1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    J
    @ha11oga11o Your LAN DNS returns both pfSense and Nextcloud IPs, so clients bypass HAProxy. Add a host override in DNS Resolver for nextcloud.mydomain.xx pointing only to 192.168.1.1. Flush DNS, restart Unbound, and all local traffic will use HAProxy with the correct certificate.

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    RedDelPaPaR
    @bmeeks Understood. Thank for kindly for your help. I will likely be ordering a new unit soon.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    573 Topics
    3k Posts
    dennypageD
    @kabeda If memory serves, that old version of ntopng did not run as user ntopng, but as user nobody. There are lots of problems in that old version. Anyway, check the ownership and permissions of /var/db/ntopng and make sure it matches the user that ntopng runs as. You may need to set ownership of the entire hierarchy. Example: /usr/sbin/chown -R nobody:nobody /var/db/ntopng However, the better choice would be to upgrade to a more recent version.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    D
    @Gertjan Thanks a lot for your help. This really helped me: I'm not using "pfSense pfBlocker Web server logging" (DNSBL Webserver/VIP ) as the "you are blocked web page" only shows up when the end browser user visits http sites, something that doesn't exist anymore on the Internet. All sites are https these days, and https sites can be redirected to "another https web server" like the "pfSense pfBlocker Web server". With that hint I was able to resolve my issue by: Unchecking the Python Group Policy Enable checkbox for the DNSBL Webserver Configuration on the DNSBL tab in pfblockerng. Checking the Permit Firewall Rules Enable checkbox and selecting the appropriate interfaces for the DNSBL Configuration on the DNSBL tab in pfblockerng. Forced Update | All. It now appears that all the blocked domains are appearing on the Alerts tab in pfblockerng. I couldn't find that host name in the "/var/db/pfblockerng/dnsbl/Max_MS.txt" file - where does your "/var/db/pfblockerng/dnsbl/Crazy_Max_Extra.txt:" come from ? I get that DNSBL, and 2 others, from the original maintainer (https://github.com/crazy-max/WindowsSpyBlocker): https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/extra.txt https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/update.txt. I really appreciate your help!

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    102 Topics
    3k Posts
    dennypageD
    @fjmp24 said in Notification: UPS ups battery is low: If I remove ignorelb directive, my UPS shuts down after 16 seconds This means your UPS is signaling a low battery. Either your battery is bad, or your UPS is bad. Most likely battery, but you never know. I suggest reaching out to Eaton support.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    503 Topics
    3k Posts
    M
    I am using the DNS-Update method I have to use a DNS-Sleep of 5 minutes to let the letsencrypt txt dns record update propagate. During this 5 minutes the acme-webgui times out. when the acme-webgui times out the Action list is NOT executed. How can I solve this ? Would it maybe be an idea to let the acme.sh script execute the actions in the action list as a post-hook instead of the web-gui? Or maybe add an option to add post-hooks in the webUI ?

  • Discussions about the FRR Dynamic Routing package on pfSense

    296 Topics
    1k Posts
    C
    This one has been tricky still not sure what to try. Any ideas?

  • Discussions about the Tailscale package

    92 Topics
    639 Posts
    E
    Updated CE 2.8.1 to 1.90.4. Looks like they are already working on .6 Freshports pkg add -f https://pkg.freebsd.org/FreeBSD:15:amd64/latest/All/tailscale-1.90.4.pkg Changelog

  • Discussions about WireGuard

    713 Topics
    4k Posts
    M
    I have my wiregaurd up and running and can ping from firewall to devices on the vlan but cannot get clients to ping each other.
Log in to post
Load new posts
  • R

    Squid!

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    S
    What if you stop and restart the squid package after changes?
  • T

    Peruserbw package aviable?

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    S
    It was "working" with the pfil ordering patch but the kernel became unstable and would panic every 3-4 minutes.  Not exactly something we want to roll out without additional work being put into it. I plan on talking to a few folks during BSDCan to see what we can do.
  • P

    Bandwidthd always promiscuous?

