pfSense Packages

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Subcategories

Cache/Proxy

Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

4k Topics

21k Posts

N

Can I use pgblockerng aliases in Haproxy?

80758505-9bad-4dad-a80b-c159be1045a2-image.png

If it was a firewall rule, typing pfb would produce a dropdown to select.

Here it has to be written, but will it work? Is it supported?
IDS/IPS

Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

2k Topics

16k Posts

B

I saw where the Netgate kernel developer updated the Suricata package in the pfSense 25.07 development branch to work with the new kernel PPPoE driver. But so far as I know that updated package has not been migrated to 2.8 CE.

Here is the commit into the DEVEL branch: https://github.com/pfsense/FreeBSD-ports/commit/68a06b3a33c690042b61fb4ccfe96f3138e83b72.
Traffic Monitoring

Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

571 Topics

3k Posts

K

@pulsartiger
The database name is vnstat.db and its location is under /var/db/vnstat.
With "Backup Files/Dir" we are able to do backup or also with a cron.
pfBlockerNG

Discussions about the pfBlockerNG package

3k Topics

20k Posts

G

@AlexK-0 said in Can't receive GeoIP databases updates anymore, banned:

Days ago, I received from MaxMind an email, notifying me that my country has been banned to receive GeoLite City database updates.

You've found a reason to use a VPN.
UPS Tools

Discussions about Network UPS Tools and APCUPSD packages for pfSense

99 Topics

2k Posts

K

@elvisimprsntr thanks for your suggestion. I will give it a try.
ACME

Discussions about the ACME / Let’s Encrypt package for pfSense

493 Topics

3k Posts

E

@fxandrei Found this thread via Google. And I figured out what OP did, so here's the explanation:

In the pfSense webpage do:
Click on "Services" Select "Acme Certificates" Edit any of your certificate entries by clicking on the pencil icon. Scroll to the bottom of the certificate edit page and find the "Actions list" section. Click on "Add" to add a new action and fill out the information as needed. For HAProxy restarting do: Mode: Enabled Command: /usr/local/etc/rc.d/haproxy.sh restart Method: Shell Command And finally "Save" at the bottom of the cert edit page.
As far as I can tell, the above action seems to propagate to all certificates that I have, not just a single one. I am not sure if this is just a visual bug, but just something to be aware of.

I haven't been able to confirm if the above works(mine just renewed, don't feel like doing it again just to test), so we'll see in 60 days I guess.

Hopefully this helps you and anyone else that finds this thread via searching.
FRR

Discussions about the FRR Dynamic Routing package on pfSense

294 Topics

1k Posts

R

I had a similar issue with Routed VTI over IPsec recently. FRR lost its neighbors after rebooting or when a tunnel went down. It never re-discovered it automatically. Only restarting FRR (either in GUI or via CLI) brought the neighbors back.

When I manually added those under the OSPF neighbors tab in the GUI it seems to solve the problem as well.
Tailscale

Discussions about the Tailscale package

89 Topics

574 Posts

A

Hello,
I am unable to get the Tailscale package to work. The page at VPN > Tailscale > Authentication is stuck. It displays the error "Tailscale is not online," but also shows a "Logout and Clean" button, with no option to log in.
link text

This state persists even after performing the following troubleshooting steps:

Rebooting the pfSense router.

Completely uninstalling and reinstalling the Tailscale package multiple times.

Clearing browser cache and using a private browser window.

Toggling the main "Enable Tailscale" checkbox in the settings.

Checking the logs, which show the service gets a "terminate" signal and shuts down cleanly; it does not crash.

Manually trying to delete the state file with rm /var/db/tailscale/tailscaled.state, which failed because the file does not exist.

