1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    D

    I just upgrded my PFSense from 2.7.2 to 2.8; upgrading operations completed fine.

    Then I wanted to add Squid package as well, installing it after having completed this upgrade.

    Squid installation process completed regularly. But after a very simple config, daemon didn't start in any way. When I tried by CLI, I received this error message:
    "ld-elf.so.1: /usr/local/sbin/squid: Undefined symbol "_ZTVNSt3__117bad_function_callE"

    Maybe Squid last release (0.5.3) is not compatible with libc++ in FreeBSD 15.0 ?

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    JonathanLeeJ

    @bmeeks said in GUIDE: Snort's AppID custom rules Quick Guide to blocking. Example shows OpenAI ChatGPT or Itunes.:

    appMapping.data

    Do you know when this is updated again?

    appMapping.data

    I have the subscription for Snort but I have not seen this update in a while now.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    569 Topics
    3k Posts
    dennypageD

    @StealthNet said in Outgoing Portscans - ntopng?:

    Tbh I never thought a default package would do some kind of outbound network discovery based on class C scanning of internet hosts.

    I don´t think this is ok.

    I agree. I was rather shocked when I discovered this while diagnosing the same issue with another pfSense user who happens to be a close friend of min. He had also enabled it because ntopng's description made it sound like a good thing.

    Anyway, I appreciate your, and others, input on this. I believe I will add a set of warning to the next version of the package, to at least have put forth the information/warning.

    Thank you.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    M

    @tinfoilmatt Same exact problem. Thank you.

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    94 Topics
    2k Posts
    V

    @Vancejo1 said in apcupsd causes restart:

    When I stop the apcupsd service and run apctest then select 10 battery calibration. It cause my router to reboot after reporting the calibration was aborted.

    Is it really rebooting? Or does the UPS cut the power?
    Check the logs to get sure.
    I've seen the latter already, but with old batteries, however.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    491 Topics
    3k Posts
    jimpJ

    Let's Encrypt is removing the TLS Client Authentication EKU from certificates they sign in the near future:

    https://letsencrypt.org/2025/05/14/ending-tls-client-authentication/

    This shouldn't affect many, if any, users of ACME on pfSense as it isn't used as a client certificate, only as a server certificate in various context (e.g. GUI, Captive Portal, HAProxy)

    In the past we have discouraged using Let's Encrypt certificates in certain contexts (like for clients) since it wasn't typically a secure practice. For example, if you use a Let's Encrypt certificate for OpenVPN, it would trust any certificate signed by Let's Encrypt, which makes it useless as an authentication factor.

    So while this is something to be aware of and check, it's unlikely to be a problem for most people.

  • Discussions about the FRR Dynamic Routing package on pfSense

    290 Topics
    1k Posts
    F

    Hi Team,

    This is driving me crazy!

    I typically set up FRR manually under PFS, but would like to move to GUI to make life easier for 'new folks'.

    Here's a snippet of my config:

    router ospf
    ospf router-id id.id.id.id
    area 0.0.0.0 shortcut default
    redistribute kernel
    !
    ip prefix-list XXX seq 1 deny 10.0.0.0/16 le 32
    ip prefix-list XXX seq 2 permit any

    route-map XXX permit 10
    match ip address prefix-list XXX
    !
    ip protocol ospf route-map XXX

    I cannot for the life of me figure out how to get the last line into the config via the GUI.

    I've read that setting ABR filters in FFR-OSPF->Areas might be the answer, but that doesn't seem to be it.

    Could someone please explain what I'm missing here?

    Thanks

    ChIP

  • Discussions about the Tailscale package

    86 Topics
    552 Posts
    J

    Looks like Tailscale updated their Oauth to include client ID and client secret. Currently, I cannot login with client secret only.

  • Discussions about WireGuard

    680 Topics
    4k Posts
    T

    @TheNarc You are right!
    I configured the MTU on the Wireguard interface as described in the docs. However, it turns out that in order for getting the Zyxel switch to work I had to also specify a value for the MSS.

    For future readers: I set the MSS value to exactly the same as the MTU (1420). The field description states that the actual MSS is calculated by subtracting 40 from this value. Which results in 1380, the same value that can be found in the referenced OPNsense documentation.

    Thanks for the quick response :).

Log in to post
Load new posts
  • V

    SSL-Explorer

    Locked
    4
    0 Votes
    4 Posts
    4k Views
    F

    You also have OpenVPN.

  • C

    For_throttled_binary squid its not working

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    S

    Sorry, I don't follow.  Can you explain what you mean?

