Packages wishlist?
-
It is coming soon as a part of Suricata to enable JSON logging to ELK. Have not finalized how to actually implement it, though. Could be a better move to make it an independent package that other packages could utilize when it is detected.
Bill
I am very excited about this feature also. Being able to visualize Suricata in ELK will be AWESOME! Wish I had more knowledge so I could help…
Dan
-
It is coming soon as a part of Suricata to enable JSON logging to ELK. Have not finalized how to actually implement it, though. Could be a better move to make it an independent package that other packages could utilize when it is detected.
Bill
I am very excited about this feature also. Being able to visualize Suricata in ELK will be AWESOME! Wish I had more knowledge so I could help…
Dan
I am working now on a logstash-forwarder package for pfSense. I decided to make it a standalone package that can siphon logs from anything configured to log on the pfsense firewall. Realize, though, that logstash-forwarder is just that: a forwarder daemon. It won't have any pretty charts on pfSense. It will simply collect logs and ship them off via a SSL connection to a designated Logstash host someplace. You will still need to provide your own host and of course client for viewing the pretty charts and data in the ELK combo.
There will be a simple GUI for configuring the forwarder on pfSense, but it will just be for importing SSL keys and selecting which logs to forward.
Bill
-
I am working now on a logstash-forwarder package for pfSense. I decided to make it a standalone package that can siphon logs from anything configured to log on the pfsense firewall. Realize, though, that logstash-forwarder is just that: a forwarder daemon. It won't have any pretty charts on pfSense. It will simply collect logs and ship them off via a SSL connection to a designated Logstash host someplace. You will still need to provide your own host and of course client for viewing the pretty charts and data in the ELK combo.
There will be a simple GUI for configuring the forwarder on pfSense, but it will just be for importing SSL keys and selecting which logs to forward.
Bill
Thanks for working on this!
It would be great. If you need any help testing let me know. I have a fully functioning ELK environment with lumberjack ready to go.
I have a current setup to move the Suricata eve.json file over through some scripts but logstash-forwarder is definitely the way to go.
Dan
-
My wishlist. simple package for installing DNSCrypt on pfsense.
-
@KOM:
Smokeping
Manual instalation steps for smokeping https://forum.pfsense.org/index.php?topic=87757.msg482632#msg482632
-
Zabbix24-proxy
-
What is it?
sslh accepts connections on specified ports, and forwards them further based on tests performed on the first data packet sent by the remote client.Probes for HTTP, SSL, SSH, OpenVPN, tinc, XMPP are implemented, and any other protocol that can be tested using a regular expression, can be recognised. A typical use case is to allow serving several services on port 443 (e.g. to connect to ssh from inside a corporate firewall, which almost never block port 443) while still serving HTTPS on that port.
Hence sslh acts as a protocol demultiplexer, or a switchboard. Its name comes from its original function to serve SSH and HTTPS on the same port.
sslh supports IPv6, privilege dropping, transparent proxying, and more.
sslh has been packaged for Debian, Gentoo, FreeBSD and many other operating systems…
-
Custom email notification upon system log match would be a great addition.
-
An updated and working Asterisk package.
-
Squid 3.5
-
http://squidanalyzer.darold.net/
great tool for seeing Squid hits misses with percents when you hover over them
I did manual install and it works great
https://forum.pfsense.org/index.php?topic=87982.new;topicseen#new
-
Squid 3.5
https://www.freebsd.org/cgi/ports.cgi?query=squid&stype=all
We'll have to wait until the FreeBSD Port is updated first. Currently its at squid-3.4.11
squid-3.4.11
HTTP Caching Proxy
Long description : Changes
Maintained by: ports@FreeBSD.org
Also listed in: ipv6
Requires: perl5-5.18.4_11 -
I'd also like to see a dnscrypt package.
-
SMS Server Tools 3
for having snort and other alarms over SMS to the smartphone or tablet would be great! -
A package I would most like to see is one where you can get user reports from captive portal. The current ones (I have tried so far) lack that capability. Have looked extensively found many suggestions but none leading to success as yet, still working on it though.
Jabo
-
an updated hvap package for 2.2.2 that works without difficult reconfiguration
-
A package for only blocking facebook.
-
For the internal UPS series from Bicker are management software available that is also running under FreeBSD. So this would be cool to see as a package for pfSense.
The software is named UPSilon 2000 and is matching to the entire series as I see it right, and over this
management software it is able to sut down the pfSense firewall at a electric break or cut from the electricity supplier. Here is another link to the hardware:
- IUPS-401 - 400 VA 5,25" -
A package for only blocking facebook.
You can do this with pfBlockerNG and the following list:
http://bgp.he.net/AS32934#_prefixes
or
http://bgp.he.net/search?search%5Bsearch%5D=facebook&commit=Search
If you don't want to install pfBlockerNG, you can build your own list from this:
whois -h whois.radb.net '!gAS32934'
-
E2guardian ;D ;D ;D
cant wait :D :D
