1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    tinfoilmattT
    @johnpoz said in Please help to configure HAProxy to serve certifficate on internal LAN too: Yeah - what part do you not understand if you always resolve nextcloud.domain.tld so that it hits your haproxy on your pfsense wan IP are you not getting? You have 2 options - use a different domain internally and always go to nextcloud.publicdomain.tld, or use the same domain internally as external and run into the problem of what IP it resolves to.. Change your local domain to say home.arpa or .internal or atleast something different than the public domain your using to point to pfsense wan IP on the public internet. You are shooting yourself in the foot trying to use the same domain externally as internally. There are ways around it, but they complicate the setup. For example you might be able to use views in unbound as one way to work around the problem. You could use only host entries for all your resources. But then again you run into a problem of using the fqdn for this service, now always pointing to your wan IP.. And that is great when you want to access the service haproxy is doing - but if you want to access that resource on some other service that haproxy doesn't handle - like say simple file sharing.. You are going to have problems. Since you clearly do not understand how any of this works - the simple solution is change the local domain you are using so it is not the same as the public domain you want to use to get to your nextcloud. This tone is outrageous directed at somebody who acknowledged right off the rip that English is not their first language. How many languages do you speak, John? And safely assuming it's only one—English of course—take it from a fellow English native that you'd do well to say more with less words. You otherwise were directing OP in the right direction in my opinion.

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    tinfoilmattT
    Here. I think. Referenced as "github.com: vendor-provided URL vendor-advisory" in your link.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    573 Topics
    3k Posts
    dennypageD
    @kabeda If memory serves, that old version of ntopng did not run as user ntopng, but as user nobody. There are lots of problems in that old version. Anyway, check the ownership and permissions of /var/db/ntopng and make sure it matches the user that ntopng runs as. You may need to set ownership of the entire hierarchy. Example: /usr/sbin/chown -R nobody:nobody /var/db/ntopng However, the better choice would be to upgrade to a more recent version.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    tinfoilmattT
    @netboy said in is something wrong with pfBlockerNG?: After my post, I "changed" DNSBL -> DNSBL mode from "unbound python mode" to "unbound mode" and so far i have no issues. Terrible idea. Moving backwards in development history there.

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    102 Topics
    3k Posts
    dennypageD
    @fjmp24 said in Notification: UPS ups battery is low: If I remove ignorelb directive, my UPS shuts down after 16 seconds This means your UPS is signaling a low battery. Either your battery is bad, or your UPS is bad. Most likely battery, but you never know. I suggest reaching out to Eaton support.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    503 Topics
    3k Posts
    M
    I am using the DNS-Update method I have to use a DNS-Sleep of 5 minutes to let the letsencrypt txt dns record update propagate. During this 5 minutes the acme-webgui times out. when the acme-webgui times out the Action list is NOT executed. How can I solve this ? Would it maybe be an idea to let the acme.sh script execute the actions in the action list as a post-hook instead of the web-gui? Or maybe add an option to add post-hooks in the webUI ?

  • Discussions about the FRR Dynamic Routing package on pfSense

    296 Topics
    1k Posts
    C
    This one has been tricky still not sure what to try. Any ideas?

  • Discussions about the Tailscale package

    93 Topics
    647 Posts
    M
    @CarlMRoss I've followed your very helpful instructions and got mine updated to 1.90.6. However, I did notice that tailscale does not start on reboot. Is this still happening for you as well? I can get it restarted with the commands you provided but having to do that manually is a concern.

  • Discussions about WireGuard

    715 Topics
    4k Posts
    A
    Hi everyone, This is a noob question but already tried multiple and I hope some one can help with this. I have a Wireguard Tunnel configured and handshake is successfully performed and I can ping the server from the laptop but can't do it otherwise. Already deactivate the NAT feature and all the rules and no luck. Pfsense and this server is located in a Proxmox Server, laptop is a local. Any ideas? Thank you.
Log in to post
Load new posts
  • N

    Joomla behind pfSense

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • L

    Help:In 2.1 ,the snort's blocked is automatically cleared

    3
    0 Votes
    3 Posts
    1k Views
    bmeeksB
    I discussed this with one of the pfSense Core Team members.  He acknowledged this is caused by the filter_reload() function in 2.1 and some changes within it.  He has this on his list to look at fixing.  That's the good news.  The bad news is since this is something in the core code and not in the Snort package, it will take a longer time to work its way into the patch update process. Bill
  • L

    Squidguard-devel 1.5

    2
    0 Votes
    2 Posts
    3k Views
    jimpJ
    The squidguard-devel PBI should be up now.
  • C

    Squid Not Working after upgrade to 2.1

    4
    0 Votes
    4 Posts
    2k Views
    C
    I looked at the squid config and did not see anything unusual ( I am not a squid expert though). The rebooting solution seems to be working. It has been running for about 2 hours without an issue. Now I see that the RRD graphs do not show the captive portal data. On to the next issue. Thanks for the solution.
  • D

    Unbound 1.4.20_8: fix for IPv6 host overrides

    2
    0 Votes
    2 Posts
    978 Views
    D
    I've added this information to bug #3056 on redmine.
  • T

    Can't reinstall squid3 after upgrade from 2.0.3 to 2.1

    2
    0 Votes
    2 Posts
    1k Views
    I
    Hi! I also had problems with squid3 after upgrade from v2.0.3 to v2.1 release I got error that the package didn´t install correctly after upgrade. In menu "Installed packages" the squid3 package was not listed. First tried to install without reboot but it didn´t work. Uninstalled the package from menu "Installed packages" and rebooted. Installed package again with success. Rebooted again to check if the package started. Now I have the squid3 package up and running. /illern. Running v2.1 Release full install (i386)
  • C

    Squid + Captive Portal = not logging usernames?

