1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    J
    @JonathanLee use Pfsense 2.8.1.

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    DARAD
    Hello team, I have a Netgate 8200 running 24.11-RELEASE (amd64) with Suricata 7.0.8_5 package installed. Suricata doesn't seem to start. It loops to red once I press the Play button on the interface. It leaves no logs in the System logs, it leaves no logs in suricata.log at /var/log/suricata/suricata_ovpns933787/suricata.log I tried launching it manually: # /usr/local/bin/suricata -V or # /usr/local/bin/suricata -c /usr/local/etc/suricata/suricata_33787_ovpns9/suricata.yaml -i suricata_ovpns933787 and I get this output ld-elf.so.1: /usr/local/bin/suricata: Undefined symbol "__strlcpy_chk@FBSD_1.8" Thanks in advance, Dara

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    573 Topics
    3k Posts
    dennypageD
    @kabeda If memory serves, that old version of ntopng did not run as user ntopng, but as user nobody. There are lots of problems in that old version. Anyway, check the ownership and permissions of /var/db/ntopng and make sure it matches the user that ntopng runs as. You may need to set ownership of the entire hierarchy. Example: /usr/sbin/chown -R nobody:nobody /var/db/ntopng However, the better choice would be to upgrade to a more recent version.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    tinfoilmattT
    @vicking said in No blocks on IP: Is it a bad idea to have the action set to deny both instead of inbound only? Question is squarely for admin. Per the infoblock which explains, in part, the "Deny Inbound", "Deny Outbound", and "Deny Both" actions: 'Deny' Rules: 'Deny' rules create high priority 'block' or 'reject' rules on the stated interfaces. They don't change the 'pass' rules on other interfaces. Typical uses of 'Deny' rules are: Deny Both - blocks all traffic in both directions, if the source or destination IP is in the block list Deny Inbound/Deny Outbound - blocks all traffic in one direction unless it is part of a session started by traffic sent in the other direction. Does not affect traffic in the other direction. One way 'Deny' rules can be used to selectively block unsolicited incoming (new session) packets in one direction, while still allowing deliberate outgoing sessions to be created in the other direction. In other words: When set to "Deny Inbound", incoming connection requests from WAN hosts are blocked and therefore no state will be created. However a LAN host can still establish state to an otherwise listed IP. If set to "Deny Outbound", outgoing connection requests from LAN hosts are blocked and therefore no state will be created. However an incoming connection request from an otherwise listed IP to an 'open' WAN port can still establish state. If set to "Deny Both", both incoming connection requests and outbound connections requests are blocked and therefore no state will be created regardless of connection direction.

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    102 Topics
    3k Posts
    C
    @dennypage Nicely done sir!

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    503 Topics
    3k Posts
    M
    I am using the DNS-Update method I have to use a DNS-Sleep of 5 minutes to let the letsencrypt txt dns record update propagate. During this 5 minutes the acme-webgui times out. when the acme-webgui times out the Action list is NOT executed. How can I solve this ? Would it maybe be an idea to let the acme.sh script execute the actions in the action list as a post-hook instead of the web-gui? Or maybe add an option to add post-hooks in the webUI ?

  • Discussions about the FRR Dynamic Routing package on pfSense

    296 Topics
    1k Posts
    C
    This one has been tricky still not sure what to try. Any ideas?

  • Discussions about the Tailscale package

    93 Topics
    654 Posts
    C
    @luckman212, Thanks for your suggestion. I will check what I have in /usr/local/pkg/tailscale/state, and also the RAM disk settings others have brought up. I could learn more about where Tailscale and pfSense store system files. If I find anything worth sharing, I will let you know.

  • Discussions about WireGuard

    715 Topics
    4k Posts
    H
    @RNM-0 Thanks for your comment and sharing your fix. Unfortunately I don't want to take down pfsense and downgrade versions. I'm currently fine at the moment since I'm using Tailscale and that works. I also fixed the other crash I was having with pfblocker by changing a line code that wasn't pushed out under this version. Hopefully the stable release won't take too long to release but it appears there's still some open bugs that need to be fixed before that happens, and ironically, both the pfblocker and wireguard issues aren't on that list of bug fixes.
Log in to post
Load new posts
  • 0

