1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    N

    Can I use pgblockerng aliases in Haproxy?

    80758505-9bad-4dad-a80b-c159be1045a2-image.png

    If it was a firewall rule, typing pfb would produce a dropdown to select.

    Here it has to be written, but will it work? Is it supported?

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    bmeeksB

    I saw where the Netgate kernel developer updated the Suricata package in the pfSense 25.07 development branch to work with the new kernel PPPoE driver. But so far as I know that updated package has not been migrated to 2.8 CE.

    Here is the commit into the DEVEL branch: https://github.com/pfsense/FreeBSD-ports/commit/68a06b3a33c690042b61fb4ccfe96f3138e83b72.

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    571 Topics
    3k Posts
    K

    @pulsartiger
    The database name is vnstat.db and its location is under /var/db/vnstat.
    With "Backup Files/Dir" we are able to do backup or also with a cron.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    GertjanG

    @AlexK-0 said in Can't receive GeoIP databases updates anymore, banned:

    Days ago, I received from MaxMind an email, notifying me that my country has been banned to receive GeoLite City database updates.

    You've found a reason to use a VPN.

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    99 Topics
    2k Posts
    K

    @elvisimprsntr thanks for your suggestion. I will give it a try.

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    493 Topics
    3k Posts
    johnpozJ

    @MacUsers

    https://help.zerossl.com/hc/en-us/articles/360060119933-Certificate-Revocation

    edit: oh you prob out of luck

    You can revoke any certificate issued via the ZeroSSL portal. Currently, certificates issued via ACME can not be revoked from inside the portal - please follow the instructions of your ACME client for revoking those certificates.

    the gui in pfsense does not have the ability to revoke - you prob have to move the certs to something you have certbot installed to and revoke that way.

  • Discussions about the FRR Dynamic Routing package on pfSense

    294 Topics
    1k Posts
    R

    I had a similar issue with Routed VTI over IPsec recently. FRR lost its neighbors after rebooting or when a tunnel went down. It never re-discovered it automatically. Only restarting FRR (either in GUI or via CLI) brought the neighbors back.

    When I manually added those under the OSPF neighbors tab in the GUI it seems to solve the problem as well.

  • Discussions about the Tailscale package

    89 Topics
    574 Posts
    A

    Hello,
    I am unable to get the Tailscale package to work. The page at VPN > Tailscale > Authentication is stuck. It displays the error "Tailscale is not online," but also shows a "Logout and Clean" button, with no option to log in.
    link text

    This state persists even after performing the following troubleshooting steps:

    Rebooting the pfSense router.

    Completely uninstalling and reinstalling the Tailscale package multiple times.

    Clearing browser cache and using a private browser window.

    Toggling the main "Enable Tailscale" checkbox in the settings.

    Checking the logs, which show the service gets a "terminate" signal and shuts down cleanly; it does not crash.

    Manually trying to delete the state file with rm /var/db/tailscale/tailscaled.state, which failed because the file does not exist.

    It appears that the package's configuration is corrupted in a way that persists even after reinstallation. Can anyone advise on how to perform a complete manual cleanup of all Tailscale files and settings?

  • Discussions about WireGuard

    689 Topics
    4k Posts
    P

    @patient0 Thanks for further suggestions. The tunnel is definitely up and so I don't think this is a CGNAT issue after all. WAN firewall rule is in place for UDP on port 51823 (otherwise the tunnel wouldn't work, right?). I can ping from client 1 -> client 2 and visa versa and also ping all points in between like you suggest. I just can't open an HTTPS connection from pfSenseB from Client 1 using a browser. But I can do this the other way round i.e. from Client 2 to pfSenseA

    I will try and do some packet capture to see if that reveals anything.

Log in to post
Load new posts
  • R

    Zabbix Agent Package error

    1
    0 Votes
    1 Posts
    305 Views
    No one has replied
  • E

    Squid doesn't display User Agent in Access Log

    12
    0 Votes
    12 Posts
    3k Views
    E

    thank you for that.. i will fix it from here..

    again thank you for your guidance

  • U

    How to block Only Facebook Video streaming in PFsense?

    1
    0 Votes
    1 Posts
    265 Views
    No one has replied
  • E

    Squid vs. pfBlocker For Content Blocking

    5
    0 Votes
    5 Posts
    5k Views
    P

    Hi.
    we have 300PCs and 15 Access points for Wifi in our College all are connected with the internet so I installed Pfsense 2.4.2 in Hyper-V. I need your help in configuring Squid guard and Pfblocker to control Internet access. please share the procedure you followed in your configuration. my mail-ID is sysadmin@gcrjy.ac.in

  • N

    Access AutoConfigBackup files from 2.4.4?

    3
    0 Votes
    3 Posts
    522 Views
    N

    @rico

    Thanks, I read that several times and couldn't see which scenario would allow me to access the backup files after the previous upgrade to 2.4.4, which was in October.

    I have my encryption code (from legacy setup) and the current device key.

    There's two possible solutions?

    #anchor(Restoring Backups from Another Firewall or a Previous Installation
    I)f the SSH key changes due to a re-installation of pfSense, the ACB package can restore a backup from the previous installation as long as the Device Key and the Encryption Password of the previous installation are both known.

