Subcategories

• Cache/Proxy

  Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.
  4k Topics

  21k Posts

  N

  Can I use pgblockerng aliases in Haproxy?

  80758505-9bad-4dad-a80b-c159be1045a2-image.png

  If it was a firewall rule, typing pfb would produce a dropdown to select.

  Here it has to be written, but will it work? Is it supported?

• IDS/IPS

  Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.
  2k Topics

  16k Posts

  B

  I saw where the Netgate kernel developer updated the Suricata package in the pfSense 25.07 development branch to work with the new kernel PPPoE driver. But so far as I know that updated package has not been migrated to 2.8 CE.

  Here is the commit into the DEVEL branch: https://github.com/pfsense/FreeBSD-ports/commit/68a06b3a33c690042b61fb4ccfe96f3138e83b72.

• Traffic Monitoring

  Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.
  571 Topics

  3k Posts

  K

  @pulsartiger
  The database name is vnstat.db and its location is under /var/db/vnstat.
  With "Backup Files/Dir" we are able to do backup or also with a cron.

• pfBlockerNG

  Discussions about the pfBlockerNG package
  3k Topics

  20k Posts

  G

  @AlexK-0 said in Can't receive GeoIP databases updates anymore, banned:

  Days ago, I received from MaxMind an email, notifying me that my country has been banned to receive GeoLite City database updates.

  You've found a reason to use a VPN.

• UPS Tools

  Discussions about Network UPS Tools and APCUPSD packages for pfSense
  99 Topics

  2k Posts

  K

  @elvisimprsntr thanks for your suggestion. I will give it a try.

• ACME

  Discussions about the ACME / Let’s Encrypt package for pfSense
  493 Topics

  3k Posts

  E

  @fxandrei Found this thread via Google. And I figured out what OP did, so here's the explanation:

  In the pfSense webpage do:

  Click on "Services" Select "Acme Certificates" Edit any of your certificate entries by clicking on the pencil icon. Scroll to the bottom of the certificate edit page and find the "Actions list" section. Click on "Add" to add a new action and fill out the information as needed. For HAProxy restarting do: Mode: Enabled Command: /usr/local/etc/rc.d/haproxy.sh restart Method: Shell Command And finally "Save" at the bottom of the cert edit page.

  As far as I can tell, the above action seems to propagate to all certificates that I have, not just a single one. I am not sure if this is just a visual bug, but just something to be aware of.

  I haven't been able to confirm if the above works(mine just renewed, don't feel like doing it again just to test), so we'll see in 60 days I guess.

  Hopefully this helps you and anyone else that finds this thread via searching.

• FRR

  Discussions about the FRR Dynamic Routing package on pfSense
  294 Topics

  1k Posts

  R

  I had a similar issue with Routed VTI over IPsec recently. FRR lost its neighbors after rebooting or when a tunnel went down. It never re-discovered it automatically. Only restarting FRR (either in GUI or via CLI) brought the neighbors back.

  When I manually added those under the OSPF neighbors tab in the GUI it seems to solve the problem as well.

• Tailscale

  Discussions about the Tailscale package
  89 Topics

  574 Posts

  A

  Hello,
  I am unable to get the Tailscale package to work. The page at VPN > Tailscale > Authentication is stuck. It displays the error "Tailscale is not online," but also shows a "Logout and Clean" button, with no option to log in.
  link text

  This state persists even after performing the following troubleshooting steps:

  Rebooting the pfSense router.

  Completely uninstalling and reinstalling the Tailscale package multiple times.

  Clearing browser cache and using a private browser window.

  Toggling the main "Enable Tailscale" checkbox in the settings.

  Checking the logs, which show the service gets a "terminate" signal and shuts down cleanly; it does not crash.

  Manually trying to delete the state file with rm /var/db/tailscale/tailscaled.state, which failed because the file does not exist.

  It appears that the package's configuration is corrupted in a way that persists even after reinstallation. Can anyone advise on how to perform a complete manual cleanup of all Tailscale files and settings?

• WireGuard

  Discussions about WireGuard
  689 Topics

  4k Posts

  P

  @patient0 Thanks for further suggestions. The tunnel is definitely up and so I don't think this is a CGNAT issue after all. WAN firewall rule is in place for UDP on port 51823 (otherwise the tunnel wouldn't work, right?). I can ping from client 1 -> client 2 and visa versa and also ping all points in between like you suggest. I just can't open an HTTPS connection from pfSenseB from Client 1 using a browser. But I can do this the other way round i.e. from Client 2 to pfSenseA

  I will try and do some packet capture to see if that reveals anything.