1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    JonathanLeeJ
    Squid can be configured externally, I would love a how to guide on how to do this correctly.

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    DARAD
    Hello team, I have a Netgate 8200 running 24.11-RELEASE (amd64) with Suricata 7.0.8_5 package installed. Suricata doesn't seem to start. It loops to red once I press the Play button on the interface. It leaves no logs in the System logs, it leaves no logs in suricata.log at /var/log/suricata/suricata_ovpns933787/suricata.log I tried launching it manually: # /usr/local/bin/suricata -V or # /usr/local/bin/suricata -c /usr/local/etc/suricata/suricata_33787_ovpns9/suricata.yaml -i suricata_ovpns933787 and I get this output ld-elf.so.1: /usr/local/bin/suricata: Undefined symbol "__strlcpy_chk@FBSD_1.8" Thanks in advance, Dara

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    573 Topics
    3k Posts
    dennypageD
    @kabeda If memory serves, that old version of ntopng did not run as user ntopng, but as user nobody. There are lots of problems in that old version. Anyway, check the ownership and permissions of /var/db/ntopng and make sure it matches the user that ntopng runs as. You may need to set ownership of the entire hierarchy. Example: /usr/sbin/chown -R nobody:nobody /var/db/ntopng However, the better choice would be to upgrade to a more recent version.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    S
    @shady28 Are you maybe looking at IP block list feeds vs DNSBL feeds?

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    102 Topics
    3k Posts
    C
    @dennypage Nicely done sir!

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    503 Topics
    3k Posts
    GPz1100G
    @agitelzon I have no issue connecting to LE servers from pf shell. The issue is cloudflare security setting is configured as a whitelist for api zone record changes. The whitelist includes my ipv4 address only, as a /32. As I mentioned, I could add the ipv6 prefix as a /64. Given that pf is configured to prefer ipv4, I thought that would carry over to acme as well.

  • Discussions about the FRR Dynamic Routing package on pfSense

    296 Topics
    1k Posts
    C
    This one has been tricky still not sure what to try. Any ideas?

  • Discussions about the Tailscale package

    93 Topics
    657 Posts
    C
    @lbm_ I have the same problem: pfSense v25.07.1 on FreeBSD 15-Current, Netgate 6100. Could you let me know if you found a solution? I haven't. I have been updating Tailscales from Freshports while keeping the Tailscale Package installed. I have recently read that this can cause problems with routes, interfaces, firewall rules, and others. I am leaning towards deleting the Tailscale package.

  • Discussions about WireGuard

    716 Topics
    4k Posts
    chpalmerC
    @tinfoilmatt Thanks! I have done that and it worked when forcing just her TV out the Centurylink.. My problem is my local box here. Im missing something because I can not get it to pass traffic from the WAN to the Wireguard tunnel. Ive got some time today so will chip away on my lab setup to see if I can finally accomplish it here first.
Log in to post
Load new posts
  • S

    Understanding SquidGuard ACL - hierarchy

    Locked
    9
    0 Votes
    9 Posts
    27k Views
    N
    Hi sully, thanks for your feedback. Nice to hear, that it is working now and we didn't something wrong :) If you like to see, if squidguard is blocking sites correctly than you have to enable the logs in squidguard. In squidguard there is a tab "Log" in which you find all logs according to squidguard. So here you can see if you son is browsing lego.com and then there is a redirect to another domain, e.g. lego-xyz.com and then this page will be blocked. so you are able to find out the URL which is blocked and than can add this to your target rules. The logging capability of squid is for the whole traffic which passes squid. it shows you urls, ips. I think this is not what you intend to do. How the hierarchy is working exaclty I do not know because I just have got one target rule and one Group ACL. But your order sounds good. But in Group ACL you have one option on top "Order". I think this is the order the Group ACLs will be apllied. If you do further tests in this case please post back your results.
  • S

    How do i change the default proxy error page?

