1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    E
    I even tried deleting and creating a new certificate. Any suggestions?

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    S
    @Smeg.Head Have you tried saving the log settings page as is? Years ago IIRC there was a bug there also where it needed saving. If pfSense is set to compress logs (should not on ZFS or slow CPUs) I wonder if it might be trying and timing out.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    572 Topics
    3k Posts
    keyserK
    @Antibiotic No it’s not possible with NtopNG as it is not a Netflow collector. You need nProbe for that which will “translate” recieved netflows into flows that NtopNG understands and can visualize (with very very little detail might I add as Netflows has no additonal information apart from sender/reciever and volume). The NtopNG package and the product in general is more geared towards visualising and recording traffic details from actual packet captures. This contains MUCH more metadata about the sessions than netflows (DNS names, protocol information and myriads of other things). But pffSense Plus has a builtin Netflow exporter if you have an external netflow collector on hand.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    J
    @nanda said in pfb_filter and pfb_dnsbl services are not running Pfsense 25.07.1: When I checked the status of the service, the firewall returned, "does not exist". as in on the Status -> Services page? or where specifically ? and yet it shows on the dashboard services widget.. And you said this was a fresh install so ... are there any errors in pfblockerNG 's error.log, dnsbl_parsed_error or py_error (Firewall -> pfBlockerNG -> Logs on the pfblockerNG -> General. make sure the Keep Settings option is enabled then head over to packages and try to reinstall the package (you may remove and install or just reinstall) see if you spot any install errors during the install then when complete you will need to change the masterfile / mastercat line again and then check the update page at Firewall -> pfBlockerNG -> Update should have a status showing the next scheduled cron event (if that is within a few minutes just wait for it to run). if it is more than say 20 minutes away or says not scheduled (or similar) then on the same update screen force Cron hit run. when that is complete check the status then reboot check the status

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    101 Topics
    2k Posts
    dennypageD
    @jhg said in NUT fails to start after 2.7.2 -> 2.8.0 upgrade: Interesting. I would have thought the initial reboot, which occurred as part of the upgrade, would have done the trick, but it took a second reboot, just now, to get things working. Glad you have it sorted. There was no difference in the output of usbconfig show_ifdrv at any point -- before or after unplugging/replugging the USB cable, nor after rebooting. ... Question: What would tell me whether or not a driver was loaded? If there were an attached driver, it should have shown up with the show_ifdrv command. If you use the command and look at the other usb devices, I think they will show attached drivers. I don't expect to see a driver attached to the ups, because there is a quirk that tells the OS to ignore that device (and not attach a driver). Look for idVendor and idProduct in the above output. The Vendor ID for your device is 0764, which corresponds to Cyber Power Systems, and the Product ID for your device is 0601, which is registered as "PR1500LCDRT2U UPS" (don't sweat an exact match for the name). You can see the quirk with the following command: [25.07-RC][root@fw]/root: usbconfig dump_device_quirks | grep 0764 VID=0x0764 PID=0x0005 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE VID=0x0764 PID=0x0501 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE VID=0x0764 PID=0x0601 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE [25.07-RC][root@fw]/root: Your device is third on the list. The HID_IGNORE quirk says to ignore the device and not attach a driver. @jhg said in NUT fails to start after 2.7.2 -> 2.8.0 upgrade: You might consider adding this resolution to the release notes for 2.8. LOL... sorry, I don't have input to the release notes (I don't work here). While I wrote and maintain various packages, including NUT, I'm still just a volunteer. Most packages are actually written by volunteers.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    500 Topics
    3k Posts
    G
    @Gertjan well..... finally i created a new user for inwx and just gave him dns_management role only AND without 2FA. So now all is fine, my PFSense has the LE Cert as it should be. Thanks and kr Mike

  • Discussions about the FRR Dynamic Routing package on pfSense

    294 Topics
    1k Posts
    yon 0Y
    said in Please update frr on Pfsense+ to FRR 10.3: https://redmine.pfsense.org/issues/15785 now frr 10.4.1

