Packages wishlist?
-
@BBcan17:
I would like to see an OSSEC package. Their website says FreeBSD is suppored. http://www.ossec.net/?page_id=165
I think an OSSEC Agent package would be a GREAT addition to the lineup. I believe it would be a reletivly easy package to build as it is already BSD compatable and requires very few user inputed settings to have it up and running (< 4 I think). While syslog works well enough for remote log generation an OSSEC Agent would provide a huge number of additional awesome feature that syslog was not ment to include. (log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response - according to their website) But the thing that does it the most for me is the fact that OSSEC is being integrated into many open source SIEM projects, and the inclusion of an OSSEC package would allow pfSense to be even better integrated into a quality SIEM/UTM environment.
A final note, OSSEC is a free and open source product and seems to follow a similar philosophy to the pfTeam and appear to be in it for the long haul.
EDIT: Im using this as a way to practice building a package and hosting a repository, I don't have anything worthwhile yet but if anyone has any suggestions send me a message, dont post here. Thanks!
-
@Sickcero:
@BBcan17:
I would like to see an OSSEC package. Their website says FreeBSD is suppored. http://www.ossec.net/?page_id=165
I think an OSSEC Agent package would be a GREAT addition to the lineup. I believe it would be a reletivly easy package to build as it is already BSD compatable and requires very few user inputed settings to have it up and running (< 4 I think). While syslog works well enough for remote log generation an OSSEC Agent would provide a huge number of additional awesome feature that syslog was not ment to include. (log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response - according to their website) But the thing that does it the most for me is the fact that OSSEC is being integrated into many open source SIEM projects, and the inclusion of an OSSEC package would allow pfSense to be even better integrated into a quality SIEM/UTM environment.
A final note, OSSEC is a free and open source product and seems to follow a similar philosophy to the pfTeam and appear to be in it for the long haul.
EDIT: Im using this as a way to practice building a package and hosting a repository, I don't have anything worthwhile yet but if anyone has any suggestions send me a message, dont post here. Thanks!
I believe they are working on having an OSSEC Server installation. I hope that it can also be run as an "Agent" as I already have an OSSEC Server on my system.
-
@BBcan17:
@Sickcero:
@BBcan17:
I believe they are working on having an OSSEC Server installation. I hope that it can also be run as an "Agent" as I already have an OSSEC Server on my system.
Nice! I would assume that we would have agent functions by themselves if we should so chose, I would hope so anyway! :) Im in the same boat as you, I already have a server and just need to be able to integrate my pf boxes with agent functionality.
-
enhance squid/ lusca package that would auto propagate based on the PC's profile so we dont have to manually set things but just to make some edition.
also with snort, if its ok that onese installed it auto propagate or auto config to a standard based on the PC capacity.
-
I'm currently working on an alternative to squid/dansguardian/squidguard that uses a commercial categorization engine.
In about 2 weeks time we will be looking for a few beta testers of this package.
Features will include:
- node.js based http proxy/dns filter
- Commercial based categorization engine
- HTTP filtering based on categories
- DNS filtering based on categories
- AD integration
- Fully customizable block/login/tos pages
We will be looking for feedback and bug reporting.
If you would be interested in participating in this test, please let me know.
Thanks,
James -
Hi,
i didnt read the full list with 30 pages but back to last year. My wish is a simple update of the actual squid package to 3.4.x - whould nice to use an actual one ;) -
Notice the multi-master database, mariadb / galera has a little state-saving daemon, garbd, which is a 'member' of a cluster but doesn't save any data. It serves only to keep track of which other 'real' members were up and when. The purpose is to prevent 'split brain' events from happening, as one 'real' database instance and one 'garbd' instance is enough, while one database instance alone shuts down for fear of 'split brain' corruption.
If pfsense supported garbd only, then real failover and a multi-master database with only two other systems is possible. And, with pfsync, multiple garbd instances provide better assurances. It's a natural, really, for pfsense.
-
The CRON gui should be split into two sections, one which is maintained on the specific machine, and another which is automatically synced via the usual pfsync/HA option.
Presently it's a bit of a pain to remember to manually update some, but not all, cron entries on backup pf boxes.