It appears that the package's configuration is corrupted in a way that persists even after reinstallation. Can anyone advise on how to perform a complete manual cleanup of all Tailscale files and settings?
WireGuard

Discussions about WireGuard

689 Topics

4k Posts

P

@patient0 Thanks for further suggestions. The tunnel is definitely up and so I don't think this is a CGNAT issue after all. WAN firewall rule is in place for UDP on port 51823 (otherwise the tunnel wouldn't work, right?). I can ping from client 1 -> client 2 and visa versa and also ping all points in between like you suggest. I just can't open an HTTPS connection from pfSenseB from Client 1 using a browser. But I can do this the other way round i.e. from Client 2 to pfSenseA

I will try and do some packet capture to see if that reveals anything.

M

Freeradius 1.1.2_1 on pfsense 1.2.3

Watching Ignoring Scheduled Pinned Locked Moved
4

0 Votes

4 Posts

1k Views

M

Thank for your help !

I modify both config and radius files. The trouble come when pfsense restore an older conf.
But i modify freeradius package inc and i can make what i want.

Thanx
Marc
V

Minor typo in snort_alerts.php 2.5.1

Watching Ignoring Scheduled Pinned Locked Moved
1

0 Votes

1 Posts

710 Views

No one has replied
L

Help with squid in transparent mode

Watching Ignoring Scheduled Pinned Locked Moved
5

0 Votes

5 Posts

2k Views

L

Thanks marcello.. ill take another look at sarg. Sorry for the late reply, have been away from the forum for a while (pfsense has been up and running nicely for the past 50 days.. yay!)
F

NUT battery.charge.low variable resets

Watching Ignoring Scheduled Pinned Locked Moved
1

0 Votes

1 Posts

2k Views

No one has replied
M

Snort 2.9.2.3 pkg v. 2.5.1 - does not start. Please help!

Watching Ignoring Scheduled Pinned Locked Moved
5

0 Votes

5 Posts

2k Views

M

Awesome! That did it! Thanks very much!
J

Snort.conf, $HOME_NET, and whitelist error

Watching Ignoring Scheduled Pinned Locked Moved
4

0 Votes

4 Posts

4k Views

J

Yeah, it is a new feature and came silently, so I had exactly the same problems after upgraded installation. ::)
S

Thank you ermal and co.!

Watching Ignoring Scheduled Pinned Locked Moved
8

0 Votes

8 Posts

2k Views

F

The shared object rules seem add additional functionality. E.g. the snort_p2p rules are (now) empty, but the associated so rule has support for detecting the WinNY program. When you download the rules, there is a source folder–-so you could actually look at the content of the so rules.
V

Squid3 does not install

Watching Ignoring Scheduled Pinned Locked Moved
5

0 Votes

5 Posts

1k Views

M

It's fixed now, wait 15 minutes and reinstall
F

Snort 2.9.2.3 pkg v. 2.5.1: minor problem

Watching Ignoring Scheduled Pinned Locked Moved
1

0 Votes

1 Posts

1k Views

No one has replied
T

Fatal error in Snort version 2.9.2.3 pkg v. 2.5.1

Watching Ignoring Scheduled Pinned Locked Moved
19

0 Votes

19 Posts

4k Views

T

I think you are right! I left it for a while and now everything is working fine! Thaks to ALL! Case closed!
E

Snort 2.9.2.3 v2.5.0 IPv6 support

Watching Ignoring Scheduled Pinned Locked Moved
9

0 Votes

9 Posts

3k Views

E

http://www.pfsense.org/index.php?option=com_content&task=view&id=69&Itemid=80
S

Snort server suppresion list

Watching Ignoring Scheduled Pinned Locked Moved
1

0 Votes

1 Posts

897 Views

No one has replied
R

Squid Cachemgr (500 - Internal Server Error)

