1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    E
    I even tried deleting and creating a new certificate. Any suggestions?

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    G
    As the title says. Any mirror or alternative ? https://feodotracker.abuse.ch/blocklist/ Error 503 certificate has expired certificate has expired Error 54113 Details: cache-scl2220043-SCL 1757230189 2309835888 Varnish cache server

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    572 Topics
    3k Posts
    keyserK
    @Antibiotic No it’s not possible with NtopNG as it is not a Netflow collector. You need nProbe for that which will “translate” recieved netflows into flows that NtopNG understands and can visualize (with very very little detail might I add as Netflows has no additonal information apart from sender/reciever and volume). The NtopNG package and the product in general is more geared towards visualising and recording traffic details from actual packet captures. This contains MUCH more metadata about the sessions than netflows (DNS names, protocol information and myriads of other things). But pffSense Plus has a builtin Netflow exporter if you have an external netflow collector on hand.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    J
    @nanda said in pfb_filter and pfb_dnsbl services are not running Pfsense 25.07.1: When I checked the status of the service, the firewall returned, "does not exist". as in on the Status -> Services page? or where specifically ? and yet it shows on the dashboard services widget.. And you said this was a fresh install so ... are there any errors in pfblockerNG 's error.log, dnsbl_parsed_error or py_error (Firewall -> pfBlockerNG -> Logs on the pfblockerNG -> General. make sure the Keep Settings option is enabled then head over to packages and try to reinstall the package (you may remove and install or just reinstall) see if you spot any install errors during the install then when complete you will need to change the masterfile / mastercat line again and then check the update page at Firewall -> pfBlockerNG -> Update should have a status showing the next scheduled cron event (if that is within a few minutes just wait for it to run). if it is more than say 20 minutes away or says not scheduled (or similar) then on the same update screen force Cron hit run. when that is complete check the status then reboot check the status

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    101 Topics
    2k Posts
    dennypageD
    @jhg said in NUT fails to start after 2.7.2 -> 2.8.0 upgrade: Interesting. I would have thought the initial reboot, which occurred as part of the upgrade, would have done the trick, but it took a second reboot, just now, to get things working. Glad you have it sorted. There was no difference in the output of usbconfig show_ifdrv at any point -- before or after unplugging/replugging the USB cable, nor after rebooting. ... Question: What would tell me whether or not a driver was loaded? If there were an attached driver, it should have shown up with the show_ifdrv command. If you use the command and look at the other usb devices, I think they will show attached drivers. I don't expect to see a driver attached to the ups, because there is a quirk that tells the OS to ignore that device (and not attach a driver). Look for idVendor and idProduct in the above output. The Vendor ID for your device is 0764, which corresponds to Cyber Power Systems, and the Product ID for your device is 0601, which is registered as "PR1500LCDRT2U UPS" (don't sweat an exact match for the name). You can see the quirk with the following command: [25.07-RC][root@fw]/root: usbconfig dump_device_quirks | grep 0764 VID=0x0764 PID=0x0005 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE VID=0x0764 PID=0x0501 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE VID=0x0764 PID=0x0601 REVLO=0x0000 REVHI=0xffff QUIRK=UQ_HID_IGNORE [25.07-RC][root@fw]/root: Your device is third on the list. The HID_IGNORE quirk says to ignore the device and not attach a driver. @jhg said in NUT fails to start after 2.7.2 -> 2.8.0 upgrade: You might consider adding this resolution to the release notes for 2.8. LOL... sorry, I don't have input to the release notes (I don't work here). While I wrote and maintain various packages, including NUT, I'm still just a volunteer. Most packages are actually written by volunteers.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    500 Topics
    3k Posts
    G
    @Gertjan well..... finally i created a new user for inwx and just gave him dns_management role only AND without 2FA. So now all is fine, my PFSense has the LE Cert as it should be. Thanks and kr Mike

  • Discussions about the FRR Dynamic Routing package on pfSense

    294 Topics
    1k Posts
    yon 0Y
    said in Please update frr on Pfsense+ to FRR 10.3: https://redmine.pfsense.org/issues/15785 now frr 10.4.1

  • Discussions about the Tailscale package

    90 Topics
    609 Posts
    luckman212L
    The bugaboo that was affecting the FreeBSD 15 pkg repos has cleared, and the new builds seem to be finished. So, 1.86.4 is now landed in FreeBSD:15:amd64/latest ABI: pkg add -f https://pkg.freebsd.org/FreeBSD:15:amd64/latest/All/tailscale-1.86.4.pkg

  • Discussions about WireGuard

    699 Topics
    4k Posts
    S
    @Bob.Dig what's the right place?
Log in to post
Load new posts
  • A

    Bandwidthd 2.0.1_5 pkg v.0.5 can't start

    2
    0 Votes
    2 Posts
    940 Views
    N
    I'm posting as I came across the same issue, and figured out the solution. The system log tells you the start/stop script /usr/local/etc/rc.d/bandwidthd.sh Login to the shell, can find out which config file is being used, in my case /usr/pbi/bandwidthd-amd64/bandwidthd/etc/bandwidthd.conf then read the file with line numbers : less -N /usr/pbi/bandwidthd-amd64/bandwidthd/etc/bandwidthd.conf I had : filter ip which should be: filter "ip" <<< double quotes Change using web interface, and it will work. I hope this helps someone regards CJ
  • L

