pfSense Packages

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Subcategories

Cache/Proxy

Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

4k Topics

21k Posts

A

Docker image for squid 7.3 and above https://hub.docker.com/r/fredbcode/squid If pfsense does not push the update.
IDS/IPS

Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

2k Topics

16k Posts

D

Hello team, I have a Netgate 8200 running 24.11-RELEASE (amd64) with Suricata 7.0.8_5 package installed. Suricata doesn't seem to start. It loops to red once I press the Play button on the interface. It leaves no logs in the System logs, it leaves no logs in suricata.log at /var/log/suricata/suricata_ovpns933787/suricata.log I tried launching it manually: # /usr/local/bin/suricata -V or # /usr/local/bin/suricata -c /usr/local/etc/suricata/suricata_33787_ovpns9/suricata.yaml -i suricata_ovpns933787 and I get this output ld-elf.so.1: /usr/local/bin/suricata: Undefined symbol "__strlcpy_chk@FBSD_1.8" Thanks in advance, Dara
Traffic Monitoring

Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

573 Topics

3k Posts

D

@kabeda If memory serves, that old version of ntopng did not run as user ntopng, but as user nobody. There are lots of problems in that old version. Anyway, check the ownership and permissions of /var/db/ntopng and make sure it matches the user that ntopng runs as. You may need to set ownership of the entire hierarchy. Example: /usr/sbin/chown -R nobody:nobody /var/db/ntopng However, the better choice would be to upgrade to a more recent version.
pfBlockerNG

Discussions about the pfBlockerNG package

3k Topics

20k Posts

T

@vicking said in No blocks on IP: Is it a bad idea to have the action set to deny both instead of inbound only? Question is squarely for admin. Per the infoblock which explains, in part, the "Deny Inbound", "Deny Outbound", and "Deny Both" actions: 'Deny' Rules: 'Deny' rules create high priority 'block' or 'reject' rules on the stated interfaces. They don't change the 'pass' rules on other interfaces. Typical uses of 'Deny' rules are: Deny Both - blocks all traffic in both directions, if the source or destination IP is in the block list Deny Inbound/Deny Outbound - blocks all traffic in one direction unless it is part of a session started by traffic sent in the other direction. Does not affect traffic in the other direction. One way 'Deny' rules can be used to selectively block unsolicited incoming (new session) packets in one direction, while still allowing deliberate outgoing sessions to be created in the other direction. In other words: When set to "Deny Inbound", incoming connection requests from WAN hosts are blocked and therefore no state will be created. However a LAN host can still establish state to an otherwise listed IP. If set to "Deny Outbound", outgoing connection requests from LAN hosts are blocked and therefore no state will be created. However an incoming connection request from an otherwise listed IP to an 'open' WAN port can still establish state. If set to "Deny Both", both incoming connection requests and outbound connections requests are blocked and therefore no state will be created regardless of connection direction.
UPS Tools

Discussions about Network UPS Tools and APCUPSD packages for pfSense

102 Topics

3k Posts

C

@dennypage Nicely done sir!
ACME

Discussions about the ACME / Let’s Encrypt package for pfSense

503 Topics

3k Posts

M

I am using the DNS-Update method I have to use a DNS-Sleep of 5 minutes to let the letsencrypt txt dns record update propagate. During this 5 minutes the acme-webgui times out. when the acme-webgui times out the Action list is NOT executed. How can I solve this ? Would it maybe be an idea to let the acme.sh script execute the actions in the action list as a post-hook instead of the web-gui? Or maybe add an option to add post-hooks in the webUI ?
FRR

Discussions about the FRR Dynamic Routing package on pfSense

296 Topics

1k Posts

C

This one has been tricky still not sure what to try. Any ideas?
Tailscale

Discussions about the Tailscale package

93 Topics

656 Posts

C

@elvisimprsntr Updated 25.07.1 to 1.90.6_1, copied and pasted from @elvisimprsntr's post: pkg add -f https://pkg.freebsd.org/FreeBSD:15:amd64/latest/All/tailscale-1.90.6_1.pkg (Why it worked this time and not on previous updates: Over the last couple of days, I ran into the "Shared object "libutil.so.10, not found..." error that triggered the version 25.07.1 update issues some of us have been having. After I fixed that error, I decided to go back to the usual update method, and it worked.)
WireGuard

