Packages wishlist?
-
Would love to have DNSCrypt.
Thanks!!!!!
-
ZoneMinder https://forum.pfsense.org/index.php?topic=111252.msg671442
-
@tdi:
Filebeat - https://www.elastic.co/products/beats/filebeat.
Anyone working on this?
I though at one time that I wanted this too.
Just now getting back to working on my Elk stack, and I'm not really sure what it would do for us that syslog-ng won't do already, as syslog-ng answers the issues of udp transport by offering tcp.
We still have to parse the log entries to put them into a form we find useful.
Was there some other factor I'm now forgetting?
-
nano
dnscrypt-proxy
rsync
some kind of web server as I need to redirect ad/tracking/malware links to a local png file.I have decided to make these packages myself, although I am fluent with FreeBSD I need to learn the pfsense specifics in converting these to acceptable pfsense packages so bear with me. I am also adding bash to the list.
-
nano
rsyncThese are already in the repository and do not require anything in the pfSense GUI. Just run "pkg install nano" for example and you can get them now.
some kind of web server as I need to redirect ad/tracking/malware links to a local png file.
You can run additional instances of nginx by hand with your own custom config files, no need to pull in another web server package.
-
this is interesting as they not listed on the packages page, is there a way to list whats in the cli repository?
-
You can use "pkg search x" where "x" is a substring of what you want to find:
: pkg search nano nano-2.7.0 Nano's ANOther editor, an enhanced free Pico clone : pkg search rsync rsync-3.1.2_5 Network file distribution/synchronization utility
-
A package that tracks ad domains and replaces ad pictures with cats. Like this but integrated into pfsense: http://www.makeuseof.com/tag/how-to-make-a-wifi-network-that-only-transmits-cat-pictures-with-a-raspberry-pi/
-
yara seems like a good idea for malware detection and may be a good fit for pfSense.
-
A package that tracks ad domains and replaces ad pictures with cats. Like this but integrated into pfsense: http://www.makeuseof.com/tag/how-to-make-a-wifi-network-that-only-transmits-cat-pictures-with-a-raspberry-pi/
doesnt pfBlockerNG + Squid can already do this in pfsense.? not replace with Cats though
-
In pfSens to be able to see and delete packages using the webinterface, without the need to have an interne connection.
I use pfSense in a private cloud en was used to add all possible needed packages in the pfSense template. Then after installation I remove the packages which are not needed. This wordked perfect in the 2.2.x release.
But in the 2.3 release this is not possible anymore. Even worse, after manual removeing the package from the config.xml, after the reboot it keeps me asking that all packages must be reinstalled, and fails because the is (on purpose) no internet package source available.
The deployed pfsense will never show its dashboard again. (I just don't have internet available here).
So what do I wish: remove the absolute need to have an interne connection just to show and delete installed packages.
Is there a manual available how to create my own pfSense and pfsense package repository for pfSense 2.3?
Thanks in advance!
-
@dvl:
bacula-client so I can back up my configuration
We once had it.
Now I install this from my own poudriere repo.
I still have to do this after every reboot:
mkdir /var/db/bacula
service bacula-client onestartBut at least now I have backups.
-
How about Wireguard.
https://www.wireguard.io/
WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPSec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Initially released for the Linux kernel, it plans to be cross-platform and widely deployable. It is currently under heavy development, but already it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry.
Looks very interesting & worth a look. attaching some perf. charts from their website
-
Another vote for Filebeat.
Need it to ship the Snort log file to my ELK machine..
-
Is there anyway to bring back MailScanner for 2.3.*?
-
These packages are already available in FreeBSD,so there shouldn't be too much trouble porting into pfSense. Any work helping to create a free Internet will be much appreciated.
1. shadowsocks-libev ,under GNU General Public License
IntroShadowsocks-libev is a lightweight secured SOCKS5 proxy for embedded devices and low-end boxes.
It is a port of Shadowsocks created by @clowwindy, and maintained by @madeye and @linusyang.
Current version: 3.0.2 | Changelog2. kcptun ,under MIT License
Shadowsocks provides proxy,and Kcptun deals with packet loss.Ipset will also be needed to specify if a certain domain should go proxy or connect directly.The DNS query should go proxy as well to anti DNS pollution.
-
Would love to have DNSCrypt.
Thanks!!!!!
would really like to see this as a package in pfsense, as well.
-
@tdhuck:
Would love to have DNSCrypt.
Thanks!!!!!
would really like to see this as a package in pfsense, as well.
according to documentation, the native unbound dns service used on pfSense can be complied with DNSCrypt
https://dnscrypt.org/#dnscrypt-server
Running your own DNSCrypt server . . . unbound, a validating, recursive, and caching DNS resolver, can also act as a DNSCrypt server when compiled with --enable-dnscrypt. Refer to DNSCrypt Options section in unbound.conf(5) for configuration options. Deployment
-
@tdhuck:
Would love to have DNSCrypt.
Thanks!!!!!
would really like to see this as a package in pfsense, as well.
according to documentation, the native unbound dns service used on pfSense can be complied with DNSCrypt
https://dnscrypt.org/#dnscrypt-server
Running your own DNSCrypt server . . . unbound, a validating, recursive, and caching DNS resolver, can also act as a DNSCrypt server when compiled with --enable-dnscrypt. Refer to DNSCrypt Options section in unbound.conf(5) for configuration options. Deployment
i was looking for a package that could be enabled in the GUI, i have no idea how to implement using the instructions you posted (i found that information, yesterday, while looking at their site).
thank you for sharing.
-
@tdhuck:
I was looking for a package that could be enabled in the GUI, i have no idea how to implement using the instructions you posted (i found that information, yesterday, while looking at their site).
thank you for sharing.
The first step is to compile and create unbound package with this feature on a Freebsd 10.3 to replace on you pfSense 2.3.3 testing machine.
If the works, the next steps are findind the best way to run it(as a proxy + sever, just a proxy, just a server, etc…) and then create gui files that configure these extra steps, blacklist downloads, acls, etc....
not that easy but not impossible too.
EDIT: looks like de unbound source does not have the dnscrypt embedded but the wrapper looks like 'simple' to include
https://github.com/Cofyc/dnscrypt-wrapper/