1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    A
    Docker image for squid 7.3 and above https://hub.docker.com/r/fredbcode/squid If pfsense does not push the update.

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    DARAD
    Hello team, I have a Netgate 8200 running 24.11-RELEASE (amd64) with Suricata 7.0.8_5 package installed. Suricata doesn't seem to start. It loops to red once I press the Play button on the interface. It leaves no logs in the System logs, it leaves no logs in suricata.log at /var/log/suricata/suricata_ovpns933787/suricata.log I tried launching it manually: # /usr/local/bin/suricata -V or # /usr/local/bin/suricata -c /usr/local/etc/suricata/suricata_33787_ovpns9/suricata.yaml -i suricata_ovpns933787 and I get this output ld-elf.so.1: /usr/local/bin/suricata: Undefined symbol "__strlcpy_chk@FBSD_1.8" Thanks in advance, Dara

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    573 Topics
    3k Posts
    dennypageD
    @kabeda If memory serves, that old version of ntopng did not run as user ntopng, but as user nobody. There are lots of problems in that old version. Anyway, check the ownership and permissions of /var/db/ntopng and make sure it matches the user that ntopng runs as. You may need to set ownership of the entire hierarchy. Example: /usr/sbin/chown -R nobody:nobody /var/db/ntopng However, the better choice would be to upgrade to a more recent version.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    tinfoilmattT
    @vicking said in No blocks on IP: Is it a bad idea to have the action set to deny both instead of inbound only? Question is squarely for admin. Per the infoblock which explains, in part, the "Deny Inbound", "Deny Outbound", and "Deny Both" actions: 'Deny' Rules: 'Deny' rules create high priority 'block' or 'reject' rules on the stated interfaces. They don't change the 'pass' rules on other interfaces. Typical uses of 'Deny' rules are: Deny Both - blocks all traffic in both directions, if the source or destination IP is in the block list Deny Inbound/Deny Outbound - blocks all traffic in one direction unless it is part of a session started by traffic sent in the other direction. Does not affect traffic in the other direction. One way 'Deny' rules can be used to selectively block unsolicited incoming (new session) packets in one direction, while still allowing deliberate outgoing sessions to be created in the other direction. In other words: When set to "Deny Inbound", incoming connection requests from WAN hosts are blocked and therefore no state will be created. However a LAN host can still establish state to an otherwise listed IP. If set to "Deny Outbound", outgoing connection requests from LAN hosts are blocked and therefore no state will be created. However an incoming connection request from an otherwise listed IP to an 'open' WAN port can still establish state. If set to "Deny Both", both incoming connection requests and outbound connections requests are blocked and therefore no state will be created regardless of connection direction.

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    102 Topics
    3k Posts
    C
    @dennypage Nicely done sir!

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    503 Topics
    3k Posts
    M
    I am using the DNS-Update method I have to use a DNS-Sleep of 5 minutes to let the letsencrypt txt dns record update propagate. During this 5 minutes the acme-webgui times out. when the acme-webgui times out the Action list is NOT executed. How can I solve this ? Would it maybe be an idea to let the acme.sh script execute the actions in the action list as a post-hook instead of the web-gui? Or maybe add an option to add post-hooks in the webUI ?

  • Discussions about the FRR Dynamic Routing package on pfSense

    296 Topics
    1k Posts
    C
    This one has been tricky still not sure what to try. Any ideas?

  • Discussions about the Tailscale package

    93 Topics
    654 Posts
    C
    @luckman212, Thanks for your suggestion. I will check what I have in /usr/local/pkg/tailscale/state, and also the RAM disk settings others have brought up. I could learn more about where Tailscale and pfSense store system files. If I find anything worth sharing, I will let you know.

  • Discussions about WireGuard

    715 Topics
    4k Posts
    patient0P
    @andresbraga if you still have the firewall rules as you posted, then I don't know why from the laptop you can't ping the pfSense Wireguard address 10.10.6.1 nor the pfSense gateway 10.10.1.1 What is the routing table of the laptop. And I would run a packet capture on pfSense and check what you see if you run the ping to 10.10.1.1 or 10.10.6.1.
Log in to post
Load new posts
  • B

    Peer guadian for PFsense?

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    S
    @tester_02: Comments? Sure! Stop downloading illegal content and you wont need peer guardian! Sorry couldn't resist :)
  • T

    Issue with Snort on PFSense 1.2.2

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    T
    Please, do that. I waste a few hours to solve this problem, it have no online documentation, and may help a lot people. ;) Thanks!
  • M

    Still cant get squid working

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    M
    @trinli: okay, what happens if you set up squid as non-transparent and set proxy settings in the browsers to point at it?  Does everything work correctly?  I'm just wondering about a configuration error in squid itself so that it doesn't work, or if the problem is in the redirect of the traffic. And, just for curiosity, is the PF box set up as a bridge or something?  What is the gateway for the individual computers in the network? as in the first post Setup: Router doing DHCP -> PF sense machine -> rest of network so the PFsense box is doing bridging, and not much else. since IP's are assigned via the router, i assume it will be the default gateway as well. To be honest i dont even know what settings i'd need to use to set it up as a non transparent proxy, that was the appeal of setting it up transparently.
  • H

    Snort blocking gotomypc even after disabling gotmypc rule

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    S
    If is not in the block tab or in the alerts tab than its not been blocked. Looks like a different issue to me. what version of snort do you have?
  • H

    Update accelrator advanced proxy to enhance file cache

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    B
    WSUS is the fella you're after. Failing that, Heise's offline update is a champ, I use it extensively and it never misses a beat. If you're managing more than a handful of machines then you really need to consider WSUS and/or a controlled approach to updates anyway. Allowing random users to install the latest and greatest update at their own whim will introduce you to a whole new world of pain.
  • T

    Squidguard configuration problem?

