1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    JonathanLeeJ
    Squid can be configured externally, I would love a how to guide on how to do this correctly.

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    DARAD
    Hello team, I have a Netgate 8200 running 24.11-RELEASE (amd64) with Suricata 7.0.8_5 package installed. Suricata doesn't seem to start. It loops to red once I press the Play button on the interface. It leaves no logs in the System logs, it leaves no logs in suricata.log at /var/log/suricata/suricata_ovpns933787/suricata.log I tried launching it manually: # /usr/local/bin/suricata -V or # /usr/local/bin/suricata -c /usr/local/etc/suricata/suricata_33787_ovpns9/suricata.yaml -i suricata_ovpns933787 and I get this output ld-elf.so.1: /usr/local/bin/suricata: Undefined symbol "__strlcpy_chk@FBSD_1.8" Thanks in advance, Dara

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    573 Topics
    3k Posts
    dennypageD
    @kabeda If memory serves, that old version of ntopng did not run as user ntopng, but as user nobody. There are lots of problems in that old version. Anyway, check the ownership and permissions of /var/db/ntopng and make sure it matches the user that ntopng runs as. You may need to set ownership of the entire hierarchy. Example: /usr/sbin/chown -R nobody:nobody /var/db/ntopng However, the better choice would be to upgrade to a more recent version.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    fireodoF
    @FiskerK said in easylist nordic no domains error: I beleave this is the list: https://github.com/DandelionSprout/adfilt/blob/master/NorwegianList.txt Hi, this is a site answering with "404" (not found) - maybe there are some changes underway ... This is what I found - maybe you find something fitting your needs: https://github.com/DandelionSprout/adfilt/tree/master/NorwegianExperimentalList%20alternate%20versions Ciao, fireodo

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    102 Topics
    3k Posts
    C
    @dennypage Nicely done sir!

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    503 Topics
    3k Posts
    GPz1100G
    @agitelzon I have no issue connecting to LE servers from pf shell. The issue is cloudflare security setting is configured as a whitelist for api zone record changes. The whitelist includes my ipv4 address only, as a /32. As I mentioned, I could add the ipv6 prefix as a /64. Given that pf is configured to prefer ipv4, I thought that would carry over to acme as well.

  • Discussions about the FRR Dynamic Routing package on pfSense

    296 Topics
    1k Posts
    C
    This one has been tricky still not sure what to try. Any ideas?

  • Discussions about the Tailscale package

    93 Topics
    657 Posts
    C
    @lbm_ I have the same problem: pfSense v25.07.1 on FreeBSD 15-Current, Netgate 6100. Could you let me know if you found a solution? I haven't. I have been updating Tailscales from Freshports while keeping the Tailscale Package installed. I have recently read that this can cause problems with routes, interfaces, firewall rules, and others. I am leaning towards deleting the Tailscale package.

  • Discussions about WireGuard

    716 Topics
    4k Posts
    chpalmerC
    @tinfoilmatt Thanks! I have done that and it worked when forcing just her TV out the Centurylink.. My problem is my local box here. Im missing something because I can not get it to pass traffic from the WAN to the Wireguard tunnel. Ive got some time today so will chip away on my lab setup to see if I can finally accomplish it here first.
Log in to post
Load new posts
  • L

    HAVP

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    D
    http://www.gossamer-threads.com/lists/clamav/users/39516
  • M

    Is possible to disable squid GUI configurator

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    H
    In this case i would simply remove the pfsense squid package and install the squidpackage with pkg_add -r packagename.
  • N

    [Resolved] Squid error after update 2.0-RC3 (i386) built on Tue Aug 30

    Locked
    4
    0 Votes
    4 Posts
    14k Views
    R
    @nl: I've found the problem : Disable loopback interface in squid and everything goes on. I've checked my squid.conf after applying your method and I think I understand now - your fix does exactly the same thing as mine. Simply after adding loopback interface squid puts incorrectly http_port 127.0.0.1:3128 thus disabling next line with transparent option, so it's a slight change in GUI interpretation in the latest version of squid package.
  • JSmoradaJ

    Email in Countryblock

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    T
    The email feature is outdated and not needed anymore. The email feature will be removed in the next version.
  • 1

    PfSense packages not showing

    Locked
    3
    0 Votes
    3 Posts
    14k Views
    1
    Thanks jimp ;D, sorry I should of said I was setting it up behind an Untangle box, tried it with a straight connection to the internet and brought up packages no problem. The command also worked when behind the untangle box. Once I get pfSense all set up I will replace Untangle and have Untangle in transparent bridge mode. Once again thanks  ;D
  • L

    SquidGuard configuration hacks for nanobsd (4g), please.

