1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    N

    Can I use pgblockerng aliases in Haproxy?

    80758505-9bad-4dad-a80b-c159be1045a2-image.png

    If it was a firewall rule, typing pfb would produce a dropdown to select.

    Here it has to be written, but will it work? Is it supported?

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    bmeeksB

    I saw where the Netgate kernel developer updated the Suricata package in the pfSense 25.07 development branch to work with the new kernel PPPoE driver. But so far as I know that updated package has not been migrated to 2.8 CE.

    Here is the commit into the DEVEL branch: https://github.com/pfsense/FreeBSD-ports/commit/68a06b3a33c690042b61fb4ccfe96f3138e83b72.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    571 Topics
    3k Posts
    K

    @pulsartiger
    The database name is vnstat.db and its location is under /var/db/vnstat.
    With "Backup Files/Dir" we are able to do backup or also with a cron.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    GertjanG

    @AlexK-0 said in Can't receive GeoIP databases updates anymore, banned:

    Days ago, I received from MaxMind an email, notifying me that my country has been banned to receive GeoLite City database updates.

    You've found a reason to use a VPN.

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    99 Topics
    2k Posts
    K

    @elvisimprsntr thanks for your suggestion. I will give it a try.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    493 Topics
    3k Posts
    EChondoE

    @fxandrei Found this thread via Google. And I figured out what OP did, so here's the explanation:

    In the pfSense webpage do:

    Click on "Services" Select "Acme Certificates" Edit any of your certificate entries by clicking on the pencil icon. Scroll to the bottom of the certificate edit page and find the "Actions list" section. Click on "Add" to add a new action and fill out the information as needed. For HAProxy restarting do: Mode: Enabled Command: /usr/local/etc/rc.d/haproxy.sh restart Method: Shell Command And finally "Save" at the bottom of the cert edit page.

    As far as I can tell, the above action seems to propagate to all certificates that I have, not just a single one. I am not sure if this is just a visual bug, but just something to be aware of.

    I haven't been able to confirm if the above works(mine just renewed, don't feel like doing it again just to test), so we'll see in 60 days I guess.

    Hopefully this helps you and anyone else that finds this thread via searching.

  • Discussions about the FRR Dynamic Routing package on pfSense

    294 Topics
    1k Posts
    R

    I had a similar issue with Routed VTI over IPsec recently. FRR lost its neighbors after rebooting or when a tunnel went down. It never re-discovered it automatically. Only restarting FRR (either in GUI or via CLI) brought the neighbors back.

    When I manually added those under the OSPF neighbors tab in the GUI it seems to solve the problem as well.

  • Discussions about the Tailscale package

    89 Topics
    574 Posts
    A

    Hello,
    I am unable to get the Tailscale package to work. The page at VPN > Tailscale > Authentication is stuck. It displays the error "Tailscale is not online," but also shows a "Logout and Clean" button, with no option to log in.
    link text

    This state persists even after performing the following troubleshooting steps:

    Rebooting the pfSense router.

    Completely uninstalling and reinstalling the Tailscale package multiple times.

    Clearing browser cache and using a private browser window.

    Toggling the main "Enable Tailscale" checkbox in the settings.

    Checking the logs, which show the service gets a "terminate" signal and shuts down cleanly; it does not crash.

    Manually trying to delete the state file with rm /var/db/tailscale/tailscaled.state, which failed because the file does not exist.

    It appears that the package's configuration is corrupted in a way that persists even after reinstallation. Can anyone advise on how to perform a complete manual cleanup of all Tailscale files and settings?

  • Discussions about WireGuard

    689 Topics
    4k Posts
    P

    @patient0 Thanks for further suggestions. The tunnel is definitely up and so I don't think this is a CGNAT issue after all. WAN firewall rule is in place for UDP on port 51823 (otherwise the tunnel wouldn't work, right?). I can ping from client 1 -> client 2 and visa versa and also ping all points in between like you suggest. I just can't open an HTTPS connection from pfSenseB from Client 1 using a browser. But I can do this the other way round i.e. from Client 2 to pfSenseA

    I will try and do some packet capture to see if that reveals anything.

Log in to post
Load new posts
  • L

    Moving to EAP-TLS, how to disable other types?

    1
    0 Votes
    1 Posts
    315 Views
    No one has replied
  • F

    Arpwatch Notification : [Zeek] Connection summary

    1
    0 Votes
    1 Posts
    296 Views
    No one has replied
  • T

    CPU temp and Zabbix

    2
    0 Votes
    2 Posts
    1k Views
    T

    @titan-frost

    I actually did this long time ago and it is still working after 2.5 upgrade.

    UserParameter=pfsense.cpu.avg.temp,sysctl dev.cpu | grep temperature | cut -f2 -d ' ' | cut -f1 -d 'C' | awk '{s+=$1} END {print s/NR}'

  • S

    NUT Custom devd Rule

    4
    2 Votes
    4 Posts
    986 Views
    D

    Two steps to do this without a reboot:

    /etc/rc.d/devd restart Physically unplug and plugin the USB cable from the UPS
  • O

    openvpn-client-export - not showing OpenVPN server in Remote Access Server dropdown menu

    4
    0 Votes
    4 Posts
    998 Views
    O

    Well. Found the error. Had Chosen Peer to Peer in place of Remove Access in Server Mode. So yeah. A single dropdown menu error. S***.

  • M

    What is stopping googleadds?

