pfSense Packages

• 

  Subcategory for FRR
  • jimp  

  2
  2
  Votes
  2
  Posts
  83
  Views

  No one has replied

• 1

  DNS Broken for pkg.pfsense.org
  • 10101000  

  3
  0
  Votes
  3
  Posts
  1753
  Views

  

  https://forum.netgate.com/topic/115789/pkg-pfsense-org-appears-to-be-dead/2
• R

  Packages wishlist?
  • rds_correia  

  647
  0
  Votes
  647
  Posts
  331752
  Views

  

  I've no idea how viable it would be.... says it's an application-level visibility and filtering package that's currently available for OPNSense. I suspect it would need some kind of integration but that's above my knowledge level. Seems interesting anyway... https://www.sunnyvalley.io/sensei
• K

  Clear squidgard configuration
  • koko_adams  

  2
  0
  Votes
  2
  Posts
  9
  Views

  K

  any idea please .??
• 

  Mailscanner UNOFFICIAL package for pfSense 2.3.x
  • marcelloc  

  36
  0
  Votes
  36
  Posts
  5728
  Views

  

  @VenimK Try touch /etc/inc/xmlrpc.inc and rerun the install.
• T

  This topic is deleted!
  • taskdick0  

  1
  0
  Votes
  1
  Posts
  11
  Views

  No one has replied

• W

  WAN to LAN Throughput Testing Question
  • WhiteleeMartinze  

  1
  0
  Votes
  1
  Posts
  4
  Views

  No one has replied

• P

  Using syslog-ng to filter for critical events and send alert email
  • peterglock  

  1
  0
  Votes
  1
  Posts
  12
  Views

  No one has replied

• V

  Tinc, multi-wan failover, gateway switching
  • Vetal  

  4
  0
  Votes
  4
  Posts
  1028
  Views

  K

  I'm looking into howto do this. It should be tottally possible. The GUI seems to get in the way though with its enforcements. eg you dont seem to be able to create a bridge without any interfaces in. If i could I would be able to have the ip config under pfsenses control, which would allow me to setup ospf in the gui by selecting the bridge interface. I could then just run a ifconfig addm command in the tinc interface up bit to link it all together. No joy, and why cant I have an ipless tinc setup?
• 

  NUT package
  • dennypage  

  644
  0
  Votes
  644
  Posts
  81600
  Views

  

  @kevindd992002 Look at the system logs for the minute preceding the event. See what's going on. You should be able to identify a trigger. If you aren't having USB disconnects, then it's likely something like an interface flap or DHCP renewal.
• M

  AVAHI Does not start
  • mcmikev  

  1
  0
  Votes
  1
  Posts
  21
  Views

  No one has replied

• J

  LcdProc on 2.5
  • jmarcosm  

  3
  0
  Votes
  3
  Posts
  23
  Views

  J

  OK ! That's are wonderful news. Thank you
• C

  This topic is deleted!
  • createpower5  

  1
  0
  Votes
  1
  Posts
  11
  Views

  No one has replied

• C

  Python 3 in pfsense
  • CouldntMakeUpOne  

  22
  0
  Votes
  22
  Posts
  1322
  Views

  

  To solve this I have created a public repo on GitHub with precompiled Python 3 binaries for specific releases of pfSense: pfSense Python 3 If you follow the instructions, it's a very straightforward process and will allow you to choose whatever Python 3 version works for you :)
• S

  FreeRADIUS OVPN GAUTH
  • sublunar  

  5
  0
  Votes
  5
  Posts
  58
  Views

  P

  I have changed the XML script a bit. Maybe the one who is responsable for the package can add this in the new version? Changes are made in freeradius.xml (located in /usr/local/pkg) add : <field> <fielddescr>Authenticator Name</fielddescr> <fieldname>varcompanyname</fieldname> <description> <![CDATA[ You can fill in a name to be shown in Googles Authenticator.<br/> <span class="text-info">(Default: FreeRadius). </span> ]]> </description> <type>input</type> <default_value>FreeRadius</default_value> </field> right under the time field (right under </field> and then change: var provider = encodeURIComponent("FreeRADIUS"); in var provider = encodeURIComponent($('#varcompanyname').val());
• C

