Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    N

    Can I use pgblockerng aliases in Haproxy?

    80758505-9bad-4dad-a80b-c159be1045a2-image.png

    If it was a firewall rule, typing pfb would produce a dropdown to select.

    Here it has to be written, but will it work? Is it supported?

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    bmeeksB

    I saw where the Netgate kernel developer updated the Suricata package in the pfSense 25.07 development branch to work with the new kernel PPPoE driver. But so far as I know that updated package has not been migrated to 2.8 CE.

    Here is the commit into the DEVEL branch: https://github.com/pfsense/FreeBSD-ports/commit/68a06b3a33c690042b61fb4ccfe96f3138e83b72.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    571 Topics
    3k Posts
    K

    @pulsartiger
    The database name is vnstat.db and its location is under /var/db/vnstat.
    With "Backup Files/Dir" we are able to do backup or also with a cron.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    GertjanG

    @AlexK-0 said in Can't receive GeoIP databases updates anymore, banned:

    Days ago, I received from MaxMind an email, notifying me that my country has been banned to receive GeoLite City database updates.

    You've found a reason to use a VPN.

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    99 Topics
    2k Posts
    K

    @elvisimprsntr thanks for your suggestion. I will give it a try.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    493 Topics
    3k Posts
    johnpozJ

    @MacUsers

    https://help.zerossl.com/hc/en-us/articles/360060119933-Certificate-Revocation

    edit: oh you prob out of luck

    You can revoke any certificate issued via the ZeroSSL portal. Currently, certificates issued via ACME can not be revoked from inside the portal - please follow the instructions of your ACME client for revoking those certificates.

    the gui in pfsense does not have the ability to revoke - you prob have to move the certs to something you have certbot installed to and revoke that way.

  • Discussions about the FRR Dynamic Routing package on pfSense

    294 Topics
    1k Posts
    R

    I had a similar issue with Routed VTI over IPsec recently. FRR lost its neighbors after rebooting or when a tunnel went down. It never re-discovered it automatically. Only restarting FRR (either in GUI or via CLI) brought the neighbors back.

    When I manually added those under the OSPF neighbors tab in the GUI it seems to solve the problem as well.

  • Discussions about the Tailscale package

    89 Topics
    574 Posts
    A

    Hello,
    I am unable to get the Tailscale package to work. The page at VPN > Tailscale > Authentication is stuck. It displays the error "Tailscale is not online," but also shows a "Logout and Clean" button, with no option to log in.
    link text

    This state persists even after performing the following troubleshooting steps:

    Rebooting the pfSense router.

    Completely uninstalling and reinstalling the Tailscale package multiple times.

    Clearing browser cache and using a private browser window.

    Toggling the main "Enable Tailscale" checkbox in the settings.

    Checking the logs, which show the service gets a "terminate" signal and shuts down cleanly; it does not crash.

    Manually trying to delete the state file with rm /var/db/tailscale/tailscaled.state, which failed because the file does not exist.

    It appears that the package's configuration is corrupted in a way that persists even after reinstallation. Can anyone advise on how to perform a complete manual cleanup of all Tailscale files and settings?

  • Discussions about WireGuard

    689 Topics
    4k Posts
    P

    @patient0 Thanks for further suggestions. The tunnel is definitely up and so I don't think this is a CGNAT issue after all. WAN firewall rule is in place for UDP on port 51823 (otherwise the tunnel wouldn't work, right?). I can ping from client 1 -> client 2 and visa versa and also ping all points in between like you suggest. I just can't open an HTTPS connection from pfSenseB from Client 1 using a browser. But I can do this the other way round i.e. from Client 2 to pfSenseA

    I will try and do some packet capture to see if that reveals anything.

  • Arpwatch fails to download ethercodes.dat

    2
    0 Votes
    2 Posts
    588 Views
    E

    Here is a link to the bug report: https://redmine.pfsense.org/issues/10261

  • Service Watchdog Bug?

    2
    0 Votes
    2 Posts
    312 Views
    jimpJ

    That's the same as most any other page. Just click back or click away in the menu. Not a bug.

    There is no valid reason for anyone to add every service to the watchdog. It's illogical and highly likely to cause problems. Don't do that. Also not a bug since nobody should ever be in that situation.

