1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    J
    @JonathanLee use Pfsense 2.8.1.

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    DARAD
    Hello team, I have a Netgate 8200 running 24.11-RELEASE (amd64) with Suricata 7.0.8_5 package installed. Suricata doesn't seem to start. It loops to red once I press the Play button on the interface. It leaves no logs in the System logs, it leaves no logs in suricata.log at /var/log/suricata/suricata_ovpns933787/suricata.log I tried launching it manually: # /usr/local/bin/suricata -V or # /usr/local/bin/suricata -c /usr/local/etc/suricata/suricata_33787_ovpns9/suricata.yaml -i suricata_ovpns933787 and I get this output ld-elf.so.1: /usr/local/bin/suricata: Undefined symbol "__strlcpy_chk@FBSD_1.8" Thanks in advance, Dara

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    573 Topics
    3k Posts
    dennypageD
    @kabeda If memory serves, that old version of ntopng did not run as user ntopng, but as user nobody. There are lots of problems in that old version. Anyway, check the ownership and permissions of /var/db/ntopng and make sure it matches the user that ntopng runs as. You may need to set ownership of the entire hierarchy. Example: /usr/sbin/chown -R nobody:nobody /var/db/ntopng However, the better choice would be to upgrade to a more recent version.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    tinfoilmattT
    @vicking said in No blocks on IP: Is it a bad idea to have the action set to deny both instead of inbound only? Question is squarely for admin. Per the infoblock which explains, in part, the "Deny Inbound", "Deny Outbound", and "Deny Both" actions: 'Deny' Rules: 'Deny' rules create high priority 'block' or 'reject' rules on the stated interfaces. They don't change the 'pass' rules on other interfaces. Typical uses of 'Deny' rules are: Deny Both - blocks all traffic in both directions, if the source or destination IP is in the block list Deny Inbound/Deny Outbound - blocks all traffic in one direction unless it is part of a session started by traffic sent in the other direction. Does not affect traffic in the other direction. One way 'Deny' rules can be used to selectively block unsolicited incoming (new session) packets in one direction, while still allowing deliberate outgoing sessions to be created in the other direction. In other words: When set to "Deny Inbound", incoming connection requests from WAN hosts are blocked and therefore no state will be created. However a LAN host can still establish state to an otherwise listed IP. If set to "Deny Outbound", outgoing connection requests from LAN hosts are blocked and therefore no state will be created. However an incoming connection request from an otherwise listed IP to an 'open' WAN port can still establish state. If set to "Deny Both", both incoming connection requests and outbound connections requests are blocked and therefore no state will be created regardless of connection direction.

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    102 Topics
    3k Posts
    C
    @dennypage Nicely done sir!

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    503 Topics
    3k Posts
    M
    I am using the DNS-Update method I have to use a DNS-Sleep of 5 minutes to let the letsencrypt txt dns record update propagate. During this 5 minutes the acme-webgui times out. when the acme-webgui times out the Action list is NOT executed. How can I solve this ? Would it maybe be an idea to let the acme.sh script execute the actions in the action list as a post-hook instead of the web-gui? Or maybe add an option to add post-hooks in the webUI ?

  • Discussions about the FRR Dynamic Routing package on pfSense

    296 Topics
    1k Posts
    C
    This one has been tricky still not sure what to try. Any ideas?

  • Discussions about the Tailscale package

    93 Topics
    654 Posts
    C
    @luckman212, Thanks for your suggestion. I will check what I have in /usr/local/pkg/tailscale/state, and also the RAM disk settings others have brought up. I could learn more about where Tailscale and pfSense store system files. If I find anything worth sharing, I will let you know.

  • Discussions about WireGuard

    715 Topics
    4k Posts
    H
    @RNM-0 Thanks for your comment and sharing your fix. Unfortunately I don't want to take down pfsense and downgrade versions. I'm currently fine at the moment since I'm using Tailscale and that works. I also fixed the other crash I was having with pfblocker by changing a line code that wasn't pushed out under this version. Hopefully the stable release won't take too long to release but it appears there's still some open bugs that need to be fixed before that happens, and ironically, both the pfblocker and wireguard issues aren't on that list of bug fixes.
Log in to post
Load new posts
  • Cry HavokC

    MOVED: squid + kerberos

    Locked
    1
    0 Votes
    1 Posts
    587 Views
    No one has replied
  • Cry HavokC

    MOVED: Squid+Dansguardian with Active Directory (NTLM) Single Sign On WORKING!!!

