1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    N

    Can I use pgblockerng aliases in Haproxy?

    80758505-9bad-4dad-a80b-c159be1045a2-image.png

    If it was a firewall rule, typing pfb would produce a dropdown to select.

    Here it has to be written, but will it work? Is it supported?

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    bmeeksB

    I saw where the Netgate kernel developer updated the Suricata package in the pfSense 25.07 development branch to work with the new kernel PPPoE driver. But so far as I know that updated package has not been migrated to 2.8 CE.

    Here is the commit into the DEVEL branch: https://github.com/pfsense/FreeBSD-ports/commit/68a06b3a33c690042b61fb4ccfe96f3138e83b72.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    571 Topics
    3k Posts
    K

    @pulsartiger
    The database name is vnstat.db and its location is under /var/db/vnstat.
    With "Backup Files/Dir" we are able to do backup or also with a cron.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    GertjanG

    @AlexK-0 said in Can't receive GeoIP databases updates anymore, banned:

    Days ago, I received from MaxMind an email, notifying me that my country has been banned to receive GeoLite City database updates.

    You've found a reason to use a VPN.

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    99 Topics
    2k Posts
    K

    @elvisimprsntr thanks for your suggestion. I will give it a try.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    493 Topics
    3k Posts
    johnpozJ

    @MacUsers

    https://help.zerossl.com/hc/en-us/articles/360060119933-Certificate-Revocation

    edit: oh you prob out of luck

    You can revoke any certificate issued via the ZeroSSL portal. Currently, certificates issued via ACME can not be revoked from inside the portal - please follow the instructions of your ACME client for revoking those certificates.

    the gui in pfsense does not have the ability to revoke - you prob have to move the certs to something you have certbot installed to and revoke that way.

  • Discussions about the FRR Dynamic Routing package on pfSense

    294 Topics
    1k Posts
    R

    I had a similar issue with Routed VTI over IPsec recently. FRR lost its neighbors after rebooting or when a tunnel went down. It never re-discovered it automatically. Only restarting FRR (either in GUI or via CLI) brought the neighbors back.

    When I manually added those under the OSPF neighbors tab in the GUI it seems to solve the problem as well.

  • Discussions about the Tailscale package

    88 Topics
    573 Posts
    luckman212L

    For 25.07 RC, this worked for me (run sh first)

    [25.07-RC][root@r1.lan]/root: sh # export IGNORE_OSVERSION=yes # pkg add https://pkg.freebsd.org/FreeBSD:15:amd64/latest/All/tailscale-1.84.2.pkg # service tailscaled restart # tailscale up # tailscale version 1.84.2 go version: go1.24.4 # tailscaled -version 1.84.2 go version: go1.24.4

  • Discussions about WireGuard

    689 Topics
    4k Posts
    P

    @patient0 Thanks for further suggestions. The tunnel is definitely up and so I don't think this is a CGNAT issue after all. WAN firewall rule is in place for UDP on port 51823 (otherwise the tunnel wouldn't work, right?). I can ping from client 1 -> client 2 and visa versa and also ping all points in between like you suggest. I just can't open an HTTPS connection from pfSenseB from Client 1 using a browser. But I can do this the other way round i.e. from Client 2 to pfSenseA

    I will try and do some packet capture to see if that reveals anything.

Log in to post
Load new posts
  • A

    Question: How effective blocking extensions on PFSense?

    Locked
    12
    0 Votes
    12 Posts
    18k Views
    A

    Very important these ideas. But this is a challenge we will face.
    For you what is the best way to block those extensions on pfsense?

  • T

    Squidguard - unable to reinstall

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    C

    It also seems that if you deinstalled squid first then deinstalled squidguard, that issue may occur. Leaving squid last to deinstall seems to work fine.

  • D

    OpenOSPF over OpenVPN Tunnels - is it possible

    Locked
    5
    0 Votes
    5 Posts
    6k Views
    D

    [DONE] SOLVED

    Thanks, found the causing on my own. Did uncheck the "redistribute connected" and disabled to redistribute the public, external IP-range. That's it… Thanks for all your help! :-)

  • ?