  • Discussions about the Tailscale package

    90 Topics
    609 Posts
    luckman212L
    The bugaboo that was affecting the FreeBSD 15 pkg repos has cleared, and the new builds seem to be finished. So, 1.86.4 is now landed in FreeBSD:15:amd64/latest ABI: pkg add -f https://pkg.freebsd.org/FreeBSD:15:amd64/latest/All/tailscale-1.86.4.pkg

  • Discussions about WireGuard

    699 Topics
    4k Posts
    S
    @Bob.Dig what's the right place?
Log in to post
Load new posts
  • T

    2.2 Update Woes - Squid/Squidguard/vnstat

    10
    0 Votes
    10 Posts
    3k Views
    C
    try squidguard-dev instead of squidguard3 there is an issue with the libs after reboot but search for my post on how to correct it if you still need squidguard
  • R

    Installation of haproxy-devel

    3
    0 Votes
    3 Posts
    1k Views
    marcellocM
    pbi is the feebsd port part of the package. You will need all package gui config files to be downloaded and manual edit of config.xml to include menu and execute install script that most packages has. gui files are under github https://github.com/pfsense/pfsense-packages/tree/master/config I suggest you creating a local repo instead of manual package install.
  • W

    [Solved] NUT not working with 2.2 RC (amd64)

    3
    0 Votes
    3 Posts
    1k Views
    W
    Well, I've figured this one out… I was doing a full reinstall of 2.2 (to cope with my architecture switch problem), with a complete config.xml on an USB drive. An ingenious way to do it an it works like a charm. However with a full install with config.xml on USB, none of the packages are reinstalled. Installing NUT manually afterwards creates the problem with it not starting. Removing and reinstalling the package does not help, NUT still wont start. However, after the full install I forced an upgrade with the same version, 2.2 Release AMD64, from an update image. This time the packages are reinstalled properly and NUT works perfectly again, with the old settings present in config.xml, without doing anything. This process triggered a battery calibration on my SmartUPS 1400 over serial that I cannot explain, but that is another issue. It works now.
  • C

    MOVED: ipsec 2.2 - loss of fragmented packets

    Locked
    1
    0 Votes
    1 Posts
    434 Views
    No one has replied
  • K

    [RESOLVED]squidGuard redirect causing squid fatal error

    6
    0 Votes
    6 Posts
    2k Views
    C
    good to hear!!
  • T

    Squid3-dev + snort issue

    3
    0 Votes
    3 Posts
    1k Views
    T
    I have had those issues over the years with snort.  I have to make sure that my normal routine of sites my network goes to is added to whitelists.  I find these by going to blocked and finding the youtube IP's and then going to alerts and creating whitelist and then go back to clear that block from blocked tab.  Wished someone would make it not have to jump back and forth just do it in the BLOCKED area.
  • G

    Snort not starting with simple custom rule

    3
    0 Votes
    3 Posts
    878 Views
    G
    Thanks for this, now the rule works great :)
  • N

    Clamav remote scan ?

    8
    0 Votes
    8 Posts
    3k Views
    N
    what alternative would be better to Clamav ? It has to be free because the cloud storage i provide to a few other users is a free service for now and i really dont want to waste anymore money on it.? All my other users are windows and mac users so it has to scan for virus made for other systems aswell
  • Z

    HAVP missing files?

    14
    0 Votes
    14 Posts
    3k Views
    Z
    I will give it a try tomorrow. Thanks for the advice!
  • A

    Dansguardian fix on 2.2

    13
    0 Votes
    13 Posts
    3k Views
    C
    @Asterix: @Cino: thanks Asterix… I'll have to play around with my config then... What is the output when you run? ps -aux | grep dansguardian Also are you using amd64? I see the process started but I thought I would also see the config file its using.. Yup on amd64. I switched back to 2.2 late last night. Won't be installing dans for now as I see progress on e2 package. I did a re-install of it and its working for me now… I'll have to test "web upload is banned" issue.. For what I'm using it, I don't think it will be an issue.
  • K

    Uninstalling lightsquid Command line

    2
    0 Votes
    2 Posts
    1k Views
    jimpJ
    use pbi_info to find the exact name and pbi_delete to remove it.
  • C