Discussions about WireGuard

715 Topics

4k Posts

P

@andresbraga if you still have the firewall rules as you posted, then I don't know why from the laptop you can't ping the pfSense Wireguard address 10.10.6.1 nor the pfSense gateway 10.10.1.1 What is the routing table of the laptop. And I would run a packet capture on pfSense and check what you see if you run the ping to 10.10.1.1 or 10.10.6.1.

N

Fail to install a pkg

Watching Ignoring Scheduled Pinned Locked Moved
11

0 Votes

11 Posts

4k Views

W

Oh yes… a short view in fstab... I had seen this in a second.... Other Distries said... Permission denied that were usefull for me... All fine now ;) Thank you!
M

Freeradius 1.1.2_1 on pfsense 1.2.3

Watching Ignoring Scheduled Pinned Locked Moved
4

0 Votes

4 Posts

1k Views

M

Thank for your help ! I modify both config and radius files. The trouble come when pfsense restore an older conf. But i modify freeradius package inc and i can make what i want. Thanx Marc
V

Minor typo in snort_alerts.php 2.5.1

Watching Ignoring Scheduled Pinned Locked Moved
1

0 Votes

1 Posts

718 Views

No one has replied
L

Help with squid in transparent mode

Watching Ignoring Scheduled Pinned Locked Moved
5

0 Votes

5 Posts

2k Views

L

Thanks marcello.. ill take another look at sarg. Sorry for the late reply, have been away from the forum for a while (pfsense has been up and running nicely for the past 50 days.. yay!)
F

NUT battery.charge.low variable resets

Watching Ignoring Scheduled Pinned Locked Moved
1

0 Votes

1 Posts

2k Views

No one has replied
M

Snort 2.9.2.3 pkg v. 2.5.1 - does not start. Please help!

Watching Ignoring Scheduled Pinned Locked Moved
5

0 Votes

5 Posts

2k Views

M

Awesome! That did it! Thanks very much!
J

Snort.conf, $HOME_NET, and whitelist error

Watching Ignoring Scheduled Pinned Locked Moved
4

0 Votes

4 Posts

5k Views

J

Yeah, it is a new feature and came silently, so I had exactly the same problems after upgraded installation. ::)
S

Thank you ermal and co.!

Watching Ignoring Scheduled Pinned Locked Moved
8

0 Votes

8 Posts

2k Views

F

The shared object rules seem add additional functionality. E.g. the snort_p2p rules are (now) empty, but the associated so rule has support for detecting the WinNY program. When you download the rules, there is a source folder–-so you could actually look at the content of the so rules.
V

Squid3 does not install

Watching Ignoring Scheduled Pinned Locked Moved
5

0 Votes

5 Posts

2k Views

M

It's fixed now, wait 15 minutes and reinstall
F

Snort 2.9.2.3 pkg v. 2.5.1: minor problem

Watching Ignoring Scheduled Pinned Locked Moved
1

0 Votes

1 Posts

1k Views

No one has replied
T

Fatal error in Snort version 2.9.2.3 pkg v. 2.5.1

Watching Ignoring Scheduled Pinned Locked Moved
19

0 Votes

19 Posts

5k Views

T

I think you are right! I left it for a while and now everything is working fine! Thaks to ALL! Case closed!
E

Snort 2.9.2.3 v2.5.0 IPv6 support

Watching Ignoring Scheduled Pinned Locked Moved
9

0 Votes

9 Posts

3k Views

E

http://www.pfsense.org/index.php?option=com_content&task=view&id=69&Itemid=80
S

Snort server suppresion list

Watching Ignoring Scheduled Pinned Locked Moved
1

0 Votes

1 Posts

900 Views

No one has replied
R

Squid Cachemgr (500 - Internal Server Error)