    SNORT NOT INSTALLING (PFSENSE STILL A PROBLEM)

    Locked
    9
    0 Votes
    9 Posts
    4k Views
    jimpJ

    @trentdk:

    Ignoring cdx304, and going with tbaror, I can confirm the Snort package installation error on pfSense 2.0 (nightly dec 28):

    Yes, and there are already several other threads dedicated to that – with workarounds. The maintainer of that package still needs to fix it.

  • T

    PfSense 2.0 (dec 28) + squid + lightsquid: lightsquid error

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    T

    Using those 'refresh' buttons, and messing around with the log rotation didn't help  :'(

  • C

    Squid and lightSquid (and squidGuard if I am lucky)

    Locked
    11
    0 Votes
    11 Posts
    4k Views
    C

    Thanks for that, now the logs work as well.

    Thanks for your time guys :)

  • B

    Nmap, squid, and squidGuard on 1.2.3

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    B

    When I do an nmap on my IP on the LAN network (without checking any of the three boxes), it sits on the page pkg_edit.php just loading and loading.. with the text "Starting Nmap 4.76 ( http://nmap.org ) at 2010-12-27 16:28 CST" outside the right margins of the webdesign. After a while it just stops "loading" nothing.

    EDIT: Ok finally, it took forever just to do a scan on my machine from the pfSense server.

  • J

    Cant find snort rules tab

    Locked
    3
    0 Votes
    3 Posts
    1k Views
    J

    @Cry:

    What version (number) of pfSense are you running?

    1.2.3

  • JSmoradaJ

    Snort GUI wishlist

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    T

    NAC (VLAN ISOLATION) :)

  • T

    HAVP still blocking users after service fails to start

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • M

    Terminal Server Aware web usage logging

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    M

    Thanks, I'll check it out.

  • S

    Squid LDAP Auth on Win2008R2 AD?

    Locked
    2
    0 Votes
    2 Posts
    4k Views
    S

    ok i've read somewhere that Unix may have trouble communicating with Windows 2008 R2 LDAP.

    Can anybody confirm this?

  • ?

    Can't start squid? pfsense 2.0 squid 2 or 3

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    ?

    I know, I apologize for being a giant douchebag, but I was in a hurry to get back online.

  • B

    Blocking Cookies

    Locked
    5
    0 Votes
    5 Posts
    3k Views
    B

    Cool.  I'll have to try it once I have some time.

  • _

    Squidguard weird update-behaviour

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    _

    Ah, ok. I'll stay tuned. At the moment i'm staying good with that little "feature"…

  • B

    General Package 'problems'

    Locked
    8
    0 Votes
    8 Posts
    3k Views
    B

    Upgrading has caused spamd to stop working but I will post about that in a separate thread.

    @jimp:

    You'd have more luck posting a specific thread with that in the topic asking, the maintainer of that package may see it and offer some help.

    Usually we err on the side of caution when removing packages. Removing them from the list makes it a lot harder for the maintainer to debug problems.

    Spamd doesn't have a current maintainer according to the package listing. I also get 'current version unknown' so I'm not sure if I have the latest. Reinstalling installs the current one again so I'm 50/50 whether I have the current or not.

    I hope this next comment is taken as it's entitled and not taken the wrong way.

    I love pfSense, however the packages, for me, are it's biggest weakness. pfSense isn't really designed for embedded so it's designed for packages to extend it. However, a lot of the packages are simply not maintained, don't work properly, cause problems and that is just from my own personal experience. Documentation is scarce for a lot of the packages too or the documentation that is there is just not adequate.

    I wouldn't even mind paying a small fee for some packages (such as spamd as when it worked it was fantastic) if they were maintained or worked correctly.

    I'm not one of these people who take and moan about it when it doesn't work. I wish I could contribute and I would really love to take over spamd but I know enough about it or BSD to be more of a hinderance than a help.

  • S

    SSL inspection

    Locked
    5
    0 Votes
    5 Posts
    4k Views
    S

    Any example on how to use the first option (SSL STRIP)?

  • G

    Openospfd and default redistribute metric

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    G

    no one have advice on this?

  • Z

    Load balancer + Squid

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    jimpJ

    It can work on 2.0, though the setup isn't fully documented yet. There is a forum thread with more info, search for squid multi-wan and look for posts from Ermal.

  • F

    HAVP + lightsquid = logging oddity

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.