    Navigate to the the Settings tab
    Set the Encryption Password to match the previous installation
    Navigate to the Restore tab
    Paste the old device key into the Device Key field
    Click the Submit button
    This temporarily allows ACB to display a list of backups for an alternate Device Key.

    ***** Does the Device Key change on reinstalling pfSense, or is it static for the hardware?**

    #anchor(Bare Metal Restoration
    I)f the hard drive is lost, the following procedure is necessary to recover the state of the new firewall installation to the last configuration change:

    Install pfSense on the new hard drive.
    Bring up LAN and WAN, and assign the hostname and domain exactly the same as it was previously configured.
    Install the AutoConfigBackup package.
    Configure the AutoConfigBackup package as described above, using the portal account and the same encryption password as used previously.
    Visit the Restore tab and choose the configuration to restore.
    After the restoration is done, reboot when prompted.

    ****I don't have this information. I may be able to find it, but it was not information I knew was critical.

  • H

    TINC "bug reporting"?

    1
    0 Votes
    1 Posts
    232 Views
    No one has replied
  • chudakC

    Mailreport useful command lines

    2
    0 Votes
    2 Posts
    280 Views
    NogBadTheBadN

    Snort alerts from yesterday:-

    grep ^date -v-1d +"%D" /var/log/snort/snort_igb0.2*/alert ; echo

    Interface stats via a shell script:-

    /root/scripts/vnstat-daily

    #!/bin/csh
    foreach int ( igb0.2 igb0.3 igb0.4 igb0.5 igb0.6 igb0.7 igb0.9 igb0.11 enc0 pppoe0 )
    echo
    /usr/local/bin/vnstat -i $int -h
    echo
    end

  • drthirunaD

    pfSense FreeRADIUS:LDAP with G Suite LDAP

    1
    0 Votes
    1 Posts
    264 Views
    No one has replied
  • J

    Can i whitelist ip addresses before passing https traffic to haproxy?

    10
    0 Votes
    10 Posts
    1k Views
    bepoB

    Nice! I am happy that this helped you! :-)
    Please dont forget to upvote 🐕

  • N

    FauxAPI, a REST based API for pfSense

    18
    0 Votes
    18 Posts
    24k Views
    N

    Hi @jullienl - could you add a __debug=true as a URL parameter and provide the response message in this thread - authentication failures have plenty of logging and messages around them to help identify where problem(s) might be coming from - should be fairly easy to resolve - N

  • chudakC

    Arpwatch email notifications don't work

    5
    0 Votes
    5 Posts
    773 Views
    chudakC

    @johnpoz

    Yup, works as designed !
    Withdrawn !

  • S

    how connect Freeradius to AD by LDAP

    3
    0 Votes
    3 Posts
    800 Views
    S

    see below
    https://forum.netgate.com/topic/140135/how-connect-freeradius-to-ms-ad/4

  • P

    APCUPSD - CYBERPOWER USB UPS

    Locked
    4
    0 Votes
    4 Posts
    9k Views
    R

    Sorry for stepping in 2 years later, however, there are 3 variables you need to check:

    UPSTYPE, DEVICE, AND UPSCABLE.

    In my case, I have:

    UPSCABLE smart
    UPSTYPE usb
    DEVICE

    and it works perfectly, indeed it works fine with my CyberPower CP1000AVRLCDa.

    In my case, I had to have 'UPSCABLE smart' set or it wouldn't detect it.

  • major501M

    (SOLVED) no repo package load error :acces repo

    10
    0 Votes
    10 Posts
    1k Views
    major501M

    i fix my problem when i leave wan in dhcp i can have package list and update and i can ping !!!
    alt text
    thank you for your help

  • A

    pfsense Reverse Proxy with outlook 2011 for mac

    1
    0 Votes
    1 Posts
    247 Views
    No one has replied
  • R

    Using the FreeRADIUS package to authenticate against macOS Server Open Directory

    2
    0 Votes
    2 Posts
    604 Views
    C

    @robin24 said in Using the FreeRADIUS package to authenticate against macOS Server Open Directory:

    I was actually able to set up the macOS server as an authentication server in PFSense, so I can now log in to Webconfigurator using the accounts stored in LDAP.

    I'm trying to do the same thing, and would setlle for just LDAP auth, can you post your settings? Did you ever get this the radius server to work? If so I'd love to hear how!
    Thanks,
    mike

  • rdsmith24R

    Package Server Problems?

    10
    0 Votes
    10 Posts
    1k Views
    ?

    Hi @rdsmith24,

    Glad to hear the issue is resolved! If you see this behavior again and reimaging does not fix, please do not hesitate to open a ticket.

    Thank you,

    -James

  • J

    Avahi filtering?

    1
    1 Votes
    1 Posts
    532 Views
    No one has replied
  • L

    Schema for certificate to use om HAProxy and internal websites

    1
    0 Votes
    1 Posts
    333 Views
    No one has replied
  • M

    Arpwatch enhancements -> Interface descriptions and email with interface information

    1
    1 Votes
    1 Posts
    536 Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.