Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Packages wishlist?

    Scheduled Pinned Locked Moved pfSense Packages
    661 Posts 384 Posters 1.6m Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kilko
      last edited by

      My Whishlist:

      Simple "ifdown" package - reboot.  (if not able to ping a given host, reboot pfsense)

      ..or can this be done with cron and a command directly on the box itself ?

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        Why the hell would you want to reboot your pfSense???

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • K
          kilko
          last edited by

          @GruensFroeschli:

          Why the hell would you want to reboot your pfSense???

          Let my just state: that pfsense is unbeatable stable (for the price and functions available) and have been running for months and (would be years..) but my ISP is making "hiccups on the cable" which makes the traffic suddenly stop flowing..  Read more if you like here; http://forum.pfsense.org/index.php/topic,69879.msg381954.html#msg381954

          I have 3 Reason:

          1. When doing a controlled reboot all data /traffic etc is saved.
          2. When my ISP is doing some upgrade/"fixing".. I sometimes reboot the cable modem.. and sometimes I have to reboot pfsense too, to get internet running again.
          3. When I'm not home - and internet stoppes working, my system will try to get online again automatically. (and people don't have to start calling me ;-))

          1 Reply Last reply Reply Quote 0
          • K
            kilko
            last edited by

            @kilko:

            @GruensFroeschli:

            Why the hell would you want to reboot your pfSense???

            Let my just state: that pfsense is unbeatable stable (for the price and functions available) and have been running for months and (would be years..) but my ISP is making "hiccups on the cable" which makes the traffic suddenly stop flowing..  Read more if you like here; http://forum.pfsense.org/index.php/topic,69879.msg381954.html#msg381954

            I have 3 Reason:

            1. When doing a controlled reboot all data /traffic etc is saved.
            2. When my ISP is doing some upgrade/"fixing".. I sometimes reboot the cable modem.. and sometimes I have to reboot pfsense too, to get internet running again.
            3. When I'm not home - and internet stoppes working, my system will try to get online again automatically. (and people don't have to start calling me ;-))

            If not a package, here is a howto: http://forum.pfsense.org/index.php/topic,71335.msg389446.html#msg389446

            1 Reply Last reply Reply Quote 0
            • BBcan177B
              BBcan177 Moderator
              last edited by

              @marcelloc:

              this script may help you undestanding how to install it on freebsd.

              Most of this are already done on snort package
              https://github.com/shirkdog/snorby-bsd/blob/master/snorbyInstall.sh

              Hi Marcello, have you tested this Snorby script on 2.1 Release?

              Can you share some screenshots of the interface?

              "Experience is something you don't get until just after you need it."

              Website: http://pfBlockerNG.com
              Twitter: @BBcan177  #pfBlockerNG
              Reddit: https://www.reddit.com/r/pfBlockerNG/new/

              1 Reply Last reply Reply Quote 0
              • BBcan177B
                BBcan177 Moderator
                last edited by

                I would like to see an OSSEC package. Their website says FreeBSD is suppored.        http://www.ossec.net/?page_id=165

                I would also like to see pfBlocker updated to include domain blocking on top of the existing IP based lists and the ability to use .csv lists.

                and finally pfCenter to monitor and control several pfSense boxes in one application.

                "Experience is something you don't get until just after you need it."

                Website: http://pfBlockerNG.com
                Twitter: @BBcan177  #pfBlockerNG
                Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                1 Reply Last reply Reply Quote 0
                • ?
                  Guest
                  last edited by

                  @Derf:

                  portspoof could be a nice addition

                  https://github.com/drk1wi/portspoof

                  This gets a vote from me. Sounds awesome!

                  Would really need this.

                  1 Reply Last reply Reply Quote 0
                  • N
                    NOYB
                    last edited by

                    Is there a PhantomJS package for FreeBSD?  Found a port at FreeBSD org, but was hoping for a ready to go package.

                    http://www.freebsd.org/cgi/ports.cgi?query=phantomjs&stype=all
                    http://svnweb.freebsd.org/ports/head/lang/phantomjs/

                    1 Reply Last reply Reply Quote 0
                    • J
                      JWTrance
                      last edited by

                      @BBcan17:

                      I would like to see an OSSEC package. Their website says FreeBSD is suppored.        http://www.ossec.net/?page_id=165

                      I think an OSSEC Agent package would be a GREAT addition to the lineup. I believe it would be a reletivly easy package to build as it is already BSD compatable and requires very few user inputed settings to have it up and running (< 4 I think). While syslog works well enough for remote log generation an OSSEC Agent would provide a huge number of additional awesome feature that syslog was not ment to include. (log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response - according to their website) But the thing that does it the most for me is the fact that OSSEC is being integrated into many open source SIEM projects, and the inclusion of an OSSEC package would allow pfSense to be even better integrated into a quality SIEM/UTM environment.

                      A final note, OSSEC is a free and open source product and seems to follow a similar philosophy to the pfTeam and appear to be in it for the long haul.

                      EDIT: Im using this as a way to practice building a package and hosting a repository, I don't have anything worthwhile yet but if anyone has any suggestions send me a message, dont post here. Thanks!

