pfSense Packages

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Subcategories

Cache/Proxy

Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

3.7k
Topics

20.6k
Posts

J

In case you got the ld-elf parser problem, please check my post in

https://forum.netgate.com/post/1199906

and try if it works for you, too. Seems like an old c++ library won't get cleaned up after the system update to 24.03/24.11 so it get's pulled from the link parser as dependency instead of the real one in /lib. So moving the library away from /usr/lib should get squid to start again.

Cheers :)
IDS/IPS

Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

2.2k
Topics

15.6k
Posts

B

@killmasta93 said in Question about thresholds:

hi @bmeeks quick question so i added the following
threshold gen_id 1, sig_id 2009244, type both, track by_src, count 10, seconds 10, priority 1 threshold gen_id 1, sig_id 2009245, type both, track by_src, count 10, seconds 10, priority 1 threshold gen_id 1, sig_id 2009246, type both, track by_src, count 10, seconds 10, priority 1
would the variable
type both
work for both ends?

Thanks

Here is a link to the official Suricata docs describing the type: keyword: https://docs.suricata.io/en/latest/rules/thresholding.html#type-both. both specifies both a rate limit and threshold value.
Traffic Monitoring

Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

555
Topics

2.7k
Posts

S

PROTOCOL-DNS Microsoft SMTP excessive answer records buffer overflow attempt

Just Curious what this is and how to stop it in snort, I first thought someone was trying to get in but now I am not so sure as I changed my external IP and it happened straight away
on the new External IP. From what I can gather its something to do with a vunerability in dns but at a loss where to start, if its not an issue then fine but its happening a lot.
pfBlockerNG

Discussions about the pfBlockerNG package

2.5k
Topics

19.1k
Posts

S

Wanted to get some feedback from folks before I upgrade to 24.11.
Is the latest pfBlockerNG 3.2.0_16 functioning ok on 24.11?
I moved away from Devel to Stable 6 months ago or so but see that the version hasn’t changed with the release of 24.11.
Just want to be sure I can expect all to function ok before I upgrade.
@BBcan177 can we expect a stable release of 3.2.1_20 perhaps or am I good to go?
Thanks in advance.
UPS Tools

Discussions about Network UPS Tools and APCUPSD packages for pfSense

87
Topics

2.3k
Posts

D

@firefox Glad you got it working
ACME

Discussions about the ACME / Let’s Encrypt package for pfSense

478
Topics

2.7k
Posts

K

@tinfoilmatt it looks like I have finally gotten the certificate to pop up but now I am dealing with getting 503 Service Unavailable error. Do you know if this is an HAProxy issue or on the cloudflare side?

Screenshot 2024-12-05 at 12.51.02 PM.png
FRR

Discussions about the FRR Dynamic Routing package on pfSense

280
Topics

1.1k
Posts

S

How is it configured? Does it appear correctly in vtysh 'show run'?
Tailscale

Discussions about the Tailscale package

75
Topics

428
Posts

E

@rocket

1.78.1 now available for FreeBSD 15

Freshports
WireGuard

Discussions about WireGuard

634
Topics

3.3k
Posts

S

Hi

I've got a bit of a baffling problem and would appreciate some assistance.

I've set up a site-to-site VPN between two locations.

Office is 192.168.1.1/24
Home is 192.168.1.0/24

Wireguard is up and running fine and I can ping devices at the office from home using the ping tool in the pfSense GUI.

Likewise, I can ping devices at home from the office using the ping tool.

However I cannot actually ping anything from either LAN. Static routes are present and correct, and traffic is even reaching the remote firewall - for example if I ping an address at home from the office, then look at Diagnostics > States on the home firewall, I can see the packets coming in.

I've followed the pfSense official guide and also Christian McDonald's YouTube video.

Would appreciate suggestions for next troubleshooting steps.

Thanks!

D

Configure FreeRadius & multiples ssids <> users

• • dvb

12

0
Votes

12
Posts

1.6k
Views

D

@nogbadthebad

For information, here is the right syntax :
Called-Station-Id =~ '.*:ssid_name'
or in case you want to catch the complete value (ie > "mac:ssid") :
Called-Station-Id == "aa-bb-cc-dd-ee-ff:ssid_name"
-> Now, user is connecting ONLY to one ssid.

Thanks a lot for helping me to fix this setup 👍
G

FreeRadius stopped working

• • giyahban

9

0
Votes

9
Posts

1.3k
Views

G

@giyahban
Strange thing happened when I changed every 127.0.0.1 ip to lan ip
now its working!
it would be nice to understand what was causing the problem!
Y

Unable to retrieve package information

• • y2raza

1

0
Votes

1
Posts

456
Views

No one has replied
D

No available packages

• • DominikHoffmann

2

0
Votes

2
Posts

694
Views

P

Hi Dominik

there is already a redmine ticket and other threads dealing this issue https://forum.netgate.com/topic/178822/no-available-packages
K

Help with HAProxy and Docker

• • konjugatix

2

0
Votes

2
Posts

729
Views

K

@konjugatix

allright, ive done a factory reset and switched my dyndns provider, this one messed up and gave my domain the wrong ip. Now ive got my domain set up with the correct ip and have started again.