Watching Ignoring Scheduled Pinned Locked Moved
3

0 Votes

3 Posts

5k Views

R

Attached below is the log. I don't see any error's unless i missed something 2012/07/21 15:11:40| Adding domain localdomain from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 127.0.0.1 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 192.168.0.254 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 192.168.2.254 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 208.67.222.222 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 208.67.220.220 from /etc/resolv.conf 2012/07/21 15:11:40| Accepting proxy HTTP connections at 192.168.10.254, port 3128, FD 15. 2012/07/21 15:11:40| Accepting transparently proxied HTTP connections at 127.0.0.1, port 3128, FD 18. 2012/07/21 15:11:40| Accepting HTCP messages on port 4827, FD 19. 2012/07/21 15:11:40| Accepting SNMP messages on port 3401, FD 20. 2012/07/21 15:11:40| WCCP Disabled. 2012/07/21 15:11:40| Configuring havp Parent havp/3125/0 2012/07/21 15:11:40| Loaded Icons. 2012/07/21 15:11:40| Ready to serve requests. 2012/07/21 15:11:40| Reconfiguring Squid Cache (version 2.7.STABLE9)... 2012/07/21 15:11:40| FD 15 Closing HTTP connection 2012/07/21 15:11:40| FD 18 Closing HTTP connection 2012/07/21 15:11:40| FD 19 Closing HTCP socket 2012/07/21 15:11:40| FD 20 Closing SNMP socket 2012/07/21 15:11:40| logfileClose: closing log /var/squid/logs/access.log 2012/07/21 15:11:40| Including Configuration File: /usr/local/etc/squid/squid.conf (depth 0) 2012/07/21 15:11:40| Cache dir '/var/squid/cache' size remains unchanged at 10240000 KB 2012/07/21 15:11:40| squid.conf line 82: refresh_pattern ([^.]+.|)avast.com/.*\.(vpu|vpaa) 4320 100% 43200 reload-into-ims 2012/07/21 15:11:40| parse_refreshpattern: Invalid regular expression '([^.]+.|)avast.com/.*\.(vpu|vpaa)': empty (sub)expression 2012/07/21 15:11:40| squid.conf line 83: refresh_pattern ([^.]+.|)spywareblaster.net/.*\.(dtb) 4320 100% 64800 reload-into-ims 2012/07/21 15:11:40| parse_refreshpattern: Invalid regular expression '([^.]+.|)spywareblaster.net/.*\.(dtb)': empty (sub)expression 2012/07/21 15:11:40| Initialising SSL. 2012/07/21 15:11:40| logfileOpen: opening log /var/squid/logs/access.log 2012/07/21 15:11:40| Store logging disabled 2012/07/21 15:11:40| Referer logging is disabled. 2012/07/21 15:11:40| DNS Socket created at 0.0.0.0, port 63432, FD 13 2012/07/21 15:11:40| Adding domain localdomain from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 127.0.0.1 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 192.168.0.254 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 192.168.2.254 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 208.67.222.222 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 208.67.220.220 from /etc/resolv.conf 2012/07/21 15:11:40| Accepting proxy HTTP connections at 192.168.10.254, port 3128, FD 15. 2012/07/21 15:11:40| Accepting transparently proxied HTTP connections at 127.0.0.1, port 3128, FD 18. 2012/07/21 15:11:40| Accepting HTCP messages on port 4827, FD 19. 2012/07/21 15:11:40| Accepting SNMP messages on port 3401, FD 20. 2012/07/21 15:11:40| WCCP Disabled. 2012/07/21 15:11:40| Configuring havp Parent havp/3125/0 2012/07/21 15:11:40| Loaded Icons. 2012/07/21 15:11:40| Ready to serve requests. 2012/07/21 15:11:40| Reconfiguring Squid Cache (version 2.7.STABLE9)... 