  • L

    Transparent Squid and Traffic Shaping!!

    Locked
    2
    0 Votes
    2 Posts
    5k Views
    S

    Bravo!  Thats awesome!

  • S

    Squid Installation Error

    Locked
    12
    0 Votes
    12 Posts
    6k Views
    S

    Ok I finally got around to installing the squid package but im having a bit of trouble getting it to work. I set it up for "transparent mode" but get an "access denied" output. Am I missing something? I was under the impression that no other configuration was needed when using squid in "transparent mode".

    Feb 28 09:23:53 squid[68134]: Exiting due to repeated, frequent failures
    Feb 28 09:23:53 squid[68134]: Squid Parent: child process 68525 exited with status 1
    Feb 28 09:23:53 squid[68134]: Squid Parent: child process 68525 started
    Feb 28 09:23:50 squid[68134]: Squid Parent: child process 68523 exited with status 1
    Feb 28 09:23:50 squid[68134]: Squid Parent: child process 68523 started
    Feb 28 09:23:47 squid[68134]: Squid Parent: child process 68521 exited with status 1
    Feb 28 09:23:47 squid[68134]: Squid Parent: child process 68521 started
    Feb 28 09:23:44 squid[68134]: Squid Parent: child process 68519 exited with status 1
    Feb 28 09:23:44 squid[68134]: Squid Parent: child process 68519 started
    Feb 28 09:23:41 squid[68134]: Squid Parent: child process 68517 exited with status 1
    Feb 28 09:23:41 squid[68134]: Squid Parent: child process 68517 started
    Feb 28 09:23:38 squid[68504]: Squid Parent: child process 68507 started
    Feb 28 09:23:38 squid[68134]: Squid Parent: child process 68137 exited due to signal 15
    Feb 28 09:22:22 squid[67784]: Exiting due to repeated, frequent failures
    Feb 28 09:22:22 squid[67784]: Squid Parent: child process 68320 exited with status 1
    Feb 28 09:22:22 squid[67784]: Squid Parent: child process 68320 started
    Feb 28 09:22:19 squid[67784]: Squid Parent: child process 68281 exited with status 1
    Feb 28 09:22:19 squid[67784]: Squid Parent: child process 68281 started
    Feb 28 09:22:16 squid[67784]: Squid Parent: child process 68165 exited with status 1
    Feb 28 09:22:16 squid[67784]: Squid Parent: child process 68165 started
    Feb 28 09:22:13 squid[67784]: Squid Parent: child process 68163 exited with status 1
    Feb 28 09:22:13 squid[67784]: Squid Parent: child process 68163 started
    Feb 28 09:22:10 squid[67784]: Squid Parent: child process 68161 exited with status 1
    Feb 28 09:22:10 squid[67784]: Squid Parent: child process 68161 started
    Feb 28 09:22:07 squid[68134]: Squid Parent: child process 68137 started
    Feb 28 09:22:07 squid[67784]: Squid Parent: child process 67984 exited due to signal 15
    Feb 28 09:21:25 squid[67784]: Squid Parent: child process 67984 started
    Feb 28 09:21:22 squid[67784]: Squid Parent: child process 67787 exited due to signal 15
    Feb 28 09:21:00 squid[67784]: Squid Parent: child process 67787 started
    Feb 28 09:20:51 squid[67373]: Squid Parent: child process 67376 exited with status 0
    Feb 28 09:17:47 squid[67030]: Exiting due to repeated, frequent failures
    Feb 28 09:17:47 squid[67030]: Squid Parent: child process 67394 exited with status 1
    Feb 28 09:17:47 squid[67030]: Squid Parent: child process 67394 started
    Feb 28 09:17:44 squid[67030]: Squid Parent: child process 67392 exited with status 1
    Feb 28 09:17:43 squid[67030]: Squid Parent: child process 67392 started
    Feb 28 09:17:40 squid[67030]: Squid Parent: child process 67390 exited with status 1
    Feb 28 09:17:39 squid[67030]: Squid Parent: child process 67390 started
    Feb 28 09:17:36 squid[67030]: Squid Parent: child process 67388 exited with status 1
    Feb 28 09:17:35 squid[67030]: Squid Parent: child process 67388 started
    Feb 28 09:17:32 squid[67030]: Squid Parent: child process 67386 exited with status 1
    Feb 28 09:17:31 squid[67030]: Squid Parent: child process 67386 started
    Feb 28 09:17:28 squid[67373]: Squid Parent: child process 67376 started
    Feb 28 09:17:28 squid[67030]: Squid Parent: child process 67033 exited due to signal 15
    Feb 28 09:15:59 squid[67030]: Squid Parent: child process 67033 started
    Feb 28 09:15:43 squid[66701]: Squid Parent: child process 66704 exited with status 0
    Feb 28 09:13:42 squid[66701]: Squid Parent: child process 66704 started
    Feb 28 09:11:49 squid[65989]: Squid Parent: child process 65992 exited with status 0
    Feb 28 09:10:01 squid[65989]: Squid Parent: child process 65992 started
    Feb 28 09:10:00 squid[65849]: Squid Parent: child process 65852 exited with status 0
    Feb 28 09:09:34 squid[65849]: Squid Parent: child process 65852 started

