1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    H
    We installed haproxy on Netgate 8200 device 25.07.1-RELEASE (amd64) installed acme certificates and get certificate from letsencrypt, everything ok. checked ssl offload in frontend and selected the acme generated certificate under SSL Offloading. result after Apply Changes: Errors found while starting haproxy [NOTICE] (72045) : haproxy version is 2.9.14-7c591d5 [NOTICE] (72045) : path to executable is /usr/local/sbin/haproxy [ALERT] (72045) : config : Couldn't open the ca-file '/var/etc/haproxy_test/clientca_WAN_117.pem' (No such file or directory). [ALERT] (72045) : config : parsing [/var/etc/haproxy_test/haproxy.cfg:15] : 'bind x.x.x.x:443' in section 'frontend' : 'ca-file' : unable to load /var/etc/haproxy_test/clientca_WAN_117.pem [ALERT] (72045) : config : Error(s) found in configuration file : /var/etc/haproxy_test/haproxy.cfg [ALERT] (72045) : config : Fatal errors found in configuration. also package _devel has the same issue. on other boxes where haproxy was configured on 24.11 - upgraded to 25.07.1 its working. BUG ?? so what can we do now -bolded text we need this function. thank you all in advance

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    RedDelPaPaR
    @bmeeks Understood. Thank for kindly for your help. I will likely be ordering a new unit soon.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    573 Topics
    3k Posts
    dennypageD
    @kabeda If memory serves, that old version of ntopng did not run as user ntopng, but as user nobody. There are lots of problems in that old version. Anyway, check the ownership and permissions of /var/db/ntopng and make sure it matches the user that ntopng runs as. You may need to set ownership of the entire hierarchy. Example: /usr/sbin/chown -R nobody:nobody /var/db/ntopng However, the better choice would be to upgrade to a more recent version.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    N
    @netboy Most probaly a configuration regression. You really need to dig deeper. From which pf version did you upgrade? Have you tried removing and reinstalling pfblockerng? Looking to the moon for craters with naked eye doesn't show the one that the crashed spaceship created. Use a telescope instead. FWIW, I see quite a few pfblockerng instances on 25.07.1 running with no (apparent) issues τοο

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    102 Topics
    3k Posts
    F
    I didn't say you should remove the override.ups.delay.shutdown directive, I said you should remove the ignorelb directive. Ok, I will test without ignorelb directive. Also, you do not have anything in the Advanced settings section, correct? Yes As to running a calibration test, consult your UPS manual or support from the manufacturer of your UPS. I find anything I will search tomorow

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    503 Topics
    3k Posts
    M
    I am using the DNS-Update method I have to use a DNS-Sleep of 5 minutes to let the letsencrypt txt dns record update propagate. During this 5 minutes the acme-webgui times out. when the acme-webgui times out the Action list is NOT executed. How can I solve this ? Would it maybe be an idea to let the acme.sh script execute the actions in the action list as a post-hook instead of the web-gui? Or maybe add an option to add post-hooks in the webUI ?

  • Discussions about the FRR Dynamic Routing package on pfSense

    296 Topics
    1k Posts
    C
    This one has been tricky still not sure what to try. Any ideas?

  • Discussions about the Tailscale package

    92 Topics
    639 Posts
    E
    Updated CE 2.8.1 to 1.90.4. Looks like they are already working on .6 Freshports pkg add -f https://pkg.freebsd.org/FreeBSD:15:amd64/latest/All/tailscale-1.90.4.pkg Changelog

  • Discussions about WireGuard

    712 Topics
    4k Posts
    chpalmerC
    @dean.viens What kind of internet services are on the two endpoints? I ask because some modems such as cellular modems can cause issues with VPNs once in a while. I assume you are using the standard ports?? have you tried a different port such as 8443 one of the gui ports you are not using? 80 or 443? If you set the incoming rule to log the traffic do you see the attempts in the firewall log? Long story short here.. are you sure the traffic from router two is making it to router 1 and visa versa?
Log in to post
Load new posts
  • Z

    Squid whitelist ip

    Locked
    2
    0 Votes
    2 Posts
    4k Views
    M
    I've had success doing exactly what you are trying.  Not sure where you're going wrong.  I just double checked my config and added a new allowed site by IP, it worked, take it out of the whitelist, it blocked it. The only other thing I could suggest would be to make sure that the WebConfigurator is using https so as not to use port 80 at the same time that Squid needs it. Make sure you're running the latest snapshot and build of the package, good luck.
  • I

    Some suggestions to packages that should be included.

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    H
    You can install packages from the ports collection (see http://forum.pfsense.org/index.php/topic,3881.msg23723.html#msg23723 ) but we don't recommend it nor do we support it. pfSense is a firewall and should not run desktop like applications.
  • R

    Install package

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    H
    There is no pfSense package for this yet. Everything else is unsupported though you might be able to hack it in.
  • U

    N00b snort "issues"

    Locked
    17
    0 Votes
    17 Posts
    7k Views
    Y
    I am going to review the code shortly, since I have seen this issue as well. For some reason, in order for snort performance settings to take effect, you have to click save twice under Snort settings.
  • M

    Front-end like Midnight-Commander?

