1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    H
    We installed haproxy on Netgate 8200 device 25.07.1-RELEASE (amd64) installed acme certificates and get certificate from letsencrypt, everything ok. checked ssl offload in frontend and selected the acme generated certificate under SSL Offloading. result after Apply Changes: Errors found while starting haproxy [NOTICE] (72045) : haproxy version is 2.9.14-7c591d5 [NOTICE] (72045) : path to executable is /usr/local/sbin/haproxy [ALERT] (72045) : config : Couldn't open the ca-file '/var/etc/haproxy_test/clientca_WAN_117.pem' (No such file or directory). [ALERT] (72045) : config : parsing [/var/etc/haproxy_test/haproxy.cfg:15] : 'bind x.x.x.x:443' in section 'frontend' : 'ca-file' : unable to load /var/etc/haproxy_test/clientca_WAN_117.pem [ALERT] (72045) : config : Error(s) found in configuration file : /var/etc/haproxy_test/haproxy.cfg [ALERT] (72045) : config : Fatal errors found in configuration. also package _devel has the same issue. on other boxes where haproxy was configured on 24.11 - upgraded to 25.07.1 its working. BUG ?? so what can we do now -bolded text we need this function. thank you all in advance

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    RedDelPaPaR
    @bmeeks Understood. Thank for kindly for your help. I will likely be ordering a new unit soon.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    573 Topics
    3k Posts
    dennypageD
    @kabeda If memory serves, that old version of ntopng did not run as user ntopng, but as user nobody. There are lots of problems in that old version. Anyway, check the ownership and permissions of /var/db/ntopng and make sure it matches the user that ntopng runs as. You may need to set ownership of the entire hierarchy. Example: /usr/sbin/chown -R nobody:nobody /var/db/ntopng However, the better choice would be to upgrade to a more recent version.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    N
    @netboy Most probaly a configuration regression. You really need to dig deeper. From which pf version did you upgrade? Have you tried removing and reinstalling pfblockerng? Looking to the moon for craters with naked eye doesn't show the one that the crashed spaceship created. Use a telescope instead. FWIW, I see quite a few pfblockerng instances on 25.07.1 running with no (apparent) issues τοο

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    102 Topics
    3k Posts
    F
    I didn't say you should remove the override.ups.delay.shutdown directive, I said you should remove the ignorelb directive. Ok, I will test without ignorelb directive. Also, you do not have anything in the Advanced settings section, correct? Yes As to running a calibration test, consult your UPS manual or support from the manufacturer of your UPS. I find anything I will search tomorow

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    503 Topics
    3k Posts
    M
    I am using the DNS-Update method I have to use a DNS-Sleep of 5 minutes to let the letsencrypt txt dns record update propagate. During this 5 minutes the acme-webgui times out. when the acme-webgui times out the Action list is NOT executed. How can I solve this ? Would it maybe be an idea to let the acme.sh script execute the actions in the action list as a post-hook instead of the web-gui? Or maybe add an option to add post-hooks in the webUI ?

  • Discussions about the FRR Dynamic Routing package on pfSense

    296 Topics
    1k Posts
    C
    This one has been tricky still not sure what to try. Any ideas?

  • Discussions about the Tailscale package

    92 Topics
    639 Posts
    E
    Updated CE 2.8.1 to 1.90.4. Looks like they are already working on .6 Freshports pkg add -f https://pkg.freebsd.org/FreeBSD:15:amd64/latest/All/tailscale-1.90.4.pkg Changelog

  • Discussions about WireGuard

    712 Topics
    4k Posts
    chpalmerC
    @dean.viens What kind of internet services are on the two endpoints? I ask because some modems such as cellular modems can cause issues with VPNs once in a while. I assume you are using the standard ports?? have you tried a different port such as 8443 one of the gui ports you are not using? 80 or 443? If you set the incoming rule to log the traffic do you see the attempts in the firewall log? Long story short here.. are you sure the traffic from router two is making it to router 1 and visa versa?
Log in to post
Load new posts
  • M

