pfSense Packages

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Subcategories

Cache/Proxy

Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.

3.7k
Topics

20.6k
Posts

C

@viragomann Unfortunately it still just adds the :9001 at the and redirects. Do I need to change anything in HAproxy?
IDS/IPS

Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.

2.2k
Topics

15.6k
Posts

B

@killmasta93 said in Question about thresholds:

hi @bmeeks quick question so i added the following
threshold gen_id 1, sig_id 2009244, type both, track by_src, count 10, seconds 10, priority 1 threshold gen_id 1, sig_id 2009245, type both, track by_src, count 10, seconds 10, priority 1 threshold gen_id 1, sig_id 2009246, type both, track by_src, count 10, seconds 10, priority 1
would the variable
type both
work for both ends?

Thanks

Here is a link to the official Suricata docs describing the type: keyword: https://docs.suricata.io/en/latest/rules/thresholding.html#type-both. both specifies both a rate limit and threshold value.
Traffic Monitoring

Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.

555
Topics

2.7k
Posts

S

PROTOCOL-DNS Microsoft SMTP excessive answer records buffer overflow attempt

Just Curious what this is and how to stop it in snort, I first thought someone was trying to get in but now I am not so sure as I changed my external IP and it happened straight away
on the new External IP. From what I can gather its something to do with a vunerability in dns but at a loss where to start, if its not an issue then fine but its happening a lot.
pfBlockerNG

Discussions about the pfBlockerNG package

2.5k
Topics

19.1k
Posts

S

Wanted to get some feedback from folks before I upgrade to 24.11.
Is the latest pfBlockerNG 3.2.0_16 functioning ok on 24.11?
I moved away from Devel to Stable 6 months ago or so but see that the version hasn’t changed with the release of 24.11.
Just want to be sure I can expect all to function ok before I upgrade.
@BBcan177 can we expect a stable release of 3.2.1_20 perhaps or am I good to go?
Thanks in advance.
UPS Tools

Discussions about Network UPS Tools and APCUPSD packages for pfSense

87
Topics

2.3k
Posts

D

@firefox Glad you got it working
ACME

Discussions about the ACME / Let’s Encrypt package for pfSense

478
Topics

2.7k
Posts

K

@tinfoilmatt it looks like I have finally gotten the certificate to pop up but now I am dealing with getting 503 Service Unavailable error. Do you know if this is an HAProxy issue or on the cloudflare side?

Screenshot 2024-12-05 at 12.51.02 PM.png
FRR

Discussions about the FRR Dynamic Routing package on pfSense

280
Topics

1.1k
Posts

S

How is it configured? Does it appear correctly in vtysh 'show run'?
Tailscale

Discussions about the Tailscale package

75
Topics

428
Posts

E

@rocket

1.78.1 now available for FreeBSD 15

Freshports
WireGuard

Discussions about WireGuard

633
Topics

3.3k
Posts

C

@jmdomini I used this page when I first tried it..

https://www.wundertech.net/how-to-set-up-wireguard-on-pfsense/

F

Freeradius configuration and users lost after upgrade to 23.09

• • frog

3

0
Votes

3
Posts

330
Views

F

Discussed here: https://forum.netgate.com/topic/183065/upgrade-of-freeradius3-from-0-15-10-to-0-15-10_1-sets-all-configuration-values-to-default/7
J

System Patches package version 2.2.8

• • jimp

1

8
Votes

1
Posts

362
Views

No one has replied
L

pfSense - mailreport - authentication failure

• • lc63

5

0
Votes

5
Posts

671
Views

L

@Gertjan
Thank you for this clarification!
R

Bind rpz only gives max TTL of 5 seconds

• • r43K9o

2

0
Votes

2
Posts

336
Views

R

Today I did set up another test BIND server under linux configured it from ground up. And result is exactly the same. So this problem is not pfsense related. Its something I do not understand in Bind...
B

Got Crowdsec 0.0.4 installed on my pfSense (now upgraded to V0.1

• • bthoven

7

2
Votes

7
Posts

1.2k
Views

M

@SteveITS
I agree in terms of the function. It seems to work with other tools like Suricata or pfBlocker but with similar functionality.
I'm willing to give it a shot once its available officially tho. Could be interesting.
M

Openvpn wrapped by stunnel

• • mr-elamin2

1

0
Votes

1
Posts

275
Views

No one has replied
S

Restore missing FreeRADIUS config

• • SteveITS

10

0
Votes

10
Posts

1.5k
Views

S

@slu said in Restore missing FreeRADIUS config:

same problem after the upgrade to 0.15.10_1 today

Hmmm, rereading https://redmine.pfsense.org/issues/14806, if the issue happens on uninstall, that would always be the "old" package and therefore the issue is going to affect everyone until after they get on 0.15.10_1. :(
G

Upgrade of FreeRadius3 from 0.15.10 to 0.15.10_1 sets all configuration values to default.