    SquidGuard gives errors on blacklist files even when not in use

    Locked
    5
    0 Votes
    5 Posts
    9k Views
    0
    @dvserg: Otto, probably first you configure SG on inplaced blacklist, and after download other blacklist ? You must go to Default and to the each ACL and reconfigure and save (then Apply). If you change blacklist type(source) to other, you must check all Acl's - Becose selected Dest rules already deleted and replaced by new dest-rules from new blacklist. ps This is one, why i can't add 'autoupdate blacklist'. Ok then… I'll have to do some more testing it seems. I have tested adding the blacklist from 'shalla' and loading that and ticking the 'use blacklist' box made the previous errors go away. I did however initially not want the blacklist feature to be used - I tried to add domain to be filtered manuall - but maybe I misunderstodd something. I have tested 2 different blacklists and tried to re-save default and ACL but I cannot get the service to start now. I see no errors though. I'll try to read up on links provided in other threads then... Thanks,
  • U

    SquidGuard Destinations Clarification.

    Locked
    10
    0 Votes
    10 Posts
    7k Views
    D
    I have my default set up. I then have in my source IP listing this: 10.0.0.0/24 10.0.2.0/24 10.0.3.0/24 When I apply this rule my defaults are ignored and only the ACL rule is enabled. I glean that this is because this is the only entry with these source IP's and so it becomes the first rule? If client found self ACL (by 'Src'), this client managed only with this ACL. Else, if client not found self ACL, then this client manages only with 'Default'. If you define ACL for 10.0.0.0/24, then this subnet will 'listen' the rules !only! from this ACL. Also when I go in to edit my rule it has taken out two of the subnets, leaving only 10.0.0.0/24 as the affected ip range. Sorry, cant meant this. (my english 'not ideal') For the source IP how can I have one rule apply to many subnets? (i.e. 10.0.0.0/24 AND 10.0.3.0/24) = one Dest rule for for several ACL's = Create self Dest rule (page Destinations) - for example with name 'bad_dest' Create ACL 'my_10_0_subnet' for 10.0.0.0/24 and set white|allow|deny for 'bed_dest' rule Create ACL 'my_10_3_subnet' for 10.0.3.0/24 and set white|allow|deny for 'bed_dest' rule Is there anyway to have the ACL list apply to any source No way. Each ACL - unique world for his 'src' settings. But 'Default' - common for any, who not found self in ACL's [image: noname.jpg_thumb] [image: noname.jpg]
  • C

    Two instances of squid package in Status-Services under 1.2.3 snapshot of 3/7

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    C
    Checking back in to report…  I fixed it myself within a day or so. From the command line (via console or ssh) it was possible to see that there was really only one instance of Squid, it was just showing up twice in the interface, so that indicated a problem with the GUI interface to the package. What resolved it for me was removing the Squid XML sub-package, and reinstalling it, then rebooting.  (I believe that was the sequence.)  I did not need to reinstall Squid itself.
  • A

    Stunnel on embedded images

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    ?
    You already answered your own questions.  Packages aren't for embedded.  Yes, you can get around the limitation but then you are doing something unsupported.
  • W

    Snort rules

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    W
    yah, that's what i thought….i guess what i really need is a good resource that explains what each rule is for....i guess there's always google, i was just hoping there was a wiki or a guide somewhere for beginners..thanks for the help though, i totally get what you're saying
  • C

    Snort update

    Locked
    13
    0 Votes
    13 Posts
    11k Views
    W
    i wanted to say thanks for this, i wasn't able to update snort until making this edit thanks @drarkanex: changing server.max-write-idle  doesn't work for me.  The moment I add this to system.inc and restart the webconfigurator, the webapp doesn't come up.  Removing this from system.inc the webapp functions normally. Also, i'm downloading the rules from snort.org manually now and i'm getting about 90kps avg  (50kps is some places) and the webapp times out before it can grab about 73MB of rules.  This really needs to be addressed soon. Also, Devels, can we get a lighttpd config panel in the webapp please? Also, in system.inc is it server.max-write-idle  =  "720" or server.max-write-idle = 720 with or without quotes?
  • O

    How to add an image in the squidguard redirect info ??? - SOLVED

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    K
    Is this the ext redirect?  Will it work when loaded in the /usr/local/www folder?  What will the exact code be?  What type of image - jpg, png, gif?  I am using proxy in transparency mode.  I have been getting the "error" minor bug, I read about in a different squidguard thread.  Squid and LightSquid is working properly.  I am currently trying to get squidguard working using the bigblacklist.  Thanks guys.
  • A

    Caching Server, How done ???