  This topic is deleted!
  • curediabetes7  

  1
  0
  Votes
  1
  Posts
  6
  Views

  No one has replied

• D

  This topic is deleted!
  • dogtrain9  

  1
  0
  Votes
  1
  Posts
  15
  Views

  No one has replied

• S

  This topic is deleted!
  • slimmingsolution76  

  1
  0
  Votes
  1
  Posts
  11
  Views

  No one has replied

• H

  FreeRADIUS3: 0.15.7_3 -> 0.15.7_6 iOS clients can't connect
  • helical-matte  

  2
  0
  Votes
  2
  Posts
  29
  Views

  H

  Scratch that. I generated a new self-signed certificate and chose that instead of my Let's Encrypt cert and now my iOS devices connected again. Sorry for the false alarm.
• 

  FreeRadius3: MD5-Password encryption
  • JeGr  

  3
  0
  Votes
  3
  Posts
  20
  Views

  

  @jimp said in FreeRadius3: MD5-Password encryption: Is there maybe some whitespace around the password that got ignored for cleartext but included in the MD5 hash? @jimp Nope, double checked that. The internal auth test works with cleartext password, MD5 gets rejected with above error. Don't understand it the least, as my box at home for example is configured exactly the same way and has no problems testing both kinds of users... I'm at a complete loss...
• U

  Basic FTP server Package for pfSense
  • u444665  

  2
  0
  Votes
  2
  Posts
  38
  Views

  

  For the firewall to act as an FTP server? No, never going to happen. The firewall is a firewall, not a file server. FTP is a broken and insecure protocol, even with tacked-on things like FTPS. That said, you could enable SSH and users could connect with SCP/SFTP, but that should not be exposed to the public because, again, it's a firewall and not a file server. If you need a file server, virtualize it inside your network or isolate it on a dedicated device like a Pi. But if at all possible, avoid FTP like the plague it is.
• J

  FreeRadius3: Certificates for TLS gone after updating to 0.15.7_4
  • j_testing  

  9
  0
  Votes
  9
  Posts
  49
  Views

  J

  @jimp I just did, and it works. That was fast, thank you.
• T

  This topic is deleted!
  • Tmoss  

  1
  0
  Votes
  1
  Posts
  6
  Views

  No one has replied

• W

  This topic is deleted!
  • waistburn1  

  1
  0
  Votes
  1
  Posts
  7
  Views

  No one has replied

• 

  Arpwatch Question
  • chudak  

  2
  0
  Votes
  2
  Posts
  37
  Views

  N

  Same problem here with the same problem of router. I have a Linksys E3200 in bridge mode I will put some xxx where its not important hostname: <unknown> ip address: xxx.xxx.1.2 ethernet address: xx:xx:xx:xx:xx:4e ethernet vendor: Linksys old ethernet address: xx:xx:xx:xx:xx:4f old ethernet vendor: Linksys timestamp: Monday, November 25, 2019 21:22:56 -0500 previous timestamp: Monday, November 25, 2019 21:22:48 -0500 delta: 8 seconds
• M

  Suricata does not start the interface
  • mssca  

  2
  0
  Votes
  2
  Posts
  18
  Views

  M

  Finally, I found the solution to my own problem. I am posting this here for others. Deleting the pid file and increasing the memory did not work. Instead, I deleted the interface and increased the Flow Memory Cap on the newly created interface to the maximum I have, which is 33554432 bytes = 32 GB. For some reason, any value lower than that will not work. This makes no sense...... However, at least it works now. I read somewhere that you can be calculated as per: https://forum.netgate.com/topic/84756/suricata-issues/3
• M

  Troubleshooting telegraf - influxdb
  • morlies  

  2
  0
  Votes
  2
  Posts
  28
  Views

  M

  Update: telegraf plugin adds ssl-config to configuration file although plain http is used. I removed the CA-line in the config and now it seems to work. ssl_ca = "/usr/local/etc/telegraf.ca" <<-- removed
• A

  APCUPSD Shutting down PFSense immediatly after boot up
  • amarcino  

  3
  0
  Votes
  3
  Posts
  44
  Views

  A

  Well I have resolved this problem by reinstalling PfSense and applying a backup I made a few days ago. Will do more research into APCUPSD before I consider having that control my device again.
• 