• • GregBinSD

9

0
Votes

9
Posts

1.1k
Views

F

Oof, this wiped out my FreeRADIUS config as well. Did a full restore from a manual backup and a reboot. Thank goodness for backups.

Can this FreeRADIUS security issue get some love? I deleted all my users (1 user for each phone, iPad, laptop, etc.) to test it, and they're all still able to connect. Using EAP-TLS. That checkbox basically does nothing. Thanks

Check Client Certificate CN
Validate the Client Certificate Common Name

When enabled, the Common Name of the client certificate must match the username set in 'FreeRADIUS > Users'. (Default: Unchecked)
F

User Authentication with FreeRadius and Active Directory - possible?

• • FrankoniaDKB

2

0
Votes

2
Posts

1.1k
Views

S

Hi @FrankoniaDKB, did you find how to this? I'm trying the same, I want auth users on a Wireless Network but i can't make this work
I

Interface does not appear while creating a Span port

span interface securityonion sniffing bridge • • irdrgz

1

0
Votes

1
Posts

280
Views

No one has replied
B

"FreeRADIUS XMLRPC Sync" - Issue with Missing Certificates

• • BP-Dan

2

0
Votes

2
Posts

549
Views

V

Hello. Please tell me, is there any plans to fix the bug in FreeRadius XMLRPC Sync in which certificate settings disappear on the recipient after synchronization?

https://redmine.pfsense.org/issues/11802
more than two years have passed
C

Wireguard - Logs

• • couteauabeurre

5

0
Votes

5
Posts

4.3k
Views

F

@bigtfromaz Agreed. I'm also looking for a way to monitor logs, and potentially send out notifications on abnormal connections, eg. Connection from a previously unseen country, etc.

So far the only remote solution would be: https://github.com/MindFlavor/prometheus_wireguard_exporter

I don't feel like installing additional software on my router, but on the other hand, there doesn't seem to be a way to monitor these logs externally.

Please let me know if you find anything interesting.
E

Netgate pfSense Plus 23.05.1-RELEASE Repo Down

• • eroji

6

0
Votes

6
Posts

707
Views

J

@eroji well you have from the gui some previous process running..

What you see via some browser and a url isn't always going to be what is going on in the background..

Kill off that old upgrade process, and try with the gui..

edit: I just fired up my 23.05.1 VM and installed package just fine

works.jpg
K

Package Manager is not loading on PfSense+

• • Keaters44 0

3

0
Votes

3
Posts

434
Views

K

My problem was resolved by messaging one of the admins who work for Netgate. The issue was due to the fact I had to change out my 4 port NIC on my home built pfsense plus for a new one and it changed my NDI. Once I gave that to them and they updated it to the registered e-mail on file, the Available Packages came back. I hope this helps.
M

Wake On LAN works but CRON command fails

• • mowest

6

0
Votes

6
Posts

778
Views

M

@Gertjan

Thanks for all of your help with this issue. I'm unsure why yours is working when you use the actual ip address of your server in CRON, but mine is not.

Because of what I saw in the packet capture, I decided to imitate what the GUI is doing. I changed the command in CRON to:

/usr/local/bin/wol -i 192.168.2.255 bc:ee:7b:db:fc:f4

The above command works in CRON to wake up my server. From what you said, I'm guessing this is because "192.168.2.255" is the "broadcast address" of the LAN interface of the $(bcip) as described in your post.

/usr/local/bin/wol -i 192.168.2.4 bc:ee:7b:db:fc:f4

The original command above did nothing and didn't even show up in "packet capture" until after the server was already up and running, then I would get something similar to what you got in your packet capture in your screenshot above, as you can see from my previous post. However, the command with the actual ip address reserved for my server in Pfsense fails to wake-on-lan my server, but 192.168.2.255 does work.

Thanks for all of your advice and help which resulted in changing "4" to "255" and now it works.
T

Zabbix Proxy 6.2 - Is it posible to install the package manualy on pfsense vRelease 2.7

• • thtessem

1

0
Votes

1
Posts

331
Views

No one has replied
?

RFC (make up a number not in use) - Blueprint for setting up snort + pfblocker

• • A Former User

171

1
Votes

171
Posts

178.5k
Views

G

It's relevant for me too, thank you for explanation
J

2.6->2.7 PHP Error in status_traffic_totals

• • jhg-goow

2

0
Votes

2
Posts

441
Views

J

That error was probably from when the package was being removed. That particular error has been fixed in the 2.7.0 package for quite a long time:

https://redmine.pfsense.org/issues/13775
T

[SOLVED] Unable to Install or Upgrade Packages

• • tman222

44

1
Votes

44
Posts

29.5k
Views

M

Just wanted to post as I ran into this issue today. I was able to fix this by submitting a TAC ticket with my NDI and SN. The team found a mismatch in their database to which they fixed, and I was able to update all my packages.
V

telegraf / influxdb | Upgrade to 2.7 issues

• • vasquezmi

1

0
Votes

1
Posts

376
Views

No one has replied

9 / 461