1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    N

    Can I use pgblockerng aliases in Haproxy?

    80758505-9bad-4dad-a80b-c159be1045a2-image.png

    If it was a firewall rule, typing pfb would produce a dropdown to select.

    Here it has to be written, but will it work? Is it supported?

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    cyb3rtr0nianC

    @bmeeks So after upgrading to the newest PfSense 2.8.0 everything is now working like a charm!

    Suricata no longer seems to strip off tags like it did before! Which means I can now use my network segmented by VLANs and still use the benefits of Suricata Inline IPS! Very niiize!

    I checked in the Alerts section and it is indeed generating the correct alerts from the different VLAN sections, I put Inline IPS on the parent interface of all the VLANs.

    I assume this is because the FreeBSD version is also updated with the new PfSense 2.8.0 version?

    Because before, as soon as I selected Inline IPS mode, my entire VLAN tagging would break and nothing was reachable until I switched back to Legacy mode.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    571 Topics
    3k Posts
    K

    @pulsartiger
    The database name is vnstat.db and its location is under /var/db/vnstat.
    With "Backup Files/Dir" we are able to do backup or also with a cron.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    W

    @qinn
    Sent him an email Dan an email to the address on his site.. Not sure what is happening, my Teams stopped working. Disable it/turn it off and the problem went away.

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    99 Topics
    2k Posts
    K

    @elvisimprsntr thanks for your suggestion. I will give it a try.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    493 Topics
    3k Posts
    GertjanG

    @EChondo

    What's your pfSense version ?
    The instructions are shown here :

    1acdc586-cb29-4148-9e36-81ade4e5e60c-image.png

    A restart of a service will start by re creating their config files. If a certificate changed, it will get included. When the process starts, it will use the new certificate.

    @EChondo said in Issue with ACME Certificates Refresh & Restarting HAProxy:

    I haven't been able to confirm if the above works(mine just renewed, don't feel like doing it again just to test), so we'll see in 60 days I guess.

    No need to wait x days.
    You can re test / renew right away, as you are 'allowed' to renew a couple (5 max ?) of times per week.

  • Discussions about the FRR Dynamic Routing package on pfSense

    294 Topics
    1k Posts
    R

    I had a similar issue with Routed VTI over IPsec recently. FRR lost its neighbors after rebooting or when a tunnel went down. It never re-discovered it automatically. Only restarting FRR (either in GUI or via CLI) brought the neighbors back.

    When I manually added those under the OSPF neighbors tab in the GUI it seems to solve the problem as well.

  • Discussions about the Tailscale package

    89 Topics
    574 Posts
    A

    Hello,
    I am unable to get the Tailscale package to work. The page at VPN > Tailscale > Authentication is stuck. It displays the error "Tailscale is not online," but also shows a "Logout and Clean" button, with no option to log in.
    link text

    This state persists even after performing the following troubleshooting steps:

    Rebooting the pfSense router.

    Completely uninstalling and reinstalling the Tailscale package multiple times.

    Clearing browser cache and using a private browser window.

    Toggling the main "Enable Tailscale" checkbox in the settings.

    Checking the logs, which show the service gets a "terminate" signal and shuts down cleanly; it does not crash.

    Manually trying to delete the state file with rm /var/db/tailscale/tailscaled.state, which failed because the file does not exist.

    It appears that the package's configuration is corrupted in a way that persists even after reinstallation. Can anyone advise on how to perform a complete manual cleanup of all Tailscale files and settings?

  • Discussions about WireGuard

    689 Topics
    4k Posts
    P

    @patient0 Thanks for further suggestions. The tunnel is definitely up and so I don't think this is a CGNAT issue after all. WAN firewall rule is in place for UDP on port 51823 (otherwise the tunnel wouldn't work, right?). I can ping from client 1 -> client 2 and visa versa and also ping all points in between like you suggest. I just can't open an HTTPS connection from pfSenseB from Client 1 using a browser. But I can do this the other way round i.e. from Client 2 to pfSenseA

    I will try and do some packet capture to see if that reveals anything.

Log in to post
Load new posts
  • JonathanLeeJ

    Install an older pfSense package with "pkg add" and snort

    3
    0 Votes
    3 Posts
    731 Views
    JonathanLeeJ

    @bmeeks what's funny is the .11 version works perfectly for me on 23.05.01. I always thought it was my custom AppID stuff until you told me the real reason. I would love a new Netgate appliance that could utilize inline mode and get .SO rules. My wife won't let me until this one dies. I also can't get my 2100 to update to 23.09. But I secretly like ARM too

  • J

    HAProxy and openssl - the 'unrescue'

    1
    0 Votes
    1 Posts
    309 Views
    No one has replied
  • P

    2.6, wrong permissions on "/var/"

    Moved
    14
    0 Votes
    14 Posts
    2k Views
    jimpJ

    I opened https://redmine.pfsense.org/issues/15054 to fix up the permissions for /var RAM disks.

  • R

    Unable to check for updates pfsense 2.7.0

    5
    0 Votes
    5 Posts
    1k Views
    S

    @saidin

    Ok, I found out this thread.
    https://forum.netgate.com/topic/184195/upgrade-pfsense-ce-2-7-0-to-2-7-1

    and applied the temporary fix described here https://docs.netgate.com/pfsense/en/latest/releases/2-7-1.html#troubleshooting, which is to apply certctl rehash

    Later, I confirmed that I am using my correct branch in System --> Update --> Update Settings and I was able to install the packages that I needed.

