Packages wishlist?
-
How about Wireguard.
https://www.wireguard.io/
WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPSec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Initially released for the Linux kernel, it plans to be cross-platform and widely deployable. It is currently under heavy development, but already it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry.
Looks very interesting & worth a look. attaching some perf. charts from their website
-
Another vote for Filebeat.
Need it to ship the Snort log file to my ELK machine..
-
Is there anyway to bring back MailScanner for 2.3.*?
-
These packages are already available in FreeBSD,so there shouldn't be too much trouble porting into pfSense. Any work helping to create a free Internet will be much appreciated.
1. shadowsocks-libev ,under GNU General Public License
IntroShadowsocks-libev is a lightweight secured SOCKS5 proxy for embedded devices and low-end boxes.
It is a port of Shadowsocks created by @clowwindy, and maintained by @madeye and @linusyang.
Current version: 3.0.2 | Changelog2. kcptun ,under MIT License
Shadowsocks provides proxy,and Kcptun deals with packet loss.Ipset will also be needed to specify if a certain domain should go proxy or connect directly.The DNS query should go proxy as well to anti DNS pollution.
-
Would love to have DNSCrypt.
Thanks!!!!!
would really like to see this as a package in pfsense, as well.
-
@tdhuck:
Would love to have DNSCrypt.
Thanks!!!!!
would really like to see this as a package in pfsense, as well.
according to documentation, the native unbound dns service used on pfSense can be complied with DNSCrypt
https://dnscrypt.org/#dnscrypt-server
Running your own DNSCrypt server . . . unbound, a validating, recursive, and caching DNS resolver, can also act as a DNSCrypt server when compiled with --enable-dnscrypt. Refer to DNSCrypt Options section in unbound.conf(5) for configuration options. Deployment
-
@tdhuck:
Would love to have DNSCrypt.
Thanks!!!!!
would really like to see this as a package in pfsense, as well.
according to documentation, the native unbound dns service used on pfSense can be complied with DNSCrypt
https://dnscrypt.org/#dnscrypt-server
Running your own DNSCrypt server . . . unbound, a validating, recursive, and caching DNS resolver, can also act as a DNSCrypt server when compiled with --enable-dnscrypt. Refer to DNSCrypt Options section in unbound.conf(5) for configuration options. Deployment
i was looking for a package that could be enabled in the GUI, i have no idea how to implement using the instructions you posted (i found that information, yesterday, while looking at their site).
thank you for sharing.
-
@tdhuck:
I was looking for a package that could be enabled in the GUI, i have no idea how to implement using the instructions you posted (i found that information, yesterday, while looking at their site).
thank you for sharing.
The first step is to compile and create unbound package with this feature on a Freebsd 10.3 to replace on you pfSense 2.3.3 testing machine.
If the works, the next steps are findind the best way to run it(as a proxy + sever, just a proxy, just a server, etc…) and then create gui files that configure these extra steps, blacklist downloads, acls, etc....
not that easy but not impossible too.
EDIT: looks like de unbound source does not have the dnscrypt embedded but the wrapper looks like 'simple' to include
https://github.com/Cofyc/dnscrypt-wrapper/ -
Hi,
as for arpwatch, is it just a matter of converting current HTML/CSS to Boostrap?
cheers
-
Would love to have DNSCrypt.
Thanks!!!!!
+1 for DNScrypt as an installable under the GUI package manager with a services tab and entry on the services monitoring dashboard window.
-
The Xymon client would be nice for monitoring of pfsense. I see posts going back 5 years on the forums but no "official package" has ever been added.
I went looking today, and I see zabbix is now in the packages, but still no xymon :'(
-
Something along the lines of smokeping for ISP quality monitoring.
-
Something along the lines of smokeping for ISP quality monitoring.
The Quality Graph, which offers much the same information as smoke ping, can be found in Status / Monitoring.
-
Something along the lines of smokeping for ISP quality monitoring.
The Quality Graph, which offers much the same information as smoke ping, can be found in Status / Monitoring.
Huh, I never realized it could be configured. I thought it was just for CPU.
Still, I like to monitor specific IP addresses such as my ISP gateway and VPN targets and compare to generic websites to find problems early.
-
Hello everyone, is there an opportunity to install package Virtual Box ? With web management as implemented in Nas4free. In the photo example of management virtual box on Nas4free
-
Virtual Box
No.
This is your firewall, not a hypervisor.
However, you can install a virtual pfSense on a hypervisor. -
@hongkonger:
Would really love an implementation of either of the following
- Freenas
- Bacula Server
- Simple FTP server for file storage
- Samba (with UI)
Most of the above are already available in some adhoc way on pfsense (except bacula server and Freenas) , but really appreciate a UI based installation and management.
thanks
I second this. A FTP Server and Samba in particular. If a store bought consumer router can do it, why not pfsense? Surely it can do it better, more secure, and faster. :)
-
If a store bought consumer router can do it, why not pfsense?
Maybe because pfSense is a more serious contender in the firewall business and not one of the flaky consumer routers you better throw as far as your aching back lets you?
-
If a store bought consumer router can do it, why not pfsense?
Maybe because pfSense is a more serious contender in the firewall business and not one of the flaky consumer routers you better throw as far as your aching back lets you?
http://thehackernews.com/2017/05/samba-rce-exploit.html
https://lists.samba.org/archive/samba-announce/2017/000406.html
https://www.shodan.io/report/FoqqpNmw -
If a store bought consumer router can do it, why not pfsense?
Maybe because pfSense is a more serious contender in the firewall business and not one of the flaky consumer routers you better throw as far as your aching back lets you?
Really? it's been a stellar firewall so far. it will more than happily block things but I have to fight it to allow things. can't even forward port 80 that worked fine on the tp-link it replaced and also worked on a VM behind the main pfsense router. the data usage stats are practically useless without an added package. So far, ddwrt worked better and wasn't so annoying. I might enjoy pfsense more if it wasn't so featureless. All I'm asking is a couple programs to make it a bit more useful on the LAN side. Also, is it too much to ask for some critical software patches around here? I've got 4 vulnerable packages in 2.3.3 and my only hope is to wait for 2.4. whenever that'll be released. >.>
http://thehackernews.com/2017/05/samba-rce-exploit.html
https://lists.samba.org/archive/samba-announce/2017/000406.html
https://www.shodan.io/report/FoqqpNmwI'm aware of that. I'm not dumb enough to put samba or ftp on the wan. I just want it for the lan.