pfSense Gold Subscription

Author Topic: Packages wishlist?  (Read 162228 times)

0 Members and 1 Guest are viewing this topic.

Offline buraglio

  • Full Member
  • ***
  • Posts: 150
  • Karma: +0/-0
    • View Profile
    • http://www.buraglio.com/nick/
Re: Packages wishlist?
« Reply #90 on: June 20, 2006, 02:53:46 pm »
Nagios would be a good package


What about something like NRPE (nagios remote plugin executor) and the plugins?  Useful for checking stuff behind the NAT and/or firewall from an external nagios install. 

Would people find these useful?  NRPE and some plugins?  What plugins would be most useful (other than check_ping)

Offline sullrich

  • Hero Member
  • *****
  • Posts: 5110
  • Karma: +3/-0
    • View Profile
    • pfSense
Re: Packages wishlist?
« Reply #91 on: July 11, 2006, 04:43:40 pm »
I'd like to see more package maintainers.   This pie in the sky discussion is great but there is nobody to implement these ideas.

Offline rafael.cardoso

  • Sr. Member
  • ****
  • Posts: 317
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #92 on: July 17, 2006, 01:42:11 pm »
Any idea for SARG (Squid Analysis Report Generator)!
Respect is Everything!

Offline timb0311

  • Jr. Member
  • **
  • Posts: 38
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #93 on: August 01, 2006, 04:48:12 pm »

POUND - REVERSE-PROXY AND LOAD-BALANCER
http://www.apsis.ch/pound/

The Pound program is a reverse proxy, load balancer and HTTPS front-end for Web server(s). Pound was developed to enable distributing the load among several Web-servers and to allow for a convenient SSL wrapper for those Web servers that do not offer it natively. Pound is distributed under the GPL - no warranty, it's free to use, copy and give away.


This would be good for running mutiple web servers with limited IPs or just plain old load balancing for applications.  Can route HTTP request to backend web server based on domain/host name. 


Offline mdepot

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #94 on: August 15, 2006, 09:18:47 am »
My wishlist would be improvements to:

  * Web Proxy Content Filtering
  * Web & Email Anti-Virus Scanning Proxies

Proxy filtering has been tossed around quite a bit, notably with SquidGuard, but looking for a solution that checks based on actual content scanning (as opposed to just list checking).  Something similar to DansGuardian (but with a more open licence) would be great.  And if we're scanning the content anyway, it would be great if virus signature scanning could be done at the same time.

It would also be nice to have a lightweight (relative to sendmail/postfix anyway) SMTP reverse proxy capable of scanning email for junk and virus signatures.  This would be a transparent reverse proxy for SMTP (& SMTPS?), preventing junk mail and virus emails from ever making it to the mail servers inside.  (Check out ASSP and DspamPD if you're looking to get a better idea of the concept.)

Both of these wishlist ideas are not exactly 'lightweight' and may not belong on a box that's *strictly* a firewall, but they do both protect the inside from the outside, and would be a good fit for many smaller orgs without dedicated resources for these.

« Last Edit: August 15, 2006, 09:34:01 am by mdepot »

Offline kferguson

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #95 on: August 18, 2006, 11:02:47 am »
I'd like an interface to allow creation of firewall rules based on GEOIP data.  Many organizations provide services within a limited geographical area, and could live without all the traffic from regions outside those service areas.  I've seen examples of pf implementations, but I'm not sure what would be required to integrate this functionality into pfsense.

Kirk

Offline hoba

  • Administrator
  • Hero Member
  • *****
  • Posts: 5837
  • Karma: +3/-0
  • What was the problem to this solution again?
    • View Profile
    • pfSense
Re: Packages wishlist?
« Reply #96 on: August 18, 2006, 12:09:12 pm »
I'd like an interface to allow creation of firewall rules based on GEOIP data.  Many organizations provide services within a limited geographical area, and could live without all the traffic from regions outside those service areas.  I've seen examples of pf implementations, but I'm not sure what would be required to integrate this functionality into pfsense.

