1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    D
    Retested on 24.11-RELEASE (amd64) all seems to work. So it seems right to file a bug for this issue.

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    cyb3rtr0nianC
    @rlrobs Yes it’s still working fine here.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    571 Topics
    3k Posts
    K
    @pulsartiger The database name is vnstat.db and its location is under /var/db/vnstat. With "Backup Files/Dir" we are able to do backup or also with a cron.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    M
    I resolved this by accepting the T+Cs via https://www.maxmind.com/en/accounts/1205389/geolite2/eula

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    101 Topics
    2k Posts
    dennypageD
    @jhg said in NUT fails to start after 2.7.2 -> 2.8.0 upgrade: Interesting. I would have thought the initial reboot, which occurred as part of the upgrade, would have done the trick, but it took a second reboot, just now, to get things working. Glad you have it sorted. There was no difference in the output of usbconfig show_ifdrv at any point -- before or after unplugging/replugging the USB cable, nor after rebooting. ... Question: What would tell me whether or not a driver was loaded? If there were an attached driver, it should have shown up with the show_ifdrv command. If you use the command and look at the other usb devices, I think they will show attached drivers. I don't expect to see a driver attached to the ups, because there is a quirk that tells the OS to ignore that device (and not attach a driver). Look for idVendor and idProduct in the above output. The Vendor ID for your device is 0764, which corresponds to Cyber Power Systems, and the Product ID for your device is 0601, which is registered as "PR1500LCDRT2U UPS" (don't sweat an exact match for the name). You can see the quirk with the following command: [25.07-RC][root@fw]/root: usbconfig dump_device_quirks | grep 0764 VID=0x0764 PID=0x0005 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE VID=0x0764 PID=0x0501 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE VID=0x0764 PID=0x0601 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE [25.07-RC][root@fw]/root: Your device is third on the list. The HID_IGNORE quirk says to ignore the device and not attach a driver. @jhg said in NUT fails to start after 2.7.2 -> 2.8.0 upgrade: You might consider adding this resolution to the release notes for 2.8. LOL... sorry, I don't have input to the release notes (I don't work here). While I wrote and maintain various packages, including NUT, I'm still just a volunteer. Most packages are actually written by volunteers.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    493 Topics
    3k Posts
    GertjanG
    @EChondo What's your pfSense version ? The instructions are shown here : [image: 1753262126227-1acdc586-cb29-4148-9e36-81ade4e5e60c-image.png] A restart of a service will start by re creating their config files. If a certificate changed, it will get included. When the process starts, it will use the new certificate. @EChondo said in Issue with ACME Certificates Refresh & Restarting HAProxy: I haven't been able to confirm if the above works(mine just renewed, don't feel like doing it again just to test), so we'll see in 60 days I guess. No need to wait x days. You can re test / renew right away, as you are 'allowed' to renew a couple (5 max ?) of times per week.

  • Discussions about the FRR Dynamic Routing package on pfSense

    294 Topics
    1k Posts
    J
    @div444 i'm finding the same - did you find a solution or did reverting fix it? Hoping there is a patch fix or something to get it working! Rather not rollback if i can avoid it

  • Discussions about the Tailscale package

    90 Topics
    578 Posts
    T
    Re: How to update to the latest Tailscale version? I am on latest released Netgate 6100 pfSense PLUS v24 ( pfSense_plus-v24_11_amd64-pfSense_plus_v24_11 ) pkg config abi FreeBSD:15:amd64 pkg -vv | grep -A 3 "pfSense:" pfSense: { url : "pkg+https://pfsense-plus-pkg.netgate.com/pfSense_plus-v24_11_amd64-pfSense_plus_v24_11", enabled : yes, priority : 0, cat /usr/local/etc/pkg.conf ABI=FreeBSD:15:amd64 ALTABI=freebsd:15:x86:64 PKG_ENV { SSL_CA_CERT_FILE=/etc/ssl/netgate-ca.pem SSL_CLIENT_CERT_FILE=/usr/local/etc/pfSense/pkg/repos/pfSense-repo-0001-cert.pem SSL_CLIENT_KEY_FILE=/usr/local/etc/pfSense/pkg/repos/pfSense-repo-0001-key.pem } This firewall is obviously running on FreeBSD 15 no longer on 14. But can I use the freshports link for FreeBSD 14 amd64 quarterly which is at tailscale 1.86.2 or can I only go up to version tailscale 1.84.2_1, and need to wait until they have a version of tailscale 1.86.2 or higher for the FreeBSD 15? Would it be good enough to tell it to ignore the OSVERSION? export IGNORE_OSVERSION=yes Note: use of 14 and not 15 ? pkg add https://pkg.freebsd.org/FreeBSD:14:amd64/quarterly/All/tailscale-1.86.2.pkg service tailscaled restart tailscale up

