1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    JonathanLeeJ
    Squid can be configured externally, I would love a how to guide on how to do this correctly.

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    DARAD
    Hello team, I have a Netgate 8200 running 24.11-RELEASE (amd64) with Suricata 7.0.8_5 package installed. Suricata doesn't seem to start. It loops to red once I press the Play button on the interface. It leaves no logs in the System logs, it leaves no logs in suricata.log at /var/log/suricata/suricata_ovpns933787/suricata.log I tried launching it manually: # /usr/local/bin/suricata -V or # /usr/local/bin/suricata -c /usr/local/etc/suricata/suricata_33787_ovpns9/suricata.yaml -i suricata_ovpns933787 and I get this output ld-elf.so.1: /usr/local/bin/suricata: Undefined symbol "__strlcpy_chk@FBSD_1.8" Thanks in advance, Dara

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    573 Topics
    3k Posts
    dennypageD
    @kabeda If memory serves, that old version of ntopng did not run as user ntopng, but as user nobody. There are lots of problems in that old version. Anyway, check the ownership and permissions of /var/db/ntopng and make sure it matches the user that ntopng runs as. You may need to set ownership of the entire hierarchy. Example: /usr/sbin/chown -R nobody:nobody /var/db/ntopng However, the better choice would be to upgrade to a more recent version.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    BBcan177B
    @Draco try to goto the General Tab, first ensure that the Keep Settings option is checked. Then unchecked Enable pfBlockerNG so that its disabled. Hit save. Force Update. Then reenable pfBlockerNG and Force update.

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    102 Topics
    3k Posts
    C
    @dennypage Nicely done sir!

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    503 Topics
    3k Posts
    GPz1100G
    @agitelzon I have no issue connecting to LE servers from pf shell. The issue is cloudflare security setting is configured as a whitelist for api zone record changes. The whitelist includes my ipv4 address only, as a /32. As I mentioned, I could add the ipv6 prefix as a /64. Given that pf is configured to prefer ipv4, I thought that would carry over to acme as well.

  • Discussions about the FRR Dynamic Routing package on pfSense

    296 Topics
    1k Posts
    C
    This one has been tricky still not sure what to try. Any ideas?

  • Discussions about the Tailscale package

    93 Topics
    657 Posts
    C
    @lbm_ I have the same problem: pfSense v25.07.1 on FreeBSD 15-Current, Netgate 6100. Could you let me know if you found a solution? I haven't. I have been updating Tailscales from Freshports while keeping the Tailscale Package installed. I have recently read that this can cause problems with routes, interfaces, firewall rules, and others. I am leaning towards deleting the Tailscale package.

  • Discussions about WireGuard

    716 Topics
    4k Posts
    chpalmerC
    @tinfoilmatt Thanks! I have done that and it worked when forcing just her TV out the Centurylink.. My problem is my local box here. Im missing something because I can not get it to pass traffic from the WAN to the Wireguard tunnel. Ive got some time today so will chip away on my lab setup to see if I can finally accomplish it here first.
Log in to post
Load new posts
  • J

    VnStat errors

    Locked
    5
    0 Votes
    5 Posts
    3k Views
    J
    I wasn't the one to install the wireless NIC without an antenna & management doesn't seem to want to get some so that we can use that instead of the router we now use for our wireless connections. I guess in this case I could just un-assign it. I have to admit it but I am somewhat new at using pfSense. Edit 2010-05-14 Well after un-assigning it & then uninstalling & re-installing vnStat the error went away. I still think you might want to look at the code I gave you as it could remove the error for anyone else when they first install vnStat on to their box.
  • S

    How to use squid

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    jimpJ
    You probably was to at least read this page: http://doc.pfsense.org/index.php/Setup_Squid_as_a_Transparent_Proxy
  • G

    Squid & Captive Portal.. but not captive portal

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    jimpJ
    If you don't like using CP, then your only choice would be to somehow (hardcode, group policy, WPAD, etc) put the proxy settings on every workstation directly. That is also the only way you'd be able to control access to HTTPS/SSL sites.
  • V

    How to install aditional pakege in pfsense

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    D
    @vikram_scs: how to install aditional pakege in pfsense pkg_add -r pkgURL
  • B

    Squid - allowed subnets

    Locked
    7
    0 Votes
    7 Posts
    8k Views
    B
    That seems to do the trick, thanks! (don't know why I didn't see that myself, duh)
  • K

    Squid proxy not doing anything

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    K
    the pfSense router has DHCP enabled, and the LAN card connects to 48 Port switch with 3 vlans, so turning off transparent proxy is not useful to me  :( I suppose i could try non-transparent on one computer to see it i can get it working at all for troubleshooting…
  • A

    Installing SABnzbd?

