1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    tinfoilmattT
    @johnpoz said in Please help to configure HAProxy to serve certifficate on internal LAN too: Yeah - what part do you not understand if you always resolve nextcloud.domain.tld so that it hits your haproxy on your pfsense wan IP are you not getting? You have 2 options - use a different domain internally and always go to nextcloud.publicdomain.tld, or use the same domain internally as external and run into the problem of what IP it resolves to.. Change your local domain to say home.arpa or .internal or atleast something different than the public domain your using to point to pfsense wan IP on the public internet. You are shooting yourself in the foot trying to use the same domain externally as internally. There are ways around it, but they complicate the setup. For example you might be able to use views in unbound as one way to work around the problem. You could use only host entries for all your resources. But then again you run into a problem of using the fqdn for this service, now always pointing to your wan IP.. And that is great when you want to access the service haproxy is doing - but if you want to access that resource on some other service that haproxy doesn't handle - like say simple file sharing.. You are going to have problems. Since you clearly do not understand how any of this works - the simple solution is change the local domain you are using so it is not the same as the public domain you want to use to get to your nextcloud. This tone is outrageous directed at somebody who acknowledged right off the rip that English is not their first language. How many languages do you speak, John? And safely assuming it's only one—English of course—take it from a fellow English native that you'd do well to say more with less words. You otherwise were directing OP in the right direction in my opinion.

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    DARAD
    Hello team, I have a Netgate 8200 running 24.11-RELEASE (amd64) with Suricata 7.0.8_5 package installed. Suricata doesn't seem to start. It loops to red once I press the Play button on the interface. It leaves no logs in the System logs, it leaves no logs in suricata.log at /var/log/suricata/suricata_ovpns933787/suricata.log I tried launching it manually: # /usr/local/bin/suricata -V or # /usr/local/bin/suricata -c /usr/local/etc/suricata/suricata_33787_ovpns9/suricata.yaml -i suricata_ovpns933787 and I get this output ld-elf.so.1: /usr/local/bin/suricata: Undefined symbol "__strlcpy_chk@FBSD_1.8" Thanks in advance, Dara

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    573 Topics
    3k Posts
    dennypageD
    @kabeda If memory serves, that old version of ntopng did not run as user ntopng, but as user nobody. There are lots of problems in that old version. Anyway, check the ownership and permissions of /var/db/ntopng and make sure it matches the user that ntopng runs as. You may need to set ownership of the entire hierarchy. Example: /usr/sbin/chown -R nobody:nobody /var/db/ntopng However, the better choice would be to upgrade to a more recent version.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    V
    Ah, I changed the action to deny both and now I also have a wan firewall rule, which I also had on OPNsense. With this wan rule I can see the blocks already coming now! Is it a bad idea to have the action set to deny both instead of inbound only?

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    102 Topics
    3k Posts
    dennypageD
    @fjmp24 said in Notification: UPS ups battery is low: If I remove ignorelb directive, my UPS shuts down after 16 seconds This means your UPS is signaling a low battery. Either your battery is bad, or your UPS is bad. Most likely battery, but you never know. I suggest reaching out to Eaton support.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    503 Topics
    3k Posts
    M
    I am using the DNS-Update method I have to use a DNS-Sleep of 5 minutes to let the letsencrypt txt dns record update propagate. During this 5 minutes the acme-webgui times out. when the acme-webgui times out the Action list is NOT executed. How can I solve this ? Would it maybe be an idea to let the acme.sh script execute the actions in the action list as a post-hook instead of the web-gui? Or maybe add an option to add post-hooks in the webUI ?

  • Discussions about the FRR Dynamic Routing package on pfSense

    296 Topics
    1k Posts
    C
    This one has been tricky still not sure what to try. Any ideas?

  • Discussions about the Tailscale package

    93 Topics
    654 Posts
    C
    @luckman212, Thanks for your suggestion. I will check what I have in /usr/local/pkg/tailscale/state, and also the RAM disk settings others have brought up. I could learn more about where Tailscale and pfSense store system files. If I find anything worth sharing, I will let you know.

  • Discussions about WireGuard

    715 Topics
    4k Posts
    H
    Same issue here, so it's not just you.
Log in to post
Load new posts
  • N

    Bind GUI generating zone DB in incorrect directory

    Moved
    1
    0 Votes
    1 Posts
    133 Views
    No one has replied
  • T

    Pfsense Icinga2 package

    1
    0 Votes
    1 Posts
    581 Views
    No one has replied
  • E

    syslog-ng - send logs using TCP and TLS

    4
    0 Votes
    4 Posts
    906 Views
    bmeeksB
    @e-1-1 said in syslog-ng - send logs using TCP and TLS: @bmeeks first of all, thanks for all the work you're doing with Suricata! Yup, manual config is possbile with syslog-ng. Myself, I prefer to use GUI methods to minimize errors and configuration drift. I was sincerely hoping a GUI method is available. Am already using such a setup, but with Barracudas. Guess a feature request is in order for this. Or learn a little PHP programming know-how (if you don't have it already) and create a package for this feature. Become a volunteer package maintainer. That's what I did for Snort (when I took over its maintenance) and later when I created the Suricata package. That's the beauty of open-source software.
  • M

    Freeradius (possible login times)

    2
    0 Votes
    2 Posts
    305 Views
    GertjanG
    hi, This, Authenticating OpenVPN Users with FreeRADIUS, tells me that Authenticating works. What you want, is Accounting, as is used by the Captive portal, enforced by the Interim option. Simply put, I guess, this isn't possible - not present in the GUI. See also https://networkradius.com/doc/3.0.10/raddb/mods-available/logintime.html If there is a way, it would be some setting (script ?) on the OpenVPN server side that should be called every xx seconds, so it can question FreeRadius if the actual logged in user is still allowed to stay logged in. Plan B : on the OpenVPN interface you put firewall rules. Schedule them in time ?
  • S

    Telegraf coredump on Netgate 1100.