    Squidguard filtering stop working

    2
    0 Votes
    2 Posts
    2k Views
    M
    I have the same issue as you. No solution yet.
  • V

    Getting email spam, Warning: filemtime():

    6
    0 Votes
    6 Posts
    1k Views
    V
    Thank you gentleman! Seems to have fixed my email spamming issue!
  • K

    Havp and Squid

    3
    0 Votes
    3 Posts
    1k Views
    K
    Hello, I currently have "parent for squid proxy" thanks for suggestions, i set the same ;) I haven't found a good updated install & config guide for HAVP yet but still looking….. Well, for me I install it but at 1st all status of HAVP are in red and after a while (itself update…) all started and become green.. :D
  • N

    GEO IP support in bind package

    1
    0 Votes
    1 Posts
    564 Views
    No one has replied
  • S

    Squid 3.4.9 error

    1
    0 Votes
    1 Posts
    526 Views
    No one has replied
  • S

    Problem with range requests on squid

    2
    0 Votes
    2 Posts
    996 Views
    S
    Anyone? I work in an IT shop so a lot of our traffic are updates, it would be great if the 206 requests were pulled out of the cache rather than across the internet.
  • S

    PfBlocker doesn't update rules automatically

    3
    0 Votes
    3 Posts
    997 Views
    S
    Thank you for the reply but I found what was the problem. In the Interface / Lan menu, I had the IPv4 configuration type set to "Track Interface" for some reasons. I set it to "None" and the rules got automatically added in the Firewall/Rules section after enabling pfBlocker.
  • M

    Bug in apcupsd package

    2
    0 Votes
    2 Posts
    813 Views
    D
    Thanks. This script needs an update. Also, you can modify the path to lockfile on the GUI.  :-[
  • M

    Squid error messages in disabled Auth Portal logs

    1
    0 Votes
    1 Posts
    612 Views
    No one has replied
  • N

    Filter local server mail

    1
    0 Votes
    1 Posts
    497 Views
    No one has replied
  • G

    Squid does not work

    21
    0 Votes
    21 Posts
    8k Views
    T
    Have you tried setting the logging option to either "Encode" or "Allow" ? strip: The whitespace characters are stripped out of the URL. This is the behavior recommended by RFC2396. deny: The request is denied. The user receives an "Invalid Request" message. allow: The request is allowed and the URI is not changed. The whitespace characters remain in the URI. encode: The request is allowed and the whitespace characters are encoded according to RFC1738. chop:The request is allowed and the URI is chopped at the first whitespace. With "squid3-dev" you could try with "forwarded_for transparent" typed into "Custom ACLS (Before_Auth)" field (and with the "Disable X-Forward" not selected off course.)
  • G

    Pfsense/snort crash memory related

    6
    0 Votes
    6 Posts
    1k Views
    bmeeksB
    I don't have a theory to explain what caused the out-of-memory message.  If this was a single event, it may just have been due to the phase of the moon relative to the spontaneous decay of a Higgs boson …  ;). If, on the other hand, it is a repeatable error for you, then some further investigation is called for.  I assume from the info provided in your first post this is a pfSense 2.2-BETA box.  Do you have any other packages running besides Snort? Bill
  • P

    DansGuardian and pfSense 2.1.5: Web uploads denied and package editor disappears

    1
    0 Votes
    1 Posts
    567 Views
    No one has replied
  • ghostshellG

    Odd SNORT Block Entries

    4
    0 Votes
    4 Posts
    1k Views
    ghostshellG
    Thanks Guys!
  • W

    Snort Search Method

    4
    0 Votes
    4 Posts
    4k Views
    bmeeksB
    @wbennett77: I have Snort Alerts added on my Dashboard but it doesn't show the most recent alerts. Is this normal? Cheers! The Dashboard widget should show the most recent alerts, but it shows a composite consisting of all interfaces.  So if you have Snort enabled on LAN and WAN, and the "lines to display" in the widget set for 5, then it will show the 5 most recent alerts without regard to interface.  Stated another way, if the WAN had the most recent 5 alerts, then the widget would only show those. It would not show any of the LAN alerts if they were older than the most 5 recent WAN alerts.  The reverse is also true. Bill
  • B

    Varnish backends down

    3
    0 Votes
    3 Posts
    832 Views
    B
    varnish sucks, after few days of troubleshooting and wildguessing i've installed squid3 and settled everything in 15 minutes. http://serverfault.com/questions/542416/having-two-subdomains-on-one-public-ip-addres-behind-pfsense-router the third answer for squid3 was correct.
  • W

    Barnyard2 stops running

    7
    0 Votes
    7 Posts
    3k Views
    bmeeksB
    I've found Snorby to get the rule text right most of the time.  Glad you found that rules setting.  I forgot to point it out.  If you find out something from your other queries that you think needs changing in the Snort and Suricata packages with respect to Barnyard2, post back here or send me a PM. Bill
  • A

    Could cron to clear ntopng log?

    2
    0 Votes
    2 Posts
    2k Views
    R
    Look here. Does this help?
  • ?

    Pfsense + FreeRadius: Force authentication?

    3
    0 Votes
    3 Posts
    887 Views
    ?
    Hi, Thanks, my switches do support RADIUS, so I will see about switching that on. I was kind of expecting that pfSense would have the same kind of support for enabling RADIUS for any connectivity to it, maybe that was an incorrect assumption. Regards, Rob.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.