2012/07/21 15:11:40| FD 15 Closing HTTP connection 2012/07/21 15:11:40| FD 18 Closing HTTP connection 2012/07/21 15:11:40| FD 19 Closing HTCP socket 2012/07/21 15:11:40| FD 20 Closing SNMP socket 2012/07/21 15:11:40| logfileClose: closing log /var/squid/logs/access.log 2012/07/21 15:11:40| Including Configuration File: /usr/local/etc/squid/squid.conf (depth 0) 2012/07/21 15:11:40| Cache dir '/var/squid/cache' size remains unchanged at 10240000 KB 2012/07/21 15:11:40| squid.conf line 82: refresh_pattern ([^.]+.|)avast.com/.*\.(vpu|vpaa) 4320 100% 43200 reload-into-ims 2012/07/21 15:11:40| parse_refreshpattern: Invalid regular expression '([^.]+.|)avast.com/.*\.(vpu|vpaa)': empty (sub)expression 2012/07/21 15:11:40| squid.conf line 83: refresh_pattern ([^.]+.|)spywareblaster.net/.*\.(dtb) 4320 100% 64800 reload-into-ims 2012/07/21 15:11:40| parse_refreshpattern: Invalid regular expression '([^.]+.|)spywareblaster.net/.*\.(dtb)': empty (sub)expression 2012/07/21 15:11:40| Initialising SSL. 2012/07/21 15:11:40| logfileOpen: opening log /var/squid/logs/access.log 2012/07/21 15:11:40| Store logging disabled 2012/07/21 15:11:40| Referer logging is disabled. 2012/07/21 15:11:40| DNS Socket created at 0.0.0.0, port 30117, FD 13 2012/07/21 15:11:40| Adding domain localdomain from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 127.0.0.1 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 192.168.0.254 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 192.168.2.254 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 208.67.222.222 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 208.67.220.220 from /etc/resolv.conf 2012/07/21 15:11:40| Accepting proxy HTTP connections at 192.168.10.254, port 3128, FD 15. 2012/07/21 15:11:40| Accepting transparently proxied HTTP connections at 127.0.0.1, port 3128, FD 18. 2012/07/21 15:11:40| Accepting HTCP messages on port 4827, FD 19. 2012/07/21 15:11:40| Accepting SNMP messages on port 3401, FD 20. 2012/07/21 15:11:40| WCCP Disabled. 2012/07/21 15:11:40| Configuring havp Parent havp/3125/0 2012/07/21 15:11:40| Loaded Icons. 2012/07/21 15:11:40| Ready to serve requests. 2012/07/21 15:11:40| Reconfiguring Squid Cache (version 2.7.STABLE9)... 2012/07/21 15:11:40| FD 15 Closing HTTP connection 2012/07/21 15:11:40| FD 18 Closing HTTP connection 2012/07/21 15:11:40| FD 19 Closing HTCP socket 2012/07/21 15:11:40| FD 20 Closing SNMP socket 2012/07/21 15:11:40| logfileClose: closing log /var/squid/logs/access.log 2012/07/21 15:11:40| Including Configuration File: /usr/local/etc/squid/squid.conf (depth 0) 2012/07/21 15:11:40| Cache dir '/var/squid/cache' size remains unchanged at 10240000 KB 2012/07/21 15:11:40| squid.conf line 82: refresh_pattern ([^.]+.|)avast.com/.*\.(vpu|vpaa) 4320 100% 43200 reload-into-ims 2012/07/21 15:11:40| parse_refreshpattern: Invalid regular expression '([^.]+.|)avast.com/.*\.(vpu|vpaa)': empty (sub)expression 2012/07/21 15:11:40| squid.conf line 83: refresh_pattern ([^.]+.|)spywareblaster.net/.*\.(dtb) 4320 100% 64800 reload-into-ims 2012/07/21 15:11:40| parse_refreshpattern: Invalid regular expression '([^.]+.|)spywareblaster.net/.*\.(dtb)': empty (sub)expression 2012/07/21 15:11:40| Initialising SSL. 2012/07/21 15:11:40| logfileOpen: opening log /var/squid/logs/access.log 2012/07/21 15:11:40| Store logging disabled 2012/07/21 15:11:40| Referer logging is disabled. 