    Locked
    3
    0 Votes
    3 Posts
    6k Views
    M
    THANK YOU! I never imagined it was do darn easy! MC works perfectly. - Mike
  • Y

    Upgrade Snort ASAP

    Locked
    21
    0 Votes
    21 Posts
    12k Views
    K
    @sullrich: Configure it first… I reinstalled the pakage , and when i looked at the settings it semed like it was configured ( aka: all settings was the same as before ) after i read your answer i just hit the save button  aka resaving the configuration and now it works :-) Thank you for superb support :-)
  • K

    Smal Snort pakage fix needed

    Locked
    7
    0 Votes
    7 Posts
    3k Views
    K
    @sullrich: Please report back if it works okay and give us a nice HONK for excellent service :) It works like a dream  :-) EXELLENT service
  • M

    Snort and CARP sync

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    S
    This requires a recent snapshot.  Please update to a newer snapshot.
  • M

    Any bandwidth monitors that can track monthly bandwidth usage?

    Locked
    6
    0 Votes
    6 Posts
    6k Views
    S
    @rikrobson: i have installed the bandwidthd package but cannot get any graphs despite trying several settind on the webconfigurator. al i get is bandwidthd has nothing to graph. This message should be replaced by graphs in a few minutes. If it's not, please see the section titled "Known Bugs and Troubleshooting" in the README any suggestions? It only works on certain nics.  Please see the beginning of the bounty thread.
  • J

    Siproxyd install

    Locked
    4
    0 Votes
    4 Posts
    4k Views
    H
    Whenever it gets fixed. Nobody is working on this currently. However, you might be interested in sponsoring work on this: http://forum.pfsense.org/index.php/topic,2824.0.html
  • F

    Missing Packages

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    H
    Depending on the version you run you see more or less packages (some packages need yu to be at a special version). openntpd should be there. However siproxd is broken afaik and is hidden atm.
  • R

    Squid question!

    Locked
    2
    0 Votes
    2 Posts
    3k Views
    X
    @rafael.cardoso: I need help with one trouble, squid works now and very thanks for job to do its possible, but i have one site www.caixa.com.br, this site has problems when its cached, how to do for dont cache or passing from squid this or more sites? It´s possible, in linux iptables the option is -d, pfsense has something like that?  ??? Hello Rafael, I dont understand your question. In the "cache management" tab you can enter domainnames or IP addresses which will not be cached. Enter www.caixa.com.br there and this side should not be cached. xabbu
  • S

    IMSpector, file?

    Locked
    26
    0 Votes
    26 Posts
    15k Views
    S
    Under services, it lists IMSpector twice for me. Is it doing that for everyone else?
  • H

    MOVED: ftp problem again

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • R

    Snort out of memory???

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    H
    I think there have been reports in the past that some of the rules can cause issues if enabled (either meaning they eat lot of mem or whatever). Maybe try to uncheck some rules and add them back one by one. I have snort running on a 1U server with 1.2GB with no issues.
  • J

    Bandwidthd

    Locked
    23
    0 Votes
    23 Posts
    16k Views
    J
    Now I get a blank screen ??????
  • J

    Services

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    J
    tried that and the services went then on reinstall all came back + 1. The only way I mananged to remove them was to do a package backup edit the xml then restore config.
  • R

    Multiple blocklists in Squid

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    R
    So it isn´t possible just to add two ACl lists to the code of Squid? Something like: acl semirestricted_hosts src "/var/squid/acl/semirestricted_hosts.acl" acl semirestrictedlist dstdom_regex -i "/var/squid/acl/semiwhite.acl" acl lessrestricted_hosts src "/var/squid/acl/lessrestricted_hosts.acl" acl lessrestrictedlist dstdom_regex -i "/var/squid/acl/lesswhite.acl" Then further in the code I give them access I can´t figure out how to do that? I am trying to give for each part of the company a different permission to the internet. ANY help is welcome…. Johny
  • H

    1.0.1-SNAPSHOT-02-09-2007 - Too many squid service

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    S
    @hsiang: Yup, the problem solved. but when i configure some setting in cache management, when i save it, i prompt The following input errors were detected: * The field 'Hard disk cache location' is required. I thought that this field by default is empty?? we do not need to key in any entry unless we want to change the default path? Not sure.  I would ask in an active squid thread.
  • S

    Squid Null FS, No HD for Embedded

    Locked
    3
    0 Votes
    3 Posts
    3k Views
    S
    So if I understand correctly if you set the maximum object size to 0, it will still memory cache but not disk cache?
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.