    7
    0 Votes
    7 Posts
    826 Views
    GertjanG

    @modesty said in What is stopping googleadds?:

    @kom Thanks for answer

    I also disabled squid proxy server service, still get "cant reach"

    this is what happens if i click on a google add:

    5e62636d-55b7-4078-b891-360b262c7606-image.png

    You're showing in image of something.
    "Images" are nice when things go well.
    These days, video's took,over.

    When there are issues, images and videos show nothing.

    You should show us the real stuff :
    On your 'PC' :

    C:\Users\Left>nslookup www.googleadservices.com Serveur : pfsense.scotybeammeup.net Address: 2001:470:baba:5c0:2::1 Some one told me : Nom : www.googleadservices.com Address: 216.58.213.66

    Also good : on pfSense :

    [2.5.1-RELEASE][admin@pfsense.scotybeammeup.net]/root: dig @127.0.0.1 www.googleadservices.com +short 216.58.213.66

    What is your answer ?
    10.10.10.1 ? ((( 👍 😊 )))
    In that case : reset your lcoal DNS cache., reset the pfSense DNS cache, and you'll be fine.

    Nothing ? DNS is broken ...

    Btw : some pfSense packages can really be helpful, I agree. But I didn't know there was a "who can install them all contest".

  • federicopF

    freeradius / ntopng error

    1
    0 Votes
    1 Posts
    320 Views
    No one has replied
  • P

    Packages not installing

    2
    0 Votes
    2 Posts
    413 Views
    P

    @powerextreme
    I ended up going to System->Update-> Update Settings and then for Branch selecting Previous Stable Version

  • A

    squid

    1
    0 Votes
    1 Posts
    350 Views
    No one has replied
  • fireodoF

    py37-speedtest-cli-2.1.2

    7
    0 Votes
    7 Posts
    2k Views
    B

    @kevinrice Its clearly documented in their github issues.

  • S

    Packages for 2.4.4-p3

    3
    0 Votes
    3 Posts
    551 Views
    S

    @stefan-lazarevic Netgate provides packages for the current and former (2.4.5) versions. If you prefer you can use System/Update to set it to "previous stable version" and upgrade to 2.4.5, then install packages for 2.4.5. Overall, only install packages for your version of pfSense.

  • D

    NTOPNG crashing on PFSENSE+

    2
    1 Votes
    2 Posts
    538 Views
    B

    @dwighthenry61 Same issue here on a SG-3100. Service just keeps stopping. Can't find any logs that seem to relate to the issue of course I'm not logging to a syslog server where I could do a thorough search either.

  • L

    Arpwatch / Node_exporter(?) generating a notification mail every minute

    Moved
    1
    0 Votes
    1 Posts
    312 Views
    No one has replied
  • C

    Avahi HomeKit

    3
    0 Votes
    3 Posts
    1k Views
    NogBadTheBadN

    @charlie48 said in Avahi HomeKit:

    If I want to control it via HomeKit app it does work only if phone is on same VLAN as Philips HUE.

    Yes unless you have an AppleTV or HomePod acting as a home hub.

  • N

    SG-2220 w/ LTE, Cellular doesn't work on reboot

    5
    0 Votes
    5 Posts
    700 Views
    N

    @gertjan I went ahead with the config. I've tried now to rollback to a previous config with the bug, but I don't think I guessed it. Thing is, the issue was there with 2 fresh installs and 2 upgrades. I'm certain the interface was already enabled prior to hitting save.

  • chudakC

    “snort *** Caught Term-Signal” errors

    14
    0 Votes
    14 Posts
    2k Views
    bmeeksB

    @chudak said in “snort *** Caught Term-Signal” errors:

    @bmeeks

    I am happy to accept that this is normal

    I was confused by “A Signal 4 error is most definitely not "normal". Something severe happened in that case to trigger that error. That means the CPU tried to execute binary code that is incompatbile with the CPU platform.”

    Thx!

    A Signal 4 error is indeed not normal. A Term-Signal is perfectly normal. They are not at all related.

  • B

    Packages for 2.2.6 no longer available?

    Moved
    5
    0 Votes
    5 Posts
    1k Views
    bmeeksB

    No, packages for older versions are not available with the exception of the most recently retired version. So since 2.5.0 came out back in February, you can still change a system setting and install packages from the 2.4.5_p1 branch (the previous stable version), but you can't go back any farther. And those legacy version packages will not track their counterparts in the RELEASE branch (i.e., they will be potentially an older version and will not be current).

    You have a very old version of pfSense, and a 32-bit one at that. There is no longer a 32-bit version of pfSense for AMD/Intel platforms. So if you truly have a 32-bit only box, then you need to upgrade to 64-bit hardware and then upgrade pfSense.

  • C

    NUT

    3
    0 Votes
    3 Posts
    607 Views
    GertjanG

    @coreybrett said in NUT:

    Will the NUT package shut the pfS box down?

    Connect to the console to have a first row seat.
    Rip out the power.
    See what happens, answers are scrolling on the screen.

  • S

    Avahi (mDNS) stops working after ~30 mins on pfSense 2.5

    21
    0 Votes
    21 Posts
    4k Views
    V

    @theskelly I am glad I could help.

  • L

    is it possible to configure multiple rules in SQuidGuard?

    4
    0 Votes
    4 Posts
    650 Views
    KOMK

    @lotfidz You must not have looked very hard. Go to Google. Search for 'pfsense squidguard ldap acl'

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.