  • Discussions about WireGuard

    690 Topics
    4k Posts
    J
    I've read through some other posts about this, but they either didn't say whether the proposed solution worked or they were very convoluted and difficult to understand. Here is our scenario: We have 6 locations--Las Cruces (LC), Sunland Park (SP), El Paso (EP), Abilene (ABI), Fort Worth (FW), and Plano (PL). LC and ABI have software that is accessed by the other 4 locations via VPN. There are WireGuard VPNs set up between LC and those 4 locations (SP, EP, FW, PL), and ABI and those 4 locations (SP, EP, FW, PL). There is also a WireGuard VPN connection between LC and ABI. LC and ABI have 2 internet connections. SP, EP, FW, and PL each have one internet connection. If the primary internet connection goes down at either LC or ABI and failover occurs to the secondary internet connection, is there a way to set up the WireGuard VPN connections so that they also failover without purchasing some 3rd party application? Thanks.
Log in to post
Load new posts
  • K

    E2Guardian Memory usage getting 98% in Pfsense

    9
    0 Votes
    9 Posts
    1k Views
    KOMK
    I can't help you as I've never installed or used that package. Look around in the options. It's to do with SSL interception, but if you turn that off then you can't do HTTPS content inspection I'm guessing.
  • O

    FreeRadius 3: Fall-through vlan assignment.

    4
    0 Votes
    4 Posts
    1k Views
    O
    @awebster Thank you guys so much for your help. I have the mac address authentication working, I think I missed the native-vlan option on the client device. Thanks for pointing me in the right direction.
  • J

    Avahi + Vlans + Cast devices

    4
    0 Votes
    4 Posts
    5k Views
    W
    I'm brand new here so this may not be of much use... I'm doing something similar to you, but with different software, except for the ubiquiti equipment and controller. In my setup, I had checked the checkbox in the unifi controller, wireless networks, advanced options; "Block Wireless LAN to WLAN Broadcast and Multicast Data" in the hopes that the avahi package on the pfsense router would handle all mDNS traffic. However I was not able to get anything on my wireless networks to resolve under mDNS until I cleared that checkbox and reprovisioned the unifi AP. I have a vm host set up on the NoT, which I installed the "avahi-tools" package and ran avahi-resolve -n somehost.local. That started working after I cleared the checkbox. I ran pftop and set up filter for port 5353 while I ran the avahi-resolve command and started seeing the requests come through. I have the dns forwarder set up to a local adguard host. When the pfsense box forwards the request, the ip shows that of the pfsense vlan adapter. When the devices make the request themselves, the ip origin in pftop is the device that makes the request. Our setups aren't exactly the same, but if you'd like me to try something out on my network, let me know. welbo97 R710 x5650 72GB pfsense 2.4.4-p3 router in proxmox 6 vm OVS and Ubiquiti for tagging VLAN's (no hardware switch) isolated NoT, IoT, guest and general networks
  • V

    Zabbix Agent config

    3
    0 Votes
    3 Posts
    1k Views
    V
    Yes I tried that, it seems to only accept 'UserParameter=' entries however and crashed the service when I added the Include line.
  • D

    Bind Package - Any config overview ?

    2
    0 Votes
    2 Posts
    354 Views
    D
    Have figured things out, from trying. So, I am answering my own questions :-) I don't see any zone files created ... is this to be expected? Zone files are not created, until a view has been created and attached to the zone configuration screen Is it essential that at least a view must be created ? Yes, a view is required ... just create a default one. Without a view associated with the zone definition, the zone files will not be generated. What is the best practice for defining zone files, so the settings stick, even when the package is updated or changes in the UI are saved ? Steps: Create a view ... this is essential create a zone ... using the DNS record fields to add entries you want. If you have a lot of hosts to add, there is a text field that can be used to paste in entries in bulk. The zone files are generated in the filesystem under/cf/named/etc/named/master/<name-of-view>/<name-of-zone>.DB Any changes to the underlying zone files content from a CLI session will be lost the next time the zone files are updated. So, longer time, one needs to get comfortable with using the entry fields in the zone configuration page for adding all zone records.
  • V

    HA Proxy Client Cert Setup

    2
    0 Votes
    2 Posts
    332 Views
    dragoangelD
    @vito hi, There already a gui block special for user certs, did you tried enable it for one of your frontends? If this not enough you can configure custom settings for frontend for user certificate validation usind native haproxy syntax. Good to have in bookmarks: https://cbonte.github.io/haproxy-dconv/ and read what you need. Please use devel package due another one is too old. I even say that devel package is old, waiting for 2.5.x stable with haproxy 2.0
  • K

    E2guardian website not opening if its contains symbol " -"

    Moved
    3
    0 Votes
    3 Posts
    354 Views
    kiokomanK
    E2guardian is an unofficial package, most of us don't even know what is it you should ask @marcelloc , last seen 4 days ago
  • F

    Telegraf 1.10.2 package?

