@HLPPC said in pfSense on iPhone:

There are probably easier ways to go about implementing a firewall

Umm, yes. Just about any other way!

That doesn't look like a full VM host. I've no idea how you might go about booting FreeBSD there. At a guess I'd say that's impossible.

At the very least I would start with OpenWRT. But that too looks like it wouldn't work in what appears to be a terminal emulator. Unless I'm misreading it horribly.

Steve

@michmoor you know big tech says, They say : "Squid is dangerous ..." You want to maintain it with me? We just need to fix the gui is all

Yeah, and they spent a lot of time fixing and putting in features in this release. I don't blame them for taking some time off before they jump into another release.

They have been releasing patches for 24.03 for specific bugs that are problematic though, so their not just sitting idle.

Its working now with the Plus 24.02 beta installer.
Only cavehat u need to run the installer , note the NDI, contact TAC support to pre activate that NDI.(because new Hardware)
After that Installer will run and detect activated NDI so u can install.

https://redmine.pfsense.org/issues/15411

Backtrace:

db:0:kdb.enter.default> bt Tracing pid 11 tid 100007 td 0xfffffe0003fd6720 kdb_enter() at kdb_enter+0x32/frame 0xfffffe000379d9c0 vpanic() at vpanic+0x183/frame 0xfffffe000379da10 panic() at panic+0x43/frame 0xfffffe000379da70 trap_fatal() at trap_fatal+0x409/frame 0xfffffe000379dad0 trap_pfault() at trap_pfault+0x4f/frame 0xfffffe000379db30 calltrap() at calltrap+0x8/frame 0xfffffe000379db30 --- trap 0xc, rip = 0xffffffff80b05c80, rsp = 0xfffffe000379dc00, rbp = 0xfffffe000379dc00 --- vmxnet3_isc_txd_credits_update() at vmxnet3_isc_txd_credits_update+0x20/frame 0xfffffe000379dc00 iflib_fast_intr_rxtx() at iflib_fast_intr_rxtx+0xf7/frame 0xfffffe000379dc60 intr_event_handle() at intr_event_handle+0x123/frame 0xfffffe000379dcd0 intr_execute_handlers() at intr_execute_handlers+0x4a/frame 0xfffffe000379dd00 Xapic_isr1() at Xapic_isr1+0xdc/frame 0xfffffe000379dd00 --- interrupt, rip = 0xffffffff8125b026, rsp = 0xfffffe000379ddd0, rbp = 0xfffffe000379ddd0 --- acpi_cpu_c1() at acpi_cpu_c1+0x6/frame 0xfffffe000379ddd0 acpi_cpu_idle() at acpi_cpu_idle+0x2fe/frame 0xfffffe000379de10 cpu_idle_acpi() at cpu_idle_acpi+0x48/frame 0xfffffe000379de30 cpu_idle() at cpu_idle+0x9e/frame 0xfffffe000379de50 sched_idletd() at sched_idletd+0x4d1/frame 0xfffffe000379def0 fork_exit() at fork_exit+0x7d/frame 0xfffffe000379df30 fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe000379df30 --- trap 0, rip = 0, rsp = 0, rbp = 0 ---

We've seen that a few times and looked into it. We submitted a bug fix for it upstream: https://reviews.freebsd.org/D43712

Disabling multi-queue support prevents it if you're hitting it repeatedly.

Increasing the descriptor counts in the tunables will make it happen less frequently. But will still eventually hit it.

Steve

Or in: https://redmine.pfsense.org/projects/pfsense-plus

@John-Willard

pfSense has python.
Open up a command line : console, or SSH into pfSEnse, and fire it up :

[23.09.1-RELEASE][root@pfSense.bhf/tld]/root: python3.11 -h usage: python3.11 [option] ... [-c cmd | -m mod | file | -] [arg] ... Options (and corresponding environment variables): -b : issue warnings about str(bytes_instance), str(bytearray_instance) and comparing bytes/bytearray with str. (-bb: issue errors) -B : don't write .pyc files on import; also PYTHONDONTWRITEBYTECODE=x -c cmd : program passed in as string (terminates option list) -d : turn on parser debugging output (for experts only, only works on debug builds); also PYTHONDEBUG=x ........

