pfSense Packages

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you may not be able to execute some actions.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Subcategories

Cache/Proxy

Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

2321
Topics

14009
Posts

S

@fabricioguzzy said in Unofficial E2guardian package for pfSense: @susamlicubuk Sure. Here it goes. Keep in mind that I have it like: USER --> E2Guardian --> SQUID --> INTERNET I have SAMBA in the background (for NTLM) Here E2Guardian Config: Here SQUID Config: How are your groups section and your users partition settings? Please display the screenshot Can you share the samba settings?
IDS/IPS

Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

1105
Topics

6966
Posts

The react rule option requires Snort to be running with Inline IPS mode. That mode is not currently available in the pfSense package. I am looking into some possible improvements to the DAQ netmap module for the future, that if I am successful with, could bring a netmap-enabled inline IPS mode to the Snort package. I have just started looking into that possibility, so I do not have any estimate on when it may be ready (or even if I can be successful implementing it). The Snort package today implements its "blocking" by using a custom output plugin that communicates via system ioctl() calls to place offenders' IP addresses into the firewall's pf packet filter in a table called snort2c. Blocking today uses a parallel processing path with libpcap and not inline IPS-type processing.
Traffic Monitoring

Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

267
Topics

1427
Posts

C

Hello I am using pfsense 2.4 with squid and squidguard, i cant block extensions like .exe on my browser . i use this code (./..(exe)) and its no use. then i tried (./..(asf|wm|wma|wmv|zip|rar|cab|mp3|avi|mpg|swf|exe|mpeg|mp.|mpv|mp3|wm.|vpu)) and paste under Target categories and regular expression but its still allowing downloads How to block downloads using pfsense and squid . thanks
pfBlockerNG

Discussions about the pfBlockerNG package

782
Topics

7164
Posts

@peehoo said in Completely remove pfBlockerNG-Devel (manually): I've tried to remove it via GUI and not-select "keep settings" but after installation again some feeds are still there... what do you refer to with "feeds are there"?
ACME

Discussions about the ACME / Let’s Encrypt package for pfSense

130
Topics

836
Posts

ACME 0.5.2 update Added support for a custom Zone name for dns_nsupdate Added a checkbox to use --challenge-domain instead of --challenge-alias https://redmine.pfsense.org/issues/8613 Cron job output is now logged to the main system log https://redmine.pfsense.org/issues/8211 Added new provider pointhq / PointDNS API (https://pointhq.com/) Upstream bug fixes for a variety of issues and providers

pfSense Packages

S

NTOP & Stunnel
• sullrich

1

0
Votes

1
Posts

2289
Views

No one has replied
S

AV + Spam assasin
• sgnet

4

0
Votes

4
Posts

3650
Views

S

@sgnet: Im now expert on linux or know much about programming, but I am willing to get my hands dirty and learn something , how would i got about trying to intergrate such packages like spam assasin or even clam av on it Review/study the existing code: http://pfsense.com/cgi-bin/cvsweb.cgi/tools/packages/
E

AdZapping with squid
• eric

2

0
Votes

2
Posts

3508
Views

?

AdZapper is a neat little redirector for Squid. Unfortunately squid only supports the use of only one redirector at a time. There is a perl script called zapchain that lets you chain multiple redirectors but its not especially well written and certainly not speedy. A debatably better solution would be to maintain a block list of the various adservers (there are lots of places to find these lits online) as an ACL in your squid.conf. This approach has its own drawbacks as well, so consider each.
S

Nice squid feature
• sullrich

5

0
Votes

5
Posts

4057
Views

H

Not sure what all will be build into the package, but something that makes trading settings easy (maybe similiar to the backup/restore process to be able to restore different sections of settings) :)
M

11/11/2005 - Squid Commit & Changelog
• Myntric

15

0
Votes

15
Posts

8010
Views

?

Posted to the "Squid Errors" thread, it seemed more appropriate. This was just a first-pass at the WebGUI, I'm hoping to give it a more thorough beating tomorrow.
S

Thoughts on reporting/monitoring package?
• sbn

2

0
Votes

2
Posts

4850
Views

J

Pfsense already does most of that stuff. Use the package called Ntop. And enable the rrd tool. Takes heaps of looking around to find everything you want. But if you click on a specific IP there is a little Icon that looks like a graph and it gives you all sorts of stats etc such as what you are looking for (that little icon took me about 8 days to find LOL). The only problem I have with the Ntop stats is I am unable to view the stats of a PC that has been turned off for a while. I have to wait until it comes back online. I could probably do it manually but I don't really care enough to go to the effort to find out how :).
J

Problem with Ntop and WinSCP
• Jesse7

3

0
Votes

3
Posts

4161
Views

J

Thanks root worked. I did search! So did I find a bug? with the Ntop thing? Sorry I'm a bit usless. I edited the XML file /usr/local/pkg/ntop.xml But I am not sure how to make it "work". When I reinstalled ntop if overwrote this file. I was browsing for ages trying to find the "master" file. Sorry aagain :), I'm slowly learning how to do it for myself.
M

Squid Package
• Myntric

3

0
Votes

3
Posts

5043
Views

M

Yes. Initially, I did not know any PHP so this was a learning experience for me. Now that I have a little better experience, I'm cleaning the code. In addition to cleanup, I'm adding and testing the various the authentication options such as: Local Authentication RADIUs LDAP Domain The first hurdle was that the squid_rad_auth port did not exist for FreeBSD so I had to take ownership (http://www.freebsd.org/cgi/query-pr.cgi?pr=87858) that so pfSense can support it. I anticipate a hopefully more stable release out very soon so I can move onto adding squidGuard and other packages that work in conjunction with it. The community can help by continuing to report bugs and if anyone is a coder and has a better or more efficient way to do something, please let me know as I want this package to be as solid as possible. Thanks! Mike

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

204 / 204

Cache/Proxy

IDS/IPS

Traffic Monitoring

pfBlockerNG

ACME

NTOP & Stunnel • sullrich

AV + Spam assasin • sgnet

AdZapping with squid • eric

Nice squid feature • sullrich

11/11/2005 - Squid Commit & Changelog • Myntric

Thoughts on reporting/monitoring package? • sbn

Problem with Ntop and WinSCP • Jesse7

Squid Package • Myntric

Products

Applications

Support

Services

News

Resources

Company

Our Mission

Subscribe to our Newsletter

NTOP & Stunnel
• sullrich

AV + Spam assasin
• sgnet

AdZapping with squid
• eric

Nice squid feature
• sullrich

11/11/2005 - Squid Commit & Changelog
• Myntric

Thoughts on reporting/monitoring package?
• sbn

Problem with Ntop and WinSCP
• Jesse7

Squid Package
• Myntric