1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    tinfoilmattT
    @johnpoz said in Please help to configure HAProxy to serve certifficate on internal LAN too: Yeah - what part do you not understand if you always resolve nextcloud.domain.tld so that it hits your haproxy on your pfsense wan IP are you not getting? You have 2 options - use a different domain internally and always go to nextcloud.publicdomain.tld, or use the same domain internally as external and run into the problem of what IP it resolves to.. Change your local domain to say home.arpa or .internal or atleast something different than the public domain your using to point to pfsense wan IP on the public internet. You are shooting yourself in the foot trying to use the same domain externally as internally. There are ways around it, but they complicate the setup. For example you might be able to use views in unbound as one way to work around the problem. You could use only host entries for all your resources. But then again you run into a problem of using the fqdn for this service, now always pointing to your wan IP.. And that is great when you want to access the service haproxy is doing - but if you want to access that resource on some other service that haproxy doesn't handle - like say simple file sharing.. You are going to have problems. Since you clearly do not understand how any of this works - the simple solution is change the local domain you are using so it is not the same as the public domain you want to use to get to your nextcloud. This tone is outrageous directed at somebody who acknowledged right off the rip that English is not their first language. How many languages do you speak, John? And safely assuming it's only one—English of course—take it from a fellow English native that you'd do well to say more with less words. You otherwise were directing OP in the right direction in my opinion.

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    tinfoilmattT
    Here. I think. Referenced as "github.com: vendor-provided URL vendor-advisory" in your link.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    573 Topics
    3k Posts
    dennypageD
    @kabeda If memory serves, that old version of ntopng did not run as user ntopng, but as user nobody. There are lots of problems in that old version. Anyway, check the ownership and permissions of /var/db/ntopng and make sure it matches the user that ntopng runs as. You may need to set ownership of the entire hierarchy. Example: /usr/sbin/chown -R nobody:nobody /var/db/ntopng However, the better choice would be to upgrade to a more recent version.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    tinfoilmattT
    @netboy said in is something wrong with pfBlockerNG?: After my post, I "changed" DNSBL -> DNSBL mode from "unbound python mode" to "unbound mode" and so far i have no issues. Terrible idea. Moving backwards in development history there.

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    102 Topics
    3k Posts
    dennypageD
    @fjmp24 said in Notification: UPS ups battery is low: If I remove ignorelb directive, my UPS shuts down after 16 seconds This means your UPS is signaling a low battery. Either your battery is bad, or your UPS is bad. Most likely battery, but you never know. I suggest reaching out to Eaton support.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    503 Topics
    3k Posts
    M
    I am using the DNS-Update method I have to use a DNS-Sleep of 5 minutes to let the letsencrypt txt dns record update propagate. During this 5 minutes the acme-webgui times out. when the acme-webgui times out the Action list is NOT executed. How can I solve this ? Would it maybe be an idea to let the acme.sh script execute the actions in the action list as a post-hook instead of the web-gui? Or maybe add an option to add post-hooks in the webUI ?

  • Discussions about the FRR Dynamic Routing package on pfSense

    296 Topics
    1k Posts
    C
    This one has been tricky still not sure what to try. Any ideas?

  • Discussions about the Tailscale package

    93 Topics
    647 Posts
    M
    @CarlMRoss I've followed your very helpful instructions and got mine updated to 1.90.6. However, I did notice that tailscale does not start on reboot. Is this still happening for you as well? I can get it restarted with the commands you provided but having to do that manually is a concern.

  • Discussions about WireGuard

    715 Topics
    4k Posts
    A
    Hi everyone, This is a noob question but already tried multiple and I hope some one can help with this. I have a Wireguard Tunnel configured and handshake is successfully performed and I can ping the server from the laptop but can't do it otherwise. Already deactivate the NAT feature and all the rules and no luck. Pfsense and this server is located in a Proxmox Server, laptop is a local. Any ideas? Thank you.
Log in to post
Load new posts
  • jimpJ

    System Patches Package v2.2.23

    Pinned
    1
    7 Votes
    1 Posts
    3k Views
    No one has replied
  • 1

    DNS Broken for pkg.pfsense.org

    Pinned Locked
    3
    0 Votes
    3 Posts
    18k Views
    jimpJ
    https://forum.netgate.com/topic/115789/pkg-pfsense-org-appears-to-be-dead/2
  • R

    Packages wishlist?

    Pinned
    661
    0 Votes
    661 Posts
    2m Views
    O
    PRTG
  • kmpK

    Problem with Net-SNMP - not starting

    5
    0 Votes
    5 Posts
    3k Views
    M
    @barnettd Thanks for the fix! I was running into the exact same issue. Like @kmp, the pkg utility also had to be downgraded: pkg: 2.2.2_2 → 1.21.3_5 [pfSense] The following packages were reinstalled: pfSense-repo-25.07.1 [pfSense] pfSense-upgrade-1.3.11 [pfSense] snmpd starts up and everything appears to be working after a reboot.
  • R

    pfSense 2.8 Installation Fails, and 2.7.2 Cannot Fetch pkg Packages – Repository Unreachable”

