Packages wishlist?
-
A STUN server package would also be VERY useful.
http://sourceforge.net/projects/stun/
Basically, as "low end" hardware gets more powerful, pfSense would be very useful to evolve into a "network border server" in addition to being a firewall router.
Tons of services that need to be available from the public net, and that one may not want to puncture the protective wall, could simply run on the firewall device: STUN, OwnCloud, FreeSwitch/Asterisk/PBSinAFlash, Suricata/Snort, privoxy/trackmenot/TOR, etc.
If we don't want a totally cluttered environment, at some point it may make sense to have "official" packages, which are fully integrated and tested to cover certain aspects of a network border server.
-
A STUN server package would also be VERY useful.
http://sourceforge.net/projects/stun/
Basically, as "low end" hardware gets more powerful, pfSense would be very useful to evolve into a "network border server" in addition to being a firewall router.
Tons of services that need to be available from the public net, and that one may not want to puncture the protective wall, could simply run on the firewall device: STUN, OwnCloud, FreeSwitch/Asterisk/PBSinAFlash, Suricata/Snort, privoxy/trackmenot/TOR, etc.
If we don't want a totally cluttered environment, at some point it may make sense to have "official" packages, which are fully integrated and tested to cover certain aspects of a network border server.
To complement stun, STUN-over-TCP (http://sourceforge.net/projects/stunovertcp) would be a good combination with Vovida STUN (http://sourceforge.net/projects/stun/).
-
ziproxy!
http://ziproxy.sourceforge.net/download.html
-
portspoof could be a nice addition
https://github.com/drk1wi/portspoof
-
I wish Snorby would be as a package. I have setup on another machine it is very handy. I don't want to have to run 2 machines to do this. I have enough CPU for both in firewall machine
-
Since Snort is single-threaded, wouldn't it be nice to include a package for suricata (http://suricata-ids.org/) which supports mutli-threaded processing?
Ref: http://workshop.netfilter.org/2013/wiki/images/1/1f/Eric_Leblond_IDS-suricata.pdf
Looks like a great one. I also think the non-proprietary nature would make it a better fit, and with more and more GPU-power, CUDA support could make quite a difference in CPU load and allow for better utilization of existing hardware.
Also, Snort, over the past, seems to have been rather fickle, and quite the resource hog. Anything that's more efficient and less picky or easier to configure would be a good step forward.+1 from me
-
Actually a forum wishlist: make sub-sections for each package under the Packages section.
It's pretty hard to browse all relevant threads relevant to a particular package, it would be easier to have these threads grouped.
That would also make it easier for maintainers to have a quick look if there's activity, and for users to see if a package is alive.- 1 from me too as i was ordering a adtrap wich do not work.
And to ship it back again is like ordering a new
- 1 from me too as i was ordering a adtrap wich do not work.
-
this script may help you undestanding how to install it on freebsd.
Most of this are already done on snort package
https://github.com/shirkdog/snorby-bsd/blob/master/snorbyInstall.sh -
strongSwan!
-
-
Any antivirus solution for squid-dev or installation wayout.
Thanks
-
A bandwidth monitor that allows you to keep track of Data Caps. Kind of like Traffic Accounting in IPCop.
-
I would love a package that could remove spikes from RRD graphs. Cause sometimes when I reboot pfSense I get really high spikes on the graphs that is not normal, and it destroys the whole graph.
Some links about this matter:
https://github.com/mhagander/rrdclean
http://acktomic.com/2007/08/31/removing-spikes-from-rrd-databases/
http://www.serveradminblog.com/2010/11/remove-spikes-from-rrd-graphs-howto/ -
My Whishlist:
Simple "ifdown" package - reboot. (if not able to ping a given host, reboot pfsense)
..or can this be done with cron and a command directly on the box itself ?
-
Why the hell would you want to reboot your pfSense???
-
Why the hell would you want to reboot your pfSense???
Let my just state: that pfsense is unbeatable stable (for the price and functions available) and have been running for months and (would be years..) but my ISP is making "hiccups on the cable" which makes the traffic suddenly stop flowing.. Read more if you like here; http://forum.pfsense.org/index.php/topic,69879.msg381954.html#msg381954
I have 3 Reason:
1. When doing a controlled reboot all data /traffic etc is saved.
2. When my ISP is doing some upgrade/"fixing".. I sometimes reboot the cable modem.. and sometimes I have to reboot pfsense too, to get internet running again.
3. When I'm not home - and internet stoppes working, my system will try to get online again automatically. (and people don't have to start calling me ;-)) -
Why the hell would you want to reboot your pfSense???
Let my just state: that pfsense is unbeatable stable (for the price and functions available) and have been running for months and (would be years..) but my ISP is making "hiccups on the cable" which makes the traffic suddenly stop flowing.. Read more if you like here; http://forum.pfsense.org/index.php/topic,69879.msg381954.html#msg381954
I have 3 Reason:
1. When doing a controlled reboot all data /traffic etc is saved.
2. When my ISP is doing some upgrade/"fixing".. I sometimes reboot the cable modem.. and sometimes I have to reboot pfsense too, to get internet running again.
3. When I'm not home - and internet stoppes working, my system will try to get online again automatically. (and people don't have to start calling me ;-))If not a package, here is a howto: http://forum.pfsense.org/index.php/topic,71335.msg389446.html#msg389446
-
this script may help you undestanding how to install it on freebsd.
Most of this are already done on snort package
https://github.com/shirkdog/snorby-bsd/blob/master/snorbyInstall.shHi Marcello, have you tested this Snorby script on 2.1 Release?
Can you share some screenshots of the interface?
-
I would like to see an OSSEC package. Their website says FreeBSD is suppored. http://www.ossec.net/?page_id=165
I would also like to see pfBlocker updated to include domain blocking on top of the existing IP based lists and the ability to use .csv lists.
and finally pfCenter to monitor and control several pfSense boxes in one application.
-
portspoof could be a nice addition
https://github.com/drk1wi/portspoof
This gets a vote from me. Sounds awesome!
Would really need this.