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    T
    I think you mean noob. :) Go to packages and install Squid.
  • I

    Spamd on 2.0 ALPHA ?

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    E
    Upgrade to a newer snapshot is not related to packages.
  • M

    Squid problems: Assistance please

    Locked
    7
    0 Votes
    7 Posts
    3k Views
    M
    @mhab12: System/General in the web GUI. Thanks for the help, but it didnt work. I changed that setting to the settings you suggested, and it made no difference. Once i tick "allow users on interface" all web page loads time out.
  • D

    Snort High load

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    Cry HavokC
    snort is a known performance problem.  Depending on your configuration and network traffic I wouldn't be surprised that a 2.5 GHz P4 causes problems.  It could also be that the blocked list is massive and hence that's the problem. More information will be required to help you, not least of which is more information on your hardware (such as what network cards you are using) and what versions of pfSense and snort you're using.
  • A

    Using Pfsense as transparent proxy server only

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    M
    Can't say for sure, but you might try this one: http://www.gliffy.com/
  • A

    SOLVE!: SquidGuard Issue

    Locked
    5
    0 Votes
    5 Posts
    3k Views
    A
    Thanks for all the information. I was able to solve my issue by reinstalling squid and made sure that the service is stable. All is working fine now. Again, thank for all the help. PFSense rocks!!!
  • W

    Squid

    Locked
    7
    0 Votes
    7 Posts
    3k Views
    W
    It was weird for me because every other site worked, this site used to work until they switched servers….thier new server must have a new setup or something because until i changed my setup to include the disable x-forwards and disable via i couldn't connect, anyways, thanks again...this forum has amazing support and big ups on not making us newbs feel stupid...seriously, its great
  • T

    Download speed ??

    Locked
    9
    0 Votes
    9 Posts
    3k Views
    K
    tendabiru You have to edit /boot/loader.conf (diagnostic/edit file from pfSense GUI) and comment (put # in the beginning of line) kern.ipc.nmbclusters="0". After this you need to restart squid service (status/services from pfSense GUI) or restart pfSense itself (diagnostic/reboot system from pfSense GUI). Hope it will help.
  • H

    Snort 2.8.2.6_1

    Locked
    3
    0 Votes
    3 Posts
    1k Views
    H
    I haven't noticed that. My blocked page works well.
  • D

    DD-WRT and FreeRADIUS Windows Authentication problem

    Locked
    3
    0 Votes
    3 Posts
    5k Views
    T
    Hello everyone. I am having the same issue as described by the topic Author. Can someone point me in the right direction. Its kind of funny. I configure the users in the freeRadius users tab and try to authenticate. I get prompted for my user and pass and still the log says "Auth: Login incorrect: [tommyboy180/<no user-password="" attribute="">] (from client WRT54GL port 46 cli 0015afc64921)" Some help please?</no>
  • W

    Can i add gtk gui on pfsense ?

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    W
    I just wanted it for testing .. i use pfsense for home network not any risky environment, anyway… thanks for replying :)
  • arch113A

    Squidguard not blocking sites.

    Locked
    13
    0 Votes
    13 Posts
    21k Views
    S
    @dvserg: @Shinatama: My pfsense also can't block sites, if i active ACL. I wanna set 1 ACL base time to block Friendster and Facebook , but if i set ACL other site not blocked, example porn (always block alltime). Already try create 2 ACL, still doesn't work. Now my Facebook and Friendster can't be block by time. ACL 1 setting block all porn, but give default all access = allow with base all day. ACL 2 setting block FB & FS, but give default all access = allow with base on time. if i don't use ACL i can't block by category, but i want to block base time too, please advise. Possible view you SG config ? it seem the problem is the ip address, cause i'm set the ip client is 192.168.0.0./24 for all ACL rule. so it seem it read only 1rst rule cause of it. i've resolved the problem, now i'm using 1 ACL rule base on time, block FB & FS, and block Porn all time. Just set deny on right and left, in acl rule. But hope this will upgrade so i can use multiple acl rule… thx for you help..
  • 0

    A few notes on package problems after updating and FreeSWITCH in particular

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    0
    Ahh, yes, I, didn't see this one at first. That is correct, it is indeed running. Now I have to fix my config so I can do more things than just register… :)
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.