    6
    0 Votes
    6 Posts
    225 Views
    GertjanG
    @rootCRO said in pfSense 2.8 Installation Fails, and 2.7.2 Cannot Fetch pkg Packages – Repository Unreachable”: services.netgate.com Where did you get that "services.netgate.com" host name from ? Here is the forum that handles the 'install' questions : Home > pfSense Software > Problems Installing or Upgrading pfSense Software. @rootCRO said in pfSense 2.8 Installation Fails, and 2.7.2 Cannot Fetch pkg Packages – Repository Unreachable”: I’d really like to know exactly where pfSense pulls its packages from FreeBSD: { enabled: no } pfSense-core: { url: "pkg+https://pfsense-plus-pkg.netgate.com/pfSense_plus-v25_07_1_amd64-core", mirror_type: "srv", signature_type: "fingerprints", fingerprints: "/usr/local/share/pfSense/keys/pkg", enabled: yes } pfSense: { url: "pkg+https://pfsense-plus-pkg.netgate.com/pfSense_plus-v25_07_1_amd64-pfSense_plus_v25_07_1", mirror_type: "srv", signature_type: "fingerprints", fingerprints: "/usr/local/share/pfSense/keys/pkg", enabled: yes } I'm using pfSense plus. Be ware : you can't point a web browser to URL like https://pfsense-plus-pkg.netgate.com/pfSense_plus-v25_07_1_amd64-pfSense_plus_v25_07_1, as it is not a web server.
  • M

    mdns-bridge one-way reflection

    26
    0 Votes
    26 Posts
    1k Views
    M
    @keyser said in mdns-bridge one-way reflection: @marcg Yes, those ports are needed - in what we consider the wrong direction - when you are Airplaying Video/screen mirroring. For sound only Airplay they are not needed/used. @keyser @dennypage , thanks for the info and confirmation. Somewhat reminiscent of the well-known firewall issues with active FTP ... with the difference that Airplay was introduced 20+ years later.
  • E

    zabbix 7.4 package

    1
    0 Votes
    1 Posts
    69 Views
    No one has replied
  • kesawiK

    UDP Broadcast Relay and subnet-directed broadcasts

    2
    1
    0 Votes
    2 Posts
    223 Views
    keyserK
    While I'm not 100% sure it cannot be brought to relay subnet-directed broadcast, it would make little network sense if it did. Remember that any IP stack on the other side that follows IP guidelinies would still drop the packet even if the NIC picked up the L2 broadcast frame from the wire. The idea of the package is forwarding Class D (multicast) and proper global broadcast frames.
  • S

    snort 4.1.6_27 crashing with php error

    4
    0 Votes
    4 Posts
    210 Views
    S
    yeah, it's fixed with _28
  • R

    Need urgent support with HAProxy setup will pay

    1
    0 Votes
    1 Posts
    137 Views
    No one has replied
  • keyserK

    Advantages of mDNS-Bridge vs UDPBroadcastRelay

    7
    0 Votes
    7 Posts
    377 Views
    keyserK
    @dennypage And thank you SO much to @dennypage for maintaining the package - and so selflessly spending time supporting it and us users. Especially when we ask stupid questions or are so selfcentered we find ourselves important enough to outright complain over volunteer work like this. All package maintainers should really have a HERO badge here on this forum.
  • E

    HAProxy - Files

    3
    4
    0 Votes
    3 Posts
    396 Views
    patient0P
    @AnthonySalamone preface: I don't use HA Proxy but did use the power of searching the internet. If you want to use pfSense with Authelia, which seems to use these exact three files, someone written a blog post about how to do it: https://kovasky.me/blogs/pfsense_haproxy_authelia/
  • P

    LLDP Package disappeared

    3
    0 Votes
    3 Posts
    201 Views
    P
    @keyser Thanks for the info, I just rebooted and the LLDP packaged reppeared and reinstalled. Its now running. Thanks again.
  • A

    Prometheus Node Exporter gives log errors - fix or suppress in log

    7
    0 Votes
    7 Posts
    6k Views
    A
    @nws thanks for the consistent fix - I completely overlooked that for a while. And @credulous yes, it's still a mystery why the collectors seemingly trigger and gives errors, and also why they don't appear at the collector list. It seems the Prometheus Node Exporter package on FreeBSD has very low priority perhaps? Else you would imagine something like this could be fixed.
  • CreationGuyC

    HAProxy / ACME + external webhost?

    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • C

    FreeRadius or something else, for MFA without a PIN code?

    9
    0 Votes
    9 Posts
    3k Views
    N
    @Codefighter Thanks @Codefighter, you’ve nailed it. I totally agree that for home use, OTP can feel like overkill. But when it comes to small, medium, and large businesses, we’ve got a real responsibility to keep networks and systems secure. We can’t afford to be casual or underestimate the risks out there. Honestly, I’d much rather hear a few grumbles from employees about typing in an OTP every time they hop on the VPN than have to sit in a meeting with the board explaining why we didn’t do enough to prevent and mitigate a cyberattack.
  • D

    After backup restore freeradius fails to authenticate with Google Authenticator

    1
    0 Votes
    1 Posts
    194 Views
    No one has replied
  • L

    net-snmp on Netgate 7100 cluster - firmware 25.07.1-RELEASE

    3
    0 Votes
    3 Posts
    3k Views
    S
    see https://forum.netgate.com/topic/198800/solved-pkg-upgrade-not-found-required-by-pkg running on ssh this command fixed my problem. pkg-static clean -ay; pkg-static install -fy pkg pfSense-repo pfSense-upgrade for me the problem is solved.uuu
  • E

    iperf3 on 25.07.1-RELEASE

    5
    0 Votes
    5 Posts
    4k Views
    E
    you're right, I'm still confused about where to find it. The red flag remains, probably just a minor bug
  • K

    This topic is deleted!

    1
    0 Votes
    1 Posts
    505 Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.