Netgate SG-1000 microFirewall

Author Topic: Packages wishlist?  (Read 276559 times)

0 Members and 1 Guest are viewing this topic.

Offline hornetx11

  • Jr. Member
  • **
  • Posts: 68
  • Karma: +1/-0
  • Geburtstag: Ich lass mich nicht mehr Schätzen:-)
    • View Profile
Re: Packages wishlist?
« Reply #570 on: September 30, 2016, 12:07:19 pm »
// Nur die paranoiden überleben
(Andrew Grove (1936 - 2016), Intel)//

Online biggsy

  • Hero Member
  • *****
  • Posts: 646
  • Karma: +16/-0
    • View Profile
Re: Packages wishlist?
« Reply #571 on: October 03, 2016, 04:42:36 am »
An updated postfix package isn't going to happen.  That was announced on GitHub.

What I resorted to was creating a new FreeBSD VM and installing postfix on that - as suggested in the postfix thread. 

When that was working I put fail2ban on there as well.  I'd often thought about using those two together.  fail2ban updated a local pf table to block the spammers but I wasn't happy with the spammers getting past pfSense to the postfix/fail2ban server.

Then I found that I could have fail2ban call OpenBGPD to update an alias table on pfSense.  A feedback loop.  Who knows why the authors of OpenBGPD put that feature in but I'm sure glad they did.

In the end it's a better solution than postfix on pfSense but it was far from a trivial exercise for me  ;)

Offline borkov

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #572 on: October 29, 2016, 09:42:02 pm »
Would love to have DNSCrypt.

Thanks!!!!!

Offline allxi

  • Newbie
  • *
  • Posts: 11
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #573 on: November 22, 2016, 03:17:47 am »

Offline robertfranz

  • Jr. Member
  • **
  • Posts: 35
  • Karma: +1/-6
    • View Profile
Re: Packages wishlist?
« Reply #574 on: November 25, 2016, 04:21:51 pm »
Filebeat - https://www.elastic.co/products/beats/filebeat.

Anyone working on this?

I though at one time that I wanted this too.

Just now getting back to working on my Elk stack, and I'm not really sure what it would do for us that syslog-ng won't do already, as syslog-ng answers the issues of udp transport by offering tcp.

We still have to parse the log entries to put them into a form we find useful.

Was there some other factor I'm now forgetting?

Offline chrcoluk

  • Sr. Member
  • ****
  • Posts: 394
  • Karma: +20/-50
    • View Profile
Re: Packages wishlist?
« Reply #575 on: December 03, 2016, 05:13:23 pm »
nano
dnscrypt-proxy
rsync
some kind of web server as I need to redirect ad/tracking/malware links to a local png file.

I have decided to make these packages myself, although I am fluent with FreeBSD I need to learn the pfsense specifics in converting these to acceptable pfsense packages so bear with me.  I am also adding bash to the list.
« Last Edit: December 05, 2016, 02:40:08 am by chrcoluk »
pfSense 2.4
Qotom Q355G4 or Braswell N3150 with Jetway mini pcie 2x intel i350 lan - 4 gig Kingston 1333 C11 DDR3L
 - 60 gig kingston ssdnow ssd - ISP Sky UK

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 21486
  • Karma: +1456/-26
    • View Profile
Re: Packages wishlist?
« Reply #576 on: December 06, 2016, 01:48:10 pm »
nano
rsync

These are already in the repository and do not require anything in the pfSense GUI. Just run "pkg install nano" for example and you can get them now.

some kind of web server as I need to redirect ad/tracking/malware links to a local png file.

You can run additional instances of nginx by hand with your own custom config files, no need to pull in another web server package.
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline chrcoluk

  • Sr. Member
  • ****
  • Posts: 394
  • Karma: +20/-50
    • View Profile
Re: Packages wishlist?
« Reply #577 on: December 06, 2016, 01:52:31 pm »
this is interesting as they not listed on the packages page, is there a way to list whats in the cli repository?
pfSense 2.4
Qotom Q355G4 or Braswell N3150 with Jetway mini pcie 2x intel i350 lan - 4 gig Kingston 1333 C11 DDR3L
 - 60 gig kingston ssdnow ssd - ISP Sky UK

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 21486
  • Karma: +1456/-26
    • View Profile
Re: Packages wishlist?
« Reply #578 on: December 06, 2016, 01:57:45 pm »
You can use "pkg search x" where "x" is a substring of what you want to find:

Code: [Select]
: pkg search nano
nano-2.7.0                     Nano's ANOther editor, an enhanced free Pico clone
: pkg search rsync
rsync-3.1.2_5                  Network file distribution/synchronization utility
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline averythomas

  • Newbie
  • *
  • Posts: 7
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #579 on: December 13, 2016, 03:40:57 pm »
A package that tracks ad domains and replaces ad pictures with cats. Like this but integrated into pfsense: http://www.makeuseof.com/tag/how-to-make-a-wifi-network-that-only-transmits-cat-pictures-with-a-raspberry-pi/

Offline jc2it

  • Jr. Member
  • **
  • Posts: 28
  • Karma: +1/-0
    • View Profile
Re: Packages wishlist?
« Reply #580 on: January 23, 2017, 12:25:09 pm »
yara seems like a good idea for malware detection and may be a good fit for pfSense.

http://virustotal.github.io/yara/

Offline yodaphone

  • Jr. Member
  • **
  • Posts: 65
  • Karma: +2/-0
    • View Profile
Re: Packages wishlist?
« Reply #581 on: January 27, 2017, 10:42:50 pm »
A package that tracks ad domains and replaces ad pictures with cats. Like this but integrated into pfsense: http://www.makeuseof.com/tag/how-to-make-a-wifi-network-that-only-transmits-cat-pictures-with-a-raspberry-pi/

doesnt pfBlockerNG + Squid can already do this in pfsense.? not replace with Cats though

Offline anompi

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #582 on: February 03, 2017, 08:44:49 am »
In pfSens to be able to see and delete packages using the webinterface, without the need to have an interne connection.

I use pfSense in a private cloud en was used to add all possible needed packages in the pfSense template. Then after installation I remove the packages which are not needed. This wordked perfect in the 2.2.x release.

But in the 2.3 release this is not possible anymore. Even worse, after manual removeing the package from the config.xml, after the reboot it keeps me asking that all packages must be reinstalled, and fails because the is (on purpose) no internet package source available.

The deployed pfsense will never show its dashboard again. (I just don't have internet available here).


So what do I wish:  remove the absolute need to have an interne connection just to show and delete installed packages.



Is there a manual available how to create my own pfSense and pfsense package repository for pfSense 2.3? 


Thanks in advance!

Offline dvl

  • Jr. Member
  • **
  • Posts: 34
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #583 on: February 03, 2017, 02:12:58 pm »
bacula-client so I can back up my configuration

We once had it.

Now I install this from my own poudriere repo.

I still have to do this after every reboot:

mkdir /var/db/bacula
service bacula-client onestart

But at least now I have backups.

Offline yodaphone

  • Jr. Member
  • **
  • Posts: 65
  • Karma: +2/-0
    • View Profile
Re: Packages wishlist?
« Reply #584 on: February 06, 2017, 12:57:04 pm »
How about Wireguard.

https://www.wireguard.io/

WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPSec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Initially released for the Linux kernel, it plans to be cross-platform and widely deployable. It is currently under heavy development, but already it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry.

Looks very interesting & worth a look. attaching some perf. charts from their website