    1
    0 Votes
    1 Posts
    294 Views
    No one has replied
  • A

    LCDModkit use with LCDProc package

    4
    0 Votes
    4 Posts
    527 Views
    stephenw10S
    @admins said in LCDModkit use with LCDProc package: lcdmodkit Which specific display do you actually have? Is it compatible with LCDproc? Steve
  • H

    Issue running service ntopng

    4
    0 Votes
    4 Posts
    1k Views
    S
    Issue resolved for me : I remove 127.0.0.1 from General Setup / DNS Servers. redis and ntop are working
  • IsaacFLI

    Avahi with IPv6 bug

    26
    0 Votes
    26 Posts
    4k Views
    A
    @costanzo That's about what I made mine but also added source fe80:: as /10 with port 5353 [image: 1566264800223-screenshot-2019-08-19-at-8.30.49-pm.png]
  • M

    Device's unable connect to chromecast over VLAN

    11
    0 Votes
    11 Posts
    3k Views
    J
    What was the outcome of this, I'm hitting the same issue! Any help appreciated.
  • C

    How to create a simple package for copying custom theme files?

    4
    0 Votes
    4 Posts
    505 Views
    KOMK
    I don't have anything else to add since you're way past what I know about FreeBSD packages & ports. Maybe the pfSense Development forum might have some folks who know more.
  • R

    Zabbix Proxy Advanced Parameters

    7
    0 Votes
    7 Posts
    1k Views
    R
    Hmm. Odd. I can ping it from my machine, but not the firewall. Lm see wassup.
  • O

    LCDproc driver for LCD made by GI FAR TECHNOLOGY CO.,LTD

    13
    0 Votes
    13 Posts
    2k Views
    F
    There are details here on the content of the LCDd.conf file. You can do some manual edits and see how it goes: CwLnx-howto Double check the KeyMap(s) and try to line them up with the script above. You might have to run the script alone to double check the mapping. It looks like this iBase device did not implement the same keypad mapping as the Cwlinux device. Also check the [server] and [menu] sections. The keypad should let you navigate the built-in menu system and manually change the backlight and a few other options. Best of luck, keep us posted.
  • cyber7C

    SquidGUARD - Need to block HTTPS mp3 downloads…

    2
    0 Votes
    2 Posts
    979 Views
    A
    If SSL inspection is not a feasible option for your organization, you can block traffic to sites that use HTTPS connections through: Using a Global HTTPS Block: You can globally block access to HTTPS sites in predefined or custom URL categories for all the configured locations.
  • M

    Offline Package Management

    5
    0 Votes
    5 Posts
    2k Views
    M
    To help anyone else doing this, I suggest downloading the entire contents of https://files00.netgate.com/pfSense_v2_4_4_amd64-pfSense_v2_4_4/All/ as it's only 400~Mb and copying it onto your pfsense appliance. When you run pkg add blah.txz it'll automatically install the dependancies required from the same directory. I've noticed that the packages installed aren't showing up in the GUI or apparently running (open-vm-tools) but I've made a seperate topic: https://forum.netgate.com/topic/145351/cli-installed-pfsense-packages-not-showing-up-in-gui
  • J

    telegraf GROK pattern matching issues

    1
    0 Votes
    1 Posts
    893 Views
    No one has replied
  • M

    NUT (or APCUPSD): Connect QNAP NAS as slave

    5
    0 Votes
    5 Posts
    11k Views
    C
    @mike69 said in NUT (or APCUPSD): Connect QNAP NAS as slave: Uuuh, you exhume an old thread. :) @Cino said in NUT (or APCUPSD): Connect QNAP NAS as slave: Now to find the setting/config file on the QNAP NAS so I can change the UPS name to something other than "qnapups" After an Update, QNAP overwrite the custom configs. It`s better to use the default values of QNAP. I try not to reply to old/stale threads but being this one was a how-to. It made sense too. You are right about the settings would get overwritten after an update. My OCD doesn't like the name tho.. lol. Maybe someday QNAP will allow that setting to be user-configurable.
  • dennypageD

    LLDP daemon package

    21
    0 Votes
    21 Posts
    6k Views
    C
    Yes I mean of pfsense. That’s why I have installed the packages lldpd on pfsense. And if I connect a fluke network analyzer at the ports of pfsense, I don't get VLAN information anywhere.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.