Watching Ignoring Scheduled Pinned Locked Moved
3

0 Votes

3 Posts

5k Views

R

Attached below is the log. I don't see any error's unless i missed something
2012/07/21 15:11:40| Adding domain localdomain from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 127.0.0.1 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 192.168.0.254 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 192.168.2.254 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 208.67.222.222 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 208.67.220.220 from /etc/resolv.conf 2012/07/21 15:11:40| Accepting proxy HTTP connections at 192.168.10.254, port 3128, FD 15. 2012/07/21 15:11:40| Accepting transparently proxied HTTP connections at 127.0.0.1, port 3128, FD 18. 2012/07/21 15:11:40| Accepting HTCP messages on port 4827, FD 19. 2012/07/21 15:11:40| Accepting SNMP messages on port 3401, FD 20. 2012/07/21 15:11:40| WCCP Disabled. 2012/07/21 15:11:40| Configuring havp Parent havp/3125/0 2012/07/21 15:11:40| Loaded Icons. 2012/07/21 15:11:40| Ready to serve requests. 2012/07/21 15:11:40| Reconfiguring Squid Cache (version 2.7.STABLE9)... 2012/07/21 15:11:40| FD 15 Closing HTTP connection 2012/07/21 15:11:40| FD 18 Closing HTTP connection 2012/07/21 15:11:40| FD 19 Closing HTCP socket 2012/07/21 15:11:40| FD 20 Closing SNMP socket 2012/07/21 15:11:40| logfileClose: closing log /var/squid/logs/access.log 2012/07/21 15:11:40| Including Configuration File: /usr/local/etc/squid/squid.conf (depth 0) 2012/07/21 15:11:40| Cache dir '/var/squid/cache' size remains unchanged at 10240000 KB 2012/07/21 15:11:40| squid.conf line 82: refresh_pattern ([^.]+.|)avast.com/.*\.(vpu|vpaa) 4320 100% 43200 reload-into-ims 2012/07/21 15:11:40| parse_refreshpattern: Invalid regular expression '([^.]+.|)avast.com/.*\.(vpu|vpaa)': empty (sub)expression 2012/07/21 15:11:40| squid.conf line 83: refresh_pattern ([^.]+.|)spywareblaster.net/.*\.(dtb) 4320 100% 64800 reload-into-ims 2012/07/21 15:11:40| parse_refreshpattern: Invalid regular expression '([^.]+.|)spywareblaster.net/.*\.(dtb)': empty (sub)expression 2012/07/21 15:11:40| Initialising SSL. 2012/07/21 15:11:40| logfileOpen: opening log /var/squid/logs/access.log 2012/07/21 15:11:40| Store logging disabled 2012/07/21 15:11:40| Referer logging is disabled. 2012/07/21 15:11:40| DNS Socket created at 0.0.0.0, port 63432, FD 13 2012/07/21 15:11:40| Adding domain localdomain from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 127.0.0.1 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 192.168.0.254 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 192.168.2.254 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 208.67.222.222 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 208.67.220.220 from /etc/resolv.conf 2012/07/21 15:11:40| Accepting proxy HTTP connections at 192.168.10.254, port 3128, FD 15. 2012/07/21 15:11:40| Accepting transparently proxied HTTP connections at 127.0.0.1, port 3128, FD 18. 2012/07/21 15:11:40| Accepting HTCP messages on port 4827, FD 19. 2012/07/21 15:11:40| Accepting SNMP messages on port 3401, FD 20. 2012/07/21 15:11:40| WCCP Disabled. 2012/07/21 15:11:40| Configuring havp Parent havp/3125/0 2012/07/21 15:11:40| Loaded Icons. 2012/07/21 15:11:40| Ready to serve requests. 2012/07/21 15:11:40| Reconfiguring Squid Cache (version 2.7.STABLE9)... 