Kirk

That might be quite easy with the uopcoming alias features of pfSense (already implemented in the HEAD tree), where you can update your aliases frequently by downloading an external file (see http://pfsense.com/~sullrich/pics/SampleAlias.PNG for a screenshot of that already implemented feature).

Offline Cry Havok

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 2793
  • Karma: +1/-0
  • Backup: n. What you should have done yesterday.
    • View Profile
Re: Packages wishlist?
« Reply #97 on: August 19, 2006, 02:41:25 pm »
Nylon (socks proxy) would be nice to see.
If you're planning on PMing me to ask me to look at a thread, or for individual support, don't.

Offline ptaylor

  • Jr. Member
  • **
  • Posts: 80
  • Karma: +0/-1
    • View Profile
Re: Packages wishlist?
« Reply #98 on: August 20, 2006, 09:59:36 pm »
An interesting (though probably very difficult to add) package would be TorrentFlux:

http://www.torrentflux.com/

Basically, it's a web-based torrent manager.  Ever since I ran across this, I've thought the concept was pretty neat.  You can even configure it to automatically remove the torrent once you've shared it a number of times.  It looks like it even has its own user system. With this as a package you may be able to block torrent downloads behind the firewall and only allow them through this interface, where traffic shaping is in control of the bandwidth utilization rules you've set up...   Each user on the network could have a login so that they could download torrents in a controlled manner, so each workstation isn't competing for the bandwidth.


Offline JeGr

  • Hero Member
  • *****
  • Posts: 655
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #99 on: September 08, 2006, 05:51:49 am »
Quote
Would people find these useful?  NRPE and some plugins?  What plugins would be most useful (other than check_ping)

Yep. Horribly useful! We currently use (and I would be glad to use on pfSense):

check_nrpe!check_total_procs (processes)
check_nrpe!check_disk1 (discspace - you never know what hits your logfile)
check_nrpe!check_load (load)
check_nrpe!check_ping (ping - different hosts)
a check for the firewall / packet filter itself
check_ntp
check_ssh
(and perhaps for pfsenses GUI check_http(s))

These would sure be nice additions *dreams* Full integration into Nagios... *blinks*

Offline fricardo

  • Newbie
  • *
  • Posts: 7
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #100 on: September 11, 2006, 07:07:54 am »
I would like to see one package to SARG (Squid Analysis Report Generator).

I'm starting to use pfsense 1.0-RC2 4 days ago. Great work! How can I build one SARG package?

Thanks,

fricardo

Offline hoba

  • Administrator
  • Hero Member
  • *****
  • Posts: 5837
  • Karma: +3/-0
  • What was the problem to this solution again?
    • View Profile
    • pfSense
Re: Packages wishlist?
« Reply #101 on: September 11, 2006, 07:30:52 am »
There is not much documentation on how to create a package, however some pointers can be found where to start at the forum. Please search.

Offline darek

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #102 on: September 29, 2006, 06:56:44 am »
I would like to see ipfm + scr_ipfm integrated

Keep up the good work.

Greetings Darek

Offline oasisgate

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #103 on: October 08, 2006, 07:17:07 pm »
the good service to addon pfsense...apcupsd for APC UPS...

Offline submicron

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 741
  • Karma: +0/-0
  • I like pie!
    • View Profile
    • BSDPerimeter
Re: Packages wishlist?
« Reply #104 on: October 09, 2006, 09:13:47 am »

It would also be nice to have a lightweight (relative to sendmail/postfix anyway) SMTP reverse proxy capable of scanning email for junk and virus signatures.  This would be a transparent reverse proxy for SMTP (& SMTPS?), preventing junk mail and virus emails from ever making it to the mail servers inside.  (Check out ASSP and DspamPD if you're looking to get a better idea of the concept.

ASSP doesn't support AV scanning and DspamPD hasn't been actively developed for over a year.
I do not respond to PMs demanding help.