Subcategories

  • Discussions and feedback related to this forum

    607 Topics
    3k Posts
    johnpozJ

    @microserfs and what IP was that - clearly your current IPv6 address is not block that I show you connected with.. And the only other IPv4 I see you using is not blocked.. You would have to let me know what IP you were coming from that was blocked.. Send it to me via PM if you don't want to make it public.

  • Community Hiring and For Hire postings related to jobs that require pfSense software skills

    27 Topics
    114 Posts
    w0wW

    @sef1414
    Name it "run.sh", copy to pf and chmod according documentation
    https://docs.netgate.com/pfsense/en/latest/development/boot-commands.html#shell-script-option
    You will see messages in the system log like those quoted in the script after logger command.

  • Anybody know what these were used in? Cisco PS.

    9
  • Whats Next?

    14
    0 Votes
    14 Posts
    955 Views
    Dobby_D

    @digiguy

    pfSense Documentation

    You could have a look in, if you find something you may interested or it is matching your needs or fitting the rest of
    your network. If you find something configure it out following that docu.

  • 0 Votes
    10 Posts
    4k Views
    noplanN

    @noplan said in Ideas how to block certain webs (youtube) for kid's PC with possibility to enabling it for some hours.:

    time based rules

    4ef62a83-acbd-41c2-a9ca-b04a60e9379e-grafik.png

    configure your time range and add
    looks like something like that
    63cd6497-a933-4056-b845-7c965b2ea1a3-grafik.png

    save

    lets go build a firewall rule

    but 1st set up an alias for all your kids devices if you have em put not togehter in a VLAN

    90e4be13-0378-4f14-837d-72bd779846d9-grafik.png

    then
    7672a23d-3b1e-4284-90bd-0959cea50e21-grafik.png

    Action= Pass
    Source = ALIAS of your devices
    DESTINATION = the pfB Alias pfB created
    f4d9a175-3d18-4237-9fb2-c14e3f38f53d-grafik.png

    Fire and forget !

    could be usefull but think about it carefull
    6c4c2155-1a73-4208-baf8-e54f29276800-grafik.png

    if needed or not

    17de044f-4c94-4be7-97c6-837b34d70a9a-grafik.png

    **BUT IMPORTANT TO CHECK **

    666900a9-6ef1-49e8-8f18-36f24d0948f7-grafik.png

    db4967b4-ad2a-4043-9e5f-d140c4a55c43-grafik.png

    so that should do teh magic

    have fun and keep us posted !

  • How do I uninstall PF sense Community Edition from my laptop

    Moved
    33
    0 Votes
    33 Posts
    3k Views
    S

    @patch ok

  • Hardware for custom build

    5
  • Software Testing Resources - Suggestions

    Locked
    5
    0 Votes
    5 Posts
    865 Views
    MauroPlanctonM

    It's great that you're trying hard. While online cources can be a great starting point, it's also important to consider other options such as attending workshops, attending a bootcamp or finding a mentor in the field.

  • ntopng helping you troubleshoot

    3
    0 Votes
    3 Posts
    778 Views
    M

    @keyser

    @keyser said in ntopng helping you troubleshoot:

    so it’s not worth much when it comes to forensics.

    Oh i absolutely agree. Im just trying to see how much i can do on a budget of nothing. :)
    Considering NTOPNG is the community edition and there really isnt much in the way of usefulness that can really be gathered by the traffic identification i figured it was neat that the flows Suricata saw NTOP saw and reported it. That certainly wont be the case all the time.

    From what i can tell, ntop is really good at figuring out current top talkers.
    For more historical data im looking at NFSEN but i cant get that to run on Ubuntu 20.04. Documentation is very dated.

  • Proxmox or ESXI

    8
    0 Votes
    8 Posts
    1k Views
    V

    I use PVE. Everything is very stable and no problems.

  • This topic is deleted!

    1
    0 Votes
    1 Posts
    8 Views
    No one has replied
  • 0 Votes
    3 Posts
    2k Views
    B

    @backspacemild Thank you.