2012/07/21 15:11:40| FD 15 Closing HTTP connection 2012/07/21 15:11:40| FD 18 Closing HTTP connection 2012/07/21 15:11:40| FD 19 Closing HTCP socket 2012/07/21 15:11:40| FD 20 Closing SNMP socket 2012/07/21 15:11:40| logfileClose: closing log /var/squid/logs/access.log 2012/07/21 15:11:40| Including Configuration File: /usr/local/etc/squid/squid.conf (depth 0) 2012/07/21 15:11:40| Cache dir '/var/squid/cache' size remains unchanged at 10240000 KB 2012/07/21 15:11:40| squid.conf line 82: refresh_pattern ([^.]+.|)avast.com/.*\.(vpu|vpaa) 4320 100% 43200 reload-into-ims 2012/07/21 15:11:40| parse_refreshpattern: Invalid regular expression '([^.]+.|)avast.com/.*\.(vpu|vpaa)': empty (sub)expression 2012/07/21 15:11:40| squid.conf line 83: refresh_pattern ([^.]+.|)spywareblaster.net/.*\.(dtb) 4320 100% 64800 reload-into-ims 2012/07/21 15:11:40| parse_refreshpattern: Invalid regular expression '([^.]+.|)spywareblaster.net/.*\.(dtb)': empty (sub)expression 2012/07/21 15:11:40| Initialising SSL. 2012/07/21 15:11:40| logfileOpen: opening log /var/squid/logs/access.log 2012/07/21 15:11:40| Store logging disabled 2012/07/21 15:11:40| Referer logging is disabled. 2012/07/21 15:11:40| DNS Socket created at 0.0.0.0, port 30117, FD 13 2012/07/21 15:11:40| Adding domain localdomain from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 127.0.0.1 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 192.168.0.254 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 192.168.2.254 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 208.67.222.222 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 208.67.220.220 from /etc/resolv.conf 2012/07/21 15:11:40| Accepting proxy HTTP connections at 192.168.10.254, port 3128, FD 15. 2012/07/21 15:11:40| Accepting transparently proxied HTTP connections at 127.0.0.1, port 3128, FD 18. 2012/07/21 15:11:40| Accepting HTCP messages on port 4827, FD 19. 2012/07/21 15:11:40| Accepting SNMP messages on port 3401, FD 20. 2012/07/21 15:11:40| WCCP Disabled. 2012/07/21 15:11:40| Configuring havp Parent havp/3125/0 2012/07/21 15:11:40| Loaded Icons. 2012/07/21 15:11:40| Ready to serve requests. 2012/07/21 15:11:40| Reconfiguring Squid Cache (version 2.7.STABLE9)... 2012/07/21 15:11:40| FD 15 Closing HTTP connection 2012/07/21 15:11:40| FD 18 Closing HTTP connection 2012/07/21 15:11:40| FD 19 Closing HTCP socket 2012/07/21 15:11:40| FD 20 Closing SNMP socket 2012/07/21 15:11:40| logfileClose: closing log /var/squid/logs/access.log 2012/07/21 15:11:40| Including Configuration File: /usr/local/etc/squid/squid.conf (depth 0) 2012/07/21 15:11:40| Cache dir '/var/squid/cache' size remains unchanged at 10240000 KB 2012/07/21 15:11:40| squid.conf line 82: refresh_pattern ([^.]+.|)avast.com/.*\.(vpu|vpaa) 4320 100% 43200 reload-into-ims 2012/07/21 15:11:40| parse_refreshpattern: Invalid regular expression '([^.]+.|)avast.com/.*\.(vpu|vpaa)': empty (sub)expression 2012/07/21 15:11:40| squid.conf line 83: refresh_pattern ([^.]+.|)spywareblaster.net/.*\.(dtb) 4320 100% 64800 reload-into-ims 2012/07/21 15:11:40| parse_refreshpattern: Invalid regular expression '([^.]+.|)spywareblaster.net/.*\.(dtb)': empty (sub)expression 2012/07/21 15:11:40| Initialising SSL. 2012/07/21 15:11:40| logfileOpen: opening log /var/squid/logs/access.log 2012/07/21 15:11:40| Store logging disabled 2012/07/21 15:11:40| Referer logging is disabled. 