-
The "Filer" package should have an option so that the given command can be run after any change to config.xml.
If you want to stay entirely 'pure' within the xml, (avoid ugly hacks), the only way to do this is create a cron job that looks for changes and then runs a list of commands.
-
The "Filer" package should have an option so that the given command can be run after any change to config.xml.
I do not recommend filer to edit files that pfsense does after any change.
-
Would really love an implementation of either of the following
- Freenas
- Bacula Server
- Simple FTP server for file storage
- Samba (with UI)
Most of the above are already available in some adhoc way on pfsense (except bacula server and Freenas) , but really appreciate a UI based installation and management.
thanks
-
I'd love to have privoxy available on PfSense.
-
ntop-ng! I really wish I knew how to package stuff for pfsense or I'd do it myself…. I mean, is there a guide anywhere?
-
Hi,
i didnt read the full list with 30 pages but back to last year. My wish is a simple update of the actual squid package to 3.4.x - whould nice to use an actual one ;)It's not ported yet to freebsd ports
http://www.freebsd.org/cgi/ports.cgi?query=squid3&stype=all&sektion=all
-
More certificate management; in particular:
The ability to use a pfSense Certificate Manager CA certificate to sign CSR's (Certificate Signing Requests). I've got some internal devices that I'd like to use my normal internal CA (generated on pfSense) to sign.
-
OCSinventory-agent
-
1. Postfix Forwarder update to 2.11.1 with postscreen_dnsbl_whitelist_threshold enabled, so we can finaly make use of postscreens greylisting feature.
- A new postscreen_dnsbl_whitelist_threshold feature to allow
clients to skip postscreen tests based on their DNSBL score.
This can eliminate email delays due to "after 220 greeting"
protocol tests, which otherwise require that a client reconnects
before it can deliver mail. Some providers such as Google don't
retry from the same IP address, and that can result in large
email delivery delays.
http://permalink.gmane.org/gmane.mail.postfix.announce/146
http://svnweb.freebsd.org/ports/head/mail/postfix/
2. Postfix secure SMTP should use pfSense certs
# pfSense Postfix Forwarder TLS smtpd_use_tls = yes smtpd_tls_security_level = may smtpd_tls_auth_only = yes smtpd_tls_key_file = /usr/pbi/postfix-amd64/etc/ssl/server.key smtpd_tls_cert_file = /usr/pbi/postfix-amd64/etc/ssl/server.crt smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandomso we don't need to use custom main.cf options and generate the certs via command line.
220-mailserver.tld ESMTP smtprelay service ready.
220 mailserver.tld ESMTP smtprelay service ready. [285 ms]
EHLO MXTB-PWS3.mxtoolbox.com
250-mailserver.tld
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN [749 ms]
MAIL FROM: supertool@mxtoolbox.com250 2.1.0 Ok [749 ms]
RCPT TO: test@example.com554 5.7.1 test@example.com: Relay access denied [749 ms]/test@example.com/test@example.com/supertool@mxtoolbox.comhttps://forum.pfsense.org/index.php?topic=70046.msg382794#msg382794
3. squid3-dev amd64 with working Clamav anti-virus integration using c-icap
https://forum.pfsense.org/index.php?topic=73921.0
I know that marcelloc does not have the time and resource to fix this problem atm, but we could collect some money and call a bounty, so we can hire him or someone who can fix this. A lot of people struggling with squid and dansguardiann anti-virus on amd64 systems, so there is a high demand fixing this.
Thanks for your attention.
- A new postscreen_dnsbl_whitelist_threshold feature to allow
-
gnupg
-
I'm currently working on an alternative to squid/dansguardian/squidguard that uses a commercial categorization engine.
In about 2 weeks time we will be looking for a few beta testers of this package.
Features will include:
- node.js based http proxy/dns filter
- Commercial based categorization engine
- HTTP filtering based on categories
- DNS filtering based on categories
- AD integration
- Fully customizable block/login/tos pages
We will be looking for feedback and bug reporting.
If you would be interested in participating in this test, please let me know.
Thanks,
JamesThe demo of this is ready, if anyone is interested in testing it out let me know.
Thanks,
-
This could be good, we can do some testing for you.
