Packages wishlist?
-
portspoof could be a nice addition
https://github.com/drk1wi/portspoof
-
I wish Snorby would be as a package. I have setup on another machine it is very handy. I don't want to have to run 2 machines to do this. I have enough CPU for both in firewall machine
-
Since Snort is single-threaded, wouldn't it be nice to include a package for suricata (http://suricata-ids.org/) which supports mutli-threaded processing?
Ref: http://workshop.netfilter.org/2013/wiki/images/1/1f/Eric_Leblond_IDS-suricata.pdf
Looks like a great one. I also think the non-proprietary nature would make it a better fit, and with more and more GPU-power, CUDA support could make quite a difference in CPU load and allow for better utilization of existing hardware.
Also, Snort, over the past, seems to have been rather fickle, and quite the resource hog. Anything that's more efficient and less picky or easier to configure would be a good step forward.+1 from me
-
Actually a forum wishlist: make sub-sections for each package under the Packages section.
It's pretty hard to browse all relevant threads relevant to a particular package, it would be easier to have these threads grouped.
That would also make it easier for maintainers to have a quick look if there's activity, and for users to see if a package is alive.- 1 from me too as i was ordering a adtrap wich do not work.
And to ship it back again is like ordering a new
- 1 from me too as i was ordering a adtrap wich do not work.
-
this script may help you undestanding how to install it on freebsd.
Most of this are already done on snort package
https://github.com/shirkdog/snorby-bsd/blob/master/snorbyInstall.sh -
strongSwan!
-
-
Any antivirus solution for squid-dev or installation wayout.
Thanks
-
A bandwidth monitor that allows you to keep track of Data Caps. Kind of like Traffic Accounting in IPCop.
-
I would love a package that could remove spikes from RRD graphs. Cause sometimes when I reboot pfSense I get really high spikes on the graphs that is not normal, and it destroys the whole graph.
Some links about this matter:
https://github.com/mhagander/rrdclean
http://acktomic.com/2007/08/31/removing-spikes-from-rrd-databases/
http://www.serveradminblog.com/2010/11/remove-spikes-from-rrd-graphs-howto/ -
My Whishlist:
Simple "ifdown" package - reboot. (if not able to ping a given host, reboot pfsense)
..or can this be done with cron and a command directly on the box itself ?
-
Why the hell would you want to reboot your pfSense???
-
Why the hell would you want to reboot your pfSense???
Let my just state: that pfsense is unbeatable stable (for the price and functions available) and have been running for months and (would be years..) but my ISP is making "hiccups on the cable" which makes the traffic suddenly stop flowing.. Read more if you like here; http://forum.pfsense.org/index.php/topic,69879.msg381954.html#msg381954
I have 3 Reason:
1. When doing a controlled reboot all data /traffic etc is saved.
2. When my ISP is doing some upgrade/"fixing".. I sometimes reboot the cable modem.. and sometimes I have to reboot pfsense too, to get internet running again.
3. When I'm not home - and internet stoppes working, my system will try to get online again automatically. (and people don't have to start calling me ;-)) -
Why the hell would you want to reboot your pfSense???
Let my just state: that pfsense is unbeatable stable (for the price and functions available) and have been running for months and (would be years..) but my ISP is making "hiccups on the cable" which makes the traffic suddenly stop flowing.. Read more if you like here; http://forum.pfsense.org/index.php/topic,69879.msg381954.html#msg381954
I have 3 Reason:
1. When doing a controlled reboot all data /traffic etc is saved.
2. When my ISP is doing some upgrade/"fixing".. I sometimes reboot the cable modem.. and sometimes I have to reboot pfsense too, to get internet running again.
3. When I'm not home - and internet stoppes working, my system will try to get online again automatically. (and people don't have to start calling me ;-))If not a package, here is a howto: http://forum.pfsense.org/index.php/topic,71335.msg389446.html#msg389446
-
this script may help you undestanding how to install it on freebsd.
Most of this are already done on snort package
https://github.com/shirkdog/snorby-bsd/blob/master/snorbyInstall.shHi Marcello, have you tested this Snorby script on 2.1 Release?
Can you share some screenshots of the interface?
-
I would like to see an OSSEC package. Their website says FreeBSD is suppored. http://www.ossec.net/?page_id=165
I would also like to see pfBlocker updated to include domain blocking on top of the existing IP based lists and the ability to use .csv lists.
and finally pfCenter to monitor and control several pfSense boxes in one application.
-
portspoof could be a nice addition
https://github.com/drk1wi/portspoof
This gets a vote from me. Sounds awesome!
Would really need this.
-
Is there a PhantomJS package for FreeBSD? Found a port at FreeBSD org, but was hoping for a ready to go package.
http://www.freebsd.org/cgi/ports.cgi?query=phantomjs&stype=all
http://svnweb.freebsd.org/ports/head/lang/phantomjs/ -
@BBcan17:
I would like to see an OSSEC package. Their website says FreeBSD is suppored. http://www.ossec.net/?page_id=165
I think an OSSEC Agent package would be a GREAT addition to the lineup. I believe it would be a reletivly easy package to build as it is already BSD compatable and requires very few user inputed settings to have it up and running (< 4 I think). While syslog works well enough for remote log generation an OSSEC Agent would provide a huge number of additional awesome feature that syslog was not ment to include. (log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response - according to their website) But the thing that does it the most for me is the fact that OSSEC is being integrated into many open source SIEM projects, and the inclusion of an OSSEC package would allow pfSense to be even better integrated into a quality SIEM/UTM environment.
A final note, OSSEC is a free and open source product and seems to follow a similar philosophy to the pfTeam and appear to be in it for the long haul.
EDIT: Im using this as a way to practice building a package and hosting a repository, I don't have anything worthwhile yet but if anyone has any suggestions send me a message, dont post here. Thanks!
-
@Sickcero:
@BBcan17:
I would like to see an OSSEC package. Their website says FreeBSD is suppored. http://www.ossec.net/?page_id=165
I think an OSSEC Agent package would be a GREAT addition to the lineup. I believe it would be a reletivly easy package to build as it is already BSD compatable and requires very few user inputed settings to have it up and running (< 4 I think). While syslog works well enough for remote log generation an OSSEC Agent would provide a huge number of additional awesome feature that syslog was not ment to include. (log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response - according to their website) But the thing that does it the most for me is the fact that OSSEC is being integrated into many open source SIEM projects, and the inclusion of an OSSEC package would allow pfSense to be even better integrated into a quality SIEM/UTM environment.
A final note, OSSEC is a free and open source product and seems to follow a similar philosophy to the pfTeam and appear to be in it for the long haul.
EDIT: Im using this as a way to practice building a package and hosting a repository, I don't have anything worthwhile yet but if anyone has any suggestions send me a message, dont post here. Thanks!
I believe they are working on having an OSSEC Server installation. I hope that it can also be run as an "Agent" as I already have an OSSEC Server on my system.