2012/07/21 15:11:40| DNS Socket created at 0.0.0.0, port 64180, FD 13 2012/07/21 15:11:40| Adding domain localdomain from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 127.0.0.1 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 192.168.0.254 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 192.168.2.254 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 208.67.222.222 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 208.67.220.220 from /etc/resolv.conf 2012/07/21 15:11:40| Accepting proxy HTTP connections at 192.168.10.254, port 3128, FD 15. 2012/07/21 15:11:40| Accepting transparently proxied HTTP connections at 127.0.0.1, port 3128, FD 18. 2012/07/21 15:11:40| Accepting HTCP messages on port 4827, FD 19. 2012/07/21 15:11:40| Accepting SNMP messages on port 3401, FD 20. 2012/07/21 15:11:40| WCCP Disabled. 2012/07/21 15:11:40| Configuring havp Parent havp/3125/0 2012/07/21 15:11:40| Loaded Icons. 2012/07/21 15:11:40| Ready to serve requests. 2012/07/21 15:11:40| Preparing for shutdown after 627 requests 2012/07/21 15:11:40| Waiting 3 seconds for active connections to finish 2012/07/21 15:11:40| FD 15 Closing HTTP connection 2012/07/21 15:11:40| FD 18 Closing HTTP connection 2012/07/21 15:11:43| Reconfiguring Squid Cache (version 2.7.STABLE9)... 2012/07/21 15:11:43| FD 19 Closing HTCP socket 2012/07/21 15:11:43| FD 20 Closing SNMP socket 2012/07/21 15:11:43| logfileClose: closing log /var/squid/logs/access.log 2012/07/21 15:11:43| Including Configuration File: /usr/local/etc/squid/squid.conf (depth 0) 2012/07/21 15:11:43| Cache dir '/var/squid/cache' size remains unchanged at 10240000 KB 2012/07/21 15:11:43| squid.conf line 82: refresh_pattern ([^.]+.|)avast.com/.*\.(vpu|vpaa) 4320 100% 43200 reload-into-ims 2012/07/21 15:11:43| parse_refreshpattern: Invalid regular expression '([^.]+.|)avast.com/.*\.(vpu|vpaa)': empty (sub)expression 2012/07/21 15:11:43| squid.conf line 83: refresh_pattern ([^.]+.|)spywareblaster.net/.*\.(dtb) 4320 100% 64800 reload-into-ims 2012/07/21 15:11:43| parse_refreshpattern: Invalid regular expression '([^.]+.|)spywareblaster.net/.*\.(dtb)': empty (sub)expression 2012/07/21 15:11:43| Initialising SSL. 2012/07/21 15:11:43| logfileOpen: opening log /var/squid/logs/access.log 2012/07/21 15:11:43| Store logging disabled 2012/07/21 15:11:43| Referer logging is disabled. 2012/07/21 15:11:43| DNS Socket created at 0.0.0.0, port 40718, FD 13 2012/07/21 15:11:43| Adding domain localdomain from /etc/resolv.conf 2012/07/21 15:11:43| Adding nameserver 127.0.0.1 from /etc/resolv.conf 2012/07/21 15:11:43| Adding nameserver 192.168.0.254 from /etc/resolv.conf 2012/07/21 15:11:43| Adding nameserver 192.168.2.254 from /etc/resolv.conf 2012/07/21 15:11:43| Adding nameserver 208.67.222.222 from /etc/resolv.conf 2012/07/21 15:11:43| Adding nameserver 208.67.220.220 from /etc/resolv.conf 2012/07/21 15:11:43| Accepting proxy HTTP connections at 192.168.10.254, port 3128, FD 15. 2012/07/21 15:11:43| Accepting transparently proxied HTTP connections at 127.0.0.1, port 3128, FD 16. 2012/07/21 15:11:43| Accepting HTCP messages on port 4827, FD 18. 2012/07/21 15:11:43| Accepting SNMP messages on port 3401, FD 19. 2012/07/21 15:11:43| WCCP Disabled. 2012/07/21 15:11:43| Configuring havp Parent havp/3125/0 2012/07/21 15:11:43| Loaded Icons. 2012/07/21 15:11:43| Ready to serve requests. 