1. Home
  2. pfSense Packages

Subcategories

  • Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

    4k Topics
    21k Posts
    A
    Docker image for squid 7.3 and above https://hub.docker.com/r/fredbcode/squid If pfsense does not push the update.

  • Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

    2k Topics
    16k Posts
    DARAD
    Hello team, I have a Netgate 8200 running 24.11-RELEASE (amd64) with Suricata 7.0.8_5 package installed. Suricata doesn't seem to start. It loops to red once I press the Play button on the interface. It leaves no logs in the System logs, it leaves no logs in suricata.log at /var/log/suricata/suricata_ovpns933787/suricata.log I tried launching it manually: # /usr/local/bin/suricata -V or # /usr/local/bin/suricata -c /usr/local/etc/suricata/suricata_33787_ovpns9/suricata.yaml -i suricata_ovpns933787 and I get this output ld-elf.so.1: /usr/local/bin/suricata: Undefined symbol "__strlcpy_chk@FBSD_1.8" Thanks in advance, Dara

  • Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

    573 Topics
    3k Posts
    dennypageD
    @kabeda If memory serves, that old version of ntopng did not run as user ntopng, but as user nobody. There are lots of problems in that old version. Anyway, check the ownership and permissions of /var/db/ntopng and make sure it matches the user that ntopng runs as. You may need to set ownership of the entire hierarchy. Example: /usr/sbin/chown -R nobody:nobody /var/db/ntopng However, the better choice would be to upgrade to a more recent version.

  • Discussions about the pfBlockerNG package

    3k Topics
    20k Posts
    tinfoilmattT
    @vicking said in No blocks on IP: Is it a bad idea to have the action set to deny both instead of inbound only? Question is squarely for admin. Per the infoblock which explains, in part, the "Deny Inbound", "Deny Outbound", and "Deny Both" actions: 'Deny' Rules: 'Deny' rules create high priority 'block' or 'reject' rules on the stated interfaces. They don't change the 'pass' rules on other interfaces. Typical uses of 'Deny' rules are: Deny Both - blocks all traffic in both directions, if the source or destination IP is in the block list Deny Inbound/Deny Outbound - blocks all traffic in one direction unless it is part of a session started by traffic sent in the other direction. Does not affect traffic in the other direction. One way 'Deny' rules can be used to selectively block unsolicited incoming (new session) packets in one direction, while still allowing deliberate outgoing sessions to be created in the other direction. In other words: When set to "Deny Inbound", incoming connection requests from WAN hosts are blocked and therefore no state will be created. However a LAN host can still establish state to an otherwise listed IP. If set to "Deny Outbound", outgoing connection requests from LAN hosts are blocked and therefore no state will be created. However an incoming connection request from an otherwise listed IP to an 'open' WAN port can still establish state. If set to "Deny Both", both incoming connection requests and outbound connections requests are blocked and therefore no state will be created regardless of connection direction.

  • Discussions about Network UPS Tools and APCUPSD packages for pfSense

    102 Topics
    3k Posts
    C
    @dennypage Nicely done sir!

  • Discussions about the ACME / Let’s Encrypt package for pfSense

    503 Topics
    3k Posts
    M
    I am using the DNS-Update method I have to use a DNS-Sleep of 5 minutes to let the letsencrypt txt dns record update propagate. During this 5 minutes the acme-webgui times out. when the acme-webgui times out the Action list is NOT executed. How can I solve this ? Would it maybe be an idea to let the acme.sh script execute the actions in the action list as a post-hook instead of the web-gui? Or maybe add an option to add post-hooks in the webUI ?

  • Discussions about the FRR Dynamic Routing package on pfSense

    296 Topics
    1k Posts
    C
    This one has been tricky still not sure what to try. Any ideas?

  • Discussions about the Tailscale package

    93 Topics
    654 Posts
    C
    @luckman212, Thanks for your suggestion. I will check what I have in /usr/local/pkg/tailscale/state, and also the RAM disk settings others have brought up. I could learn more about where Tailscale and pfSense store system files. If I find anything worth sharing, I will let you know.

