pfSense » pfSense Packages

04/12/2024

08:12 AM Feature #15398 (New): Fusioninventory Agent

This tool already works well through the FreeBSD repo.
Fusioninventory is a collection of small tools to perform i... Iván Viso

08:07 AM Feature #15397 (New): Wazuh Agent

This already works well through the FreeBSD repo.
Wazuh is a free and open source platform used for threat prevent... Iván Viso

04/11/2024

07:01 PM Feature #15375: Update ntopng package

Tested in 24.03 RC -- working as intended. Denny Page

06:39 AM Feature #15394 (New): Azure VNet (VPC) Wizard

Is is there any chance to create/develop Azure VPC (VNet) Wizard, which is similar to the existing AWS VPC Wizard in ... Ákos Kovács

04/10/2024

06:06 PM Feature #15375: Update ntopng package

The package has been tested by a couple of users on 23.09.1, and it works as intended. Denny Page

05:55 PM Feature #15393 (Resolved): Return to the ga version of NUT

With the release of 2.8.2, NUT is again stable. Move from the development version (nut-devel) back to the release ver... Denny Page

12:59 PM Bug #15392 (Rejected): Package Service Watchdog issue during reinstall

The package system has no special knowledge of individual packages and adding that would create a significant amount ... Jim Pingle

01:23 AM Bug #15392 (Rejected): Package Service Watchdog issue during reinstall

Hello fellow pfSense Redmine members,
Can we please migrate the last item to be reinstalled on package reinstall t... Jonathan Lee

04/06/2024

09:20 PM Bug #15385 (Resolved): PHP crash when exporting Apple profile, while IPsec P1 authentication method set to "Mutual Certificate"

Version: 23.09.1-RELEASE (amd64)
Steps to reproduce:
1. Configure the Phase 1 authentication method to "Mutual ... Craig Coonrad

07:38 PM Feature #10865 (Rejected): squidGuard lacks options to send traffic action logs to syslog server

With the deprecation of squid, marking this as Rejected, since this package will be removed in a future release, so i... Kris Phillips

06:52 AM Bug #13409: Copy button for Optional pre-shared key for this tunnel works in HTTPS mode only

I tested the patch against the 24.03 BETA release.
The patch fixes the issue.
It can be merged. Danilo Zrenjanin

04/05/2024

11:09 PM Bug #13810: Squid options obsolete

https://redmine.pfsense.org/issues/15381 Jonathan Lee

11:09 PM Bug #13810: Squid options obsolete

https://github.com/pfsense/FreeBSD-ports/pull/1365 Jonathan Lee

11:09 PM Bug #13810: Squid options obsolete

https://github.com/pfsense/FreeBSD-ports/pull/1366 Jonathan Lee

04/04/2024

06:02 PM Bug #15381: Update deprecated options

Cachemgr.cgi ref:
https://forum.netgate.com/topic/187107/how-to-guide-for-accessing-squid-s-cachemgr-cgi-over-https
... Jonathan Lee

06:00 PM Bug #15381 (Closed): Update deprecated options

Squid runs however lists the following errors in 24.03.b.20240322.1708
{{collapse... Jonathan Lee

03:49 PM Feature #15375 (Feedback): Update ntopng package

PR merged, thanks! Jim Pingle

04/02/2024

06:08 PM Feature #15375: Update ntopng package

Understood. Thank you Denny. Mike Moore

05:55 PM Feature #15375: Update ntopng package

Mike Moore wrote in #note-1:
> "Support the addition of configuration lines outside those directly supported by the ... Denny Page

04:22 PM Feature #15375: Update ntopng package

"Support the addition of configuration lines outside those directly supported by the pfSense ntop package UI. This al... Mike Moore

02:53 AM Feature #15375 (Resolved): Update ntopng package

This is a tracking issue for a significant number of changes to pfSense-pkg-ntopng.
The list of changes to the pac... Denny Page

04/01/2024

11:34 PM Feature #14712: CrowdSec package

I have been testing this for several months now and like it as another layer of security that uses very little resour... Glenn Hall

11:25 PM Bug #15365: pfBlockerNG PHP error when editing a list

I can also confirm this behavior. I corrected it in my setup by editing line 391 of /usr/local/www/pfblockerng/pfbloc... Glenn Hall

10:07 PM Feature #15374: Use of cachemgr.cgi within secure lightsquid access

Of course you can't access it with a GUI login session to light squid, is this something anyone wants to research at ... Jonathan Lee