2012/07/21 15:11:44| Shutting down... 2012/07/21 15:11:44| FD 18 Closing HTCP socket 2012/07/21 15:11:44| FD 19 Closing SNMP socket 2012/07/21 15:11:44| Closing unlinkd pipe on FD 17 2012/07/21 15:11:44| storeDirWriteCleanLogs: Starting... 2012/07/21 15:11:44| Finished. Wrote 915 entries. 2012/07/21 15:11:44| Took 0.0 seconds (266065.7 entries/sec). CPU Usage: 39.768 seconds = 0.393 user + 39.375 sys Maximum Resident Size: 10420 KB Page faults with physical i/o: 0 2012/07/21 15:11:44| logfileClose: closing log /var/squid/logs/access.log 2012/07/21 15:11:44| Squid Cache (Version 2.7.STABLE9): Exiting normally. 2012/07/21 15:11:49| Starting Squid Cache version 2.7.STABLE9 for amd64-portbld-freebsd8.1... 2012/07/21 15:11:49| Process ID 29553 2012/07/21 15:11:49| With 8388 file descriptors available 2012/07/21 15:11:49| Using kqueue for the IO loop 2012/07/21 15:11:49| DNS Socket created at 0.0.0.0, port 52396, FD 12 2012/07/21 15:11:49| Adding domain localdomain from /etc/resolv.conf 2012/07/21 15:11:49| Adding nameserver 127.0.0.1 from /etc/resolv.conf 2012/07/21 15:11:49| Adding nameserver 192.168.0.254 from /etc/resolv.conf 2012/07/21 15:11:49| Adding nameserver 192.168.2.254 from /etc/resolv.conf 2012/07/21 15:11:49| Adding nameserver 208.67.222.222 from /etc/resolv.conf 2012/07/21 15:11:49| Adding nameserver 208.67.220.220 from /etc/resolv.conf 2012/07/21 15:11:49| Referer logging is disabled. 2012/07/21 15:11:49| logfileOpen: opening log /var/squid/logs/access.log 2012/07/21 15:11:49| Unlinkd pipe opened on FD 17 2012/07/21 15:11:49| Swap maxSize 10240000 + 65536 KB, estimated 792733 objects 2012/07/21 15:11:49| Target number of buckets: 39636 2012/07/21 15:11:49| Using 65536 Store buckets 2012/07/21 15:11:49| Max Mem size: 65536 KB 2012/07/21 15:11:49| Max Swap size: 10240000 KB 2012/07/21 15:11:49| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec 2012/07/21 15:11:49| Store logging disabled 2012/07/21 15:11:49| Rebuilding storage in /var/squid/cache (CLEAN) 2012/07/21 15:11:49| Using Least Load store dir selection 2012/07/21 15:11:49| Current Directory is /etc 2012/07/21 15:11:49| Loaded Icons. 2012/07/21 15:11:50| Accepting proxy HTTP connections at 192.168.10.254, port 3128, FD 18. 2012/07/21 15:11:50| Accepting transparently proxied HTTP connections at 127.0.0.1, port 3128, FD 19. 2012/07/21 15:11:50| Accepting HTCP messages on port 4827, FD 20. 2012/07/21 15:11:50| Accepting SNMP messages on port 3401, FD 21. 2012/07/21 15:11:50| WCCP Disabled. 2012/07/21 15:11:50| Configuring havp Parent havp/3125/0 2012/07/21 15:11:50| Ready to serve requests. 2012/07/21 15:11:50| Done reading /var/squid/cache swaplog (915 entries) 2012/07/21 15:11:50| Finished rebuilding storage from disk. 2012/07/21 15:11:50| 915 Entries scanned 2012/07/21 15:11:50| 0 Invalid entries. 2012/07/21 15:11:50| 0 With invalid flags. 2012/07/21 15:11:50| 915 Objects loaded. 2012/07/21 15:11:50| 0 Objects expired. 2012/07/21 15:11:50| 0 Objects cancelled. 2012/07/21 15:11:50| 0 Duplicate URLs purged. 2012/07/21 15:11:50| 0 Swapfile clashes avoided. 2012/07/21 15:11:50| Took 0.3 seconds (3391.3 objects/sec). 2012/07/21 15:11:50| Beginning Validation Procedure 2012/07/21 15:11:50| Completed Validation Procedure 2012/07/21 15:11:50| Validated 915 Entries 2012/07/21 15:11:50| store_swap_size = 9070k 2012/07/21 15:11:50| storeLateRelease: released 0 objects
R