    Squid3 not rotating logs

    6
    0 Votes
    6 Posts
    2k Views
    C
    There is no /usr/pbi/squid-amd64/bin/squid. [2.1.5-RELEASE][admin@pfSense.localdomain]/var/squid/logs(10): ls /usr/pbi/squid-amd64/bin/squid* ls: No match. Since I restarted squid on 1/20, it rotated once at midnight on 1/21, then no more rotations.  The access.log is still growing and the proxy server works fine. With the root user, running: /usr/pbi/squid-amd64/sbin/squid -k rotate -f /usr/pbi/squid-amd64/etc/squid/squid.conf does not do anything.  No errors or anything. # /usr/pbi/squid-amd64/sbin/squid -k rotate -f /usr/pbi/squid-amd64/etc/squid/squid.conf # Notice no output above. # grep -i rotate /usr/pbi/squid-amd64/local/etc/squid/squid.conf grep: /usr/pbi/squid-amd64/local/etc/squid/squid.conf: No such file or directory # find / -name squid.conf -print /root/squid.conf /usr/pbi/squid-amd64/etc/squid/squid.conf # grep -i rotate /usr/pbi/squid-amd64/etc/squid/squid.conf logfile_rotate 7 debug_options rotate=7
  • J

    Troubleshooting Squid and SquidGuard

    8
    0 Votes
    8 Posts
    2k Views
    marcellocM
    @n3by: HAVP at this moment is not working on 2.2 This package is not necessary anymore as squid does have a working clamav integration.
  • A

    Squidguard-squid3-1.4_4-i386 failed after upgrade to 2.2

    7
    0 Votes
    7 Posts
    1k Views
    KOMK
    but Squidguard-Squid3 fails to install with the following message New SquidGuard runs on demand, not all the time.
  • P

    Updates not possible if ipv6 is enabled

    3
    0 Votes
    3 Posts
    744 Views
    J
    Having that same problem right now with the 2.2-RELEASE.
  • _

    Pfblocker strange problem: out of memory, not loading rules

    2
    0 Votes
    2 Posts
    1k Views
    J
    Although its been a while since your question, maybe its still useful to answer . I found somewhere on this forum that increasing Firewall Maximum Table Entries  (its under  system>advanced>Firewall/NAT) solves the problem of loading the blocking rules. Personally I increased it to 20000000 without problem but maybe even 1/10 of that is fine. John
  • G

    TFTP module stops working every few days

    3
    0 Votes
    3 Posts
    880 Views
    G
    This is one of those issues that just went away. We did a re-install a few months back after getting new hardware and I haven't had any trouble with it since then. Weird.
  • T

    Question on using Bandwidthd

    2
    0 Votes
    2 Posts
    1k Views
    S
    Posting in this thread even though it is old as it is the second one that pops up in a search. I had the same issue, finally realized you select the wan i/f and put the subnet/cidr address your wan is part of in the "Subnet" field.  Stop bandwidthd from running prior to the change.  It apparently only populates the lan side, at least when being used in a NAT configuration at least.
  • S

    Snort 2.9.7.0 upgrade & install fails on pfSense 2.2

    8
    0 Votes
    8 Posts
    3k Views
    bmeeksB
    @BBcan177: @wiz561: Did you use a watchdog for snort?  I uninstalled that too and rebooted.  I'm not sure if the reboot fixed it, or if the uninstall of the watchdog service and reboot fixed it. I don't think the watchguard service is compatible with snort/suricata. If you have multiple interfaces it will restart them all. I also think it might try to restart the interfaces during "updates" of rules potentially causing duplicate pids. BBcan177 is correct.  Snort and Suricata do not play well with the Service Watchdog package at this time.  I have been considering some other options within the two packages themselves to provide the same heartbeat checkup as the Service Watchdog package. Bill
  • E

    Quagga OSPF route gets deleted periodically

    17
    0 Votes
    17 Posts
    5k Views
    R
    @jimp: No guarantees on the results, but you could try this patch with the System Patches package: http://files.pfsense.org/jimp/patches/skip_restart_for_routing_packages.patch Hi Will this patch work with 2.2-RELEASE ?
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.