@accidentallyadmin oh yeah I did. There was a bug in pfblocker restoring from backup didn't help in my case because the package was still installed. I was able to get it working :D

@accidentallyadmin Nevermind, I found it 😬

@wgstarks yeah I don't have mac anything, only apple I have is iphone and ipad.. and not having any issues with those devices.

But yeah if you have a CA already and signed cert.. If it was installed the error would be that its expired not that you don't trust it.

@Gertjan hmm, yeah disabling that it stopped binding and it makes sense that to redirect it should also bind port 80.
However, that option is actually very useful. Then the problem is with HAProxy. It is trying to bind to every interface with "0.0.0.0" when WAN IP is not present. This should be the problem. Can someone try to replicate that?

@denitrosubmena said in PLEASE stop enforcing firewall rules on pfsense!!! Let us manage our own firewall rules!!!:

My use-case i have pfsense installed at the edge and i need to access it via the WAN address that is public, like every other hardware router in the damn world that is the one that connects directly to internet

To be fair, there's no router anywhere, sold commercially, that's set up to allow access from the public WAN to its webGUI. At least not any that didn't ship without being misconfigured by accident at the factory. Are you suggesting you wanted pf to forward 80 and 443 by default? This is all rhetorical anyway, as pf definitely allows a local connection to the WAN port during setup, which makes things much easier. When LAN has been set up, it's obviously not needed anymore.

@denitrosubmena said in PLEASE stop enforcing firewall rules on pfsense!!! Let us manage our own firewall rules!!!:

proxmox which was blocking everything

I'm new here, but even I think it would have been a great idea to mention right away that pfSense was being virtualized. And on top of that, behind some POS like Proxmox.

@jstaczek said in Route to gateway www.webgui.nokiawifi.com?:

So, ok. Somewhere DNS believes that www.webgui.nokiawifi.com

I guess, this is, what your DNS resolver gets. It might be requesting your ISP router, or the router does intercepting DNS.

I'll have to look for the cable in the box to learn more about the console access! In the meantime, I deleted some of the auto default boot environments from the GUI and it has really worked wonders. Thanks for this.

alt text

@LucasMoraes said in Error Pages WebGUI:

language other than English, it always worked but after this last update which was automatic it started to present errors

A translation issue is what I suspected.
It shouldn't fail, though.

@ff101 you might want to combine them into one rule, just create an alias that has your web gui port(s) - I don't have mine listen on 80 at all. Disabled the redirection option.

And don't forget ssh (normally port 22) if you have ssh enabled on pfsense..

create a virtual IP in pfsense right? I have read about this with accessing dmarc points modems infront of the firewall on the demilitarized zone. This I think creates a known route to something.

@bmeeks

Hi bmeeks

I was installing only the suricata package with the command "pkg install suricata".

Now, with the command "pkg install pfsense-suricata-7.0.6" it worked. The package was listed in the WebGUI.

Thank you very much.

@rcoleman-netgate reviving this topic because I think I'll move all my notifications from Telegram to Discord.

Right now Discord supports webhooks (like OP said). I believe it would be a matter of allowing users to set one and pushing the notifications to it. Whatever other stuff is needed for that to work would be on the user.

I'll take a look at the code for the notifications and see if I can work something out. Unless there's some reason not to support webhooks.

@GeorgePatches said in How can I edit the default 404 page?:

If you could point me to where that is, I'd appreciate the help. 🙂

I'll show you how to find the way to find the file :

I presume you have some ideas about where the nginx config file is located, as it is the same as any other device out there that contains a web server :

/var/etc/nginx-webConfigurator.conf

That file is full with unique words = perfect grep-food, pick one of them. I chose 'fastcgi_intercept_errors'.
Now, the sledgehammer solution to locate the file you're looking for : check /etc/ and /usr/ :

[24.03-RELEASE][root@pfSense.bhf.tld]/etc: grep -R 'fastcgi_intercept_errors' * inc/system.inc: $intercept_errors = "\t\t\tfastcgi_intercept_errors on;\n";

In /usr/ you'll find :

Binary file local/sbin/nginx matches local/share/vim/vimfiles/syntax/nginx.vim:syn keyword ngxDirective contained fastcgi_intercept_errors

which also contain the word 'fastcgi_intercept_errors' for reasons I don't need to explain ^^

So /etc/inc/system.inc is your candidate.

You'll find the function system_generate_nginx_config() where the nginx config file is build.

@Jarhead it works, but that's not intuitive at all

@johnpoz Thank you!

@Gertjan thank you!