Packages wishlist?
-
Samba.
-
Oauth2 proxy for Captive Portal:
A reverse proxy that provides authentication with Google, Github or other provider
https://github.com/bitly/oauth2_proxy
+1
-
-
An updated postfix package isn't going to happen. That was announced on GitHub.
What I resorted to was creating a new FreeBSD VM and installing postfix on that - as suggested in the postfix thread.
When that was working I put fail2ban on there as well. I'd often thought about using those two together. fail2ban updated a local pf table to block the spammers but I wasn't happy with the spammers getting past pfSense to the postfix/fail2ban server.
Then I found that I could have fail2ban call OpenBGPD to update an alias table on pfSense. A feedback loop. Who knows why the authors of OpenBGPD put that feature in but I'm sure glad they did.
In the end it's a better solution than postfix on pfSense but it was far from a trivial exercise for me ;)
-
Would love to have DNSCrypt.
Thanks!!!!!
-
ZoneMinder https://forum.pfsense.org/index.php?topic=111252.msg671442
-
@tdi:
Filebeat - https://www.elastic.co/products/beats/filebeat.
Anyone working on this?
I though at one time that I wanted this too.
Just now getting back to working on my Elk stack, and I'm not really sure what it would do for us that syslog-ng won't do already, as syslog-ng answers the issues of udp transport by offering tcp.
We still have to parse the log entries to put them into a form we find useful.
Was there some other factor I'm now forgetting?
-
nano
dnscrypt-proxy
rsync
some kind of web server as I need to redirect ad/tracking/malware links to a local png file.I have decided to make these packages myself, although I am fluent with FreeBSD I need to learn the pfsense specifics in converting these to acceptable pfsense packages so bear with me. I am also adding bash to the list.
-
nano
rsyncThese are already in the repository and do not require anything in the pfSense GUI. Just run "pkg install nano" for example and you can get them now.
some kind of web server as I need to redirect ad/tracking/malware links to a local png file.
You can run additional instances of nginx by hand with your own custom config files, no need to pull in another web server package.
-
this is interesting as they not listed on the packages page, is there a way to list whats in the cli repository?
-
You can use "pkg search x" where "x" is a substring of what you want to find:
: pkg search nano nano-2.7.0 Nano's ANOther editor, an enhanced free Pico clone : pkg search rsync rsync-3.1.2_5 Network file distribution/synchronization utility
-
A package that tracks ad domains and replaces ad pictures with cats. Like this but integrated into pfsense: http://www.makeuseof.com/tag/how-to-make-a-wifi-network-that-only-transmits-cat-pictures-with-a-raspberry-pi/
-
yara seems like a good idea for malware detection and may be a good fit for pfSense.
-
A package that tracks ad domains and replaces ad pictures with cats. Like this but integrated into pfsense: http://www.makeuseof.com/tag/how-to-make-a-wifi-network-that-only-transmits-cat-pictures-with-a-raspberry-pi/
doesnt pfBlockerNG + Squid can already do this in pfsense.? not replace with Cats though
-
In pfSens to be able to see and delete packages using the webinterface, without the need to have an interne connection.
I use pfSense in a private cloud en was used to add all possible needed packages in the pfSense template. Then after installation I remove the packages which are not needed. This wordked perfect in the 2.2.x release.
But in the 2.3 release this is not possible anymore. Even worse, after manual removeing the package from the config.xml, after the reboot it keeps me asking that all packages must be reinstalled, and fails because the is (on purpose) no internet package source available.
The deployed pfsense will never show its dashboard again. (I just don't have internet available here).
So what do I wish: remove the absolute need to have an interne connection just to show and delete installed packages.
Is there a manual available how to create my own pfSense and pfsense package repository for pfSense 2.3?
Thanks in advance!
-
@dvl:
bacula-client so I can back up my configuration
We once had it.
Now I install this from my own poudriere repo.
I still have to do this after every reboot:
mkdir /var/db/bacula
service bacula-client onestartBut at least now I have backups.
-
How about Wireguard.
https://www.wireguard.io/
WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPSec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Initially released for the Linux kernel, it plans to be cross-platform and widely deployable. It is currently under heavy development, but already it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry.
Looks very interesting & worth a look. attaching some perf. charts from their website
-
Another vote for Filebeat.
Need it to ship the Snort log file to my ELK machine..
-
Is there anyway to bring back MailScanner for 2.3.*?
-
These packages are already available in FreeBSD,so there shouldn't be too much trouble porting into pfSense. Any work helping to create a free Internet will be much appreciated.
1. shadowsocks-libev ,under GNU General Public License
IntroShadowsocks-libev is a lightweight secured SOCKS5 proxy for embedded devices and low-end boxes.
It is a port of Shadowsocks created by @clowwindy, and maintained by @madeye and @linusyang.
Current version: 3.0.2 | Changelog2. kcptun ,under MIT License
Shadowsocks provides proxy,and Kcptun deals with packet loss.Ipset will also be needed to specify if a certain domain should go proxy or connect directly.The DNS query should go proxy as well to anti DNS pollution.