Packages wishlist?
-
http://update-accelerator.advproxy.net/
This looks fantastic and would be an awesome add-on for saving bandwidth. It caches updates from:
* Adobe
* Apple
* Avast
* Linux (.deb and .rpm)
* Microsoft
* Symantec
* Trend Micro
and you can add custom download sites too.It's been written specifically for IPCop - so I have no idea how hard it would be to "port".
From the Site:
The Update Accelerator caches files from update sites automatically at the first request. All subsequent downloads of these files from other clients will be processed with LAN speed.Even though the standard Web Proxy cache does almost the same job, there are important differences between the Web Proxy cache and the Update Accelerator cache.
For example, it would be difficult to store, reliably, a Service Pack with a size of about 300MB in the Web Proxy cache. Unlike a Web Proxy with its internal cache and uncontrollable results, the Update Accelerator works rather in a similar way to a File Server - dead reliable and independent of any Proxy cache size or replacement strategy.
With the right settings, Squid will happily cache updates, including service packs, as long as you have the proper directives in the config.
I have it caching updates for my repair bench and it does a great job. It does the adobe updates without any special config, too.
http://doc.pfsense.org/index.php/Squid_Package_Tuning#Caching_Windows_Updates
-
Hi I'm using nagios & nrpe a lot, so many thanks for added nrpe package!
..but it would be great to change/add a few things:
-
I need be able to add some custom commands to nrpe.cfg via GUI, at this moment I have to manually place them in /usr/local/pkg/nrpe2.xml
(not sure if it is possible to do in other way at this moment) -
would be great include test for "warning" and "critical" command parameters in /usr/local/pkg/nrpe2.inc . At this moment after configuration via GUI I have in nrpe.cfg :
command[check_myhost_ssh]=/usr/local/libexec/nagios/check_ssh -w -c -t 20 -H my.host.net
and as a result:
/usr/lib/nagios/plugins/check_nrpe -n -H 192.168.55.11 -p 5666 -c check_myhost_ssh
Usage:check_ssh [-46] [-t <timeout>] [-r <remote version="">] [-p <port>] <host>I think something like next would be good:
diff /usr/local/pkg/nrpe2.inc.orig /usr/local/pkg/nrpe2.inc
147c147,151
< $cmds[] = "command[{$cmd['name']}]=/usr/local/libexec/nagios/{$cmd['command']} -w {$cmd['warning']} -c {$cmd['critical']} {$cmd['extra']}\n";
–-if (isset($cmd['warning'])) {
$cmds[] = "command[{$cmd['name']}]=/usr/local/libexec/nagios/{$cmd['command']} -w {$cmd['warning']} -c {$cmd['critical']} {$cmd['extra']}\n";
} else {
$cmds[] = "command[{$cmd['name']}]=/usr/local/libexec/nagios/{$cmd['command']} {$cmd['extra']}\n";
}
188c192- also there is still a bug in the nagios-plugins-1.4.13,1 which would be great resolve :
/usr/local/libexec/nagios/check_procs -w 5 -c 10 -s Z
/libexec/ld-elf.so.1: /lib/libc.so.7: version FBSD_1.1 required by /usr/local/libexec/nagios/check_procs not found (and this is a bit annoying …)
(this is the only plugin which requires FBSD_1.1, all other are ok with FBSD_1.0)
Many thanks in advance</host></port></remote></timeout>
-
-
Dansguardian! If Comixwall (an OpenBSD based firewall) was able to use this I see no reason why pfSense can't . IMSpector for SMTP to monitor rogue employees leaking out confidential information would be a welcome addition.
-
DNS Blacklist package, OpenDNS and SquidGuard can all block domains like DANS guardian can.
-
Yes, combination of those certainly can but it's not as flexible as Dansguardian. A lot of guys are clamoring for it to be included, If others were able to include it so could we.
-
OSPF/bgp package support (see www.qugga.net) it's OSPF/BGP package support . Package for solaris, redhat and linux platform exist none Freebsd package at this moment. But source available, and BGP works fine (not like openBGP ;-) sorry..;-))
-
hi
my pfsense has squid as a transparent proxy and I want use DNS black list can it work??? -
I would really like to have a package to implement AODV in PFsense. We operate a wireless network in which we have clusters of nodes which utilize AODV routing. These clusters are themselves linked together by transparent bridges (with STP for redundancy) to a core network. As our network grows the bridged network is becoming to large and needs to be replaced by a routed network. Since I am already using AODV to route traffic through large portions of my network I would like unify the network using PFsense and AODV. I would like to get some feedback as to how feasible and/or difficult this might be before I post in the bounty section.
-
I'd like to see a change in the GUI to display rules.
I think it is useful to allow users to create groups of rules and give them the opportunity to change the view of these groups as desired.
I thought that in these groups is easier to see where the rules are frequent repetitions of IP, ports, etc.
I would like to enable/disable multiple rules with a single click.
I'd like to take individual rules or rule groups and move them before/after to other rules directly with the mouse like the dashboard.
-
Zanotti,
There are already interface groups and floating rules in 2.0 which cover some of that behavior, plus you can use aliases (which exist in 1.2.x) for frequently used hosts/networks/ports.
Letting you drag rules around might sound nice, but in practice it would be very easy to accidentally make unintended changes.
-
I have seen small notes about 3G on this forum, but could not find anything involving pfSense talking SMS.
At the moment I'm struggling with a SoHo router capable of using 3G as internet connection. This specific router DOVADO
is capable of giving status and do some basic manouvers on command over SMS. Wouldn't this be a nice package to pfSense?There could be all sorts of services like
- WAN <x>is down
- WAN <x>is up, IP:xxx.xxx.xxx.xxx
- <interface>has been down for x minutes
- WARNING firewall is experiencing attack x on <interface>- command "RESET <interface>"
- command "DOWN <interface>"
- command "UP <interface>"
- command "REBOOT"
The DOVADO is allso capable of managing TelStick, but that is an aditional functionality, nice but not as sweet.</interface></interface></interface></interface></interface></x></x>
-
Virtual Gateways would be great if it could be added. I have several PPPOE connections going form one modem so one gateway and now I have to run 4 instances of Pfsense in a VM so I can chnage the gateway for each for load balancing.
-
Another package, well more so a feature, would be that if my main server for some reason went down that the port forwarding would auto switch to a backup server. That would be awesome…
-
OpenVAS Scanner/Server:
http://www.openvas.org/
The firewall seems to be positioned where scanning would be easiest:
1. pf Rules wouldn't factor.
2. The state table wouldn't overload (I think…) -
FreeRADIUS 2.18
An update to freeradius would be nice.
http://www.freebsd.org/cgi/cvsweb.cgi/ports/net/freeradius2/
-
Definately AODV/AODV routing… :)
-
Show system information like temperature,fans e.d.
-
System information like temp is in the phpinfo package
-
I would like to be able to install Ubiquity's Air Control software. Air Control runs on a web server and allows you a way to monitor and control various ubiquity CPE and access points. I am sure that there are many WISPS using Pfsense and Ubiquity is quickly becoming a leader in low cost wireless. Air Control requires Java and Tomcat. It looks like it can be installed on free BSD but it is somewhat out of my realm of expertise.
Please let me know if I should post in another group.
-
I'd like something like imspector but that would really work or something simple to block IM and webmessengers