2012/07/21 15:11:40| DNS Socket created at 0.0.0.0, port 64180, FD 13 2012/07/21 15:11:40| Adding domain localdomain from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 127.0.0.1 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 192.168.0.254 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 192.168.2.254 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 208.67.222.222 from /etc/resolv.conf 2012/07/21 15:11:40| Adding nameserver 208.67.220.220 from /etc/resolv.conf 2012/07/21 15:11:40| Accepting proxy HTTP connections at 192.168.10.254, port 3128, FD 15. 2012/07/21 15:11:40| Accepting transparently proxied HTTP connections at 127.0.0.1, port 3128, FD 18. 2012/07/21 15:11:40| Accepting HTCP messages on port 4827, FD 19. 2012/07/21 15:11:40| Accepting SNMP messages on port 3401, FD 20. 2012/07/21 15:11:40| WCCP Disabled. 2012/07/21 15:11:40| Configuring havp Parent havp/3125/0 2012/07/21 15:11:40| Loaded Icons. 2012/07/21 15:11:40| Ready to serve requests. 2012/07/21 15:11:40| Preparing for shutdown after 627 requests 2012/07/21 15:11:40| Waiting 3 seconds for active connections to finish 2012/07/21 15:11:40| FD 15 Closing HTTP connection 2012/07/21 15:11:40| FD 18 Closing HTTP connection 2012/07/21 15:11:43| Reconfiguring Squid Cache (version 2.7.STABLE9)... 2012/07/21 15:11:43| FD 19 Closing HTCP socket 2012/07/21 15:11:43| FD 20 Closing SNMP socket 2012/07/21 15:11:43| logfileClose: closing log /var/squid/logs/access.log 2012/07/21 15:11:43| Including Configuration File: /usr/local/etc/squid/squid.conf (depth 0) 2012/07/21 15:11:43| Cache dir '/var/squid/cache' size remains unchanged at 10240000 KB 2012/07/21 15:11:43| squid.conf line 82: refresh_pattern ([^.]+.|)avast.com/.*\.(vpu|vpaa) 4320 100% 43200 reload-into-ims 2012/07/21 15:11:43| parse_refreshpattern: Invalid regular expression '([^.]+.|)avast.com/.*\.(vpu|vpaa)': empty (sub)expression 2012/07/21 15:11:43| squid.conf line 83: refresh_pattern ([^.]+.|)spywareblaster.net/.*\.(dtb) 4320 100% 64800 reload-into-ims 2012/07/21 15:11:43| parse_refreshpattern: Invalid regular expression '([^.]+.|)spywareblaster.net/.*\.(dtb)': empty (sub)expression 2012/07/21 15:11:43| Initialising SSL. 2012/07/21 15:11:43| logfileOpen: opening log /var/squid/logs/access.log 2012/07/21 15:11:43| Store logging disabled 2012/07/21 15:11:43| Referer logging is disabled. 2012/07/21 15:11:43| DNS Socket created at 0.0.0.0, port 40718, FD 13 2012/07/21 15:11:43| Adding domain localdomain from /etc/resolv.conf 2012/07/21 15:11:43| Adding nameserver 127.0.0.1 from /etc/resolv.conf 2012/07/21 15:11:43| Adding nameserver 192.168.0.254 from /etc/resolv.conf 2012/07/21 15:11:43| Adding nameserver 192.168.2.254 from /etc/resolv.conf 2012/07/21 15:11:43| Adding nameserver 208.67.222.222 from /etc/resolv.conf 2012/07/21 15:11:43| Adding nameserver 208.67.220.220 from /etc/resolv.conf 2012/07/21 15:11:43| Accepting proxy HTTP connections at 192.168.10.254, port 3128, FD 15. 2012/07/21 15:11:43| Accepting transparently proxied HTTP connections at 127.0.0.1, port 3128, FD 16. 2012/07/21 15:11:43| Accepting HTCP messages on port 4827, FD 18. 2012/07/21 15:11:43| Accepting SNMP messages on port 3401, FD 19. 2012/07/21 15:11:43| WCCP Disabled. 2012/07/21 15:11:43| Configuring havp Parent havp/3125/0 2012/07/21 15:11:43| Loaded Icons. 2012/07/21 15:11:43| Ready to serve requests. 