    Wake On LAN works but CRON command fails

    6
    0 Votes
    6 Posts
    2k Views
    M
    @Gertjan Thanks for all of your help with this issue. I'm unsure why yours is working when you use the actual ip address of your server in CRON, but mine is not. Because of what I saw in the packet capture, I decided to imitate what the GUI is doing. I changed the command in CRON to: /usr/local/bin/wol -i 192.168.2.255 bc:ee:7b:db:fc:f4 The above command works in CRON to wake up my server. From what you said, I'm guessing this is because "192.168.2.255" is the "broadcast address" of the LAN interface of the $(bcip) as described in your post. /usr/local/bin/wol -i 192.168.2.4 bc:ee:7b:db:fc:f4 The original command above did nothing and didn't even show up in "packet capture" until after the server was already up and running, then I would get something similar to what you got in your packet capture in your screenshot above, as you can see from my previous post. However, the command with the actual ip address reserved for my server in Pfsense fails to wake-on-lan my server, but 192.168.2.255 does work. Thanks for all of your advice and help which resulted in changing "4" to "255" and now it works.
  • T

    Zabbix Proxy 6.2 - Is it posible to install the package manualy on pfsense vRelease 2.7

    Moved
    1
    0 Votes
    1 Posts
    453 Views
    No one has replied
  • ?

    RFC (make up a number not in use) - Blueprint for setting up snort + pfblocker

    171
    1 Votes
    171 Posts
    194k Views
    G
    It's relevant for me too, thank you for explanation
  • J

    2.6->2.7 PHP Error in status_traffic_totals

    Moved
    2
    0 Votes
    2 Posts
    617 Views
    jimpJ
    That error was probably from when the package was being removed. That particular error has been fixed in the 2.7.0 package for quite a long time: https://redmine.pfsense.org/issues/13775
  • T

    [SOLVED] Unable to Install or Upgrade Packages

    Moved
    44
    1 Votes
    44 Posts
    44k Views
    M
    Just wanted to post as I ran into this issue today. I was able to fix this by submitting a TAC ticket with my NDI and SN. The team found a mismatch in their database to which they fixed, and I was able to update all my packages.
  • V

    telegraf / influxdb | Upgrade to 2.7 issues

    1
    0 Votes
    1 Posts
    603 Views
    No one has replied
  • S

    Is something wrong with arpwatch?

    3
    3
    0 Votes
    3 Posts
    780 Views
    S
    @NogBadTheBad I just did that and it stopped, and i think I know why. Those cams use L2 for discovery. Thank you very much!
  • D

    Where are the configurations of the various packages?

    5
    0 Votes
    5 Posts
    2k Views
    GertjanG
    @darkcorner You said in the other thread : @darkcorner said in Network access blocked after update: that I now have to configure from scratch.. That's a 'noop' ;) When you remove all ('big') packages before upgrading, the upgrade process goes much faster. When you have a copy of that config.xml file, right after the upgrade and reboot, you should import config. All packages that are marked as "installed and configured" in the config file will get downloaded, installed and configured. A final reboot and you're ok. Nothing to reconfigure - with the exception : if there are new options, you should check these packages and make your config choices.
  • A

    radtest not found / Problems with FreeRadius

    9
    0 Votes
    9 Posts
    2k Views
    johnpozJ
    @abuttino said in radtest not found / Problems with FreeRadius: grr, was using the wrong pfSense server. not sure why that should matter running the pkg command, I could see it not having freerad installed as to why radtest not there. But the pkg command? Maybe that just generic sort of error since that pfsense didn't actually have the radtest file because freerad was not installed.
  • S

    LCDProc (/dev/cua1) failed (No such file or directory)

