1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    J
    @ha11oga11o Your LAN DNS returns both pfSense and Nextcloud IPs, so clients bypass HAProxy. Add a host override in DNS Resolver for nextcloud.mydomain.xx pointing only to 192.168.1.1. Flush DNS, restart Unbound, and all local traffic will use HAProxy with the correct certificate.

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    RedDelPaPaR
    @bmeeks Understood. Thank for kindly for your help. I will likely be ordering a new unit soon.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    573 Topics
    3k Posts
    dennypageD
    @kabeda If memory serves, that old version of ntopng did not run as user ntopng, but as user nobody. There are lots of problems in that old version. Anyway, check the ownership and permissions of /var/db/ntopng and make sure it matches the user that ntopng runs as. You may need to set ownership of the entire hierarchy. Example: /usr/sbin/chown -R nobody:nobody /var/db/ntopng However, the better choice would be to upgrade to a more recent version.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    D
    @Gertjan Thanks a lot for your help. This really helped me: I'm not using "pfSense pfBlocker Web server logging" (DNSBL Webserver/VIP ) as the "you are blocked web page" only shows up when the end browser user visits http sites, something that doesn't exist anymore on the Internet. All sites are https these days, and https sites can be redirected to "another https web server" like the "pfSense pfBlocker Web server". With that hint I was able to resolve my issue by: Unchecking the Python Group Policy Enable checkbox for the DNSBL Webserver Configuration on the DNSBL tab in pfblockerng. Checking the Permit Firewall Rules Enable checkbox and selecting the appropriate interfaces for the DNSBL Configuration on the DNSBL tab in pfblockerng. Forced Update | All. It now appears that all the blocked domains are appearing on the Alerts tab in pfblockerng. I couldn't find that host name in the "/var/db/pfblockerng/dnsbl/Max_MS.txt" file - where does your "/var/db/pfblockerng/dnsbl/Crazy_Max_Extra.txt:" come from ? I get that DNSBL, and 2 others, from the original maintainer (https://github.com/crazy-max/WindowsSpyBlocker): https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/extra.txt https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/update.txt. I really appreciate your help!

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    102 Topics
    3k Posts
    dennypageD
    @fjmp24 said in Notification: UPS ups battery is low: If I remove ignorelb directive, my UPS shuts down after 16 seconds This means your UPS is signaling a low battery. Either your battery is bad, or your UPS is bad. Most likely battery, but you never know. I suggest reaching out to Eaton support.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    503 Topics
    3k Posts
    M
    I am using the DNS-Update method I have to use a DNS-Sleep of 5 minutes to let the letsencrypt txt dns record update propagate. During this 5 minutes the acme-webgui times out. when the acme-webgui times out the Action list is NOT executed. How can I solve this ? Would it maybe be an idea to let the acme.sh script execute the actions in the action list as a post-hook instead of the web-gui? Or maybe add an option to add post-hooks in the webUI ?

  • Discussions about the FRR Dynamic Routing package on pfSense

    296 Topics
    1k Posts
    C
    This one has been tricky still not sure what to try. Any ideas?

  • Discussions about the Tailscale package

    92 Topics
    639 Posts
    E
    Updated CE 2.8.1 to 1.90.4. Looks like they are already working on .6 Freshports pkg add -f https://pkg.freebsd.org/FreeBSD:15:amd64/latest/All/tailscale-1.90.4.pkg Changelog

  • Discussions about WireGuard

    713 Topics
    4k Posts
    M
    I have my wiregaurd up and running and can ping from firewall to devices on the vlan but cannot get clients to ping each other.
Log in to post
Load new posts
  • B

    Snort restarting every 15 mins

    Locked
    11
    0 Votes
    11 Posts
    5k Views
    B
    Well done, thats sorted it out  :) Thanks very much Ben
  • R

    Tinydns (pkg dns-server) issues

    Locked
    2
    0 Votes
    2 Posts
    3k Views
    S
    1.  Thanks, I'll fix this shortly 2.  Tinydns status page is for LB/Failover (DNS) 3.  TinyDNS will not start until you configure atleast one item on the settings page and click save 4.  Not sure about DNS Forwarders, that was done by someone else.  Patches accepted. 5.  See #4 6.  I will look into it EDIT: looks like someone forgot to finish their code (not me): /* NEED TO FIX there are 2 logs /etc/tinydns/log/main/current and /etc/dnscache/log/main/current */ $tinydnslogs = cat /etc/tinydns/log/main/current | /usr/local/bin/tai64nlocal | php -f /usr/local/pkg/tinydns_parse_logs.php | grep -v ":0"; /* NEED TO FIX */ if ($_POST['clear']) { // exec("rm /etc/tinydns/log/main/current"); // exec("touch /etc/tinydns/log/main/current"); }
  • R

