Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    N

    Can I use pgblockerng aliases in Haproxy?

    80758505-9bad-4dad-a80b-c159be1045a2-image.png

    If it was a firewall rule, typing pfb would produce a dropdown to select.

    Here it has to be written, but will it work? Is it supported?

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    bmeeksB

    I saw where the Netgate kernel developer updated the Suricata package in the pfSense 25.07 development branch to work with the new kernel PPPoE driver. But so far as I know that updated package has not been migrated to 2.8 CE.

    Here is the commit into the DEVEL branch: https://github.com/pfsense/FreeBSD-ports/commit/68a06b3a33c690042b61fb4ccfe96f3138e83b72.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    571 Topics
    3k Posts
    K

    @pulsartiger
    The database name is vnstat.db and its location is under /var/db/vnstat.
    With "Backup Files/Dir" we are able to do backup or also with a cron.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    GertjanG

    @AlexK-0 said in Can't receive GeoIP databases updates anymore, banned:

    Days ago, I received from MaxMind an email, notifying me that my country has been banned to receive GeoLite City database updates.

    You've found a reason to use a VPN.

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    99 Topics
    2k Posts
    K

    @elvisimprsntr thanks for your suggestion. I will give it a try.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    493 Topics
    3k Posts
    johnpozJ

    @MacUsers

    https://help.zerossl.com/hc/en-us/articles/360060119933-Certificate-Revocation

    edit: oh you prob out of luck

    You can revoke any certificate issued via the ZeroSSL portal. Currently, certificates issued via ACME can not be revoked from inside the portal - please follow the instructions of your ACME client for revoking those certificates.

    the gui in pfsense does not have the ability to revoke - you prob have to move the certs to something you have certbot installed to and revoke that way.

  • Discussions about the FRR Dynamic Routing package on pfSense

    294 Topics
    1k Posts
    R

    I had a similar issue with Routed VTI over IPsec recently. FRR lost its neighbors after rebooting or when a tunnel went down. It never re-discovered it automatically. Only restarting FRR (either in GUI or via CLI) brought the neighbors back.

    When I manually added those under the OSPF neighbors tab in the GUI it seems to solve the problem as well.

  • Discussions about the Tailscale package

    88 Topics
    573 Posts
    luckman212L

    For 25.07 RC, this worked for me (run sh first)

    [25.07-RC][root@r1.lan]/root: sh # export IGNORE_OSVERSION=yes # pkg add https://pkg.freebsd.org/FreeBSD:15:amd64/latest/All/tailscale-1.84.2.pkg # service tailscaled restart # tailscale up # tailscale version 1.84.2 go version: go1.24.4 # tailscaled -version 1.84.2 go version: go1.24.4
  • Discussions about WireGuard

    689 Topics
    4k Posts
    P

    @patient0 Thanks for further suggestions. The tunnel is definitely up and so I don't think this is a CGNAT issue after all. WAN firewall rule is in place for UDP on port 51823 (otherwise the tunnel wouldn't work, right?). I can ping from client 1 -> client 2 and visa versa and also ping all points in between like you suggest. I just can't open an HTTPS connection from pfSenseB from Client 1 using a browser. But I can do this the other way round i.e. from Client 2 to pfSenseA

    I will try and do some packet capture to see if that reveals anything.

  • Squid!

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    S

    What if you stop and restart the squid package after changes?

  • Peruserbw package aviable?

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    S

    It was "working" with the pfil ordering patch but the kernel became unstable and would panic every 3-4 minutes.  Not exactly something we want to roll out without additional work being put into it.

    I plan on talking to a few folks during BSDCan to see what we can do.

  • Bandwidthd always promiscuous?

    Locked
    7
    0 Votes
    7 Posts
    4k Views
    C

    It's not that big of a deal. It'll only happen if you:

    Use a hub - Seriously, nobody should ever be using hubs anymore unless they actually do want to see all traffic. Use VM's on the same segment - putting your firewall on a separate VM network should be feasible and fix this have your firewall on a SPAN port - don't do that.
  • Imspector blocking MSN altogether?

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • Creating a Package

    Locked
    9
    0 Votes
    9 Posts
    4k Views
    H

    We are not focusing on bringing a sambaserver to pfSense, however there is a package under developement that will install freenas as a pfSense package. This package requires code from the HEAD codetree and is just like HEAD itself not anywhere near done yet. Don't ask for release dates for this, nobody knows yet, not even the devs.

  • NTP server

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    thedaveCAT

    Okay, looks like the package was pulled since it's included in the latest snapshot.

  • Snort configuration problems

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    H

    yes, OK, i have tested it , for the initial start of snort after a complete reset to pfsense all works fine and the log is full. If i changed anything, for example "wan to lan" and back, the snort package is a little bit confused.

    The Service is started, but nothing happens, no logs… If i went "nessus" against the wan interface, nothing happens again.

    I don´t know, i think the package is not really clean, but maybe my test was incorrect...

  • Install packages

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    S

    No it is not.

  • Squid problem - transparent proxy can't turn off …

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    D

    Select another webgui port - 88 or 443 for example

  • Package for recording amount of traffic going to local IPs?

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    P

    3com should work

    Bandwithd will give you a "easy to use" look on traffic

    prolly what you need

  • Imspector: cannot select more then one messaging protocol

    Locked
    6
    0 Votes
    6 Posts
    2k Views
    S

    Cool. That did it. Thank you much sullrich

  • How hard would it be to add an rrdgraph for modem signal strength?

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    M

    even if perl is not installed, PHP is installed and can do almost everything perl can (not sure what modules are installed on PFsense though).

    So if there is a perl script for this, look at the code and try to convert it to PHP (some help can be found here: http://www.cs.wcupa.edu/rkline/perl2php/)

  • Squid w/ Transparent & upstream proxies

    Locked
    3
    0 Votes
    3 Posts
    4k Views
    D

    How allow HTTPS trough squid?

    –-
    Solved. if add to squid.conf

    never_direct allow all always_direct deny all

    Question 2 squid package developer's - this moment will is corrected?

  • Click packages

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • Ntpd few issues

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    S

    Turning off the server portion will NOT stop the client.  The client continues to run to sync the local system time even if it is not serving clients.

  • Problems: snorts Blocks IPs

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    T

    I'm seeing the same thing.  I guess it's good to see I'm not the only one  :-\

    This is on a new install of the machine so Snort is the latest version.

  • PhpSysInfo package problems

    Locked
    30
    0 Votes
    30 Posts
    11k Views
    D

    @Perry:

    Thx and it's working ;)

    I confirm… running 1.0.1-SNAPSHOT-03-15-2007 built on Wed Mar 21 00:37:05 EDT 2007, mobo is Abit BP6 with dual celeron. Everything is working perfectly.

    Thank you  :)

  • 0 Votes
    2 Posts
    2k Views
    H

    It's prepared to work with the next upcoming version. It's not ready yet. We had done some testing with dummynet last night and it started working so we prepared the package (and other dummynetitems) to be available when the next release is done. However it seems to have some issues still as there have been random kernel crashes. So it's not sure if dummynet will/can be supported soon so maybe this package (and dummynet) won't appear in the near future.

  • Nut package gone?

    Locked
    12
    0 Votes
    12 Posts
    5k Views
    dotdashD

    Got a chance to test this again. I had similar results to trendchiller on my test box- service wasn't starting after upgrading the package, but did a clean load and added the package fresh and it looks good. Thanks rsw for getting this package running smoothly.

  • Need help with squid package customization

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    J

    nice work, a lot of people have been looking for LDAP support, I'm sure this will be appreciated

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.