  • Cloud-init for Pfsense

    7
    0 Votes
    7 Posts
    3k Views
    NollipfSenseN

    @yasa Instead of a prepackaged FreeBSD, couldn't you download and install pfSense ISO on the VM? I planned on doing this (just waiting to buy a bare metal Lenovo) with OpenStack on VMware ESXI. If your project is for your home/lab, alternatively, you could try TNSR since it's based on Linux and the cloud version (AWS & Azure) starts at $0.127/hr.

  • Help on rules

    Moved
    10
    0 Votes
    10 Posts
    1k Views
    R

    @afcarvalho said in Help on rules:

    If I check the reverse option I am doing what?

    This is, at least on the english language side, called "Invert" meaning the switcher of NOT.

    Check the box and it will say the IP is NOT the value of what you entered then do something.

    If you're using a language translation and it is stating something that does not mean 'opposite' or 'invert' or 'not' then please let us know by opening a redmine :)

  • Lenovo M91p Motherboard and Dell intel 1000vt 4 port NIC

    6
    0 Votes
    6 Posts
    871 Views
    S

    @stephenw10 I have just watched the video and its actually might help another issue with a raid card I have been having problems with as well so again extremely appreciated now

  • 1 Votes
    2 Posts
    437 Views
    stephenw10S

    Ooops! 😉

  • IPS external logging

    5
    0 Votes
    5 Posts
    1k Views
    M

    @keyser said in IPS external logging:

    but rather just have full monitoring and alerting of usage, issues and downtime.

    I use a combination of Zabbix and Graylog for email notifications. You're right, pfelk was more for visualization as i had more than one pfsense out there and wanted a central dashboard. In the end, to be honest, its more cumbersome to get it all set up and sorted out.

    There is a project out there that i use personally.
    https://github.com/VictorRobellini/pfSense-Dashboard

    I got a nice visualization in Grafana. My current dashboard

    42b3c220-d41f-4b48-8d35-8977d05de613-image.png

  • This topic is deleted!

    1
    0 Votes
    1 Posts
    5 Views
    No one has replied
  • Anomaly in the Pfsense 2.6 restoration process?

    2
    0 Votes
    2 Posts
    633 Views
    S

    @peterkrautle I suggest comparing the .xml config file backups from each to see if there’s a difference.

  • DNS Whitelist Project

    3
    0 Votes
    3 Posts
    794 Views
    GertjanG

    @danielayer said in DNS Whitelist Project:

    DNS Whitelist project

    Easy answer : you can't.
    Making a list with allowed DNS hosts is impossible as it will take unimaginable resources to store this file (or even creating it).
    And the moment you have it, it's already outdated, as thousands of new hosts have been created, and some have expired.
    "whitelisting" the Internet is like managing a list with all the phone numbers on planet earth.

    The way doing things is using lists with sites you don't want to access 😊
    ( I know, I knew you meant to do that )

    The good news is : these lists already exist.
    That's one of the reasons why the pfBlockerng-devel pfSense project has been created.

    Btw : small detail :

    3fb52aa8-ffba-4b1c-b3a4-87e5f4a3ec92-image.png

    Go for "Null blocking (logging).
    Like this :

    ca458a55-7caa-40b1-a421-1508be5a35c2-image.png

    The idea of showing a web page that informs the user he wanted to visit a site that is blocked doesn't work for 99,99 % of all cases.
    The 0,001 % are the sites that are still http (not https). The number tells you : they don't exist anymore.

  • Happy New Year 2.7 Style

    2
    0 Votes
    2 Posts
    440 Views
    No one has replied
  • Graylog server on a raspberry pi

    11
    1 Votes
    11 Posts
    5k Views
    M

    @michmoor said in Graylog server on a raspberry pi:

    The 'count' in your charts. Should we assume thats how many sessions were created on the firewall, i.e. how many times a packet hit that rule?

    Based on what I've observed so far, this would be the same thing you would see in System logs > Firewall in Pfsense logs.

    Since its a game, it is probably using UDP, right? I never played Roblox.. So I can't tell.

    You can click the play button inside this chart to take a look at each of those entries to check.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.