    /usr/bin/ftp required for spamd but missing

    Locked
    5
    0 Votes
    5 Posts
    3k Views
    S
    Good deal!
  • R

    Bug? spamd added 5 identical entries to /etc/crontab

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    R
    I connected the previously unplugged WAN interface to the network and now I have zero spamd-setup lines in /etc/crontab.  spamd seems to be running Ok. Hm.  I guess the lesson is always to have the WAN interface up when configuring anything.
  • J

    1.2-BETA-1-PRERELEASE-SNAPSHOT-04-21-07 - Too many squid services

    Locked
    5
    0 Votes
    5 Posts
    4k Views
    J
    One doubt. In file /etc/inc/filter.inc and the code: if (is_package_installed('squid') && file_exists('/usr/local/pkg/squid.inc')) { require_once('squid.inc'); $natrules .= squid_generate_rules('nat'); } Whats happys if the file squid.inc is empty? the function squid_generate_rules('nat') will not work. I have install squid and disconnected WAN interface of the Internet, reboot. During the boot, I see this error and nothing work again.
  • D

    Binding Squid to Multiple Interfaces?

    Locked
    2
    0 Votes
    2 Posts
    5k Views
    J
    Just to clarify, you have two network cards operating on those networks, Lan, and lan2-opt1 correct?  I will also throw in that before the major revision to the squid package it was binding to 127.0.0.1, I don't know if that is the case now.
  • F

    Snort don't drop any packet

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    S
    See http://forum.pfsense.org/index.php/topic,4435.new.html#new Known issue basically.
  • M

    Freeradius don't start

    Locked
    23
    0 Votes
    23 Posts
    12k Views
    T
    just updated to the newsest snapshot Yeah it works great now, thanks for the support guys  :)
  • N

    Miniupnpd on Opt1?

    Locked
    10
    0 Votes
    10 Posts
    4k Views
    N
    That was totally over my head… I've been using pfsense for some time now, but anything outside of the normal interface is beyond me. I would really like to have upnp set up and working but it isn't critical. If you have any other simple or very detailed ideas they are more then welcome I would be more then happy to try them...
  • T

    URL filtering

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • C

    Bandwidthd problems … !

    Locked
    15
    0 Votes
    15 Posts
    11k Views
    M
    …nearly there... [Downloading and Installing the Developers ISO went fine. I'd no idea that, on initial boots, downloading all the Source, etc, takes very many hours, and MAKE INDEX takes an hour or 2 also!! I made one possibly nasty error with GREP, as noted in another thread] Anyway, on the MAKE INSTALL, it downloads the sources, and compiles, and flashes up a massive amount of progress messages, but ends with: "Error Code 1". Whatever that means… Dang. The associated messages suggest running   - make deinstall && make reinstall, or   - setting FORCE_PKG_REGISTER in the Env, or   - setting this in the make install command-line. Any advice welcome. Perhaps just "make install FORCE_PKG_REGISTER", but I don't want to make things worse! Separate interesting point:   - BandWidthD DID create the INDEX files when I ran it for the first time. Looked only beautiful!   - BUT... next time around, which was only a few minutes later (default config parms, generally), the INDEX.HTML was set to a size of 0, and the other 3 INDEX files were still OK (not refreshed yet).   - Then, 1 hour later, the INDEX2.HTML file was set to 0. The other 2 were still OK.   - presumably, when its time to refresh the others, they'll be duly clobbered.   - I believe I did not do anything very major with the entire system, apart from installing Midnight-Commander. I dearly hope this info rings a bell with someone... I doubt if tweaking the code will readily identify why the code sometimes creates the files, and sometimes does not... I could try removing BandWidthD, clearing out the files, and re-installing, etc... Thanks again...   - Mike
  • G

    Error adding package

    Locked
    6
    0 Votes
    6 Posts
    4k Views
    M
    cd /var/db/pkg && pkg_delete -r ls | grep mc In the course of experimenting with getting MC running, I ran the above command, but ended it with "GREP M" (instead of "GREP MC"!) I may have deleted other M* packages! I would greatly appreciate if anyone could post a list of all the "M*" entries in /var/db/pkg (if any!), in the standard Developers edition. Thank you.   - Mike
  • T

    I can’t start squid without problems under pfSense 1.0.1

    Locked
    12
    0 Votes
    12 Posts
    7k Views
    S
    Should be fixed now.  Thanks.
  • R

    Squid whitelists and https

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • H

    What is pftpx?

    Locked
    38
    0 Votes
    38 Posts
    30k Views
    S
    1.0.1 is not the latest snapshot. Search the forum.
  • M

    Squid Stops frequently

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • W

    ็Help me I want install Frox Transp. FTP Proxy

    Locked
    3
    0 Votes
    3 Posts
    5k Views
    W
    pick cache patch game online
  • L

    Please help with pfflowd package

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • A

    SPAMD Installation problem

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    S
    Try installing again about 5 minutes from this message.
  • B

    How to add neighbor cache (sibling) to squid?

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    B
    I have found it. To add extra parameters to squid.conf, you have to edit /usr/local/pkg/squid.inc
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.