this error? Im running pfsense CE 2.8.0-RELEASE (amd64) pkg add https://pkg.freebsd.org/FreeBSD:15:amd64/latest/All/tailscale-1.84.2_1.pkg pkg: An error occured while fetching package

  • Discussions about WireGuard

    692 Topics
    4k Posts
    F
    Hi again, to be honest: I guess, I did not remember exactly what I did 2 years ago. May I was mistaken by the interface name opt2 because the SG-3100 has a physical port OPT1 and I mixed up physical and virtual names. The goal was to use 2 different tunnels, one for the mobile clients and one for the site-2-site connection. And now all is running in that way . Regards
Log in to post
Load new posts
  • A

    SquidGuard Blacklist Loading Memory Issue

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • B

    Proxy server on wan pack configuration ?

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    marcellocM
    Any squid tutorial will work, just apply rules on wan instead of lan and do not try transparent proxy.
  • M

    [2.0.1_release i386] Squid in Transparent mode not working | HAVP in TM works

    Locked
    3
    0 Votes
    3 Posts
    1k Views
    M
    ok but i was trying first to setup only squid without havp.. and squid in transparent mode isn't working… :((
  • N

    Proxy server: Authentication with Active Directory

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    N
    @dvserg: SquidGuard Group ACL: Client names must be enter in the quotes. Sir, I had inserted the DC users names with the quotes and i am able to browse via ACL. But problem for other OUs users other than IT OU remains same. This attachment shows my config. Please let me know what should i uses in LDAP base domain field insted of OU=IT,DC=RFCL,DC=mmclgroup,DC=com so that my other OU users can also able to browse. [image: 4.jpg] [image: 4.jpg_thumb]
  • M

    Help me with havp - i can't start it..

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    D
    Probably you have squid/havp configuration conflict
  • L

    Just how good is Squid?

    Locked
    9
    0 Votes
    9 Posts
    4k Views
    L
    Yes that is what i understood.. which is why it is strange that i am using Squid2 and still having this problem
  • H

    How to get pkg_add -r py27-mako (ftp packages-8.1-release already out)

    Locked
    3
    0 Votes
    3 Posts
    1k Views
    H
    Thanks, marcelloc i use this command line setenv PACKAGESITE http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE/packages/Latest/ pkg_add -r py26-mako
  • H

    Imspector not logging yahoo messenger in android environment

    Locked
    3
    0 Votes
    3 Posts
    1k Views
    H
    ok thank you
  • J

    LightSquid and 500 - Internal Server Error (pfsense 2.1)

    Locked
    3
    0 Votes
    3 Posts
    3k Views
    J
    I already have 2 months worth of data but still no monthly graph. My other pfsense box has the same problem but after new year, the graph is working.
  • M

    Hardware recommended for Haproxy?

    Locked
    4
    0 Votes
    4 Posts
    4k Views
    marcellocM
    Take a look on this doc http://doc.pfsense.org/index.php/Hardware_requirements
  • B

    Pkg_add manually does not show up in web GUI

    Locked
    3
    0 Votes
    3 Posts
    1k Views
    B
    Nachtfalke, Thank You for the info. Unfortunatley,,clicking on the + to add HAVP,,,within package manager,,does in fact start buts fails. I have tried for two days,,,there ar no remnants of HAVP at /usr/local/pkgs. As I stated earlier the version number showing in package manager is 0.91,,even for v 1.2.3 when in fact the version residing at files pfsense org is only 0.88 for 7/aka 1.2.3. I realize v 1.2.3 is pretty much outdated,and I am sure everyone should be running 2.x at this point. thank You, Barry
  • C

    Snort Blocked Alert Description Error

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    E
    Probably this is a side effect of the parser in php for the alerts that was never written to handle dst alerts.
  • S

    Rpcapd wokring on pfSense

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • R

    Nut & Powerware/Eaton 5110 problem: package needs patch?

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    marcellocM
    You can create an account at github and pull your file change request to Fix this package.
  • K

    Squidguard: how to redirect each category to it's URL?

    Locked
    5
    0 Votes
    5 Posts
    4k Views
    K
    I've been looking in squidguard_configurator.inc where I think the function sg_create_config() is what generates the squidguard conf. I've altered the section related to the destinations:    # --- Destinations ---    if ($squidguard_config[F_DESTINATIONS]) {        $temp_str = '';        foreach($squidguard_config[F_DESTINATIONS][F_ITEM] as $dst) {            $dstname = $dst[F_NAME];            $sg_tag->clear();            $sg_tag->set("dest", $dst[F_NAME], "", $dst[F_DESCRIPTION]);            if ($dst[F_DOMAINS])                $sg_tag->items[] = "domainlist $dstname/domains";            if ($dst[F_EXPRESSIONS])                $sg_tag->items[] = "expressionlist $dstname/expressions";            if ($dst[F_URLS])                $sg_tag->items[] = "urllist $dstname/urls";            if ($dst[F_RMOD] != RMOD_NONE)                $sg_tag->items[] = "redirect " . sg_redirector_base_url($dst[F_REDIRECT], $dst[F_RMOD]);            if ($squidguard_config[F_ENABLELOG] == 'on' ) {                if ($dst[F_LOG])                    $sg_tag->items[] = "log " . SQUIDGUARD_LOGFILE;            } [b]    if ($dst[F_NAME] == 'blk_BL_adv')  $sg_tag->items[] = "redirect http://MyWebServer/blockedADV.html"; [/b]            $sgconf[] = "";            $sgconf[] = $sg_tag->tag_text();            # log            $temp_str .= " $dstname;";        }        # log        $temp_str = !empty($temp_str) ? $temp_str : "Nothing.";        sg_addlog("sg_create_config", "Add destinations: $temp_str", SQUIDGUARD_INFO);    } I've just added the part in bold, but this could not generate the directive in the squidguard config to redirect destination blk_BL_adv.
  • B

    Redirect and then allow original request squid

    Locked
    4
    0 Votes
    4 Posts
    1k Views
    B
    back to basics , In squid how do I actually create a custom redirect to bbc.co.uk went to 192.168.0.5 for example, I can seem to get it working. Do I create a new targer category and add it to the common acl?
  • E

    Calamaris Squid Reporting package perhaps?

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    jimpJ
    I've never heard of that one … but the last note in their changelog is from 2006. I'm not sure how well a 6-year-old software package would run these days, but who knows. It looks like the FreeBSD port is still there, so if someone wanted to, they could give it a try, but I'm not very fond of the format of their report examples. Seems like the existing Lightsquid package does a bit better job there.
  • lonewolfL

    Quagga (with CoreGUI)

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    J
    As CMB said, if this is working and ready to go, am also happy to donate something towards you time on this to get this package up and out there Cheers J
  • A

    Imspector msn logout ?

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    marcellocM
    Take a look on this post. http://forum.pfsense.org/index.php/topic,42824.msg223765.html#msg223765
  • M

    HAPROXY 1.4.18 pkg v 1.2 PHP Error on PFSense 2.0.1-RELEASE AMD64

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    marcellocM
    Not sure, But if you reinstall in few minutes I'll be 100% sure you got the fix. I did not changed package version, just fixed the array check. att, Marcello Coutinho
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.