    10
    0 Votes
    10 Posts
    4k Views
    marcellocM
    Translate this one from Portuguese forum http://forum.pfsense.org/index.php/topic,66809.0.html
  • E

    Pfsense, varnish & port 80 - can i do this?

    6
    0 Votes
    6 Posts
    3k Views
    marcellocM
    Test.html csn be the same on all servers and can return anything as varnish check http code (200 ok) Change Firewall rule to source any destination wan address port 80.
  • S

    Snort 2.9.4.6 Pkg v 2.5.9

    203
    0 Votes
    203 Posts
    120k Views
    bmeeksB
    @maverick_slo: Hi! snort-2.9.4.6.tbz is June version on the link u posted? Regards, M UPDATE #2 (9:22 AM September 28):  The updated Snort binary for 2.0.3 pfSense installs is now available in the files repository. UPDATED INFO (9:30 PM September 27):   I received a note back from the pfSense guys.  There are some issues with getting the 2.0.3 binary packages rebuilt.  The issues are generic with the Ports tree and not specific to Snort.  It could be later this weekend or even early next week before the 2.0.3 binaries get rebuilt.  If you have a 2.1 install, you are golden because the PBI packages are good to go. If you want the new Snort GUI fixes, then go ahead and reinstall the Snort package now.  Just click the PKG or XML icons.  They both will do the same thing in terms of reinstalling the GUI PHP code.  I will post back later when the new Snort binaries for 2.0.3 pfSense are built and posted. **Original Post follows –- ** Yeah, I think maybe those rebuild overnight.  I will e-mail the Core Team guys and have one of them check it out.  The new binary is not a huge deal, but if you use the SMTP preprocessor and sometimes saw the message about "SMTP:  changing file_depth requires a restart", then the updated binary will fix that (and allow Snort to soft-restart correctly). It won't hurt anything to do a package reinstall by clicking the PKG or XML icon, then later when the new binary is posted you can do the remove and re-install then.  The major bug fixes and new features are all in the GUI code anyway. Bill
  • E

    Using Squidguard + Dansguardian?

    2
    0 Votes
    2 Posts
    2k Views
    T
    Dansguardian will do ACLs as well. What, specifically, do you wish to achieve with Squidguard that you don't believe you can't with Dansguardian?
  • G

    TunnelStateData

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • ?

    Snort Menu

    1
    0 Votes
    1 Posts
    872 Views
    No one has replied
  • A

    Ifstated or similar

    1
    0 Votes
    1 Posts
    793 Views
    No one has replied
  • N

    [NOT POSSIBLE] 2.1 Manual package installation (with no Internet connection)

    6
    0 Votes
    6 Posts
    2k Views
    N
    Yeah… that's what I've did... Though the other way looked much simpler. C'est la vie.
  • G

    SquidGuard Time Restrictions not working ?

    2
    0 Votes
    2 Posts
    2k Views
    G
    I found this topic http://forum.pfsense.org/index.php?topic=59671.0 and i execute``` /usr/local/sbin/squid -k reconfigure Time restriction are now applied and it's working as expected : i created some schedule 09:00-09:10, 09:20-09:30,  09:40-09:50 transitions are working. a bit strange right ?
  • ?

    No packages with logging facilities..

    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • F

    Sarg generates only 10 reports

    4
    0 Votes
    4 Posts
    1k Views
    F
    Here's a picture 5 minutes ago Still keep the reports From a month ago And no new reports I tried to remove the package and reinstall it It did not help These reports have appeared still According to configuration Should be 24 reports Every hour a new report When the number reaches 25 reports The first report is deleted So that there is always 24 Recent reports [image: sarg.png] [image: sarg.png_thumb]
  • S

    Ntop on 2.1 relese

    2
    0 Votes
    2 Posts
    860 Views
    S
    seems to be an issue with firefox… Very strange :/
  • S

    Snort 2.9.4.6 pkg v. 2.5.9 reinstall on pfsense 2.1 - snort.sh mangeled

    8
    0 Votes
    8 Posts
    2k Views
    bmeeksB
    @simby: Thanks, now it s working. How can i fix snort time problem? Pfsense time is ok! Can you be a bit more descriptive with your problem?  Snort gets time from pfSense, so they should match up.  What exactly do you mean by "fix snort time problem"? Bill
  • R

    Shortcut icons?

    3
    0 Votes
    3 Posts
    1k Views
    jimpJ
    Check /usr/local/www/shortcuts.inc, and /usr/local/www/shortcuts/pkg_upnp.inc If you have your pkg drop the file in the /usr/local/www/shortcuts/ with the right contents, it should show the icons you configure.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.