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    S
    Found it… =) /usr/local/etc/squid/errors/English ERR_TOO_BIG
  • R

    Can´t get my head around siproxd

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    R
    Ok thanks! I got the phones from the provider preprogrammed and password locked but I will have chat with their support and see if we can sort it out so the phones gets proper settings. Everything has worked flawless though sine the firmware upgrade and reboot as I wrote about in my last reply, so for now I am quite happy. Cheers! //Peter
  • C

    Snort & IP Blocklist & StrikeBack

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    C
    @jigpe: @ Cino Whats the requirement of IP-Blocklist? (RAM), Can we uninstall it too in 2.0? And also, can we add exemption to this? jigp i'm not really sure on the ram and there i believe there is a whitelist function for it… there is a thread  just for IP-Blocklist under the Packages board. You can install and uninstall with no issues under 2.0
  • S

    SquidGuard installation problem on pfsense 2.0 RC3

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    J
    Try one of the following: 1. Clear package lock in Diagnostic>Backup/Restore then reinstall squdiguard. 2. Sometimes, you need to uninstall it first before reinstalling 3. Follow LostInIgnorance's tip: http://forum.pfsense.org/index.php/topic,39420.msg205616.html#msg205616 (it worked for me).
  • C

    IGMPProxy Thinks its there but isn't [SOLVED]

    Locked
    7
    0 Votes
    7 Posts
    2k Views
    C
    The snapshot upgrade worked! The igmpproxy is fully working again. Perhaps something to add into the 2.0 upgrade script. If the old package is there - uninstall automatically before doing the 2.0 upgrade. Glad this worked!
  • N

    Delete Squid configuration?

    Locked
    5
    0 Votes
    5 Posts
    8k Views
    N
    did the trick, but didn't fix the problems… but this does it : http://areyousecure.blogspot.com/2009/12/pfsense-speed-up-transparent-squid.html So it still apply! :) Thanks! :D edit: Not... maybe it was catched in my browser. It still take forever to load! :(
  • ?

    I don't think my SNORT is wurkin

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • M

    Snort Crashes with IPv6 DNS Servers

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    C
    Your welcome :-)
  • S

    Ntop settings

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    S
    @jimp: I seem to recall the question has come up before, searching the forum a bit may help, but if I do recall correctly, I believe that person simply reset the database directory every week and started fresh. Thanks for the rply jimp. Ill search around a bit better and see. I can put in a cron job to clear the db manually. Thanks!
  • A

    Bandwidthd total almost doube the RRD summary

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • C

    Snort UI Issues on 1.2.3 [SOLVED]

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    C
    I managed to fix this myself. Yep, real proud now. :) I checked the web source and none of the javascript files it included were in the javascript folder. All js files were in the root of www. Not sure how or why this happened but once I copied them all to the javascript folder thinmgs started working properly. Perhaps a bug with the latest package installer script? Hopefully this will help anyone else who has the same issue. Btw, I used winscp with SSH access on to do the moves. It was quite easy then.
  • C

    Squidguard Web Filter Issues

    Locked
    44
    0 Votes
    44 Posts
    42k Views
    N
    Hmmmm, I can not see any difference to my filter config. Not sure why it is not working. Please try to save and apply settings in squid guard again and then check "Filter GUI" in squid guard. Perhaps there is some info because it isn't working. please also try to check system logs after reconfiguring squidguard. perhaps you can focus the maintainer of SquidGuard "dvserge" to this thread. I am at the end of my know how.
  • J

    Anyone using the Varnish plugin on amd64?

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    marcellocM
    I'm using. vesion 0.8 was realy in alpha stage. I've send some fixes and improvements while using it for about a month. Now it is in version 0.8.6 in beta. It's really a very fast reverse proxy.
  • F

    Squidguard Auto Blacklist Updating

    Locked
    16
    1 Votes
    16 Posts
    31k Views
    B
    thans scripts is very good. :)
  • D

    SNORT - start service and it stops on the interface

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    E
    You should not use the services->status for snort since it does not work in the way you expect since snort might have more that one process running.
  • P

    Integrating Snort reports with Snort Package

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • L

    Modify Widescreen

    Locked
    15
    0 Votes
    15 Posts
    3k Views
    L
    I am working on a lot of stuff for the dashboard.  I would like to have a "add column" "delete column" buttons to the top, so if you would like to add more (within reason of calculation of minimum width of 375 per column) you can add or subtract columns as you please, though I have to edit it so when you take away columns it would regroup them to the currently available columns…if that makes sense
  • Z

    Softflow

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • R

    Can't download blacklist from URL in squidGuard?

    Locked
    2
    0 Votes
    2 Posts
    4k Views
    R
    Nevermind!  It was a DNS issue.  Doh!  :P
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.