  • L

    Spamd - removing incorrect trap in the spamd database

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    L

    This is box number 2.  Box number 1 is the unit that I am unable to install spamd on.

  • N

    Error installing packages

    Locked
    15
    0 Votes
    15 Posts
    8k Views
    M

    thank scott, http://www.pfsense.com/~sullrich/1.0-BETA1-TESTING-SNAPSHOT-2-8-06/ is ok, installing packages work  ;)

  • M

    Can I install packages without connecting to the Internet?

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    S

    Not at the moment.  This will be addressed in 1.1.

  • S

    Interesting SpamD statistics by one of its authors

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • M

    New packages

    Locked
    10
    0 Votes
    10 Posts
    5k Views
    M

    Thanks submicron for your help  ;) I can't speek English, I speek only Russian, that's why it's wery difficult to me to explain my needs  :)

  • L

    Package installation Problems

    Locked
    5
    0 Votes
    5 Posts
    3k Views
    L

    Remove & rerun don't fit it. There is still the same problem.

    But there is another problem to:
    The CPU-usage is permanently on 100%. After reboot the system the usage is normaly (3-5%), but if the system run around a half hour the usage goes up to 100%. On the shell I have run "top" and I have seen that php needs a lot of CPU-power…

    So long
    Henry

  • I

    Ntop Help

    Locked
    4
    0 Votes
    4 Posts
    5k Views
    H

    I guess that was some kind of memory overuse then somehow. Please report back if that really fixed the issue.

  • C

    Unofficial, Unsupported Cacti Install Guide

    Locked
    21
    0 Votes
    21 Posts
    16k Views
    E

    @sullrich:

    This REALLY is not a priority for us.    Atleast it isn't for me.

    Yes I know that this is not a priority for the pfSense team… No problem...

    I ask only why I can't download mySQL serve package....

  • W

    Enabling package support for Wrap Microdive based system?

    Locked
    9
    0 Votes
    9 Posts
    5k Views
    B

    Yeah, before we removed keyboard from the embedded image the Soekris' boxes booted fine.  This is a WRAP bios limitation.  What's more interesting is a PC based CF image with video/keyboard enabled.  It's unlikely that'll show up anytime soon, but it's more likely than a specialized WRAP only version.

    –Bill

  • E

    CACTI

    Locked
    10
    0 Votes
    10 Posts
    5k Views
    E

    @cmb:

    just posted.
    http://forum.pfsense.org/index.php?topic=485.0

    will this become a package?  I don't know, possibly in the future.  We're not putting a lot of focus on packages right now, and this will take a little work.  Maybe we can see this as a package sometime before 1.1 is released.

    Thank you!!

    I'll start to test asap!
    I'll let you know if I'll have any problems…

  • M

    Start on boot of services without rc file

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    S

    The package manager will parse that out and automatically create a startup script in /usr/local/etc/rc.d

  • L

    MOVED: error on firmware page

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • E

    Packages pfflowd and snmpd

    Locked
    3
    0 Votes
    3 Posts
    3k Views
    E

    Ok thanks again Scott, I'll be looking for it!  :)

  • N

    Keep OpenVPN

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    S

    No, I meant have you tried it on pfSense.  It exists if you know how to enable it.

  • S

    NTOP updated

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    R

    weird…
    my pfsense beta2 shows ntop Installed: 3.81
    ???

  • A

    Adding FreeRadius to Embeded WRAP board? Plz help

    Locked
    9
    0 Votes
    9 Posts
    4k Views
    A

    ok thanks hoba, thas wjhat i neede…
    as to the freeradius, it doent need to write anything to itself if it works w/ SQL. Well it writes the temp file that contains the list of connected users, but if you disable it the server will still work... anyway that file is duplicated in acccounting table... so ill see if I get anything working and I let you know how it goes

    THANKS!

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.