  • Avahi-daemon choosing VIP instead of interface IP

    2
    0 Votes
    2 Posts
    468 Views
    C

    Based on feedback I've opened https://redmine.pfsense.org/issues/10253 to pfblockerng to move the default VIP bind to localhost instead of a user interface.

  • Syslog-ng not binding on multiple interfaces

    Moved
    1
    0 Votes
    1 Posts
    184 Views
    No one has replied
  • Unable to retrieve package info

    13
    0 Votes
    13 Posts
    1k Views
    GertjanG

    Don't know.

    And bye bye the security if it would be possible to change the URL being used for updates.

  • [solved] VPN Client Export Utility on 2.5.0-DEV

    3
    1 Votes
    3 Posts
    412 Views
    C

    Hello Hin4ik,
    thanks a lot for helping me here.
    I forgot to create a user certificate, after creating one I see also the config

    Kind Regards Robert

  • NTP PPS Jitter Question

    6
    0 Votes
    6 Posts
    2k Views
    C

    I have a Garmin 18x LVC wired and configured the same way (no LED though) and am also getting PPS jitter, see below

    Capture.PNG

  • DNS slave server ignoring updates from master

    3
    0 Votes
    3 Posts
    383 Views
    S

    Yeah, rndc doesn't work but it turns out it did eventually replicate. It just took hours and hours

  • HAProxy with thousand of additional certificates

    10
    0 Votes
    10 Posts
    1k Views
    C

    Sorry for weird word. Because of when I searching about memory_limit most of comments is to increase memory_limit configuration, and for pfsense I found to increase is in the file '/etc/inc/config.inc'. But after upgrade this file is override that the reason I said it's not a good idea ( not the right place ) to modify this file configuration.

    Thank you, If you want more information or any support from me don't hesitate to ask me.

  • Oracle Database Freeradius

    2
    0 Votes
    2 Posts
    362 Views
    kiokomanK

    it is not supported, you can ask a new feature here https://redmine.pfsense.org/
    your only option is to install freeradius on another machine or convert the database

    the configuration files are overwritten every time you change something on the GUI consequently you lose what you entered manually

  • Random Failing Websites

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • Testing Multicast using PIMD

    1
    0 Votes
    1 Posts
    431 Views
    No one has replied
  • New package: pimd

    Locked
    35
    11 Votes
    35 Posts
    14k Views
    jimpJ

    This seems to have strayed very far from the original intent of the thread. If you'd like to continue to discuss the merits of multicast routing in general, rather than issues directly related to the functionality of the package, start a new thread in an appropriate (non-packages) category.

    For those who have feedback about pimd, start a fresh thread for your individual issues. Please include details about your use case as well as current package settings. Ensure you are on pimd version 0.0.2.

    Locking this.

  • 0 Votes
    1 Posts
    374 Views
    No one has replied
  • [solved] Snort Registered User rules download fails

    13
    0 Votes
    13 Posts
    5k Views
    C

    I've been battling this as well. Be sure the Oinkcode is correct and without a leading space. Rookie mistake but it happens, drove me crazy for a week. Good luck!

  • HAProxy Listen On LAN - Pass Internal Traffic Through Proxy

    2
    0 Votes
    2 Posts
    589 Views
    B

    Did you figure this out? When I do, I'll post my response here.

  • Python 3 in pfsense

    28
    0 Votes
    28 Posts
    13k Views
    jwsiJ

    @guardian great! Look forward to hearing how you get on ☺

  • 0 Votes
    6 Posts
    731 Views
    johnpozJ

    https://docs.netgate.com/pfsense/en/latest/general/can-i-sell-pfsense.html

    What can not be offered is a commercial redistribution of pfSense software, for example the guidelines do not permit someone to offer “Installation of pfSense software” as a service or to sell a device pre-loaded with pfSense software to customers without the prior express written permission of ESF pursuant to the trademark policy.

  • FreeRadius 0.15.7_8 and you are using a SQL database ?

    1
    0 Votes
    1 Posts
    164 Views
    No one has replied
  • Freeradius error during install "username too long"

    2
    0 Votes
    2 Posts
    330 Views
    jimpJ

    I'm not sure where that error might be coming from, but it would not likely be relating to a user in the pfSense user manager, but a user in the FreeRADIUS settings. You might need to take a backup, edit out the affected settings, restore that, and then try again.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.