    Thanks

  • t0m77T

    LCDproc (Watchguard) broken in 2.7.0

    Locked Moved
    7
    0 Votes
    7 Posts
    1k Views
    jimpJ

    Yes, please start your own new thread. The original issue here is 100% confirmed to be resolved so if you are hitting something similar it has to be a different cause.

  • A

    Zenarmor

    10
    0 Votes
    10 Posts
    7k Views
    V

    @chatterbox It says on their website that pfSense+ support has been dropped, but CE is still available. https://www.zenarmor.com/docs/installing/installation#installing-on--pfsense-software

  • frogF

    Freeradius configuration and users lost after upgrade to 23.09

    Moved
    3
    0 Votes
    3 Posts
    513 Views
    F

    Discussed here: https://forum.netgate.com/topic/183065/upgrade-of-freeradius3-from-0-15-10-to-0-15-10_1-sets-all-configuration-values-to-default/7

  • jimpJ

    System Patches package version 2.2.8

    1
    8 Votes
    1 Posts
    457 Views
    No one has replied
  • L

    pfSense - mailreport - authentication failure

    5
    0 Votes
    5 Posts
    1k Views
    L

    @Gertjan
    Thank you for this clarification!

  • R

    Bind rpz only gives max TTL of 5 seconds

    2
    0 Votes
    2 Posts
    514 Views
    R

    Today I did set up another test BIND server under linux configured it from ground up. And result is exactly the same. So this problem is not pfsense related. Its something I do not understand in Bind...

  • bthovenB

    Got Crowdsec 0.0.4 installed on my pfSense (now upgraded to V0.1

    7
    2 Votes
    7 Posts
    2k Views
    M

    @SteveITS
    I agree in terms of the function. It seems to work with other tools like Suricata or pfBlocker but with similar functionality.
    I'm willing to give it a shot once its available officially tho. Could be interesting.

  • M

    Openvpn wrapped by stunnel

    1
    0 Votes
    1 Posts
    356 Views
    No one has replied
  • S

    Restore missing FreeRADIUS config

    10
    0 Votes
    10 Posts
    2k Views
    S

    @slu said in Restore missing FreeRADIUS config:

    same problem after the upgrade to 0.15.10_1 today

    Hmmm, rereading https://redmine.pfsense.org/issues/14806, if the issue happens on uninstall, that would always be the "old" package and therefore the issue is going to affect everyone until after they get on 0.15.10_1. :(

  • G

    Upgrade of FreeRadius3 from 0.15.10 to 0.15.10_1 sets all configuration values to default.

    Moved
    9
    0 Votes
    9 Posts
    2k Views
    F

    Oof, this wiped out my FreeRADIUS config as well. Did a full restore from a manual backup and a reboot. Thank goodness for backups.

    Can this FreeRADIUS security issue get some love? I deleted all my users (1 user for each phone, iPad, laptop, etc.) to test it, and they're all still able to connect. Using EAP-TLS. That checkbox basically does nothing. Thanks

    Check Client Certificate CN
    Validate the Client Certificate Common Name

    When enabled, the Common Name of the client certificate must match the username set in 'FreeRADIUS > Users'. (Default: Unchecked)

  • F

    User Authentication with FreeRadius and Active Directory - possible?

    2
    0 Votes
    2 Posts
    1k Views
    S

    Hi @FrankoniaDKB, did you find how to this? I'm trying the same, I want auth users on a Wireless Network but i can't make this work

  • I

    Interface does not appear while creating a Span port

    1
    0 Votes
    1 Posts
    401 Views
    No one has replied
  • B

    "FreeRADIUS XMLRPC Sync" - Issue with Missing Certificates

    2
    0 Votes
    2 Posts
    652 Views
    V

    Hello. Please tell me, is there any plans to fix the bug in FreeRadius XMLRPC Sync in which certificate settings disappear on the recipient after synchronization?

    https://redmine.pfsense.org/issues/11802
    more than two years have passed

  • C

    Wireguard - Logs

    5
    0 Votes
    5 Posts
    5k Views
    F

    @bigtfromaz Agreed. I'm also looking for a way to monitor logs, and potentially send out notifications on abnormal connections, eg. Connection from a previously unseen country, etc.

    So far the only remote solution would be: https://github.com/MindFlavor/prometheus_wireguard_exporter

    I don't feel like installing additional software on my router, but on the other hand, there doesn't seem to be a way to monitor these logs externally.

    Please let me know if you find anything interesting.

  • E

    Netgate pfSense Plus 23.05.1-RELEASE Repo Down

    6
    0 Votes
    6 Posts
    945 Views
    johnpozJ

    @eroji well you have from the gui some previous process running..

    What you see via some browser and a url isn't always going to be what is going on in the background..

    Kill off that old upgrade process, and try with the gui..

    edit: I just fired up my 23.05.1 VM and installed package just fine

    works.jpg

  • K

    Package Manager is not loading on PfSense+

    3
    0 Votes
    3 Posts
    557 Views
    K

    My problem was resolved by messaging one of the admins who work for Netgate. The issue was due to the fact I had to change out my 4 port NIC on my home built pfsense plus for a new one and it changed my NDI. Once I gave that to them and they updated it to the registered e-mail on file, the Available Packages came back. I hope this helps.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.