  • Discussions about WireGuard

    715 Topics
    4k Posts
    H
    @RNM-0 Thanks for your comment and sharing your fix. Unfortunately I don't want to take down pfsense and downgrade versions. I'm currently fine at the moment since I'm using Tailscale and that works. I also fixed the other crash I was having with pfblocker by changing a line code that wasn't pushed out under this version. Hopefully the stable release won't take too long to release but it appears there's still some open bugs that need to be fixed before that happens, and ironically, both the pfblocker and wireguard issues aren't on that list of bug fixes.
Log in to post
Load new posts
  • P

    FreeRadius + Captive Portal "Amount of Time" Problem

    17
    0 Votes
    17 Posts
    3k Views
    GertjanG
    @mustafa-azzam said in FreeRadius + Captive Portal "Amount of Time" Problem: But I have another question now .. when radius is running, the command (radius -X) will not run? Radius is a process you can see as a "server process". Golden rule : on one and the same system, you can have on ONE server process that listens to a determined port. So, if you launch "FreeRadius" using the pfSense GUI, you have a radius process runnin. Example, right now, on my pfSense : [2.4.4-RELEASE][admin@pfsense.brit-hotel-fumel.net]/root: ps ax | grep radius 83839 - Is 0:18.74 /usr/local/sbin/radiusd 21455 0 S+ 0:00.00 grep radius As you know, it's easy to check what ports it's using. When I launch another, second radius process, it will bail out.
  • VeldkornetV

    gwled using high amounts of CPU on APU2

    1
    2
    1 Votes
    1 Posts
    384 Views
    No one has replied
  • J

    Squid & Squid Guard block pages

    2
    2
    0 Votes
    2 Posts
    389 Views
    KOMK
    No. This is just how it is for https connections.
  • N

    Python client library for FauxAPI available on PyPi

    1
    0 Votes
    1 Posts
    479 Views
    No one has replied
  • J

    Avahi - OpenVPN missing from deny interfaces

    7
    0 Votes
    7 Posts
    1k Views
    J
    @grimson Thanks! Didn't know about that widget... I've added it to my dashboard :) Some sort of built-in alerting would be good though. I just found this custom script another user wrote to alert on available system and package updates https://forum.netgate.com/topic/137707/auto-update-check-checks-for-updates-to-base-system-packages-and-sends-email-alerts
  • Y

    OpenBGPd not able to use prefix-set

    4
    0 Votes
    4 Posts
    674 Views
    Y
    @jimp said in OpenBGPd not able to use prefix-set: I can't remember if support for that is in FRR, but OpenBGPD is pretty much a dead end these days on FreeBSD (and especially pfSense). More than likely what you want to do can be done without much more effort on FRR. Thanks for the suggestions, I am new to FRR and looks really interesting, will for sure explore this in testing and see if we can make the transition. @biggsy said in OpenBGPd not able to use prefix-set: From what I can find prefix-set was introduced with OpenBSD 6.3 (released in April 2018). The FreeBSD version is old compared to the one in OpenBSD. Seem you are correct and that OpenBGPd on freebsd is far outdated and without the new prefix-set features :(
  • L

    i need something like fail2ban do on linux on pfsense or backend servers

    6
    0 Votes
    6 Posts
    919 Views
    L
    @nogbadthebad said in i need something like fail2ban do on linux on pfsense or backend servers: e the backend servers running any form of BSD, look here if they are:- thanks for reply!
  • T

    How to specify a non-standard mysql-Port in the Banyard2 configuration?

    1
    0 Votes
    1 Posts
    143 Views
    No one has replied
  • V

    Package unavailable

    3
    0 Votes
    3 Posts
    723 Views
    jimpJ
    The doc I'm linking is for upgrade troubleshooting but since upgrades and packages both use the same mechanism to pull info, this section is relevant to figuring out why you can't see packages, too: https://docs.netgate.com/pfsense/en/latest/install/upgrade-troubleshooting.html#force-pkg-metadata-update
  • G

    What is the status of ARPWATCH package?

    1
    0 Votes
    1 Posts
    157 Views
    No one has replied
  • KoDaK

    [arpwatch package] Ignore VRRP/CARP traffic

    1
    2 Votes
    1 Posts
    383 Views
    No one has replied
  • fireodoF

    LCDProc multiple instances after packages restart

    10
    0 Votes
    10 Posts
    1k Views
    fabricioguzzyF
    @stephenw10 said in LCDProc multiple instances after packages restart: Steve I will give it a try.. Thanks Much Steve!! Fabricio.
  • marcellocM

