Packages wishlist?
-
Hi Ermal! I can talk with my bosses about funding. I can't promise anything, I'm just a small Network Engineer :) About the idea, I was just wondering if it's possible to do that Squidguard style. Comparing clients IP and Snort blocklist. If there's a match then redirect to info page. Actually maybe this can be done in Squid or Squidguard or other external process, so the Snort is not part of this. In this case Snort is just offering some information to other processes and they do the rest..
-
openDNS dnscrypt proxy for encryption of dns traffic from pfsense box to opendns servers
-
ndpmon (the IPv6 ARPWatch) should be interesting as PFSense is the router.
http://www.freebsdsoftware.org/net-mgmt/ndpmon.html
http://ndpmon.sourceforge.net/index.php -
SquidClamav - ICAP based antivirus for Squid. The FreeBSD port is present.
It would be better to use the ICAP based antivirus than HAVP (parent proxy). The ICAP integration mode has less limitations (QoS, stats, authentification etc.)
I hope, Squid3 package is compiled with ICAP support ;) -
Some SIP proxy (such as repro or Kamailio) would be nice
Read more: http://www.opentelecoms.org/use-a-sip-proxy-instead-of-asterisk
-
A simple improved logging package, perhaps just a local syslog with a GUI.
I understand the 50 row limitation of the default installation because of the ability to run on a machine with no hard drive. But I would imagine that most installs have some storage available and even a basic 10 year old machine will have a 10GB+ hard disk, plenty to store a reasonable amounts of logs.
I would like to see a simple logging package that can be optionally installed that extends the logs beyond 50 entries (to a user-defined retention period or size) and provides some, even if rudimentary, filtering/sorting features.
Most places I promote using pfSense are in small businesses where an enterprise-class firewall is needed, for multi-WAN or decent VPN capability, but unavailable due to budget constraints. In these cases, there's not much eagerness to buy a separate machine to run a syslog server or add that role to already overburdened servers. I don't think there's any reason why the pfSense machines can't store their own logs if the disk space allows it.
-
Current gui accepts 2000 lines, check config options ;)
-
GNU Gatekeeper for H.323 proxy:
http://www.gnugk.org/h323-proxy.html
Rationale: H.323 remains by far the most popular protocol for video conferencing at companies, but unlike -recent- SIP software, H.323 can't deal with NAT thus requiring a proxy / ALG.
-
I wish that
1. aliases will include mac addresses and the firewall can manipulate mac addresses to deny/block
2. squid will have purge option for the cache and edited some squid related configuration like.. squid.inc :)just a small wish though this christmas season
-
Hi!
it would be great to see what comes with a newer version of a package.
Right now there is either no link at all, or a link to the general forum. Both are mostly not giving out information on what has changed.
So a simple release notes page for each package would be sufficient. It should be easily reachable from the packages lists. That would be great!e.g.
Version 1.2 (release date)
… changes since previous version
Version 1.1 (release date)
... changes since previous version...
Thanks, for all the wonderful work on pfsense!
Max -
If you interested - possible look githum commits history for each package
https://github.com/bsdperimeter/pfsense-packages/tree/master/config -
@NG:
At first many thanks to Ermal and others for great job with Snort package. I have one little wish to help my everyday job. We have pfsense in our network. This time it is securing 5 LAN networks and we have hundreds of users in our networks. Because our company have very tight internet rules we need to Snort our LAN side traffic also and block offenders in LAN networks. Problem is that when snort blocks out a user (or IP-address) there is no information send to user about that. Traffic just ends. Next thing is the user picks up the phone and calls us and reports internet failure. Is there any chance to get a popup window, redirection or at least error page to user that tells reason for blocking? It also would help us to fix problems in rules also. The page should say for example:"You are blocked out: #REASON#". Of cause there should be enable/disable tag and selection for LAN-networks also :)
Something that may be more to what you are looking for and could work in tandem with pfSense is packetfence.
-
If you interested - possible look githum commits history for each package
https://github.com/bsdperimeter/pfsense-packages/tree/master/configThanks! I never knew that existed!!!! I think if more people had that link, a lot of the questions would go away when the package maintainers make a change.
-
can you take a look on
bitmeteros to nicer live traffic monitoring it looks very nice….http://codebox.org.uk/pages/bitmeteros
i hope to see this as package soon :)
greets Pr0vieH
-
can you take a look on
bitmeteros to nicer live traffic monitoring it looks very nice….http://codebox.org.uk/pages/bitmeteros
i hope to see this as package soon :)
Looks interesting but they don't appear to support FreeBSD.
-
Looks interesting but they don't appear to support FreeBSD.
arg sorry i don't see this…
i ask the developer for FreeBSD Support
-
@ITR:
WanAccelerator package
WANproxy, trafficSqueezer, (OpenNOP)
http://wanproxy.org/
http://www.trafficsqueezer.org/
http://www.opennop.org/ (Linux Only?)I would like to have kind of VoIP wan optimizer, seem Traffic Squeezer has ability of..
The idea is can have the server mode and client mode for end -to- end tunnel for Codec g.729 or g.722 or g.726 on SIP or IAX protocol. Since we already have Asterisk package.
The Qos and Packet Sharper seem does not really help if we got bigger concurrent. But if we can squeeze the bandwidth it would really help.
-
It looks like only wanproxy has Freebsd support.
I could compile it, but i'ts not a freebsd port yet and may work better optimizing tcp connections.
-
Hi,
I wish to have a monitoring system to see my logged in users of PPPoE server,also a .bandwidth control and real-time usage graph.I'm using pfsense 2.0.1.Anyone have a package or graph supporting PPPoE server will be greatly useful to me.thanx in ad'vance
-
Adding IP GeoLocation to monitor Pfsense logs would be a very productive addition.
Example using third party software
Setup Guide
http://www.seattleit.net/blog/realtime-pfsense-firewall-attack-logs-in-splunk-google-maps-with-geoip/Open Source IP geolocation
http://www.maxmind.com/en/opensourceSplunk
http://www.splunk.com/view/free-vs-enterprise/SP-CAAAE8W
