Packages wishlist?
-
I would like to see MRTG/RRDTOOL integrated, to show graphs on latency, wan/lan/wifi/dmz traffic, cpu/disk usage, etc…
Keep up the good work.
Greetings EriSan
Most of this is supported now in the pfstat package
-
I'd really love to see snort added to the packages. Squidguard would also be a nice addition.
-
I'd really love to see snort added to the packages. Squidguard would also be a nice addition.
I've already got plans on a squidGuard package once I've gotten Squid to a stable release.
Mike
-
For example IPCop is sucessful in that it has had 2.5 million downloads for the 1.4 series, however I do not think the project developers are aware just how much the addons with features such as content filtering and client side friendly VPN projects such as OpenVPN popularize the project.
To define how important /popular certain features are over other features, a whole new firewall distro endian has been developed from IPCop. Here is what it states about the features it has on the home page.
The features include a stateful packet inspection firewall, application-level proxies for variuos protocols (HTTP, POP3, SMTP) with antivirus support, virus and spamfiltering for email traffic (POP and SMTP), content filtering of Web traffic and a "hassle free" VPN solution (based on OpenVPN).
-
I'd really love to see snort added to the packages. Squidguard would also be a nice addition.
I've already got plans on a squidGuard package once I've gotten Squid to a stable release.
Mike
Mike,
I am really looking forward to that!! Great work so far I love Pfsense, such a great idea!!! ;D
-
I'm really looking forward to the squidGuard package too, once squid is stable
-
I don't know if you guys know hamachi (http://www.hamachi.cc) I have a virtual network card for it in my linux box and I love it, I can always "call home" from anywere I am.
Having a virtual Hamachi interface on a pfSense box would be totally great! -
This looks interesting, I'll have a look at it. Seems it's for linux though, so it might need some porting.
-
@pbs:
I don't know if you guys know hamachi (http://www.hamachi.cc) I have a virtual network card for it in my linux box and I love it, I can always "call home" from anywere I am.
Having a virtual Hamachi interface on a pfSense box would be totally great!Hamachi's source is closed, and nobody has reported success running it on BSD systems. A developer stated back in September that demand for a BSD version is high enough that they may look into making one in the future.
-
There is actually somebody that was running it on OpenBSD (with few problems) http://forums.hamachi.cc/viewtopic.php?t=1079&highlight=bsd
-
@pbs:
There is actually somebody that was running it on OpenBSD (with few problems) http://forums.hamachi.cc/viewtopic.php?t=1079&highlight=bsd
I believe the topic in question referred to running Hamachi on a Windows or Linux system that was set up behind the pf firewall - not running the client itself on BSD.
-
Now that i had a chance to read it again … it make sense ... sorry! :-X
-
I want a wireless scanning program like kismet if we can get it in.
-
I want a wireless scanning program like kismet if we can get it in.
We have pkg_add.
Run (from a shell prompt):
pkg_add -r ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.0-release/All/kismet-200507.r1a.tbz
rehashThen kismet will be available from a shell
-
Id like to see the broken FreeRadius package updated and fixed. Please? ;)
-
Id like to see the broken FreeRadius package updated and fixed. Please? ;)
Patches accepted – We are busy fixing bugs in the base system.
-
i would like to see a package for cups. it would be useful to have the ability to use this machine as a *nix print server for small businesses
-
i would like to see a package for cups. it would be useful to have the ability to use this machine as a *nix print server for small businesses
Generally an extremely bad idea. Firewalls shouldn't also be used as general purpose servers. But hey, in the spirit of "allowing one to shoot oneself in the foot" I suppose if someone wrote a package for this it'd be added.
-
This will make more sense down the road when the package manager outgrows pfSense and we become a firewalling or server platform. :P
-
Can you add trafd(bpft) with mysql or cnupm, and WEB interface for him?
-
Can you add trafd(bpft) with mysql or cnupm, and WEB interface for him?
Can we? No. Can you? Yes.
We'll happily take package submissions but the coreteam is too busy to create packages.
-
ok, when i build package i tell you.
But i have some question, how to be with /etc/crontab? On update pfsense he is clear, but i need it. Or you use another task sheduler system?
Where can i get specifiaction for xml parametrs for web interface? To do web interface. -
ok, when i build package i tell you.
But i have some question, how to be with /etc/crontab? On update pfsense he is clear, but i need it. Or you use another task sheduler system?
Where can i get specifiaction for xml parametrs for web interface? To do web interface.Use /etc/crontab. We have a function call to update a file with a line.
For studying, use cvs.pfsense.com/cgi-bin/cvsweb.cgi/tools/packages
-
FreeNAS should be pretty easy to integrate into pfSense as a pkg … it seems a good way to use extra HD's :-
http://www.freenas.org/ -
@pbs:
FreeNAS should be pretty easy to integrate into pfSense as a pkg … it seems a good way to use extra HD's :-
http://www.freenas.org/Different goals. We do not plan on turning pfSense into a server platform just yet. We need to focus on firewalling.