Be aware : pfSense is a firewall, not a dev system.
You'll have a hard time pulling in more packages and other tools that maybe not present in the base system.

@John-Willard said in Python and pfSense:

Does pfSense have an API

pfSense is build upon the FreeBSD kernel, and that one is 100 % open source.
But again : it's probably not on pfSense that you develop anything, it's not the correct environment.

Btw : Snort, Surriata, Wireshark etc are all binaries, certainly not "interpreted scripts" ;)

@Ellis-Michael-Lieberman said in A questions about certs from a small-shop / home user (Maybe wrong category?):

Do I understand that you want me to list "pfsense.netwrightt.net" in my public record?

if you want Letsencrypt to sign you a certificate that contains "pfsense.netwrightt.net" you must proof the Letsencrypt that you are "pfsense.netwrightt.net" == that you handle (admin, own, etc) that domain name.
There are multiple ways to do this, hence the big list here : https://github.com/acmesh-official/acme.sh/wiki/dnsapi

Example : there is a domain name server that handles "netwrightt.net". With a acme.sh script, and access credentials your registrar gave you, acme.sh access your registrar's domain server, and places in the sub domain /.well-known/ a text (TXT) file. The filename and content of the file name are give to acme.sh by Letsencrypt.
When done, Letencrypt test the existence of that file name, and the content, so it knows that you 'admin' that domain name.
This method is called "rfc2136".
Since then, registrars have created their own methods and that's what the dnsapi list is so big.

@stephenw10 That would be greatly appreciated! Thanks!

Nice. 👍

New build is good.

@jrey said in Need Help...Want to build custom pFSense build...:

@dapperamer786 said in Need Help...Want to build custom pFSense build...:

with my required changes in the GUI

What? the GUI is web based.
There are even some completely different dashboards floating around.

what is it are you trying to do?

I think what he is trying to do is install pfSense with his backup config? Rather than install a clean install then go through the process of uploading the config.xml in backup/restore.

@hulleyrob said in Creating a new dashboard widget:

Are there any tutorials for this or does someone know of a good starting point?

I want to create a widget that would show the current days totals from traffic totals stats page.

All the code should already be done in the php files but I have no idea how to go about running it to see what it already gets and what I need to do to filter out the data I want.

Seems like a simple thing but hopefully if I would use it other people would find it useful too.

Any help would be appreciated.

To begin building a widget that shows daily traffic totals from PHP files, you must first comprehend the PHP code that is currently in use and how the data is computed. For the widget, set up an HTML structure and apply CSS styling. Use JavaScript to asynchronously retrieve data from PHP so that the widget is updated dynamically. Verify locally that the PHP files are retrieving data properly. PHP should be modified if needed to support APIs. For a thorough overview, look for tutorials on HTML, CSS, JavaScript, and PHP. Install the widget on a server so that anyone can use it and maybe help others who are looking for a similar feature.

After attempting to manually start vnstatd, you can check its status using the following command:
service vnstatd status
You should ensure that the configuration file for vnstatd is correctly set up. You can find the configuration file at /usr/local/etc/rc.d/vnstatd. See if any parameters or settings that might have changed in the new version. If your system uses systemd, there might be conflicts between the init system and systemd. Ensure that vnstatd is configured to work correctly with your init system. Even though you haven't found anything in the General logs, it's worth checking other logs such as /var/log/messages for any potential vnstatd-related issues.

@JonathanLee I am running 2.7.2-RELEASE and everything is the latest.

Thank you for doing this important research Fabricio. I apologize if I have misspelled your name. Please connect with me. I have information that can help both of us.

@heartk What shell are you running ?

If its /bin/csh if ends with an endif

That one is not plus specific, the commit referenced there is showing on Github.