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    jimpJ
    The basic functions can work, passing/blocking, but blacklists cannot work there.
  • N

    [SOLVED] sanpshot 15 July amd64, freeRADIUS not starting correct

    Locked
    3
    0 Votes
    3 Posts
    5k Views
    N
    Hi, the problem with acc_users was that the service dind't start in any case. There was an error while starting freeRADIUS. The problem with "php: : Not calling package sync code for dependency freeradiussettings of freeradius because some include files are missing". I didn't get the past weeks but it comes up again - but radius is working. I have this still with squid but squid is working, too.
  • S

    IMSpector upgrade

    Locked
    34
    0 Votes
    34 Posts
    16k Views
    B
    @rambabu_mail: Thank you very much for your reply bill, Can you please explain how to configure it properly. I can see yahoo and msn chats but not gtalk. I have created the certificate through Cert Manager gui as an internal certificate and provided the same in Imspector configuration. Is this correct. Are there any steps required. Pls help. You configured the Certificate Authority and the system cert?  That's all you should need.  Again the error implies that the Google server didn't present a cert (which is rather odd).  Maybe something else is intercepting your chats? –Bill --Bill
  • R

    Squid Access Logs

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    M
    Have you found a solution to this?  I am trying to figure out how to control how much history is analyzed by lightsquid?  Not sure whether to leave the log rotato variable in squid blank, etc.  Thanks.
  • M

    SquidGuard / Squid Not Logging Blocked WebSites?

    Locked
    3
    0 Votes
    3 Posts
    3k Views
    D
    2 Miller88 Pls post you Proxy Filter config.
  • M

    PfSense 2.0 RC3 and Squid log rotation with Lighsquid Proxy Reporting?

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • ?

    Necessity of Snort

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    N
    Closing all ports on the WAN site will help you to prevent someone to get access to your network from OUTSIDE your LAN. snort will work on your LAN side. it could detect if a virus or a trojan or a hacker who got access for example over wifi to your LAN network initiates traffic from LAN to WAN. In general you do not really need this in a home environment with less clients and if you know who has access to this/your network.
  • T

    Snort package on 64 doesn't work

    Locked
    55
    0 Votes
    55 Posts
    22k Views
    P
    I would be willing to contribute to the fund for getting AMD64 working properly.
  • T

    P3scan

    Locked
    11
    0 Votes
    11 Posts
    4k Views
    T
    Thanks Tommyboy180 I cant say that enough. Thanks to you and also all the other package Creators, and  pfsense developers that have been work so hard to make pfsense what it is today by sharing, giving us such great packages, your precious time and pfsense. Please Support pfsense package creators And Pfsense
  • V

    Bandwidth mangement on pfsense 1.2.3 with squid 2.7.9_4.1

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • O

    DNSBlacklist - script for more Ad-Filters

    Locked
    5
    0 Votes
    5 Posts
    3k Views
    S
    to be a good net citizen, I would highly recommend either of the following with fetch. Of course that will require you to leave an unmodified copy of the file on your system, such as not deleting from /var/tmp/moreHosts. from man fetch: -i file     If-Modified-Since mode: the remote file will only be                 retrieved if it is newer than file on the local host.  (HTTP                 only) -m          Mirror mode: if the file already exists locally and has the                 same size and modification time as the remote file, it will                 not be fetched.  Note that the -m and -r flags are mutually                 exclusive. Also from your script, your assuming /var/backups exists you might want to modify your script to check for its existence, and then use mkdir -p which will create all needed directories. Just my $0.02.
  • T

    Custom SquidGuard Error Pages - How to???

    Locked
    27
    1 Votes
    27 Posts
    103k Views
    S
    Well, if you mess your configuration, you can just press the Save and Apply buttons in the squidguard configuration page. It seems that you enabled the safesearch option (rew safesearch in your config file). In other hand, have you ever updated your blacklist? Because there aren't dest option in your file, here is my squidguard.conf file: # ============================================================ # SquidGuard configuration file # This file generated automaticly with SquidGuard configurator # (C)2006 Serg Dvoriancev # email: dv_serg@mail.ru # ============================================================ logdir /var/squidGuard/log dbhome /var/db/squidGuard # dest blk_BL_adv { domainlist blk_BL_adv/domains urllist blk_BL_adv/urls        redirect http://[pfsense_ip]:81/sgerror.php?url=blank_img } # dest blk_BL_aggressive { domainlist blk_BL_aggressive/domains urllist blk_BL_aggressive/urls } # dest blk_BL_alcohol { domainlist blk_BL_alcohol/domains urllist blk_BL_alcohol/urls } #Several "dest" options....   # rew safesearch { s@(google\..*/search?.*q=.*)@\1\&safe=active@i s@(google\..*/images.*q=.*)@\1\&safe=active@i s@(google\..*/groups.*q=.*)@\1\&safe=active@i s@(google\..*/news.*q=.*)@\1\&safe=active@i s@(yandex\..*/yandsearch?.*text=.*)@\1\&fyandex=1@i s@(search\.yahoo\..*/search.*p=.*)@\1\&vm=r&v=1@i s@(search\.live\..*/.*q=.*)@\1\&adlt=strict@i s@(search\.msn\..*/.*q=.*)@\1\&adlt=strict@i s@(\.bing\..*/.*q=.*)@\1\&adlt=strict@i } # acl  { # default  { pass !blk_BL_adv all redirect http://[pfsense_ip]:81/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u } } I use the shallalist.de blacklist.
  • C

    Spamd ?

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    C
    Listen on a virtual IP
  • H

    Vanish and Management Interface

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    H
    Thanks it is now working.
  • G

    DNS-Server package not completely removed - How can I get rid of remnants

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.