Packages wishlist?
-
My Whishlist:
Simple "ifdown" package - reboot. (if not able to ping a given host, reboot pfsense)
..or can this be done with cron and a command directly on the box itself ?
-
Why the hell would you want to reboot your pfSense???
-
Why the hell would you want to reboot your pfSense???
Let my just state: that pfsense is unbeatable stable (for the price and functions available) and have been running for months and (would be years..) but my ISP is making "hiccups on the cable" which makes the traffic suddenly stop flowing.. Read more if you like here; http://forum.pfsense.org/index.php/topic,69879.msg381954.html#msg381954
I have 3 Reason:
1. When doing a controlled reboot all data /traffic etc is saved.
2. When my ISP is doing some upgrade/"fixing".. I sometimes reboot the cable modem.. and sometimes I have to reboot pfsense too, to get internet running again.
3. When I'm not home - and internet stoppes working, my system will try to get online again automatically. (and people don't have to start calling me ;-)) -
Why the hell would you want to reboot your pfSense???
Let my just state: that pfsense is unbeatable stable (for the price and functions available) and have been running for months and (would be years..) but my ISP is making "hiccups on the cable" which makes the traffic suddenly stop flowing.. Read more if you like here; http://forum.pfsense.org/index.php/topic,69879.msg381954.html#msg381954
I have 3 Reason:
1. When doing a controlled reboot all data /traffic etc is saved.
2. When my ISP is doing some upgrade/"fixing".. I sometimes reboot the cable modem.. and sometimes I have to reboot pfsense too, to get internet running again.
3. When I'm not home - and internet stoppes working, my system will try to get online again automatically. (and people don't have to start calling me ;-))If not a package, here is a howto: http://forum.pfsense.org/index.php/topic,71335.msg389446.html#msg389446
-
this script may help you undestanding how to install it on freebsd.
Most of this are already done on snort package
https://github.com/shirkdog/snorby-bsd/blob/master/snorbyInstall.shHi Marcello, have you tested this Snorby script on 2.1 Release?
Can you share some screenshots of the interface?
-
I would like to see an OSSEC package. Their website says FreeBSD is suppored. http://www.ossec.net/?page_id=165
I would also like to see pfBlocker updated to include domain blocking on top of the existing IP based lists and the ability to use .csv lists.
and finally pfCenter to monitor and control several pfSense boxes in one application.
-
portspoof could be a nice addition
https://github.com/drk1wi/portspoof
This gets a vote from me. Sounds awesome!
Would really need this.
-
Is there a PhantomJS package for FreeBSD? Found a port at FreeBSD org, but was hoping for a ready to go package.
http://www.freebsd.org/cgi/ports.cgi?query=phantomjs&stype=all
http://svnweb.freebsd.org/ports/head/lang/phantomjs/ -
@BBcan17:
I would like to see an OSSEC package. Their website says FreeBSD is suppored. http://www.ossec.net/?page_id=165
I think an OSSEC Agent package would be a GREAT addition to the lineup. I believe it would be a reletivly easy package to build as it is already BSD compatable and requires very few user inputed settings to have it up and running (< 4 I think). While syslog works well enough for remote log generation an OSSEC Agent would provide a huge number of additional awesome feature that syslog was not ment to include. (log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response - according to their website) But the thing that does it the most for me is the fact that OSSEC is being integrated into many open source SIEM projects, and the inclusion of an OSSEC package would allow pfSense to be even better integrated into a quality SIEM/UTM environment.
A final note, OSSEC is a free and open source product and seems to follow a similar philosophy to the pfTeam and appear to be in it for the long haul.
EDIT: Im using this as a way to practice building a package and hosting a repository, I don't have anything worthwhile yet but if anyone has any suggestions send me a message, dont post here. Thanks!
-
@Sickcero:
@BBcan17:
I would like to see an OSSEC package. Their website says FreeBSD is suppored. http://www.ossec.net/?page_id=165
I think an OSSEC Agent package would be a GREAT addition to the lineup. I believe it would be a reletivly easy package to build as it is already BSD compatable and requires very few user inputed settings to have it up and running (< 4 I think). While syslog works well enough for remote log generation an OSSEC Agent would provide a huge number of additional awesome feature that syslog was not ment to include. (log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response - according to their website) But the thing that does it the most for me is the fact that OSSEC is being integrated into many open source SIEM projects, and the inclusion of an OSSEC package would allow pfSense to be even better integrated into a quality SIEM/UTM environment.
A final note, OSSEC is a free and open source product and seems to follow a similar philosophy to the pfTeam and appear to be in it for the long haul.
EDIT: Im using this as a way to practice building a package and hosting a repository, I don't have anything worthwhile yet but if anyone has any suggestions send me a message, dont post here. Thanks!
I believe they are working on having an OSSEC Server installation. I hope that it can also be run as an "Agent" as I already have an OSSEC Server on my system.
-
@BBcan17:
@Sickcero:
@BBcan17:
I believe they are working on having an OSSEC Server installation. I hope that it can also be run as an "Agent" as I already have an OSSEC Server on my system.
Nice! I would assume that we would have agent functions by themselves if we should so chose, I would hope so anyway! :) Im in the same boat as you, I already have a server and just need to be able to integrate my pf boxes with agent functionality.
-
enhance squid/ lusca package that would auto propagate based on the PC's profile so we dont have to manually set things but just to make some edition.
also with snort, if its ok that onese installed it auto propagate or auto config to a standard based on the PC capacity.
-
I'm currently working on an alternative to squid/dansguardian/squidguard that uses a commercial categorization engine.
In about 2 weeks time we will be looking for a few beta testers of this package.
Features will include:
- node.js based http proxy/dns filter
- Commercial based categorization engine
- HTTP filtering based on categories
- DNS filtering based on categories
- AD integration
- Fully customizable block/login/tos pages
We will be looking for feedback and bug reporting.
If you would be interested in participating in this test, please let me know.
Thanks,
James -
Hi,
i didnt read the full list with 30 pages but back to last year. My wish is a simple update of the actual squid package to 3.4.x - whould nice to use an actual one ;) -
Notice the multi-master database, mariadb / galera has a little state-saving daemon, garbd, which is a 'member' of a cluster but doesn't save any data. It serves only to keep track of which other 'real' members were up and when. The purpose is to prevent 'split brain' events from happening, as one 'real' database instance and one 'garbd' instance is enough, while one database instance alone shuts down for fear of 'split brain' corruption.
If pfsense supported garbd only, then real failover and a multi-master database with only two other systems is possible. And, with pfsync, multiple garbd instances provide better assurances. It's a natural, really, for pfsense.
-
The CRON gui should be split into two sections, one which is maintained on the specific machine, and another which is automatically synced via the usual pfsync/HA option.
Presently it's a bit of a pain to remember to manually update some, but not all, cron entries on backup pf boxes.
-
The "Filer" package should have an option so that the given command can be run after any change to config.xml.
If you want to stay entirely 'pure' within the xml, (avoid ugly hacks), the only way to do this is create a cron job that looks for changes and then runs a list of commands.
-
The "Filer" package should have an option so that the given command can be run after any change to config.xml.
I do not recommend filer to edit files that pfsense does after any change.
-
Would really love an implementation of either of the following
- Freenas
- Bacula Server
- Simple FTP server for file storage
- Samba (with UI)
Most of the above are already available in some adhoc way on pfsense (except bacula server and Freenas) , but really appreciate a UI based installation and management.
thanks
-
I'd love to have privoxy available on PfSense.