10:05 PM Feature #15374 (New): Use of cachemgr.cgi within secure lightsquid access

Hello fellow pfSense redline members,
Can we please add Squid's cachemgr.cgi to the lightsquid package.
Please... Jonathan Lee

05:29 PM Bug #15313: Zabbix server 6.4.12 requires Zabbix proxies to be version 6.4.12

Zabbix server 6.4.13 is out now and I have confirmed that it works correctly with older proxies, including 6.4.1 that... Andrew Almond

08:47 AM Feature #8547: fwknop Port Knocking Package

Also upvote.
Because *bruteforcing by thousands of IoT devices* (fridges, smart bulbs, smart locks, smart tvs, Al... Sergei Shablovsky

03/31/2024

06:59 AM Bug #15131: OpenVPN client export issues with iPhone and IPV6 connections

https://forum.netgate.com/topic/185475/new-bogon-hitting-the-openvpn-port-1194 Jonathan Lee

06:59 AM Bug #15131: OpenVPN client export issues with iPhone and IPV6 connections

Unrelated but if you’re not logging and locking down your VPN use make sure you do. Jonathan Lee

06:53 AM Bug #15131: OpenVPN client export issues with iPhone and IPV6 connections

remote f.q.d.n 1194 udp4
to
remote f.q.d.n 1194 udp
I am opening a redmine for this as the iPhone uses ipv6 an... Jonathan Lee

06:48 AM Bug #15131: OpenVPN client export issues with iPhone and IPV6 connections

My original test was from a cellphone iOS iPhone SE latest SE from cell network remote connection to DSL IPv4 only IS... Jonathan Lee

04:00 AM Bug #12907: PIMD: Nonexistent interfaces should be hidden/disabled in pimd.conf before bringing up the service

0.0.3_6 pimd on 24.03 beta seems to function correctly with regards to bindings and interface selection and the statu... Jordan G

03/30/2024

11:32 PM Bug #15131: OpenVPN client export issues with iPhone and IPV6 connections

Just tested a config with udp4 in the remote host line on OpenVPN Connect on Android. The config imported just fine.... Kris Phillips

11:31 PM Bug #15131: OpenVPN client export issues with iPhone and IPV6 connections

I tested this on 24.03 and am unable to reproduce this. The config file on a new multihome config spits out with udp... Kris Phillips

11:20 PM Bug #15313: Zabbix server 6.4.12 requires Zabbix proxies to be version 6.4.12

Checked on the latest 24.03 BETA builds. This is still on the older version: zabbix64-proxy-6.4.10_1  Kris Phillips

03/29/2024

01:08 AM Feature #14032: Neighbor Discovery Proxy (NDproxy)

Bump! ndproxy has been patched and now builds on FreeBSD 14 - see commit history:
https://www.freshports.org/net/ndp... Firstname Surname

03/28/2024

08:51 AM Bug #15365 (Confirmed): pfBlockerNG PHP error when editing a list

I can confirm this behavior.
!clipboard-202403280951-tqfxp.png!... Danilo Zrenjanin

03/27/2024

09:45 PM Regression #14189: pfBlocker-NG: HA-Sync is not working

Linking in https://forum.netgate.com/topic/179060/pfblockerng-sync-not-working/54 which says in part:
"All you nee... Steve Y

03:47 PM Bug #15365 (Resolved): pfBlockerNG PHP error when editing a list

When editing an IPv4 list item I hit:... Steve Wheeler

03/23/2024

07:55 PM Bug #13654: Wireguard does not fail back failover WAN setup.

Tested/confirmed on 4100 hardware, pfSense Plus 23.09.1.
Dual ISP in gateway group with tier 1/2.
Wireguard traffic... Craig Coonrad

03:42 PM Bug #11614: ACME certificate renewal/creation fails with multiple DNS providers

3 years later and I ran into the same issue and the fix is actually extremely simple.
The logic in the function <c... Sherif Fanous

12:08 AM Todo #15270 (Closed): ENUMER STUN

That feed isn't enabled by default and we don't maintain it. The pfBlockerNG developer includes the ability to one-cl... Chris W

03/22/2024

03:30 PM Todo #15281 (Confirmed): Upgrade Tailscale to 1.6.0

This is not currently available in the 24.03-BETA. We're still on 1.56. Kris Phillips

03/21/2024

06:03 PM Bug #15334 (Resolved): Interface Description not updated properly when add/creating new interface in Snort