                      1 Reply Last reply Reply Quote 0
                      • BBcan177B
                        BBcan177 Moderator
                        last edited by

                        @Sickcero:

                        @BBcan17:

                        I would like to see an OSSEC package. Their website says FreeBSD is suppored.        http://www.ossec.net/?page_id=165

                        I think an OSSEC Agent package would be a GREAT addition to the lineup. I believe it would be a reletivly easy package to build as it is already BSD compatable and requires very few user inputed settings to have it up and running (< 4 I think). While syslog works well enough for remote log generation an OSSEC Agent would provide a huge number of additional awesome feature that syslog was not ment to include. (log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response - according to their website) But the thing that does it the most for me is the fact that OSSEC is being integrated into many open source SIEM projects, and the inclusion of an OSSEC package would allow pfSense to be even better integrated into a quality SIEM/UTM environment.

                        A final note, OSSEC is a free and open source product and seems to follow a similar philosophy to the pfTeam and appear to be in it for the long haul.

                        EDIT: Im using this as a way to practice building a package and hosting a repository, I don't have anything worthwhile yet but if anyone has any suggestions send me a message, dont post here. Thanks!

                        I believe they are working on having an OSSEC Server installation. I hope that it can also be run as an "Agent" as I already have an OSSEC Server on my system.

                        https://github.com/pfsense/pfsense-packages/pull/526

                        "Experience is something you don't get until just after you need it."

                        Website: http://pfBlockerNG.com
                        Twitter: @BBcan177  #pfBlockerNG
                        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                        1 Reply Last reply Reply Quote 0
                        • J
                          JWTrance
                          last edited by

                          @BBcan17:

                          @Sickcero:

                          @BBcan17:

                          I believe they are working on having an OSSEC Server installation. I hope that it can also be run as an "Agent" as I already have an OSSEC Server on my system.

                          https://github.com/pfsense/pfsense-packages/pull/526

                          Nice! I would assume that we would have agent functions by themselves if we should so chose, I would hope so anyway! :)  Im in the same boat as you, I already have a server and just need to be able to integrate my pf boxes with agent functionality.

                          1 Reply Last reply Reply Quote 0
                          • O
                            onlineph
                            last edited by

                            enhance squid/ lusca package that would auto propagate based on the PC's profile so we dont have to manually set things but just to make some edition.

                            also with snort, if its ok that onese installed it auto propagate or auto config to a standard based on the PC capacity.

                            1 Reply Last reply Reply Quote 0
                            • J
                              jamesmr89
                              last edited by

                              I'm currently working on an alternative to squid/dansguardian/squidguard that uses a commercial categorization engine.

                              In about 2 weeks time we will be looking for a few beta testers of this package.

                              Features will include:

                              • node.js based http proxy/dns filter
                              • Commercial based categorization engine
                              • HTTP filtering based on categories
                              • DNS filtering based on categories
                              • AD integration
                              • Fully customizable block/login/tos pages

                              We will be looking for feedback and bug reporting.

                              If you would be interested in participating in this test, please let me know.

                              Thanks,
                              James

                              1 Reply Last reply Reply Quote 0
                              • S
                                sunghost
                                last edited by

                                Hi,
                                i didnt read the full list with 30 pages but back to last year. My wish is a simple update of the actual squid package to 3.4.x - whould nice to use an actual one ;)

                                1 Reply Last reply Reply Quote 0
                                • H
                                  hcoin
                                  last edited by

                                  Notice the multi-master database, mariadb / galera has a little state-saving daemon, garbd, which is a 'member' of a cluster but doesn't save any data.  It serves only to keep track of which other 'real' members were up and when.  The purpose is to prevent 'split brain' events from happening, as one 'real' database instance and one 'garbd' instance is enough, while one database instance alone shuts down for fear of 'split brain' corruption.

                                  If pfsense supported garbd only, then real failover and a multi-master database with only two other systems is possible.  And, with pfsync, multiple garbd instances provide better assurances.  It's a natural, really, for pfsense.

                                  1 Reply Last reply Reply Quote 0
                                  • H
                                    hcoin
                                    last edited by

                                    The CRON gui should be split into two sections, one which is maintained on the specific machine, and another which is automatically synced via the usual pfsync/HA option.

                                    Presently it's a bit of a pain to remember to manually update some, but not all, cron entries on backup pf boxes.

                                    1 Reply Last reply Reply Quote 0
                                    • H
                                      hcoin
                                      last edited by

                                      The "Filer" package should have an option so that the given command can be run after any change to config.xml.

                                      If you want to stay entirely 'pure' within the xml, (avoid ugly hacks), the only way to do this is create a cron job that looks for changes and then runs a list of commands.

                                      1 Reply Last reply Reply Quote 0
                                      • marcellocM
                                        marcelloc
                                        last edited by

                                        @hcoin:

                                        The "Filer" package should have an option so that the given command can be run after any change to config.xml.

                                        I do not recommend filer to edit files that pfsense does after any change.

                                        Treinamentos de Elite: http://sys-squad.com

                                        Help a community developer! ;D

                                        1 Reply Last reply Reply Quote 0
                                        • A
                                          abidkhanhk
                                          last edited by

                                          Would really love an implementation of either of the following

                                          • Freenas
                                          • Bacula Server
                                          • Simple FTP server for file storage
                                          • Samba (with UI)

                                          Most of the above are already available in some adhoc way on pfsense (except bacula server and Freenas) , but really appreciate a UI based installation and management.

                                          thanks

                                          1 Reply Last reply Reply Quote 0
                                          • C
                                            comi
                                            last edited by

                                            I'd love to have privoxy available on PfSense.

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.