    Mailscanner + spamassassin + clamav package

    313
    0 Votes
    313 Posts
    334k Views
    D
    @marcelloc Hi Marcelloc, i have postfix and mailscanner running on pfsense 2.4.4-p1, i got the following warnings: MailScanner[64731]: Clamd::ERROR:: UNKNOWN CLAMD RETURN ./lstat() failed: Permission denied. ERROR :: /var/spool/MailScanner/incoming/64731 Permissions looks fine, i did chown -R postfix:postfix /var/spool/MailScanner/incoming/, also chmod -R 6666 to the same folder. Runas user on MailScanner.conf and clamd.conf is postfix. Also mailscanner logs display syntax errors: Mar 6 16:09:51 pfsense2 MailScanner[56749]: Syntax error(s) in configuration file: Mar 6 16:09:51 pfsense2 MailScanner[56749]: Unrecognised keyword "deliversuspiciouspdf" at line 93 Mar 6 16:09:51 pfsense2 MailScanner[56749]: Unrecognised keyword "pdfidcommand" at line 84 Mar 6 16:09:51 pfsense2 MailScanner[56749]: Unrecognised keyword "pdfidtimeout" at line 87 Mar 6 16:09:51 pfsense2 MailScanner[56749]: Unrecognised keyword "scanpdf" at line 90 Mar 6 16:09:51 pfsense2 MailScanner[56749]: Warning: syntax errors in /usr/local/etc/MailScanner/MailScanner.conf. Please Help.
  • marcellocM

    Sarg package for pfsense

    467
    0 Votes
    467 Posts
    625k Views
    Y
    @marcelloc Hello, Marcelo: Do you know how to install SARG in Hello, Marcelo: Do you know how to install SARG in pfsense 2.4.4, FreeBSD 11.2-RELEASE-p3 ? Thanks, Yosvany
  • K

    Not able to download Snort Signature on Pfsense

    6
    0 Votes
    6 Posts
    2k Views
    bmeeksB
    You must have a valid Oinkcode subscription code. You can have either a free registered code or a paid subscription code. You must obtain the code from the Snort.org web site. Next, if you are running any type of RAM disk configuration on your firewall, make sure you have at least 256 MB of free space in the /tmp directory (and preferably up to 512 MB free). Snort needs available free disk space to download the rules tarballs and unpack them during the update process. Running out of space on /tmp will cause all kinds of weird errors. Look at the pfSense system log to see if any errors show up there related to disk space. P.S. -- the only way to tell if disk space was an issue is to review the system log. When the update process finishes (either successfully or with a failure), it will clean up behind itself and delete the files and sub-directories it created in /tmp. So simply looking at the dashboard disk space widget will not reveal the problem.
  • P

    Secure logging to external server

    3
    0 Votes
    3 Posts
    546 Views
    bmeeksB
    @pipetennathan said in Secure logging to external server: Incase anyone else is stuck on this, I found the solution. Posted it here: https://forum.netgate.com/topic/136998/how-to-send-snort-alert-logs-to-graylog-without-barnyard2/6 This is a great solution as Barnyard2 has not been well supported in recent years by its developer. You could almost call it "dead" in a manner of speaking. It is likely that at some point down the road Barnyard2 will be pulled from the Snort and Suricata packages.
  • wgstarksW

    Snort blocking all torrents

    10
    0 Votes
    10 Posts
    5k Views
    bmeeksB
    @rango said in Snort blocking all torrents: I can try to disable Auto flow bit rule. Is it as easy as disable by the rule itself? My hardware has nothing to do with it. It's 2.4Ghz Quad core intel i5 processor with 4gb of ram able to run encryption at ~300Mbps. Without snort package it runs correct. It's snort component do it but since p2p and policy is not enabled i'm puzzled what rule or which component is doing this. If an additional auto-flowbit rule is alerting, it will show up on the ALERTS tab. But note that when in blocking mode, every Snort alert results in a corresponding block of the IP address unless that IP is in a Pass List. And a block will not "slow down" traffic, it will completely stop it. So I continue to be puzzled by your statement that Snort "slows down bandwidth to a few kb/sec". If Snort rule blocks are the issue, the traffic would completely stop: not just slow down.
  • H

    Snort stop working

    snort
    7
    0 Votes
    7 Posts
    3k Views
    Frequency295F
    I was confused on how to do this so after I figured it out I thought I would share. Click Services, Snort Edit the non functional snort interface e Click %Interface% Rules Click the drop down for Category: and choose GPLv2_community.rules Wait for it to load and disable x Sid: 49090 SERVER-SAMBA at the bottom of the page Save & Apply Then back on the Snort Interfaces tab you should now be able to start x snort on the Interface
  • T

    Is it possible to combine OTP and LDAP authentication with FreeRadius ?

    1
    0 Votes
    1 Posts
    246 Views
    No one has replied
  • T

    Upgrade from 2.4.2 to 2.4.4. Failed

    5
    0 Votes
    5 Posts
    1k Views
    T
    Rico, Thanks a million. I had to install a fresh install of 2.4.4 and restore the 2.4.2 config file from the GUI. It took a little while but everything is up and running. Thank you again for your time and assistance! Tom
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.