PR merged, thanks! Jim Pingle

06:02 PM Bug #15351 (Resolved): Snort does not honor user-specified PHP memory limit setting if user specifies a value greater than 384 MB

PR merged, thanks! Jim Pingle

06:02 PM Bug #15333 (Resolved): Interface Description not updated properly when add/creating new interface in Suricata

PR merged, thanks! Jim Pingle

06:02 PM Bug #15350 (Resolved): Suricata does not honor user-specified PHP memory limit setting if user specifies a value greater than 512 MB

PR merged, thanks! Jim Pingle

06:00 PM Feature #15355 (New): Logging Verbosity Change via patch for miniupnpd

Please see https://forum.netgate.com/post/1158297
For those that wish to ingest miniupnpd (UPNP) firewall and nat ... Jeff Lewis

03/20/2024

07:12 PM Bug #15334: Interface Description not updated properly when add/creating new interface in Snort

A pull request has been submitted against the RELENG_2_7_2 branch of pfSense CE to correct this issue: https://github... Bill Meeks

07:12 PM Bug #15351: Snort does not honor user-specified PHP memory limit setting if user specifies a value greater than 384 MB

A pull request has been submitted against the RELENG_2_7_2 branch of pfSense CE to correct this issue: https://github... Bill Meeks

06:46 PM Bug #15351 (Resolved): Snort does not honor user-specified PHP memory limit setting if user specifies a value greater than 384 MB

Recently pfSense added a new PHP Memory Limit parameter in the *Advanced Settings* tab under the SYSTEM menu. Prior t... Bill Meeks

06:32 PM Bug #15333: Interface Description not updated properly when add/creating new interface in Suricata

A pull request containing the fix for this issue has been posted against the RELENG_2_7_2 pfSense CE branch here: htt... Bill Meeks

06:31 PM Bug #15350: Suricata does not honor user-specified PHP memory limit setting if user specifies a value greater than 512 MB

A pull request containing the fix for this issue has been posted against the RELENG_2_7_2 pfSense CE branch here: htt... Bill Meeks

02:18 PM Bug #15350 (Resolved): Suricata does not honor user-specified PHP memory limit setting if user specifies a value greater than 512 MB

Recently pfSense added a new PHP Memory Limit parameter in the *Advanced Settings* tab under the SYSTEM menu. Prior t... Bill Meeks

03/17/2024

06:21 PM Todo #14073: Shalla block list is offline but still available in pfBlocker

Kris we know what the issue is but how does it get cleaned up?
Seems like something someone internal can push the m... Mike Moore

02:53 AM Todo #14073: Shalla block list is offline but still available in pfBlocker

This still affects 23.09.1 and 24.03's builds of pfBlockerNG as of today. This source should be removed as soon as p... Kris Phillips

02:58 AM Bug #15296: WAN Interface cannot added to ntopng if offline-packet loss

Sergei Shablovsky wrote in #note-1:
> Sergei Shablovsky wrote:
> >
> >
> > But LAN interfaces ALL would be ADDED as... Kris Phillips

03/16/2024

09:43 PM Bug #15333 (Confirmed): Interface Description not updated properly when add/creating new interface in Suricata

Similar behavior as seen with Snort (#15334). Differences are:
- When you change the dropdown selection of an inte... Chris W

05:53 PM Bug #15334 (Confirmed): Interface Description not updated properly when add/creating new interface in Snort

To be clear, what you're looking for is to select any interface in Snort (and Suricata) and have the Description form... Chris W

03/15/2024

03:18 PM Bug #15313: Zabbix server 6.4.12 requires Zabbix proxies to be version 6.4.12

Zabbix has now added a note to the upgrade notes and release notes that warns of the issue with 6.4.12:
https://www.... Andrew Almond

02:52 PM Feature #15340 (New): provide the ability to deactivate actions in Gui

When using the webUI to push changes there are times when i need to deactivate a portion of the config. For example, ... Mike Moore

07:22 AM Bug #14460 (Resolved): PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/pkg/haproxy/haproxy.inc:2158

I am closing this case because it appears to be more of a configuration issue rather than a bug. Danilo Zrenjanin

03/14/2024

09:13 PM Bug #15313 (Confirmed): Zabbix server 6.4.12 requires Zabbix proxies to be version 6.4.12

Chris W

01:35 PM Bug #15100: Tailscale IPv6 Exit Node uses first LAN interface when WAN is set to Only Request Prefix

There is a feature request:
https://redmine.pfsense.org/issues/15177 Danilo Zrenjanin