    Locked
    1
    0 Votes
    1 Posts
    694 Views
    No one has replied
  • Cry HavokC

    MOVED: Custom SquidGuard Error Page not working

    Locked
    1
    0 Votes
    1 Posts
    543 Views
    No one has replied
  • Cry HavokC

    MOVED: Your SquidGuard blacklist & Clamav configuration? How to optimize settings?

    Locked
    1
    0 Votes
    1 Posts
    463 Views
    No one has replied
  • R

    How are freebsd packages displayed?

    1
    0 Votes
    1 Posts
    524 Views
    No one has replied
  • 0

    Pfblocker dashboard widget Fatal error: Unsupported operand types

    5
    0 Votes
    5 Posts
    1k Views
    N
    I also had this issue and tracked it down to a user rule that had a description beginning with the string "carp" - it appears that $matches['carp'] is used elsewhere before pfblockNG and contains an array of data related to carp interfaces Two possible fixes:- find the rule description that begins with the term "carp" and change it adjust the code to use a variable name other than $matches Enjoy, N
  • jimpJ

    MOVED: Any plans for Snort to support FQDN aliases?

    Locked
    1
    0 Votes
    1 Posts
    480 Views
    No one has replied
  • jimpJ

    New Package: ntopng

    Locked
    50
    0 Votes
    50 Posts
    40k Views
    jimpJ
    I split several unrelated issues off into separate threads, and I'm locking this one. Please start a new thread for each new issue rather than using a single thread. Thanks!
  • S

    Pkg_add

    3
    0 Votes
    3 Posts
    2k Views
    S
    @jimp: For manually installing FreeBSD packages, see here: https://doc.pfsense.org/index.php/Installing_FreeBSD_Packages But that won't help lightsquid. Don't do that. Follow this: https://doc.pfsense.org/index.php/Lightsquid_Troubleshooting If I do this, I will lose all the logs stored. The problem is with the graph it does not generate.
  • A

    Check_mk_agent: Command not found

    2
    0 Votes
    2 Posts
    1k Views
    M
    Hello, same issue here please fix :) Thanks,
  • M

    TFTP on Pfsense 2.2

    2
    0 Votes
    2 Posts
    1k Views
    M
    Hello, I found the solution. It was a driver problem of my TFTP Lan Card with pfsense 2.2 I changed my card and now everything is ok. Best Regards. Myke.
  • S

    Syslog-ng pkg.v.1.0.2 is gzipping the client key file every night

    2
    0 Votes
    2 Posts
    849 Views
    S
    Well, I made this work. If you are running into this issue, you can probably fix it this way, but I'm no expert at regex. Here is the code that is in the syslog-ng package now, found in /usr/local/pkg/syslog-ng.inc: preg_match("/\bfile\b\(['\"]([^'\"]*)['\"]/", base64_decode($object['objectparameters']), $match); That is supposed to fix the "encrypting the keyfile" behavior, but it doesn't. This is at line 238 according to the redmine page here https://redmine.pfsense.org/projects/pfsense-packages/repository/revisions/c030cf2781c7bbef197db6f07facef35b6856c8e/diff In order to get this thing to STOP encrypting the keyfile, I changed line 238 to this: preg_match("/[^-]\bfile\b\(['\"]([^'\"]*)['\"]/", base64_decode($object['objectparameters']), $match); Once I change this and re-saved, with no changes, my custom Destination object in syslog-ng (restarting the syslog-ng service does NOT make this change take effect), the /usr/local/etc/logrotate.conf no longer includes the key file, but it DOES still include the syslog-ng log files. One other thing - while youa re editing the /usr/local/pkg/syslog-ng.inc file, chenage the line $conf .= "@version:3.6\n"; to $conf .= "@version:3.5\n"; otherwise the syslog-ng service will not start.
  • C

    Pfblocker NG help

    5
    0 Votes
    5 Posts
    3k Views
    BBcan177B
    I would also suggest reading this thread: https://forum.pfsense.org/index.php?topic=90092.msg498849#msg498849 Best to create a "permit inbound" alias for CA and US. Then manually create a firewall rule using this alias and using the IP/ports of your mail server. Not recommended to put all countries except a few in blacklists as pfSense is a stateful firewall by design.
  • T

    Dansguardian and LDAP authentication

    2
    0 Votes
    2 Posts
    494 Views
    T
    I'd like to add if a change is made to a group in AD, once Dansguardian updates, the changes are reflected on the 'Users' tab, but the actual file is not changed.  You have to click on the 'Users' tab save button to apply. Anybody got a quick fix for this?
  • F

    ClamAV will not start (freshclam error signal 9)

    1
    0 Votes
    1 Posts
    3k Views
    No one has replied
  • A

    Stop BIND from using IPv6 to contact other DNS servers when doing recursion ??