2012/07/21 15:11:44| Shutting down... 2012/07/21 15:11:44| FD 18 Closing HTCP socket 2012/07/21 15:11:44| FD 19 Closing SNMP socket 2012/07/21 15:11:44| Closing unlinkd pipe on FD 17 2012/07/21 15:11:44| storeDirWriteCleanLogs: Starting... 2012/07/21 15:11:44| Finished. Wrote 915 entries. 2012/07/21 15:11:44| Took 0.0 seconds (266065.7 entries/sec). CPU Usage: 39.768 seconds = 0.393 user + 39.375 sys Maximum Resident Size: 10420 KB Page faults with physical i/o: 0 2012/07/21 15:11:44| logfileClose: closing log /var/squid/logs/access.log 2012/07/21 15:11:44| Squid Cache (Version 2.7.STABLE9): Exiting normally. 2012/07/21 15:11:49| Starting Squid Cache version 2.7.STABLE9 for amd64-portbld-freebsd8.1... 2012/07/21 15:11:49| Process ID 29553 2012/07/21 15:11:49| With 8388 file descriptors available 2012/07/21 15:11:49| Using kqueue for the IO loop 2012/07/21 15:11:49| DNS Socket created at 0.0.0.0, port 52396, FD 12 2012/07/21 15:11:49| Adding domain localdomain from /etc/resolv.conf 2012/07/21 15:11:49| Adding nameserver 127.0.0.1 from /etc/resolv.conf 2012/07/21 15:11:49| Adding nameserver 192.168.0.254 from /etc/resolv.conf 2012/07/21 15:11:49| Adding nameserver 192.168.2.254 from /etc/resolv.conf 2012/07/21 15:11:49| Adding nameserver 208.67.222.222 from /etc/resolv.conf 2012/07/21 15:11:49| Adding nameserver 208.67.220.220 from /etc/resolv.conf 2012/07/21 15:11:49| Referer logging is disabled. 2012/07/21 15:11:49| logfileOpen: opening log /var/squid/logs/access.log 2012/07/21 15:11:49| Unlinkd pipe opened on FD 17 2012/07/21 15:11:49| Swap maxSize 10240000 + 65536 KB, estimated 792733 objects 2012/07/21 15:11:49| Target number of buckets: 39636 2012/07/21 15:11:49| Using 65536 Store buckets 2012/07/21 15:11:49| Max Mem size: 65536 KB 2012/07/21 15:11:49| Max Swap size: 10240000 KB 2012/07/21 15:11:49| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec 2012/07/21 15:11:49| Store logging disabled 2012/07/21 15:11:49| Rebuilding storage in /var/squid/cache (CLEAN) 2012/07/21 15:11:49| Using Least Load store dir selection 2012/07/21 15:11:49| Current Directory is /etc 2012/07/21 15:11:49| Loaded Icons. 2012/07/21 15:11:50| Accepting proxy HTTP connections at 192.168.10.254, port 3128, FD 18. 2012/07/21 15:11:50| Accepting transparently proxied HTTP connections at 127.0.0.1, port 3128, FD 19. 2012/07/21 15:11:50| Accepting HTCP messages on port 4827, FD 20. 2012/07/21 15:11:50| Accepting SNMP messages on port 3401, FD 21. 2012/07/21 15:11:50| WCCP Disabled. 2012/07/21 15:11:50| Configuring havp Parent havp/3125/0 2012/07/21 15:11:50| Ready to serve requests. 2012/07/21 15:11:50| Done reading /var/squid/cache swaplog (915 entries) 2012/07/21 15:11:50| Finished rebuilding storage from disk. 2012/07/21 15:11:50| 915 Entries scanned 2012/07/21 15:11:50| 0 Invalid entries. 2012/07/21 15:11:50| 0 With invalid flags. 2012/07/21 15:11:50| 915 Objects loaded. 2012/07/21 15:11:50| 0 Objects expired. 2012/07/21 15:11:50| 0 Objects cancelled. 2012/07/21 15:11:50| 0 Duplicate URLs purged. 2012/07/21 15:11:50| 0 Swapfile clashes avoided. 2012/07/21 15:11:50| Took 0.3 seconds (3391.3 objects/sec). 2012/07/21 15:11:50| Beginning Validation Procedure 2012/07/21 15:11:50| Completed Validation Procedure 2012/07/21 15:11:50| Validated 915 Entries 2012/07/21 15:11:50| store_swap_size = 9070k 2012/07/21 15:11:50| storeLateRelease: released 0 objects
R