    Locked
    5
    0 Votes
    5 Posts
    4k Views
    A
    Ok, thanks!
  • technicalT

    Havp Update problems and crash

    Locked
    20
    0 Votes
    20 Posts
    12k Views
    D
    HAVP "reboot" updated.
  • J

    Snort: Don't Automatically Add Internal Subnets

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • C

    Pfstat?

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    C
    How many packets are blocked
  • S

    Snort and freeradius issue

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    jimpJ
    That's a pretty vague report. We'd need a lot more information before we could even speculate on what may or may not be an issue. Do they work when installed separately? Are you sure you have them both properly configured? Any errors in the system logs? Are you on the full install or NanoBSD/embedded?
  • 3

    Bandwith Monitor - HELP

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    3
    Thanks forthe replys guys, ive installed Pfsense 1.2.3 onto my machine, gone to packages but whenever i try to install ntop it just hangs at "extracting" and i cant even get back to 192.168.1.1 though he web interface and end up having to hard reboot. ive installed bandwidthd.. and its running but cant figure out the config to get it to display graphs. and have also installed darkstat but i cant seem to "start" the service.. every time ive installed.. or attempted to install a package ive had to hard reboot the router.. any ideas why this probel could be occuring? can anyone help me with the bandwidthd config? [image: screenyph.jpg] thanks again
  • V

    HAVP not in package list ??

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    jimpJ
    Many packages are disabled on NanoBSD/embedded because they do not work properly with the filesystem and RAM restrictions of embedded systems.
  • V

    Few HAVP Issues

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    V
    I will assume that this is the cache for HAVP/Squid? I just tested on a different computer and things are getting by HAVP. (testing with same test pages) Now, some things will get blocked…but others are not. I cleared all cache from IE and FF before testing.
  • B

    How to clear lightsquid report

    Locked
    2
    0 Votes
    2 Posts
    6k Views
    J
    I think it might be in /var/lightsquid/report since I'm getting an error about that folder. I'm still trying to get the logging to work.
  • J

    SquidGuard int error page

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    J
    thanks, i just edit file, and everything works
  • F

    HAVP accessed denied image

    Locked
    5
    0 Votes
    5 Posts
    4k Views
    F
    Sorry guess I'm a newb.  I'm not sure how to modify these files.  The template files seem to just have garbage in them.
  • S

    Nrpe - add check_gmirror to the plugin list

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    E
    Shouldn't be a problem. I'll take a look at it. -Erik
  • I

    "Rate" feature requests

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    jimpJ
    I'm not sure if the original author of the rate package is still hanging around. As for the reverse DNS, that wouldn't be advisable for such a live view in the GUI. You could use a console app such as iftop or trafshow to get a better idea of the kind of info you're really after. You can install them from the shell, such as: # pkg_add -r iftop # rehash # iftop -i <lan interface=""></lan>
  • L

    Snort and Barnyard2

    Locked
    6
    0 Votes
    6 Posts
    13k Views
    G
    James, thank you very much for your hard work on Snort - awesome package! I've upgraded with each new version and am running Snort 2.8.5.3 pkg v. 1.25. Snort runs but my one problem is Banyard 2 which is showing enabled but is not running due to mysql. I do have mysql enabled but forgot the original password required in the barnyard tab. Restarting snort shows this entry in the logs: barnyard2[32432]: fatal error: database: mysql_error: can't connect to local mysql server through socket '/tmp/mysql.sock I looked at the snorby tutorial in the FAQ for barnyard but I know you said barnyard is now fixed so not sure what to do to get banyard2 to turn green/enabled with my password issue. Any ideas?
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.