    3
    0 Votes
    3 Posts
    3k Views
    G
    Go to Diagnostics->Edit File Browse and Load /usr/local/pkg/bind.inc Go towards the end of the file and add -4 as shown Save the file and go to the BIND Server page and click Save to apply the change function bind_write_rcfile() {         $rc = array();         $BIND_LOCALBASE = "/usr/local";         $rc['file'] = 'named.sh';         $rc['start'] = <<<eod<br>if [ -z "`ps auxw | grep "[n]amed -4 -c /etc/namedb/named.conf"|awk '{print $2}'`" ];then         {$BIND_LOCALBASE}/sbin/named -4 -c /etc/namedb/named.conf -u bind -t /cf/named/ fi EOD;         $rc['stop'] = <<<eod<br>killall -9 named 2>/dev/null sleep 2 EOD;         $rc['restart'] = <<<eod<br>if [ -z "`ps auxw | grep "[n]amed -4 -c /etc/namedb/named.conf"|awk '{print $2}'`" ];then         {$BIND_LOCALBASE}/sbin/named -4 -c /etc/namedb/named.conf -u bind -t /cf/named/         else killall -9 named 2>/dev/null         sleep 3         {$BIND_LOCALBASE}/sbin/named -4 -c /etc/namedb/named.conf -u bind -t /cf/named/         fi</eod<br></eod<br></eod<br>
  • J

    PfBlocker with Nested Aliases

    4
    0 Votes
    4 Posts
    2k Views
    J
    I'm very sorry I haven't responded, I didn't get alerted to the thread being updated. I am embarrassed to be reminded of this as I did realise I was being less than observant when I first looked in to it, pfBlocker itself can use multiple lists per alias. To achieve what I described I now do the following - please note I am describing this from memory and I have just started using pfblockerNG instead so please don't…. assume I am correct (!) In pfBlocker: Create a new item "Alias_Always_Block" Add the IP blocklists as required to this - I had missed the fact I could simply click "+" to add multiple lists. Set as an Alias rather than a permit/deny. –My "Always Block" contains only a Pe**phile list. Create a new item "Alias_Mostly_Block" Add the IP blocklists as required to this. Set as an Alias rather than a permit/deny. --My "Mostly Block" contains for example malware and ad lists. In the pfSense Aliases (Firewall > Aliases> URLs) create an Alias "URLs_pfBlocker_Override" and add the URLs you wish to whitelist. Now create your firewall rules using aliases in this order, relative to your other rules (I use floating rules). Block "Alias_Always_Block" Allow "URLs_pfBlocker_Override" Block "Alias_Mostly_Block" Whenever something breaks, add "www.example.com" to the "URLs_pfBlocker_Override" Alias - remember to refresh your rules and wait. You should now find you never see traffic to Pe**philes, and you may find certain websites get blocked because they are hosted by providers whose entire range has been added to a malware or ad list for some bad apples spoiling the bunch. Manually add them to your override URLs to allow for this. The above is overly simplified as my actual rules block everything, the URLs override rule only allows HTTP/HTTPS ports, and other allow rules I haven't described get the rest of my legitimate traffic working. I highly recommend reading this thread, I am only half way through it myself but it will explain in detail what I have glossed over here - https://forum.pfsense.org/index.php?topic=78062.0
  • jdillardJ

    New Package Child Boards

    1
    0 Votes
    1 Posts
    8k Views
    No one has replied
  • P

    Asterisk as standalone package on pfsense

    2
    0 Votes
    2 Posts
    799 Views
    K
    http://www.asterisk.org/downloads/asterisknow
  • B

    Sarg Reports Generation

    7
    0 Votes
    7 Posts
    1k Views
    B
    @marcelloc: Check the sample you copied. That is between two Yes thank you..attention to detail such an easy thing to miss. Thanks its working now.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.