1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    JonathanLeeJ
    Squid can be configured externally, I would love a how to guide on how to do this correctly.

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    DARAD
    Hello team, I have a Netgate 8200 running 24.11-RELEASE (amd64) with Suricata 7.0.8_5 package installed. Suricata doesn't seem to start. It loops to red once I press the Play button on the interface. It leaves no logs in the System logs, it leaves no logs in suricata.log at /var/log/suricata/suricata_ovpns933787/suricata.log I tried launching it manually: # /usr/local/bin/suricata -V or # /usr/local/bin/suricata -c /usr/local/etc/suricata/suricata_33787_ovpns9/suricata.yaml -i suricata_ovpns933787 and I get this output ld-elf.so.1: /usr/local/bin/suricata: Undefined symbol "__strlcpy_chk@FBSD_1.8" Thanks in advance, Dara

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    573 Topics
    3k Posts
    dennypageD
    @kabeda If memory serves, that old version of ntopng did not run as user ntopng, but as user nobody. There are lots of problems in that old version. Anyway, check the ownership and permissions of /var/db/ntopng and make sure it matches the user that ntopng runs as. You may need to set ownership of the entire hierarchy. Example: /usr/sbin/chown -R nobody:nobody /var/db/ntopng However, the better choice would be to upgrade to a more recent version.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    BBcan177B
    @Draco try to goto the General Tab, first ensure that the Keep Settings option is checked. Then unchecked Enable pfBlockerNG so that its disabled. Hit save. Force Update. Then reenable pfBlockerNG and Force update.

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    102 Topics
    3k Posts
    C
    @dennypage Nicely done sir!

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    503 Topics
    3k Posts
    A
    @GPz1100 I ran into this same exact issue. I don't have the Prefer IPv4 over IPv6 box checked, but I do have IPv6 enabled. I think the real issue is that Let's Encrypt's server seems to respond with "Recv failure: Connection reset by peer" on almost every request when using IPv6. I tested this by using the command curl -v https://acme-v02.api.letsencrypt.org/directory from pfsense's shell. To work around it, I modified the ACME script as you described. In the file /usr/local/pkg/acme/acme.sh, I updated line 1887 from: _ACME_CURL="curl --silent --dump-header $HTTP_HEADER " to: _ACME_CURL="curl -4 --silent --dump-header $HTTP_HEADER " After forcing curl to use IPv4, both certificate registration and renewal from the acme package started working again without issue.

  • Discussions about the FRR Dynamic Routing package on pfSense

    296 Topics
    1k Posts
    C
    This one has been tricky still not sure what to try. Any ideas?

  • Discussions about the Tailscale package

    93 Topics
    656 Posts
    C
    @elvisimprsntr Updated 25.07.1 to 1.90.6_1, copied and pasted from @elvisimprsntr's post: pkg add -f https://pkg.freebsd.org/FreeBSD:15:amd64/latest/All/tailscale-1.90.6_1.pkg (Why it worked this time and not on previous updates: Over the last couple of days, I ran into the "Shared object "libutil.so.10, not found..." error that triggered the version 25.07.1 update issues some of us have been having. After I fixed that error, I decided to go back to the usual update method, and it worked.)

  • Discussions about WireGuard

    716 Topics
    4k Posts
    chpalmerC
    @tinfoilmatt Thanks! I have done that and it worked when forcing just her TV out the Centurylink.. My problem is my local box here. Im missing something because I can not get it to pass traffic from the WAN to the Wireguard tunnel. Ive got some time today so will chip away on my lab setup to see if I can finally accomplish it here first.
Log in to post
Load new posts
  • K

    Squid3 reverse proxy multi-SSL sites

    Locked
    3
    0 Votes
    3 Posts
    10k Views
    marcellocM
    take a look on this post: http://forum.pfsense.org/index.php/topic,53701.msg287417.html#msg287417
  • M

    Reverse proxying (Squid) 80 request to 443 internal web server?

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    M
    anyone out there?
  • T

    Mod_security unbelivably slow

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    T
    DNS forwarder is not in use (is disabled). pfSense is configured to use two back-end DNS servers, has always worked fine. The primary is listed first, the secondary second. The back-end web server CNAME was recently added to the Primary DNS since traffic needed to be routed via host header, not with a path. The slave immediately updated its zone. There was a power failure overnight Sunday morning, and when UPS ran out all servers were shut down until power was restored. Testing from a remote location right now, its serving up the robots.txt file as fast as 102ms. Probably restarting something resolved the issue, though since the whole farm was restarted its impossible to know what specifically did it. Hopefully it stays resolved!
  • D

    Bypass Squid Proxy.

    Locked
    2
    0 Votes
    2 Posts
    3k Views
    marcellocM
    Just remove the "*" and insert .phobos.apple.com on squid whitelist. Do you use transparent proxy?
  • M

    Snort Issue false PSNG_UDP_FILTERED_PORTSCAN

    Locked
    7
    0 Votes
    7 Posts
    4k Views
    I
    FaceTime also generates this alert.
  • perikoP

    Transparent proxy changes?