Squid->HAVP->Squid Configuration

Watching Ignoring Scheduled Pinned Locked Moved
7

0 Votes

7 Posts

2k Views

R

Thanks for your replies

Yes, {inet} -> havp -> squid -> {clients}, works fine as
havp detected virus with eicar.org squid has entries in both cache and access logs.
But with current setup some sites open very slow e.g. youtube - i think this is due to havp. i whitelisted youtube and have good results. That is the reason I was thinking for sandwich config, coz then I dont have to whitelist anything in HAVP
C

Use Snort as Instrusion Detection only not Prevention

Watching Ignoring Scheduled Pinned Locked Moved
6

0 Votes

6 Posts

2k Views

F

Services: Snort: Snort Alerts
Services: Snort Blocked Hosts
T

Zabbix 2.0 proxy

Watching Ignoring Scheduled Pinned Locked Moved
2

0 Votes

2 Posts

2k Views

U

Yeah, Zabbix 2.0 Proxy upgrade would be nice.
B

Monitoring proxy server squid pfsense 2.0.1 ? how to

Watching Ignoring Scheduled Pinned Locked Moved
26

0 Votes

26 Posts

45k Views

J

Error: Could not find report index file.
Check sarg settings and try to force sarg schedule.

SOLUCION!!!!

En la Pestaña Schedule una tarea con la Siguiente configuracion:

Descripcion : Nombre que ustedes decidan
Sarg arg: -d date +%d/%m/%Y-date +%d/%m/%Y
Frecuency: 15m

Luego lo guardan y se van a la pestaña general
Seleccionan:

user graphics
remove temporary files
generate the main index
generate the index tree
overwrite report
use comma instead pint in reports
show de downloaded volume ond date/time reports

En la sección REPORT TO GENERATE se seleccionan todos

Se guarda la configuracion y vamos de nuevo a la pestaña de schedule abrimos la tarea y damos en el boton

FORCE UPDATE NOW

Esperamos a que ejecute la tarea y por ultumo vamos al la pestaña donde vemos el reporte!!!!
B

Mail notification on WAN IP Change (cron)

Watching Ignoring Scheduled Pinned Locked Moved
5

0 Votes

5 Posts

7k Views

B

Excellent. I'll be sure to enable smtp notifications and see if that helps. Appreciate the response!
D

Snort Widget fix (Snort 2.9.2.3 pkg v. 2.5.0)

Watching Ignoring Scheduled Pinned Locked Moved
14

0 Votes

14 Posts

4k Views

D

@ermal thanks for committing the code

Just viewed your changes, but with your code the widget will first display all alerts from IF 0 then IF 1 and so on,
I think it is more desireable to display alerts sorted by date, not by interface. Thats why I added the sorting of timestamps.
D

Problem with Squid-Reverse proxy

Watching Ignoring Scheduled Pinned Locked Moved
5

0 Votes

5 Posts

3k Views

M

dan104,

Remove your xml from previous post, It's not safe exposing your firewall config to the world :(

I've tried to access your ip on http and https without success.

try these steps:

Remove the nats for your internal web servers

listen reverse squid on 80

apply a firewall rule on wan allowing access from any to interface_address port 80 and port 443

check on console/ssh if squid is running and listening on ports 80/443 using netstat -an | grep -i listen

test using tcpdump(on console/ssh) if you get any http/https traffic to wan_address at port 80,443

263 / 464