    Locked
    2
    3
    0 Votes
    2 Posts
    297 Views
    ?
    Hi, That was me in Support. Unfortunately, this is not what I meant. Please check the ticket and I will provide help to get the redmine bug created. The community will not be able to provide help to resolve this issue for you on the forum, this issue will need to be worked through redmine. I will lock this thread now. Thank you, -James
  • P

    pfBlocker with Blocking Notice?

    9
    0 Votes
    9 Posts
    2k Views
    noplanN
    whatpackage do u use ? i use [image: 1587387273887-83ec0e31-58f3-487d-8197-f296df4baed3-grafik.png]
  • andrewKA

    BIND DNS stops working 2-7 hours after reloading [SOLVED]

    10
    1
    0 Votes
    10 Posts
    2k Views
    andrewKA
    SOLVED: I have a Cisco SG-350 downstream of the pfSense box(es). The problem definitely resided there. I had EEE turned on on the Cisco SG-350. The were no obvious other symptoms of this besides just port 53 on the native VLAN for the trunk between the SG-1100 and the Cisco SG-350, going down randomly within 24 hours. (more substantial test revealed that failure occurred as little as 10 minutes and as much as 21 hours) ~A
  • S

    Telegraf not sending some values (host, interfaces, etc)

    1
    0 Votes
    1 Posts
    192 Views
    No one has replied
  • M

    CLI installed pfsense packages not showing up in GUI

    12
    0 Votes
    12 Posts
    6k Views
    DerelictD
    You would probably get a better response starting your own thread with a complete description of exactly what YOU are doing and seeing.
  • A

    is there a plan to exchange haproxy with nginx

    2
    0 Votes
    2 Posts
    217 Views
    P
    If you want to create a nginx package, i think your welcome to do so. I'm sticking with haproxy package for the moment. And then still there is no reason i can think of to 'exchange' one for the other, they could both co-exist as pfSense-packages on the same installation. my 2 cents.. Regards, PiBa-NL
  • L

    VPN subcategory

    7
    1 Votes
    7 Posts
    1k Views
    jimpJ
    The userland application is a dead end. Not worth expending effort on. It can never perform up to standards, and has had stability issues.
  • D

    Can't install openvpn-client-export - RESOLVED

    6
    0 Votes
    6 Posts
    4k Views
    D
    All, I've been able to get it installed. Apparently my internet connection was so slow that the web interface was timing out before it could download it in time. I was able to get it installed using the command line instead. Next I need to work out why my internet has gone to crap. Thanks all.
  • O

    tinc - uninstall leaves behind interface "pkg_tinc" in firewall rules

    2
    0 Votes
    2 Posts
    181 Views
    jimpJ
    I believe it's just an entry under Interfaces > Assignments on the Interface Groups tab.
  • senseivitaS

    What are the firewall rules to allow traffic to Avahi?

    Moved
    1
    0 Votes
    1 Posts
    326 Views
    No one has replied
  • V

    sg-1100 - Recommend Must have Packages

    1
    0 Votes
    1 Posts
    182 Views
    No one has replied
  • O

    syslog-ng not starting

    syslog-ng packages
    4
    0 Votes
    4 Posts
    2k Views
    kiokomanK
    @oleg-blecher said in syslog-ng not starting: Undefined symbol "g_ptr_array_find_with_equal_func" if you have that error after the update it means that everything was not successful try from console pkg install --force glib-2.56.3_7,1 or backup your config and do a clean install of 2.4.5 and restore that error it's due to a mismatch between lib and syslog-ng
  • S

    Arpwatch vendor database doesn't work, upper/lower case bug.

    2
    0 Votes
    2 Posts
    441 Views
    kiokomanK
    indeed someone asked for it on freenode. and i verified it was not working. we can set that to lower or to upper or set the preg_match case insensitive anyway it will be ok in a few days
  • D

    My OpenVPN Client Connects, But....

    4
    1
    0 Votes
    4 Posts
    2k Views
    bmeeksB
    I agree with @johnpoz. Looks like the OP is attempting to install and use the OpenVPN client package on a Windows 10 box either without using, or perhaps by not having access to, administrator permissions. Is this Windows 10 domain box perhaps at an office and employees do not routinely have local administrator permission? That would be a typical corporate setup, for sure.
  • D

    Error Attempting to Install OpenVPN Client Package on Windows 10

    8
    0 Votes
    8 Posts
    860 Views
    johnpozJ
    Well you got no route.. Did you run as admin?
  • L

    LCDproc with LK204-7T-1U

    1
    0 Votes
    1 Posts
    236 Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.