1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    H
    @johnpoz said in Please help to configure HAProxy to serve certifficate on internal LAN too: All your problems go away if you would just use a different internal domain name to resolve your internal resources. home.arpa is the approved domain for this use.. Now when you hit publicdomain.tld it hits your haproxy on your wan IP. If you use otherpublicdomain.tld - again also hits your wan IP.. Doesn't matter where you resolve this from - out on the internet or from some phone on your local wifi network. Im so sorry. I did not seen that pictogram initially. Thank you. To be honest, i dont know how to set up what you just told me. Kill me, but i dont have that much knowledge in my head. Im trying. Just to add again, that blo***dy nextcloud app has to be on same domain name connection and same cert. Otherwise it just hangs in some kind timeout with error 1000 or 1001. And when that happens what it had to sync simply forget and never got synced again. So basically its not copied to cloud. If you are saying to use nextcloud.mydomain.xx outside, and when at local LAN to use nextcloud.home.arpa that will not work. I dont know is it app limitation, protocol limitation or something third. Please dont roast me, im really grateful for help, bit strugling with languages and terminology.

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    RedDelPaPaR
    @bmeeks Understood. Thank for kindly for your help. I will likely be ordering a new unit soon.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    573 Topics
    3k Posts
    dennypageD
    @kabeda If memory serves, that old version of ntopng did not run as user ntopng, but as user nobody. There are lots of problems in that old version. Anyway, check the ownership and permissions of /var/db/ntopng and make sure it matches the user that ntopng runs as. You may need to set ownership of the entire hierarchy. Example: /usr/sbin/chown -R nobody:nobody /var/db/ntopng However, the better choice would be to upgrade to a more recent version.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    GertjanG
    @carlinix said in DNSBL blockpage only works with root domain: Meaning http://detectportal.firefox.com/ redirects to the DNSBL blockpage with the blocked domain info "This website detectportal.firefox.com has been blocked by the Network Administrator!" I presume that "detectportal.firefox.com" is just an example here. But ... be aware that this URL shouldn't be blocked if possible for two reasons : The resource requested returns just a 8 byte 'page' : it says 'success'. This URL is most probably be used by the OS or app on a device (probably Firefox ) to detect the presence of a captive portals on the connected network.

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    102 Topics
    3k Posts
    dennypageD
    @fjmp24 said in Notification: UPS ups battery is low: If I remove ignorelb directive, my UPS shuts down after 16 seconds This means your UPS is signaling a low battery. Either your battery is bad, or your UPS is bad. Most likely battery, but you never know. I suggest reaching out to Eaton support.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    503 Topics
    3k Posts
    M
    I am using the DNS-Update method I have to use a DNS-Sleep of 5 minutes to let the letsencrypt txt dns record update propagate. During this 5 minutes the acme-webgui times out. when the acme-webgui times out the Action list is NOT executed. How can I solve this ? Would it maybe be an idea to let the acme.sh script execute the actions in the action list as a post-hook instead of the web-gui? Or maybe add an option to add post-hooks in the webUI ?

  • Discussions about the FRR Dynamic Routing package on pfSense

    296 Topics
    1k Posts
    C
    This one has been tricky still not sure what to try. Any ideas?

  • Discussions about the Tailscale package

    93 Topics
    641 Posts
    L
    For some odd reason, even though the service seems UP, and routes (apparently from tailscale) looks fine, the service itself is not working. E.g. I cannot connect to other hosts on my tailscale network. From pfsense itself it works, but not from my e.g. my LAN. As soon as I restart the tailscale service in the UI it works immediately after.

  • Discussions about WireGuard

    714 Topics
    4k Posts
    R
    I was on PfSense version 23.xx (don't recall the xx) and was able to start the Wireguard service. I upgraded to the 25.11 beta version and now the Wireguard service will not even start. I am on Wireguard version 2.1, and I see that there are versions that go up to 2.9. How do I upgrade to a later version? The only version in the pfSense updater is 2.1. Thank you
Log in to post
Load new posts
  • I

    zabbix-agent4 not running on 32xxx port needed to connect to docker

    2
    0 Votes
    2 Posts
    772 Views
    W
    @inack1986 It seems that you have encountered an issue while trying to install the agent on port 32961, which is the local port for Docker. It appears that the agent crashes when you attempt to use this port, while it runs without any issue on port 10050, but there is no server listening on this port. There could be several reasons for this problem, including a configuration issue or a conflict with another service running on the same port. One possible solution would be to check the configuration settings for the agent and ensure that it is set up correctly to listen on the desired port. You may also want to verify that there are no other services using the same port, which could cause conflicts and prevent the agent from running properly. If the problem persists, it may be helpful to reach out to the support team for the agent to see if they can provide further assistance in resolving the issue. I hope this helps, and please let me know if you have any further questions or concerns.
  • J

    Mailreport rich formatting and graphs

    1
    0 Votes
    1 Posts
    517 Views
    No one has replied
  • J

    Installed packages were not restored

    3
    0 Votes
    3 Posts
    787 Views
    J
    @steveits said in Installed packages were not restored: previous stable version Good morning. "previous stable version" is already selected and pfsnse pings it, but the problem persists.
  • U

    pfBlockerNG, Windows 11 And Avast Association?

    1
    0 Votes
    1 Posts
    343 Views
    No one has replied
  • william.mandellW

    Pre-Installed Packages (Auto-installed)?