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    T
    Actually, I think I found the problem.  I had been choosing deny for test in the "overtime" column, and time was not defined.  This might have just been user error.  If I have more problems, I'll post.
  • T

    Fit123 package

    Locked
    6
    0 Votes
    6 Posts
    2k Views
    jahonixJ
    Did you mention NOT having installed the embedded version? Don't think so. On a full install it's just a package to install. This gives the option for another theme to choose from. There shouldn't be any performance reasons not to use it. And if you don't like it just select another theme again, there's not really a risk involved in trying ot yourself.
  • G

    Snort error message in blocked list

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    K
    Hey there! ;D I got the same error just on line 801! Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to allocate 98692142 bytes) in /usr/local/pkg/snort.inc on line 801 I have read many posts about a php.ini problem, but the error message point on a snort.inc file. I does not check it out, but i found this link: http://us2.php.net/manual/en/ini.core.php#ini.memory-limit
  • G

    So I've installed Squid

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    G
    @mentalhemroids: Have you installed squid before?  Is this your first time using pfSense?  If you have a box setup with pfSense and the Squid package is installed then the answer is yes, you will need to configure some settings.  I've noticed with new installs of Squid it is missing some settings such as "allow user…" should be set, and if you want transparent proxy, then you will need to set that.  Most of the other settings I just copied from one of my other boxes.  Enable logging, if you want, and use this directory /var/squid/log  also put in the proxy port of 3128, make sure the language is set correctly and you should be fine.  You may even want to put something in for host name and administrator email.  You will probably want to be using Firefox to browse since the IE's don't work for drop downs.  Other than that you should change your cache options to what you would like to have and you'll be in business. Good Luck. Thanks for your accurate response! ^^ I happened to set all those options. Was just wondering if thats all I needed to do you know ^^. - I'm curious to know if there are any parameters that can be set sub Gui level. (?) That is - ones I'd have to set using the console. - wish I could view the console via GUI :D lol. First time using PFs yes - but I've configured firewalls before :) - so I get around with it. These other settings that you say you copy from your other boxes (upon a new install I suppose), are they just the ones we view in the web Gui? (saved to a config file no doubt). OR, are they some other configurable variables that the Gui doesn't display? (Id like to set my cache size - you speak of cache settings - where do I find those!?) if you're aware. –-EDIT!-- my goodness. I JUST realized there was a whole drop down tab of options on that page :o :o. :p Checking it out
  • C

    Router with Bandwidth Management(QoS, TOS etc)

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • D

    New Install Snort Fun

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    D
    Good point.  Since I am the one who set this thing up, I think I elected myself to be the admin for it.  I do want it to be as stable and fuss free as it can be. I'll change snort to watch the LAN side of the force and see how that works.  I'm still amazed at how well pfSense works! Next up will be getting SquidGuard working, but that's another topic of course. Thanks!
  • H

    How to configure freeradius

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • M

    Last snort version on last 1.2.3 RC2 and carp

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • E

    Lightsquid 1.7.1 installl error on 1.2.2

    Locked
    4
    0 Votes
    4 Posts
    1k Views
    D
    Look lightsquid inc and xml in /usr/local/pkg/ - exists? not empty ?
  • V

    Bypass Transparent Proxy - All But One IP

    Locked
    7
    0 Votes
    7 Posts
    5k Views
    V
    Sorry, I think I confused you… there are all kinds of rules when I run pfctl -sn, and my firewall is on. I just don't see that one rule.
  • J

    How to trigger squidGuard package to export squidguard config?

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    D
    PHP require_once('squidguard.inc'); sg_reconfigure();
  • T

    Importing lists for SquidGuard

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    K
    Try to check this http://doc.pfsense.org/index.php/SquidGuard_package hope this help.
  • T

    Pop3 Question

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • J

    Is the Cron Package Broken ?

    Locked
    6
    0 Votes
    6 Posts
    2k Views
    C
    As suggested by jimp I have modified the require to use require_once and committed the changes. I hope that helps. @jamesdean: Also ask mcrane to email me, he needs to tell me what SIP PROXY PORTS the freeswitch package uses. Snort uses 5060 for voip. Its for the custom pfsense voip rules. FreeSWITCH SIP ports typically uses 5060 - 5090 tcp or udp. RTP uses UDP ports 16384 - 32768
  • G

    Radius Authentication with Windows 2003 AD help pls.

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    F
    I would be checking the System logs on the Server 2003 box. It should tell you every access attempt. I don't recall if you have to turn logging on in the properties of the IAS server application.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.