Squid->HAVP->Squid Configuration

Watching Ignoring Scheduled Pinned Locked Moved
7

0 Votes

7 Posts

2k Views

R

Thanks for your replies Yes, {inet} -> havp -> squid -> {clients}, works fine as havp detected virus with eicar.org squid has entries in both cache and access logs. But with current setup some sites open very slow e.g. youtube - i think this is due to havp. i whitelisted youtube and have good results. That is the reason I was thinking for sandwich config, coz then I dont have to whitelist anything in HAVP
C

Use Snort as Instrusion Detection only not Prevention

Watching Ignoring Scheduled Pinned Locked Moved
6

0 Votes

6 Posts

2k Views

F

Services: Snort: Snort Alerts Services: Snort Blocked Hosts
T

Zabbix 2.0 proxy

Watching Ignoring Scheduled Pinned Locked Moved
2

0 Votes

2 Posts

2k Views

U

Yeah, Zabbix 2.0 Proxy upgrade would be nice.
B

Monitoring proxy server squid pfsense 2.0.1 ? how to

Watching Ignoring Scheduled Pinned Locked Moved
26

0 Votes

26 Posts

46k Views

J

Error: Could not find report index file. Check sarg settings and try to force sarg schedule. SOLUCION!!!! En la Pestaña Schedule una tarea con la Siguiente configuracion: Descripcion : Nombre que ustedes decidan Sarg arg: -d date +%d/%m/%Y-date +%d/%m/%Y Frecuency: 15m Luego lo guardan y se van a la pestaña general Seleccionan: user graphics remove temporary files generate the main index generate the index tree overwrite report use comma instead pint in reports show de downloaded volume ond date/time reports En la sección REPORT TO GENERATE se seleccionan todos Se guarda la configuracion y vamos de nuevo a la pestaña de schedule abrimos la tarea y damos en el boton FORCE UPDATE NOW Esperamos a que ejecute la tarea y por ultumo vamos al la pestaña donde vemos el reporte!!!!
B

Mail notification on WAN IP Change (cron)

Watching Ignoring Scheduled Pinned Locked Moved
5

0 Votes

5 Posts

7k Views

B

Excellent. I'll be sure to enable smtp notifications and see if that helps. Appreciate the response!
D

Snort Widget fix (Snort 2.9.2.3 pkg v. 2.5.0)

Watching Ignoring Scheduled Pinned Locked Moved
14

0 Votes

14 Posts

4k Views

D

@ermal thanks for committing the code Just viewed your changes, but with your code the widget will first display all alerts from IF 0 then IF 1 and so on, I think it is more desireable to display alerts sorted by date, not by interface. Thats why I added the sorting of timestamps.

264 / 465