  New Avahi package
  • dennypage  

  57
  2
  Votes
  57
  Posts
  6971
  Views

  L

  @dennypage said in New Avahi package: @logan5247 said in New Avahi package: My BLACKHOLE network isn't allowed to talk back to LAN, let me open some stuff up and see! @dennypage thank you! I had blocked all communication back from BLACKHOLE to my LAN. I had to allow 5353/udp from BLACKHOLE to LAN and now it's working great! I think you want to allow BLACKHOLE to send mDNS (5353) to firewall rather than to any. I just tried that (switching from ANY to FIREWALL) and it didn't work. When I switched back to ANY, it works. The firewall logs show it's trying to send to 224.0.0.251, so maybe I can just allow it to go to that address.
• M

  repository unavailable
  • moisesdfelix  

  18
  0
  Votes
  18
  Posts
  42
  Views

  M

  I tested it on other hardware and it really seems to be some local glitch
• S

  Suricata setup
  • sr10977  

  7
  0
  Votes
  7
  Posts
  111
  Views

  S

  Thank you so much! It is up, but for some reason I am only getting 1 single traffic type: ICMP src: switch dest:224.0.0.1..... Will have to figure this one out, I believe it is on the switch side, not sending the traffic
• A

  Filter out OSPF route?
  • AdamTheManTyler  

  7
  0
  Votes
  7
  Posts
  50
  Views

  A

  @Derelict Thank you.
• 

  Norton.com/Setup - How to activate Norton product?
  • jones123  

  1
  0
  Votes
  1
  Posts
  35
  Views

  No one has replied

• V

  Is there a Bacula howto?
  • Vancejo1  

  5
  0
  Votes
  5
  Posts
  70
  Views

  V

  So sorry, I asked in the wrong forum.
• K

  Zabbix Proxy?
  • killmasta93  

  1
  0
  Votes
  1
  Posts
  33
  Views

  No one has replied

• B

  After the last update pfsense 2.4.4 p3
  • basem  

  12
  0
  Votes
  12
  Posts
  108
  Views

  

  @jimp said in After the last update pfsense 2.4.4 p3: pf2ad Maybe he didn't pay his 60.00 € the guy wants for that package... That site is OLD... shoot it still says pfsense is owned by Electric Sheep Fencing ;)
• B

  This topic is deleted!
  • basem  

  0
  0
  Votes
  0
  Posts
  12
  Views

  No one has replied

• C

  softflowd: multiple collectors
  • cyberzeus  

  1
  0
  Votes
  1
  Posts
  26
  Views

  No one has replied

• M

  Snort and SquidGuard issues
  • Marcus Vinicius  

  1
  0
  Votes
  1
  Posts
  26
  Views

  No one has replied

• K

  Installing any package prompts to downgrade icu, uninstall boost-libs and mongodb, breaking Unifi on pfsense
  • kjstech  

  9
  0
  Votes
  9
  Posts
  71
  Views

  K

  I think I figured this out by installing pfsense in virtualbox VM, configuring it and then comparing pkg info commands between it and my live system. The live system always had a warning about pkg version 35 is newer than installed database 34 at the top, and there were a few other packages that were newer versions than the stock 2.4.4p3 system. The pkg version warning did not sit pretty with me so thats when I decided to blow away this new install and start over. After I wiped the drive and did a reinstall, I reapplied my config file. The interfaces were different from the old system (re0, igb0). Therefore until I got to the physical console and fixed it, the packages never installed because it could not contact the internet. The second time around I edited my xml config file in notepad++ and altered the WAN and LAN with the proper igb0 and igb1 designations as they are on the new box. Next wipe I got it back up and restored config. This time since the interfaces were correct, when it restarted it had internet access and the system was able to automatically reach out and download all of the packages. At the top of the web ui in a yellow banner it said to hold off on any changes while packages are reinstalled from the internet. (This is the behavior I noticed in my VirtualBox install test). The only one I had to manually install was bandwidthd (it was in the menu but the package wasn't installed). But after giving the system time installing all of these packages, I was able to install the Unifi controller using the github script. I then pkg lock these three packages: boost-libs-1.71.0_2 icu-65.1,1 mongodb34-3.4.23 I then installed the command line packages for lsof and nano, and they installed and work without issue. Nothing was downgraded or removed. System is running smoother than it ever has. I think the pkg database got messed up in the original install after importing the config, since the system was not able to contact the internet and complete the package install. There was no button in the UI to "retry" and reloading the config and just choosing package database did not seem to do anything. A clean install fixed it.