    Locked
    7
    0 Votes
    7 Posts
    4k Views
    C
    It's not that big of a deal. It'll only happen if you: Use a hub - Seriously, nobody should ever be using hubs anymore unless they actually do want to see all traffic. Use VM's on the same segment - putting your firewall on a separate VM network should be feasible and fix this have your firewall on a SPAN port - don't do that.
  • J

    Imspector blocking MSN altogether?

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • O

    Creating a Package

    Locked
    9
    0 Votes
    9 Posts
    4k Views
    H
    We are not focusing on bringing a sambaserver to pfSense, however there is a package under developement that will install freenas as a pfSense package. This package requires code from the HEAD codetree and is just like HEAD itself not anywhere near done yet. Don't ask for release dates for this, nobody knows yet, not even the devs.
  • thedaveCAT

    NTP server

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    thedaveCAT
    Okay, looks like the package was pulled since it's included in the latest snapshot.
  • H

    Snort configuration problems

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    H
    yes, OK, i have tested it , for the initial start of snort after a complete reset to pfsense all works fine and the log is full. If i changed anything, for example "wan to lan" and back, the snort package is a little bit confused. The Service is started, but nothing happens, no logs… If i went "nessus" against the wan interface, nothing happens again. I don´t know, i think the package is not really clean, but maybe my test was incorrect...
  • M

    Install packages

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    S
    No it is not.
  • MPPM

    Squid problem - transparent proxy can't turn off …

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    D
    Select another webgui port - 88 or 443 for example
  • L

    Package for recording amount of traffic going to local IPs?

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    P
    3com should work Bandwithd will give you a "easy to use" look on traffic prolly what you need
  • S

    Imspector: cannot select more then one messaging protocol

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    S
    Cool. That did it. Thank you much sullrich
  • T

    How hard would it be to add an rrdgraph for modem signal strength?

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    ?
    even if perl is not installed, PHP is installed and can do almost everything perl can (not sure what modules are installed on PFsense though). So if there is a perl script for this, look at the code and try to convert it to PHP (some help can be found here: http://www.cs.wcupa.edu/rkline/perl2php/)
  • D

    Squid w/ Transparent & upstream proxies

    Locked
    3
    0 Votes
    3 Posts
    4k Views
    D
    How allow HTTPS trough squid? –- Solved. if add to squid.conf never_direct allow all always_direct deny all Question 2 squid package developer's - this moment will is corrected?
  • U

    Click packages

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • N

    Ntpd few issues

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    S
    Turning off the server portion will NOT stop the client.  The client continues to run to sync the local system time even if it is not serving clients.
  • C

    Problems: snorts Blocks IPs

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    T
    I'm seeing the same thing.  I guess it's good to see I'm not the only one  :-\ This is on a new install of the machine so Snort is the latest version.
  • P

    PhpSysInfo package problems

    Locked
    30
    0 Votes
    30 Posts
    12k Views
    D
    @Perry: Thx and it's working ;) I confirm… running 1.0.1-SNAPSHOT-03-15-2007 built on Wed Mar 21 00:37:05 EDT 2007, mobo is Abit BP6 with dual celeron. Everything is working perfectly. Thank you  :)
  • R

    PerUserBW - Adds a per user bandwidth distribution option. Requires 1.2 or newer

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    H
    It's prepared to work with the next upcoming version. It's not ready yet. We had done some testing with dummynet last night and it started working so we prepared the package (and other dummynetitems) to be available when the next release is done. However it seems to have some issues still as there have been random kernel crashes. So it's not sure if dummynet will/can be supported soon so maybe this package (and dummynet) won't appear in the near future.
  • dotdashD

    Nut package gone?

    Locked
    12
    0 Votes
    12 Posts
    5k Views
    dotdashD
    Got a chance to test this again. I had similar results to trendchiller on my test box- service wasn't starting after upgrading the package, but did a clean load and added the package fresh and it looks good. Thanks rsw for getting this package running smoothly.
  • T

    Need help with squid package customization

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    J
    nice work, a lot of people have been looking for LDAP support, I'm sure this will be appreciated
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.