To this day, i have opened ports 80&443 on my appliance, though when i do a nmap on the IP/domain from outside the network(s), only port 80 is open, does anyone have had a similar issue? I made a simple rule WAN->Tis firewall (Self) with tcp on 80 and the same for 443 in a separate rule.
J

Upgrade 22.05 to 23.01 fails on FreeRADIUS XMLRPC Sync

• • jos-andel

3

0
Votes

3
Posts

657
Views

J

The filed bug gave a good hint about not having an empty HA-Sync configuration under 'System'. I've put a username and password in that configuration to make sure it's not empty.

This results in a working upgrade, and working Freeradius after upgrade. XMLRPC also works fine after the upgrade.
C

Using avahi to resolve hosts

• • clauder

8

0
Votes

8
Posts

1.1k
Views

J

@dennypage avahi just doesn't work - there are multiple steps required to get it working with firewall rules, and all that would be would be discovery. It wouldn't allow access.. its mdns..
G

pfsense 2.6 has no working speedtest-cli

• • gstlouis

6

0
Votes

6
Posts

1.3k
Views

G

@johnpoz
yup, that was it. I haven't installled a router in a while with pfsense and I guess I completely forgot about the need to rehash?

But I installed screen and vim no problem. Some packages need a rehash and some do not?

Thank you all for your comments
H

Error install zabbix-agent62-1.0.5

• • Hugo Santos

10

1
Votes

10
Posts

2.3k
Views

E

@hugo-santos

Hah, that's not much of a fix but I'm glad you're all set :-)
E

Installing Zabbix 6.2 agent on CE 2.6.0 doesn't work

• • ElrondBCN

1

0
Votes

1
Posts

326
Views

No one has replied
A

Have any friend know axiomtek na592 use what lcdproc driver?

• • akong77

2

0
Votes

2
Posts

543
Views

A

I find is use AX93304 this lcd.What is this driver use?
A

SMTP server on pfSense.

• • apetrenko

27

0
Votes

27
Posts

4.0k
Views

J

@apetrenko said in SMTP server on pfSense.:

Question to netgate: why are you so interested to prevent me to use smtp relay on pfSense box? You have no obligation, I'm using the "community edition". Everything on my responsibility. Why are you so much stirred up against my solution?

Because this is a security product and e-mail services have a long history of being a gigantic attack surface full of holes and bringing more risk than anyone sane would want to take on. Most other add-on services are either only still around because they're entrenched (and hard to get people to stop using) or because the risk is relatively low by comparison.

If you want to do it, you're on your own. That kind of service does not belong on a firewall.

EOT. Locking.
B

rsync installation

• • Balanga

9

0
Votes

9
Posts

814
Views

F

@viragomann said in rsync installation:

pfBlockerNG is even mandatory on pfSense.

👍 😁
T

FreeRADIUS maximum daily usage issue

• • TurnTheTerribleTank

1

0
Votes

1
Posts

344
Views

No one has replied
I

zabbix-agent4 not running on 32xxx port needed to connect to docker

• • Inack1986

2

0
Votes

2
Posts

573
Views

W

@inack1986 It seems that you have encountered an issue while trying to install the agent on port 32961, which is the local port for Docker. It appears that the agent crashes when you attempt to use this port, while it runs without any issue on port 10050, but there is no server listening on this port.

There could be several reasons for this problem, including a configuration issue or a conflict with another service running on the same port. One possible solution would be to check the configuration settings for the agent and ensure that it is set up correctly to listen on the desired port. You may also want to verify that there are no other services using the same port, which could cause conflicts and prevent the agent from running properly.

If the problem persists, it may be helpful to reach out to the support team for the agent to see if they can provide further assistance in resolving the issue.

I hope this helps, and please let me know if you have any further questions or concerns.
J

Mailreport rich formatting and graphs

• • jdw

1

0
Votes

1
Posts

374
Views

No one has replied
J

Installed packages were not restored

• • jucelio_rosa

3

0
Votes

3
Posts

545
Views

J

@steveits said in Installed packages were not restored:

previous stable version

Good morning. "previous stable version" is already selected and pfsnse pings it, but the problem persists.
U

pfBlockerNG, Windows 11 And Avast Association?

• • urbnsr

1

0
Votes

1
Posts

278
Views

No one has replied
W

Pre-Installed Packages (Auto-installed)?

• • william.mandell

9

0
Votes

9
Posts

1.5k
Views

S

@william-mandell Not sure what "devel" you're discussing...am not seeing that searching this page...? The BIOS version of the device is unrelated to the pfSense software version.

The dev version of pfSense now would be 23.05, if that's even available yet.

There is a package for updating firmware that exists for some Netgate hardware, if there is (ever?) an update available. Search the package list for "firmware." I don't have an 1100 to look at...we've sold 2100, 3100, or higher model numbers.
T

Missing Packages

• • Tiger 0

4

0
Votes

4
Posts

685
Views

T

@rcoleman-netgate Thank you very much, we will try to re-upload the backup file.

15 / 461