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    marcellocM
    Squid do not implement https transparent proxy but dansguardian does on 2.12. The bad news is that client browsers reject dansguardian "fake" cert on current compilation/package.
  • L

    Haproxy_full sticky connections

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    N
    Hello Cookies is not enabled by default in HAproxy. you can add " cookie XXXX insert indirect nocache " in Advanced pass thru Box in FrontEnds , Then configure your server with cookies in server Tab. It work`s great. check HAproxy Document for more info http://cbonte.github.com/haproxy-dconv/configuration-1.4.html
  • C

    HELP: HAProxy

    Locked
    24
    0 Votes
    24 Posts
    15k Views
    N
    I was bewildered with " Advanced pass thru "`s  name actually . Thanks again marcelloc for your help
  • G

    Squid not showing up on gui after install

    Locked
    3
    0 Votes
    3 Posts
    1k Views
    G
    OMG. Not cool. Sorry everyone. I was expecting to see "squid" in the services menu .. it's proxy server. wow, just wow, i know better.
  • T

    Mod_security: rules and forwards?

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    T
    Well, didn't really answer the critical part of the question, but I seemed to have figured it out. The rule should allow all source IP, all sorce port to the public IP the proxy is listening on as the destination IP with a destination port of 80.
  • U

    Skype - impossible to block…

    Locked
    3
    0 Votes
    3 Posts
    4k Views
    F
    I have a problem with Skype blocking. I don't and I am using pfSense 2.0.1 and Snort 2.9.2.3 pkg v. 2.5.1. Either you enable the rules in pua-p2p, or use the default ET set of rules.
  • K

    Send Squid request to a designed gateway/nic

    Locked
    3
    0 Votes
    3 Posts
    1k Views
    K
    If you dont use FailOver or LoadBalance, you can just add tcp_outgoing_address WAN2_IP on squid custom options.
  • P

    Question about pfsense and Ntop

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    P
    I'm talking about ntop >summary > traffic. At "Global TCP/UDP Protocol Distribution" is where i want to list what uses most bandwidth first. Now FTP is listed first, but ftp haven't used more then 202.5KBytes, Facebook on the other hand, has used 771.4 MBytes. We do not want to start with proxy yet, because then we will have to configure about 250 machines to go through the proxy. And that we do only have time for when it's summer vacation for the students.
  • T

    Snort 2.9.2.3 pkg v. 2.5.1 blocks certain white listed IPs

    Locked
    13
    0 Votes
    13 Posts
    4k Views
    T
    Sorry for the delay. We have the same issue and it is causing us major problems. We have an internal server that scans web sites known as a security risk so we generate alot of Snort alerts. However, our internal LAN servers are getting blocked by Snort on the virtual IP (IP the server has on the Internet). We have put the virtual IP range in the white list and we have set the "Add Virtual IP Addresses to the list" option on. Yet still our virtual IPs get blocked by snort (they appear in the Snort blocked list). What can be done to fix this? Any help would be much appreciated!!
  • D

    How to customise main.cf file of Postfix Forwarder in complicacy

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    marcellocM
    @DQM: Can you show me how to do it in details, Marcello? I am a Networker not Programer  >:( If you do not understand php, then it could not be done. It will be easy to break the script and mess up your pfsense.
  • F

    LCDproc-dev

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    F
    Hello. Well, the SDECLCD is doing s.th. But does only display lcdproc…
  • D

    Arpwatch issues

    Locked
    6
    0 Votes
    6 Posts
    6k Views
    D
    Nice, thank you phil.davis for pushing it to github, I have a github acc but didnt know about that repository. now its just a few more bugs left  ::) the mail part is very important, I had this package running on a lan-party last week and forgot about it. when I checked the report I saw my server's mac-address on 3 ip-adresses, it was because i used linux-vserver but if it had been an arp poisoning I would not have notices untill I got ssl-warnings and slow network :P
  • F

    Not Sure If Snort is Updating Rules?

    Locked
    7
    0 Votes
    7 Posts
    3k Views
    bmeeksB
    True that the "free" or "registered user" rules are updated much less frequently than the "paid" or "subcriber" rules are.  The subscription rules are generally updated daily except across weekends. I can definitely report the behavior with the cron job rules update is consistent if you logout of the GUI and wait for the job to run.  Apparently the various values from the config.xml file are normally stored in an array variable called "$config" within the GUI.  The cron job now uses the same PHP page to perform its rule updates as the GUI manual method does, and the values are supposed to be available within that "$config" array variable (it's a global array, apparently).  Looks to me that once you log out of the GUI and any cached info expires, the cron job is then left with no values in the "$config" array.  One of those missing values is the Oinkmaster Code to use for the rule download.  With that parameter missing, the rules download does not happen. It seems that if you change the time the cron job is to run, and you hold an active web session open during the scheduled cron run, then everything works fine.  My guess is this happens because the "$config" array is still populated with an active GUI session. This will probably need Ermal to take a look and see if it can be fixed.
  • B

    Snort 2.9.2.3 pkg v. 2.5.1 on pfSense 2.1 snapshots

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    B
    The more I look at this, I think it is the program check_reload_status that is causing Snort to spawn multiple, duplicate instances.  I'm going to kill the service for now and see if Snort stops misbehaving.  If so, I'll turn on auto-update again and see if Snort still behaves. I'll post results. UPDATE Just realized there are six instances of check_reload status running.  Think I just found the problem.  Now, does anyone know what is responsible for spawning this program?  I don't see it in crontab or in rc.d… at least, not directly. Also, when I try to kill any of these instances of check_reload_status, I get an "Operation not permitted" message.  Yea.
  • D

    Mod_security

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.