    9
    0 Votes
    9 Posts
    2k Views
    S
    @william-mandell Not sure what "devel" you're discussing...am not seeing that searching this page...? The BIOS version of the device is unrelated to the pfSense software version. The dev version of pfSense now would be 23.05, if that's even available yet. There is a package for updating firmware that exists for some Netgate hardware, if there is (ever?) an update available. Search the package list for "firmware." I don't have an 1100 to look at...we've sold 2100, 3100, or higher model numbers.
  • T

    Missing Packages

    Moved
    4
    1
    0 Votes
    4 Posts
    1k Views
    T
    @rcoleman-netgate Thank you very much, we will try to re-upload the backup file.
  • R

    AWS SSM Agent for pfsense

    2
    1 Votes
    2 Posts
    897 Views
    M
    I am in the same situation. Since that now we have pfsense plus at aws marketplace (and we pay for this), would be great that the mantainer of this AMI could provide the SSM agent as part of solution as a builtin package or available in packages list.
  • J

    nTopNG Geolocation support

    1
    1
    0 Votes
    1 Posts
    462 Views
    No one has replied
  • D

    No available packages at all!

    7
    1
    0 Votes
    7 Posts
    2k Views
    S
    @bmeeks said in No available packages at all!: older flavors of that hardware family having a really small boot partition or something that is too small to hold the most recent boot code from 23.01. Not sure I have all of those facts 100% correct, but that is the general flavor That's about it. The criteria is not clear to me, whether it is age or UFS file system, but it was failing to write to the EFI partition with an out of space error, thus booting fails. Older 1100/2100 devices with UFS had a small 800KB EFI partition. Newer with ZFS have a 200 MB EFI. I do not know if there was any overlap, or, technically, if Netgate officially confirmed the small partition as the only cause. The above was Netgate speculation in threads over the weekend of release. Per those threads from a week ago, Netgate had been unable to replicate the issue, even "knowing" the conditions for it to happen. Makes it hard to detect in beta testing, or diagnose.
  • J

    Snort best practice to Unblock

    5
    0 Votes
    5 Posts
    1k Views
    bmeeksB
    @john24634 said in Snort best practice to Unblock: Does stop nort disables completelly the IDS? No, Snort blocks by telling pfSense to place an IP address in a system-created pf table called snort2c. Once an IP is placed in that table, a hidden firewall rule created by pfSense at startup blocks that IP address until it is removed from the table. Stopping nor restarting Snort alters anything in that table once the IP is placed there initially. Stopping Snort prevents any additional IP addresses from being added to that table, but it does not remove any that are already present. There are fours ways to clear an IP from that table and thus "unblock" that address. Use the Remove Blocks button on the BLOCKS tab of Snort. Configure the Remove Blocked Hosts Interval setting on the GLOBAL SETTINGS tab of Snort. That will remove blocked hosts at the interval shown providing that host has produced no further traffic during the interval period. Clear the entire snort2 table contents using the option under DIAGNOSTICS > TABLES. Reboot the firewall. All pf tables are RAM constructs and are thus automatically cleared out when the firewall reboots.
  • J

    Solved - nmap

    5
    0 Votes
    5 Posts
    1k Views
    J
    @jimp Uninstalling the nmap package and then editing the config.xml to remove the NMap entry fixed the duplicate entry in the menu. Thanks for your help.
  • S

    PIMD capabilities insufficient

    8
    1
    0 Votes
    8 Posts
    2k Views
    S
    @vollans Thanks! I ended up thinking I could get just PIMD working, but apparently I still do need the Avahi running with PIMD. Chromecast and samsung speakers were not able to do discovery without Avahi running, and PIMD is doing the messages broadcasting for everything else. Still don't really understand fully PIMD vs Avahi, but I seem to need both running for things to work properly. I just flipped Avahi back on and everything is running fine now, and no more capabilities messages from the post I just submitted.
  • D

    23.01 Radiusd pickup WAN all the time for auth instead of default WAN2 assigned.

    1
    0 Votes
    1 Posts
    531 Views
    No one has replied
  • Z

    unable to ping ip on vlan interface

    3
    0 Votes
    3 Posts
    1k Views
    K
    I recently read an article about why you should choose sports paramedics from Valhalla Medics for your events, and I must say that I am thoroughly impressed - https://www.valhallamedics.com/the-best-emt-set-medics-for-your-events/ . The article provided valuable information about the pros of hiring Valhalla Medics, including their highly skilled and experienced paramedics who are equipped to handle any medical emergency. The article also provided contact information for the company, making it easy to get in touch with them. I highly recommend Valhalla Medics for anyone in need of professional and reliable medical support for their event.
  • F

    "System Patches" package question

    7
    0 Votes
    7 Posts
    1k Views
    F
    @jimp Perfect, thanks! :)
  • G

    Packages don't restart after reboot on 23.01

    Moved
    1
    0 Votes
    1 Posts
    490 Views
    No one has replied
  • 4

    "Filer" package doesn't allow editing

    2
    0 Votes
    2 Posts
    774 Views
    4
    @gwaitsi fixed in 23.01
  • B

    Grafana GeoIP dashboard

    telegraf grafana ids
    1
    0 Votes
    1 Posts
    872 Views
    No one has replied
  • fireodoF

    PowerdXX

    1
    1 Votes
    1 Posts
    705 Views
    No one has replied
  • D

    Freeradius install issue "pkg-static: unset the 'vital' flag with: pkg set -v 0 pfSense"

    2
    0 Votes
    2 Posts
    1k Views
    jimpJ
    You likely have a pkg dependency problem. Either due to loading a package from a non-Netgate repository or mismatched packages from different versions (for example, if you are on 2.6.0 but have the update branch set for 2.7.0 snapshots). It can't make changes to the packages because in doing so it wants to remove a package upon which the base install of pfSense depends. You'll need to remove any packages that came from repositories other than the pfSense 2.6.0 repository.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.