    6
    3
    0 Votes
    6 Posts
    2k Views
    S
    @elvisimprsntr said in LCDProc (/dev/cua1) failed (No such file or directory): @sebr Looks like the Peplink Balance series LCD displays have the ST7066U (or compatible) LCD controller. http://lcdproc.omnipotent.net/hardware.php3 [image: 1685199430941-screenshot-2023-05-27-at-10.55.49-am-resized.png] Is there a /dev/lpt0 port listed? If so, you might try the following: Com port: (/dev/lpt0) Driver: HD44780 and compatible Connection type: Likely 4bit or 8bit, but try each until you find one that works. If not, then it might be connected to a serializer chip, thus /dev/cua* Thanks for your help, I'll go back and test this.
  • D

    FreeRadius with Windows Active Directory

    4
    0 Votes
    4 Posts
    2k Views
    D
    @Gertjan said in FreeRadius with Windows Active Directory: You are using "PAP authentication" ? Should FreeRadius work with Active Direcroty throught NPS Radius or as LDAP autorization? i think it work as LDAP, as there are Base DN Filter and Base Filter attributes. i have configured in pfsense LDAP authentification to web page and there are also Base DN attributes thats why i think it works not throught NPS. Here is my LDAP web authentification Spoiler [image: 1695206363091-e1799302-4e6d-427f-8032-f2001e496b0f-image.png]
  • T

    Snort is blocking gmail attachment download randomly.

    2
    1
    0 Votes
    2 Posts
    529 Views
    bmeeksB
    Find the rule that is false-positive triggering on your Gmail downloads and disable it. To do that you will need to cross-reference IP addresses in your alerts shown on the ALERTS tab. None of the alerts you are showing in your screenshot appear relevant to Gmail.
  • wgstarksW

    ntopng errors in system log

    5
    0 Votes
    5 Posts
    2k Views
    A
    Sorry, i have the same issue. Any fresh ideas?
  • jimpJ

    System Patches package version 2.2.5

    17
    7 Votes
    17 Posts
    5k Views
    jimpJ
    Any further questions about the change in 2.2.6 should go over in the new thread: https://forum.netgate.com/topic/182725/system-patches-package-version-2-2-6
  • jimpJ

    System Patches package version 2.2.6

    1
    6 Votes
    1 Posts
    2k Views
    No one has replied
  • sokeadaS

    Zabbix Agent 2 - Monitor pfSense CPU Temperature

    1
    0 Votes
    1 Posts
    422 Views
    No one has replied
  • keyserK

    HAproxy-devel issue

    3
    0 Votes
    3 Posts
    1k Views
    E
    I know this is an old thread, but it is the only one that matches the issues I have had over past 2 days. I have latest version fully updated pfsense and packages. I was running HAProxy Devel. Again fully up to date (as of 06/09/2023), given dates as I am unsure what versions. All of a sudden our RDS users were not able to open applications. In our setup we have a RDS Gateway, people log into the HTML5 interface for RDS, then they open an app in browser. Accessing and loggining into the HTML5 interface worked fine and always worked, even with fully updated. But when you tried to open an app, it would fail to open. After messing about for a bit, I accidently forwarded 443 to the RDS gateway, and everything was working. Once I learnt this, I had to put 443 back to HAProxy as our intranet was no longer working. WIth this information, I knew it was something to do with HAProxy not handling the connection correctly. So I uninstalled HAProxy Devel, and installed HAProxy package 0.63_1. Now everything is working perfectly as it has been for years. I know its been some time since this thread was made, but what ever that problem ended up being, its happening again. Something is wrong with HAProxy Devel.
  • P

    I did not install these packages

    2
    1
    0 Votes
    2 Posts
    686 Views
    johnpozJ
    @pV5 those are the extra packages that pfsense + gets.. Yeah they would be there by default
  • W

    DNS Error updating packages

    1
    0 Votes
    1 Posts
    354 Views
    No one has replied
  • C

    HAProxy broke after update to pfs 22.05

    4
    0 Votes
    4 Posts
    3k Views
    S
    i had this issue, solved it after changing "httpforclose" to "httpclose" as the new version doesn't support that old config var, perhaps dev can do some some parsing magic? lucky the error code lead me to this
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.