-
I wouldnt mind helping with the package development, but I will need to go learn web programming. php it seems.
-
Currently our package manager uses:
-
XML
-
PHP
-
Shell Scripts
-
Much sweat and tears
-
-
Currently our package manager uses:
-
XML
-
PHP
-
Shell Scripts
-
Much sweat and tears
No problem. already got the xml and shell scripting down, its the php part that I have no experience with. anyhow I dont thing It should be hard for me to learn since im a programmer. ;)
-
-
I would love to have nano (the text editor)
Edit
Grrr..here I go and try to figure out how to compile from source code and all that it took was pkg_add -r nano && rehash
Thanks. I'm not so familiar with freebsd so I tend to do stuff backwards ::)http://www.freebsd.org/cgi/man.cgi?query=pkg_add&sektion=1
-
pkg_add -r nano
rehash -
know what i would love? I'd love to see this "distro" remain lean and super good at being a firewall.
You want statistics and graphs? setup cacti somewhere on your network and use snmp to monitor your firewall.
You want a print server? set one up on your network somewhere.
You want dozens of other non-firewall/non-content filtering related things? Set them up.For god sakes, let your firewall be what it is intended to be…. safe, fast, stable, and secure --- inside AND out.
While I dont think a full bind implementation is the greatest idea, especially considering the numerous security exploits via bind over the years, but a "light" version as a package would be really beneficial for those of us who have reverse dns delegated to us. In my particular case, I host all my forward dns with my domain registrar, while my datacenter provider has control of my IP space. They dont do any special reverse dns hosting for anyone, but will happily delegate it out.
Something as simple as having an extra field listed along side my virtual ips for "reverse dns response" or "reverse dns name" would be SO great. VIPS get cached by arp, the traffic flows to the firewall. I have my provider delegate rev-dns to my firewall wan ip and rev-dns responses could be easily served. Doesnt need to be a fancy full implementation of bind, but even the most rudimentary functionality would be a huge time saver for me.
my 2 cents.
-
asterisk@home
;D -
my vote is cs source server.
ducks
-
know what i would love? I'd love to see this "distro" remain lean and super good at being a firewall.
You want statistics and graphs? setup cacti somewhere on your network and use snmp to monitor your firewall.
You want a print server? set one up on your network somewhere.
You want dozens of other non-firewall/non-content filtering related things? Set them up.For god sakes, let your firewall be what it is intended to be…. safe, fast, stable, and secure --- inside AND out.
If you want lean and mean, no problem, just install the bare bone pfSense.
But I'd say if the pfSesne community wants to create a package to use pfSense as a print server or whatever let them do it. if you dont want it on your box simple don't install it. Let the users decide what they want to do with their firewall, I'm sure the core dev team wont put time into creating half these packages, If the community wants to dev packages let them go ahead include the packages as they see fit and leave the decision in the hands of the user. thats just my 2 cents. -
If you want lean and mean, no problem, just install the bare bone pfSense.
But I'd say if the pfSesne community wants to create a package to use pfSense as a print server or whatever let them do it. if you dont want it on your box simple don't install it. Let the users decide what they want to do with their firewall, I'm sure the core dev team wont put time into creating half these packages, If the community wants to dev packages let them go ahead include the packages as they see fit and leave the decision in the hands of the user. thats just my 2 cents.Amen. That's exactly our idea and rationale up to this point. It's you're box, you can do what you want. It may not always be a good idea to do so, but you have that choice.
-
How about iptraf?
IPTraf is a pretty useful realtime network monitoring package
http://iptraf.seul.org/
Regards,
Brian -
May be if don't miss some thing and understand the main idea of project
1. ng_netflow and some web_iface for it.
2. flow-tools ( here i would like to tell some words about why: on radioethernet it will be usefull to collect data localy and send to some server by cron)
3. tcshrc from /usr/ports/shells/tcshrc/. I understand that main idea of project is to make little and easy web based router/firewall but if something wrong i as always first try to see whats going on by ssh not by web_iface
4. syslog_ng or some thing to move logs from router to another server
seems to be all -
IPTraf is a pretty useful realtime network monitoring package
Check the consolemenu or ssh in. Try the pftop option. It's similiar to this.
-
IPTraf is a pretty useful realtime network monitoring package
Check the consolemenu or ssh in. Try the pftop option. It's similiar to this.
And ntop does a good job of providing trend information as well.
-
IPTraf is a pretty useful realtime network monitoring package
Check the consolemenu or ssh in. Try the pftop option. It's similiar to this.
Not that good as IPtraf…. IPtraf shows for example number of pkt per second, statistics for interrested port, protocol etc..
It's very usefull and powerfull tool. IMHO
;-)