Subcategories

• Cache/Proxy

  Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.
  4k Topics

  21k Posts

  H

  We installed haproxy on Netgate 8200 device 25.07.1-RELEASE (amd64) installed acme certificates and get certificate from letsencrypt, everything ok. checked ssl offload in frontend and selected the acme generated certificate under SSL Offloading. result after Apply Changes: Errors found while starting haproxy [NOTICE] (72045) : haproxy version is 2.9.14-7c591d5 [NOTICE] (72045) : path to executable is /usr/local/sbin/haproxy [ALERT] (72045) : config : Couldn't open the ca-file '/var/etc/haproxy_test/clientca_WAN_117.pem' (No such file or directory). [ALERT] (72045) : config : parsing [/var/etc/haproxy_test/haproxy.cfg:15] : 'bind x.x.x.x:443' in section 'frontend' : 'ca-file' : unable to load /var/etc/haproxy_test/clientca_WAN_117.pem [ALERT] (72045) : config : Error(s) found in configuration file : /var/etc/haproxy_test/haproxy.cfg [ALERT] (72045) : config : Fatal errors found in configuration. also package _devel has the same issue. on other boxes where haproxy was configured on 24.11 - upgraded to 25.07.1 its working. BUG ?? so what can we do now -bolded text we need this function. thank you all in advance
• IDS/IPS

  Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.
  2k Topics

  16k Posts

  R

  @bmeeks Understood. Thank for kindly for your help. I will likely be ordering a new unit soon.
• Traffic Monitoring

  Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.
  573 Topics

  3k Posts

  D

  @kabeda If memory serves, that old version of ntopng did not run as user ntopng, but as user nobody. There are lots of problems in that old version. Anyway, check the ownership and permissions of /var/db/ntopng and make sure it matches the user that ntopng runs as. You may need to set ownership of the entire hierarchy. Example: /usr/sbin/chown -R nobody:nobody /var/db/ntopng However, the better choice would be to upgrade to a more recent version.
• pfBlockerNG

  Discussions about the pfBlockerNG package
  3k Topics

  20k Posts

  G

  @dma_pf said in DNSBL Resolving Some Domains To 10.10.10.1 But Does Not Log Them: "mobile.events.data.microsoft.com I couldn't find that host name in the "/var/db/pfblockerng/dnsbl/Max_MS.txt" file - where does your "/var/db/pfblockerng/dnsbl/Crazy_Max_Extra.txt:" come from ? I picked an host name from the Max_MS.txt file, and tested : C:\Users\Gauche>nslookup umwatsonc.events.data.microsoft.com Serveur : pfSense.brit-hotel-fumel.net Address: 2a01:cb19:907:dead:beef:fe29:392c Réponse ne faisant pas autorité : Nom : umwatsonc.events.data.microsoft.com Addresses: :: 0.0.0.0 and the request was 0.0.0.0 blocked - I'm not using "pfSense pfBlocker Web server logging" (DNSBL Webserver/VIP ) as the "you are blocked web page" only shows up when the end browser user visits http sites, something that doesn't exist anymore on the Internet. All sites are https these days, and https sites can be redirected to "another https web server" like the "pfSense pfBlocker Web server". [image: 1762186097369-04f9cfb4-d6ca-41f8-976c-b40f3c7e564b-image.png]
• UPS Tools

  Discussions about Network UPS Tools and APCUPSD packages for pfSense
  102 Topics

  3k Posts

  F

  If I remove ignorelb directive, my UPS shuts down after 16 seconds
• ACME

  Discussions about the ACME / Let’s Encrypt package for pfSense
  503 Topics

  3k Posts

  M

  I am using the DNS-Update method I have to use a DNS-Sleep of 5 minutes to let the letsencrypt txt dns record update propagate. During this 5 minutes the acme-webgui times out. when the acme-webgui times out the Action list is NOT executed. How can I solve this ? Would it maybe be an idea to let the acme.sh script execute the actions in the action list as a post-hook instead of the web-gui? Or maybe add an option to add post-hooks in the webUI ?
• FRR

  Discussions about the FRR Dynamic Routing package on pfSense
  296 Topics

  1k Posts

  C

  This one has been tricky still not sure what to try. Any ideas?
• Tailscale

  Discussions about the Tailscale package
  92 Topics

  639 Posts

  E

  Updated CE 2.8.1 to 1.90.4. Looks like they are already working on .6 Freshports pkg add -f https://pkg.freebsd.org/FreeBSD:15:amd64/latest/All/tailscale-1.90.4.pkg Changelog
• WireGuard

  Discussions about WireGuard
  712 Topics

  4k Posts

  D

  @chpalmer okay so here is the update. I was able to get all my wireguard servers handshaking, my two personal tunnels and my one nord. I have full access to to my lan with my personal tunnels but I now dont have nord routing any traffic through its tunnel. I try to make a lan rule route one ip through nord and make one NAT rule and nothing. I lose internet on my one ip when I try and make a rule to use the nordvpn gateway