Ipguard package
-
Surge, ipguard can help.
Did you tried static mapping on pfSense dhcp+ Deny unknown clients?
No, and here's why: I run a WISP and I don't want to deny unknown clients. They can sign up online thru the captive portal and that's $$ ;D
However, I did try mapping it to an IP address, but pfSense tells me that I can't do that inside of the dynamic IP range….. which seems silly, actually.
-
Dear marcelloc,
i did download the ipguard last week and installed it on my pfsense 2.0.1 (amd64)
however, the services didnt run even i tried to start it manually
then a few days later i remove it back because i thought there was an error while it was installed
somehow, i cant find it again from the "packages" list, did you remove it?
how can i use this good features? im ran a wisp as well and i hope that i dont need to deny unknown clients ;)
waiting for your kind replythanks
cleancodex -
cleancodex,
check on installed packages tab, I did not removed the service.
There is a depedencie that is not included on this package yet.
you need to install libcap first. You can do this using pkg_add from freebsd repo or installing snort package before ipguard.
I'll try to fix it as soon as possible.
-
hello all,
there is prblm wth pfsense , installed ipguard-dev but in services status it shows not started , i go to firewall select ipguard, check to enable this rule , create a rule but still nothing happens … wht shuld i do next ??? -
same prblm faced
-
is this package done with dependencies?
-
-
is this package done with dependencies?
not yet. still need manual fix.
thanks, what are the dependencies needed for this package? i'm gonna test this and install manually all the dependencies first…
-
thanks, what are the dependencies needed for this package? i'm gonna test this and install manually all the dependencies first…
try just lippcap if it works, I'll push a fix to install process on 2.0.x.
amd64
http://files.pfsense.org/packages/amd64/8/All/libpcap-1.3.0.tbzi386
http://files.pfsense.org/packages/8/All/libpcap-1.3.0.tbz -
thanks! will test later and post results…
-
very Thx For who made this package alive :) AND THX FOR PFSENSE ITS FREEEEEEEEEEEE :) AND VERY HELPFUL :)
-
about the libipcap: its there on 2.0.x: /lib/libpcap.so.7
I have linked /lib/libpcap.so.7 to /lib/libpcap.so.1 and the binary from the v0.1 package is happy.
so, you can either create the link when you install the package or compile the bin to use /lib/libpcap.so.7there are some issues with the webgui: sorting (moving things up or down) is not permanent and there are empty entries shown for previously deleted mac/ip address sets.
otherwise, nice package! I hope it's still being worked on. :) -
two more things I would like to suggest:
- drop root privileges (add '-s nobody' to the startup parameters).
- don't use '-u 300', instead send SIGHUP to the process to reload the config when the user clicks save.
-
I'll take a look on it as soon as time permits.
-
Hi,
I have a problem with ipguard. I guess it is not working with DHCP. In my network, I have allocated IP addresses for WIFI clients ranging from 172.16.4.150-172.16.4.250 but when I run ipguard, wifi users can't obtain IP addresses. Can anyone help me please. Thanks.
-
Hello there,
I'm Using Ip guard on my pfsense captive portal to to restricted user for change ip address, here's my scenario :–----------------------------------------------------------------------------------------------------------------------------------------------------------
Internet ----------WAN (20.20.20.221/24)* pfsense (captive portal + Ipguard)*LAN (192.168.1.1/24) ---------------- client PC
My ipguard rule :
on wan 00:0c:29:ed:61:11 20.20.20.221 Pfsense WAN Interface
on lan 00:0c:29:ed:63:1e 192.168.1.1 Pfsense LAN Interface
on wan 00:00:00:00:00:00 20.20.20.0/24 WAN Net
on lan 1c:65:9d:b9:4f:f5 192.168.1.90 PC Manageranother my firewall rules:
allow LAN & WAN to any rule
I'm using dhcp client for another client, and mapping dchp static for special client
my purpose is to block another client with dhcp to using PC manager Ip Address using static IP on 192.168.1.90
the problem that i face is another user using dhcp client can use the PC manager Ip address with changing their ip address to static and using PC Manager Ip Address.
How can I can create best ip guard rule with this situation?
can anyone hel me. Thanks -
Ipguard is great! Tried it yesterday and is really what I was looking for. I have a suggestion though. Say I have a network client that I want to restrict to a single IP but I want everyone else to get IP through DHCP on the same subnet. It would be nice if overlapping rules were supported and followed priorities. Example:
00:00:00:00:00:00 192.168.0.0/24 Everyone is able to get any IP in this subnet
00:0c:29:ed:61:11 192.168.0.150 This computer can only get this IP. So this rule has a higher priority than the first one.I tried configuring that way and it didn't work.
As an alternate scenario I could try to register every single client's mac address but it really is a big annoyance. Hope the above could work.
-
Ipguard is great! Tried it yesterday and is really what I was looking for.
I was hoping you could describe what you are doing with it. I've tried using if several times and have never been able to get it to work the way I expect - I ended up creating custom IPFW rules…
What I want:
1.) allow dhcp to assign dynamic IP addresses (i.e. not turn on feature to deny unknown clients).
2.) block all network access for any client that uses a statically assigned IP address.For example, my XBox gets a statically assigned address. If another mac tries to use the same IP address, I want to block them from the network. Is this possible? When I've tried this with IPguard (by adding the mac and IP of the XBox), the second client (stealing the XBox address) seems to work just fine.
-
I badly need in ipguard for old 2.03 pfsense. Where can I get it (as pfsense package)?
Right now there is no ipguard package in the list of available packages.
Thanks in advance. -
Some news regarding removed packages from 2.3: https://doc.pfsense.org/index.php/2.3_Removed_Packages . I also regret that ipguard was not included in pfSense 2.3.
